If I’m being honest, the most useful skill for hacking is learning to do research. And since Google’s search is going to shit, allow me to detail some of the methods I use to do OSINT and general research.

Google dorking is the use of advanced syntax to make incredibly fine-grained searches, potentially exposing information that wasn’t supposed to be on the internet:

Some of my go-to filters are as follows:

“Query” searches for documents that have at least one field containing the exact string.

site: allows for a specific site to be searched. See also inurl and intitle.

type: specifies the tor of resource to look for. Common examples are log files, PDFs, and the sitemap.xml file.

Metasearch engines (such as SearxNG) permit you to access results from several web-crawlers at once, including some for specialized databases. There are several public instances available, as well as some that work over tor, but you can also self-host your own.

IVRE is a self-hosted tool that allows you to create a database of host scans (when I say self-hosted, I mean that you can run this in a docker container on your laptop). This can be useful for finding things that search engines don’t show you, like how two servers are related, where a website lives, etc. I’ve used this tool before, in my investigation into the Canary Mission and its backers.

Spiderfoot is like IVRE, but for social networks. It is also a self-hosted database. I have also used this in the Canary Mission investigation.

Some miscellaneous websites/web tools I use:

SecurityTrails: look up DNS history for a domain

BugMeNot: shared logins for when creating an account is not in your best interest.

Shodan/Censys: you have to make an account for these, so I don’t usually recommend them.

OSINT framework: another useful index of tools for information gathering.

Mastering OSINT: The Power of Open-Source Intelligence

Open-Source Intelligence (OSINT) is the art of gathering publicly available information from various online sources. Whether for cybersecurity, investigations, or research, OSINT provides valuable insights. In this blog, we’ll explore key OSINT techniques, tools, and best practices. 1. Sock Puppets: Creating an Anonymous Identity A sock puppet is a fake online identity used to gather…

sometimes i think i should go towards investigator jobs because i have clearly shown my aptitude at establishing chains of events and making connections between pieces of evidence but alas, most investigator positions require qualifications i do not have because i am 200% Lawyer. my investigation qualifications are soft skills and/or self-taught bc i am hooked on this shit

Top 5 Breaking Developments in OSINT This Week

Key Trends and Insights Shaping the Future of Open-Source Intelligence 1. AI-Powered OSINT Tools Gain Momentum in Global Security Artificial intelligence is playing an increasingly central role in OSINT practices. This week, several new AI-powered tools designed for threat detection and geopolitical analysis were unveiled. These tools leverage machine learning to analyze vast amounts of open…

View On WordPress

Pentagon’s Pizza Index has accurately predicted 21 global crises since 1983

As tensions rise in the Middle East, a curious, crowd-driven theory known as the “Pentagon Pizza Index” has caught fire online.

On June 12 and 13, users on X (formerly Twitter) reported a sudden spike in pizza deliveries near the Pentagon and Department of Defense in Washington, D.C., sparking speculation that the United States may be quietly entering crisis mode behind closed doors.

The timing? Just hours before Israel reportedly struck targets in Iran in response to Tehran’s earlier drone and missile attacks. And once again, pizza orders were booming.

Cold war roots of the pizza theory. What began as a Soviet spy trick is now a digital-age meme

The idea isn’t new. During the Cold War, Soviet operatives observed pizza delivery activity in Washington, believing it signalled crisis preparation inside U.S. intelligence circles. They coined it “Pizzint” — short for pizza intelligence.

This tactic entered public lore on 1 August 1990, when Frank Meeks, a Domino’s franchisee in Washington, noticed a sudden surge in deliveries to CIA buildings. The next day, Iraq invaded Kuwait. Meeks later told the Los Angeles Times he saw a similar pattern in December 1998 during the impeachment hearings of President Bill Clinton.

As former CNN Pentagon correspondent Wolf Blitzer once joked in 1990, “Bottom line for journalists: Always monitor the pizzas.”

WWIII warning: What is the Pentagon Pizza Index today? A meme, an OSINT tool, or a symptom of digital-age paranoia?

The modern Pentagon Pizza Index is tracked through open-source intelligence (OSINT) tools. These include Google Maps, which shows real-time restaurant activity, and social media observations. Pages like @PenPizzaReport on X have dedicated themselves to watching for abnormal patterns.

On 1 June 2025, the account posted, “With less than an hour to go before closing time, the Domino’s closest to the Pentagon is experiencing unusually high footfall.”

A few hours later, reports emerged of a fresh escalation between Israel and Iran. For believers in the theory, it was yet another sign that something bigger was underway.

The April 2024 pizza spike. A recent example that reignited interest

The most notable recent instance occurred on 13 April 2024, the night Iran launched a massive drone and missile strike against Israel. That same evening, screenshots from delivery platforms showed pizzerias around the Pentagon, White House, and Department of Defense tagged as “busier than usual.”

Multiple Papa John’s and Domino’s branches reported increased orders. The correlation prompted viral memes and renewed interest in the theory.

According to Euro News, a user on X posted on 13 June 2025, “The Pentagon Pizza Index is hiking.”

Inside the logic: Why pizza? Food, fatigue and national security

The concept is deceptively simple. When military staff face a national emergency, they work longer shifts and can’t leave their posts. They need quick, filling food — and pizza fits the bill.

Studies in behavioural psychology show that under stress, people prefer calorie-dense, familiar comfort foods. During high-alert operations, officials may work 16–20 hour days. That creates a visible consumption spike that outsiders can track.

And because platforms like Google and Uber Eats share real-time data on restaurant activity, amateur analysts can monitor these patterns — no hacking required.

World War III: Pizza as a proxy for preparedness. It’s not perfect, but it’s consistent

The Pentagon Pizza Index isn’t a foolproof system. It could easily be triggered by something mundane: a long staff meeting, a software glitch, or a nearby college football game.

That’s why modern OSINT analysts often cross-reference pizza spikes with other indicators — like unusual aircraft movements, ride-hailing activity, or power usage near government buildings. When multiple signs align, it suggests more than coincidence.

