DarkCyber for September 18, 2018 Now Available
September 18, 2018
DarkCyber for September 18, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/290147202 .
This week’s DarkCyber video news program covers … Bitfury’s deanonymization service and its unusual sales approach… the loss of UK law enforcement laptops… facial recognition for law enforcement challenged by tech company employees… and X1 and its eDiscovery system with Dark Web content support.
The first story explains that Bitfury, a UK company with an interesting staff line up, offers digital currency deanonymization services. The company’s approach to sales, however, is unusual. Specifically, the company refused to explain its services at a recent law enforcement conference. DarkCyber continues to recommend that agencies interested in digital currency deanonymization look at services available from Chainalysis and Elliptic, two companies which do explain their services to security and enforcement officials.
The second story reports that UK media pointed out that in one year, UK law enforcement lost 60 laptops. With tens of thousands of officers and operators, DarkCyber states that the alleged problem is blown out of proportion. Bad actors attempt to obtain laptops, mobiles, and other computing devices in order to compromise investigations. DarkCyber asserts that the loss of 60 laptops illustrates the good job UK authorities do with regard to preventing loss of laptops.
The third story describes the Amazon DeepLens system. In addition to explaining how this Amazon camera integrates with Amazon’s machine learning and analytics subsystems, DarkCyber reports that neither Amazon, IBM, or any other US company was able to sell their technology to Ecuador. That country purchased a state-of-the-art Chinese developed system. With employee pushback against their employers’ work for the US government, US facial recognition technology may find itself at a disadvantage with regard to technical development and system innovation.
The final story covers the X1 eDiscovery system for social content. The X1 technology can now acquire and process social media information as well as some Dark Web content. Instead of directly scraping Dark Web sites, the X1 method relies on the Tor2Web.org service. The new product costs about $2,000 per year. DarkCyber explains where to download a 14-day free trial.
Kenny Toth, September 18, 2018
DarkCyber for September 11, 2018, Now Available
September 11, 2018
DarkCyber for September 11, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com .
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s program covers four Dark Web and security related stories.
The first story reports that cybercrime has increased by 32 percent in the first quarter of 2018 compared to the first quarter of 2017. The most popular malware is for covert crypto currency mining and for Trojan software that can entice a user to download a document or video. DarkCyber reveals an easy way to locate malware using Bing.com and the Pastebin.com service. The easy access to potentially harmful software presents an increasing risk for many Internet users.
The second story explains that a citizen attempted to research a Dark Web murder-for-hire site. After engaging law enforcement, the individual used malware to create a disturbance on the Dark Web site. What happened next surprised the citizen hacker. The police picked up the individual and held him for 36 hours. The incident makes clear that law enforcement has the technical capabilities to monitor Dark Web access and identify individuals who perform certain online actions. The Dark Web and access to it can present some interesting challenges to those who assume that the Dark Web access is secret.
The third story explores the capabilities of SpyCloud, a fast-growing start up based in Austin, Texas. The company has amassed billions of items of information related to passwords, users names, and other types of high-value information. The firm’s system makes it possible for the company to identify a data security problem, often before it poses a problem for the organization. The company recently raised an additional $5 million in Series A funding, bringing the total funding to about $8 million.
The final story reports that the Australian government wants access to computing devices protected by a password. Pending legislation provides for a sentence of 10 years in jail for an individual who refuses to comply with a government request to unlock devices or decrypt encrypted data.
Kenny Toth, September 11, 2018
DarkCyber for September 4, 2018, Now Available
September 4, 2018
DarkCyber for September 4, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/287783314.
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s program covers three Dark Web and security related stories.
The first story addresses Gephi, an open graph visualization platform. Unlike Excel, Gephi is a platform. The software system can be a useful complement to blockchain deanonymization tasks. An analyst can perform link analysis; that is, what hyperlink or item leads to another. The Gephi One feature allows the user to turn a graphical representation and explore it in three dimensions. A user can interact with the data, drilling down into a cluster or popping up one or more levels to see how a particular item relates to a broader grouping of data. The system can manipulate up to one million nodes and edges. Some commercial tools struggle to deal with more than a handful of nodes and edges. The video includes a link at which Gephi can be downloaded.
