Yesterday @jc_stubbs published an article about a Russian backed fake news site and @VickerySec found that the Wordpress back end was wide open. This means the underlying folders that hold the raw photos displayed on the site were viewable showing when the photos were uploaded https://twitter.com/VickerySec/status/1311682344051380226
Many photo formats contain what is known as metadata, information included in the file that is extra data about the file. For photos this is known as EXIF, Exchangeable Image File Format, which can include time, location, focal length, lens type, creation date, modification date
and other data fields that can help a photographer edit and catalog their photos. See here for more information https://photographylife.com/what-is-exif-data

As Chris pointed out the site had a first logo with a different name and second logo with the name they eventually went with
What is EXIF Data and How You Can Remove it From Your Photos

When viewing images on the Internet, you might have noticed that some websites provide valuable information related to those images, such as their exposure settings, camera brand, etc. This informa...

https://photographylife.com/what-is-exif-data
I've archived that file here https://web.archive.org/web/20201002145531/https://naebc.com/wp-content/uploads/2020/08/ava_fbgab_400x400.jpg

The file didn't have the normal metadata from a photo but a subset that shows up on files generated with an Adobe program, in this case illustrator
From the metadata we can tell it was created on a Windows Computer on 7/31/2020 that used Russian as the default operating language

The actual file path name isn't exciting from Google Translate and verified by 2 Russian speakers
From the metadata we can tell it was created on a Windows Computer on 7/31/2020 that used Russian as the default operating language The actual file path name isn't exciting from Google Translate and verified by 2 Russian speakers
From the metadata we can tell it was created on a Windows Computer on 7/31/2020 that used Russian as the default operating language The actual file path name isn't exciting from Google Translate and verified by 2 Russian speakers
Metadata can be faked but most images uploaded didn't have any. A few of the images from filename can be identified as having come from someone's facebook, which uses a unique file naming scheme.
@razhael has a good article with a longer breakdown of how EXIF can be used for news stories. (Note I assisted with that story) https://www.bellingcat.com/news/americas/2018/10/26/joseph-mifsud-rush-exif/
Joseph Mifsud: Rush for the EXIF - bellingcat

I write about cybersecurity for The Associated Press, but like other reporters I pitch in on other investigative tracks too. That includes occasional forays into covering the fallout from Russia’s...

https://www.bellingcat.com/news/americas/2018/10/26/joseph-mifsud-rush-exif/
You can follow @z3dster.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more