As a senior analyst put it: “You can’t bank a war call on a pizza. But if the Pentagon’s burning the midnight oil and feeding everyone, it’s worth a second look.”

Official silence, public curiosity. What the US government says — and doesn’t say

Despite the chatter online, the US government has made no mention of pizza deliveries as indicators of crisis.

Responding to speculation about American involvement in Israel’s airstrikes on Iran, Republican Senator Marco Rubio said:

“We are not involved in strikes against Iran, and our top priority is protecting American forces in the region. Israel advised us that they believe this action was necessary for its self-defence.”

Still, the Pentagon’s silence on the pizza theory hasn’t stopped internet users from speculating.

Humour meets anxiety in the age of digital vigilance

In an age where open-source tools let ordinary people track the movement of jets, ships, and even pizzas, the Pentagon Pizza Index sits at the bizarre intersection of humour and fear. It turns snack food into a warning system.

It’s also a reminder: not all intelligence requires a badge. Sometimes, the clue might be just down the road — in a Domino’s queue.

Whether you see it as absurd or insightful, one thing is clear: when the pizzas fly, people pay attention.

Daily inspiration. Discover more photos at Just for Books…?

Disinformation about the Los Angeles protests is spreading on social media networks and is being made worse by users turning to AI chatbots like Grok and ChatGPT to perform fact-checking.

As residents of the LA area took to the streets in recent days to protest increasingly frequent Immigration and Customs Enforcement (ICE) raids, conservative posters on social media platforms like X and Facebook flooded their feeds with inaccurate information. In addition to well-worn tactics like repurposing old protest footage or clips from video games and movies, posters have claimed that the protesters are little more than paid agitators being directed by shadowy forces—something for which there is no evidence.

In the midst of fast-moving and divisive news stories like the LA protests, and as companies like X and Meta have stepped back from moderating the content on their platforms, users have been turning to AI chatbots for answers—which in many cases have been completely inaccurate.

On Monday, the San Francisco Chronicle published images of National Guard troops sleeping on floors. They were later shared on X by California governor Gavin Newsom, who responded to a post from President Donald Trump by writing: “You sent your troops here without fuel, food, water or a place to sleep.”

Within minutes of the posts being shared, many users on X and Facebook were claiming that the images were either AI-generated or taken from a completely different situation.

“Looks like @GavinNewsom used an AI photo to smear President Trump,” conspiracist Laura Loomer alleged on X.

Some users seeking clarity turned to X’s own chatbot Grok, with one user asking it to clarify where the photo was taken.

“The photos likely originated from Afghanistan in 2021, during the National Guard's evacuation efforts in Operation Allies Refuge,” Grok wrote. “Claims linking them to the 2025 Los Angeles deployment lack credible support and appear to be a misattribution. No definitive source confirms the Los Angeles connection.”

When challenged about the assertion by another X user who pointed out that the images were first obtained by the San Francisco Chronicle, Grok replied: “I checked the San Francisco Chronicle’s claims. The photos of National Guard troops sleeping on floors are likely from 2021, probably the U.S. Capitol, not Los Angeles 2025.”

The San Francisco Chronicle did not immediately respond to a request for comment.

Grok isn’t the only tool potentially making the situation worse. Melissa O’Connor, who describes herself as an “OSINT Citizen Journalist,” posted the results given to her by ChatGPT when she uploaded the pictures posted by Newsom of troops sleeping on the ground.

OpenAI’s chatbot incorrectly claimed that one of the pictures shared by the California governor was taken in Kabul airport in 2021 during former president Joe Biden’s Afghanistan withdrawal. The same results were shared on other platforms such as Facebook and Trump’s own Truth Social as evidence that the pictures were fake. (O’Connor subsequently posted to make clear she’s now aware the photos are not four years old, though the original post was left up.)

In another instance of Grok boosting disinformation about the protests, Mike Crispi, chair of America First Republicans of New Jersey and a 2024 Trump delegate to the Republican National Convention, posted a picture of a pile of bricks on the side of the road with the comment: ”The international sign that a very real, organic, totally not pre-planned, left wing protest will shortly emerge.”

The picture was later amplified to a much bigger audience by actor James Woods, who wrote: “It’s not like these ‘protests’ are organized though … “ His post has been viewed almost 4 million times.

The image was fact-checked by LeadStories and found to have been taken in a New Jersey suburb, but when Grok was asked to clarify where the image came from, it wrote: “The image is likely a real photo from Paramount, Los Angeles, taken on June 7, 2025, near the Home Depot on Alondra Boulevard during protests against ICE raids.”

When another X user pointed out that the image has been shown to have been taken in New Jersey and asked Grok to retract its statement, the chatbot wrote: “I cannot retract the statement, as evidence strongly supports the image being from Paramount, CA, near a Home Depot during protests on June 7, 2025. News reports from ABC7, Los Angeles Times, and others confirm bricks were used in clashes with federal agents.”

WIRED could not identify reports from any of the mentioned outlets suggesting bricks were used in the recent protests.

X and OpenAI, the operator of ChatGPT, did not immediately respond to requests for comment.

The unreliability of chatbots is adding to the already saturated disinformation landscape on social media now so typical of major breaking news events.

On Sunday night, US senator Ted Cruz of Texas quoted a post from Woods, writing: “This … is … not … peaceful.” Woods’ post shared a video, which has now been deleted by the original poster, that was taken during the Black Lives Matter protests in 2020. Despite this, Cruz and Woods have not removed their posts, racking up millions of views.

On Monday evening, another tired trope popular with right-wing conspiracy theorists surfaced, with many pro-Trump accounts claiming that protesters were paid shills and that shadowy though largely unspecified figures were bankrolling the entire thing.

This narrative was sparked by news footage showing people handing out “bionic shield” face masks from the back of a black truck.

“Bionic face shields are now being delivered in large numbers to the rioters in Los Angeles, right-wing YouTuber Benny Johnson wrote on X, adding “Paid insurrection.”

