There are many reasons why a threat actor may want to access an organization’s premises. They most usually boil down to installing surveillance devices, spyware (e.g., keyloggers), malware, stealing sensitive information or establishing a foothold to obtain remote control over internal systems. …

If your work involves protecting organizations from social engineering attacks, you will most probably also be required to conduct open-source intelligence on the organization and its people. Your task will be to find vulnerabilities or high-risk information that is likely to be exploited by attackers in a social engineering attack…

How Observation and Inference Skills Can Aid Investigations & Analytic Work — Intelligence analysts and investigators are often given too little with which they are expected to find too much. Only a few pieces of available information are expected to lead to some missing pieces and eventually to actionable intelligence or the resolution of an investigation. …

It was quite some time ago that my phone first rang to bring me in contact with this issue. “Hi. Do you have some time? We are facing a serious problem that involves some social media attacks, but then again not only that. It is complicated. Mr. X referred you…

Creating honeypot sock puppet accounts — Passive Open Source Intelligence (OSINT) collection through unsuspected sock puppet accounts that keep a low profile can take an investigation very far. But what happens when the information you need is not available online and cannot be obtained through passive reconnaissance? What happens when you need to incorporate a few…

Powerful Bookshelves Series — This is the first out of a series of articles that I will post about some of the most noteworthy books I have come across. …