DarkCyber for April 6, 2021, Now Available

April 6, 2021

DarkCyber is a twice-a-month video news program about the Dark Web, cyber crime, and lesser known Internet services. You can view the program at this link.

This program covers five stories:

  1. Banjo, founded by a controversial figure, has been given an overhaul. There’s new management and a new name. The challenge? Turn the off tune Banjo into a sweet revenue song.
  2. The Dark Web is not a hot bed of innovation. In fact, it’s stagnant, and law enforcement has figured out its technology and is pursuing persons of interest. A “new” Dark Web-like datasphere is now emerging. Robust encrypted messaging apps allow bad actors to make deals, pay for goods and services, and locate fellow travelers more easily and quickly than ever before.
  3. User tracking is a generator of high value information. Some believe that user tracking is benign or nothing about which to worry. That’s not exactly the situation when third-party and primary data are gathered, cross-correlated, and analyzed. Finding an insider who can be compromised has never been easier.
  4. New cyber crime reports are flowing in the aftermath of the Solarwinds’ and Microsoft Exchange Server fiascos. What’s interesting that two of these reports reveal information which provides useful insight into what the bad actors did to compromise thousands of systems.
  5. The final story reports about the world’s first drone which makes it possible for law enforcement and intelligence operatives to conduct a video conference with a bad actor near the drone. The innovative device can also smash through tempered glass to gather information about persons of interest.

DarkCyber is produced by Stephen E Arnold. The program is a production of Beyond Search and Arnold Information Technology. Mr. Arnold is the author of CyberOSINT and The Dark Web Notebook. He will be lecturing at the 2021 National Cyber Crime Conference.

Kenny Toth, April 6, 2021

DarkCyber for March 23, 2021, Now Available

March 23, 2021

DarkCyber for March 23, 2021, is now available at this link.

The March 23, 2021, program contains four stories.

The feature is an interview with the director of GovWizely, Erik Arnold. A former Lycos and Vivisimo executive, Mr. Arnold was a principal researcher on a study about the SolarWinds’ breach. The client for this report was an investment firm. The focus, therefore, was different from the obfuscation and marketing reports generated by cyber security firms and consultants.

Some of the report’s more interesting finding are discussed in the video. A more comprehensive review of the SolarWinds’ breach will be provided on March 25, 2021. Mr. Arnold will conduct an informational webinar on March 25, 2021, at 11 am Eastern time. Registration is required, but there is not charge for the one hour program. You can sign up at https://www.govwizely.com/contact/.

Other stories in the March 23, 2021, program are:

  • A look at the management and credibility challenges the Microsoft Exchange Server security lapses create
  • How anyone can implement an email tracking function. Three commercial services are mentioned and a GitHub repository is provided for those who want to reuse open source surveillance and monitoring code
  • The Russian GROM. This is a weapons capable drone which has been upgraded to carry 10 mini-drones. Each mini-drone can perform kinetic (micro munition)  or reconnaissance functions. The 10 drones can function as a swarm, coordinated via artificial intelligence to adapt to changing battled conditions.

DarkCyber is a video news program published twice each month. The videos are available on YouTube. The video news program covers the Dark Web, cyber crime, and lesser known Internet services. The producer is Stephen E Arnold, publisher of Beyond Search which is available at www.arnoldit.com/wordpress.

Kenny Toth, March 23, 2021

DarkCyber for March 9, 2021, Now Available

March 9, 2021

This week’s DarkCyber is available on YouTube. The program includes two stories. The first is a summary of our SolarWinds’ research project. An investment firm commissioned a report to answer this question, “What are some companies that will benefit from the breach of SolarWinds’ Orion enterprise software?” The second story describes a loitering drone which has seen action in a recent hot fire skirmish.

The SolarWinds’ story comes at the breach of SolarWinds’ Orion product from a different angle. Most of the existing studies focus on what happened and what organizations are affected. Those reports fall into several broad categories: [1] Technobabble. These are explanations ignoring the obvious fact that non of the installed cyber security systems spotted the SolarWinds’ malware for more than six months, maybe more. [2] After action reports identifying issues with how SolarWinds and many other organizations software are assembled; for example, the use of open source libraries without making sure these libraries do not contain malware and managing basic security processes. [3] Academic / technical discussions of the specific types of malware used in the breach. (The reality is that the malware was based on existing exploits and used methods frequently discussed on hacker forums.)

