Busted Black Marketplace Pops Back Up
October 5, 2016
In June, a vendor of access to hacked servers, xDedic, was taken down. Now, reports intelligence firm Digital Shadows, it has resurrected itself as a Tor domain. Why am I suddenly reminded of the mythical hydra? We learn of the resurgence from SecurityWeek’s article, “Hacked Server Marketplace Returns as a Tor Domain.” The article tells us:
After Kaspersky Lab researchers revealed in mid-June that they counted over 70,000 hacked servers made available for purchase on xDedic, some for as low as just $6, the marketplace operators closed the virtual shop on June 16. However, with roughly 30,000 users a month, the storefront was too popular to disappear for good, and intelligence firm Digital Shadows saw it re-emerge only a week later, but as a Tor domain now.
In an incident report shared with SecurityWeek, Digital Shadows reveals that a user named xDedic posted on 24 Jun 2016 a link to the new site on the criminal forum exploit[.]in. The user, who ‘had an established reputation on the forum and has been previously identified as associated with the site,’ posted the link on a Russian language forum thread titled ‘xDedic ???????’ (xDedic burned).
We’re told that, though the new site looks just like the old site, the user accounts did not tag along. The now-shuttered site was attracting about 30,000 users monthly, so it should not take long to re-build their client list. Researchers are not able to assess the sites traffic, since it is now a Tor domain, but both Digital Shadows and Kaspersky Lab, another security firm, are “monitoring the situation.” We can rest assured they will inform law enforcement when they have more information.
Cynthia Murrell, October 5, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
You Too Can Be an Expert Searcher
October 4, 2016
One would think that in the days of instant information, we all would be expert searchers and know how to find any fact. The problem is that most people type entire questions into search engines and allow natural language processing to do the hard labor. There is a smarter way to search than lazy question typing and Geek Squad has an search literacy guide you might find useful: “Search Engine Secrets: Find More With Google’s Hidden Features.”
What very few people know (except us search gurus) is that search engines have hidden tricks you can use you find your results quicker and make search easier. While Google is the standard search engine and all these tricks are geared towards that search engine, they will also work with other ones. The standard way to search is by typing a query into the search bar and some of these typing tricks are old school, such as using parentheses for an exact phrase, searching one specific Web site, wildcards, Boolean operators, and using a minus sigh (-) to exclude terms.
Searching for pictures is a much newer search form and is usually done by clicking on the image search on a search engine. However, did you know that most search engines have the option to search with an image itself? With Google, simply drag and drop an image into the search bar to start the process. There are also delimiters on image search to filter results by specifics, such as GIFs, size, color, and others
Even newer than image search is vocal search with a microphone. Usually, voice search is employed with a digital assistant like Cortana and Siri. Some voice search commands are:
- Find a movie: What movies are playing tonight? or Where’s Independence Day playing?
- Find nearby places: Where’s the closest cafe?
- Find the time: What time is it in Melbourne?
- Answer trivia questions: Where was Albert Einstein born? or How old is Beyonce?
- Translate words or phrases: How do you say milk in Spanish?
- Define a word: What does existentialism mean?
- Convert between units: What’s 16 ounces in grams?
- Solve a math problem: What’s the square root of 2,209?
Book a restaurant table: Book a table for two at Dorsia on Wednesday night.
The only problem is that only the typing tricks transfer to professional research. They are used at universities, research institutes, and even large companies. The biggest problem is that people do not know how to use them in those organizations.
Whitney Grace, October 4, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
World-Check Database Leaked by Third Party
October 4, 2016
This is the problem with sensitive data—it likes to wander from its confines. Motherboard reports, “Terrorism Database Used by Governments and Banks Leaked Online.” Security researcher Chris Vickery reported stumbling upon a copy of the World-Check intelligence database from mid-2014 that was made available by a third party. The database maintained by Thomson Reuters for use by governments, intelligence agencies, banks, and law firms to guard against risks. Reporter Joseph Cox specifies:
Described by Thomson Reuters as a ‘global screening solution,’ the World-Check service, which relies on information from all over the world, is designed to give deep insight into financial crime and the people potentially behind it.
We monitor over 530 sanctions, including watch and regulatory law and enforcement lists, and hundreds of thousands of information sources, often identifying heightened-risk entities months or years before they are listed. In fact, in 2012 alone we identified more than 180 entities before they appeared on the US Treasury Office of Foreign Assets Control (OFAC) list based on reputable sources identifying relevant risks,’ the Thomson Reuters website reads.
A compilation of sensitive data like the World-Check database, though built on publicly available info, is subject to strict European privacy laws. As a result, it is (normally) only used by carefully vetted organizations. The article notes that much the U.S.’s No Fly List, World-Check has been known to flag the innocent on occasion.
Though Vickery remained mum on just how and where he found the data, he did characterize it as a third-party leak, not a hack. Thomson Reuters reports that the leak is now plugged, and they have secured a promise from that party to never leak the database again.
