NeedleStack

Journalists, academics and NGOs face unprecedented levels of threats in real life and in the digital world. With limited resources, they often lack secure methods to collect OSINT. That’s why a digital investigations platform is being offered pro bono as part of a larger CISA initiative. Key takeawaysNew threats in the digital landscapeThe risks for journalists, NGOs and academics collecting OSINTHow digital investigative teams can protect themselves

An analysts from DarkOwl joins us to discuss dark web research and all its facets. From AI and other trends on the dark web, to operational security, learn how to turn on the light beneath the surface of the internet.Key takeawaysAI and other dark web trendsOperational security in dark web researchHow to search an unindexed environment

How can I get in? Steve Stasiukonis knows the power OSINT brings to this crucial pen testing question. From uncovering who to pose as, what to wear and how to forge a badge, OSINT can be the key you need to unlock a client's physical security. Steve also discusses the gold mine OSINT brings to cyber pen tests and what CTI pros need to know before going on the dark web.Key takeawaysHow OSINT is used in pen testingDark web OPSEC considerationsHow Steve easily broke into banks (for good!)

We go behind the scenes with Jon DiMaggio of Ransomware Diaries. As the chief security strategist at Analyst 1, Jon has conducted in-depth investigations of ransomware groups, including the famed Lockbit gang. He tells us the open-source tactics he uses and how cyber threats can take a mental toll.Key takeawaysTracking the Lockbit storyWhere OSINT meets ransomware investigationsThe human element in threat detection

Bullsh*t Hunting creators Justin Seitz and Some Lawyer share their tips on how OSINT and legal investigation tactics can benefit one another. They talk about their series “The Hunt” as it examines suspicious legal proceedings and possible wrongful convictions. Plus we dive deep into public records requests with tips of how to get the information you need.Key TakeawaysHow to effectively submit a public records requestWhat OSINTers can learn from legal professionals and vice versaThink like a lawyer when searching legal databases

Cybersecurity is rife with technological solutions, but as security researcher John Hammond knows all too well, it’s people that make the difference. Hear how people make or break security intel, both as researchers and threat actors. We’ll talk sock puppets, the role of OSINT for your own OPSEC and intelligence building, cybergang leaders as businessmen and more. Plus we’ll dive into John’s recent OSINT work on the ScreenConnect vulnerabilities and how they’re being leveraged in the wild.Key takeawaysUsing OSINT for opsec to protect your identity and enhance security intelligenceLurking in dark web forums, sock puppets and engaging with threat actorsThe role OSINT played in dissecting ScreenConnect vulnerabilities and exploits in the wild

Do you wish you had more training opportunities or just chances to flex your OSINT skills? We’re hosting a big event this month where we’ll talk ways to level up your tradecraft, training opportunities, take-home tips and more.

There are many paths to OSINT — one of them is through training programs and online resources! Aubrey and Shannon break down what’s available, what’s free (or not) to keep you abreast of how you can gain and further your OSINT skills.

Propublica reporter and author of the Digital Investigations newsletter, Craig Silverman joins the podcast to discuss disinformation trends on social media platforms, elections around the world in 2024 and what journalists and OSINT investigators can learn from each other.Key takeawaysOSINT for investigative journalismDisinformation trends on social mediaDocumenting evidence during an investigation

DefCon speaker and host of DoingFedTime on YouTube, Sam Bent joins the podcast to shine light on operational security concerns on the dark web. The reformed darknet marketplace seller shares insights and advice for best practices when investigating on the dark web. Key takeaways:OPSEC on the dark webThe different darknetsLinguistic analysis in evidence gathering