• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

Digital Shadows Announces Social Monitor

Deep fakes? They are here and Digital Shadows has a service for those who live in fear of digital manipulation.

Bad actors often pose as corporations’ executives and other key personnel on social media. Sometimes the goal is to damage the target’s reputation, but more often it is to enact a phishing scheme. Either way, companies must put a stop to these efforts as soon as possible. We learn there is a new tool for that from, “Digital Shadows Launches SocialMonitor—a Key Defense Against Executive Impersonation on Social Media” posted at PR Newswire. The press release tells us:

“All social media platforms will take down fake accounts once alerted but keeping on top of the constant creation of fake profiles is a challenge. SocialMonitor overcomes these challenges by adding targeted human collection to SearchLight’s existing broad automated coverage. Digital Shadows customers simply need to register key staff members within the SearchLight portal. Thereafter, users will receive ‘Impersonating Employee Profile’ alerts which will be pre-vetted by its analyst team. This ensures that organizations only receive relevant notifications of concern. Russell Bentley at Digital Shadows comments: ‘Fake profiles on social media are rife and frequently used to spread disinformation or redirect users to scams or malware. Social media providers have taken steps such as providing a verified profile checkmark and removing fake accounts. However, there is often too long a window of opportunity before action can be taken. SocialMonitor provides organizations with a proactive defense so that offending profiles can be taken down quickly, protecting their customers and corporate reputation.’”

Note this is yet another consumer-facing app from Digital Shadows, the firm that appears to be leading the Dark Web indexing field. Curious readers can click here to learn more about SocialMonitor. Digital Shadows offers a suite of products to protect its clients from assorted cyber threats. Based in San Francisco, the company was founded in 2011.

Cynthia Murrell October 19, 2021

DarkCyber for October 19, 2021: DDoS Takedown, More NSO Group PR, VPN Shift, and Autonomous Kills

DarkCyber reports about cyber security, online services, and smart software. You can view this program at this url.

This edition of the program includes four stories:

1. The US Department of Justice terminated 15 Internet domains involved in denial of service functions. These offered crime as a service and allowed customers to launch DDoS attacks with minimal technical expertise.
2. The NSO Group captured headlines again. The result of revelations in a British legal proceeding resulted in the Israeli specialized services firm firing one of its Middle Eastern clients.
3. Roll ups are popular among some financial experts. Aggregation means less competition and greater market reach. Consolidation is underway in the virtual private network sector. Will Kape Technology’s acquisition of Private Internet Access and Express VPN produce benefits for customers?
4. The final story explores the most innovative facet of Israel’s alleged autonomous termination of a nuclear scientist. The smart software is just part of the story.

DarkCyber is produced by Stephen E Arnold, publisher of Beyond Search.

Kenny Toth, October 19, 2021

Office 365: A Petri Dish for Malware?

Microsoft has a PR problem? Microsoft may have other issues as well, but “Infosec Expert Beaumont Slams Microsoft Over Hosting Malware for Years” seems like a semi-negative write up. Is the situation as dire as the article suggests? I don’t know, but it seems as if it is not what you would call:

1. A ringing endorsement for Microsoft security
2. An illustration of Microsoft’s approach to Office 365

The write up asserts:

An overwhelming majority of ransomware attacks only Windows, with an analysis by staff of the Google-owned VirusTotal database last Thursday showing that 95% of 80 million samples analysed — all the way back to January 2020 — were aimed at Windows.

How has Microsoft responded? The write up quotes infosec expert Beaumont as saying:

Before the train of MS employees arrive saying ‘just report it’, try getting them and future ones taken down yourselves. I did. It was a disaster.

The write up, which is a mish mash of quotes and tweets, contains a number of interesting allegedly true factoids.

True? Maybe. Not-so-great PR for the company that follows China’s content guidelines? Sure seems like it.

Stephen E Arnold, October 18, 2021

Human Editors and Subject Matter Experts? Dinosaurs but Just from a Previous Era

I read “Bugs in our Pockets: The Risks of Client-Side Scanning.” The embargo is amusing, and it underscores the issues related to confidential information and the notion of information wants to be free. Amusing, maybe not?

