Skip to main content
The Pivot

The Pivot

By Maltego Technologies

Brought to you by Maltego, The Pivot deep dives into topics pivoting from information security to the criminal underground. Each episode features an interview with experts from the industry and research fields and explores how they connect the dots.
Where to listen
Apple Podcasts Logo

Apple Podcasts

Google Podcasts Logo

Google Podcasts

Spotify Logo

Spotify

Currently playing episode

Teresa Walsh from FS-ISAC: Mapping Threat Intelligence Landscape Worldwide

The Pivot

1x
Teresa Walsh from FS-ISAC: Mapping Threat Intelligence Landscape Worldwide
Teresa Walsh from FS-ISAC: Mapping Threat Intelligence Landscape Worldwide
Teresa Walsh leads the FS-ISAC’s Global Intelligence Office (GIO) to protect the financial sector against cyber threats by delivering actionable strategic, operational, and tactical intelligence products. Based in the United Kingdom, she oversees FS-ISAC’s global member sharing operations and a team of regional intelligence officers and analysts who monitor emerging threats.Teresa began her career as a civilian intelligence analyst with the US Naval Criminal Investigative Service (NCIS) and holds a master’s in political science with a focus on international relations from the University of Missouri-Columbia. In this interview, Teresa shares with us her work as a GIO and provides insights into the differences between traditional intelligence and cyber intelligence as well as which industry adjusts swiftly in alleviating risks than others. Last but not the least, she also offers her advice to those who would like to become an intelligence practitioner. 0:00 Welcome! 01:45 Tell us a bit about yourself! 02:54 What is it like to wake up with information coming from worldwide? 05:18 What is it like to work in the intelligence industry? 07:52 What is the biggest challenge for getting the traditional SOC team to think differently about the intelligence and use it versus jamming millions of IPs into a tip? 14:47 How much intelligence are derived/propagated from OSINT? 18:41 Are there any industries evolving faster in mitigating risks than the others? 20:51 Do you use any specific tools to gather intel? 23:03 Where to start in the intelligence industry? 31:40 Tell us about an unforgettable investigaion! 37:31 How's the house renovation going? 45:49 Tell us 3 most important advice for intelligence partitioner wannabes! ■ About The Pivot Brought to you by Maltego, The Pivot deep dives into topics pivoting from information security to the the criminal underground. Each episode features interviews with experts from the industry and research fields and explores how they connect the dots. ■ About Maltego Used by investigators worldwide, Maltego is an graphical link analysis tool that allows users to mine, merge, and map data from OSINT and third-party data integrations for all sorts of investigations—cybersecurity, person of interest, fraud, and more. The podcast streams free on Spotify, Apple Podcasts, and Google Podcasts. You can also watch it all go down on YouTube. Don't forget to subscribe to our Twitter and LinkedIn to stay on top of our latest updates, tutorials, webinars, and deep dives. For more information about Maltego, visit our website.
49:27
January 15, 2023
Gisela Perez de Acha: Data Privacy Lawyer Ascended Investigative Reporter
Gisela Perez de Acha: Data Privacy Lawyer Ascended Investigative Reporter
Gisela is a a human rights lawyer, an open source researcher at Berkeley Law’s Human Rights Center Investigations Lab, and a trainer at Amnesty International’s Digital Verification Corps, a global network of volunteers who fact-checks social media posts about war crimes and human rights violations. She reports on extremism and other topics for the Investigative Reporting Program with a focus on digital forensics and network analysis. She is also cybersecurity expert and a digital safety trainer with PEN America. In this interview, Gisela talks about the knowledge she gained from several  OSINT investigations, which later led to her multi-career journey in journalism, investigative reporting, and OSINT investigations. By sharing her experiences as an OSINTer, she answers questions on how to deal with mental distress when faced with threats and the top 3 must-have tools for her investigations. 0:00 Welcome! 1:10 Tell us a bit about yourself! 4:25 What gets you into intelligence and investigations? 9:08 How do you balance and keep going with multiple careers? 15:31 Tell us the craziest experience you have! 20:12 Has your perosnal safety been threatened when investigating? 25:00 How do you deal with mental distress? 31:39 What was it like winning a team Polk Award with «American Insurrection»? 34:52 What are the top 3 tools you cannot live without? 