Stroz Friedberg Snaps Up Elysium Digital
August 20, 2015
Cybersecurity, investigation, and risk-management firm Stroz Friedberg has a made a new acquisition, we learn from their announcement, “Stroz Friedberg Acquires Technology Litigation Consulting Firm Elysium Digital” (PDF). Though details of the deal are not revealed, the write-up tells us why Elysium Digital is such a welcome addition to the company:
“Founded in 1997, Elysium Digital has worked with law firms, in-house counsel, and government agencies nationally. The firm has provided a broad range of services, including expert testimony, IP litigation consulting, eDiscovery, digital forensics investigations, and security and privacy investigations. Elysium played a role in the key technology/legal issues of its time and established itself as a premier firm providing advice and quality technical analysis in high-stakes legal matters. The firm specialized in deciphering complex technology and effectively communicating findings to clients, witnesses, judges, and juries.
“‘The people of Elysium Digital possess highly sought after technical skills that have allowed them to tackle some of the most complex IP matters in recent history. Bringing this expertise into Stroz Friedberg will allow us to more fully address the needs of our clients around the world, not just in IP litigation and digital forensics, but across our cyber practices as well,’ said Michael Patsalos-Fox, CEO of Stroz Friedberg.”
The workers of Elysium Digital will be moving into Stroz Friedberg’s Boston office, and its co-founders will continue to play an important role, we’re told. Stroz Friedberg expects the acquisition to bolster their capabilities in the areas of digital forensics, intellectual-property litigation consulting, eDiscovery, and data security.
Founded in 2000, Stroz Friedberg says their guiding principle is to “seek truth” for their clients. Headquartered in New York City, the company maintains offices throughout the U.S. as well as in London, Hong Kong, and Zurich.
Cynthia Murrell, August 20, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Compare Trump to Lincoln with Watson Personality Insights
August 19, 2015
IBM’s Watson is employing its capabilities in a new and interesting way: BoingBoing asks, “What Does Your Writing Say About You? IBM Watson Personality Insights Will Tell You.” The software derives cognitive and social characteristics about people from their writings, using linguistic analytics. I never thought I’d see a direct, graphically represented comparison between speeches of Donald Trump and Abe Lincoln, but there it is. There are actually some similarities; they’re both businessmen turned politicians, after all. Reporter Andrea James shares Watson’s take on Trump’s “We Need Brain” speech from the recent Republican primary debate:
“You are a bit dependent, somewhat verbose and boisterous. You are susceptible to stress: you are easily overwhelmed in stressful situations. You are emotionally aware: you are aware of your feelings and how to express them. And you are prone to worry: you tend to worry about things that might happen. Your choices are driven by a desire for efficiency. You consider both independence and helping others to guide a large part of what you do. You like to set your own goals to decide how to best achieve them. And you think it is important to take care of the people around you.”
For comparison, see the write-up for the analysis of Lincoln’s Gettysburg Address (rest assured, Lincoln does come out looking better than Trump). The article also supplies this link, where you can submit between 3500 and 6000 words for Watson’s psychoanalysis; as James notes, you can submit writing penned by yourself, a friend, or an enemy (or some random blogger, perhaps.) To investigate the software’s methodology, click here.
Cynthia Murrell, August 19, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Chinese Opinion Monitoring Software by Knowlesys
August 18, 2015
Ever wonder what tools the Chinese government uses to keep track of those pesky opinions voiced by its citizens? If so, take a look at “IPOMS : Chinese Internet Public Opinion Monitoring System” at Revolution News. The brief write-up tells us about a software company, Knowlesys, reportedly supplying such software to China (among other clients). Reporter and Revolution News founder Jennifer Baker tells us:
“Knowlesys’ system can collect web pages with some certain key words from Internet news, topics on forum and BBS, and then cluster these web pages according to different ‘event’ groups. Furthermore, this system provides the function of automatically tracking the progress of one event. With this system, supervisors can know what is exactly happening and what has happened from different views, which can improve their work efficiency a lot. Most of time, the supervisor is the government, the evil government. sometimes a company uses the system to collect information for its products. IPOMS is composed of web crawler, html parser and topic detection and tracking tool.”
The piece includes a diagram that lays out the software’s process, from extraction to analysis to presentation (though the specifics are pretty standard to anyone familiar with data analysis in general). Data monitoring and mining firm Knowlesys was founded in 2003. The company has offices in Hong Kong and a development center in Schenzhen, China.