The write up looks a bit like a paper destined for a pay-to-play publisher or an outfit which cultivates a cabal-like approach to publishing. (Hello, ACM?) The paper includes 13 authors, and I suppose the idea is to convey consensus or a lead author who wishes to keep his or her head below the concrete bunker in order to avoid direct hits from those who don’t agree with the write up.

I neither agree nor disagree. I interpreted the write up as:

• A clever bit of SEO, particularly the embargo and the availability of the paper to certain saucy online information services
• A way to present some entities, although with the titles and email contacts favored by some link hunters
• A technical bit of push back for assorted government mumbling about privacy, security, and another assault on personal freedoms.

Yep, the sky is falling.

Please, read the paper. One business executive allegedly said, “There is no return to normal. Today’s environment is the new normal.”

Is it possible this paper triggers Apple TV or YouTube to cue 1973 hit “The Way We Were”?

Stephen E Arnold, October 15, 2021

Data Confidence: The Check Is in the Mail

Why are we not surprised? SeattlePI reports, “Americans Have Little Trust in Online Security: AP-NORC Poll.” Writer Matt O’Brien reveals:

“The poll by The Associated Press-NORC Center for Public Affairs Research and MeriTalk shows that 64% of Americans say their social media activity is not very or not at all secure. About as many have the same security doubts about online information revealing their physical location. Half of Americans believe their private text conversations lack security. And they’re not just concerned. They want something done about it. Nearly three-quarters of Americans say they support establishing national standards for how companies can collect, process and share personal data.”

Few have any hope such standards will be enacted by federal officials, however. Even after years filled with private sector hacks and scandals, we’re told 56% of respondents would trust corporations to safeguard their data before they would the government. The write-up continues:

“About 71% of Americans believe that individuals’ data privacy should be treated as a national security issue, with a similar level of support among Democrats and Republicans. But only 23% are very or somewhat satisfied in the federal government’s current efforts to protect Americans’ privacy and secure their personal data online. ‘This is not a partisan issue,’ said Colorado state Rep. Terri Carver, a Republican who co-sponsored a consumer data privacy bill signed into law by Democratic Gov. Jared Polis in July. It takes effect in 2023.”

The bill would give users in Colorado the right to access and delete personal information online, echoing similar legislation in Virginia and California. Predictably, Facebook and other tech companies opposed the bill.

Cynthia Murrell, October 15, 2021

Another Reason for Windows 11?

The team at Beyond Search talked yesterday about Windows 11. One individual installed the system on one of our test-only machines and reported, “Not too exciting.” Another dismissed the Windows 11 as a distraction from the still-lingering SolarWinds and Exchange Server security face plants. I took a look and said, “Run some tests to see what it does to the performance of our AMD 5950X machines.”

Then I turned my attention to more interesting things. This morning my trusty Overflight system spit out this headline: “Microsoft: Here’s Why We Shrunk Windows 11 Update Sizes by 40%.” I noted this statement in the article:

…It was necessary to reduce the size of them, which in the past have been almost 5 GB in size.   In a word, it’s about bandwidth, which millions of households in the US have a shortage of due to poor broadband in remote areas.

Maybe cost is a factor?

My hunch is that Microsoft has many employees who have opinions about the shift from the last Windows to a last-plus-n Windows.

Several observations from our underground computer lab in rural Kentucky:

1. Updates create problems for Microsoft; for example, security issues lurk and actors world wide are enthusiastic about exploring “new” code from Microsoft. Vulnerabilities R’Us it seems.
2. Implementing procedures which produce stable code are more expensive than figuring out how to reduce code bloat in updates. Therefore, the pitch touted in the write up cited above.
3. Microsoft has shifted from 10,000 sail boats going in the same general direction to 20,000 motor boats going someplace. Evidence? The changing explanation for the existence of Windows 11.

