This theme crept into many of the sessions at ISSALA. Among the speakers who covered the topic was McAfee’s Security Research and Communications Director David Marcus, who discussed at length how hackers can leverage open source intelligence (OSINT) as a means to gain insight into an organizations’ infrastructure, technologies and operations.
During his session, Marcus provided a healthy list of tools used by these innovative and collaborative adversaries, including Twitter, Pastebin, SHODAN and Metasploit. Presenting results from the use of these tools, Marcus showed the audience how easy it is to identify, capture, share and use public-facing information to extract knowledge which could be used to attack an organization.