OSINT Resource Discovery Toolkit

Doing proper OSINT research requires an excellent knowledge of open sources.

Next to the many open source resources already offered, the Repertorium or OSINT Resource Discovery Toolkit, helps in finding the right sources for the right answers. There is amongst others an extensive listing of categories of search engines, each with one or two primary examples. Each listing has direct links to the help pages to find out exactly how each search language works.

The Repertorium is the companion to our range of OSINT training programmes and workshops. Interested? Have a look at https://triangulargroup.com/en/osint.




Australia rebukes Google for blocking local content

The Australian government has urged Google to focus on paying for Australian content instead of blocking it.

After media reports said Australian news websites were not showing up in searches, Google confirmed it was blocking the sites for a small number of users.

The search engine said it was conducting experiments to determine the value of its service to Australian news outlets.

Google, Facebook and other tech companies are fighting the Australian government over plans to make them pay for news content.

BBC News. 15 january 2021



Man uit Almere opgepakt voor phishing in zaak met 100 slachtoffers

De politie heeft dinsdag een 21-jarige man uit Almere aangehouden voor phishing. Bij deze online-oplichtingszaak werd volgens de politie zo’n 130.000 euro verduisterd in de laatste maanden van 2020.

In de phishingzaak werden mails en sms’jes gestuurd die van WoningNet leken te komen, meldt de politie. Daarin stond dat de inschrijving van WoningNet verliep. De slachtoffers werden daarmee naar een valse betaallink gelokt. De betaallink was in dit geval een phishinglink waarmee de bankgegevens van de slachtoffers werden verkregen.

12 januari 2021 21:11 Aangepast: 12 januari 2021 22:40


Weltweit größter illegaler Marktplatz im Darknet vom Netz genommen – Betreiber in Untersuchungshaft

Nach monatelangen intensiven Ermittlungen ist es der Zentralen Kriminalinspektion Oldenburg (ZKI) unter der Leitung der Landeszentralstelle Cybercrime (LZC) der Generalstaatsanwaltschaft Koblenz am Wochenende gelungen, den mutmaßlichen Betreiber des vermutlich weltweit größten illegalen Marktplatzes im Darknet, den DarkMarket, festzunehmen. Am Montag, dem 11.01.2021, konnten die Ermittler zudem den Marktplatz schließen und die Server abschalten. Polizei und Generalstaatsanwaltschaft wurden dabei von einer Vielzahl in- und ausländischer Behörden unterstützt. Neben den Landeskriminalämtern aus Niedersachsen und Rheinland-Pfalz kooperierten die ZKI Oldenburg und die LZC mit den amerikanischen Behörden FBI, DEA und IRS und der australischen, britischen, dänischen, schweizerischen, ukrainischen und moldawischen Polizei. Europol nahm dabei eine koordinierende Rolle ein.

12.01.2021 – 10:22

Landeskriminalamt Rheinland-Pfalz



Beleggers kopen verkeerde aandeel Signal: koers stijgt 12.000 procent

De koers van het miniscule Amerikaanse beursfonds Signal Advance ging de afgelopen dagen 118 keer over de kop. De oorzaak: beleggers interpreteerden een tweet van Tesla-oprichter Elon Musk niet goed en kochten het verkeerde aandeel.

In een paar dagen tijd van een koers van 0,60 dollar stijgen naar 70,85 dollar. Dat overkwam het aandeel Signal Advance.

‘Gebruik Signal’ tweette Elon Musk, de grote man achter Tesla en de rijkste man ter wereld, vorige week donderdag. Beleggers dachten te kunnen profiteren van dit ‘advies’ van Musk en ze haastten zich om het aandeel Signal te kopen.

RTL nieuws. 12 januari 2021 10:41 Aangepast: 12 januari 2021 13:12 

BBC News: Silencing Trump: How ‘big tech’ is taking Trumpism offline

“Amazon’s action against Parler is not unprecedented, as we have seen other US companies such as Cloudflare remove content delivery services and DDoS (distributed denial-of-service) protection and support to white supremacist website The Daily Stormer in 2017 and 8Chan in 2019 after that website was used by a gunman to post materials before he went on to massacre people in El Paso, Texas,” she said.
Silencing Trump: How ‘big tech’ is taking Trumpism offline – www.bbc.co.uk/news/technology-55624630

WhatsApp gives users an ultimatum: Share data with Facebook or stop using the app


8jan2021. The new privacy rules do not apply to the European Economical Zone, amongst others, the EU. No worries for European users,  WhatsApp now has two sets of privacy rules. One for Europe, one for the rest of the world.  https://www.bbc.com/news/technology-55573149

6jan2021. It seems that WhatsApp is upgrading its privacy terms. Users must now agree with sharing their data with Facebook regardless the privacy settings and earlier promises when WhatsApp was purchased by Facebook. Mind you, there is two different versions of WA’s privacy policy: one for the european economical zone and one for the rest of the world.


