DarkCyber for July 17, 2018, Now Available

July 17, 2018

DarkCyber for July 17, 2018, is now available. You may view the nine minute news program about the Dark Web and lesser known Internet services at www.arnoldit.com/wordpress or Vimeo at this link. This week’s program covers:

This week’s program covers four stories.
The first story reviews the enhanced capabilities of Webhose.io’s Dark Web and Surface Web monitoring service. Tor Version 3 is supported. The content collection system can now access content on Dark Web and i2p services. Plus, Webhose’s system now scans compressed attachments and can access obfuscated sites with Captcha and user name and password requirements.

The second story reports that NSO, an Israeli intelligence services firm, suffered an insider breach. NSO’s Pegasus platform can extract email, text messages, SIM card and cell network information, GPS location data, keychain passwords, including Wi-Fi and router, and voice and image data. The NSO Pegasus system was advertised on the Dark Web. The insider was identified and arrested.

The third story takes a look at Dark Web money laundering services. Mixers, tumblers, and flip concepts are explained. These services are becoming more popular and are coming under closer scrutiny by law enforcement.

The fourth story explains Diffeo’s approach to next generation information access. Diffeo was one of the technology vendors for the Defense Advanced Research Projects Agency’s Memex Dark Web indexing program. The commercial version of Diffeo’s analytic tool is in use at major financial institutions and the US Department of Defense.


Kenny Toth, July 17, 2018

DarkCyber for July 10, 2018, Now Available

July 10, 2018

The DarkCyber video news program for July 10, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/278891411.

This week’s program includes four stories.

The first story reports that Brave has introduced Tor tabs. The security-centric browser makes obfuscated Internet access easier to implement. The system is activated with a mouse click. Users do not have to download, install, and configure the Tor software bundle. DarkCyber reveals how to get a beta copy of this Tor-equipped browser.

Second, facial recognition systems captured some space in the news cycle. The Annapolis police were able to identify the Capital Gazette shooter using a commercial facial recognition system. The accuracy of these systems is not usually discussed. DarkCyber reveals the accuracy achieved by systems from Chinese, Russian, and US vendors.

Stephen E Arnold, author of Dark Web Notebook, said: “Facial recognition systems generate false positives. This means that unless the system generates a high probability match, human investigators and analysts have to examine the matched images. With accuracy rates for the best systems achieving 70 percent, facial recognition is a work in progress.”

The third story explains how a person with python and network expertise can configure MalTrail to identify malicious network traffic. The open source solution makes it possible to avoid the costs and contractual work associated with commercial malicious traffic analysis systems. DarkCyber points out the important differences between commercial software and the open source equivalent.

The fourth story points to a free report from the security organization InfoSec. The document includes useful information about weaknesses identified in Tor botnets and sources of malicious software. DarkCyber provides the download information for this free report and recommends that those interested in malware obtain a copy.

Next week’s program features a report about the NSO Pegasus source code slip up and a new introduction to the video program.

Kenny Toth, July 10, 2018

DarkCyber for July 3, 2018, Now Available

July 3, 2018

DarkCyber for July 3, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/277849110 .

Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.

This week’s program covers four stories.

The first story reports that French authorities conducted multi-city simultaneous raids to take down Dark Hand. The Dark Web contraband site was operated by a housewife. Authorities seized digital currency and user and customer data.

Second, the Federal Bureau of Investigation has published the results of a study of active shooters. The report is available without charge and provides details about the demographics of active shooters. One set of data provides a snapshot of where active shooters obtain their weapons. One of the surprising findings revealed in the report is that most active shooters are over the age of 35.

The third story explains how an individual can use the open source SpiderFoot software to scour the regular and Dark Web for personal information. Instead of paying for a commercial service, the SpiderFoot system can be used effectively by an individual with some programming skills.