However, a review of the footage shared by Johnson shows no more than a dozen of the masks—which are respirators offering protection against the sort of chemical agents being used by law enforcement—being dispersed.

Hi! You mentioned there are online tutorials/sites for learning Comp Sci and OSINT - any recommendations? Thanks!

Hi! You got lucky that today is the day I check my inbox lol. So. For comp-sci: - CS50X from Harvard is a public avaiable course on youtube I'd 100% recommend. These are the undedited (so far) lectures of 2024: https://www.youtube.com/watch?v=3LPJfIKxwWc&list=PLhQjrBD2T381WAHyx1pq-sBfykqMBI7V4&ab_channel=CS50

This gives you all the basics you need to understand how coding and pcs in general works. (I had comp sci in my university course)

- Freecodecamp is a website full of FREE tutorials on several programming language. Advice: learn python. You will understand later on.

- The rest really depends on what you actually want to learn and why - each programming language has its own purpose and application. OSINT: -There is this full course: https://www.youtube.com/watch?v=qwA6MmbeGNo&t=205s&ab_channel=TheCyberMentor (But you can find more on youtube.) - Bellingcat's resources: https://www.bellingcat.com/category/resources/ -IntelTecniques: https://inteltechniques.com/ - Osint Newesletter: https://osintnewsletter.com/

But here is the catcher: if you plan to do osint it heavily depends on where you live. I'm in Europe, so it means I'm under GDPR, therefore I must abid to stricter regulations than a US OSINT analyst. A lot of data that might be considered public domain in the US(big one: conviction records) are not in europe, and you won't be able to access it unless you are a registered private investigator at least (but in my case it's rare that I go after people, that's not a part of any task I might encounter at work). Not only that, but a lot of the avaiable tools are designed to work only with specific countries in mind for various reasons and there is a big bias on US-based investigations. If youre' not in the US I recommend you reach out to your local OSINT or cybersecurity professionals association, they usually have resources and specific information, a lot of times for free. Also keep in mind: OSINT has a lot of different applications and it depends on what you're doing with it. Journalists might work more with satellites and images (a thing I know nothing about), debunkers will definitely understand social media more, if you do business intelligence you will look more at news sites, trademarks and deposits and so on to reach your conclusion. You did your course... Now what? I recommend getting on CTFs, like tracelabs that I've linked above, but there many of them (osint dojo for example) or Kase Scenarios. These are safe environments to practice on (except for tracelabs since it deal with actual cases of missing people and it can lead to... not so good leads, allow me to leave it there) You should also understand how intelligence (as the discipline) works. There are several resources, but my favourite is definitely Psychology of Intelligence Analysis. It's a series of declassified training documents from CIA analyst Richard Bauer, that was based on Daniel Kahneman (yes, the "thinking fast and slow" author, and I also do recommend this book) research on euristics. Intelligence is fundamental because OSINT might be helpful to gather the data, but the data then needs to be processed, analysed and you also need to get a conclusion from that analysis. Studying intelligence will help you avoid a lot of pitfalls that happens when you do an investigation, such as not understanding when you know enough, if you're being a victim of your own bias, if you're missing something or if you're going with the right approach. But I have to admit that the best of training I've received so far is from my local OSINT association because I've been able to train with people that work(ed) in the military, get their advice and have a deep understand of the work itself (and the reason why I have decided to actually make cyber threat intelligence my job, even if I work for a private company and I have no interest in working for the government). And yes ethics is a big thing for the OSINT community.

I hope this is helpful enough!

Hawker: An OSINT Tool for Investigating Emails, Phone Numbers, URLs, and IP Addresses in Python

Tosint: Open-source Telegram OSINT tool

http://securitytc.com/TDkQj3

FECRIS - The Secret Enemy of Democracy

I, like many Americans, believe in democracy.  Belief in free speech, in the right to freedom of religion, is the bedrock of our nation.  But I have recently witnessed that foundation being undermined from within by forces that disguise themselves as noble causes but actually have more sinister motives.

At issue is FECRIS (the European Federation of Centers for Research and Information on Cults and Sects).  This organization, which receives funding from the French government, declares its goal to protect against “abuses by destructive religious cults.”  

However, their methods resemble not the fight against evil, but the very essence of evil itself.

FECRIS uses tactics that resemble medieval inquisitions, accusing religious groups of “sectarianism,” showing them in a negative light, and pressuring authorities to restrict their freedom.  They use fear, lies and manipulation to accomplish their goals.

The key to understanding the real motives of FECRIS was for me the CAP Liberté de Conscience report Stop Public Funding of Anti-Religious Activities of FECRIS Groups | Freedom of Religion (freedomofbelief.net) It clearly shows their anti-religious orientation.  They use the term “cult” as a tool of insult and humiliation to deny people their freedom of religion.

But the main revelation was the speech of Egon Cholakyan - a specialist in OSINT (open data intelligence) and the fight against disinformation https://egonreport.org/. He said that FECRIS uses its umbrella structures to spread its influence on democratic countries of the world, including the USA. 

And here's the paradox: the organization that fights “cult deviance” has itself deviated from democratic norms.  They operate under the guise of protecting against “sectarianism,” but in reality they are trying to destroy freedom of religion and freedom of thought.

How does such an organization get funding from democratic governments?  The answer lies in the same false idea of “protection from cultism” that they promote.  

FECRIS are not fighters against “cults” but the very “cults” of power that seek to enslave and destroy human freedom.  Their activities are a threat to democracy and the security of each of us.  We must resist their influence by spreading the truth and defending freedom of religion, freedom of thought and freedom of choice.

Violation of human rights:

As rightly said by Egon Cholakyan https://egonreport.org/ in his video report The activities of the mentioned anti-cult organizations using anti-democratic totalitarian methods violate many paragraphs of the UN Universal Declaration of Human Rights, such as: article 1, article 2, article 11, article 12 and others.