Net net: Big and changing operating system may add vulnerabilities, not just rounded corners and a distraction from deeper issues.

Stephen E Arnold, October 13, 2021

AI: The Answer to Cyberthreats Existing Systems Cannot Perceive?

This article from The Next Web gives us reason to hope: “Computer Vision Can Help Spot Cyber Threats with Startling Accuracy.” Researchers at the University of Portsmouth and the University of Peloponnese have combined machine learning with binary visualization to identify malware and phishing websites. Both processes involve patterns of color.

Traditional methods of detecting malware involve searching files for known malicious signatures or looking for suspicious behavior during runtime, both of which have their flaws. More recently, several machine learning techniques have been tried but have run into their own problems. Writer Ben Dickson describes these researchers’ approach:

“Binary visualization can redefine malware detection by turning it into a computer vision problem. In this methodology, files are run through algorithms that transform binary and ASCII values to color codes. … When benign and malicious files were visualized using this method, new patterns emerge that separate malicious and safe files. These differences would have gone unnoticed using classic malware detection methods. According to the paper, ‘Malicious files have a tendency for often including ASCII characters of various categories, presenting a colorful image, while benign files have a cleaner picture and distribution of values.’”

See the article for an illustration of this striking difference. The team trained their neural network to recognize these disparities. It became especially good at spotting malware in .doc and .pdf files, both of which are preferred vectors for ransomware attacks.

A phishing attack succeeds when a user is tricked into visiting a malicious website that poses as a legitimate service. Companies have used website blacklists and whitelists to combat the problem. However, blacklists can only be updated once someone has fallen victim to a particular site and whitelists restrict productivity and are time-consuming to maintain. Then there is heuristics, an approach that is more accurate than blacklists but still misses many malicious sites. Here is how the binary visualization – machine learning approach may save the day:

“The technique uses binary visualization libraries to transform website markup and source code into color values. As is the case with benign and malign application files, when visualizing websites, unique patterns emerge that separate safe and malicious websites. The researchers write, ‘The legitimate site has a more detailed RGB value because it would be constructed from additional characters sourced from licenses, hyperlinks, and detailed data entry forms. Whereas the phishing counterpart would generally contain a single or no CSS reference, multiple images rather than forms and a single login form with no security scripts. This would create a smaller data input string when scraped.’”

Again, the write-up shares an illustration of this difference—it would make for a lovely piece of abstract art. The researchers were able to train their neural network to identify phishing websites with an impressive 94% accuracy. Navigate to the article for more details on their methods. The papers’ co-author Stavros Shiaeles says the team is getting its technique ready for real-world applications as well as adapting it to detect malware traffic on the growing Internet of Things.

Cynthia Murrell, October 12, 2021

Is That an Iceberg or Dark Matter, Captain?

The spyware downloaded on your computer appears innocuous compared to what Gizmodo article: “The Ex-NSA Operative Cyber-Mercenary Scandal Shows The Spyware Industry Is Totally Out Of Control” discusses. Three ex-US intelligence operatives were almost charged with crimes related to work when they were employed by DarkMatter. DarkMatter is a cybersecurity company located in the United Arab Emirates.

The ex-operatives worked on Project Raven that helped the UAE government spy on its critics. They hacked computers around the world, including the United States. The ex-operatives avoided jail time thanks to a loophole that allows them to pay a $1.6 million fine. One of the accused, Daniel Gericke, is now employed by ExpressVPN, a prominent cyber security company.

ExpressVPN defended hiring Gericke and said they were aware of his actions on Project Raven. What is even more alarming is that surveillance experts are living double lives. The legally sell their services to reputable organizations as well as bad actors. It is like a weapons manufacturer who instigates war to augment their fortune.

There are organizations that are calling for an end to the double dipping in surveillance sales:

“However, privacy advocates have suggested that simply banning the occasional company from operation or the occasional prosecution is not going to be enough. Amnesty International, which helped expose NSO abuses, has called for a global moratorium on the sale of spyware products until a “human rights-compliant regulatory framework” can be developed and implemented. Other activists have similarly suggested that all sales should be halted until governments can “investigate and regulate this industry”—the likes of which is poorly understood by lawmakers and everyday people alike.”

