NeedleStack

Everyone is talking about using AI for OSINT, but what are the ethical considerations before you fire up your first chat? Before you start feeding a machine learning model your data and relying on it’s results, our guest from Fivecast tells us what you should consider.Key takeawaysChatGPT has built-in biases (just like humans)Understand the human toll behind machine learningHow to use AI responsibly

Wondering how to incorporate AI into your OSINT framework? We asked the CEO and founder of the popular training organization, OSINT Combine. Key takeawaysHow can OSINT researchers leverage generative AI?Tips for spotting disinformation in an AI worldTeaching ChatGPT your company datasets

We’re handing the mic over to our friends at Talking Threat Intelligence, a podcast by LifeRaft today. On the show, they had our very own Daniel Ben-Chitrit on to discuss the security implications of ChatGPT, how it could be used by phishing scammers to up their skills and the safest way for OSINT researchers to prompt AI.Key takeawaysSecurity implications of ChatGPT“A force multiplier” for phishing scammersThe safest way for OSINT researchers to prompt AI

We sit down with the author of the new OSINT reference book Deep Dive: Exploring the Real-world Value of Open Source Intelligence, Rae Baker. Baker is an expert in OSINT with an emphasis on maritime intelligence, analyzing vessels and ports around the world. In this episode, she shares tips from her book, blog and career, and we explore her one-of-a-kind OSINT training game, Kase Scenarios.

Not his real name, but there’s real fun to be had learning how JoseMonkey geolocates videos on his wildly popular TikTok channel. Hear the tools, techniques and process he uses to pinpoint even the trickiest videos, the wildest things he’s seen and how this supersleuth got into the GEOINT game.

We attended USGIF’s GEOINT Symposium so you don’t have to (but you should – it’s great). NeedleStack producers Aubrey and Shannon break down the geospatial intelligence conference (and its many, many acronyms) and the presence of OSINT on the floor, in keynotes and the Innovation Hub. If you’re an open-source researcher, tune in to understand what’s out there and how to leverage this adjacent INT.

In this episode, our guest brings more than 30 years of experience from the Department of Defense to the conversation. James A. Samuel, Jr. is now in the private sector working as an entrepreneur in the GEOINT space, using his military knowledge to create apps that use location data to protect safety.

As commercial satellites increase and technology advances, what does the future of geospatial intelligence look like? We ask our guest to explain the basics of GEOINT, where it’s headed and how other industries can utilize one of the most fascinating -INTs.

Abbi Dobbertin of Fivecast and Adam Huenke join the podcast to talk hot takes. As tradecraft and training leads, respectively, and years of OSINT practitioner experience between them, they’ve come to form opinions on some of OSINT’s more heated topics.

Producers Shannon and Aubrey attend the 2023 Symposium on Open Source, Social Media and National Security. They discuss highlights, panel topics and advice for people hoping to break into a career in OSINT, INFOSEC and NATSEC.

This week, a high school criminology teacher joins the podcast to discuss how teaching open-source research helped engage his students during distant learning. In the classroom, OSINT can show students the power of open-source information and serves as a cautionary tale for sharing personally identifiable information online.

Our guest is a former FBI investigator and current university professor who has tips for practitioners in every industry. From the protocol before you log on to conduct OSINT research to the resources and reporting, here are the tips for approaching your OSINT like law enforcement.

A founding member of the OSINT Curious Project joins us to give practical tips and advice for researchers. We discuss tools, tradecraft and trends with Micah Hoffman.

The president of the OSMOSIS Association and host of OSINT Cocktail, Cynthia Navarro, joins the podcast to discuss how creating a community of open-source researchers had allowed her to learn from others and hone her skills.

The times they are a’changing. Open-source intelligence was once the lesser celebrated branch and now makes up the bulk of analytical reporting. Our guest tells how the federal government is changing its views on OSINT.

The director of the soon-to-open Open-Source Intelligence Laboratory of University of Albany joins the podcast to discuss the definition of OSINT and how his students will research its effect on society.

It’s a new year and as researchers work to hit their goals, we want to revisit some of our most important advice for securely investigating online. It’s time to take stock of your security hygiene and revisit how your digital fingerprint may be getting in the way of finding the data you need.

Watch when Jack Rhysider of Darknet Diaries shares his amazement at what hackers will do “for a free burrito,” or the moment Rob Fuller, a read team and CTI director, condemns security awareness training. From journalists to OSINT investigators to dark web experts, here are some of the best moments we shared with guests last season.

Our second book club episode features essential reading for threat intelligence. New York Times reporter, Nicole Perloth, gives a history of the zero-day market and how it has changed the cyber weapons arms race. Learn how this market was created and what it means for future cyber defense.

