CyberOSINT banner

Dark Web Crime Has Its Limits

February 12, 2016

The Dark Web is an intriguing and mysterious phenomenon, but rumors about what can be found there are exaggerated. Infomania examines what is and what is not readily available in that murky realm in, “Murder-for-Hire on the Dark Web? It Can’t Be True!

Anonymity is the key factor in whether certain types of criminals hang out their shingles on the TOR network. Crimes that can be more easily committed without risking identification include drug trafficking, fraud, and information leaks.  On the other hand, contract assassins, torture-as-entertainment, and human trafficking are not actually to be found, despite reports to the contrary. See the article for details on each of these, and more. The article cites independent researcher Chris Monteiro as it summarizes:

The dark web is rife with cyber crime. But it’s more rampant with sensationalized myths about assassination and torture schemes — which, as Chris can attest, simply aren’t true. “What’s interesting is so much of the coverage of these scam sites is taken at face value. Like, ‘There is a website. Therefore its contents must be true.’ Even when mainstream media picks it up, very few pick it up skeptically,” he says.

Take the Assassination Market, for example. When news outlets got wind of its alleged existence in 2013, they ran with the idea of “Murder-for-hire!!” on the Internet underground. Although Chris has finally demonstrated that these sites are not real, their legend lives on in Internet folklore. “Talking about the facts — this is how cybercrime works, this is how Tor and Bitcoin work — is a lot less sexy than saying, ‘If you click on the wrong link, you’ll be kidnapped, and you’ll end up in a room where you’ll be livestreamed, murdered, and you’re all over the internet!’” Chris says. “All I can do is point out what’s proven and what isn’t.”

So, next time someone spins a scary tale about killers-for-hire who are easily found online, you can point them to this article. Yes, drug trafficking, stolen data, and other infractions are big problems associated with the Dark Web, but let us not jump at shadows.

 

Cynthia Murrell, February 12, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Barry Zane and SPARQL City Acquired by Cambridge Semantics for Graph Technology

February 12, 2016

The article titled Cambridge Semantics Acquires SPARQL City’s IP, Expanding Offering of Graph-Cased Analytics at Big Data Scale on Business Wire discusses the benefits of merging Cambridge’s Semantics’ Anzo Smart Data Platform with SPARQL City’s graph analysis capacities. The article specifically mentions the pharmaceutical industry, financial services, and homeland security as major business areas that this partnership will directly engage due to the enhanced data analysis and graph technologies now possible.

“We believe this IP acquisition is a game-changer for big data analytics and smart data discovery,” said Chuck Pieper, CEO of Cambridge Semantics. “When coupled with our Anzo Smart Data Platform, no one else in the market can provide a similar end-to-end, semantic- and graph-based solution providing for data integration, data management and advanced analytics at the scale, context and speed that meets the needs of enterprises. The SPARQL City in-memory graph query engine allows users to conduct exploratory analytics at big data scale interactively.”

Barry Zane, a leader in database analytics with 40 years experience and CEO and founder of SPARQL City, will become the VP of Engineering at Cambridge Semantics. He mentions in the article that this acquisition has been a long time coming, with the two companies working together over the last two years.

 

Chelsea Kerwin, February 12, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

AI Startups Use Advanced AI Technology to Improve Daily Chores

February 11, 2016

The article on e27 titled 5 Asian Artificial Intelligence Startups that Caught Our Eye lists several exciting new companies working to unleash AI technology, often for quotidian tasks. For example, Arya.ai provides for speeder and more productive decision-making, while Mad Street Den and Niki.ai offers AI shopping support! The article goes into detail about the latter,

“Niki understands human language in the context of products and services that a consumer would like to purchase, guides her along with recommendations to find the right service and completes the purchase with in-chat payment. It performs end-to-end transactions on recharge, cab booking and bill payments at present, but Niki plans to add more services including bus booking, food ordering, movie ticketing, among others.”

Mad Street Den, on the other hand, is more focused on  object recognition. Users input an image and the AI platform seeks matches on e-commerce sites. Marketers will be excited to hear about Appier, a Taiwan-based business offering cross-screen insights, or in layman’s terms, they can link separate devices belonging to one person and also estimate how users switch devices during the day and what each device will be used for. These capabilities allow marketers to make targeted ads for each device, and a better understanding of who will see what and via which device.