In the course of our exploration of the hack, we learned that the existing, easily findable information provided a road map for the bad actors. Instead of lightning flashes of genius, the bad actors learned from a range of sources. We mention some of these in this video summary of portions of our research. Then we looked at SolarWinds itself. In this video summary, we provide a snapshot of the distraction factors at SolarWinds in the months leading up to the discovery of the breach. We identify the numerous balls SolarWinds’ executives were juggling. Obviously the firm’s security ball was fumbled by the juggler. The video summary identifies the types of commercial and open source software enabling the breach. One interesting finding is that Microsoft GitHub is the “home” for many useful tools. Some of these were likely to have facilitated certain functions added to existing malware. The final part of the video summary reveals the major findings of our research and analysis process.  A more comprehensive and detailed version of this summary will be presented to units of the US government in March. Some of the information will be provided to the attendees at the US 2021 National Cyber Crime Conference. The DarkCyber video summary, we believe, is useful.

There is no written report available to the public. However, if you want a comprehensive briefing about the report, please, write us at darkcyber333 at yandex dot com. There is a charge for the one hour Zoom briefing and a 30 minute question-and-answer session following the formal presentation.

The second story documents the steady advance of artificial intelligence deployed in autonomous kamikaze drones.

Kenny Toth, March 9, 2021

About TikTok and Privacy: $92 Million Catch Your Attention

March 4, 2021

I have commented about the superficial understanding shared among some “real” and big time journalists of data collection. What’s the big deal about TikTok? Who cares what kids are doing? Dismissive attitude flipped off these questions because “real” news knows what’s up?

ByteDance Agrees to US$92 Million Privacy Settlement with US TikTok Users” suggests that ignoring the China-linked TikTok may warrant some scrutiny. The story reports:

The lawsuits claimed the TikTok app “infiltrates its users’ devices and extracts a broad array of private data including biometric data and content that defendants use to track and profile TikTok users for the purpose of, among other things, ad targeting and profit.” The settlement was reached after “an expert-led inside look at TikTok’s source code” and extensive mediation efforts, according to the motion seeking approval of the settlement.

My view is that tracking a user via a range of methods can create a digital fingerprint of a TikTok user. That fingerprint can be matched or cross correlated with other data available to a specialist; for example, information obtained from Oracle. The result is that a user could be identified and tracked across time.

Yep, today’s young person is tomorrow’s thumbtyper in one of the outfits compromised by the SolarWinds’ misstep. What if the TikTok data make it possible to put pressure on a user? What if the user releases access information or other high value data?

TikTok, TikTok, the clock may be ticketing quietly away.

Stephen E Arnold, March 4, 2021

Insights into Video Calls

February 24, 2021

I read a ZDNet write up. The word I would use to describe its approach is “breezy.” Maybe “fluffy?” “Microsoft Teams or Zoom? A Salesman Offers His Stunning Verdict” reveals quite a bit about the mental approach of the super duper professionals referenced in the article.

The security of Microsoft Teams and Zoom concern me. The SolarWinds’ misstep resulted in Microsoft’s losing control of some Azure and Outlook software. But we only know what Microsoft elects to reveal. Then there is the Zoom-China connection. That gives me pause.

What’s the write up reveal? Policy or personal preference dictates what system gets clicked. But the write up reveals some other factoids, which I think are quite illuminating.

First, the anonymous sales professional states:

“I’m on video calls eight hours a day. I just do what’s easiest…Some of my meetings are in the middle of the night. You want me to think then?”

Not a particularly crafty person I think. The path of least resistance is the lure for this professional. I like the idea that this professional’s thought processes shut down for the night. To answer the rhetorical question “You want me to think then?”, I would reply, “Yes, you are a professional. If you don’t want to think, go for the Walmart greeter work.” Lazy radiates from this professional’s comment.

Another person explains that answering a question about video conferencing features can be expressed this way:

“Zoom to Teams is like Sephora to Ulta. Or Lululemon to Athleta.”

I assume that this is a brilliant metaphor like one of Shakespeare’s tropes. To me I have zero idea about the four entities offered as points of reference. My hunch is that this individual’s marketing collateral is equally incisive.

A source focused on alcohol research (who knew this was a discipline?) This individual is convinced that Zoom’s “has more security protocols.” This individual does not know that most Zoom bombing is a consequence of individuals invited to a meeting.

Here are my takeaways from the write up:

  1. The salesman cuts corners
  2. The person who speaks in terms of product brand names is likely to confuse me when I ask, “What’s the weather?”
  3. The alcohol researcher’s confidence in Zoom security is at odds with the Zoom bomb thing.

For my Zoom sessions, I use an alias, multiple bonded Internet services, and a specialized VPN. I certainly don’t trust Zoom security. And Microsoft? These pros develop security services which could not detect a multi month breach which resulted in the loss of some source code.

