Targeted Attacks Part 1 – OSINT and Reconnaissance

In our August monthly episode we start our three part series on targeted attacks. In this episode we focus on OSINT (Open Source Intelligence) and reconnaissance techniques used by attackers in phishing and BEC (Business Email Compromise) attacks. Kyle Lovett, Principal Penetration Tester at Veracode, joins us to demonstrate some of the tools and techniques used by attackers and professional penetration testers when conducting these targeted attacks.

** Links mentioned on the show **

Kyle Lovett on Darknet Diaries Episode 5 (#ASUSGATE)
https://darknetdiaries.com/episode/5/

Cisco Employee Earns Security Bug Bounty – 1 Million United Miles!
https://blogs.cisco.com/wearecisco/cisco-employee-earns-security-bug-bounty-1-million-united-miles

A Search Engine for Threats
https://www.threatcrowd.org/

Sponsorships Available

Sponsorships Available

Sponsorships Available

Hacker Target – DNS Tools
https://hackertarget.com/ip-tools/

DNS Recon & Research, Find & Lookup DNS Records
https://dnsdumpster.com/

WMAP Mass Web Screenshot Tool for Mapping Web Networks (Chrome Extension)
https://chrome.google.com/webstore/detail/wmap/pflahkdjlekaeehbenhpkpipgkbbdbbo

Find email addresses with Hunter
https://hunter.io/

Shodan – Internet-connected device search engine
https://www.shodan.io/

Connect with Kyle on Twitter
https://twitter.com/SquirrelBuddha

** Watch this episode on YouTube **

https://www.youtube.com/c/SharedSecurityPodcast

** Thank you to our sponsors! **

Silent Pocket

Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”.

Edgewise Networks

Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo!

Click Armor

To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity

** Help support the show **

Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity

** Subscribe and follow the show **

Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D

Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe

Contact us: https://sharedsecurity.net/contact

Website: https://sharedsecurity.net

Twitter: https://twitter.com/sharedsec

Facebook: https://facebook.com/sharedsec

Instagram: https://instagram.com/sharedsecurity

YouTube: https://www.youtube.com/c/SharedSecurityPodcast

The post Targeted Attacks Part 1 – OSINT and Reconnaissance appeared first on The Shared Security Show.

Recent Articles By Author

• Navigating Security Awareness in the Tech Industry with Erin Gallagher
• Linux Backdoor Infection Scare, Massive Social Security Number Heist
• Massive AT&T Data Leak, The Danger of Thread Hijacking

More from Tom Eston

*** This is a Security Bloggers Network syndicated blog from The Shared Security Show authored by Tom Eston. Read the original post at: https://sharedsecurity.net/2020/08/31/targeted-attacks-part-1-osint-and-reconnaissance/