The second story describes a vehicle tracking and surveillance innovation called Zoomed. Developed by Cameroonia computer whiz Zuo Bruno, the system does not require the Internet. Instead, Zuo Bruno devised a system which operates via SMS. Once the device is placed in a vehicle, the location of the vehicle can be determined by placing a mobile call to the Zoomed device. The device drops the call and messages the location and other data of the vehicle. The Zoomed technology can perform other functions as well; for example, the audio in the vehicle can be recorded and the vehicle can be disabled.
The third story describes a free account takeover alerting service or ATO from Truthfinder. The idea is that after a person registers for the service, Truthfinder will notify that individual when his personal information is discovered by the monitoring service. DarkCyber explains how to sign up for the service and how to disable the notifications if they become a burden.
Kenny Toth, September 4, 2018
DarkCyber for August 28, 2018, Now Available
August 28, 2018
DarkCyber for August 28, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/286743860.
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s program covers five Dark Web and security related stories.
The first story address Microsoft’s acquisition of Hyas, a Canadian cyber intelligence company. DarkCyber believes that Microsoft is making an effort to close the gap between its cloud capabilities and those of Amazon. Policeware appears to be a key strategic capability of Amazon, and Microsoft has found that more than in-house innovation may be necessary to close the gap. Stephen E Arnold, producer of DarkCyber and author of CyberOSINT (2017) said: Amazon’s policeware has helped the company make progress with its US government cloud services. Microsoft’s acquisition of Hyas adds an important cyber analytic capability to the Azure system.”
DarkCyber reports the newly-released details about two Dark Web operations. The Dutch police methods used to take down the Hansa contraband-focused ecommerce site complements new information about the arrest of eight individuals involved with the Rex Mundi hack-and-extort spin on ransomware. Both operations involved investigators from multiple countries, advanced analytics, and traditional investigative techniques. The success of these two operations makes clear that use of software to create hidden Internet sites and services is not as effective as some individuals believe.
DarkCyber reports that draft legislation in Australia may be a different way to force companies to provide decryption backdoors to messaging applications. The Australian government can request decryption assistance or decryption keys. If the company does not comply, the firm may be fined up to seven million dollars for each failure to cooperate. The proposed legislation is accepting public comments and further action will be taken on this proposal later this year.
The final DarkCyber report shares some findings from a yet-to-be-released report about the Asian Dark Web. The report is a work product of IntSights, a cyber intelligence firm. The key finding in the report is that each country takes a unique approach to the Dark Web. Cultural considerations require the use of the country’s language and the jargon used to prevent outsiders from making sense of the content.
Kenny Toth, August 28, 2018
The Social Vendor ATM: Governments Want to Withdraw Cash
August 21, 2018
I read “Social Networks to Be Fined for Hosting Terrorist Content.” My first reaction is, “Who is going to define terrorist content?” Without an answer swirling into my mind, I looked to the article for insight.
I learned:
,,, the EC’s going to follow through on threats to fine companies like Twitter, Facebook and YouTube for not deleting flagged content post-haste. The commission is still drawing up the details…
I assume that one of the details will be a definition of terrorist content.
How long will a large, mostly high school science club type company have to remove the identified content?
The answer:
One hour for platforms to delete terrorist content.
My experience, thought hardly representative, is that it is difficult to get much accomplished in one hour in my home office. A 60 minute turnaround time may be as challenging for a large outfit operating under the fluid principles of high school science club management.
Programmers sort of work in a combination of intense focus and general confusion. My hunch it may be difficult to saddle up the folks at a giant social vendor to comply with a take down request in 3,600 seconds.
My thought is that the one hour response time may be one way to get the social media ATM to eject cash.
By the way, some of Google’s deletion success can be viewed at this page on YouTube. Note that there are some interesting videos which are not deleted. One useful way to identify some interesting videos is to search for the word “nashid” or “nasheed.”
