• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

DarkCyber for July 2, 2019, Is Now Available

DarkCyber for July 2, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/345294527. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

This week’s story line up includes: Tor survives another court battle related to a child who overdosed on Dark Web drugs; a newspaper unwittingly provides a road map for undertaking credit card fraud; a profile of DataWalk, a next-generation intelligence platform with a secret sauce; and Recorded Future’s threat intelligence service runs from Amazon’s platform.

This week’s lead story is the revelation that Recorded Future relies on Amazon AWS to serve its new threat intelligence service. Recorded Future was founded in 2009 with initial investors Google and In-Q-Tel, the investment arm of the US Central Intelligence Agency. In May 2019, the predictive analytics company was acquired by Insight Partners, a leading global capital and private equity firm. The purchase price was about $700 million. Recorded Future’s threat intelligence service is in the same product category as FireEye’s information service. Providing threat information in a browser provides easier access to this information. Stephen E Arnold, author of CyberOSINT: Next Generation Information Access, said: “The use of the Amazon AWS platform, not the competing Google service, is significant. Recorded Future joins BAE, Palantir Technology, and a handful of other firms leveraging the AWS infrastructure. Amazon is emerging as the plumbing for law enforcement and intelligence software.”

Other stories for the July 2, 2019, program are:

First, a Utah court decided that Tor, the software bundle required to access the Dark Web, was not liable for a death. The parents of a young person who overdosed on drugs ordered from a online contraband vendor via Tor sued the foundation involved with the anonymizing technology. Other cases have been filed against Tor. The deciding factor in this most recent decision and other cases is the US law which treats online platforms differently from traditional publishers. The court uncovered information that there are about 4,000 people in Utah who use Tor and presumably the Dark Web each day.

Second, a British newspaper published an informational article about online credit card fraud. DarkCyber interpreted the information in the report as a road map for a person who wanted to commit an online crime. The news story provided sufficient information about where to locate “how to” materials to guide an interested individual. Tips for locating sources of stolen credit card data were embedded “between the lines” in the report. The newspaper did omit one important fact. Organized crime syndicates are hiring individuals to commit credit card fraud and other financial crimes.

Finally, DarkCyber profiles a start up called DataWalk. This company provides a next-generation intelligence analysis and investigation platform. Competitors include IBM Analyst’s Notebook and Palantir Technologies Gotham / Titan products. DataWalk, however, has patented its technology which implements the firm’s method of delivering query results from disparate sources of structured an unstructured content. Plus the company can provide an analyst with content from third-party content products such as Thomson Reuters and the specialist publisher Whooster. The service also scales to accommodate data analysis, regardless of the volume of information available to the system. DataWalk’s analytic system operates in near-real time. DataWalk allows a user to perform sophisticated investigative and analytic procedures via a mouse-centric graphical interface. A user can click on an icon and the system automatically generates a “workflow ribbon.” The ribbon can be saved and reused or provided to another member of the investigative team. More information about this firm is available at www.datawalk.com .

Kenny Toth, July 2, 2019

Amazonia for July 1, 2019: The Firecracker Edition

Quite a flurry of partner, integrator, and consultant news in the last seven days. DarkCyber was unfamiliar with some of these outfits. If you take the known partner names, circle the wild and weird ones, one or two on your list will be generating significant sums as the Bezos bulldozer grinds forward. Not much speed, but the bulldozer has torque. Lots of torque.

Amazon Visual Search

Few people pay much attention to the number of people running queries on Google for products. In 2002, Google commanded about 90 percent of the search traffic as other Web search system collapsed. Numbers like the rock solid estimates in DarkCyber’s weekly Factualities write up are hard to obtain and validate. Chatter suggests that Amazon now dominates product search. That’s bad, bad news for the Google. The early “Froogle” fizzled. Amazon is now the search engine millions of people rely upon for basic product information. There are reviews, and many are bogus. But there are often numerous reviews and a careful reader can figure out what a product’s attributes are. Plus there are pictures. Yeah, about those pictures. Forbes, the capitalist tool and “real news” outfit published “Why Amazon’s Visual Search Could Eliminate Keywords For Online Retail.” The article suggests that the Google may be behind the curve in visual search. Perhaps the Google should buy Pinterest? DarkCyber learned:

Earlier this month, Amazon announced its sizable investment in visual search, which gives users the ability to search by picture. Through this new feature called “StyleSnap” on the Alexa app, users can replicate their favorite fashion simply by uploading a photo and letting artificial intelligence technology deliver the most relevant products to their search.

