European Cybersecurity Companies
May 8, 2016
We’ve run across an interesting list of companies at Let’s Talk Payments, “Europe’s Elite Cybersecurity Club.” The bare-bones roster names and links to 28 cybersecurity companies, with a brief description of each. See the original for the descriptions, but here are their entries:
SpamTitan, Gemalto, Avira, itWatch, BT, Sophos, DFLabs, ImmuniWeb, Silent Circle, Deep-Secure, SentryBay , AVG Technologies, Clearswift, ESNC, DriveLock, BitDefender, neXus, Thales, Cryptovision, Secunia, Osirium, Qosmos, Digital Shadows, F-Secure, Smoothwall, Brainloop, TrulyProtect, and Enorasys Security Analytics
It is a fine list as far as it goes, but we notice it is not exactly complete. For example, where is FinFisher’s parent company, Gamma International? Still, the list is a concise and valuable source for anyone interested in learning more about these companies.
Cynthia Murrell, May 8, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
How Hackers Hire
May 7, 2016
Ever wonder how hackers fill job openings, search-related or otherwise? A discussion at the forum tehPARADOX.COM considers, “How Hackers Recruit New Talent.” Poster MorningLightMountain cites a recent study by cybersecurity firm Digital Shadows, which reportedly examined around 100 million websites, both on the surface web and on the dark web, for recruiting practices. We learn:
“The researchers found that the process hackers use to recruit new hires mirrors the one most job-seekers are used to. (The interview, for example, isn’t gone—it just might involve some anonymizing technology.) Just like in any other industry, hackers looking for fresh talent start by exploring their network, says Rick Holland, the vice president of strategy at Digital Shadows. ‘Reputation is really, really key,’ Holland says, so a candidate who comes highly recommended from a trusted peer is off to a great start. When hiring criminals, reputation isn’t just about who gets the job done best: There’s an omnipresent danger that the particularly eager candidate on the other end of the line is actually an undercover FBI agent. A few well-placed references can help allay those fears.”
Recruiters, we’re told, frequently advertise on hacker forums. These groups reach many potential recruits and are often password-protected. However, it is pretty easy to trace anyone who logs into one without bothering to anonymize their traffic. Another option is to advertise on the dark web— researchers say they even found a “sort of Monster.com for cybercrime” there.
The post goes on to discuss job requirements, interviews, and probationary periods. We’re reminded that, no matter how many advanced cybersecurity tools get pushed to market, most attack are pretty basic; they involve approaches like denial-of-service and SQL injection. So, MorningLightMountain advises, any job-seeking hackers should be good to go if they just keep up those skills.
Cynthia Murrell, May 7, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Mouse Movements Are the New Fingerprints
May 6, 2016
A martial artist once told me that an individual’s fighting style, if defined enough, was like a set of fingerprints. The same can be said for painting style, book preferences, and even Netflix selections, but what about something as anonymous as a computer mouse’s movement? Here is a new scary thought from PC & Tech Authority: “Researcher Can Indentify Tor Users By Their Mouse Movements.”
Juan Carlos Norte is a researcher in Barcelona, Spain and he claims to have developed a series of fingerprinting methods using JavaScript that measures times, mouse wheel movements, speed movement, CPU benchmarks, and getClientRects. Combining all of this data allowed Norte to identify Tor users based on how they used a computer mouse.
It seems far-fetched, especially when one considers how random this data is, but
“’Every user moves the mouse in a unique way,’ Norte told Vice’s Motherboard in an online chat. ‘If you can observe those movements in enough pages the user visits outside of Tor, you can create a unique fingerprint for that user,’ he said. Norte recommended users disable JavaScript to avoid being fingerprinted. Security researcher Lukasz Olejnik told Motherboard he doubted Norte’s findings and said a threat actor would need much more information, such as acceleration, angle of curvature, curvature distance, and other data, to uniquely fingerprint a user.”
This is the age of big data, but looking Norte’s claim from a logical standpoint one needs to consider that not all computer mice are made the same, some use lasers, others prefer trackballs, and what about a laptop’s track pad? As diverse as computer users are, there are similarities within the population and random mouse movement is not individualistic enough to ID a person. Fear not Tor users, move and click away in peace.
