OSINT (open source intelligence) is the collection and analysis of open-source information, primarily used by government agencies, law enforcement and business intelligence. Investing in an OSINT training course is an essential skill for cybersecurity professionals as they can be used to gather intelligence for due diligence, detecting fraud, scams and money laundering and potential data breaches. Contrary, OSINT has its vulnerabilities relating to cybersecurity, and can result in data breaches and cyber attacks from identified information found on the surface web or dark web.
Have I Been Pwned? is a database that has a collection of billions of leaked accounts that have been compromised through a data breach. According to CybintSolutions, 95 percent of data breaches comes from only three industries: government, retail and technology. HIBP allows their visitors to input their email address or password to see where and when they have been breached, or if their password has already compromised (used by other users from previous data breaches). HIBP will make all users aware of the importance of having a unique password. The tool will tell a user if they have a strong unique password or a very bad one. By looking after your password and applying good password practises, it will help avoid a data breach.
2) Intelligence X
Intelligence X is an open source information gathering search engine tool. It is different from other search engines as it searches for specific target terms such as URLs, email addresses etc. It also has the service of searching for Bitcoin addresses. The searches are explored through the darknet as well as surface web, and. a copy of the results from the searches are stored in a historical data archive.
Let’s take this scenario for instance. A ransomware has infected 25 computers. The files in the infected computers are encrypted and cannot be accessed. The computers display the following message:
“You have 48 hours to pay 1 BTC to 1FfmbHfnpaZjKFvyi1okTjJJusN455paPH to obtain the decryption key. If you don’t pay, the recovery key will be destroyed, and your data will remain encrypted”.
With Intelligence X, you can use this as a starting point to find additional indicators of compromises (IoC). By simply, searching the bitcoin address of the ransom, you’ll be able to see where it has previously used, forums in which it has been discussed and transactions it may have been involved in. Intelligence X will provide all the information required to locate the attacker.
DeHashed is a similar tool to HIBP, however it offers users more search options such as names, phone number, IP address, URL etc. It is used to help give people the ability to find out if their personal data is available online from a data breach, as it will help prevent misuse of their information. Their objective is to alert users. If you are a user who has personal information registered on a numerous number of websites and one of the websites has been a victim of data breach,
DeHashed will allow you to use a variety of search options to help filter out where you have been compromised. This will save time from searching each registered site to see if it is a victim of a data breach.
OSINT and dark web bootcamps provides users with the essential skills to discover relevant intelligence and indicators of compromise (IoC) on the internet and dark web. The QA experience will give students practical skills placed in a safe working environment that enables students to explore and understand the different types of OSINT tools and techniques used by hackers, as well as cyber investigators. In the right circumstances, OSINT training can be a great way to upskill and develop employees effectively and efficiently enhancing the Return on Investment (ROI).
More articles by James
Cyber Pulse: Edition 105
Read the latest edition of Cyber Pulse, our round-up of cyber news.16 March 2020
Cyber Pulse: Edition 104
Read the latest edition of Cyber Pulse, our round-up of cyber news.09 March 2020
Cyber Pulse: Edition 103
Read the latest edition of Cyber Pulse, our roundup of cyber news.02 March 2020
Cyber Pulse: Edition 102
Read the latest edition of Cyber Pulse, our roundup of cyber news.24 February 2020
Cyber Pulse: Edition 101
Read the latest edition of Cyber Pulse, our roundup of cyber news.17 February 2020
4 things you need to know about cyber security in 2020
Cybersecurity researcher James Aguilan predicts four areas that will shape the future of cybersecurity in the decade ahead.22 January 2020
How does Ransomware-as-a-Service work?
Cyber security Researcher, James Aguilan looks at how ransomware-as-a-service works, and how organisations can protect themse…07 August 2019
Phishing Campaigns: Defending organisations against phishing
QA Cyber Security Trainer, James Aguilan, argues that understanding how to defend against phishing is of paramount importance…15 February 2018
Is Mr Robot a good representation of real-life hacking and hacking culture?
QA Cybersecurity trainer James Aguilan looks at several scenarios featured in the hit US TV series Mr Robot – and how they ma…19 February 2018
Safeguarding your Digital Footprint
QA Cyber Security Trainer, James Aguilan, shares 6 tips that can help you safeguard your digital footprint.05 March 2018