• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

 Subscribe

DarkCyber for February 9, 2021, Now Available

DarkCyber is a twice-a-month video news program about the Dark Web, cyber crime, and lesser known online services. The program is produced by Stephen E Arnold. You can view the program on the Beyond Search blog or on YouTube at this link.

This week’s program features a discussion of Microsoft’s explanation of the SolarWinds’ misstep. The online explanation is a combination of forensic information with an old-fashioned, almost Balmer-esque marketing pitch. Plus, DarkCyber responds to a viewer who wanted more information about locating bad actor hackers promoting their criminal capabilities on the Dark Web. The program highlights two Dark Web services and provides information to two online resources which offer additional information. Three other stories round out the February 9, 2021, program. Allegedly some of the software stolen in the SolarWinds’ misstep (a data breach which compromised more than 18,000 companies and government organizations) is available for sale. Information about the cost of the software and how to buy are provided. Next you learn about the app tracking technology which is creating friction between Apple and Facebook. Who benefits from tracking users’ actions hundreds of times each day? DarkCyber answers this question. The final story is another signature drone news item. If you think that one drone poses a challenge, consider the difficulty of dealing with thousands of miniature weaponized drones converging on a unit or disrupting warfighting tactics under live fire.

Kenny Toth, February 9, 2021

Google Speaks But Is MIT Technology Review Delivering Useful Information or Just PR?

I read “Google Says It’s Too Easy for Hackers to Find New Security Flaws.” I assume that the Google is thrilled that its systems and methods were not directly implicated in the SolarWinds’ misstep and possibly VMWare’s and Microsoft’s. But I don’t know because the information is dribbling out at irregular intervals and in my opinion has either been scrubbed or converted to euphemism. A good example is the Reuters’ report “Exclusive: Suspected Chinese Hackers Used SolarWinds Bug to Spy on US Payroll Agency — Sources.”

The esteemed institution supported by Jeffrey Epstein and housing a expert who allegedly had ties to an American adversary’s officials reports:

Attackers are exploiting the same types of software vulnerabilities over and over again, because companies often miss the forest for the trees.

What makes this story different is that the Google is now agreeing that today’s software is easy to compromise. The write up quotes an expert who offers:

Over its six-year lifespan, Google’s team has publicly tracked over 150 major zero-day bugs, and in 2020 Stone’s team documented 24 zero-days that were being exploited—a quarter of which were extremely similar to previously disclosed vulnerabilities. Three were incompletely patched, which meant that it took just a few tweaks to the hacker’s code for the attack to continue working. Many such attacks, she says, involve basic mistakes and “low hanging fruit.”

This is news? I think it is more self congratulatory just like the late January 2021 explanation of the SolarWinds’ misstep which I discuss in the February 9, 2021 DarkCyber video program. You can view the video on this blog.

Stephen E Arnold, February 4, 2021

Come On, Man: Hackers Seeking Legal Immunity

The hacking industry is thriving and there are companies labeled private sector offensive actors (PSOAs) selling cyberweapons enabling their customers to become hackers. PSOAs are nasty bad actor groups and they are trying to gain legal immunity to avoid criminal charges. Microsoft has more details in the story, “Cyber Mercenaries Don’t Deserve Immunity.”

One of these PSOAs trying to gain legal immunity is the NSO Group. The NSO Group sells cyberweapons to governments and the company argues its afforded the same legal immunity as its customers. Microsoft President Brad Smith stated the NSO Group’s business model is dangerous. It would allow other PSOAs to skirt laws and avoid any repercussions from their cyberweapons.

The biggest worry is that PSOAs’ technology could fall into the wrong hands and be used for nefarious deeds. Another worry is that if the NSO Group is granted sovereign immunity their actions will be profit driven rather than for the common good:

“Second, private-sector companies creating these weapons are not subject to the same constraints as governments. Many governments with offensive cyber capabilities are subject to international laws, diplomatic consequences and the need to protect their own citizens and economic interests from the indiscriminate use of these weapons. Additionally, some governments – like the United States – may share high-consequence vulnerabilities they discover with impacted technology providers so the providers can patch the vulnerability and protect their customers. Private actors like the NSO Group are only incented to keep these vulnerabilities to themselves so they can profit from them, and the exploits they create are constantly recycled by governments and cybercriminals once they get into the wild.”

