A Dead Startup Tally Sheet
March 17, 2016
Startups are the buzzword for companies that are starting up in the tech industry, usually with an innovative idea that garners them several million in investments. Some startups are successful, others plodder along, and many simply fail. CBS Insights makes an interesting (and valid) comparison with tech startups and dot-com bust that fizzled out quicker than a faulty firecracker.
While most starts appear to be run by competent teams that, sometimes they fizzle out or are acquired by a larger company. Many of them are will not make it as a headlining company. As a result, CBS Insights invented, “The Downround Tracker: Which Companies Are Not Living Up To The Expectations?”
CBS Insights named this tech boom, the “unicorn era,” probably from the rare and mythical sightings of some of these companies. The Downround Tracker tracks unicorn era startups that have folded or were purchased. Since 2015, fifty-six total companies have made the Downround Tracker list, including LiveScribe, Fab.com, Yodle, Escrow.com, eMusic, Adesto Technologies, and others.
Browse through the list and some of the names will be familiar and others will make you wonder what some of these companies did in the first place. Companies come and go in a fashion that appears to be quicker than any other generation. At least in shows that human ingenuity is still working, cue Kanas’s “Dust in the Wind.”
Whitney Grace, March 17, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Bitcoin Textbook to Become Available from Princeton
March 16, 2016
Bitcoin is all over the media but this form of currency may not be thoroughly understood by many, including researchers and scholars. An post on this topic, The Princeton Bitcoin textbook is now freely available, was recently published on Freedom to Tinker, a blog hosted by Princeton’s Center for Information Technology Policy. This article announces the first completed draft of a Princeton Bitcoin textbook. At 300 pages, the manuscript is geared to those who hope to gain a technical understanding of how Bitcoin works and is appropriate for those who have a basic understanding of computer science and programming. According to the write-up,
“Researchers and advanced students will find the book useful as well — starting around Chapter 5, most chapters have novel intellectual contributions. Princeton University Press is publishing the official, peer-reviewed, polished, and professionally done version of this book. It will be out this summer. If you’d like to be notified when it comes out, you should sign up here. Several courses have already used an earlier draft of the book in their classes, including Stanford’s CS 251. If you’re an instructor looking to use the book in your class, we welcome you to contact us, and we’d be happy to share additional teaching materials with you.”
As Bitcoin educational resources catch fire in academia, it is only a matter of time before other Bitcoin experts begin creating resources to help other audiences understand the currency of the Dark Web. Additionally, it will be interesting to see if research emerges regarding connections between Bitcoin, the Dark Web and the mainstream internet.
Megan Feil, March 16, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Tech Unicorns May Soon Disappear as Fast as They Appeared
March 15, 2016
Silicon Valley “unicorns”, private companies valued at one billion or more, may not see the magic last. The article Palantir co-founder Lonsdale calls LinkedIn plunge a bad sign for unicorns from Airline Industry Today questions the future for companies like LinkedIn whose true value has yet to result in ever-increasing profits. After disappointing Wall Street with lower earnings and revenue, investors devalued LinkedIn by about $10 billion. Joe Lonsdale, the Formation 8 venture investor who co-founded Palantir Technologies is quoted stating,
“A lot of LinkedIn’s value, according to how many of us think about it, is tied to what it will achieve in the next five to 10 years,” Lonsdale said in an appearance on CNBC’s “Squawk Alley” on Friday. “It is very similar to a unicorn in that way. Yes, it is making a few billion in revenue and it’s a public company but it has these really big long-term plans as well and is very similar to how you see these other companies.” He added a lot of people who have been willing to suspend disbelief aren’t doing that anymore. “At this point, people are asking, ‘Are you actually going to be able to keep growing?’ And they’re punishing the unicorns and punishing the public companies the same way.”
Lonsdale understands why many private companies postpone an IPO for as long as possible, given these circumstances. Regardless of the pros and cons of when a company should go public, the LinkedIn devaluation seems as if it will send a message. Whether that message is one that fearmongers similar companies into staying private for longer or one that changes profitability norms for younger tech companies remains to be seen.
Megan Feil, March 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
How Sony Was Hacked
March 15, 2016
Remember when Sony was gearing up to release the controversial flick The Interview starring James Franco and Seth Rogen and how the CIA recruited them to kill Kim Jong-un, when suddenly their system was hacked? The people who hacked Sony called themselves “God’sApstls” and demanded the production company pay them an undisclosed amount of money or else they would “be bombarded as a whole.” Sony Pictures ignored the threat and the studio was taken offline for weeks, resulting in $35 million IT damages.
