Targeted Attacks - Part 1

Targeted Attacks Part 1 – OSINT and Reconnaissance

Play episode

In our August monthly episode we start our three part series on targeted attacks. In this episode we focus on OSINT (Open Source Intelligence) and reconnaissance techniques used by attackers in phishing and BEC (Business Email Compromise) attacks. Kyle Lovett, Principal Penetration Tester at Veracode, joins us to demonstrate some of the tools and techniques used by attackers and professional penetration testers when conducting these targeted attacks.

** Links mentioned on the show **

Kyle Lovett on Darknet Diaries Episode 5 (#ASUSGATE)
https://darknetdiaries.com/episode/5/

Cisco Employee Earns Security Bug Bounty – 1 Million United Miles!
https://blogs.cisco.com/wearecisco/cisco-employee-earns-security-bug-bounty-1-million-united-miles

A Search Engine for Threats
https://www.threatcrowd.org/

Hacker Target – DNS Tools
https://hackertarget.com/ip-tools/

DNS Recon & Research, Find & Lookup DNS Records
https://dnsdumpster.com/

WMAP Mass Web Screenshot Tool for Mapping Web Networks (Chrome Extension)
https://chrome.google.com/webstore/detail/wmap/pflahkdjlekaeehbenhpkpipgkbbdbbo

Find email addresses with Hunter
https://hunter.io/

Shodan – Internet-connected device search engine
https://www.shodan.io/

Connect with Kyle on Twitter
https://twitter.com/SquirrelBuddha

** Watch this episode on YouTube **

** Thank you to our sponsors! **

Silent Pocket

Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”.

Edgewise Networks

Find out how Edgewise can stop lateral threat movement and prevent data breaches. Visit https://edgewise.net and request a demo!

Click Armor

To find out how “gamification” of security awareness training can reduce cyber risks related to phishing and social engineering, and to get a free trial of Click Armor’s gamified awareness training platform, visit: https://clickarmor.ca/sharedsecurity

** Help support the show **

Looking for an affordable, reliable, no logs VPN provider? Support the podcast by purchasing a Private Internet Access VPN subscription via our affiliate link: http://www.privateinternetaccess.com/pages/buy-vpn/sharedsecurity

** Subscribe and follow the show **

Sign-up for our email newsletter to receive our free Facebook Privacy & Security Guide, full transcripts of each weekly episode, contest announcements, and special offers from our sponsors: http://eepurl.com/dwcc8D

Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe

Contact us: https://sharedsecurity.net/contact

Website: https://sharedsecurity.net

Twitter: https://twitter.com/sharedsec

Facebook: https://facebook.com/sharedsec

Instagram: https://instagram.com/sharedsecurity

YouTube: https://www.youtube.com/c/SharedSecurityPodcast

Join the discussion

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 comment

More from this show

Signup for our Newsletter

Subscribe

* indicates required
Email Format