We noted this statement:

This news follows a trend that has been a long time in the making. And of course, Pinterest which rolled out its visual search feature back in 2015, has been capitalizing on this computer-vision technology for some time by attracting users and providing an excellent user experience.

The Google is tallying a number of high profile challenges. Forbes seems to have added visual search to the list. Google was the leader in search. Amazon may be poised to capture the traffic and the advertising dollars.

Amazon AW SAI

DarkCyber thinks this sequence of letters may be pronounced “aw, see.” The explanation of the enhanced smart software appears in “AWS Enhances Deep Learning AMI, AI Services SageMaker Ground Truth, and Rekognition.” These are important gears in the Amazon “policeware” machine. We noted this competitive statement in the write up:

The other major cloud players have services similar to Rekognition. Microsoft Azure’s Computer Vision service offers a comparable set of features. Like Rekognition, it is not available in every region. Google’s Vision API is available globally, but only works images, not on full video.

But neither Google nor Microsoft can match the addition of dozens of cyber security services. Maybe the Department of Defense will notice the absence of these functions from the Microsoft Azure offering?

Therefore, “aw see” Amazon is differentiating itself from some of its competition. That may be ground truth which only some procurement officers “Rekognize.”

AWS Management Tools for Corporate Customers

One of the hassles of the Amazon AWS system is that it is lacking in the management tools behavioral deportment category on an enterprise system report card. Not exactly an F, but a D, maybe a C minus. There are signals that AWS is trying to grow up—at least a little bit.

“Amazon Web Services Rolls Out Control Tower and Security Hub, Courting Big Business Customers” says:

Amazon Web Services on Monday night announced the general availability of AWS Control Tower and AWS Security Hub, aiming to make it easier for corporate customers to set up, secure and monitor cloud environments.

Instead of getting whacked with a telephone-style quota exceeded penalty, AWS will provide a tools so customers can plan. Maybe not long term, but at least avoid a threshold sticker shock. You can get additional details from the Amazon blog in a post written by a person with an absolutely marvelous name, Rodney Bozo.

AWS Security Services Push: Why?

If you want to know about Amazon’s security services, you can dive into “AWS Security Hub Aggregates Security Alerts and Conducts Continuous Compliance Checks.” A reasonable question is, “Why are numerous vendors using AWS to deliver difficult-to –differentiate cyber services?” It is not a US only push. We learned:

AWS Security Hub is available … in US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon), Canada (Central), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Paris), and South America (Sao Paulo), with additional regions coming soon.

This week’s partner run down features a number of security related announcements. That’s interesting, but the announcements must be viewed in the context of this story: “AWS S3 Server Leaks Data from Fortune 100 Companies: Ford, Netflix, TD Bank.”

What’s the story about Amazon AWS security? DarkCyber has a webinar which answers this question in part. For more information, write us at darkcyber333 at yandex dot com.

AWS Internet of Things Services

CloudTweaks published a pro-AWS write up about the bulldozer’s AWS solutions. We learned:

The most secure and best way to ensure all data is processed and stored is to redirect all device topics data to an SNS which is designed to handle data flood processing, ensuring that incoming-data is reliably maintained, processed and delivered to the proper channel. To make it more scalable, multiple SNS topics, SQS queue, Lambda for a different/group of AWS device topics can be used. One should consider storing the data in safe-storage like a Queue, Amazon Kinesis, Amazon S3, and Amazon Redshift before processing. This practice ensures no data loss due to message floods, un-wanted exception code or deployment issues.

Now you know why Amazon is working with educational institutions like George Mason University not too far from a three letter agency to teach the lingo of Amazon. Otherwise, much of the jargon is incomprehensible, which is great news for consultants, advisors, and mid tier consulting firms looking to make a buck.

Plus, there are some equally incomprehensible diagrams. Amazon has arrived in the big time it seems.

A Sampling of AWS Partner, Integrator, and Reseller Announcements

The DarkCyber team is unfamiliar with many of these firms. It seems obvious that the Amazon “bus” is picking up passengers as it follows behind the Bezos bulldozer. Quite a few of the ride alongs are wearing “cyber security” logos.

