CyberOSINT banner

Signs of Life from Funnelback

May 19, 2016

Funnelback has been silent as of late, according to our research, but the search company has emerged from the tomb with eyes wide open and a heartbeat.  The Funnelback blog has shared some new updates with us.  The first bit of news is if you are “Searchless In Seattle? (AKA We’ve Just Opened A New Office!)” explains that Funnelback opened a new office in Seattle, Washington.   The search company already has offices in Poland, United Kingdom, and New Zealand, but now they want to establish a branch in the United States.  Given their successful track record with the finance, higher education, and government sectors in the other countries they stand a chance to offer more competition in the US.  Seattle also has a reputable technology center and Funnelback will not have to deal with the Silicon Valley group.

The second piece of Funnelback news deals with “Driving Channel Shift With Site Search.”  Channel shift is the process of creating the most efficient and cost effective way to deliver information access and usage to users.  It can be difficult to implement a channel shift, but increasing the effectiveness of a Web site’s search can have a huge impact.

Being able to quickly and effectively locate information on a Web site saves time for not only more important facts, but it also can drive sales, further reputation, etc.

“You can go further still, using your search solution to provide targeted experiences; outputting results on maps, searching by postcode, allowing for short-listing and comparison baskets and even dynamically serving content related to what you know of a visitor, up-weighting content that is most relevant to them based on their browsing history or registered account.

Couple any of the features above with some intelligent search analytics, that highlight the content your users are finding and importantly what they aren’t finding (allowing you to make the relevant connections through promoted results, metadata tweaking or synonyms), and your online experience is starting to become a lot more appealing to users than that queue on hold at your call centre.”

I have written about it many times, but a decent Web site search function can make or break a site.  Not only does it demonstrate that the Web site is not professional, it does not inspire confidence in a business.  It is a very big rookie mistake to make.


Whitney Grace, May 19, 2016
Sponsored by, publisher of the CyberOSINT monograph

Mastering SEO Is Mastering the Internet

May 5, 2016

Search engine optimization, better known as SEO, is one of the prime tools Web site owners must master in order for their site to appear in search results.   A common predicament most site owners find themselves in is that they may have a fantastic page, but if a search engine has not crawled it, the site might as well not exist.  There are many aspects to mastering SEO and it can be daunting to attempt to make a site SEO friendly.  While there are many guides that explain SEO, we recommend Mattias Geniar’s “A Technical Guide To SEO.”

Some SEO guides get too much into technical jargon, but Geniar’s approach uses plain speak so even if you have the most novice SEO skills it will be helpful.  Here is how Geniar explains it:

“If you’re the owner or maintainer of a website, you know SEO matters. A lot. This guide is meant to be an accurate list of all technical aspects of search engine optimisation.  There’s a lot more to being “SEO friendly” than just the technical part. Content is, as always, still king. It doesn’t matter how technically OK your site is, if the content isn’t up to snuff, it won’t do you much good.”

Understanding the code behind SEO can be challenging, but thank goodness content remains the most important aspect part of being picked up by Web crawlers.  These tricks will only augment your content so it is picked up quicker and you will receive more hits on your site.


Whitney Grace, May 5, 2016
Sponsored by, publisher of the CyberOSINT monograph

The Force of the Dark Web May Not Need Sides

April 14, 2016

The name “Dark Web” has sensational language written all over it. Such a label calls for myth-busting articles to be published, such as the recent one from Infosecurity Magazine, The Dark Web — Is It All Bad?. This piece highlights the opinions of James Chappell, CTO and Co-founder of Digital Shadows, who argues the way the Dark Web is portrayed in the media pigeonholes sites accessible by Tor as for criminal purposes. Chappell is quoted,

“Looking at some of the press coverage you could be forgiven for thinking that the Dark Web is solely about criminality,” he told Infosecurity. “In reality, this is not the case and there are many legitimate uses alongside the criminal content that can be found on these services. Significantly – criminality is an internet-wide problem, rather than exclusively a problem limited to just the technologies that are labelled with the Dark Web.”

The author’s allusion to Star Wars’ divided force, between supposed “good” and “bad” seems an appropriate analogy to the two sides of the internet. However, with a slightly more nuanced perspective, could it not be argued that Jedi practices, like those of the Sith, are also questionable? Binaries may be our preferred cultural tropes, as well as the building blocks of computer software programming, but let’s not forget the elements of variability: humans and time.