This special edition of NeedleStack features a must-read for open-source researchers, We Are Bellingcat by Eliot Higgins. Our producer Shannon discusses what she learned from the founder of Bellingcat’s tell-all and how researchers can learn from the organization’s practices.

In this episode, an expert OSINT practitioner from both government and private sector practices joins to share hands-on tips from in the field. He also shares what the students of Center for Intelligence and Research and Training are learning from their real-world client experiences.

Authoritarian regimes create propaganda and disinformation, in part, by blocking citizens’ access to traditional news sources. In this episode, co-founder of Samizdat Online, Yevgeny Simkin, walks us through how their program works in partnership with outlets to syndicate articles to bypass censorship in Russia and other countries — to get citizens and researchers the information they need.

Nick Hardinges from the Reuters fact-checking team joins the podcast to walk us through how to go about debunking information online, from deciding what’s worth covering to why grainy images should make you skeptical. Ultimately, fact-checking takes time, persistence and a healthy dose of intrigue. Key takeawaysKnow these telltale signs of doctored contentCheck your sourcesDo some digging on what you seeAbout NickNick Hardinges is a former digital news editor and current fact-checker for Reuters, whose job is to find harmful, widely circulating and topical misinformation, and then address those claims in articles directly responding to the claims being made. Nick’s main focus is on setting the record straight on social media but to sometimes address claims from elsewhere, such as outright lies in politics, or damaging conclusions reached in unscientific ‘research’ papers.Where to find Nick@NickHardingesFIFA COVID misinformation storySpotting the difference between legitimate videos and satire

Social media and traditional media overlap now more than ever, with social media providing an opportunity to reach and resonate with new audiences – for better or worse. Rachel Baig knows this intersection well. As a social media journalist and trainer for Deutsche Welle, she knows the ins and outs of not only using social to identify a great story but also how to spot a fake one. In this episode, Rachel breaks down important lessons from her training to understand media spoofs, verify images and videos, spot tell-tale signs of bots and more.

Fact-checkers’ biggest nemesis is the proliferation of disinformation in the digital age. Chris Paul joins the episode to talk about Russian propaganda and disinformation techniques. Why are they so effective? Is it skill or just an innate vulnerability for humans to want to believe what they see? Chris Paul walks us through his research from the technical to the psychological.

The intersection of open-source information, disinformation, social media and journalism has spawned a new breed of investigator. Meet Brecht Castel, fact-checking journalist and OSINT aficionado. In this episode, Brecht shares his advice on how to be good at both. Learn how his background as a journalist helps him dig deeper, beyond “hashtag OSINT” and get the bigger story. And how his passion for OSINT has led down many interesting paths — from locating one tree in the whole of Africa to explaining why a mosquito with a number on its back is not part of Bill Gates’ plan for world domination (or even a mosquito, for that matter).

Mis- and disinformation abound on social media. But as violating users are deplatformed from mainstream sites, they’ve become hyper-concentrated on alternative social media where anything goes. We sit down with Dr. Welton Chang, CEO and co-founder of Pyrra Technologies, to discuss how AI/ML is helping researchers zero-in on disinformation, domestic extremism, hate speech and more, and understand how to counteract it.

Fact-checking can be seen as the undoing of a story, tearing apart the salacious tidbits to get at the bloody — or perhaps just boring — truth. In this episode, veteran journalist and lead of AFP's award-winning digital verification team in Africa, Nina Lamparski, sits down in the NeedleStack guest seat to discuss fact-checking and debunking in the age of misinformation, how local media consumption habits impact her work, fact-checking in election cycles and more.

From a love of Tom Clancy novels to military intelligence to “the ivory tower” of industry analysts, Rick Holland’s road to Digital Shadow’s CISO taught him many lessons along the way. Rick shares his advice for building an intel team, including: avoid homogenous groups; take time to strategize — and follow — processes for OSINT collection on the surface, deep and dark (or derp) web; and remember the importance of human relationships even in the tech-heavy world of threat intelligence.

OSINT is a powerful tool to identify vulnerabilities in your organization. But with all the information out there, how do you zero-in on the data you need quickly? In this episode, host and former CISO Matt Ashburn gives his advice on go-to resources, where to automate, how to truly gain an outside perspective and tradecraft considerations.

After spending 22 years in the U.S. Air Force building the branch’s cyber presence worldwide and reshaping its cyber curriculum, Lance Taylor now applies his background to the private sector. From lessons he’s learned along the way to the best tools for the job, Lance tells us how companies can improve their intel.