Cynthia Murrell, October 4, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Recent Developments in Deep Learning Architecture from AlexNet to ResNet
September 27, 2016
The article on GitHub titled The 9 Deep Learning Papers You Need To Know About (Understanding CNNs Part 3) is not an article about the global media giant but rather the advancements in computer vision and convolutional neural networks (CNNs). The article frames its discussion around the ImageNet Large-Scale Recognition Challenges (ILSVRC), what it terms the “annual Olympics of computer vision…where teams compete to see who has the best computer vision model for tasks such as classification, localization, detection and more.” The article explains that the 2012 winners and their network (AlexNet) revolutionized the field.
This was the first time a model performed so well on a historically difficult ImageNet dataset. Utilizing techniques that are still used today, such as data augmentation and dropout, this paper really illustrated the benefits of CNNs and backed them up with record breaking performance in the competition.
In 2013, CNNs flooded in, and ZF Net was the winner with an error rate of 11.2% (down from AlexNet’s 15.4%.) Prior to AlexNet though, the lowest error rate was 26.2%. The article also discusses other progress in general network architecture including VGG Net, which emphasized depth and simplicity of CNNs necessary to hierarchical data representation, and GoogLeNet, which tossed the deep and simple rule out of the window and paved the way for future creative structuring using the Inception model.
Chelsea Kerwin, September 27, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/
The Design of Our Future
September 26, 2016
An article at Co.Exist suggests we all pause to consider what we want our world to look like, in “We Need To Spend More Time Questioning Our Technology-Driven Future.” Along with the boundless potential of today’s fast-evolving technology come consequences, many of them unforeseen. Writer Ben Schiller cites futurist Gerd Leonhard, author of the book, Technology vs. Humanity. Far from a modern Luddite, Leonhard is a consultant for Google and a daily advocate for the wonders of advancing technology. His thorough understanding of the topic allows him to see potential pitfalls, as well.
The shape of technology today calls for society to update the way it approaches doing business, says Leonhard, and move past the “industrial-age paradigm of profit and growth at all costs, or some outmoded technological imperative that may have served us well in the 1980s.” He also points to the environmental problems created by fossil fuel companies as an example—if we aren’t careful, the AI and genetic engineering fields could develop their own “externalities,” or problems others will pay for, one way or another. Can we even imagine all the ways either of those fields could potentially cause harm?
Schiller writes of Leonhard:
The futurist outlines a philosophy he calls ‘exponential humanism’—the human equivalent of exponential technology. As a species we’re not developing the necessary skills and ethical frameworks to deal with technology that’s moving faster than we are, he says. We may be able to merge biology and technology, augment our minds and bodies, become superhuman, end disease, and even prolong life. But we’re yet to ask ourselves whether, for example, extending life is actually a good thing (as a society—there will always be individuals who for some reason want to live to 150). And, more to the point, will these incredible advances be available to everyone, or just a few people? To Leonhard, our current technological determinism—the view that technology itself is the purpose—is as dangerous as Luddism was 200-odd years ago. Without moral debate, we’re trusting in technology for its own sake, not because it actually improves our lives.
The write-up gives a few ideas on how to proactively shape our future. For example, Facebook could take responsibility for the content on its site instead of resting on its algorithm. Leonhard also suggests companies that replace workers with machines pay a tax that would help soften the blow to society, perhaps even with a minimum guaranteed income. Far-fetched? Perhaps. But in a future with fewer jobs and more freely-available products, a market-driven economy might just be doomed. If that is the case, what would we prefer to see emerge in its place?
Cynthia Murrell, September 26, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/
Geoparsing Is More Magical Than We Think
September 23, 2016
The term geoparsing sounds like it has something to do with cartography, but according to Directions Magazine in the article, “Geoparsing Maps The Future Of Text Documents” it is more like an alchemical spell. Geoparsing refers to when text documents into a geospatial database that allows entity extraction and disambiguation (aka is geotagging). It relies on natural language processing and is generally used to analyze text document collections.
While it might appear that geoparsing is magical, it actually is a complex technological process that relies on data to put information into context. Places often have the same name, so disambiguation would have difficulty inputting the correct tags. Geoparsing has important applications, such as:
Military users will not only want to exploit automatically geoparsed documents, they will require a capability to efficiently edit the results to certify that the place names in the document are all geotagged, and geotagged correctly. Just as cartographers review and validate map content prior to publication, geospatial analysts will review and validate geotagged text documents. Place checking, like spell checking, allows users to quickly and easily edit the content of their documents.
The article acts as a promo piece for the GeoDoc application, however, it does delve into the details into how geoparsing works and its benefits.
Whitney Grace, September 23, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/
For the Paranoid at Heart: New Privacy Concerns from Columbia University and Google
September 23, 2016
The article on PhysOrg titled Location Data on Two Apps Enough to Identify Someone, Says Study illustrates the inadequacy of deleting names and personal details from big data sets. Location metadata undermines the anonymity of this data. Researchers at Columbia University and Google teamed up to establish that individuals can easily be identified simply by comparing their movements across two data sets. The article states,
What this really shows is that simply removing identifying information from large-scale data sets is not sufficient,” said Yves-Alexandre de Montjoye, a research scientist at the MIT Media Lab who was not involved in the study. “We need to move to a model of privacy-through-security. Instead of anonymizing data and making it public, there should be technical controls over who gets access to the data, how it is used, and for what purpose.