40:06 What advice would you give to inspire the listeners? ■ About The Pivot Brought to you by Maltego, The Pivot deep dives into topics pivoting from information security to the criminal underground. Each episode features interviews with experts from the industry and research fields and explores how they connect the dots. ■ About Maltego Used by investigators worldwide, Maltego is a graphical link analysis tool that allows users to mine, merge, and map data from OSINT and third-party data integrations for all sorts of investigations—cybersecurity, person of interest, fraud, and more. The podcast streams free on Spotify. You can also watch it all go down on YouTube. Don't forget to subscribe to our Twitter and LinkedIn to stay on top of our latest updates, tutorials, webinars, and deep dives. For more information about Maltego, visit our website.
46:24
December 15, 2022
Léa Ronzaud from Graphika: Internet Mapping & State Operations Recognition
Léa Ronzaud from Graphika: Internet Mapping & State Operations Recognition
Léa is an investigator at Graphika, specializing in online investigations, state influence operations, and European extremist groups. She was a known part of the team that exposed Secondary Infection as well as the recent competing Russian and French influence operations in the Central African Republic. Léa holds a dual Master's degree in Geopolitics of the post-Soviet space from the French Institute of Geopolitics and the Russian State University for the Humanities. In this episode, Léa elaborates on the projects she has done with Graphika, including how she conducts internet mapping and recognizes state operations. She also shares with us the ethics in OSINT investigations with her own redline as an example and digs into the ongoing war in Ukraine and the upcoming French presidential election. 0:00 Welcome! 0:28 Tell us a bit about yourself! 3:58 Does decivilizing or attacking a country have multiple layers? 4:41 Tell us about the internet mapping at Graphika! 15:49 How do you analyse the slide between bots and real people? 17:14 How do you recognize state operation? 28:18 The ethics in OSINT 38:03 How has your job influenced your vision of and relationship with Russia? 40:28 What's your take on the war in Ukraine, disinformation-wise? 45:41 Why did the people focusing on COVID earlier shift quickly to pivot the war? 50:11 Anything to share about the approaching French presidential election? 56:39 Any fears that foreign agents or vicious people will dominate online communities? 1:01:00 Any shoutout you wanted to give? ■ About The Pivot Brought to you by Maltego, The Pivot deep dives into topics pivoting from information security to the criminal underground. Each episode features interviews with experts from the industry and research fields and explores how they connect the dots. ■ About Maltego Used by investigators worldwide, Maltego is a graphical link analysis tool that allows users to mine, merge, and map data from OSINT and third-party data integrations for all sorts of investigations—cybersecurity, person of interest, fraud, and more. The podcast streams free on Spotify. You can also watch it all go down on YouTube. Don't forget to subscribe to our Twitter and LinkedIn to stay on top of our latest updates, tutorials, webinars, and deep dives. For more information about Maltego, visit our website.
01:01:45
November 15, 2022
Vicente Diaz from VirusTotal: Exploring the World of Threat Hunting
Vicente Diaz from VirusTotal: Exploring the World of Threat Hunting
Vicente Diaz is a specialist in Threat Intelligence and Threat Hunting. He works in the VirusTotal team in Google as Threat Intelligence Strategist and holds a degree in Computer Science and an MSc in Artificial Intelligence. On the latest The Pivot episode, Vicente shares his threat hunting journey and what threat intelligence means to him. By introducing us to his work in VirusTotal and his role within the company, Vicente shares some of his most interesting and relevant investigations, the toolkits he uses the most, and how anyone can get started with threat hunting. Vicente also gives some tips and tricks into how anyone, people and corporates, can protect themselves from the current crises surrounding privacy and threat intelligence. 0:00 Welcome! 0:47 Tell us a bit about yourself! 3:17 Where and how did you start getting into threat intelligence investigations? 6:11 What does threat intellignece mean to you and what are you working on right now?  11:15 What is VirusTortal and what is your role within the company? 14:24 Can you share an interesting investigation done with VirusTotal? 20:03 Are there any interesting, yet dark, threat actor groups involved while conducting an investigation? 27:37 Have you been targeted in your activities? 31:05 How often do these investigations create targeting problems? 