Whitney Grace, May 6, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Why the UK Shouldn’t Be Concerned About the Gobbling up of Their Tech Industry
May 5, 2016
The article on MotherBoard titled Why the US Is Buying Up So Many UK Artificial Intelligence Companies surveys the rising tech community in the UK. There is some concern about the recent trend in UK AI and machine learning startups being acquired by US giants (HP and Autonomy, Google and DeepMind, Microsoft and Swiftkey, and Apple and VocalIQ.) It makes sense in terms of the necessary investments and platforms needed to support cutting-edge AI which are not available in the UK, yet. The article explains,
“And as AI increasingly becomes core to many tech products, experts become a limited resource. “All of the big US companies are working on the subject and then looking at opportunities everywhere—“…
Many of the snapped-up UK firms are the fruits of research at Britain’s top universities—add to the list above Evi Technologies (Amazon), Dark Blue Labs (Google), Vision Factory (also Google) that are either directly spun out of Cambridge, Oxford, or University College London…”
The results of this may be more positive for the UK tech industry than it appears at first glance. There are some companies, like DeepMind, that demand to stay in the UK, and there are other industry players who will return to the UK to launch their own ventures after spending years absorbing and contributing to the most current technologies and advancements.
Chelsea Kerwin, May 5, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
The Most Dangerous Writing App Will Delete Your Work If You Stop Typing, for Free
May 2, 2016
The article on The Verge titled The Most Dangerous Writing App Lets You Delete All of Your Work For Free speculates on the difficulties and hubris of charging money for technology that someone can clone and offer for free. Manuel Ebert’s The Most Dangerous Writing App offers a self-detonating notebook that you trigger if you stop typing. The article explains,
“Ebert’s service appears to be a repackaging of Flowstate, a $15 Mac app released back in January that functions in a nearly identical way. He even calls it The Most Dangerous Writing App, which is a direct reference to the words displayed on Flowstate creator Overman’s website. The difference: Ebert’s app is free, which could help it take off among the admittedly niche community of writers looking for self-deleting online notebooks.”
One such community that comes to mind is that of the creative writers. Many writers, and poets in particular, rely on exercises akin to the philosophy of The Most Dangerous Writing App: don’t let your pen leave the page, even if you are just writing nonsense. Adding higher stakes to the process might be an interesting twist, especially for those writers who believe that just as the nonsense begins, truth and significance are unlocked.
Chelsea Kerwin, May 2, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
New Security Service Enters Consumer Space
April 29, 2016
It looks like another company is entering the arena of consumer cybersecurity. An article from Life Hacker, Privacy Lets You Create “Virtual” Credit Card Numbers, Deactivate One Instantly If It’s Stolen, shares the details of Privacy. Their tool generates disposable card numbers online, which can be tied to accounts with participating banks or Visa cards, and then allows users to easily deactivate if one is stolen. The service is free to users because Privacy makes money acting as a credit card processor. The article tells us,
“Privacy just gives you the ability to create virtual “accounts” that are authorized to charge a given amount to your account. You can set that account to be single use or multi-use, and if the amount is used up, then the transaction doesn’t go through to your main account. If one of your virtual accounts gets hit with an account you don’t recognize, you’ll be able to open the account from the Privacy Chrome or Firefox extension and shut it down immediately. The Chrome extension lets you manage your account quickly, auto-fill shopping sites with your virtual account numbers, or quickly create or shut down numbers.”
We think the concept of Privacy and the existence of such a service points to the perception consumers find security measures increasingly important. However, why trust Privacy? We’re not testing this idea, but perhaps Privacy is suited for Dark Web activity.
Megan Feil, April 29, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
A Dark Web Spider for Proactive Protection
April 29, 2016
There is a new tool for organizations to more quickly detect whether their sensitive data has been hacked. The Atlantic discusses “The Spider that Crawls the Dark Web Looking for Stolen Data.” Until now, it was often many moons before an organization realized it had been hacked. Matchlight, from Terbium Labs, offers a more proactive approach. The service combs the corners of the Dark Web looking for the “fingerprints” of its clients’ information. Writer Kevah Waddell reveals how it is done:
“Once Matchlight has an index of what’s being traded on the Internet, it needs to compare it against its clients’ data. But instead of keeping a database of sensitive and private client information to compare against, Terbium uses cryptographic hashes to find stolen data.
“Hashes are functions that create an effectively unique fingerprint based on a file or a message. They’re particularly useful here because they only work in one direction: You can’t figure out what the original input was just by looking at a fingerprint. So clients can use hashing to create fingerprints of their sensitive data, and send them on to Terbium; Terbium then uses the same hash function on the data its web crawler comes across. If anything matches, the red flag goes up. Rogers says the program can find matches in a matter of minutes after a dataset is posted.”
