Are we really surprised that the bad guys benefit from the Covid 19 pandemic and the resulting teleworking in many companies? Our new guide to OSINT’s critical search tools helps you identify threats at an early stage.
For criminals and government-backed threats, the tasks that organisations have created for their (often in a hurry) employees are a golden opportunity.
While permissible blockages and social aloofness are destructive for companies and their employees, misinformers and fraudsters thrive. The 22nd. On 10 April, the Google Threat Analysis Group warned that more than 18 million Gmail malware and phishing messages are linked to COVID-19 on a daily basis.
According to this article, more than a dozen of the threat groups behind these campaigns are state-sponsored aggressors. They search for new targets 24 hours a day and unlike most of their victims, they are not limited to the 9am to 5am schedule, Monday to Friday.
Use of OSINT for early warning of threats in COVID-19
Most companies have not yet moved to a fully secure online environment and often depend on unattended devices and employees’ home networks. This scenario leaves many organizations vulnerable when employees have remote online access to company assets.
Let’s face it – your NSOC is not designed to set a new standard, not even remotely. The abusers know very well that your hands are tied behind your back when you try to protect your network, and they benefit fully from the crisis.
Issue 21 of OSINT Research Tools for Threat Intelligence, published by Authentic8, presents tools and applications that help researchers penetrate the open, deep and dark web in these challenging environments.
Many researchers already use web-based isolation via the Silo for Research (Toolbox) platform, which provides multilayer protection and managed mapping capabilities to ensure the safety and efficiency of OSINT research. What else do they have in their arsenal to fall back on?
The best OSINT tools our team selected for you
In our new quick start guide, intelligence experts, analysts and open source threat specialists introduce you to some of their favorite tools. Some elements of this collection are desktop clients; others are services that facilitate data mining, especially in the area of OSINT.
An example is Torch, which allows researchers to search for hidden services that are only available through Torch. It can be used to compare conversations between different .onion sites when trying to de-anonymize opponents who use Tor.
For intruders, reconnaissance and information gathering are the most important elements to determine whether an attack will be successful. Where do they get their data from? In short, anywhere on the Internet – from the fridge with a WiFi connection in the office (at home) to an open and vulnerable copy of Elasticsearch Kibana.
Tips and recommendations for system explosion testing
The brochure we have compiled for you contains an arsenal of tools to identify vulnerabilities and obtain artifacts that can be used to collect threat information. These artifacts include geolocation data, one-day complaints about the origin of images, IoT devices left online, website changes over time, voter data, police data, or traces of Bitcoin transactions.
In the brochure you will find examples of tips and tools:
- How to use Cree.py to collect geolocation information by feeding it with artifacts from social networks;
- Introduction to advanced binary code analysis with IDA Pro to see which control servers your IoC artifacts interact with;
- how to extract, merge, and map information with the Maltego plugin, from tracking Bitcoin transactions to assigning the attack server’s treasure to a specific attack agent.
OSINT Threat information and remote working
How can you prevent intruders from exploiting vulnerabilities in your organisation’s WFH environment?
What you need now is a way to discover vulnerabilities before your opponents do. Where’s the next campaign of phishing, malware, mass exploitation?
This is a good time to take action by searching for information left by employees in the public domain that can be used for selective attacks on your organization.
Destroying such information on the Internet can be as difficult as removing urine from a pool, so knowing what’s in it in the first place goes a long way towards reducing the attack zone.
Where should I start? What data is relevant to the case? Where will we find him? How do we find it and get to know it? We hope our free guide 21 OSINT Research Tools for Threat Intelligence provides you with a reliable starting point.
*** This is a syndicated blog from the security blogger network Authentic8 Blog by Amir Hashayar Mohammadi. The original message can be found at the following address: https://blog.authentic8.com/guide-21-osint-tools-for-threat-intelligence/.open source intelligence methods and tools: a practical guide to online intelligence pdf,osint tools 2019,nato open source intelligence handbook,osint tools download,osint framework,osint resources,osint tiers,osint worksheet