34:55 What are the toolkits that you use frequently? 38:10 Do you have any passion projects outside the threat intelligence sphere? 41:31 How to get strarted in threat hunting? 46:07 Tell us the top 3 tools/methods people can use to protect themselves! 50:55 Any other interesting stories you would like to share? ■ About The Pivot Brought to you by Maltego, The Pivot deep dives into topics pivoting from information security to the criminal underground. Each episode features interviews with experts from the industry and research fields and explores how they connect the dots. ■ About Maltego Used by investigators worldwide, Maltego is a graphical link analysis tool that allows users to mine, merge, and map data from OSINT and third-party data integrations for all sorts of investigations—cybersecurity, person of interest, fraud, and more. The podcast streams free on Spotify. You can also watch it all go down on YouTube. Don't forget to subscribe to our Twitter and LinkedIn to stay on top of our latest updates, tutorials, webinars, and deep dives. For more information about Maltego, visit our website.
52:23
October 15, 2022
Rae Baker: Graphic Designer Turned Senior OSINT Analyst & Educator
Rae Baker: Graphic Designer Turned Senior OSINT Analyst & Educator
After spending more than 15 years as a graphic designer, Rae Baker decided that it was time for a career change. Now, she is passionate about corporate reconnaissance as well as scam/fraud tracking and currently works as a Senior Open Source Intelligence Analyst for a large consulting firm. As an OSINT Curious Advisory Board member, Rae also works closely with other OSINT practitioners in the field to educate and inspire those within the OSINT community. Additionally, she is the Open Source Intelligence team lead with Operation Safe Escape, which is a 501(c)(3) non-profit comprising of security professionals tasked with keeping domestic violence victims hidden from their abusers, a volunteer with Innocent Lives Foundation, as well as a Trace Labs Black Badge winner. In this interview, we will dive into her experiences as someone starting in OSINT from scratch and becoming a well-known OSINT blogger, researcher, and advocate and her tips and recommendations for those who are on the same path. 0:00 Welcome! 1:33 Tell us about yourself! 3:33 How did you get into OSINT and what kept you in the field? 6:05 How do you pick your research topics? 7:20 Tell us about your blog "Wondersmith Rae"! 8:16 Would you tell us a bit about a recent investigation you dived into? 10:38 How did you get into martitime OSINT? 13:17 What kind of tools do you use for maritime investigations? 14:37 What are good OSINT resources you recommend? 16:32 Any tips or suggestions about writing blogs? 18:31 What are the 3 most important things you would share with OSINT practitioners? 23:55 Any suggestions for OSINT beginners? 25:40 Do you feel struggled finding free tools available for your investigations? ■ About The Pivot Brought to you by Maltego, The Pivot deep dives into topics pivoting from information security to the criminal underground. Each episode features interviews with experts from the industry and research fields and explores how they connect the dots. ■ About Maltego Used by investigators worldwide, Maltego is a graphical link analysis tool that allows users to mine, merge, and map data from OSINT and third-party data integrations for all sorts of investigations—cybersecurity, person of interest, fraud, and more. The podcast streams free on Spotify. You can also watch it all go down on YouTube. Don't forget to subscribe to our Twitter and LinkedIn to stay on top of our latest updates, tutorials, webinars, and deep dives. For more information about Maltego, visit our website.
28:12
September 15, 2022
Katie Paxton-Fear: The Bug Bounty Hunter & YouTube Creator
Katie Paxton-Fear: The Bug Bounty Hunter & YouTube Creator
Dr. Katie Paxton-Fear is a Cybersecurity Lecturer at Manchester Metropolitan University and Technical Community Manager at Bugcrowd, but she’s probably most well known for her hobby: In her free time, she’s a hacker and a YouTube educator. Since 2019, she has found more than 30 vulnerabilities in real software in production, when she first got into hacking “accidentally.” She got her start in security thanks to a mentorship at a HackerOne live hacking event in 2019 where she found her first two bugs in Uber, despite it being her first-time hacking. After being invited as a mentee again in Vegas during DEFCON, she realized the privilege she had and once she got home, she started making videos teaching others how to get into hacking. Since then, she has made more than 50 educational videos on a range of topics, explaining beginner vulnerabilities, tools, APIs, note-taking, and mobile hacking. She is interested in the intersection of data and web application vulnerabilities and developing understanding from noise. In this interview, we will dive into: Katie's journey and experience of being a bug bounty hunter How OSINT plays a role in Kaite's projects Katie's aspiration of teaching and creating educational content Three of the most important things that helped Katie become who she is 0:00 Welcome! 