Motherboard investigated the current status of the Sony attack, it took place in 2014, which the company is still reeling from, “These Are The Cyberweapons Used To Hack Sony.” The FBI officially stated that the hackers were on the North Korean pay roll and still going about their business. A security researcher coalition thinks they can expose the hackers’ extensive malware arsenal.
“Andre Ludwig, the senior technical director at Novetta Research and Interdiction Group, said that the investigation started from four hashes (values that uniquely identify a file) that the Department of Homeland security published after the attack. With those few identifying strings, and after months of sleuthing, the researchers found 2,000 malware samples, both from online malware portal VirusTotal, as well as from antivirus companies. Of those, they manually reviewed and catalogued 1,000, and were able to identify 45 unique malware strains, revealing that the Sony hackers had an arsenal more sophisticated and varied than previously thought.”
The goal is to disrupt the hacker group often enough that they have to use their time, resources, and energy to rebuild their defenses and even lose some of their capabilities. They also might lose access to their past victims. There is good suspicion, however, to believe the hackers were not North Koreans:
“As it turns out, the hackers’ arsenal contains not only malware capable of wiping and destroying files on a hard disk like the Sony hack, but also Distributed Denial of Service (DDoS) tools, tools that allow for remotely eavesdropping on a victim’s computer, and more, according to the report. The researchers tracked some of this tools in cyberattacks and espionage operations that go as far as back as 2009, perhaps even 2007, showing the hackers that hit Sony have a long history.”
What the data reveals is that the hackers have been around for a long, long time (perhaps the North Korean government simply hired them?) and have had years to build up their arsenal. The counteroffensive, however, has built up its own and learned from the Sony hack job, pitting the hackers’ tools against them in hopes they will not be as effective in the future.
Warriors…er…coders, hackers, developers, etc. learn from each other to build stronger and better tools. The old adage, “the enemy of my enemy is my friend,” so who is the hackers’ enemy-other than the obvious USA?
Whitney Grace, March 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
FireEye Builds Toward a Bigger, Smarter Future
March 14, 2016
Demand for cybersecurity may exist, but one security firm’s first quarter results do not have much to show for it. People are not spending on security published by MyInforms reports this sharing the story of FireEye. Several explanations are offered for the lack of profitability this quarter and next, including their recent purchase of subscription-based iSight Partners and Invotas. The article contextualizes FireEye’s results,
“Security outfit FireEye released some disappointing results and claim it is because firms are skimping on their security budgets. FireEye forecast a bigger than expected loss for the first quarter and said it expected growth in cyber security spending to slow this year. FireEye Chief Executive Dave DeWalt said sales across the industry were boosted by “emergency spending” last year as major hacking attacks prompted some companies to place massive orders.”
Profitability can be looked at in several ways, but that’s another story. What is important to note here is the security concern many businesses have — and notably acted on last year, according to the article. What kind of player with FireEye be in this market with their newly acquired cyber intelligence offerings? We will keep our sights set on them.
Megan Feil, March 14, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Social Media Still a Crime Hub
March 14, 2016
It seems that most crime is concentrated on the hidden Dark Web, especially with news of identity thief and potential threats to national security making the news over the latest social media hotspot. Social media is still a hot bed for Internet crime and Motherboard has a little tale tell about, “SocioSpyder: The Tool Bought By The FBI To Monitor Social Media.” Social media remains a popular crime hub, because of the amount of the general public that use it making them susceptible to everything from terroristic propaganda to the latest scam to steal credit card numbers.
Law enforcement officials are well aware of how criminals use social media, but the biggest problem is having to sift through the large data stockpile from the various social media platforms. While some law enforcement officials might enjoy watching the latest cute kitten video, it is not a conducive use of their time. The FBI purchased SocioSpyder as their big data tool.
“ ‘SocioSpyder,’ as the product is called, ‘can be configured to collect posts, tweets, videos and chats on-demand or autonomously into a relational, searchable and graphable database,” according to the product’s website. SocioSpyder is made by Allied Associates International, a US-based contractor for government and military clients as well as other private companies, and which sells, amongst other things, software.
This particular piece of kit, which is only sold to law enforcement or intelligence agencies, allows an analyst to not only keep tabs on many different targets across various social networks at once, but also easily download all of the data and store it. In short, it’s pretty much a pre-configured web scraper for social media.”
SocioSpyder maps relationships within the data and understand how the user-generated content adds up to the bigger picture. Reportedly, the FBI spent $78,000 on the SocioSpyder software and the US Marshals bought a lesser version worth $22,500. SocioSpyder is being used to gather incriminating evidence against criminals and avoid potential crimes.