WhatsApp gives users an ultimatum: Share data with Facebook or stop using the app

WhatsApp, the Facebook-owned messenger that claims to have privacy coded into its DNA, is giving its 2 billion plus users an ultimatum: agree to share their personal data with the social network or delete their accounts.

The requirement is being delivered through an in-app alert directing users to agree to sweeping changes in the WhatsApp terms of service. Those who don’t accept the revamped privacy policy by February 8 will no longer be able to use the app.

Share and share alike

Shortly after Facebook acquired WhatsApp for $19 billion in 2014, its developers built state-of-the-art end-to-end encryption into the messaging app. The move was seen as a victory for privacy advocates because it used the Signal Protocol, an open source encryption scheme whose source code has been reviewed and audited by scores of independent security experts.

In 2016, WhatsApp gave users a one-time ability to opt out of having account data turned over to Facebook. Now, an updated privacy policy is changing that. Come next month, users will no longer have that choice. Some of the data that WhatsApp collects includes:

  • User phone numbers
  • Other people’s phone numbers stored in address books
  • Profile names
  • Profile pictures and
  • Status message including when a user was last online
  • Diagnostic data collected from app logs

Under the new terms, Facebook reserves the right to share collected data with its family of companies.

“As part of the Facebook family of companies, WhatsApp receives information from, and shares information with, this family of companies,” the new privacy policy states. “We may use the information we receive from them, and they may use the information we share with them, to help operate, provide, improve, understand, customize, support, and market our Services and their offerings.”

View more

In some cases, such as when someone uses WhatsApp to interact with third-party businesses, Facebook may also share information with those outside entities.

A lack of transparency

The move comes a month after Apple started requiring iOS app makers, including WhatsApp, to detail the information they collect from users. WhatsApp, according to the App Store, reserves the right to collect:

  • Purchases
  • Financial information
  • Location
  • Contacts
  • User content
  • Identifiers
  • Usage data and
  • Diagnostics

A WhatsApp spokeswoman declined to speak on the record about the changes and precisely how or if it’s possible for users to opt out of them. She agreed to email additional information on the condition it be kept on background, meaning none of the details can be quoted verbatim.

The move, the spokeswoman said, is part of a previously disclosed move to allow businesses to store and manage WhatsApp chats using Facebook’s infrastructure. Users won’t have to use WhatsApp to interact with the businesses and have the option of blocking the businesses. She said there will be no change in how WhatsApp shares provides data with Facebook for non-business chats and account data.

Together, the WhatsApp privacy policy and terms of service are more than 8,000 words long and are filled with legal jargon that makes it difficult for non-lawyers to understand. WhatsApp is doing its users a disservice by not agreeing to speak on the record so that reporters can fully understand the changes and explain them to readers.

People who object to the new terms and policy should consider using a different messenger. The Signal messenger provides the same robust encryption engine with a much more transparent privacy policy and terms of service. (Those documents are half the length of those from WhatsApp, too.) Besides providing encrypted chats, Signal also offers encrypted audio and video calls.

Post updated to add details in the third-to-last paragraph.

81,000 UK-owned .eu domains suspended as Brexit transition ends

Interesting development in the world of OSINF. How much information will be lost now that 81000 domain names are suspended due to Brexit?


ZDNet, Daphne Leprince-Ringuet, 5 jan 2021

Tens of thousands of website owners who are based in the UK might have started the year with an unpleasant surprise: Eurid, the registry manager of .eu domain names, has suspended .eu domain names registered by UK citizens as a result of the regulatory changes caused by Brexit. 

Suspended domain names can no longer support a website or service like email, and owners now have three months to prove their right to run a .eu domain. This means updating contact data to transfer the .eu domain to an EU-subsidiary outside the UK; or declaring citizenship or residence of an EU member state. 


Domain names will be re-instated as soon as contact data is updated, said Eurid – but only for the next few months. Those who, after 31st March 2021, still haven’t demonstrated their eligibility will see their domain name withdrawn, and made available again for general registration from January 2022 if no action is taken by then. Eurid said 81,000 domains, from 50,000 users, have been suspended.

Read more…


Intel agencies say massive cyberattack was ‘likely Russian in origin’

From ABC News:
U.S. intelligence agencies on Tuesday attributed the recent massive SolarWinds cyber breach to Russia, saying it was likely an intelligence gathering effort against several U.S. government agencies.
“This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks,” the FBI, Cybersecurity and Infrastructure Security Administration, and Office of Director of National Intelligence said in a joint statement. “At this time, we believe this was, and continues to be, an intelligence gathering effort. We are taking all necessary steps to understand the full scope of this campaign and respond accordingly