• Blue Hexagon unveils native deep learning-powered threat protection platform For Amazon Web Services. Source: Digital Journal
• Coupa Expands its service line up on Amazon. The idea appears to be designed to provide more control over the costs of Amazon services, a business which Amazon appears to find attractive. Source: Business Insider (sometimes free, sometimes paywalled. Go figure.)
• Fortinet has readjusted so that its WAF-as-a-Service is available via Amazon Web Services. Source: Yahoo
• Gigamon has announced the GigaVUE Cloud Suite with Amazon virtual private cloud traffic mirroring service. Source Finanzen
• JASK delivers enhanced cloud workload traffic security visibility with Amazon Web Services or ECWTSV. Very catchy. Source: Digital Journal
  Read more: http://www.digitaljournal.com/pr/4356408#ixzz5s5wJw75q
• McAfee (the security outfit, not the person avoiding certain government authorities) has announced a compliance service called MVision Cloud. This is available on AWS. Source: Register Herald
• Nubeva Prisms TLS (SSL) decrypt solution supports Amazon virtual private cloud traffic mirroring. Enterprises using Amazon Web Services can now acquire keys and decrypt mirrored traffic. Source: Globe News Wire
• NeuVector has announced a run-time container security service for AWS Cloud. The service integrates with apps on AWS EKS, AWS ECS and AWS App Mesh. Love those acronyms. So clear and easily differentiateable. Source: MarketWatch
• Rapid 7 Insight now integrates with the AWS Security Hub. Source: MarketWatch
• Rite Aid becomes a pick up partner. Order online. Go to a brick and mortar store to get the Amazon goodies. No drone needed. Source: GeekWire
• Riverbed brings cloud and enterprise network traffic analysis to AWS. Source: Digital Journal
  Read more: http://www.digitaljournal.com/pr/4356419#ixzz5s5y1xpGD
• Sumo Logic has launched a global threat benchmarking service for AWS. Source: Business Insider
• Vectra has introduced the first network threat detection and response solution in Amazon Web Services. Source: Finanzen
• VoiceFoundry – and I quote from the Business Insider “real news” story: “VoiceFoundry, an SDP-accredited Amazon Connect consulting partner and reseller and provider of enterprise cloud-based contact center solutions with a unique focus on customer engagement, today announced with Service Management Group (SMG), a global customer experience management firm, the release of VoiceFoundry Post-Call Survey powered by SMG AgentTrack for Amazon Connect.” The full write up can be found at this link.
• Wallarm states that it has achieved advanced technology partner status in Amazon Web Services. If you are not familiar with this firm, the company Wallarm focuses on automated protection of Web sites, micro services, and APIs running on public and private clouds. Source: Virtual Strategy

Stephen E Arnold, July 1, 2019

Euphemizing the Valley

The Guardian newspaper revealed the terms it associates with the wild, wonderful world of Silicon Valley. “How to Speak Silicon Valley: 53 Essential Tech-Bro Terms Explained” is “your guide to understanding an industry where capitalism is euphemized. I was hoping for a 21st century version of Ambrose Bierce’s The Devil’s Dictionary. No, and the Guardian is unlikely to cause Mr. Bierce to return from Chihuahua, Mexico, to enhance and sharpen the Guardian’s work.

Let’s look at an example of Mr. Bierce’s work:

“Lottery: A tax on people who are bad at math.”? Ambrose Bierce, The Unabridged Devil’s Dictionary

Now the Guardian’s 21st century approach:

Facebook (n) Your mom’s favorite social media platform.

As Mr. Bierce noted:

Pitiful: The state of an enemy or opponent after an imaginary encounter with oneself.? Ambrose Bierce, The Unabridged Devil’s Dictionary

Stephen E Arnold, July 1, 2019

Online Fraud in Asia

Data are often difficult to locate. Once located, verfication is a great deal of work. Nevertheless, you may find the “numbers” in “Examining Online Fraud in Southeast Asia (Infographic),” a useful reference point. Some data are in paragraphs like this one:

In 2018, the region’s internet economy hit US$72 billion in 2018 – double what it was in 2015. Southeast Asia is well on its way to exceed Google’s prediction of hitting US$200 billion by 2025, with ecommerce players such as Lazada, Shopee, and Tokopedia expanding their efforts in the region to meet the demands of consumers.

Others appear in graphics. Here a single item:

DarkCyber will comment on the methods used by fraudsters in an upcoming DarkCyber video.

Stephen E Arnold, July 1, 2019

« Previous Page

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Fogint
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month November 2024 October 2024 September 2024 August 2024 July 2024 June 2024 May 2024 April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • FOGINT: Security Tools Over Promise & Under Deliver
  • More Googley Human Resource Goodness
  • Point-and-Click Coding: An eGame Boom Booster
  • China Smart, US Dumb: LLMs Bad, MoEs Good
  • Management Brilliance Microsoft Suggests to Customers, “You Did It!”

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org