Megan Feil, April 14, 2016

Sponsored by, publisher of the CyberOSINT monograph

Cybercriminal Talent Recruitment Moves Swiftly on the Dark Web

April 8, 2016

No matter the industry, it’s tough to recruit and keep talent. As the Skills shortage hits hackers published by Infosecurity Magazine reports, cybercriminals are no exception. Research conducted by Digital Shadows shows an application process exists not entirely dissimilar from that of tradition careers. The jobs include malware writers, exploit developers, and botnet operators. The article explains how Dark Web talent is recruited,

“This includes job ads on forums or boards, and weeding out people with no legitimate technical skills. The research found that the recruitment process often requires strong due diligence to ensure that the proper candidates come through the process. Speaking to Infosecurity, Digital

Shadows’ Vice President of Strategy Rick Holland said that in the untrusted environment of the attacker, reputation is as significant as in the online world and if someone does a bad job, then script kiddies and those who have inflated their abilities will be called out.”

One key difference cited is the hiring timeline; the Dark Web moves quickly. As you might imagine, apparently only a short window of opportunity to cash in stolen credit cards. The sense of urgency related to many Dark Web activities suggests speedier cybersecurity solutions are on the scene. As cybercrime-as-a-service expands, criminals’ efforts and attacks will only be swifter.


Megan Feil, April 8, 2016

Sponsored by, publisher of the CyberOSINT monograph

Forget World Population, Domain Population Is Overcrowded

April 5, 2016

Back in the 1990s, if you had a Web site without a bunch of gobbidly-gook after the .com, you were considered tech savvy and very cool.  There were plenty of domain names available in those days and as the Internet became more of a tool than a novelty, demand for names rose. It is not as easy anymore to get the desired Web address, says in the article, “Overcrowded Internet Domain Space Is Stifling Demand, Suggesting A Future ‘Not-Com’ Boom.”

Domain names are being snapped up fast, so quickly, in fact, that Web development is being stunted.  As much as 25% of domains are being withheld, equaling 73 million as of summer 2015 with the inability to register domain names that would drive Internet traffic.

“However, as the Internet Corporation for Assigned Names and Numbers (ICANN) has begun to roll out the option to issue brand new top-level domains for almost any word, whether it’s dot-hotel, dot-books or dot-sex – dubbed the ‘not-coms’ – the research suggests there is substantial untapped demand that could fuel additional growth in the domain registrations.”

One of the factors that determine prime Internet real estate is a simple, catchy Web address.  With new domains opening up beyond the traditional .org, .com, .net, .gov endings, an entire new market is also open for entrepreneurs to profit from.  People are already buying not-com’s for cheap with the intention to resale them for a pretty penny.  It bears to mention, however, that once all of the hot not-com’s are gone, we will be in the same predicament as we are now.  How long will that take?


Whitney Grace, April 5, 2016
Sponsored by, publisher of the CyberOSINT monograph

Secure Email on the Dark Web

April 1, 2016

Venturing safely onto the Dark Web can require some planning. To that end, FreedomHacker shares a “List of Secure Dark Web Email Providers in 2016.” The danger with Tor-accessible email providers, explains reporter Brandon Stosh, lies in shady third parties. He writes:

“It’s not that finding secure communications on Tor is a struggle, but it’s hard to find private lines not run by a rogue entity. Below we have organized a list of secure dark web email providers. Please remember that no email provider should ever be deemed secure, meaning always use encryption and keep your opsec to its highest level….

“Below we have listed emails that are not only secure but utilize no type of third-party services, including any type of hidden Google scripts, fonts or trackers. In the list below we have gone ahead and pasted the full .onion domain for verification and added a link to any services who also offer a clearweb portal. However, all communications sent through clearweb domains should be presumed insecure unless properly encrypted, then still it’s questionable.”

The list of providers includes 10 entries, and Stosh supplies a description of each of the top five: Sigaint, Rugged Inbox, Torbox, Bitmessage, and Mail2Tor; see the article for these details, and to view the other five contenders. Stosh wraps up by emphasizing how important email security is, considering all the sensitive stuff most of us have in our inboxes. Good point.


Cynthia Murrell, April 1, 2016

Sponsored by, publisher of the CyberOSINT monograph

For Sale: Your Bank Information

March 21, 2016

One of the common commodities for sale on the Dark Web is bank, credit card, social security numbers, and other personal information.  This information can sell for a few bucks to hundreds of dollars depending on the quality and quantity of the information.   In order to buy personal information, usually the interested parties must journey to the Dark Web, but the International Business Times tells us that “Confidential Bank Details Available For Sale On Easily Found Web Site”  is for sale on the general Web and the information is being sold for as little as a couple pounds (or dollars for the US folks).  The Web site had a pretty simple set up, interested parties register, and then they have access to the stolen information for sale.

Keith Vaz, chairman of the home affairs select committee, wants the National Crime Agency (NCA) to use its power and fulfill its purpose to shut the Web site down.

“A statement from the NCA said: “We do not routinely confirm or deny investigations nor comment on individual sites. The NCA, alongside UK and international law enforcement partners and the private sector, are working to identify and as appropriate disrupt websites selling compromised card data. We will work closely with partners of the newly established Home Office Joint Fraud Task Force to strengthen the response.”

