In our August monthly episode we start our three part series on targeted attacks. In this episode we focus on OSINT (Open Source Intelligence) and reconnaissance techniques used by attackers in phishing and BEC (Business Email Compromise) attacks. Kyle Lovett, Principal Penetration Tester at Veracode, joins us to demonstrate some of the tools and techniques used by attackers and professional penetration testers when conducting these targeted attacks.
** Links mentioned on the show **
Kyle Lovett on Darknet Diaries Episode 5 (#ASUSGATE)
https://darknetdiaries.com/episode/5/
Cisco Employee Earns Security Bug Bounty – 1 Million United Miles!
https://blogs.cisco.com/wearecisco/cisco-employee-earns-security-bug-bounty-1-million-united-miles
A Search Engine for Threats
https://www.threatcrowd.org/
Hacker Target – DNS Tools
https://hackertarget.com/ip-tools/
DNS Recon & Research, Find & Lookup DNS Records
https://dnsdumpster.com/
WMAP Mass Web Screenshot Tool for Mapping Web Networks (Chrome Extension)
https://chrome.google.com/webstore/detail/wmap/pflahkdjlekaeehbenhpkpipgkbbdbbo
Find email addresses with Hunter
https://hunter.io/
Shodan – Internet-connected device search engine
https://www.shodan.io/
Connect with Kyle on Twitter
https://twitter.com/SquirrelBuddha
** Watch this episode on YouTube **
** Thank you to our sponsors! **
Silent Pocket
Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”.
Edgewise Networks
Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo!
Click Armor
To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity
** Help support the show **
Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity
** Subscribe and follow the show **
Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D
Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe
Contact us: https://sharedsecurity.net/contact
Website: https://sharedsecurity.net
Twitter: https://twitter.com/sharedsec
Facebook: https://facebook.com/sharedsec
Instagram: https://instagram.com/sharedsecurity
YouTube: https://www.youtube.com/c/SharedSecurityPodcast