Cynthia Murrell, August 18, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Open Source Tools for IBM i2
August 17, 2015
IBM has made available two open source repositories for the IBM i2 intelligence platform: the Data-Acquisition-Accelerators and Intelligence-Analysis-Platform can both be found on the IBM-i2 page at GitHub. The IBM i2 suite of products includes many parts that work together to give law enforcement, intelligence organizations, and the military powerful data analysis capabilities. For an glimpse of what these products can do, we recommend checking out the videos at the IBM i2 Analyst’s Notebook page. (You may have to refresh the page before the videos will play.)
The Analyst’s Notebook is but one piece, of course. For the suite’s full description, I turned to the product page, IBM i2 Intelligence Analysis Platform V3.0.11. The Highlights summary describes:
“The IBM i2 Intelligence Analysis product portfolio comprises a suite of products specifically designed to bring clarity through the analysis of the mass of information available to complex investigations and scenarios to help enable analysts, investigators, and the wider operational team to identify, investigate, and uncover connections, patterns, and relationships hidden within high-volume, multi-source data to create and disseminate intelligence products in real time. The offerings target law enforcement, defense, government agencies, and private sector businesses to help them maximize the value of the mass of information that they collect to discover and disseminate actionable intelligence to help them in their pursuit of predicting, disrupting, and preventing criminal, terrorist, and fraudulent activities.”
The description goes on to summarize each piece, from the Intelligence Analysis Platform to the Information Exchange Visualizer. I recommend readers check out this page, and, especially, the videos mentioned above for better understanding of this software’s capabilities. It is an eye-opening experience.
Cynthia Murrell, August 18, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Insight Into the Zero-Day Vulnerability Business
August 14, 2015
An ironic security breach grants a rare glimpse into the workings of an outfit that sells information on security vulnerabilities, we learn from “Hacking Team: a Zero-Day Market Case Study” at Vlad Tsyrklevich’s blog. Software weak spots have become big business. From accessing sensitive data to installing secret surveillance software, hackers hunt for chinks in the armor and sell that information to the highest (acceptable) bidder. It seems to be governments, mostly, that purchase this information, but corporations and other organizations can be in the market, as well. The practice is, so far, perfectly legal, and vendors swear they only sell to the good guys. One of these vulnerability vendors is Italian firm Hacking Team, known for its spying tools. Hacking Team itself was recently hacked, its email archives exposed.
Blogger Vlad Tsyrklevich combs the revealed emails for information on the market for zero-day (or 0day) vulnerabilities. These security gaps are so named because once the secret is out, the exposed party has “zero days” to fix the vulnerability before damage is done. Some may find it odd just how prosaic the procedure for selling zero-days appears. The article reveals:
“Buyers follow standard technology purchasing practices around testing, delivery, and acceptance. Warranty and requirements negotiations become necessary in purchasing a product intrinsically predicated on the existence of information asymmetry between the buyer and the seller. Requirements—like targeted software configurations—are important to negotiate ahead of time because adding support for new targets might be impossible or not worth the effort. Likewise warranty provisions for buyers are common so they can minimize risk by parceling out payments over a set timeframe and terminating payments early if the vulnerability is patched before that timeframe is complete. Payments are typically made after a 0day exploit has been delivered and tested against requirements, necessitating sellers to trust buyers to act in good faith. Similarly, buyers purchasing exploits must trust the sellers not to expose the vulnerability or share it with others if it’s sold on an exclusive basis.”
The post goes on to discuss pricing, product reliability, and the sources of Hacking Team’s offerings. Tsyrklevich compiles specifics on dealings between Hacking Team and several of its suppliers, including the companies Netragard, Qavar, VUPEN, Vulnerabilities Brokerage International, and COSEINC, as well as a couple of freelancing individuals. See the article for more on each of these (and a few more under “miscellaneous”). Tsyrklevich notes that, though the exposure of Hacking Team’s emails has prompted changes to the international export-control agreement known as the Wassenaar Arrangement, the company itself seems to be weathering the exposure just fine. In fact, their sales are reportedly climbing.
Cynthia Murrell, August 14, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
CounterTack Partners with ManTech Cyber Solutions for a More Comprehensive Platform
August 13, 2015
A new acquisition by CounterTack brings predictive capability to that company’s security offerings, we learn from “CounterTack Acquires ManTech Cyber Solutions” at eWeek. Specifically, it is a division of ManTech International, dubbed ManTech Cyber Solutions International (MCSI), that has been snapped up under undisclosed terms by the private security firm.
