NeedleStack

The intersection of open-source information, disinformation, social media and journalism has spawned a new breed of investigator. Meet Brecht Castel, fact-checking journalist and OSINT aficionado. In this episode, Brecht shares his advice on how to be good at both. Learn how his background as a journalist helps him dig deeper, beyond “hashtag OSINT” and get the bigger story. And how his passion for OSINT has led down many interesting paths — from locating one tree in the whole of Africa to explaining why a mosquito with a number on its back is not part of Bill Gates’ plan for world domination (or even a mosquito, for that matter).

Mis- and disinformation abound on social media. But as violating users are deplatformed from mainstream sites, they’ve become hyper-concentrated on alternative social media where anything goes. We sit down with Dr. Welton Chang, CEO and co-founder of Pyrra Technologies, to discuss how AI/ML is helping researchers zero-in on disinformation, domestic extremism, hate speech and more, and understand how to counteract it.

Fact-checking can be seen as the undoing of a story, tearing apart the salacious tidbits to get at the bloody — or perhaps just boring — truth. In this episode, veteran journalist and lead of AFP's award-winning digital verification team in Africa, Nina Lamparski, sits down in the NeedleStack guest seat to discuss fact-checking and debunking in the age of misinformation, how local media consumption habits impact her work, fact-checking in election cycles and more.

From a love of Tom Clancy novels to military intelligence to “the ivory tower” of industry analysts, Rick Holland’s road to Digital Shadow’s CISO taught him many lessons along the way. Rick shares his advice for building an intel team, including: avoid homogenous groups; take time to strategize — and follow — processes for OSINT collection on the surface, deep and dark (or derp) web; and remember the importance of human relationships even in the tech-heavy world of threat intelligence.

OSINT is a powerful tool to identify vulnerabilities in your organization. But with all the information out there, how do you zero-in on the data you need quickly? In this episode, host and former CISO Matt Ashburn gives his advice on go-to resources, where to automate, how to truly gain an outside perspective and tradecraft considerations.

After spending 22 years in the U.S. Air Force building the branch’s cyber presence worldwide and reshaping its cyber curriculum, Lance Taylor now applies his background to the private sector. From lessons he’s learned along the way to the best tools for the job, Lance tells us how companies can improve their intel.

Without the right appreciation for intelligence, organizations may be hiring themselves into a problem. Vice President of Intelligence at ZeroFox A.J. Nash sits down with NeedleStack to discuss the fundamentals of intelligence, how to build and lead the best teams, and why as analysts doing the easy thing may be doing the best thing.

In episode 20 we interview Rob Fuller, the red team and CTI director for a major U.S. airline. Rob discusses how red teams can better leverage CTI, the grand mistakes of even the most security-conscious individuals, and why he thinks most security awareness training gets it wrong.

In this listeners live episode, Matt answers questions from the audience that have come up over our dark web episodes. Get sage advice on safely accessing the dark web without running afoul of policy, blockchain analysis (or the lack thereof with Monero), how to use PGP encryption to communicate with dark web actors and more.

The surprising identity behind some of the internet’s most nefarious hacks and why sometimes criminals are more willing to talk than victims of a crime, we discuss the dark side of the web with Darknet Diaries host Jack Rhysider.