Just by bringing your phone with you, (and who doesn’t?) you create vast amounts of location metadata about yourself, often without your knowledge. As more and more apps require you to offer your location, it becomes less difficult for various companies to access the data. If you are interested in exploring how easy it is to figure out your identity based on your social media usage, visit You Are Where You Go.
Chelsea Kerwin, September 23, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/
Paris Police Face Data Problem in Google Tax Evasion Investigation
September 20, 2016
Google has been under scrutiny for suspected tax evasion. Yahoo published a brief piece updating us on the investigation: Data analysis from Paris raid on Google will take months, possibly years: prosecutor. French police raided Google’s office in Paris, taking the tax avoidance inquiry to a new level. This comes after much pressure from across Europe to prevent multinational corporations from using their worldwide presence to pay less taxes. Financial prosecutor Eliane Houlette is quoted stating,
We have collected a lot of computer data, Houlette said in an interview with Europe 1 radio, TV channel iTele and newspaper Le Monde, adding that 96 people took part in the raid. “We need to analyze (the data) … (it will take) months, I hope that it won’t be several years, but we are very limited in resources’. Google, which said it is complying fully with French law, is under pressure across Europe from public opinion and governments angry at the way multinationals exploit their global presence to minimize tax liabilities.
While big data search technology exists, government and law enforcement agencies may not have the funds to utilize such technologies. Or, perhaps the knowledge of open source solutions is not apparent. If nothing else, these comments made by Houlette go to show the need for increased focus on upgrading systems for real-time and rapid data analysis.
Megan Feil, September 20, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/
Hundreds of Thousands of Patient Records Offered up on the Dark Web
September 19, 2016
Some of us suspected this was coming, despite many assurances to the contrary. Softpedia informs us, “Hacker Selling 651,894 Patient Records on the Dark Web.” Haughtily going by the handle TheDarkOverlord, the hacker responsible is looking to make over seven hundred grand off the data. Reporter Catalin Cimpanu writes:
The hacker is selling the data on The Real Deal marketplace, and he [or she] says he breached these companies using an RDP (Remote Desktop Protocol) bug. TheDarkOverlord has told DeepDotWeb, who first spotted the ads, that it’s ‘a very particular bug. The conditions have to be very precise for it.’ He has also provided a series of screenshots as proof, showing him accessing the hacked systems via a Remote Desktop connection. The hacker also recalls that, before putting the data on the Dark Web, he contacted the companies and informed them of their problems, offering to disclose the bug for a price, in a tactic known as bug poaching. Obviously, all three companies declined, so here we are, with their data available on the Dark Web. TheDarkOverlord says that all databases are a one-time sale, meaning only one buyer can get their hands on the stolen data.
The three databases contain information on patients in Farmington, Missouri; Atlanta, Georgia; and the Central and Midwest areas of the U.S. TheDarkOverloard asserts that the data includes details like contact information, Social Security numbers, and personal facts like gender and race. The collection does not, apparently, include medical history. I suppose that is a relief—for now.
Cynthia Murrell, September 19, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/
UltraSearch Releases Version 2.1
September 16, 2016
Now, after more than a year, we have a new version of a popular alternative to Windows’ built-in Desktop Search, UltraSearch. We learn the details from the write-up at gHacks.net, “UltraSearch 2.1 with File Content Search.” The application works by accessing a system’s master file table, so results appear almost instantly. Writer Martin Brinkmann informs us:
The list of changes on the official UltraSearch project website is long. While some of them may affect only some users, others are useful or at least nice to have for all. Jam Software, the company responsible for the search program, have removed the advertising banner from the program. There is, however, a new ‘advanced search’ menu option which links to the company’s TreeSize program in various ways. TreeSize is available as a free and commercial program.
As far as functional changes are concerned, these are noteworthy:
- File results are displayed faster than before.
- New File Type selection menu to pick file groups or types quickly (video files, Office files).
- Command line parameters are supported by the program now.
- The drive list was moved from the bottom to the top.
- The export dialog displays a progress dialog now.
- You may deactivate the automatic updating of the MFT index under Options > Include file system changes.
Brinkmann emphasizes that these are but a few of the changes in this extensive update, and suggests Windows users who have rejected it before give it another chance. We remind you, though, that UltraSearch is not your only Windows Desktop Search alternative. Some others include FileSearchEX, Gaviri Pocket Search, Launchy. Locate32, Search Everything, Snowbird, Sow Soft’s Effective File Search, and Super Finder XT.
Launched back in 1997, Jam Software is based in Trier, Germany. The company specializes in software tools to address common problems faced by users, developers, and organizations., like TreeSize, SpaceObserver, and, of course, UltraSearch. Though free versions of each are available, the company makes its money by enticing users to invest in the enhanced, professional versions.
Cynthia Murrell, September 16, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/
-
- Subscribe to Beyond Search
Feature archive
News archive
-
