All news with #osint tag

Oversharing Risks: Employees Posting Too Much Online

🔒 Professionals routinely share work-related details on platforms such as LinkedIn, GitHub and consumer networks like Instagram and X, creating a public intelligence trove that attackers readily exploit. Job titles, project names, vendor relationships, commit metadata and travel plans are commonly weaponised into spearphishing, BEC and deepfake-enabled schemes. Organisations should emphasise security awareness, implement clear social media policies, enforce MFA and password managers, actively monitor public accounts and run red-team exercises to validate controls.

OSINT Playbook: Identifying and Mitigating Public Exposures

🔍 OSINT is the disciplined practice of collecting and analysing publicly available information to produce actionable intelligence for security teams, journalists and researchers. The article outlines how practitioners use OSINT to discover exposed assets, support penetration testing, track threat actor activity and monitor reputational issues. It highlights common tools such as Shodan, Maltego and SpiderFoot, describes techniques like Google Dorking and metadata analysis, and stresses responsible, lawful investigation and rigorous sourcing to reduce error and privacy risk.