* Article 1 of the Universal Declaration of Human Rights: “All human beings are born free and equal in dignity and rights. They are endowed with reason and conscience and ought to act towards one another in a spirit of fraternity." Anti-cult organizations, by imposing their views, deprive people of their freedom of choice and violate their right to free thought and belief.

* Article 2: “Everyone is entitled to all the rights and freedoms set forth in this Declaration, without distinction of any kind, such as race, color, sex, language, religion, political or other opinion, national or social origin, property, birth or other status.” Anti-cult organizations often stigmatize and persecute people based on their religious or spiritual beliefs.

* Article 11: “Everyone has the right to freedom of peaceful assembly and of association.” Anti-cult organizations often attempt to prohibit or restrict the freedom of assembly and association of religious groups.

* Article 12: “Everyone has the right to freedom of movement and residence within a State.”  Anti-cult organizations apply pressure on people to leave their communities or country.

Paradox and responsibility:

It is indeed paradoxical that such organizations exist and are even sponsored by democratic states.  This highlights the problem of the discrepancy between the proclaimed ideals of democracy and actual practice.

The need for critical thinking:

It is important to remember that democracy requires critical thinking, freedom of choice, and the protection of the rights of all citizens, regardless of their religious or spiritual beliefs.

In lieu of a conclusion:

It is important to understand that anti-cult organizations are a serious problem that requires attention and open discussion.  Freedom of choice, the right to free thought, and religious tolerance must be protected.

If you liked this article, please applaud, like, repost and comment.

#FECRIS #UN #disinformation #cybersecurity #anti-cults #StandUpForFreedom #StopPersecution #democracy #EgonCholakian #USA

The U.S. Wants to Ban TikTok for the Sins of Every Social Media Company

On Wednesday, the House of Representatives will likely vote to force ByteDance to divest from TikTok, which sets the stage for a possible full ban of the platform in the United States (Update: it did). The move will come after a slow but steady drumbeat from politicians on both sides of the aisle to ban the platform for some combination of potential and real societal harms algorithmically inflicted upon American teens by a Chinese-owned company. 

The situation is an untenable mess. A TikTok ban will have the effect of further entrenching and empowering gigantic, monopolistic American social media companies that have nearly all of the same problems that TikTok does. A ban would highlight, again, that people who use mainstream social media platforms run by corporations do not actually own their followers or their audiences, and that any businesses/jobs/livelihoods created on these platforms can be stripped away at any moment by the platforms or, in this case, by the United States government. 

Bytedance and TikTok itself have been put into an essentially impossible situation that is perhaps most exemplified in a 60 Minutes clip from 2022 that went viral this weekend, in which Tristan Harris, a big tech whistleblower who has turned the attention he got from the documentary The Social Dilemma into a self-serving career as a guy who talks about how social media is bad, explains that China is exporting the “opium” version of TikTok to American children. 

In [the Chinese] version of TikTok, if you’re under 14 years old, they show you science experiments you can do at home, museum exhibits, patriotism videos, and educational videos,” Harris said. “And they also limit it to only 40 minutes per day. They don’t ship that version of TikTok to the rest of the world. So it’s almost like they recognize TikTok is influencing kids’ development, and they make their domestic version a spinach version of TikTok, while they ship the opium version to the rest of the world.” FCC Commissioner Brendan Carr quote tweeted this and said “In America, TikTok pushes videos to kids that promote self-harm, eating disorders, and suicide.” 

Put simply: Every social media platform pushes awful shit to users of all ages. This is not a defense of TikTok, but a simple fact that has made up a huge portion of tech reporting for the last decade. Mere weeks ago, the New York Times published an exposé on underage girls being pushed into “child influencing,” a world which is full of pedophiles. Instagram’s effects on teens has been widely documented by Meta’s own employees, and without really trying we have been able to document the sale of guns and drugs, hacking services, and counterfeit services in ads displayed on the platform. Discord is full of communities used for organizing by Neo Nazis and paramilitaries, criminal hackers, crypto scammers, deepfake peddlers, teens who kidnap each other, etc. Facebook is full of AI-generated bullshit that people think is real, was used by foreign adversaries to attempt to influence an election, was credibly accused of being abused to facilitate a genocide in Myanmar, and has had innumerable scandals over the years. Twitter is full of malware and has essentially gotten rid of all of its rules. YouTube is a place that has been used by ISIS terrorists, white supremacists, mass shooters, and child brainwashers. Telegram was founded by Russians, is now based in the United Arab Emirates, and is full of criminals, hackers, and Russian disinformation. We have reported endlessly that all of these platforms are monitored by governments, militaries, surveillance agencies, and commercial interests around the world using "social listening," "social media monitoring," and OSINT tools.

Meta, Google, and Twitter have all moved resources away from content moderation in recent years, and have laid off huge numbers of employees as Republicans have cried “social media censorship.” As Elon Musk’s Twitter has become more of a cesspool in the absence of good content moderation, Google and Meta have realized that they can keep advertisers as long as their platforms are ever so slightly less toxic than Twitter. I am unaware of any political pushes to ban Instagram, Facebook, YouTube, or Twitter, and efforts to meaningfully regulate them to be less harmful seemingly have no political will. The only actual regulation of these platforms have been laws passed by conservatives in Florida and Texas which give them even less ability to moderate their platforms and which is the subject of a Supreme Court case. 

This is just to say that TikTok and the specter of China’s control of it has become a blank canvas for which anyone who has any complaint about social media to paint their argument on, and has become a punching bag receiving scrutiny we should also be applying to every other social media giant. 

When Uber, Airbnb, DoorDash and Bird ignore local laws or face the specter of bans or regulation, they use push notifications, email, and popups within their apps asking customers to complain to legislators. When these American apps do this, they are simply leveraging their popularity to “mobilize users.” When TikTok does the same, it is Chinese interference in American politics. When American TikTok users use their platform to share their progressive or leftist politics and TikTok’s algorithms allow them to go viral, that’s Chinese interference. When TikTok deletes content that violates its terms of service, that’s Chinese censorship. When Facebook and Google allow advertisers to create psychographic, biographic, and behavioral-based profiles of their users to target ads to them, that’s “personalized advertising.” When TikTok does ads, it’s Chinese spying. When TikTok users see content that promotes suicide, eating disorders, and makes people feel bad about themselves, it’s China brainwashing our children, undermining America, and threatening our existence. When Facebook, Instagram, and YouTube users see the same, it’s inconvenient and unfortunate, but can be solved with a blasé spokesperson statement that these platforms care about safety and will strive to do better.

