3 resources in 1 post: Open AI has released a new report outlining the ways in which threat actors used their generative AI products to support their social engineering attack operations. They provide the case studies. openai.com/global-affai... Why is this useful? 🧵

Happy news!! This September at @brucon we will be taking a deep dive into #socialengineering and #OSINT through a 3-day, hands-on training class! I SO look forward to it and to meeting the participants!! 🤩👩🏻‍💻 Full class content & details: www.brucon.org/training-det...

Very grateful for last week spent at X33fcon in Poland! It started with 2 days full of #socialengineering & #OSINT training where I had the privilege to teach a class that was present, curious, and ready to try things out. Big bonus: reconnecting with friends during the conference days afterwards😊

Agentic AI has opened new frontiers for adversaries looking to automate and scale attacks. I wrote an article explaining what Agentic AI really is & how it can shape the future of the social engineering threat landscape. christina-lekati.medium.com/when-ai-goes...

Agentic AI has opened new frontiers for adversaries looking to automate and scale attacks. I wrote an article explaining what Agentic AI really is & how it can shape the future of the social engineering threat landscape. christina-lekati.medium.com/when-ai-goes...

There are a few things different this time around. 👇🏻 New class modules: 🔸️State-Sponsored social engineering schemes 🔸️Using AI for OSINT tasks (responsibly) 🔸️How attackers are using AI to supercharge their SE. Hands-on, practical & realistic. See you at x33fcon in only 4 weeks! 😱🥳

If you are using #HUMINT techniques in your #CTI process, this is a talk worth watching. Eliska & Julien do a great job in breaking down important concepts, risks, benefits & analytical aspects of using HUMINT tactics in a CTI workflow ⬇️ youtu.be/o1TTO5d1DXQ?...

New blog: The Slow Collapse of Critical Thinking in OSINT due to AI "OSINT used to be a thinking game. Now it’s becoming a trusting game and that should terrify you." #OSINT #OSINT4good #AI Read the blog here: www.dutchosintguy.com/post/the-slo...

Surprise! Really excited to announce that the next "𝑺𝒐𝒄𝒊𝒂𝒍 𝑬𝒏𝒈𝒊𝒏𝒆𝒆𝒓𝒊𝒏𝒈 & 𝑶𝒑𝒆𝒏-𝒔𝒐𝒖𝒓𝒄𝒆 𝑰𝒏𝒕𝒆𝒍𝒍𝒊𝒈𝒆𝒏𝒄𝒆 𝒇𝒐𝒓 𝑺𝒆𝒄𝒖𝒓𝒊𝒕𝒚 𝑻𝒆𝒂𝒎𝒔" open class will be happening at x33fcon in Gdynia, Poland!! This is an intensive, 2-day training 🧵

Not that hotel rooms have the best locking mechanisms, but leaving a room fully accessible after exiting is a whole other level. Check your doors when you leave, people.

A WIRED must-read today on Boeing by @laurensmiley.bsky.social:

Switzerland mandates 24-hour cyberattack reporting for critical infrastructure operators from April

How can HUMINT be leveraged in Cyber Threat Intelligence? The Dark Overlord investigation is an interesting report showcasing how HUMINT helps better understand threat actor activities, and even infiltrate their inner circles to uncover real identities. Some notes 🧵 nightlion.com/wp-content/u...

„her threat hunters detected the Chinese government goons in federal networks before the far-reaching espionage campaign against people's telecommunications providers had been found and attributed to Salt Typhoon.“ www.theregister.com/2025/01/15/s...

"𝑾𝒆𝒍𝒍, 𝑰’𝒎 𝒏𝒐𝒕 𝒓𝒆𝒂𝒍𝒍𝒚 𝒔𝒖𝒑𝒑𝒐𝒔𝒆𝒅 𝒕𝒐 𝒔𝒉𝒂𝒓𝒆 𝒕𝒉𝒊𝒔, 𝒃𝒖𝒕…" Used in social engineering, intelligence collection, & negotiations, elicitation is the subtle art of extracting sensitive information during a seemingly regular conversation. Read more in my new blog: christina-lekati.medium.com/elicitation-...