The fourth story reveals that Iran’s blocking of Telegram, a popular encrypted messaging application, had unexpected consequences. Despite the disruption of some Iranian government processes, censorship of the Internet is gaining momentum in Iran and other countries.

Kenny Toth, July 3, 2018

Dark Web News Reviews DarkCyber Video News about the Dark Web

July 2, 2018

The DarkCyber research team was surprised and honored with Dark Web News’s review of our weekly video news program. “DarkCyber: Weekly Video Series Explores the Dark Web in Depth” describes the weekly videos as a “well timed show.”

The core research team, working with Stephen E Arnold, consists of Cynthia Murrell, Patrick Roland, Whitney Grace, and Stuart Schram IV. On an on going basing, this team uses its “Overflight” system and other research tools to identify news about events, tools, and procedures which are related to the Dark Web, i2p, and related services such as encrypted chat, deanonymization of digital currency transactions, and intelligence-centric procedures, software, systems, and hardware.

The Dark Web News review stated:

A show such as Arnold’s DarkCyber has been long overdue.

That’s an important point.

Stephen E Arnold, the producer of the show, told Stuart Schram in an interview about the program review:

Dark Web News provides high value information to its readers. I wanted to provide a weekly video news program. Coverage of stories like the OxyMonster arrest, the Dark Web drug dealer housewife, tools like OSINT Framework, and the investigative procedures used in the Hansa case are not gathered in one place and explained in our eight to 10 minute program format. Our goal is to provide education plus useful information to those curious about the Dark Web and related services.

Funding for the program comes from Arnold Information Technology, and the program features no commercial advertising or paid endorsements. Note that DarkCyber sometimes includes information about Mr. Arnold’s books and lectures. As a result, the selection of what to cover is only influenced by the research team and by Mr. Arnold, not advertisers who pay to play in the DarkCyber information sandbox.

If you are not familiar with Dark Web News, we strongly recommend that you visit the online information services. You can find the story about DarkCyber plus a wealth of other cyber information at https://www.darkwebnews.com.

Also, you can locate the weekly program at the Beyond Search blog at www.arnoldit.com/wordpress and on Vimeo. You can also locate programs by searching Google, Google Video, YouTube, or Vimeo for “Arnold DarkCyber.”

Kenny Toth, July 2, 2018

DarkCyber for June 26, 2018 Now Available

June 26, 2018

This week’s DarkCyber is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/?276722659? .

DarkCyber’s story line up for this week’s program includes four stories.

First, the FBI and other US enforcement agencies shut down a child pornography ring. After a three month sweep, officials from 61 different law enforcement organizations identified 195 offenders, primarily in the United States.

Second, investigators arrested OxyMonster (aka Gal Vallerius). The bearded drug kingpin inadvertently leaked information about his identify via a mismanaged Bitcoin wallet. When arrested at the Atlanta airport, Mr. Vallerius sported a bright red orange beard. He also had documents revealing that he was a citizen of France, Israel, and the United Kingdom.

The third story provides information about Warwire’s image identification and analysis software. An investigator can automatically review, identify, classify, and metatag images from popular sites such as Facebook and Twitter. Data can be displayed on a map so that images related to a particular event or incident can be reviewed in a fraction of the time required for manual review of visual imagery.

The fourth story provides updated cybercrime statistics. Among the data presented in this week’s DarkCyber program is a revised estimate of the dollar value of illegal drugs, services, and transactions. Arnold also provides information about the growing financial impact of ransomware and compromised personal financial information.

Kenny Toth, June 26, 2018

DarkCyber for June 19, 2018 Now Available

June 19, 2018

DarkCyber for June 19, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/275466464

Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s program covers five cybercrime related stories.

The first story profiles Hunch.ly a low cost open source intelligence investigative tool. The system allows an investigator to keep track of sites visited, capture complete Surface Web and Dark Web page, and generate an audit trail. The Hunch.ly system costs less than $130 per year per user.

