The OSINT Newsletter - Issue #45
Find the full name of a private LinkedIn account with an abbreviated display name
👋 Welcome to the 45th issue of The OSINT Newsletter. This issue contains OSINT news, community posts, tactics, techniques, and tools to help you become a better investigator. My goal with this newsletter is to help promote the OSINT industry, develop better investigators, and raise awareness of ethical use cases for open source intelligence.
🚨 Almost all print issues of The OSINT Newsletter have been shipped out. I ran into some issues with incomplete addresses on a few folks so if I’ve reached out, that’s likely why. Thank you so much to all of the people who posted about it online.
🎩 H/T: Sancho, Antelo, Mohammad, Chris, Elizabeth, and others who shared a picture of their print edition.
The PDF version of The OSINT Newsletter is now available in the shop. It’s a pay-what-you-want price so it’s accessible to everyone.
🧰 I added a new tool to The OSINT Newsletter toolbox. I wrote about it more below and walked through the process in last week’s issue.
🗒️ I’ll be releasing the first issue in an investigative series on the Infrastructure Investment and Jobs Act and government oversight using open source intelligence.
Expect the first one to come out this week.
I’ll be answering questions that many have asked including
Has construction started on these projects yet?
What exactly is being built and where?
What are the outcomes of the investment?
How much waste is there?
I’ll be using several methods including person search, geolocation, analysis using AI, and more.
🪃 If you missed the last newsletter, here’s a link to catch up.
⚡ Pivot from a Twitter profile to Medium, Product Hunt, Mastodon, and more with high confidence
Let’s get started. ⬇️
OSINT News
📰 Keep your phone number private with Signal usernames
With what seems like a decline in social media engagement, many have moved over to Signal; however, sharing your phone number with people requires a certain level of trust. Signal recently announced they’ll be moving to usernames, allowing people to communicate more anonymously.
🎩 H/T: Randall Sarafa
📰 Lessons from the iSOON Leaks
The iSOON leak has made a big impact on the OSINT community, similar to past leaks affecting Russian and US intelligence. It includes around 170MB of translated Chinese documents, which might have some inaccuracies. iSOON, established in 2010, specializes in cyber activities and was chosen in 2019 as one of the first units by the MPS's Cyber Security Bureau.
🎩 H/T: BushidoToken
On the same topic (iSOON Leaks), here’s a thread on Twitter (X) discussing this from Thomas Roccia.
📰 Facecheck ID is switching to paid access only
Facecheck.id announced they’ll be switching their tool to a paid service on March 1st. This is good news and bad news for the OSINT community. The good news is that the service will get better and give healthy competition to PimEyes. The bad news is that it makes causes like TraceLabs CTFs more costly to support.
🎩 H/T: Craig Silverman | LinkedIn post
📰 Search alert: Google filetype search is broken. How to fix it?
Google’s filetype operator has been deprecated. Or has it? OSINT researchers have experienced a change in Google’s search results lately and this is added to the list. Henk discusses this more in his newsletter.
🎩 H/T: Henk Van Ess
OSINT Community
📺 How OSINT Can Solve Cold Cases
Ryan McBeth talks about how OSINT can be used to solve cold cases through organizations like 4chris.org. If you’re a supporter of organizations like TraceLabs, you’ll enjoy this video.
🎩 H/T: Ryan McBeth
🐦 Lady Gaga OPSEC Fail
Watch this case study on OPSEC failure. Online sleuths find Lady Gaga’s location through a landmark discovered in the reflection of her sunglasses.
🎩 H/T: zeddyinnit
🐦 Learn about compromised companies through SEC 8k forms
UnitedHealth Group was compromised. This can be validated by finding an 8k form they filed. This is an interesting method for monitoring passively to proactively discover leaks and breaches. I’ve included the source and the EDGAR search tool for reference.
🎩 H/T: VX Underground
Read on X… | 8k search tool (EDGAR)
OSINT Tools
🌟 Sponsor: Open Measures
An open source platform for investigations on extremism found on social networks.
Open Measures democratizes tools that identify online extremism and defend against offline harm. Search for and contextualize the spread of extremism and disinformation on social networks like Telegram, Gab, Rumble, and many more.
🔎 Domain Digger
Domain Digger is an easy-to-use domain lookup tool that shows you DNS, WHOIS, Certificates, and subdomains in a single screen.
🎩 H/T: Felix Wotschofsky
🔎 VCSO Spy
VSCO Spy reveals the hidden metadata within any VSCO image, providing valuable information for users.
🔎 Excalibur
Excalibur is a new OSINT tool in The OSINT Newsletter’s toolbox. Reverse search a Twitter profile to discover new images, biographies, display names, and more through accounts likely connected through Twitter SSO.
🗒️ For a detailed explanation of the research behind Excalibur, read issue #44.
✅ That’s it for the free version of The OSINT Newsletter. Consider upgrading to a paid subscription to support this publication and independent research.
By upgrading to paid, you’ll get access to the following:
⚡ Find the full name of a private LinkedIn account with an abbreviated display name
A simple method for validating you have the right person on LinkedIn
👀 All paid posts in the archive. Go back and see what you’ve missed!
🚀 If you don’t have a paid subscription already, don’t worry there’s a 7-day free trial. If you like what you’re reading, upgrade your subscription. If you can’t, I totally understand. Be on the lookout for promotions throughout the year.
Keep reading with a 7-day free trial
Subscribe to The OSINT Newsletter to keep reading this post and get 7 days of free access to the full post archives.