The results list seems to reveal at least one facet of terrorism’s definition.
Stephen E Arnold, August 21, 2018
DarkCyber for August 14, 2018, Now Available
August 14, 2018
DarkCyber for July 24, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/284579347 .
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s program covers four Dark Web and security related stories.
The first story presents data about online drug sellers. The estimated number of vendors is in the 30,000 to 50,000 range. DarkCyber points out that such data are likely to be uncertain. Estimates of online sources for controlled substances are based on difficult-to-verify data. DarkCyber reports that as many as one half of the prescription drugs sold online may be fakes.
The second story reports that the Dark Web is changing. The shift from Tor-centric Web sites to encrypted chat and messaging systems is underway. Encrypted chat complicates the work of law enforcement and intelligence professionals. Plus, encrypted chat sessions can trigger mob actions which can spiral out of control and without warning. A lynching in India may be the direct result of forwarded encrypted chat messages.
The third story provides a snapshot of the NC4 policeware system Street Smart. A popular US magazine referenced the company without providing details about the system and its functions. DarkCyber explains that information about the software system are available on the NC4 Web site and in videos publicly available on YouTube.
The final story explains how 3D printing makes it comparatively easy for an individual to create what is called a “ghost gun.” The 3D printed weapon does not have an identification number, so tracing the gun is difficult. DarkCyber points out that copyright issues and regulations concerning the manufacture of weapons will consume time, money, and human resources.
Kenny Toth, August 14, 2018
DarkCyber for July 31, 2018, Is Now Available
July 31, 2018
This week’s DarkCyber video news program is available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/282131610 .
Produced by Stephen E Arnold and the DarkCyber research team, the weekly program covers the Dark Web and lesser known Internet services.
The July 31, 2018, program includes four stories. These are:
Chinese citizens are using the Dark Web via Tor and i2p to circumvent the Great Firewall of China. The Web surfers use hidden Internet sites and services to obtain information and engage in ecommerce. DarkCyber learned that there is an elite group of “red” hackers working for the Chinese government. These “red hat” professionals engage in cyber activities which may be viewed as “black hat” activities by those outside of China.
The second story updates viewers about the legal challenges several SEA members face in US courts. DarkCyber provides brief descriptions of two reports about the SEA’s hacking activities in the US and elsewhere. These reports contain high value information about systems and methods used by these individuals. Links to these reports are included in the video plus a pointer to an SEA recruiting video available on YouTube. Stephen E Arnold, author of Dark Web Notebook, said: “Technical information compiled by analysts provides a road map for cyber security professionals. On the other hand, the availability of information warfare techniques makes it easier for bad actors to improve their digital attack methods. A cat and mouse game with significant stakes is escalating.”
The third story explains that Russia’s new surveillance and data retention regulations are now in effect. Mobile vendors, ISPs, and similar companies have to retain index data and content for six months. The influence of the Russian Internet crackdown has diffused to Kazakhstan. That Russian neighbor throttles the Internet and blocks access when opposition political voices stream via the Internet.
The final story directs viewers to the free Dark Web scanning service provided by Capitol One. The new service looks for individuals social security numbers, emails, and other personal information. Automatic alerts are sent to registered users when sensitive information is discovered.
You can view the video at this link.
Kenny Toth, July 31, 2018
DarkCyber for July 24, 2018, Now Available
July 24, 2018
DarkCyber for July 24, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/281132690 .
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s program covers five Dark Web and security related stories.
The first story reports that a hacker stole technical details of the hunter killer MQ9 Reaper drone. These documents were offered for sale on a Dark Web eCommerce site. The documents in the wrong hands could lead to a bad actor’s development of jamming technology.
Second, the consumerization of encrypted blockchain services is accelerating. The Chinese electronics giant Huawei has announced that it will release a blockchain enable mobile phone in the fall of 2018. The idea is to make it easy to use digital currency from a mobile device. Each device can function as a node on the network which would expand the use of digital currency.