My verdict: Meet in person, wear a mask, and trust but verify.

Stephen E Arnold, February 24, 2021

Bitchute: Still Powering Those Ultra Bits

January 28, 2021

Republicans view Democrats with suspicion. Democrats stare back at Republicans. Both political parties have media outlets that support each of their political ideologies. The only problem for either party are the extremists (and conspiracy theorists) that haunt their ranks. That being said welcome to BitChute, a conservative video streaming platform that allows frisky speech, conspiracy theorists, and Web 3.0 thinkers.

Mashable deep dives into the platform in: “BitChute Welcomes The Dangerous Hate Speech That YouTube Bans.” BitChute has not received as much attention as other alternative social media Web sites. British citizen Ray Vahey, a Web developer, founded BitChute as a free speech platform when Google banned certain contentious speech and extremist content on YouTube. Vahey lives in Thailand and he actively supports conspiracy theories.

BitChute is funded by donations and will start playing ads from the advertising company Criteo. Most of BitChute’s content comes from YouTube and it is not owned by the uploads. Reuters, for example, has a channel, but Reuters does not own it. There have been takedown allegations, although they were copyright infringement and not community guidelines.

“As HOPE not hate’s report puts it: “BitChute exists to circumvent the moderation of mainstream platforms.”  BitChute really seems like the Wild West. The company lists basic community guidelines on the site, but users can easily find videos that violate them. And it’s not like there’s so much content that BitChute couldn’t moderate it all. “

There are fewer uploaders to BitChute than YouTube enjoys, but that does not limit the depth of unusual factoids shared in videos. BitChute’s guidelines state terrorism recruitment videos were not allowed, yet there are many available as well as mass shooting videos.

BitChute may be poised for growth.

Whitney Grace, January 28, 2020

DarkCyber for January 26, 2021, Now Available

January 26, 2021

DarkCyber is a twice-a-month video news program. The stories cover cyber crime, lesser known Internet services, and online. The feature in the January 26, 2021, program is a conversation between Ric Manning, a former Gannett technology columnist and author, and Stephen E Arnold, author of CyberOSINT: Next Generation Information Access. Arnold and Manning talk about the online implications of deplatforming users. Manning points out that protections extended to online platforms free the managers from the constraints in which other media are enmeshed. Arnold points out that government involvement is likely to take place and have significant unforeseen consequences.

Others stories in this program are the deanonymization of digital currency users, a book of algorithms selected for their usefulness in intelligence analysis, and our mini-feature about drones. This week, learn about the flying ginsu knife.

You can view the video at www.arnoldit.com/wordpress or at this url on YouTube.

Kenny Toth, January 26, 2021

Microsoft Teams: More, More, More

January 12, 2021

Last week I was on a Zoom video call. Zoom is pretty easy to use. What’s interesting is that the cyber security organizer of the meeting could not figure out how to allow a participant to share a screen. Now how easy is it to use Microsoft Teams compared to Zoom? In my opinion, Microsoft Teams is a baffler. The last thing Teams needs is another dose of featuritis. Teams and Zoom both need to deal with the craziness of the existing features and functions.

I have given up on Zoom improving its interface. The tiny gear icon, one of the most used components, is tough for some people to spot. Teams has a couple of donkeys laden with wackiness; for example, how about those access controls? Working great for new users, right? But Microsoft who is busy reinventing itself from Word and SharePoint wants to be the super Slack of our Rona-ized world. Sounds good? Yep, ads within Office 10 are truly an uplifting experience for individuals who use Windows 10 to sort of attempt work. Plus, Teams adds Channel calendars. Great! More calendars! Many Outlooks, many search systems, and now calendars! In Teams!

I noted this BBC write up: “Pupils in Scotland Struggle to Get Online Amid Microsoft Issue.” I thought teachers, parents were there to help. The Beeb states:

A number of schools, pupils and parents have reported the technology running slowly or not at all.

What’s Microsoft say? According to the Beeb:

A Microsoft spokesperson said: “Our engineers are working to resolve difficulties accessing Microsoft Teams that some customers are experiencing.” When pressed on whether demand as a result of home schooling was causing the issue, Microsoft declined to comment.

Just like the SolarWinds’ misstep? Nope, just working to make Teams more interesting. Navigate to “Microsoft Teams Is Getting a More Engaging Experience for Meetings Soon.” If the write up is accurate, that’s exactly what Microsoft has planned for its Zoom killer. The write up reports an item from the future:

Microsoft is working on making Teams meetings more engaging using AI and a “Dynamic View” to give more control over meeting presentations.