2:03 Tell us about yourself! 4:33 How did you feel when you found your first bug bounty? 8:02 Is OSINT revelant to your work? 10:54 How should a person choose their targets? 13:46 How do you establish and maintain your motivation? 18:24 Could you tell us a bit about your recent projects? 21:31 What motivated you to start creating and sharing content on YouTube? 30:07 What learning resources would you recommend for anyone interested in OSINT or bug bounty? 36:19 What are your plans for the future? 39:44 What are the 3 most important things that helped you along the way and that you would share with fellow practitioners? ■ About The Pivot Brought to you by Maltego, The Pivot deep dives into topics pivoting from information security to the criminal underground. Each episode features interviews with experts from the industry and research fields and explores how they connect the dots. ■ About Maltego Used by investigators worldwide, Maltego is a graphical link analysis tool that allows users to mine, merge, and map data from OSINT and third-party data integrations for all sorts of investigations—cybersecurity, person of interest, fraud, and more. The podcast streams free on Spotify. You can also watch it all go down on YouTube. Don't forget to subscribe to our Twitter and LinkedIn to stay on top of our latest updates, tutorials, webinars, and deep dives. For more information about Maltego, visit our website.
44:07
August 18, 2022
Julie Jones: How To Become A World-Class Investigator
Julie Jones: How To Become A World-Class Investigator
After working as a police detective, undercover operator, and behavioral and geographic profiler for 10 years, Julie Jones enters the intelligence unit and develops her passion for technology by using the internet to investigate crimes. As an Intelligence Specialist, Julie uses all-source intelligence with a focus on online OSINT, social media intelligence, and ethical and proportionate practices for covert and undercover investigations to solve complex problems for corporations, governments, law enforcement, and non-profits worldwide.  In this episode, Julie shares what leads her into internet investigations, how she keeps up with the curve, her experiences in international investigations, the topics she is passionate about, the definition of coercive control as well as her work around cults. In this episode, Julie talks about: Tips/techniques to stay on top of the curve What is it like to engage in international crimes investigations and how she navigates it Why she is passionate about humanitarian investigations What is coercive control Her work around cults What should we focus on to improve as investigators 0:00 Welcome! 1:05 Tell us about yourself! 17:19 What are the tips/techniques to stay on top of the curve? 29:37 What is it like to engage in international investigations and how do you navigate it? 39:17 What are the things that you are passionate about? 42:17 What is coercive control? 44:41Tell us about your work around cults. 51:40 What should we focus on to improve as investigators? ■ About The Pivot Brought to you by Maltego, The Pivot deep dives into topics pivoting from information security to the criminal underground. Each episode features interviews with experts from the industry and research fields and explores how they connect the dots. ■ About Maltego Used by investigators worldwide, Maltego is a graphical link analysis tool that allows users to mine, merge, and map data from OSINT and third-party data integrations for all sorts of investigations—cybersecurity, person of interest, fraud, and more. The podcast streams free on Spotify. You can also watch it all go down on YouTube. Don't forget to subscribe to our Twitter and LinkedIn to stay on top of our latest updates, tutorials, webinars, and deep dives. For more information about Maltego, visit our website.
57:46
July 21, 2022
Micah Hoffman from The OSINT Curious Project: Sharing OSINT Techniques with the World
Micah Hoffman from The OSINT Curious Project: Sharing OSINT Techniques with the World