Without the right appreciation for intelligence, organizations may be hiring themselves into a problem. Vice President of Intelligence at ZeroFox A.J. Nash sits down with NeedleStack to discuss the fundamentals of intelligence, how to build and lead the best teams, and why as analysts doing the easy thing may be doing the best thing.

In episode 20 we interview Rob Fuller, the red team and CTI director for a major U.S. airline. Rob discusses how red teams can better leverage CTI, the grand mistakes of even the most security-conscious individuals, and why he thinks most security awareness training gets it wrong.

In this listeners live episode, Matt answers questions from the audience that have come up over our dark web episodes. Get sage advice on safely accessing the dark web without running afoul of policy, blockchain analysis (or the lack thereof with Monero), how to use PGP encryption to communicate with dark web actors and more.

The surprising identity behind some of the internet’s most nefarious hacks and why sometimes criminals are more willing to talk than victims of a crime, we discuss the dark side of the web with Darknet Diaries host Jack Rhysider.

Eileen Ormsby has chatted with drug lords, been threatened by purported hitmen and written books about The Silk Road. Her investigative journalism led her to the dark web, where she has been reporting her findings ever since.

Michael James of the OSINT Curious Project joins the podcast to give expert tips on conducting dark web research. From GitHub tools to Discord resources— Michael has practical guidance on finding information in the dark.

In this episode, podcast contributor Adam Huenke discusses how to investigate financial crimes on the dark web. How do stolen credit card numbers affect the victim of theft, the institution and those who investigate fraud? Tune in to hear all about it.

There’s a (false) assumption that cryptocurrency is inherently anonymous, concealing the identity of those who use it. But in fact, crypto has been used in countless investigations to unmask criminals and bring them to justice. We sit down with Matt Price, former IRS-CI special agent and current head of investigations and intelligence at Binance, to bust the myths of crypto and the dark web, and learn how the best advice to any investigator holds true for crypto: follow the money.

In this episode, host Matt Ashburn, and co-host Jeff Phillips, break down everything you needed to know about the dark web. From how it works and why it was invented to things to consider before conducting your research there – we cover all the questions you were too afraid to ask.

Needlestack hosts answered live questions from our listeners in this special episode. From use cases in different industries to world news to tools to help researchers – Matt and Jeff discussed the role of OSINT in professional research.

This week the team is joined by threat intelligence researcher Adam Huenke to go over the importance of open-source intelligence to CTI research. From social media to the dark web, freely available information can be found to help improve security.

It takes a team of people to provide protection to executives and one of their most important tools for offering the best protection is OSINT. Whether searching Facebook for public protests or getting a tip from Twitter, guest Mick Baccio explains how open-source is a key tool in the field.

Trust and safety is a constantly growing and evolving field. In this episode, we cover the basics of the industry and the role of OSINT in minimizing risk to end users. We also discuss the risks to researchers when their investigations take them off-platform and into the wild of the web.

The latest episode in our OSINT use case tour covers how open-source can be applied to law enforcement. The popular use of social media has made it so that more and more of the clues investigators are looking for can be freely found.

Open-source intelligence (OSINT) has been playing out on the world stage in a big way over the past few weeks. Social media platforms like TikTok have become insightful sources for analysts to track Russian military movements in the Ukraine invasion. Tracking disinformation on various sites shows a war being fought with more than tanks — Russia is using culture and the power of the media. And auxiliary intelligence is a growing resource in governments gaining OSINT.

In our first listeners live episode, Matt and Jeff take questions from our live audience. They cover resources that can be useful in finding the best OSINT tools; advantages to using native-language search engines in international research; free training for OSINT analysts; and managing attribution to access the information you need. Listen on-demand, or sign up for our upcoming live events at authentic8.com/events/needlestack.

Disguising your digital fingerprint is imperative to the results of online research. This episode, the hosts dive into the tools that can help investigators understand and manage their identity online. From websites to browsers, extensions and full-service managed attribution platforms, here are the tools you need to blend in online.

You’re conducting your research. It seems like it’s going successfully. But unbeknownst to you, the subject of your research is onto you, knows you’re snooping and is working to spoil your investigation. This is thanks to your digital fingerprint being passed by your browser. In this panel discussion, we dive deeeep into all the ways details of your digital fingerprint can be discovered — even when using tools built to disguise it — and how adversaries can take advantage of it.

In an effort to conceal their identity, online researchers may turn to the solutions they know: VPNs, Inocgnito Mode and free Wi-Fi. While these solutions may appear to be working on the surface, there’s lots of details still being disclosed to sites they visit. Tune in to learn what these solutions miss and what’s needed to truly blend in with the crowd to ensure quality research.