My biggest question: where can we get a version of SocioSpyder to generate reports for personal use?
Whitney Grace, March 14, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
PIN Number Analysis
March 11, 2016
With the interest in four digit security codes, some folks have been thinking about the frequency with which certain four digit combinations appear. If you are interested in this subject, you may want to check out “PIN Analysis.” Do you use a popular and possibly easily hacked PIN code?
The author makes an odd comment. Apparently the reason people chose 2580 is not clear to him. Hint: Look at your keypad. What numbers go right down the center? Yep.
By the way, 1234 is probably not a code to use if the analysis in the write up are accurate.
Stephen E Arnold, March 11, 2016
Open Source Academic Research Hub Resurfaces on the Dark Web
March 11, 2016
Academics are no strangers to the shadowy corners of the Dark Web. In fact, as the The Research Pirates of the Dark Web published by The Atlantic reports, one university student in Kazakhstan populated the Dark Web with free access to academic research after her website, Sci-Hub was shut down in accordance with a legal case brought to court by the publisher Elsevier. Sci-Hub has existed under a few different domain names on the web since then, continuing its service of opening the floodgates to release paywalled papers for free. The article tells us,
“Soon, the service popped up again under a different domain. But even if the new domain gets shut down, too, Sci-Hub will still be accessible on the dark web, a part of the Internet often associated with drugs, weapons, and child porn. Like its seedy dark-web neighbors, the Sci-Hub site is accessible only through Tor, a network of computers that passes web requests through a randomized series of servers in order to preserve visitors’ anonymity.”
The open source philosophy continues to emerge in various sectors: technology, academia, and beyond. And while the Dark Web appears to be a primed for open source proponents to prosper, it will be interesting to see what takes shape. As the article points out, other avenues exist; scholars may make public requests for paywalled research via Twitter and using the hashtag #icanhazpdf.
Megan Feil, March 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Organized Cybercrime Continues to Evolves
March 10, 2016
In any kind of organized crime, operations take place on multiple levels and cybercrime is no different. A recent article from Security Intelligence, Dark Web Suppliers and Organized Cybercrime Gigs, describes the hierarchy and how the visibility of top-level Cybercrime-as-a-Service (CaaS) has evolved with heightened scrutiny from law enforcement. As recently as a decade ago, expert CaaS vendors were visible on forums and underground boards; however, now they only show up to forums and community sites typically closed to newcomers and their role encompasses more expertise and less information sharing and accomplice-gathering. The article describes their niche,
“Some of the most popular CaaS commodities in the exclusive parts of the Dark Web are the services of expert webinjection writers who supply their skills to banking Trojan operators.
Webinjections are code snippets that financial malware can force into otherwise legitimate Web pages by hooking the Internet browser. Once a browser has been compromised by the malware, attackers can use these injections to modify what infected users see on their bank’s pages or insert additional data input fields into legitimate login pages in order to steal information or mislead unsuspecting users.”
The cybercrime arena shows one set of organized crime professionals, preying on individuals and organizations while simultaneously being sought out by organized cyber security professionals and law enforcement. It will be most interesting to see how collisions and interactions between these two groups will play out — and how that shapes the organization of their rings.
Megan Feil, March 10, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Germany Launches Malware to Spy on Suspicious Citizens
March 10, 2016
The article titled German Government to Use Trojan Spyware to Monitor Citizens on DW explains the recent steps taken in Germany to utilize Trojans, or software programs, created to sneak into someone else’s computer. Typically they are used by hackers to gain access to someone’s data and steal valuable information. The article states,
“The approval will help officials get access to the suspect’s personal computer, laptop and smartphone. Once the spyware installs itself on the suspect’s device, it can skim data on the computer’s hard drive and monitor ongoing chats and conversations. Members of the Green party protested the launching of the Trojan, with the party’s deputy head Konstantin von Notz saying, “We do understand the needs of security officials, but still, in a country under the rule of law, the means don’t justify the end.”
Exactly whom the German government wants to monitor is not discussed in the article, but obviously there is growing animosity towards not only the Syrian refugees but also all people of Middle Eastern descent. Some of this hostility is based in facts and targeted, but the growing prejudice towards innocent people who share nothing but history with terrorists is obviously cause for concern in Germany, Europe, and the United States as well. One can only imagine how President Trump might cavalierly employ malware to spy on an entire population that he has already stated his distrust of in the most general terms.
Chelsea Kerwin, March 10, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