The second story reviews two Romanian universities accused of harboring a Dark Web drug cartel. More than 600 officers arrested more than 60 individuals. Many of these university students were studying law and medicine.

The third story reveals that Europol has created a dedicated team within in its cyber crime center. A dedicated team will allow investigators to focus on Dark Web crime and not be pulled from a Dark Web investigation to work on an unrelated matter. The dedicated team will work in a cross border environment so that police actions can be more effectively coordinated.

The fourth story explains that Cyberlitica has introduced a new Dark Web scanning service. The DarkCyber report points out that password reuse is common and creates significant security vulnerabilities.

The final story reveals that a 2013 analysis of the Stuxnet virus is again available without charge. The report provides specific operational details of the Stuxnet exploit designed to interrupt nuclear fuel enrichment.

DarkCyber is one of a very small number of weekly video news programs focusing on policeware, the Dark Web, and related topics.

Kenny Toth, July 19, 2018

DarkCyber, June 12, 2018, Now Available

June 12, 2018

DarkCyber for June 12, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/274326974 .

Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.

The first story focuses on torrents. ThePirateBay has long been associated with making it easy to access copyrighted content. With ThePirateBay offline, those in search of free copyrighted content have created a proxy list. The idea is that a bad actor can located copyrighted materials and sidestep paying for access. Although these torrent finder sites come and go, a list is easily available for anyone looking for what ThePirateBay made findable.

Next, Stephen reports that the Dutch police, in cooperation with other nation’s law enforcement agencies, have shuttered MaxiDed. The site, allegedly operated by citizens of Moldova, provided hosting and online services. MaxiDed allowed individuals and organizations wanting to distribute malware, host Dark Web sites, and engage in other online activities a safe harbor. The MaxiDed marketing explained that the service was “bulletproof.” DarkCyber reveals that MaxiDed was not.

The third story continues DarkCyber’s explanation of Amazon’s “policeware” initiative. The Amazon Rekognition service makes it possible for law enforcement to identify individuals in images and video. Unlike some other systems, Amazon’s approach allows real time facial recognition. Also, the system can identify up to 100 individuals in a group photo. This service complements Amazon’s streaming data service revealed in the June 5, 2018, DarkCyber video. Stephen E Arnold said: “Amazon’s push into services which seem tailor made for law enforcement, regulatory entities, and intelligence professionals continues. Its facial recognition service called ”Rekognition“ could revolutionize how authorities identify possible bad actors. The use of Amazon’s cross correlation method could significantly rework the law enforcement landscape in a very short period of time.”

The final story makes the economics of selling synthetic opioids clear. According to data compiled by Bloomberg, a kilogram of fentanyl or an analogue can generate orders of magnitude more money when sold on the street. Also, obtaining bulk quantities of fentanyl analogues is possible. China, for example, does not regulate analogues as closely as it does fentanyl itself.

Kenny Toth, June 12, 2018

Doxxing Explained

June 7, 2018

For those unfamiliar with the practice of “doxxing,” Stuff has shared a clear introduction on the topic peppered with links to more information—“What is Doxxing, and Why Is It So Scary?” Reporter Jasmine McNealy describes the technique of discovering personal information available online and using it against one’s target. She also emphasizes how dangerous these attacks can be. McNealy writes:

“It’s not surprising that information has value – particularly information related to people’s identities, interests and habits. This is, after all, the age of big data, social media and targeted advertising. The Facebook-Cambridge Analytica scandal is just one of many events in which regular people found out just how much personal information is available out on the internet. People also found out how little power they had over their information. Generally, people want, and think they have, control over who knows what about them. Individual identity is in part performance: People decide and change who they are and how they act in different places, around different groups. This is particularly true online, where many sites and services allow users to be anonymous or pseudonymous or to hide their information from other users’ searches. Often, of course, each site itself has some private information about users, like an email address, for delivering service-related notices. But online platforms seem to offer users a measure of control over their identity and personal information.”

