Combadges, SISENSE, Microsoft, Malware Next-Gen, Lastpass, Palo Alto, Broadband, Aaran Leyland, and More, on this edition of the Security Weekly News.
Doug White
- CISA orders agencies impacted by Microsoft hack to mitigate risks
- Sisense customers told to reset credentials amid supply chain attack fears
- CISA Releases Malware Next-Gen Analysis System for Public Use
- LastPass: Hackers targeted employee in failed deepfake CEO call
- Microsoft fixes a record 147 bugs in April release of Patch Tuesday
- Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack
- New FCC rule requires internet service providers to display fees
- Early Reviewers of Humane AI Pin Aren’t Impressed
Aaran Leyland
- 12 Paid and Free OSINT Tools You Should Know
What are Some of the Best OSINT Tools? Honourable mentions from me to add to the OSINT fun. • SpiderFoot: A comprehensive and modular OSINT tool that can collect and analyze data from over 200 sources, such as DNS, WHOIS, IP, email, social media, and web pages. SpiderFoot can help you perform reconnaissance, footprinting, and threat intelligence tasks, as well as identify vulnerabilities, leaks, and exposures. SpiderFoot is open source and free to use, but also offers a paid cloud-based service. • Hunchly: A web browser extension that automatically captures and records every web page you visit, along with the metadata, screenshots, and source code. Hunchly can help you document and preserve your online investigations, as well as search and analyze the data offline. Hunchly is a paid tool, but offers a free trial and a discount for journalists and non-profits. • Talkwalker: A social media analytics and monitoring platform that can help you track and measure the online performance and reputation of your brand, products, competitors, and industry. Talkwalker can help you collect and analyze data from over 150 million sources, such as social networks, blogs, news, and forums. Talkwalker can also help you identify influencers, trends, and sentiments, as well as generate reports and alerts. Talkwalker offers both a free and a paid version, with different features and limits. • Google Dorks: A collection of advanced search operators and parameters that can help you refine and customize your Google search queries, and access hidden or otherwise inaccessible information. Google Dorks can help you find specific files, pages, domains, emails, passwords, and other data that are publicly available on the web. Google Dorks are free to use, but require some knowledge and practice to master. • Shodan: A search engine that can help you discover and explore devices and services that are connected to the internet, such as webcams, routers, servers, and industrial control systems. Shodan can help you identify vulnerabilities, exposures, and misconfigurations, as well as monitor and analyze the cyber threat landscape. Shodan offers both a free and a paid version, with different features and limits. • TinEye: A reverse image search engine that can help you find and compare images across the web, based on their content, metadata, or URL. TinEye can help you verify the source, date, and location of an image, as well as detect modifications, edits, and duplicates. TinEye is free to use, but also offers a paid API and a professional service. • Bellingcat: A website that provides investigative journalism and open source research, focusing on topics such as conflict, crime, corruption, and human rights. Bellingcat can help you learn and apply OSINT techniques and tools, as well as access various case studies, reports, and guides. Bellingcat is free to use, but also relies on crowdfunding and grants.