What an organization does with this information is, of course, up to them; but whatever the response, now they can implement it much sooner than if they had not used Matchlight. Terbium CEO Danny Rogers reports that, each day, his company sends out several thousand alerts to their clients. Founded in 2013, Terbium Labs is based in Baltimore, Maryland. As of this writing, they are looking to hire a software engineer and an analyst, in case anyone here is interested.
Cynthia Murrell, April 29, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Duck Duck Go as a Privacy Conscious Google Alternative
April 26, 2016
Those frustrated with Google may have an alternative. Going over to the duck side: A week with Duck Duck Go from Search Engine Watch shares a thorough first-hand account of using Duck Duck Go for a week. User privacy protection seems to be the hallmark of the search service and there is even an option to enable Tor in its mobile app. Features are comparable, such as one designed to compete with Google’s Knowledge Graph called Instant Answers. As an open source product, Instant Answers is built up by community contributions. As far as seamless, intuitive search, the post concludes,
“The question is, am I indignant enough about Google’s knowledge of my browsing habits (and everyone else’s that feed its all-knowing algorithms) to trade the convenience of instantly finding what I’m after for that extra measure of privacy online? My assessment of DuckDuckGo after spending a week in the pond is that it’s a search engine for the long term. To get the most out of using it, you have to make a conscious change in your online habits, rather than just expecting to switch one search engine for another and get the same results.”
Will a majority of users replace “Googling” with “Ducking” anytime soon? Time will tell, and it will be an interesting saga to see unfold. I suppose we could track the evolution on Knowledge Graph and Instant Answers to see the competing narratives unfold.
Megan Feil, April 26, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
The Dark Web Cuts the Violence
March 23, 2016
Drug dealing is a shady business that takes place in a nefarious underground and runs discreetly under our noses. Along with drug dealing comes a variety of violence involving guns, criminal offenses, and often death. Countless people have lost their lives related to drug dealing, and that does not even include the people who overdosed. Would you believe that the drug dealing violence is being curbed by the Dark Web? TechDirt reveals, “How The Dark Net Is Making Drug Purchases Safer By Eliminating Associated Violence And Improving Quality.”
The Dark Web is the Internet’s underbelly, where stolen information and sex trafficking victims are sold, terrorists mingle, and, of course, drugs are peddled. Who would have thought that the Dark Web would actually provide a beneficial service to society by sending drug dealers online and taking them off the streets? With the drug dealers goes the associated violence. There also appears to be a system of checks and balances, where drug users can leave feedback a la eBay. It pushes the drug quality up as well, but is that a good or bad thing?
“The new report comes from the European Monitoring Centre for Drugs and Drug Addiction, which is funded by the European Union, and, as usual, is accompanied by an official comment from the relevant EU commissioner. Unfortunately, Dimitris Avramopoulos, the European Commissioner for Migration, Home Affairs and Citizenship, trots out the usual unthinking reaction to drug sales that has made the long-running and totally futile “war on drugs” one of the most destructive and counterproductive policies ever devised:
‘We should stop the abuse of the Internet by those wanting to turn it into a drug market. Technology is offering fresh opportunities for law enforcement to tackle online drug markets and reduce threats to public health. Let us seize these opportunities to attack the problem head-on and reduce drug supply online.’”
The war on drugs is a futile fight, but illegal substances do not benefit anyone. While it is a boon to society for the crime to be taken off the streets, take into consideration that the Dark Web is also a breeding ground for crimes arguably worse than drug dealing.
Whitney Grace, March 23, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Tails Increases Ease of Online Anonymity
March 17, 2016
The interest in browsing the internet anonymously does not appear to be fading. Softpedia recently posted Debian Makes It a Lot Easier for Users to Install the Tails Anonymous Live CD. Called the “amnesic incognito live system”, Tails is a GNU/Linux Live CD distribution which is based on the Debian operating system and allows your online activities to remain anonymous. Tails is driven by Tor and provides its users access to the anonymous Tor network. The article tells us,
Now, we all know how to write a Live ISO image on a USB key or a CD disc, right? But what you probably don’t know is that there’s an app for that, called Tails Installer, which the skilled Debian Privacy Tools maintainers team included in Debian repos. “The previous process for getting started with Tails was very complex and was problematic for less tech-savvy users,” developers explained. “It required starting Tails three times, and copying the full ISO image onto a USB stick twice before having a fully functional Tails USB stick with persistence enabled.”
As the article points out, Tails has a stamp of approval from Edward Snowden. It seems like before Debian, it would have been quite the stretch for many users to even consider adopting the use of Tails. However, using a Linux-based operating system, the pre-requisite for Tails, may also be a hurdle preventing wide-scale adoption. Time will tell.
Megan Feil, March 17, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