Third, Opera has released as a beta product of its flagship browser with a built in digital currency wallet. The implementation eliminates most of the technical complexity associated with using Bitcoin or other digital currencies. Stephen E Arnold, author of Dark Web Notebook, said: “Consumerization of encrypted services can be a plus for some business transactions. However, if the user of the encrypted services engages in illegal activity, the challenge for law enforcement becomes significantly more difficult for some investigations.”
The fourth story reports that German authorities are stepping up certain Tor related activities. Operators of Tor nodes and computers providing Tor relay services were seized in multiple locations in the country. German authorities allegedly wanted information about the use of Tor as well as the names of individuals who have contributed money to the US based Tor Project, a non profit organization sponsoring the development of the Tor software bundle.
The final story discloses that Mozambique has developed a fast growing heroin smuggling industry. The infrastructure used by the bad actors is based on mobile phones and WhatsApp messaging software. The heroin business now rivals Mozambique’s coal exporting business in revenue.
DarkCyber is released weekly on Tuesday at 0130 am US Eastern time.
Kenny Toth, July 24, 2018
DarkCyber for July 17, 2018, Now Available
July 17, 2018
DarkCyber for July 17, 2018, is now available. You may view the nine minute news program about the Dark Web and lesser known Internet services at www.arnoldit.com/wordpress or Vimeo at this link. This week’s program covers:
This week’s program covers four stories.
The first story reviews the enhanced capabilities of Webhose.io’s Dark Web and Surface Web monitoring service. Tor Version 3 is supported. The content collection system can now access content on Dark Web and i2p services. Plus, Webhose’s system now scans compressed attachments and can access obfuscated sites with Captcha and user name and password requirements.
The second story reports that NSO, an Israeli intelligence services firm, suffered an insider breach. NSO’s Pegasus platform can extract email, text messages, SIM card and cell network information, GPS location data, keychain passwords, including Wi-Fi and router, and voice and image data. The NSO Pegasus system was advertised on the Dark Web. The insider was identified and arrested.
The third story takes a look at Dark Web money laundering services. Mixers, tumblers, and flip concepts are explained. These services are becoming more popular and are coming under closer scrutiny by law enforcement.
The fourth story explains Diffeo’s approach to next generation information access. Diffeo was one of the technology vendors for the Defense Advanced Research Projects Agency’s Memex Dark Web indexing program. The commercial version of Diffeo’s analytic tool is in use at major financial institutions and the US Department of Defense.
Enjoy.
Kenny Toth, July 17, 2018
DarkCyber for July 10, 2018, Now Available
July 10, 2018
The DarkCyber video news program for July 10, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/278891411.
This week’s program includes four stories.
The first story reports that Brave has introduced Tor tabs. The security-centric browser makes obfuscated Internet access easier to implement. The system is activated with a mouse click. Users do not have to download, install, and configure the Tor software bundle. DarkCyber reveals how to get a beta copy of this Tor-equipped browser.
Second, facial recognition systems captured some space in the news cycle. The Annapolis police were able to identify the Capital Gazette shooter using a commercial facial recognition system. The accuracy of these systems is not usually discussed. DarkCyber reveals the accuracy achieved by systems from Chinese, Russian, and US vendors.
Stephen E Arnold, author of Dark Web Notebook, said: “Facial recognition systems generate false positives. This means that unless the system generates a high probability match, human investigators and analysts have to examine the matched images. With accuracy rates for the best systems achieving 70 percent, facial recognition is a work in progress.”
The third story explains how a person with python and network expertise can configure MalTrail to identify malicious network traffic. The open source solution makes it possible to avoid the costs and contractual work associated with commercial malicious traffic analysis systems. DarkCyber points out the important differences between commercial software and the open source equivalent.
The fourth story points to a free report from the security organization InfoSec. The document includes useful information about weaknesses identified in Tor botnets and sources of malicious software. DarkCyber provides the download information for this free report and recommends that those interested in malware obtain a copy.
Next week’s program features a report about the NSO Pegasus source code slip up and a new introduction to the video program.
Kenny Toth, July 10, 2018
-
- Subscribe to Beyond Search
Feature archive
News archive
-