The new year has come around and we kick it off with 2 new online classes! 🔹 On the 21st of January I will be giving a 4-hour online class on #Elicitation 𝗧𝗲𝗰𝗵𝗻𝗶𝗾𝘂𝗲𝘀. 🔹 On the 28th of January @osintgeek.de will be teaching #Telegram 𝗜𝗻𝘃𝗲𝘀𝘁𝗶𝗴𝗮𝘁𝗶𝗼𝗻𝘀. ⬇️🧵

"𝑾𝒆𝒍𝒍, 𝑰’𝒎 𝒏𝒐𝒕 𝒓𝒆𝒂𝒍𝒍𝒚 𝒔𝒖𝒑𝒑𝒐𝒔𝒆𝒅 𝒕𝒐 𝒔𝒉𝒂𝒓𝒆 𝒕𝒉𝒊𝒔, 𝒃𝒖𝒕…" Used in social engineering, intelligence collection, & negotiations, elicitation is the subtle art of extracting sensitive information during a seemingly regular conversation. Read more in my new blog: christina-lekati.medium.com/elicitation-...

The new year has come around and we kick it off with 2 new online classes! 🔹 On the 21st of January I will be giving a 4-hour online class on #Elicitation 𝗧𝗲𝗰𝗵𝗻𝗶𝗾𝘂𝗲𝘀. 🔹 On the 28th of January @osintgeek.de will be teaching #Telegram 𝗜𝗻𝘃𝗲𝘀𝘁𝗶𝗴𝗮𝘁𝗶𝗼𝗻𝘀. ⬇️🧵

Snapshots from #BlackHatEurope! Spent the week giving our 2-day training to a largely diverse class, strolling around London, celebrating a birthday (thanks to @osintgeek.de who is the best work buddy you can have), and attending the conference! You can say it was a real FULL week.

Cyber Monday has come around and this is the last chance to invest in learning and developing new skills for a 30% off ALL of our classes! If you have been wanting to learn OSINT, HUMINT, Elicitation techniques or investigating Telegram, this is a very good chance. More details below ⬇️ Enjoy!

🚨 It's here! Our ONLY SALE of the year! 🚨 Get 30% OFF ALL of our courses-including the new ones! 🤯 This Sale Ends on Cyber Monday: 2 December 2024 at 23:59 CET! Code: WHISPERS Let's see an overview of the classes included 🧵 #BlackFriday #OSINT #SOCMINT #HUMINT #OpenSourceIntelligence #Training

Tale (almost) as old as the hacker space 🙃 Not just with China...

New from 404 Media: Bluesky may have said it won't use user data to train generative AI, but someone else just published a dataset of million Bluesky posts for "machine learning research". Already very popular dataset, your data may be scraped www.404media.co/someone-made...

On January 30, 2025, I’m hosting an online GEOINT workshop! Join this 4-hour training session to learn how to geolocate images and videos effectively Get all the details and register here: www.eventbrite.fr/e/predicta-l...

Our 2-day training at #DeepSec is a wrap! It was the first time I delivered a deep-dive focusing entirely on the #psychology interplaying in social engineering & HUMINT operations at a cybersecurity conference. It is very energizing to have a class full of curious minds!

If you are reading this post , do take a few minutes to run a quick OSINT check on documents and files that might expose your organization... (Why? Read in the thread below) Here is an article I wrote on how to conduct an initial research on your own: medium.com/@christina-l...

There it is! The bookmark function! 😃

Made an #OSINT starter pack with many OSINT people from all over. go.bsky.app/TSvKc6o Let me know who I missed!

Less than 2 weeks left to register for the class: “Look What You Made Me Do”: The Psychology behind Social Engineering & Human Intelligence Operations - taking place at DeepSec in Vienna on the 19th & 20th of November! deepsec.net/speaker.html...

LLMs for parts of OSINT, not LLMs for all #OSINT. Hallucinations are part of their output - and this will most probably not go away. Take our your thin toothed comb, evaluate, and verify LLM output through additional souces. futurism.com/the-byte/ope...