Devoting himself to the OSINT world for more than decades, Micah Hoffman is a highly active member of the Cyber Security and OSINT communities. Micah works with the federal government, commercial, and internal customers and conducts many different Cyber Security tasks, such as penetration testing, OSINT investigations, and risk assessment. Micah is also the president of The OSINT Curious Project, the Principal Investigator and owner of Spotlight Infosec, the founder of the My OSINT Training, and the co-founder of the OSINT Games CTF Experience. In this episode, Micah talks about: How he lands in OSINT Skillsets required for OSINTers Future challenges and suggestions Recommendations for OSINT beginners How The OSINT Curious Project starts Challenges for forming the OSINT community and solutions His professional projects and CTFs His favorite OSINT tools Advice for investigators to protect themselves An interesting investigation he had before Areas OSINTers need to deep dive into His personal goals for the future 0:00 Welcome! 0:41 Brief intro about Micah Hoffman 2:36 What brought you into the world OSINT? 5:57 What skills do you think OSINTers need nowadays? 8:21 What do you think about the future and upcoming challenges? 11:47 What are your recommendations for beginners? 14:25 How did The OSINT Curious Project start? 16:47 What are the challenges to build OSINT community and solutions? 19:37 Tell us about your training & professional projects! 24:35 Let's talk about the CTFs! 28:14 Share with us some upcoming projects! 29:28 What are your favorite OSINT tools? 31:58 Any advice for investigatiors to protect themselves? 35:52 Tell us an interesting investigation! 40:56 What are the areas/challenges OSINTers need to deep dive to handle? 43:27 What are your personal goals in the future? ■ About The Pivot Brought to you by Maltego, The Pivot deep dives into topics pivoting from information security to the criminal underground. Each episode features interviews with experts from the industry and research fields and explores how they connect the dots. ■ About Maltego Used by investigators worldwide, Maltego is a graphical link analysis tool that allows users to mine, merge, and map data from OSINT and third-party data integrations for all sorts of investigations—cybersecurity, person of interest, fraud, and more. The podcast streams free on Spotify. You can also watch it all go down on YouTube. Don't forget to subscribe to our Twitter and LinkedIn to stay on top of our latest updates, tutorials, webinars, and deep dives. For more information about Maltego, visit our website.
46:23
June 17, 2022
Child Sexual Abuse Material & How to Investigate CSAM
Child Sexual Abuse Material & How to Investigate CSAM
Homeland Security Investigations (HSI), the investigative unit of Immigration and Customs Enforcement (ICE), announced it initiated 4,224 child exploitation cases during the 2019 fiscal year, which began in October 2018 and concluded at the end of September. Those cases led to a total of 3,771 criminal arrests, and the identification or rescue of 1,066 victims. In this episode, The Pivot hosts and Maltego Subject Matter Experts Joe Ryan and Mario Rojas dive into the alarming topic: Child Sexual Abuse Material (CSAM) and how investigators and organizations can support the fight against it. They touch upon the following topics: 1. What technologies are involved in the production, identification, and detection of CSAM 2. Recent headlines that have to do with CSAM 3. How CSAM is investigated 4. What other types of CSAM are out there and where we can find information or reports about CSAM 5. How to prevent the spread of CSAM or get involved in the fight against CSAM 0:00 Welcome! 0:27 Tell us about yourself! 1:20 How CSAM is a subject close to us 4:43 What is CSAM and other related terminologies 9:35 What is the prevalence of CSAM? 14:37 What are the technologies involved in the production of CSAM? 21:46 Can you explain the Apple case on SCAM reporting? 27:41 Big companies efforts: PhotoDNA Microsoft, Apple 30:49 What is a hash collision? 35:51 Could you walk us through the investigation of SCAM? 47:45 How to investigate CSAM as a non-law-enforcement person? 55:55 Are there any other types of CSAM? 1:07:00 Any places to find more information or report CSAM? 1:08:32 How can online platforms like Facebook help report CSAM? 1:11:06 What can non-technical individuals do to help? 1:14:47 Reach out to us if any questions! ■ About The Pivot Brought to you by Maltego, The Pivot deep dives into topics pivoting from information security to the criminal underground. Each episode features interviews with experts from the industry and research fields and explores how they connect the dots. ■ About Maltego Used by investigators worldwide, Maltego is a graphical link analysis tool that allows users to mine, merge, and map data from OSINT and third-party data integrations for all sorts of investigations—cybersecurity, person of interest, fraud, and more. The podcast streams free on Spotify. You can also watch it all go down on YouTube. Don't forget to subscribe to our Twitter and LinkedIn to stay on top of our latest updates, tutorials, webinars, and deep dives. For more information about Maltego, visit our website.
