REAPER: Mass Credential Harvesting and Collecting OSINT

This year’s Black Hat conference is a big one for PayPal because it is the first time we are attending as a conference sponsor. In 2016 we’ve made a concerted effort to show up at a number of events to discuss security careers and hear about the experiences of you, our peers and colleagues.

I will be at the booth along with several other PayPal InfoSec professionals from various security disciplines on August 3rd and 4th. Along with various swag and security puzzles, we want to highlight some interesting academic research conducted this year by our Threat Intelligence team.

REAPER was presented at the Anti Phishing Working Group’s 2016 e-Crime Symposium last month. It’s a methodology for automating a solution for mass credential harvesting and OSINT collection. We will have copies of the paper and business card-sized flyers linking to the paper at the booth. For those not attending, we’ve linked to the full length paper here.

We’d love to hear your thoughts on the research; feel free to drop us a line with your comments at infosec@paypal.com or tweet us at @PayPalSecurity. Hope to see you at the conference!