March 12, 2023

TSD #032: Investigators & Covert Entry

Hello friend 👋

I'm incredibly humbled to say that you are one of over a thousand subscribers who is signed up to our little weekly newsletter. If this is your first edition...welcome. If you've been here before...welcome back. Let's go!

Law enforcement strike again

Law enforcement is having a wonderful start to the year and this week is no different. German and Ukrainian police arrested DoppelPaymer ransomware operators in coordinated raids on multiple properties. A slick operation that resulted in a lot of useful equipment being captured and a few arrests too. Ransomware operators have never been under more threat than they are today.

An online investigation

After posting my latest video about doing forensics on photos to figure out where they were taken, I was given the opportunity to solve a real open-source intelligence problem for some investigator friends of mine. They knew the photo was somewhere in a certain major UK city, but they needed more. They needed an exact location. Within 45 minutes, I was able to help pinpoint where a photo was taken to within a few feet. I can't share details yet, but maybe in a few months, I'll be able to walk you through my steps to get the necessary answers. It was a fun one.

Other things that hit my radar

  1. In a globally coordinated effort, law enforcement seized the computer server hosting the NetWire RAT infrastructure.
  2. Twitter has let its privacy-protecting Tor service expire.
  3. The ALPHV ransomware group is attempting to extort a healthcare network in Pennsylvania by publishing photographs of breast cancer patients.

You can get in touch with me by simply hitting reply. I respond to every email that hits my inbox.

Until next week,

Gary ✌️

Fun Things This Week

📽️ My latest video

Knowing how to extract metadata from images and other files is an important skill in both OSINT and forensics. There's an awesome tool that will help. It's called Exiftool, and in this tutorial, I'll show you how it works!

👾 Cool Tools

I love hacking. Once you get the feel for it, it's a rush seeing those shells pop. However, it's not everyone's cup of tea. But there's a part of cyber/infosec that deals with physical hacking. Cutting fences, bypassing locks and security systems and sneaking into buildings. If that's something that sounds fun to you, then you'll love this resource I came across this week. David Probinsky's Red Team Tools is a curated list of tools that are commonly used in the field for Physical Security, Red Teaming, and Tactical Covert Entry.

DataSurgeon is a versatile tool designed for incident response, penetration testing, and CTF challenges. It allows for the extraction of various types of sensitive information including emails, phone numbers, hashes, credit cards, URLs, IP addresses, MAC addresses, SRV DNS records and a lot more!


Whenever you’re ready, there are a few ways I can help you:

1. If you'd like to get daily cyber news updates, follow Tearline on LinkedIn or join the Telegram channel.

2. If you'd like to learn how to create content to raise your online profile, I have a free email crash course and a whole series of video workshops.

3. If you want to land a career in cyber security but don't know where to start, your best bet is through my SWITCHFIRE guide.

4. If you'd like to promote yourself or your business and help keep this newsletter free to its readers, you can sponsor it by dropping me an email.

More Articles
Subscribe to The Sunday Download

Receive weekly news and insights in your inbox. Don't miss out!

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.