Unfortunately the surveillance bad actors probably will not be reined in until a tragedy happens.

Whitney Grace, October 11, 2021

Insight into Hacking Targets: Headhunters Make Slip Ups but the Often Ignore Them

I read “Former NSA Hacker Describes Being Recruited for UAE Spy Program.”

Here’s the passage I noted:

There were no red flags because I was so naive. But… there’s a ton of red flags [in retrospect]…. [For example] when you’re in the interview process and you’re talking about defending [the UAE] and … doing tracking of terrorist activity,… but then you’re [being asked] very specific questions about integrated enterprise Windows environments and [how you might hack them]. Guess who doesn’t have those type of networks? Terrorist organizations. So why [is the recruiter] asking these kinds of questions…?

Several observations:

• Perhaps a training program for those exiting certain government work assignments would be helpful? It could be called “Don’t Be Naïve.”
• Gee, what a surprise: Specific questions about hacking integrated enterprise Windows environments. Perhaps Microsoft should think about this statement from the article and adjust its security so that headhunters ask about MacOS, Linux, or Android?
• Does the government’s monitoring of certain former employees need a quick review?

Stephen E Arnold, October 7, 2021

The Darknet: a Dangerous Place

Criminal activity on the Darknet is growing and evolving. One person who has taken it on themselves to study the shadow realm shares some of their experiences and observations with reporter Vilius Petkauskas in, “Darknet Researcher: They Said They’ll Come and Kill Me—Interview” at CyberNews. The anonymous interviewee, who works with research firm DarkOwl, describes a threat to their life, one serious enough to prompt them to physically move their family to a new home. They state:

“There was one specific criminal actor I was going after, trying to figure out where they were operating, who they were involved with, what groups they were affiliated with. I became a target. They turned on me and said, we will find whoever wrote this and come kill them. We will destroy them.”

Yes, poking around the Darknet can be dangerous business. What sorts of insights has our brave explorer found? Recently, there has been a substantial uptick in ransomware, and for good reason. The researcher explains:

“Look at ransomware as a service (RaaS). First and second-generation ransomware lockers were developed by incredibly smart malware developers, cryptologists, and encryption specialists. Those who designed and employed such software were some of the most sophisticated malware developers or ‘elite’ hackers around if you want to label them that. But with the RaaS affiliate model, they’re giving others the chance to ‘rent’ ransomware for as little as a few hundred bucks a year, depending on which strain they’re using. Anyone interested in getting into the business of ransomware can enter the market without necessarily having any prior or expert knowledge of how to conduct an enterprise-level attack against a network. Some of the gangs, like Lockbit 2.0 are nearly entirely automated, and their affiliates don’t need to have the slightest clue what they’re doing. You just push, plug, and play. Identify the victim, drop it onto the network, and the rest is taken care of.”

How convenient. Getting into the target’s network, though, is another matter. For that criminals turn to

initial access brokers (IABs), also located on the Darknet, who help breach networks through vulnerabilities, leaked credentials, and other weaknesses. See the write-up for more of the researchers hard-won observations. They close with this warning—there is more going on here than opportunists looking to make a buck. Espionage and cyber terrorism are also likely involved, they say. We cannot say we are surprised.

Cynthia Murrell, October 6, 2021

« Previous Page — Next Page »

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Fogint
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month January 2025 December 2024 November 2024 October 2024 September 2024 August 2024 July 2024 June 2024 May 2024 April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • Oh, Oh! Silicon Valley Hype Minimizes Risk. Who Knew?
  • The Brain Rot Thing: The 78 Wax Record Is Stuck Again
  • Social Media Change: Stop the Decay! Ouch! Stop!
  • Meta and Zuck Make Free Speech News
  • GitHub Identifies a Sooty Pot and Does Not Offer a Fix

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org