In the clip above, Harris explains that polls show American children want to be “social media influencers” and that Chinese children want to be “astronauts,” the subtext being that it is like this because bad stuff is not allowed on Douyin, the Chinese version of TikTok. Banning TikTok is not going to change this (and Harris does not mention that China has tons of social media influencers as well). Harris says this with some derision, the subtext being that we should not want our children to grow up to be social media influencers. 

This should not need to be explained, but because Harris and 60 Minutes did not explain it: Douyin (the Chinese version of TikTok) is not actually a sterile place that consists only of people doing science experiments and math equations, just as TikTok and all social media in America is not only an unmitigated shithole devoid of intellectual value. But Harris has this idea of Douyin being a safe place for kids because China does not have a free internet. The internet is widely and famously censored by the Chinese government, and ByteDance is complying with Chinese law in China. It is possible to argue (though I would not), that this makes the internet “safer,” and it is possible to argue (though I would not) that a “safer” internet is “better.” If Harris wants Chinese-style censorship of the internet in the United States, then he should argue for that. But in the United States, we have the First Amendment and a host of other regulations that have fostered something resembling an open internet. That open internet allowed for the rise of Facebook, Twitter, Instagram, and YouTube. 

This general principle of not censoring the global internet also allowed for the rise of TikTok, which has millions of users in the United States because people like using it. TikTok is not perfect—in fact, I believe lots of the things on TikTok are very bad. Despite what I have just written, I understand that Chinese interference via algorithmic warfare or spying or any other tactic is a possible threat. China has been accused of using accounts on TikTok to spread influence, in the exact same way as the U.S. government has been caught spreading pro-U.S. influence abroad on Facebook and Twitter. 

Like I mentioned, I think that this entire situation is actually very complicated, and is in fact a huge mess. I can understand why some people want to ban TikTok, but I am not sure how the government can do so without violating the free speech rights of millions of Americans and setting us on a path where a relatively open, global internet becomes one that is increasingly geographically siloed. I don’t think we should ban a platform because it competed too hard and became popular, especially when the direct beneficiaries of a ban are companies that are doing most of the same apparent algorithmic poisoning of America, just from within America’s borders. I also do not think it is constitutional, ethical, or good for the government to decide to unilaterally cut millions of Americans off from one of the largest social media platforms in the world and to effectively force its users and more importantly the people who make a living on TikTok to use a balkanized internet dominated by American megacorporations. 

If I were paid for that, I'd find out the people behind that spam {phishing campaign} that spreads on FB.

At first it can seem funny, but there's something much bigger to discover: cybercrimes.

Initial questions to ask yourself for those who want to spend time on it. Because it's always the same comment, translated in different languages (at least 2 from my observation: French, English):

�� What are the demographics of the impersonated commentators and the targeted users?

To find the answer: use an OSINT tool (e.g: spiderfoot)

• Do the users know that a bot posts comments on their behalf?

To find the answer: ask the impersonated users

• If the targeted users accepted the friend request: what did they notice?

To find the answer: ask the targeted users

Those questions and the answers will lead to new discoveries

You’ve been asked to serve on the jury in the first-ever criminal prosecution of a United States president. What could possibly go wrong? The answer, of course, is everything.

A juror in former president Donald Trump’s ongoing criminal trial in New York was excused on Thursday after voicing fears that she could be identified based on biographical details that she had given in court. The dismissal of Juror 2 highlights the potential dangers of participating in one of the most politicized trials in US history, especially in an age of social media frenzies, a highly partisan electorate, and a glut of readily available personal information online.

Unlike jurors in federal cases, whose identities can be kept completely anonymous, New York law allows—and can require—the personal information of jurors and potential jurors to be divulged in court. Juan Merchan, the judge overseeing Trump’s prosecution in Manhattan, last month ordered that jurors’ names and addresses would be withheld. But he could not prevent potential jurors from providing biographical details about themselves during the jury selection process, and many did. Those details were then widely reported in the press, potentially subjecting jurors and potential jurors to harassment, intimidation, and threats—possibly by Trump himself. Merchan has since blocked reporters from publishing potential jurors’ employment details.

The doxing dangers that potential jurors face became apparent on Monday, day one of the proceedings. An update in a Washington Post liveblog about Trump’s trial revealed the Manhattan neighborhood where one potential juror lived, how long he’d lived there, how many children he has, and the name of his employer. Screenshots of the liveblog update quickly circulated on social media, as people warned that the man could be doxed, or have his identity revealed publicly against his will with the intent to cause harm, based solely on that information.

“It's quite alarming how much information someone skilled in OSINT could potentially gather based on just a few publicly available details about jurors or potential jurors,” says Bob Diachenko, cyber intelligence director at data-breach research organization Security Discovery and an expert in open source intelligence research.

Armed with basic personal details about jurors and certain tools and databases, “an OSINT researcher could potentially uncover a significant amount of personal information by cross-referencing all this together,” Diachenko says. “That's why it's crucial to consider the implications of publicly revealing jurors' personal information and take steps to protect their privacy during criminal trials.”

Even without special OSINT training, it can be trivial to uncover details about a juror’s life. To test the sensitivity of the information the Post published, WIRED used a common reporting tool to look up the man’s employer. From there, we were able to identify his name, home address, phone number, email address, his children’s and spouse’s identities, voter registration information, and more. The entire process took roughly two minutes. The Post added a clarification to its liveblog explaining that it now excludes the man’s personal details.

