Olivia
Online
Francesco Poldi
@noneprivacy
🔍👀 Senior Open Source Intelligence Developer and Researcher.
🔑👤 Privacy is a Human Right.
Phantásien
Joined June 2014
387 Following
4K Followers
4.9K Posts
Pinned Tweet
Hi internet, here to assure you:
- no leak
- no exploit
- no vulnerabilities
- yes bugs that are nice to be addressed
- remember to not click / tap on links
Thank you, stay safe
ONE-CLICK TELEGRAM IP ADDRESS LEAK!
In this issue, the secret key is irrelevant. Just like NTLM hash leaks on Windows, Telegram automatically attempts to test the proxy. Here, the secret key does not matter and the IP address is exposed.
Example of a link hidden behind a username:
[@nickname](https://t.co/wNqkQaV2LQ)
Funny is that this works nice with links generated via the mobile client (latest iOS) through the option "share". If you use another client (e.g.: the App Store one) the protocol is "tg" and not "https", therefore Telegram asks you first if you want to browse before rendering.
TLDR; no exploits or vulnerabilities, just "features"
Hi there, sorry to ruin the party but...
1. create a proxy (use pproxy, a free Python lib)
2. create a link bearing proxy settings
3. tap on it
4. see logs
‼️Telegram has a vulnerability that allows proxy bypass by sending a link disguised as a username
When the victim clicks the mentioned username, they connect to the specified proxy, exposing their IP address.
Who to follow
Trace Labs
@TraceLabs
NFP with the mission of #crowdsourcing OSINT to help find #missingpersons while training members in the tradecraft of #OSINT | Contact us at [email protected]
AndyF1
@intelligence_i1
"#OSINT is like a gun, when you wave it around, people think you will use it."
Jason Edison
@ding0snax
OSINT, Cyber-Crime/Technical Investigations
Check out our factsheets of veraAI results and services that were developed and/or enhanced in the course of the project. There are 15 listed so far, with more to come.
#disinformation detection, #ArtificialIntelligence, #NetworkAnalysis, #DataScience
👇
https://t.co/n7Hrq3maEk
.@anicanaca of veraAI partner @DisinfoEU authored a report entitled "Visual assessment of Coordinated Inauthentic Behaviour in disinformation campaigns". We provide a summary and the full publication here.
https://t.co/vh2MPmwFFw
Watch and listen to @lc_idmt and Milica Gerhardt of @Fraunhofer_IDMT who spoke at this @EBU_HQ webinar. Their topic: audio analysis to support countering #disinformation - all part of @veraai_eu work.
https://t.co/ezPrs11hbp
As of earlier this week, we made free #ProtonVPN servers available in #Mauritius ahead of the country’s presidential elections on November 10.
We want to ensure everyone has free and unrestricted access to information and prevent any potential attempts of interference or misinformation campaigns.
➡️ Learn more here: https://t.co/4aVMmBqXLs
#MauritiusElections
Cape Town && OSINT investigations && Ubikron
Workshop (6 Dec): https://t.co/pcofZ0oenK
Come see what we've been obsessing over for the last 16 months. Or, just come see how we do OSINT + AI. No BS, no vaporware, real world (by now you should know).
BREAKING: The houses of @EtoBuziashvili and @SGelava, researchers at the Atlantic Council’s @DFRLab, are being searched. The Investigation Service of the Ministry of Finance has entered Eto’s apartment, and devices at Sopo’s home are being seized. The “investigation” is underway under three articles, just two days before Georgia’s parliamentary elections.
EDMO Guidelines for Effective Media Literacy Initiatives is out now! For NORDIS they offer an excellent benchmark to forthcoming NORDIS joint digital information campaigns for the benefit of informed citizens. Find the guidelines 👉https://t.co/hLvxuvzmHU & https://t.co/COS0dBLwq3
#MIL #NORDIS @EDMO_EUI
I love this kind of osint stories 😍
Today, the famous hacker known as USDoD was arrested by the Brazilian police.
The FBI had a way to find his identity and home address since at least June 2022. I will show you how.
It's OSINT time! ⬇️
All @ProtonDrive apps are now #OpenSource. 🎉
This is a major milestone for our community, and we're grateful for your support. https://t.co/0ZvZVA4LVo
New: Ghost, an encrypted platform for criminals, was an "absolute mess." Separate to the law enforcement hack, a researcher was able to get:
- users
- resellers
- support messages
Shows as org crime makes own platforms, they might make vulnerable systems https://t.co/gWMzqxpUDd
NEW: We have launched a glossary where we have a series of cybersecurity terms and their definitions.
This page will be periodically updated to add more terms, as it's meant to be a live resource for all our readers.
Please let us know what to add!
https://t.co/IGdruBJvs3
NEW: The FBI director said today that the U.S. government took over and disrupted a botnet made of 260,000 Internet of Things devices
U.S government accused a company in China of running the botnet on behalf of the Chinese government.
https://t.co/xpn9QNcKOd
🆕 Latest #disinformation insights, based on 1.675 #factchecking articles by 36 organisations:
📈 #immigration replaces #climate as most-targeted issue, with false content exploiting attacks in #Southport, #Solingen, #Toledo to drive hate and escalation
🧱 over 600k #TikTok users were exposed to the false claim that @Bundeskanzler threatens to rebuild the Berlin wall
💉 new conspiracies on #Covid circulate, linking the #vaccines to the spread of #Mpox
🇺🇸 malign actors in the #EU use #USelection as vehicle for spreading misogynistic rhetoric, false content on #climatecrisis + more
👉All findings: https://t.co/pAOMwDtEap
With contributions by @15minlt @AFP @AFPFactCheck @APA_Faktencheck @correctiv_fakt @DelfiLV @DemagogCZ @DemagogPL @dpa @DeutscheWelle @EestiPaevaleht @EFEVerifica @ellinikahoaxes @FactCheckCyprus @FactReview_ @Faktabaari @faktisk_no @FranceTV, Funky, @Greecefactcheck @Infoveritas_ @lakmusz_hu @LogicallyFacts @malditaen @med_transparent @Newtral @_ostro_ @PagellaPolitica @FactaNews @JornalPoligrafo @pravda_org @rebaltica @TheTimesofMalta @TJ_FactCheck @TjekDet @rtve and @veri_fi_cat.
🚨Breaking news:
Leaked docs from a Kremlin-controlled propaganda machine reveal a campaign backing far-right parties in EU elections and spreading disinformation to undermine Ukraine.
Read further:
https://t.co/rzmW5kfDJT
Let’s dive into the #FactoryofFakes🕵️♂️🧵
1/15
Thanks to everyone who joined us yesterday and big thanks to Polina Malaja, @CENTR_Polina, @CENTRnews, for the insightful webinar! With the support of EEAS
Watch the replay to learn more about domain name dispute resolution here 📽️: https://t.co/WWoWyulpE4
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.5M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.3M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.5M followers
Taylor Swift
@taylorswift13
81.4M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.7M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.6M followers