Human rights are another concern, because governments run by bad actors can use the cyberweapons to harm their citizens. Anyone who fights for human rights could be tracked and have their information stolen. This could ultimately lead to their deaths.

The NSO Group and PSOAs must be held to the same standards as other private companies. If their products are used by bad actors with the PSOAs’ knowledge they must be held liable.

Whitney Grace, February 3, 2021

DarkCyber for January 12, 2021, Now Available

DarkCyber is a twice-a-month video news program about online, the Dark Web, and cyber crime. You can view the video on Beyond Search or at this YouTube link.

The program for January 12, 2021, includes a featured interview with Mark Massop, DataWalk’s vice president. DataWalk develops investigative software which leapfrogs such solutions as IBM’s i2 Analyst Notebook and Palantir Gotham. In the interview, Mr. Massop explains how DataWalk delivers analytic reports with two or three mouse clicks, federates or brings together information from multiple sources, and slashes training time from months to several days.

Other stories include DarkCyber’s report about the trickles of information about the SolarWinds’ “misstep.” US Federal agencies, large companies, and a wide range of other entities were compromised. DarkCyber points out that Microsoft’s revelation that bad actors were able to view the company’s source code underscores the ineffectiveness of existing cyber security solutions.

DarkCyber highlights remarkable advances in smart software’s ability to create highly accurate images from poor imagery. The focus of DarkCyber’s report is not on what AI can do to create faked images. DarkCyber provides information about how and where to determine if a fake image is indeed “real.”

The final story makes clear that flying drones can be an expensive hobby. One audacious drone pilot flew in restricted air zones in Philadelphia and posted the exploits on a social media platform. And the cost of this illegal activity. Not too much. Just $182,000. The good news is that the individual appears to have avoided one of the comfortable prisons available to authorities.

One quick point: DarkCyber accepts zero advertising and no sponsored content. Some have tried, but begging for dollars and getting involved in the questionable business of sponsored content is not for the DarkCyber team.

Finally, this program begins our third series of shows. We have removed DarkCyber from Vimeo because that company insisted that DarkCyber was a commercial enterprise. Stephen E Arnold retired in 2017, and he is now 77 years old and not too keen to rejoin the GenX and Millennials in endless Zoom meetings and what he calls “blatant MBA craziness.” (At least that’s what he told me.)

Kenny Toth, January 12, 2021

A Tiny Clue about the Entity Interested In the SolarWinds Misstep

I read “Putin’s Disinformation Campaign claims Stunning Victory with Capital Hill Coup.” The write up points out that a study by the Berkman Klein Center for Internet & Society describes a broad campaign against the United States. The article references a Rand study which offers additional color.

However, my interpretation of the write up is that Russia may be just one facet of the “truth decay” approach. Disinformation is complemented by penetration of US networks and systems. Even if no data were exfiltrated, undermining confidence is cyber security methods is another chess move by Russia.

The buzzword is widening the fissures. Serious weakness, exploitable weakness.

Stephen E Arnold, January 11, 2021

SolarWinds Are Gusting and Blowing Hard

Many pundits have reacted to the New York Times’ story “As Understanding of Russian Hacking Grows, So Does Alarm.” Work through those analyses. What’s missing? Quite a lot, but in this short blog post I want to address one issue that has mostly ignored.

At one time, there was a list on the SolarWinds’ Web site of the outfits which had been compromised. That list disappeared. I posted “Sun Spotting in the Solar Wind” on December 23, 2020. In that post, I reported three outfits which had been allegedly compromised by the SolarWinds’ misstep (and some of the information I used as a source remains online):

City of Barrie (Canada)

Newton Public Schools (US)

Regina Public Schools (Canada).