CounterTack president and CEO Neal Chreighton says the beauty of the deal lies in the lack of overlap between their tech and what MCSI brings to the table; while their existing products can tell users what is happening or has already happened, MCSI’s can tell them what to watch out for going forward. Writer Sean Michael Kerner elaborates:
“MCSI’s technology provides a lot of predictive capabilities around malware that can help enterprises determine how dangerous a malicious payload might be, Creighton said. Organizations often use the MCSI Responder Pro product after an attack has occurred to figure out what has happened. In contrast, the MCSI Active Defense product looks at issues in real time to make predictions, he said. A big area of concern for many security vendors is the risk of false positives for security alerts. With the Digital DNA technology, CounterTack will now have a predictive capability to be able to better determine the risk with a given malicious payload. The ability to understand the potential capabilities of a piece of malware will enable organizations to properly provide a risk score for a security event. With a risk score in place, organizations can then prioritize malware events to organize resources to handle remediation, he said.”
Incorporation of the open-source Hadoop means CounterTack can scale to fit any organization, and the products can be deployed on-premises or in the cloud. Cleighton notes his company’s primary competitor is security vendor CrowdStrike; we’ll be keeping an eye on both these promising firms.
Based in Waltham, Massachusetts, CounterTack was founded in 2007. The company declares their Sentinel platform to be the only in-progress attack intelligence and response solution on the market (for now.) Founded way back in 1968, ManTech International develops and manages solutions for cyber security, C4ISR, systems engineering, and global logistics from their headquarters in Washington, DC. Both companies are currently hiring; click here for opportunities at CounterTack, and here for ManTech’s careers page.
Cynthia Murrell, August 13, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
ZeroFox: New Products Available
August 10, 2015
ZeroFOX is a social media centric cyber security firm. The company announced several new products which enable the company to provide end to end social media cyber security solutions.
The products are:
ZeroFOX Enterprise is now powered by FoxScript. FoxScript is a customizable, javascript-based language that allows security analysts to write unique rules for ZeroFOX’s data collection and analysis engines within ZeroFOX Enterprise. FoxScript makes security teams their own greatest innovators: professionals will have a tool at their disposal to track custom security threats and address the issues that matter most to their specific organization. ZeroFOX’s FoxScript will enable security teams to address targeted employee exploitation on social networks and social engineering in particular, cited by 46% of this year’s Black Hat attendees as their greatest cyber security concern.
ZeroFOX Recon, a social media vulnerability and phishing assessment application, enables organizations to discover their social assets and test their vulnerabilities with a comprehensive assessment.
ZeroFOX Threat Feed is an easily-digestible URL feed that provides real-time visibility into global phishing and malware attacks delivered via social media. Threat Feed integrates seamlessly into existing security technology to supercharge organization’s Threat Intelligence Platforms (TIP) or SIEMs with threats from where their people are most vulnerable. Threat Feed can also be directly integrated into leading firewall, web security and email security platforms.
The announcement included two interesting items in its announcement:
- Facebook scams are an effective method to breach an organization’s network.
- Twitter is a popular attack vector used by “Russian government backed hackers.”
Why search when one can copy “interesting” digital information?
Stephen E Arnold, August 10, 2015
YouTube Consumer: Do You Want a Pet RAT?
August 10, 2015
Because information access is shifting from the dinosaur approach (human figures out a query) to the couch potatoes’ approach (just consume what a click and an algorithm deliver), I will be adding more coverage of “enhanced” search and retrieval.
Today, we do RATs.
Navigate to “Google Profits from YouTube RAT Infestation, Says Consumer Group.” The idea is that you learn how to embed remote access tools on another couch potato’s computing device. There are quite a few folks into the RAT game.
The article suggests that the GOOG profits from instructional videos which teach folks how to use RATs. According to the write up, the Digital Citizens Alliance (DCA) has
called on YouTube to stop monetizing videos that promote the use and dissemination of RATs, saying in a release that there’s “no reason” why major brands should be running adverts alongside these videos:
No company - especially one as big as Google - should make even a penny from videos that show the faces of victims and IP addresses.