And what, pray tell, is a more engaging enhancement or two? I learned that in the future (not yet determined):

The Dynamic view is said to let you see what’s being shared and other people on the call at the same time. With the call being automatically optimized in a way that lets participants both see the important information that’s being shared and the people presenting it in a satisfying way.

News flash. The features appear to add controls (hooray, more controls) and the presentation seems just fine for those high-resolution displays measured in feet, not inches.

Bulletin. Just in. More people are using mobile devices than desktop computers. How is Teams on a mobile device with a screen measured in inches, not feet?

Oh, right. Featuritis and tiny displays. Winners. Maybe not for someone over the age of 45, but that’s an irrelevant demographic, right?

Stephen E Arnold, January 12, 2021

DarkCyber for January 12, 2021, Now Available

January 12, 2021

DarkCyber is a twice-a-month video news program about online, the Dark Web, and cyber crime. You can view the video on Beyond Search or at this YouTube link.

The program for January 12, 2021, includes a featured interview with Mark Massop, DataWalk’s vice president. DataWalk develops investigative software which leapfrogs such solutions as IBM’s i2 Analyst Notebook and Palantir Gotham. In the interview, Mr. Massop explains how DataWalk delivers analytic reports with two or three mouse clicks, federates or brings together information from multiple sources, and slashes training time from months to several days.

Other stories include DarkCyber’s report about the trickles of information about the SolarWinds’ “misstep.” US Federal agencies, large companies, and a wide range of other entities were compromised. DarkCyber points out that Microsoft’s revelation that bad actors were able to view the company’s source code underscores the ineffectiveness of existing cyber security solutions.

DarkCyber highlights remarkable advances in smart software’s ability to create highly accurate images from poor imagery. The focus of DarkCyber’s report is not on what AI can do to create faked images. DarkCyber provides information about how and where to determine if a fake image is indeed “real.”

The final story makes clear that flying drones can be an expensive hobby. One audacious drone pilot flew in restricted air zones in Philadelphia and posted the exploits on a social media platform. And the cost of this illegal activity. Not too much. Just $182,000. The good news is that the individual appears to have avoided one of the comfortable prisons available to authorities.

One quick point: DarkCyber accepts zero advertising and no sponsored content. Some have tried, but begging for dollars and getting involved in the questionable business of sponsored content is not for the DarkCyber team.

Finally, this program begins our third series of shows. We have removed DarkCyber from Vimeo because that company insisted that DarkCyber was a commercial enterprise. Stephen E Arnold retired in 2017, and he is now 77 years old and not too keen to rejoin the GenX and Millennials in endless Zoom meetings and what he calls “blatant MBA craziness.” (At least that’s what he told me.)

Kenny Toth, January 12, 2021

DarkCyber for December 29, 2020, Is Now Available

December 29, 2020

DarkCyber for December 29, 2020, is now available on YouTube at this link or on the Beyond Search blog at this link. This week’s program includes seven stories. These are:

A Chinese consulting firm publishes a report about the low profile companies indexing the Dark Web. The report is about 114 pages long and does not include Chinese companies engaged in this business.

A Dark Web site easily accessible with a standard Internet browser promises something that DarkCyber finds difficult to believe. The Web site contains what are called “always” links to Dark Web sites; that is, those with Dot Onion addresses.

Some pundits have criticized the FBI and Interpol for their alleged failure to take down Jokerstash. This Dark Web site sells access to “live” credit cards and other financial data. Among those suggesting that the two law enforcement organizations are falling short of the mark are four cyber security firms. DarkCyber explains one reason for this alleged failure.

NSO Group, a specialized services company, has been identified as the company providing technology to “operators” surveilling dozens of Al Jazeera journalists. DarkCyber points out that a commercial firm is not in a position to approve or disapprove the use of its technology by the countries which license the Pegasus platform.

Facebook has escalated its dispute with Apple regarding tracking. Now the social media company has alleged that contractors to the French military are using Facebook in Africa via false accounts. What’s interesting is that Russia is allegedly engaged in a disinformation campaign in Africa as well.

The drone news this week contaisn two DJI items. DJI is one of the world’s largest vendors of consumer and commercial drones. The US government has told DJI that it may no longer sell its drones in the US. DJI products remain available in the US. DJI drones have been equipped with flame throwers to destroy wasp nests. The flame throwing drones appear formidable.

DarkCyber is a twice a month video news program reporting on the Dark Web, lesser known Internet services, and cyber crime. The program is produced by Stephen E Arnold and does not accept advertising or sponsorships.

Kenny Toth, December 29, 2020

Next Page »

  • Archives

  • Recent Posts

  • Meta