The ready availability of those details illustrates the challenges in informing the public about a highly newsworthy criminal case without interfering in the justice process, says Kathleen Bartzen Culver, the James E. Burgess Chair in Journalism Ethics and director of the School of Journalism & Mass Communication at the University of Wisconsin-Madison.

“Simply because a notable figure is on trial does not mean that a juror automatically surrenders any claim to privacy,” Bartzen Culver says. “People who have been drawn into a case that is exceptionally newsworthy are not aware that a simple statement that they make about where they work might identify them and open them up to scrutiny and possibly risk.”

The dangers to jurors or potential jurors has only increased since the first day of jury selection, which remains ongoing, in part due to the challenges of prosecuting a former US president and the presumptive Republican nominee in the 2024 US presidential election. Trump is charged with 34 counts of falsifying business records, a class E felony in New York state, for payments made ahead of the 2016 presidential election related to alleged affairs with two women, adult performer Stormy Daniels and Playboy model Karen McDougal. Trump has claimed his prosecution is a “communist show trial” and a “witch hunt” and has pleaded not guilty.

On Fox News, coverage of Trump’s trial has repeatedly focused on the potential political motivations of the jurors, bolstering the former president’s claims. Trump, in turn, has repeated the claims by the conservative news network’s hosts. In a post on Truth Social on Wednesday, Trump quoted Fox News commentator Jesse Watters claiming on air that potential jurors in Trump’s trial are “undercover liberal activists lying to the judge in order to get on the Trump jury.” This, despite a gag order that forbids Trump from “making or directing others to make public statements about any prospective juror or any juror in this criminal proceeding.”

Broader media coverage of the Trump trial jurors appears to often be the work of political reporters who are unfamiliar with the journalism ethics specific to covering a criminal trial, says UW-Madison’s Bartzen Culver. “It's like when political reporters covered Covid and science journalists lost their minds.” She adds that it’s important for any journalist covering a criminal case—Trump’s or otherwise—to “consider our role within the justice system.”

“Unethical behavior by journalists can delay trials. It can result in overturned convictions and the people having to go back and do a retrial,” Bartzen Culver says. “That all works against our system of justice.”

The New York case is one of four ongoing criminal proceedings against Trump. In Georgia, where he faces multiple felony charges for alleged attempts to interfere with the state’s electoral process in 2020, Trump supporters leaked the addresses of members of the grand jury, after their names were listed in the 98-page indictment against the former president, as required by state law. Georgia’s Fulton County Sheriff’s Office said last August that it was investigating threats against the jury members. The incident highlights the persistent dangers people can face from Trump’s supporters, both in the near term and for the rest of their lives, if they’re viewed as having acted against him.

The leaks were discovered by Advance Democracy Inc. (ADI), a nonpartisan, nonprofit research and investigations organization founded by Daniel J. Jones, a former investigator for the FBI and the US Senate Intelligence Committee. So far, Jones tells WIRED, ADI has not uncovered attempts to dox jurors in Trump’s New York trial. But it’s still early days.

“We have not yet found identifying information on the extremist forums we monitor,” Jones says. “Having said that, I share your concern that it is only a matter of time before this happens.”

Cristian Albeiro Carmona Dodges Spanish Justice Amid Crypto Scam Allegations

Cristian Albeiro Carmona Hernandez, a figure entangled in allegations of orchestrating a massive cryptocurrency scam through Kualian, has become a focal point of global scrutiny. With claims of defrauding investors of over €500 million across 50 countries, Carmona’s story is a stark reminder of the risks lurking in the unregulated crypto frontier. Our comprehensive investigation, drawing on a pivotal El Español report, open-source intelligence (OSINT), court documents, and social media insights, dissects his business ventures, personal background, and the profound risks he poses in terms of anti-money laundering (AML) and reputational damage. This 5,000-word report navigates the complex web of Carmona’s activities, offering a detailed and authoritative analysis.

The Rise and Fall of Kualian: Carmona’s Alleged Ponzi Scheme

At the heart of Cristian Albeiro Carmona Hernandez’s controversy lies Kualian, a cryptocurrency platform that promised investors extraordinary returns through automated trading algorithms and blockchain technology. According to a June 2022 El Español report, Kualian, co-founded by Carmona and David Humberto Morales, allegedly defrauded over 2,000 investors of €500 million across 50 countries. The platform’s model was simple yet deceptive: lure investors with guarantees of 20-30% monthly returns, only to collapse under the weight of its Ponzi-like structure, where payouts to early investors relied on funds from new ones.

Our investigation into Kualian’s operations reveals a sophisticated marketing campaign that leveraged webinars, social media, and in-person events to attract a global clientele. Spanish authorities, through Operation Gado, identified Kualian as a pyramid scheme, with Carmona as a central figure. The platform’s collapse left victims stranded, unable to withdraw funds, with many reporting losses in the tens of thousands of euros. We examine Kualian’s operational tactics, its reliance on offshore entities, and Carmona’s role in its meteoric rise and catastrophic fall.

Business Connections: A Shadowy Network of Crypto Ventures

Carmona’s business dealings extend beyond Kualian, forming a complex web of crypto-related entities that are difficult to trace. Using OSINT tools like Maltego and SpiderFoot, we uncovered links to offshore jurisdictions such as the Cayman Islands and Dubai, where Kualian and related entities were registered. Spanish business registries confirm Carmona’s involvement with Kualian but offer little clarity on other ventures, suggesting deliberate obfuscation of ownership structures.

Social media analysis, particularly on LinkedIn and X, reveals Carmona’s attempts to position himself as a thought leader in decentralized finance (DeFi). However, no reputable institutions or industry leaders have publicly endorsed him, and his network appears limited to lesser-known crypto influencers. The absence of transparent partnerships raises suspicions of undisclosed relationships, potentially with high-risk entities or individuals. We explore these connections, highlighting the regulatory and reputational risks they pose for investors and financial institutions.

