Layer 8 Podcast

For this episode, we welcome Ritu Gill, also known as OSINTTechniques on twitter and at osinttechniques.com. First, Ritu helps us to understand the differences between intelligence and data. Then she takes us through some examples of combinations of OSINT and social engineering. In one such example, she finds a way to get a target to reveal his real name on Facebook. She also tells us about canary tokens and phone spoofing.

For this episode, we welcome Jayson E. Street, VP at SphereNY and will be teaching a two-day course at Blackhat titled “Access Denied - Social Engineering Detection and Incident Response”. Jayson tells us about a huge success for him, getting caught. Physical social engineers are often able to breach a company’s physical defenses, but are we teaching the client how to improve? Jayson proudly tells us about one incredible success story.

For this episode, we welcome Christina Lekati, a social engineer and psychologist for Cyber Risk Gmbh in Switzerland. You can find her on twitter at ChristinaLekati. Christina was tasked with confirming one client’s suspicions that their employee was stealing information from them. In this story, you’ll hear that the target had no idea what was coming for him once Christina got started.

Warning: Some language used is NSFW or children. For this episode, we break our format. Usually, we have a social engineer or OSINT investigator on to walk us through a great story, a fun engagement or the methodology of an investigation. On this episode, we welcome two extremely accomplished social engineers, Snow and TinkerSec to just chat, answer a few questions, give opinions and recount a lot of fun stories. You can find them on Twitter at @_sn0ww and @TinkerSec.  In this episode, Snow mentions her Full Scope Social Engineering class being taught at BlackHat USA. You can find out more about that class here: https://www.blackhat.com/us-19/training/schedule/index.html#full-scope-social-engineering-and-physical-security-14232 

For this episode, we welcome Julie Clegg, the OSINT expert on the United Kingdom-based television show "Hunted". Julie is also putting together OSINT2020, an event where OSINT investigators can come together and talk about the future of investigations. You can find out more at OSINT2020.com. Julie talks with us about her five favorite events that happened on Hunted but you didn’t get to see on television. She talks about various activities by the hunters and some pranks that the hunters and hunted played on each other. You can contact Julie on Twitter at @HuntedJulie

For this episode, we welcome Cat Murdock, a security consultant and social engineer from Guidepoint Security. You can find Cat on Twitter at CatMurd0ck. While most of our episodes are safe for work, this one has a few words mixed in that you might not want children to hear. Cat takes us through some of her social engineering encounters, explains why snacks and bathroom breaks are important and why the names on paperwork are very important.

For this episode, we welcome Nico Dekins, also known as Dutch OSINT Guy and a co-host of the OSINT Curious podcast. You can find Nico on Twitter at Dutch_OSINTGuy. Law enforcement officials in the Netherlands asked him to confirm whether a potential Jihadi’s threats were credible. They only gave him a first name and minimal other information. Find out how Nico went through his methodology to get the confirmation they needed.

For this episode, we welcome Alethe Denis, the founder of Dragonfly Security and the reigning champion of the Defcon social engineering capture the flag competition. This is Alethe’s story of where she came from, how she was always a social engineer from childhood and also how words from Lady Gaga turned her life around. She tells us how we can social engineer ourselves to move in a positive direction.

For this episode, we welcome Keith Cox, a social engineer and pentester from Rapid7. Keith takes us through a recent vishing engagement and he tells us how sometimes you can learn from the initial calls you make to drastically change your pretext and how it worked for him. Keith also describes how he got to flip the script a little and help his mentor fine tune his own social engineering skills.

For this episode, we welcome Kirby Plessas, host of the OSINT curious podcast. She is the founder and CEO of the Plessas Experts Network, found at plessas.net where you can find online training about how to perform OSINT investigations. Kirby tells us how she was able to track down a hacker, simply because someone wished him happy birthday.