01:17:14
May 19, 2022
Kicks & Chips: Deep Dive into Scalper Bots
Kicks & Chips: Deep Dive into Scalper Bots
Scalper bots are designed to automatically buy a large amount of an exclusive item such as tickets, sneakers, or GPUs, often to resell them for profit. In this episode, The Pivot host, Bradley Taylor sits down with Maltego Subject Matter Experts Mathieu Gaucheler and Threat Intelligence Analyst Liv Rowley to explore the following aspects of the scalper bot world: How scalper bots work Trends & details of the products targeted by scalper bots Pricing & plans of the bots on the market Ways the bots bypass counter-measures 0:00 Welcome! 0:33 Tell us about yourself! 1:29 What brought you to the scalper box? 3:21 How long do you think the scalper bots have been running? 4:50 Do you think the retailers are doing much to counter the scalper bots? 7:33 Is there any other method you think the retailers could use? 8:57 Are there specific platforms or applications the scalpers are using? 10:55 Is it illegal to run bots operations? 12:08 Could you tell us something interesting you found during the research? 17:00 Does it require a lot of knowledge to run bots applications and platforms? 19:28 What did you use and how did you start to do all these researches? 21:54 Do you think the sellers /users of these bots qualified as cyber criminal activity? 23:50 What were the odd things you saw bots targeting? 25:33 Has there been any specific activity in specific regions/platforms? 31:01 How are the bots bundle package priced? 32:40 How did you feel and what ran through your mind after the research? 35:05 What advice would you give to the new budding retailers? 38:41 Anything you would like to add? ■ About The Pivot Brought to you by Maltego, The Pivot deep dives into topics pivoting from information security to the criminal underground. Each episode features interviews with experts from the industry and research fields and explores how they connect the dots. ■ About Maltego Used by investigators worldwide, Maltego is a graphical link analysis tool that allows users to mine, merge, and map data from OSINT and third-party data integrations for all sorts of investigations—cybersecurity, person of interest, fraud, and more. The podcast streams free on Spotify. You can also watch it all go down on YouTube. Don't forget to subscribe to our Twitter and LinkedIn to stay on top of our latest updates, tutorials, webinars, and deep dives. For more information about Maltego, visit our website.
42:03
April 21, 2022
Ritu Gill from OSINT Techniques: Everything about OSINT
Ritu Gill from OSINT Techniques: Everything about OSINT
Ritu Gill is an Intelligence Analyst with 14 years of experience working in open-source intelligence (OSINT). After a 12-year career with the Royal Canadian Mounted Police (RCMP), Ritu set up a consulting business providing OSINT training and research to law enforcement and related entities across North America. In this episode, Ritu shares her OSINT research, projects, journey, and experiences with The Pivot hosts Bradley Taylor and Maltego Subject Matter Expert Carlos Fragoso. 0:00 Welcome! 0:45 Tell us about yourself! 1:05 What got you into OSINT? 2:21 What were the resources you started with? 4:30 Tell us the project fascinated you the most! 7:25 How was the feedback for the shooting map? 9:27 Any tips for people who want to get into OSINT? 16:32 Are there specific tools/techniques you use in your investigations? 20:29 Could you elaborate on the OSINTcurio.us project and the articles you wrote? 27:01 How to creat sock puppets with photo validation? 29:25 How does it differ to develop an account on a platform for various purposes? 31:49 Tell us about your website "OSINT Techniques"! 34:41 What do you think is impacting our investigatioins nowadays? 41:05 Tell us something interesting happened at the beginning of your career! 44:09 What are the 3 things to pass on to anyone getting into this field? ■ About The Pivot Brought to you by Maltego, The Pivot deep dives into topics pivoting from information security to the criminal underground. Each episode features interviews with experts from the industry and research fields and explores how they connect the dots. ■ About Maltego Used by investigators worldwide, Maltego is a graphical link analysis tool that allows users to mine, merge, and map data from OSINT and third-party data integrations for all sorts of investigations—cybersecurity, person of interest, fraud, and more. The podcast streams free on Spotify. You can also watch it all go down on YouTube. Don't forget to subscribe to our Twitter and LinkedIn to stay on top of our latest updates, tutorials, webinars, and deep dives. For more information about Maltego, visit our website.
48:06
March 17, 2022