 

Chelsea Kerwin, February 11, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Reviews on Dark Web Email Providers Shared by Freedom Hacker

February 10, 2016

The Dark Web has many layers of sites and services, as the metaphor provided in the .onion extension suggests. List of secure Dark Web email providers in 2016 was recently published on Freedom Hacker to detail and review the Dark Web email providers currently available. These services, typically offering both free and pro account versions, facilitate emailing without any type of third-party services. That even means you can forget any hidden Google scripts, fonts or trackers. According to this piece,

“All of these email providers are only accessible via the Tor Browser, an anonymity tool designed to conceal the end users identity and heavily encrypt their communication, making those who use the network anonymous. Tor is used by an array of people including journalists, activists, political-dissidents, government-targets, whistleblowers, the government and just about anyone since it’s an open-source free tool. Tor provides a sense of security in high-risk situations and is often a choice among high-profile targets. However, many use it day-to-day as it provides identity concealment seamlessly.”

We are intrigued by the proliferation of these services and their users. While usage numbers in this article are not reported, the write-up of the author’s top five email applications indicate enough available services to necessitate reviews. Equally interesting will be the response by companies on the clearweb, or the .com and other regular sites. Not to mention how the government and intelligence agencies will interact with this burgeoning ecosystem.

 

Megan Feil, February 10, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

Squiz and Verint Team up to Save the Government from Itself

February 9, 2016

The article titled Verint and Squiz Announce Partnership to Further Enable Digital Transformation for Government  on BusinessWire conveys the global ambitions of the two companies. The article positions Verint, an intel-centric company, and Squiz, an Australian content management company, as the last hope for the world’s governments (on the local, regional, and national level.) While things may not be so dire as all that, the merger is aimed at improving governmental organization, digital management, and customer engagement. The article explains,

“Today, national, regional and local governments across the world are implementing digital transformation strategies, reflecting the need to proactively help deliver citizen services and develop smarter cities. A key focus of such strategies is to help make government services accessible and provide support to their citizens and businesses when needed. This shift to digital is more responsive to citizen and community needs, typically reducing phone or contact center call volumes, and helps government organizations identify monetary savings.”

It will come as no surprise to learn that government bureaucracy is causing obstacles when it comes to updating IT processes. Together, Squiz and Verint hope to aid officials in implementing streamlined, modernized procedures and IT systems while focusing on customer-facing features and ensuring intuitive, user-friendly interfaces. Verint in particular emphasizes superior engagement practices through its Verint Engagement Management service.

 

Chelsea Kerwin, February 9, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

Hackers Revive Dark Web Forum Called Hell

February 8, 2016

After personal details of over four million Adult Friend Finder users was found on the Dark Web site called Hell, this notorious internet hacking forum was shut down by authorities around July 2015. Reported by Instant Tricks, an article Hell is back with Hell Reloaded on the Dark Web explains Hell is currently accessible again on the Dark Web. The article states,

“The exact date of the website’s returning on-line is troublesome to determine, for the posts don’t have a date next to them for security functions. However, judgement by the quantity of posts, it’s honest to mention that the web site came back simply over every week past. Hell is a web portal on the Dark internet that’s employed by hackers everywhere the globe to share their hacking tricks moreover as transfer and post taken knowledge.”

Hell is one of the world’s largest hacking forums on the Dark Web and, as such, is difficult to imagine the site will ever kick the bucket. Interestingly, in its re-emergence, it has been rendered with the same branding as if nothing had changed. “Stephen E Arnold’s Dark Web Notebook” describes this Dark Web resource. We recommend this read for security, law enforcement and information technology officials as these industries’ landscapes evolve due to the enduring presence of sites like Hell on the Dark Web.

 

Megan Feil, February 08, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Its Official: Facebook and the Dark Web

February 5, 2016

A piece from Nextgov suggests just how ubiquitous the Dark Web could become. Published as Facebook is giving users a new way to access it on the ‘Dark Web’, this article tells us “a sizeable community” of its users are also Dark Web users; Facebook has not released exact figures. Why are people using the Dark Web for everyday internet browsing purposes? The article states:

“Facebook’s Tor site is one way for people to access their accounts when the regular Facebook site is blocked by governments—such as when Bangladesh cut off access to Facebook, its Messenger and Whatsapp chat platforms, and messaging app Viber for about three weeks in November 2015. As the ban took effect, the overall number of Tor users in Bangladesh spiked by about 10 times, to more than 20,000 a day. When the ban was lifted, the number dropped back to its previous level.”

Public perception of the darknet is changing. If there was any metric to lend credibility to the Dark Web being increasingly used for mainstream purposes, it is Facebook adding a .onion address. Individual’s desire for security, uninterrupted and expansive internet access will only contribute to the Dark Web’s user base. While the Silk Road-type element is sure to remain as well, it will be interesting to see how things evolve.

