More About Daniel Clemens
Connect with Daniel Clemens
Latest Posts by Daniel Clemens
Illuminating Context with Timeline Analysis
In our training courses, we push ideas and investigative methodology more than we push our tools. Tools will change, but proper investigative methods will not change. Asking the right questions will enable success while following a robust investigative methodology. Without performing the discipline of timeline analysis in simple or complex cases, context and hidden motives […]
Stopping an Active Shooter with OSINT: How Publicly Available Information Becomes Actionable Intelligence
[First printed in the December 2023 edition of Security Technology]
ShadowDragon Commentary: How to Scale Investigations Using Open-Source Intelligence
Recently, ShadowDragon CEO, dclemens, contributed an article to Security Management Magazine for their October 2023 organized crime issue. In the piece, he offers firsthand insights into how investigators can improve their workflows and scale their investigations with the power of open-source intelligence (OSINT.)
ShadowDragon Commentary: OSINT vs Classified Secrets
In a recent opinion piece for The Cipher Brief, Gregory Sims, former CIA Clandestine Service for over thirty years, including multiple field tours as Chief and Deputy Chief of CIA stations, shared his views on the evolving role of open source intelligence (OSINT) in a world filled with secrets.
Diving Deeper: What Past Attackers Tell Us About Bryan Kohberger
After six weeks of investigation, on Dec. 30, 2022 authorities arrested Bryan Kohberger as the key suspect in the quadruple murders of four University of Idaho students. This case (which is ongoing) has captured the attention of our nation, for good reason, and seemingly challenged investigators.
Additional Insights into Iranian Cyber Espionage | APT33
Earlier this week FireEye/Mandiant had released a blog entitled “Insights into Iranian Cyber Espionage”detailing the targets within the Aerospace and Energy sectors being targeted. To compliment their post we wanted to use our tools to track down additional information relating to online identities and infrastructure used by the actors as well as identifying additional IOCs
Heat Maps: Form Over Function
Since movies took over displaying intelligence, we have seen crazy maps and charts attempt to display intelligence and seem “futuristic.” Here, we can see an example of a heat map: It is great. It is pretty. It paints a picture… but it means absolutely nothing. This is the critical problem with heat maps. Without the
Timeline Analysis | Epstein Death Reported on 4Chan Before Announced
In my last entitled Illuminating Context with Timeline Analysis, I gave a rough sketch of the basics. In this post I will share a few specifics. The primary point to drive home is there won’t ever be an investigation with a timeline. If you don’t have a timeline (or the discipline), you are not going
Understanding Link Analysis and Using it in Investigations
I started using link analysis for investigations somewhere around 2009/2010 when we were developing the first version of SocialNet. A longtime friend, Roelof from Paterva, shared his vision for a link analysis platform. Within a year SocialNet was born. It was an unique marriage of link analysis with the process of collection and enhancement of
Buckle up for Insight into Charming Kitten Cyberespionage Attacks
The horrors of cybercrime can make even the savviest tech person shudder. Much like an accident on the side of the road, however, we just can’t help rubbernecking. That’s why the Clear Sky report on Iranian cyberespionage group – known oxymoronically as Charming Kitten – is such a great read. A classic tale of Zero