It's a happy Saturday! Kicking off BSides Berlin with a new presentation "In Deception We Trust" - the modern social engineering exploits against centuries-old human vulnerabilities 🎭

North Korea attacked the Diehl Defense (a weapons manufacturer specializing in advanced military technology) through a #socialengineering campaign. The pretext? Emails impersonating U.S. arms suppliers offering lucrative job offers. www.spiegel.de/netzwelt/web...

Beyond excited to share that one of our most fun, interactive & knowledge-dense classes returns, this time at @BlackHatEvents Europe! 🎉 The talented @OSINTgeek & I will be teaching our "Fundamentals of Cyber Investigations & Human Intelligence" class on the 9-10th of December in London!

With summer taking over and as things naturally slow down these weeks, it is my favorite time for rest, research, and going down some rabbit holes! Expect interesting new things and new classes coming from September on! 🤓🏖📚 What are you doing this summer? 🌞

Highly recommended book for the ones interested in how advanced threat actors operate and in the dynamics around cyberwarefare and state-sponsored attacks. Some very good case studies are included! Summer is here and it's my time to tackle a long reading list:)

Are you doing phishing testing? Are you doing it badly? On this week's Layer 8 Podcast, Rebecca Markwick explains what we do wrong, how it causes harm and how to do them better. podcasters.spotify.com/pod/show/lay...

If you are reading this post , do take a few minutes to run a quick OSINT check on documents and files that might expose your organization... (Why? Read in the thread below) Here is an article I wrote on how to conduct an initial research on your own: medium.com/@christina-l...

Another Monday filled with interesting articles, tips and news. This Week in #OSINT is brought to you by: @mwosint.bsky.social @bashinho.de @fs0c131y.com @christinalekati.bsky.social @nixintel.bsky.social sector035.nl/articles/202...

🚨 New class alert! Join us as we explore some of the darkest digital trails through our new training, "Investigating Shadows: Researching Telegram" Date: 24 May 2024 Live online, interactive webinar from 09:00 - 14:00 CET Class details & registration: digital-trails.academy/p/investigat...

My presentation “Physical Security, Artificial Intelligence & Open-Source Intelligence for Nuclear Facilities” - delivered at the World Institute for Nuclear Security is now public. ❗️Disclaimer: This is an edited version:some slides/details have been omitted. www.wins.org/wp-content/u...

Today, the German Federal Office for the Protection of the Constitution (BvF) & South Korea's National Intelligence Service once again issue a warning about 2 North Korean threat actors. They warn primarily about economic espionage in the arms industry. www.verfassungsschutz.de/SharedDocs/k...

A new and very interesting social media campaign for HUMINT recruitment was published on the CIA's Youtube Channel. From a social engineering aspect, the video employs an interesting mix of empathy, history, and nostalgia, clearly targeting disaffected officials: www.rusi.org/explore-our-...

Last week I had the honor to be invited by the World Institute for Nuclear Security to present my research on how #OSINT coupled with #AI can impact the physical security of nuclear facilities. Thank you for inviting me,I had a great time learning from others & meeting everyone!

There has been quite some conversation around this lately. My take: Large Language Models (LLMs) like ChatGPT cannot be treated as an OSINT tool simply because...they do not get the job done. On multiple levels. (🧵)

If you are into true crime, then you are probably as excited as we are that season 2 of The Europol Podcast officially launched! www.europol.europa.eu/media-press/...

The latest SIRIUS EU Electronic Evidence Situation Report by Europol is showcasing that the most valuable criminal evidence is being found within social media platforms #OSINT #SOCMINT Criminals leave digital trails that are left to be found by those who know how.

If you have some time during the holidays, this podcast series is very worth listening to! 👇🏻

Read in this incredible story how hitmen working for a criminal group active in Montenegro and Serbia used open-source intelligence techniques to track down and kill the leader of a rival clan as he hid out in Greece. www.occrp.org/en/balkan-co...

In a few months @OSINTgeek and I will be returning to Singapore for another training at Black Hat Asia! However... this time, in addition to the updates we have made, there will also be a little surprise, something we have never done before 🤭🤫

What a prime example of blending in. In the little more elaborate #socialengineering schemes, a big part of the job often involves finding a pretext through which you can pretend to be part of the "business as usual" Proofpoint describes how TA4557 did it www.proofpoint.com/us/blog/thre...