 

Megan Feil, February 5, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Elasticsearch Works for Us 24/7

February 5, 2016

Elasticsearch is one of the most popular open source search applications and it has been deployed for personal as well as corporate use.  Elasticsearch is built on another popular open source application called Apache Lucene and it was designed for horizontal scalability, reliability, and easy usage.  Elasticsearch has become such an invaluable piece of software that people do not realize just how useful it is.  Eweek takes the opportunity to discuss the search application’s uses in “9 Ways Elasticsearch Helps Us, From Dawn To Dusk.”

“With more than 45 million downloads since 2012, the Elastic Stack, which includes Elasticsearch and other popular open-source tools like Logstash (data collection), Kibana (data visualization) and Beats (data shippers) makes it easy for developers to make massive amounts of structured, unstructured and time-series data available in real-time for search, logging, analytics and other use cases.”

How is Elasticsearch being used?  The Guardian is daily used by its readers to interact with content, Microsoft Dynamics ERP and CRM use it to index and analyze social feeds, it powers Yelp, and her is a big one Wikimedia uses it to power the well-loved and used Wikipedia.  We can already see how much Elasticsearch makes an impact on our daily lives without us being aware.  Other companies that use Elasticsearch for our and their benefit are Hotels Tonight, Dell, Groupon, Quizlet, and Netflix.

Elasticsearch will continue to grow as an inexpensive alternative to proprietary software and the number of Web services/companies that use it will only continues to grow.

Whitney Grace, February 5, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Cybercrime as a Service Impacts Hotel Industry and Loyalty Points

February 4, 2016

The marketplaces of the Dark Web provide an interesting case study in innovation. Three types of Dark Web fraud aimed at the hotel industry, for example, was recently published on Cybel Blog. Delving into the types of cybercrime related to the hospitality industry, the article, like many others recently, discusses the preference of cybercriminals in dealing with account login information as opposed to credit cards as detectability is less likely. Travel agencies on the Dark Web are one such way cybercrime as a service exists:

“Dark Web “travel agencies” constitute a third type of fraud affecting hotel chains. These “agencies” offer room reservations at unbeatable prices. The low prices are explained by the fact that the seller is using fraud and hacking. The purchaser contacts the seller, specifying the hotel in which he wants to book a room. The seller deals with making the reservation and charges the service to the purchaser, generally at a price ranging from a quarter to a half of the true price per night of the room. Many sellers boast of making bookings without using stolen payment cards (reputed to be easy for hotels to detect), preferring to use loyalty points from hacked client accounts.”

What will they come up with next? The business to consumer (B2C) sector includes more than hotels and presents a multitude of opportunities for cybertheft. Innovation must occur on the industry side as well in order to circumvent such hacks.

 

Megan Feil, February 4, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

The Encrypted Enterprise Search

February 3, 2016

Another enterprise software distributor has taken the leap into a proprietary encrypted search engine.  Computer Technology Review informs us that “VirtualWorks Releases Its Encrypted Enterprise Search Platform ViaWorks Built On Hitachi Technology.”  VirtualWorks’s enterprise search platform is called ViaWorks and the company’s decision to release an encrypted search engine comes after there has been a rise in data security breaches as well as concern about how to prevent such attacks.  We will not even mention how organizations want to move to the cloud, but are fearful of hacking.  More organizations from shopping in person on the Internet, banking, healthcare, government, and even visiting a library use self-service portals that rely on personal information to complete tasks.  All of these portals can be hacked, so trade organizations and the government are instituting new security measures.

Everyone knows, however, that basic rules and a firewall are not enough to protect sensitive information.  That is why companies like VirtualWorks stay one step ahead of the game with a product like ViaWork built on Hitachi’s Searchable Encryption technology.  ViaWorks is a highly encrypted platform that does not sacrifice speed and accuracy for security

“ViaWorks encrypted enterprise search features are based on AES, a worldwide encryption standard established by NIST; special randomization process, making the encrypted data resistant to advanced statistical attacks; with key management and encryption APIs that store encryption keys securely and encrypt the original data.  ViaWorks provides key management and encryption APIs that store encryption keys securely and encrypt the original data, respectively. Users determine which field is encrypted, such as index files, search keyword or transaction logs.”

VirtualWorks already deployed ViaWorks in beta tests within healthcare, government, insurance, and finance.  Moving information to the cloud saves money, but it presents a security risk and slow search.  A commercial encrypted search engine paired with cloud computing limits the cyber risk.

 

Whitney Grace, February 3, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Next Page »