That control, however, is less absolute than these platforms would have their users believe. The write-up describes why this is so, and concludes by emphasizing McNealy’s central point—doxxing turns online information into a dangerous weapon.

Cynthia Murrell, June 7, 2018

DarkCyber for June 5, 2018: Amazon and Its LE and Intelligence Services

June 5, 2018

The DarkCyber for June 5, 2018, is now available at www.arnoldit.com/wordpress or on Vimeo at https://vimeo.com/273170550.

This week’s DarkCyber presents an extract from Stephen E Arnold’s lectures at the Prague Telestrategies ISS conference. The conference is designed for security, intelligence, and law enforcement professionals in Europe.

Stephen’s two lectures provided attendees with a snapshot of the services Amazon’s streaming data marketplace offer to customers, developers, and entrepreneurs.

Stephen said:

The Amazon platform is positioned to provide a robust, innovative way to anonymize digital currency transactions and perform the type of analyses needed to deal with bad actors and the activities.

The information was gleaned from Amazon conference lectures, Amazon’s Web logs and documentation, and open source documents.

For example, one public document stated:

“… A law enforcement agency may be a customer and may desire to receive global Bitcoin transactions, correlated by country, with USP data to determine source IP addresses and shipping addresses that correlate to Bitcoin addresses.”

Coupled with Amazon’s facial recognition service “Rekognition” and Amazon’s wide array of technical capabilities, Amazon is able to provide specialized content processing and data services.

Stephen stated:

Instead of learning how to use many different specialized systems, the Amazon approach offers a unified capability available with a Kindle-style interface. This is a potential game changer for LE, intel, and security service providers.

In this week’s DarkCyber video, Stephen provides an eight minute summary of his research, including the mechanisms by which new functions can be added to or integrated with the system.

A for fee lecture about what Stephen calls “Amazon’s intelligence services” is available on a for fee basis. For information, write darkcyber333 at yandex dot com.

Kenny Toth, June 5, 2018

DarkCyber, May 29, 2018, Now Available

May 29, 2018

Stephen E Arnold’s DarkCyber video news program for Tuesday, May 29, 2018, is now available.

This week’s story line up is:

  • The “personality” of a good Web hacker
  • Why lists are replacing free Dark Web search services
  • Where to find a directory of OSINT software
  • A new Dark Web index from a commercial vendor.

You can find this week’s program at either www.arnoldit.com/wordpress or on Vimeo at https://vimeo.com/272088088.

On June 5, 2018, Stephen will be giving two lectures at the Telestrategies ISS conference in Prague. The audiences will consist of intelligence, law enforcement, and security professionals from Europe. A handful of attendees from other countries will be among the attendees.

On Tuesday, June 5, 2018, Stephen will reveal one finding from our analysis of Amazon’s law enforcement, war fighting, and intelligence services initiative.

Because his books have been reused (in several cases without permission) by other analysts, the information about Amazon is available via online or in person presentations.

The DarkCyber team has prepared short video highlighting one research finding. He will include some of the DarkCyber research information in his Prague lectures.

The Amazon-centric video will be available on Tuesday, June 5, 2018. After viewing the video, if you want the details of his for fee lecture, write him at darkcyber333@yandex dot com. Please, put “Amazon” in the subject line.

Several on the DarkCyber team believe that most people will dismiss Stephen’s analysis of Amazon. The reason is that people buy T shirts, books, and videos from the company. However, the DarkCyber research team has identified facts which suggest a major new revenue play from the one time bookseller.

Just as Stephen’s analyses of Google in 2006 altered how some Wall Street professionals viewed Google, his work on Amazon is equally significant. Remember those rumors about Alexa recording what it “hears”? Now think of Amazon’s services/products as pieces in a mosaic.

The picture is fascinating and it has significant financial implications as well.

Enjoy today’s program at this link.

Kenny Toth, May 29, 2018

Next Page »

  • Archives

  • Recent Posts

  • Meta