The BBC reports that Adam Benson, deputy director of the DCA, said that the trade in stolen webcam footage was “troubling” and called on Google to stop relying on computer-based methods to find and remove the videos.
Intrigued? There are industrial strength tools available to build your own RAT colony. To get the details, you will have to wait until my new study “Dark Web Basics” is available.
Stephen E Arnold, August 10, 2015
A Technical Shift in Banking Security
July 23, 2015
Banks may soon transition from asking for your mother’s maiden name to tracking your physical behavior in the name of keeping you (and their assets) safe. IT ProPortal examines “Fraud Prevention: Knowledge-Based Ananlytics in Steep Decline.” Writer Lara Lackie cites a recent report from the Aite Group that indicates a shift from knowledge-based analytics to behavioral analytics for virtual security checkpoints. Apparently, “behavioral analytics” is basically biometrics without the legal implications. Lackie writes:
“Examples of behavioural analytics/biometrics can include the way someone types, holds their device or otherwise interacts with it. When combined, continuous behavioural analysis, and compiled behavioural biometric data, deliver far more intelligence than traditionally available without interrupting the user’s experience….
Julie Conroy, research director, Aite Group, said in the report “When the biometric is paired with strong device authentication, it is even more difficult to defeat. Many biometric solutions also include liveliness checks, to ensure it’s a human being on the other end.’
“NuData Security’s NuDetect online fraud engine, which uses continuous behavioural analysis and compiled behavioral biometric data, is able to predict fraud as early as 15 days before a fraud attempt is made. The early detection offered by NuDetect provides organisations the time to monitor, understand and prevent fraudulent transactions from taking place.”
The Aite report shows over half the banks surveyed plan to move away from traditional security questions over the next year, and six of the 19 institutions plan to enable mobile-banking biometrics by the end of this year. Proponents of the approach laud behavioral analytics as the height of fraud detection. Are Swype patterns and indicators of “liveliness” covered by privacy rights? That seems like a philosophical question to me.
Cynthia Murrell, July 23, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Another the End of Article with Some Trivial Omissions
July 19, 2015
Far be it from me to find fault with an economics essay published by the British open source, online hip newspaper The Guardian. I want to point you at “The End of Capitalism Has Begun.” Like Francis Fukuyama’s end of book, the end seems to be unwilling to arrive. Note: if you find that the article has disappeared online, you may have to sign up to access the nuggets generated by The Guardian. Another alternative, which is pretty tough in rural Kentucky, is to visit your local convenience store and purchase a dead tree edition. Do not complain to me about a dead link, which in this blog are little tombstones marking online failures.
There is some rugby and polo club references in the article. The one that I circled was the reference to Karl Marx’s “The Fragment on Machines” from his thriller The Grundrisse, which connoted to me “floor plans.” But, my German like my math skills are not what they used to be. Anyway, who am I kidding. I know you have read that document. If not, you can get a sniff at this link.
According to the Guardian, the point of the fragment is:
he [Marx] had imagined something close to the information economy in which we live. And, he wrote, its existence would “blow capitalism sky high.
The end of capitalism?
Another interesting item in the essay is the vision of the future. At my age, I do not worry too much about the future beyond waking each morning and recognizing my surroundings. The Guardian worries about 20175. Here’s the passage I highlighted:
I don’t mean this as a way to avoid the question: the general economic parameters of a post capitalist society by, for example, the year 2075, can be outlined. But if such a society is structured around human liberation, not economics, unpredictable things will begin to shape it.
Why raise the issue?
Now to the omission. I know this is almost as irrelevant as the emergence of a monitored environment. What about the growing IS/ISIS/Daesh movement? The Greek matter is interesting to me because if the state keeps on trucking down the interstate highway its has been following, the trucks will be loaded with folks eager to take advantage of the beach front property and nice views Greece affords.
I noted a number of other points away from which the essay steered its speeding Russian Zil. How does one find information in the end of world?
I think about information access more than I ponder the differences between Horatio in Hamlet and Daniel Doyce in Little Dorrit. To get up to speed on Daniel Doyce, check out this link.
Like Fukuyama’s social analysis, this end of may point to speaking engagements and consulting work. The hope is that the author may want these to be never-ending. Forget the information access and the implications and impacts of IS/ISIS/Daesh.
Let’s hope online search works unless it is now the end of that too.
Stephen E Arnold, July 19, 2015
-
- Subscribe to Beyond Search
Feature archive
News archive
-