The question is, “Why are outfits like a municipality known as part of the Greater Golden Horseshoe, Newton’s public schools, and the Regina public schools? (I’ve been to Regina in the winter. Unforgettable is it.)

My research team and I discussed the alleged exploits taking up residence in these organizations; that is, allegedly, of course, of course.

Here’s what my team offered:

• A launch pad for secondary attacks. The idea is that the original compromise was like a rat carrying fleas infected with the bubonic plague (arguably more problematic than the Rona)
• A mechanism for placing malicious code on the computing devices of administrators, instructors, and students. As these individuals thumb typed away, these high trust individuals were infecting others in their social circle. If the infections were activated, downloads of tertiary malware could take place.
• Institutions like these would connect to other networks. Malware could be placed in server nodes serving other institutions; for example, big outfits like Rogers Communications, a government ministry or two, and possibly the cloud customers of the beloved Rogers as well as BCE (Bell Canada’s parent) and Telus.

The odd ducks in the list of compromised organization, just might not be so odd after all.

That’s the problem, isn’t it? No one knows exactly when the misstep took place, what primary and downstream actions were triggered, and where subsequent rats with fleas infected with bubonic plague have go to.

Net net: It’s great to read so many words about a misstep and not have signals that the issue is understood, not even by the Gray Lady herself.

Stephen E Arnold, January 6, 2020

 

Telecom Security: An Oxymoron?

Two ideas: First, an unanticipated suggestion for bad actors and a reminder that the telco pros at AT&T are more like the New York Jets than the A team at the old AT&T IBM facility in Piscataway.

I read “Nashville Bombing Froze Wireless Communications, Exposed Achilles’ Heel’ in Regional Network.” USA Today is not my go to source for high technology information. One of my research team was a technology columnist, and I recall his comments about those who reviewed his write ups. Those mentioned at lunch were different from the topics my team and I discussed. Remember those Dummy books from some rolling-in-dough dead tree publisher. My recollection is that the technology write ups were simpler, edited by the estimable Gannett to TV Digest readability. It seems that USA Today pushed its content barriers with this USA Today write up about the Nashville incident included some information of use to bad actors. Here are a couple of examples:

• An injury to one’s Achilles’ heel means crippling. To a pro football player like AT&T, that’s not good.
• Single-point-of-failure. For a professional telecom like AT&T, this means zero effective redundancy, fail over, or smart route arounds. (Was the pre Judge Green AT&T built this way?)
• Three feet of water pooled where the back up generators lived. Water and generators, water and batteries – quite a one-two combo like an ailing quarterback and an ineffective but expensive offensive line.

Okay, enough already.

What do these factoids say to a person struggling for an idea to impair a major US telco? Maybe six RVs at regional centers conveniently located near fiber rich interstates? What about pulling a Quinn in front of Nashville-type facilities simultaneously with a half dozen cheap RVs?

Sound like a working idea?

The USA Today makes the idea more appealing with the statement from an AT&T professional:

Our systems are not redundant enough.

No kidding. Is it necessary, dear Gannett, to provide a roadmap for bad actors? Let’s hope the write ups in USA Today are not crafted with an eye toward readers who are looking for info between the lines. That takes more thought than making something simple.

And for the pros at the AT&T practice field, why not up your game. Less direct marketing of a failing TV venture and more of the old fashioned Ma Bell?

Stephen E Arnold, January 4, 2020

Microsoft: Information Released Like a Gentle Solar Wind

I read the New Year’s Eve missive from Microsoft, a company which tries to be “transparent, “Microsoft Internal Solorigate Investigation Update.” I am not sure, but I think the Microsoft Word spell checker does not know that SolarWinds is not spelled Solarigate. Maybe Microsoft is writing about some other security breach or prefers a neologism to end the fine year 2020?