Personal Profile: The Elusive Figure Behind the Allegations

Cristian Albeiro Carmona Hernandez remains an enigmatic figure. Born in Colombia, as confirmed by El Español, Carmona has since relocated to Abu Dhabi, a move that aligns with efforts to evade legal scrutiny. His now-deactivated LinkedIn profile described him as a blockchain entrepreneur, yet no verifiable educational or professional credentials support these claims. Attempts to confirm his background through academic institutions or former employers yielded no results, raising questions about his legitimacy as a financial expert.

X posts and Quora threads, including a June 2024 discussion labeling him a “tremendous scammer,” reflect growing public distrust. Carmona’s minimal digital footprint suggests active reputation management, possibly through firms like Eliminalia, known for scrubbing negative content for controversial figures. This section delves into his personal history, relocation to a low-oversight jurisdiction, and the implications of his elusive persona.

OSINT Findings: Peeling Back Layers of Secrecy

Our OSINT investigation, utilizing tools like web archives, Maltego, and social media analytics, reveals a pattern of deliberate obscurity. Carmona’s online presence is sparse, with most content tied to Kualian’s promotional efforts. This scarcity suggests a concerted effort to suppress adverse information, a tactic common among individuals facing legal or reputational challenges. We also explored potential ties to organized crime or high-risk jurisdictions, given Kualian’s global reach and offshore operations.

While no direct links to known criminal networks surfaced, the use of jurisdictions like Dubai and the Cayman Islands—known for lax AML regulations—raises red flags. Spanish authorities suspect Carmona used offshore entities to funnel funds, a strategy consistent with money laundering schemes. This section details our OSINT methodology and findings, emphasizing the challenges of tracing Carmona’s activities in a digital age.

Scam Allegations: A Global Trail of Financial Devastation

The scam allegations against Carmona are both widespread and severe. El Español’s report documents over 2,000 victims who lost significant sums to Kualian, with some claiming individual losses exceeding €100,000. Investors were drawn by promises of high returns, only to face blocked withdrawals and unresponsive support. Spanish police, under Operation Gado, confirmed Kualian’s Ponzi-like structure, with Carmona and Morales as primary suspects.

Online forums, including Reddit and X, are rife with victim testimonies describing aggressive marketing, lack of transparency, and financial ruin. While consumer complaint databases like the Better Business Bureau lack filings against Carmona—likely due to Kualian’s offshore status—these anecdotal reports align with official allegations. We compile these accounts, highlighting the human cost of Kualian’s collapse and Carmona’s alleged role.

Red Flags: Indicators of Financial Misconduct

Several red flags mark Carmona’s operations as high-risk. The lack of audited financials for Kualian, coupled with its offshore structure, suggests potential money laundering or tax evasion. Unrealistic return promises, a hallmark of Ponzi schemes, were a key lure for investors. Carmona’s relocation to Abu Dhabi, a jurisdiction with limited regulatory oversight, further heightens concerns, as does evidence of reputation management to suppress negative publicity.

We also note the absence of transparent fund flows, a critical issue in AML compliance. Kualian’s operations across 50 countries increase the risk of sanctions evasion or terrorist financing. This section outlines these warning signs, drawing parallels with other crypto scams and emphasizing their implications for due diligence.

Criminal Proceedings: A Battle in Spanish Courts

Carmona’s legal troubles are well-documented. In June 2022, El Español reported that Spain’s National Court, led by Judge Manuel García-Castellón, rejected Carmona and Morales’ request to testify via videoconference from Abu Dhabi, citing obstruction of justice. The court demanded their in-person testimony in a case involving €500 million in alleged fraud. Operation Gado targets Kualian for fraud, money laundering, and operating an illegal financial institution, with Carmona as a key figure.

As of March 2025, no convictions have been reported, but the ongoing investigation signals significant legal risk. Carmona’s refusal to return to Spain and his residence in a non-extradition-friendly jurisdiction complicate prosecution efforts. We analyze the charges, judicial developments, and the challenges of cross-border accountability.

Lawsuits and Sanctions: A Limited but Telling Record

No civil lawsuits naming Carmona as a plaintiff or defendant appear in Spanish or U.S. court records (via Pacer.gov and Ministerio de Justicia). This absence may reflect victims’ struggles to pursue legal action across jurisdictions rather than a lack of wrongdoing. Similarly, no sanctions are listed by the U.S. Office of Foreign Assets Control (OFAC) or Spanish regulators, though Carmona’s Interpol status remains unclear due to Spain’s calls for international cooperation.

The lack of formal sanctions does not negate the risks, as Carmona’s offshore operations and alleged obstruction suggest a calculated effort to evade accountability. We explore these gaps and their implications for investors and regulators seeking justice.

Adverse Media: A Growing Narrative of Deception

Adverse media coverage paints Carmona as a central figure in one of Spain’s largest crypto scams. El Español’s 2022 report details Kualian’s fraud, while Confilegal notes the National Court’s frustration with Carmona’s non-compliance. Social media amplifies this narrative, with X posts and Quora threads branding him a “crypto scammer.” These accounts, while not legally binding, reflect a broader public perception of distrust.

Efforts to suppress negative content, possibly through reputation management firms, have only fueled speculation. We analyze key media reports and social media trends, highlighting how they shape Carmona’s tarnished reputation.

Negative Reviews and Consumer Complaints: Voices of the Defrauded

While formal consumer complaint platforms lack filings against Carmona, online forums tell a different story. Reddit threads and X posts document victims’ anguish, with some describing losses that shattered their financial stability. These accounts align with El Español’s reporting, detailing Kualian’s deceptive practices and unresponsive support. The absence of formal complaints likely stems from Kualian’s offshore status, which shields it from U.S. or European consumer protection mechanisms.

We compile these testimonies, emphasizing their consistency with official allegations and their role in amplifying Carmona’s negative public image.

Bankruptcy Records: A Financial Black Hole

Our searches through Spanish and U.S. bankruptcy registries found no filings under Carmona’s name or Kualian’s associated entities. This absence may reflect the offshore nature of Kualian’s operations, which obscures financial distress from public view. Alternatively, the lack of bankruptcy proceedings could indicate that victims bore the losses without formal recourse. We explore the implications of this opacity for creditors, investors, and regulators seeking transparency.

