OSINT, Social Engineering, & the Election (with Ed Porter)

Nov 14, 2016

OSINT, Social Engineering, & the Election (with Ed Porter)

ADVANCED PERSISTENT SECURITY PODCAST

EPISODE 25

GUEST: Ed Porter

NOVEMBER 14, 2016

If you enjoy this podcast, be sure to give us a 5 Star Review and “Love Us” on iTunes; Like us on Google Play, Stitcher, Sound Cloud, Spreaker, and YouTube.
NOTE: The opinions expressed in this podcast are ours alone and do not reflect those of our employers

OSINT, Social Engineering, & the Election (with Ed Porter) SHOW NOTES

PART 1

We kick this episode off by discussing a couple of current events in the news. The first is from ThreatPost and discusses a story that academic professionals provide a seal of approval on the signal algorithm and associated apps (What’sApp, Allo, and Signal) rating it ‘Cryptographically sound.” The second, also from ThreatPost discusses an OAuth2 vulnerability released at Black Hat EU and takes advantage of poor implementations to hijack accounts.

Stories

ThreatPost: Signal is Cryptographically Sound

ThreatPost: OAuth2 vulnerability exposes mobile applications

PART 2

We discuss OSINT and Social Engineering as they relate to the election. In this segment, we talk about misinformation campaigns (such as claims of election hacking), gathering information, and influencing the public opinion. This is more of how OSINT and Social Engineering played into the election. Joe provides advice for aspiring candidates to use OSINT to better understand their constituents and develop better campaign platforms.

PART 3

In this segment, the direction shifts to how the election is driving Social Engineering campaigns and what OSINT can be gathered from social media after the election. Joe provides an example of such a phishing campaign purporting to be ABC News. He predicts that the number of campaigns will only increase.

ABOUT Ed

OSINT, Social Engineering, & the Election (with Ed Porter) — Ed Porter

Edward Porter has been working with IT for over 17 years in the Atlanta area and recently obtained his CISSP in August 2016. He has a technical background and has also held certifications from Cisco (CCNA) and CompTIA (A+, Network+, Security+, Linux+). Through his passion for technology and helping others he became a guru to family, friends, and community, spreading the good news about our information age while putting out the resulting fires and malware infections. Having established a solid foundation of IT and networking competencies, he began to focus on information security and protecting others.

Ed is looking for work and can be found on Twitter @edinatl and LinkedIn.

CONTACTING Ed:

Twitter: @EdInATL

Thanks for stopping by and checking out our podcast. We would appreciate if you could subscribe (assuming you like what you hear; we think you will). This is meant to be informative and to provide value to anyone who listens – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

Enter your email address:

Delivered by FeedBurner