Here’s a passage I found interesting:

Our investigation has, however, revealed attempted activities beyond just the presence of malicious SolarWinds code in our environment. This activity has not put at risk the security of our services or any customer data, but we want to be transparent and share what we’re learning as we combat what we believe is a very sophisticated nation-state actor. We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories. The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made. These accounts were investigated and remediated. [Bold added to highlight intriguing statements]

To me, an old person who lives in rural Kentucky, it sure sounds as if Microsoft is downplaying:

• Malicious code within Microsoft’s systems
• The code performed “unusual activity” whatever this actually means I don’t know
• The malicious code made it to MSFT source code repositories
• Whatever happened has allegedly been fixed up.

What’s that unknown unknowns idea? Microsoft may be writing as if there are no unknown unknowns related to the SolarWinds misstep.

If you want more timely Solarigate misstep info, here’s what Microsoft suggests as a New Year’s Eve diversion:

For the up-to-date information and guidance, please visit our resource center at https://aka.ms/solorigate.

Stephen E Arnold, December 31, 2020

DarkCyber for December 29, 2020, Is Now Available

DarkCyber for December 29, 2020, is now available on YouTube at this link or on the Beyond Search blog at this link. This week’s program includes seven stories. These are:

A Chinese consulting firm publishes a report about the low profile companies indexing the Dark Web. The report is about 114 pages long and does not include Chinese companies engaged in this business.

A Dark Web site easily accessible with a standard Internet browser promises something that DarkCyber finds difficult to believe. The Web site contains what are called “always” links to Dark Web sites; that is, those with Dot Onion addresses.

Some pundits have criticized the FBI and Interpol for their alleged failure to take down Jokerstash. This Dark Web site sells access to “live” credit cards and other financial data. Among those suggesting that the two law enforcement organizations are falling short of the mark are four cyber security firms. DarkCyber explains one reason for this alleged failure.

NSO Group, a specialized services company, has been identified as the company providing technology to “operators” surveilling dozens of Al Jazeera journalists. DarkCyber points out that a commercial firm is not in a position to approve or disapprove the use of its technology by the countries which license the Pegasus platform.

Facebook has escalated its dispute with Apple regarding tracking. Now the social media company has alleged that contractors to the French military are using Facebook in Africa via false accounts. What’s interesting is that Russia is allegedly engaged in a disinformation campaign in Africa as well.

The drone news this week contaisn two DJI items. DJI is one of the world’s largest vendors of consumer and commercial drones. The US government has told DJI that it may no longer sell its drones in the US. DJI products remain available in the US. DJI drones have been equipped with flame throwers to destroy wasp nests. The flame throwing drones appear formidable.

DarkCyber is a twice a month video news program reporting on the Dark Web, lesser known Internet services, and cyber crime. The program is produced by Stephen E Arnold and does not accept advertising or sponsorships.

Kenny Toth, December 29, 2020

Shopify: Going with the Flow

I read “Thousands of Fraudsters Are Selling via Shopify, Analysis Finds.” I know Shopify has been a must mention platform by one of the New Age broadcast stars, or I think it is podcast stars now. Other than that hype hose, I know zero about the company. In the write up, I spotted an interesting factoid. If the datum is accurate, I have learned a great deal about the governance of the firm and its ethical compass. Herewith is the allegedly accurate factoid:

According to the ecommerce authentication service FakeSpot, which analyzed more than 120,000 Shopify sites, as many as 21 per cent posed a risk to shoppers.

Yowza.

Stephen E Arnold, December 22, 2020

« Previous Page — Next Page »

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Fogint
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month March 2025 February 2025 January 2025 December 2024 November 2024 October 2024 September 2024 August 2024 July 2024 June 2024 May 2024 April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • AI Generated Code Adds To Technical Debt
  • Patents, AI, and Lawyers: Litigators, Start Your Engines
  • Another New Search System with AI Too
  • Encryption: Not the UK Way but Apple Is A-Okay
  • Attention, New MBAs in Finance: AI-gony Arrives

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org