Online scams are getting worse and more powerful in stealing people’s information.  Overall, British citizens lost a total of 670 million pounds (or $972 million).  The government, however, believes the total losses are more in the range of 27 billion pounds (or $39.17 billion).

Scams are getting worse, because the criminals behind them are getting smarter and know how to get around security defenses.  Users need to wise up and learn about the Dark Web, take better steps to protect their information, and educate themselves on how to recognize scams.


Whitney Grace, March 21, 2016
Sponsored by, publisher of the CyberOSINT monograph

DtSearch in the Cloud

January 18, 2016

Enterprise- and developer-search firm dtSearch now offers a platform for the cloud. informs us, “New .NET Solution Uses dtSearch with Microsoft Azure Files and RemoteApp.”  The solution allows users to run the dtSearch engine entirely online with Microsoft Azure, ensuring their security with Microsoft’s RemoteApp. The press release elaborates:

“The solution enables cloud operation of all dtSearch components, leveraging Microsoft’s new Azure Files feature for dtSearch index storage. Searching (including all 25+ dtSearch search options) runs via Microsoft’s RemoteApp. Using RemoteApp gives the search component the ‘look and feel’ of a native application running under Windows, Android, iOS or OS/X. Developers using dtSearch’s core developer product, the dtSearch Engine, can find the solution on CodeProject, including complete Visual Studio 2015 .NET sample code.”

See the thorough write-up for many details about the product, including supported formats, search and classification options, and their terabyte indexer. We note, for example, the capacities for concurrent, multithreaded search and for federated searches with their dtSearch Spider.

Founded in 1991, dtSearch supplies search software to firms in several fields and to numerous government agencies around the world. The company also makes its products available for incorporation into other commercial applications. dtSearch has distributors worldwide, and is headquartered in Bethesda, Maryland.


Cynthia Murrell, January 18, 2016

Sponsored by, publisher of the CyberOSINT monograph

Score One for Yandex

December 21, 2015

Russian search powerhouse Yandex has successfully sued Google, we learn from re/code’s article, “Meet the Russian Company that Got Its Antitrust Watchdog to Bite Google.” Reporter Mark Bergen interviewed Yandex’s Roman Krupenin, who has led this legal campaign. In his intro, Bergen relates:

“In October, Russia’s antitrust authority ruled that Google’s practice of bundling its services on Android handsets violated national law. The case’s lead complainant was Yandex, an 18-year old Web search and advertising company. It’s not a global name, but is big in Russia. Last quarter, Yandex raked in $233.1 million in revenue. (For context, Google averaged about $179 million in sales a day over the same period.) Most Russians use Yandex for Internet searches — an estimated 57 percent in the last quarter, though that share has slipped in recent years. The culprit? According to Yandex, it’s the favored position of Google’s apps, including its search one and its browser, on Android smartphones, which outnumber iPhones in Russia considerably. To fight it off, Yandex has pushed to cut handset agreements of its own: It finalized one with Lenovo last year, and paired with Microsoft last month to make Yandex’s homepage and search results the Russian default for Windows 10.”

Furthermore, we’re reminded, Yandex is also taking part in the EU’s latest antitrust investigation. Naturally, Google is appealing the decision. See the article for text of the interview, where Krupenin discusses the focus on Android over Search, the unique factors that made for victory over the notoriously slippery company, and the call for an end to Google’s service-bundling practices.


Cynthia Murrell, December 21, 2015

Sponsored by, publisher of the CyberOSINT monograph


New Patent for a Google PageRank Methodology

December 18, 2015

Google recently acquired a patent for a different approach to page ranking, we learn from “Recalculating PageRank” at SEO by the Sea. Though the patent was just granted, the application was submitted back in 2006. Writer Bill Slawski informs us:

“Under this new patent, Google adds a diversified set of trusted pages to act as seed sites. When calculating rankings for pages. Google would calculate a distance from the seed pages to the pages being ranked. A use of a trusted set of seed sites may sound a little like the TrustRank approach developed by Stanford and Yahoo a few years ago as described in Combating Web Spam with TrustRank (pdf). I don’t know what role, if any, the Yahoo paper had on the development of the approach in this patent application, but there seems to be some similarities. The new patent is: Producing a ranking for pages using distances in a Web-link graph.”

The theory behind trusted pages is that “good pages seldom point to bad ones.” The patent’s inventor, Nissan Hajaj, has been a Google senior engineer since 2004. See the write-up for the text of the patent, or navigate straight to the U.S. Patent and Trademark Office’s entry on the subject.


Cynthia Murrell, December 18, 2015

Sponsored by, publisher of the CyberOSINT monograph

Next Page »