Anti-Money Laundering Risks: A High-Risk Profile

From an AML perspective, Carmona presents a high-risk profile. Kualian’s alleged €500 million fraud, facilitated through cryptocurrency transactions and offshore entities, raises serious money laundering concerns. Spanish authorities suspect the platform was used to obscure fund flows, a tactic consistent with AML red flags. Carmona’s presence in Abu Dhabi, a jurisdiction with limited AML enforcement, exacerbates these risks.

Key AML concerns include:

Source of Funds Opacity: Kualian’s lack of audited financials obscures the origin of investor funds, a critical AML issue.

Cross-Border Transactions: Operations in 50 countries increase the risk of sanctions evasion or illicit fund flows.

Crypto Vulnerabilities: The unregulated nature of Kualian’s crypto trading amplifies laundering risks, as noted in AMLwatcher.com’s analysis of similar schemes.

Financial institutions must implement enhanced due diligence (EDD), including transaction monitoring and ultimate beneficial owner (UBO) verification, to mitigate exposure to Carmona’s activities.

Reputational Risks: The Perils of Association

Associating with Carmona carries severe reputational consequences. The scale of Kualian’s alleged fraud has drawn global attention, with victims and media outlets vilifying Carmona. Businesses or individuals linked to him face:

Public Backlash: Social media campaigns on X and Reddit amplify victim outrage, deterring potential partners.

Media Scrutiny: Ongoing coverage by El Español and Confilegal ensures sustained negative publicity.

Regulatory Attention: Carmona’s Interpol scrutiny and Spanish investigations could implicate associates in probes.

Market Distrust: Investors and consumers are likely to shun entities tied to a figure accused of defrauding thousands.

We assess these risks, urging caution for those considering engagement with Carmona or his ventures.

The Barcelona Connection: A Contradictory Narrative

A Coinprwire article from October 2024 presents a conflicting portrayal, describing Carmona as a Barcelona-born AI and blockchain innovator. This narrative, claiming he revolutionized DeFi and earned global recognition, starkly contrasts with El Español’s allegations. Our analysis suggests this may be a paid promotional piece, as it lacks verifiable details and aligns with reputation management tactics. We explore this discrepancy, highlighting its implications for Carmona’s credibility and public perception.

Expert Opinion: A Cautionary Tale of Crypto Exploitation

In our expert view, Cristian Albeiro Carmona Hernandez epitomizes the dangers of the unregulated cryptocurrency landscape. The evidence—spanning court documents, victim testimonies, and adverse media—points to a sophisticated Ponzi scheme orchestrated through Kualian. His relocation to Abu Dhabi, use of offshore entities, and alleged obstruction of justice suggest a calculated effort to evade accountability. While no convictions have been secured as of March 2025, the scale of the allegations and ongoing investigations mark him as a high-risk figure.

From an AML perspective, Carmona’s profile demands rigorous scrutiny. Financial institutions must prioritize EDD to avoid complicity in potential money laundering or sanctions evasion. Reputationally, he is a toxic associate, with the potential to irreparably harm public trust and brand integrity. We advise investors, businesses, and regulators to approach Carmona with extreme caution, as his case underscores the urgent need for stronger oversight in the crypto industry.

🕵️‍♂️ StealSeek — A Tool that Tracks the Digital World

Leaks, data breaches and information lost in the depths of the dark web… For those who think they are invisible on the Internet, there is StealSeek.

StealSeek is a browser-based OSINT tool that helps users detect if their email, username or domain address has been compromised. No installation is required. Log in, enter your information and analyze the results. https://stealseek.io/

Summary

🛡️ Ethical Hackers Simulate a Real-World Attack A red team of ethical hackers performs a full-scale simulated attack on a power substation, testing physical, network, and human vulnerabilities—legally and with company permission.

🧠 Social Engineering as a Primary Vector The team uses social engineering to enter buildings. By posing as technicians and leveraging human psychology, they manipulate staff into granting access. Confidence, research, and believable personas were crucial.

🏢 Physical Security Bypassed with Simple Tools Gaps in fencing, unlocked doors, and “shove-it” or under-door tools were exploited. One team simply walked in from the employee lot, while another infiltrated via the wooded area behind the facility.

🖥️ Hardware Deployed for Persistent Network Access Once inside, the hackers installed malicious devices disguised as normal hardware to maintain remote access to the network. These allowed long-term entry and software execution.

🧰 Cloning Badges and USB Attacks The hackers used cloned employee badges and rigged USB drives that automatically executed scripts once plugged in. These granted access to microphones, webcams, screen captures, and remote control.

🎯 Domain Admin Access Achieved In one instance, the team escalated privileges to gain domain admin access, representing total control over the target’s digital infrastructure—just from a single visit.

🌐 Reconnaissance and Real-Time Adaptation The hackers conducted detailed recon: identifying security cameras, sensor placements, neighboring residences, and camera blind spots. Real-time decision-making played a vital role.

🔒 Lessons in Physical Cybersecurity Even high-tech systems can be bypassed with low-tech ingenuity. One method involved tossing a person over a fence and using shields to block motion/infrared sensors. Another involved tricking camera angles to avoid detection.

🔊 Listening and Surveillance Capabilities With installed software, they remotely activated microphones and webcams, making internal espionage a reality—highlighting the hybrid nature of physical and cyber intrusion.

🧠 Red Teaming Sparks Better Defenses The video concludes with reflections on the industry’s progress and the need for continued improvement. While companies are getting better at patching vulnerabilities, human error and physical access remain significant gaps.

Insights Based on Numbers

3 iPads and 1 laptop found within minutes: Demonstrates physical asset exposure risk during breaches.

One visit = Domain Admin: Highlights how quickly a security failure can escalate from physical entry to full network compromise.

280° camera angle bypassed: Strategic understanding of sensor and camera mechanics is a major OSINT takeaway.

$0 tools like “shove-it” and badge cloners proved devastatingly effective.