• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

DarkCyber for May 18, 2021 Now Available

DarkCyber is a twice-a-month video news program usually available on YouTube at this link. The topics in the May 18, 2021, video include a look at what the Signal subpoena “signals” about advanced US intelware systems. The program also explores ways to spy on a mobile phone. If you want to purchase your own IMSI catcher, you will find a an online ecommerce site ready to respond. (Keep in mind intercepting mobile content can be problematic in some jurisdictions.) Reluctantly we revisit the increasingly embarrassing Microsoft security software and systems. We report that a UK cyber security company has entered into a partnership with Microsoft in order to put the polish on that digital Yugo. The program profiles a not-so-clever trick to smuggle liquid meth into the United States. The scheme included a drug mule, a VW SUV, and a fuel tank available from an auto parts shop. Hint: The ploy did not work. This program’s drone news explains the new features of the UAVTEK bug nano. This is a remarkable device which can operate in swarms, perform surveillance whether in the air or perched in an inconspicuous location. The new version can carry a payload; for example, additional sensors and micro-explosives.

DarkCyber is available at www.arnoldit.com/wordpress and on YouTube. (Sometimes the really smart software used to filter objectionable content becomes irritated with the video news program. Is it because the LE and intel centric content is troublesome? Is it because DarkCyber does not run ads (no big momma ads nor from individual companies), and the content is not sponsored. No wonder videos are objectionable. I mean no ads, no sponsorships, no shilling! Terrible, right?

Kenny Toth, May 18, 2021

PS. This video is available on Facebook (we think). Try this url: https://bit.ly/3wfTnNu

DarkCyber for May 4, 2021, Now Available

The 9th 2021 DarkCyber video is now available on the Beyond Search Web site. Will the link work? If it doesn’t, the Facebook link can assist you. The original version of this 9th program contained video content from an interesting Dark Web site selling malware and footage from the PR department of the university which developed the kid-friendly Snakebot. Got kids? You will definitely want a Snakebot, but the DarkCyber team thinks that US Navy Seals will be in line to get duffle of Snakebots too. These are good for surveillance and termination tasks.

Plus, this 9th program of 2021 addresses five other stories, not counting the Snakebot quick bite. These are: [1] Two notable take downs, [2] iPhone access via the Lightning Port, [3] Instant messaging apps may not be secure, [4] VPNs are now themselves targets of malware, and [5] Microsoft security with a gust of SolarWinds.

The complete program is available — believe it or not — on Tess Arnold’s Facebook page. You can view the video with video inserts of surfing a Dark Web site and the kindergarten swimmer friendly Snakebot at this link: https://bit.ly/2PLjOLz. If you want the YouTube approved version without the video inserts, navigate to this link.

DarkCyber is produced by Stephen E Arnold, publisher of Beyond Search. You can access the current video plus supplemental stories on the Beyond Search blog at www.arnoldit.com/wordpress.

We think smart filtering is the cat’s pajamas, particularly for videos intended for law enforcement, intelligence, and cyber security professionals. Smart software crafted in the Googleplex is on the job.

Kenny Toth, May 4, 2021

Signal and Cellebrite: Raising Difficult Questions

Signal published an summary of its exploration of the Cellebrite software. Founded in Israel and now owned by the Japanese company Sun Corporation, Cellebrite is a frequent exhibitor, speaker, and training sponsor at law enforcement and intelligence conferences. There are units and subsidiaries of the company, which are not germane to this short blog post. The company’s main business is to provide specialized services to make sense of data on mobile devices. Yes, there are other use cases for the company’s technology, but phones are a magnet at the present time.

“Exploiting Vulnerabilities in Cellebrite UFED and Physical Analyzer from an App’s Perspective” makes clear that Cellebrite’s software is probably neither better nor worse than the SolarWinds, Microsoft Exchange Server, or other vendors’ software. Software has bugs, and once those bugs are discovered and put into circulation via a friendly post on a Dark Web pastesite or a comment in a tweet, it’s party time for some people.

Signal’s trope is that the Cellebrite “package” fell off a truck. I am not sure how many of those in my National Cyber Crime 2021 lectures will find that explanation credible, but some people are skeptics. Signal says:

[Cellebrite’s] products have often been linked to the persecution of imprisoned journalists and activists around the world, but less has been written about what their software actually does or how it works. Let’s take a closer look. In particular, their software is often associated with bypassing security, so let’s take some time to examine the security of their own software.

The write up then points out vulnerabilities. The information may be very useful to bad actors who want to configure their mobile devices to defeat the Cellebrite system and method. As readers of this blog may recall, I am not a big fan of disclosures about specialized software for certain government entities. Others — like the Signal analysts — have a different view point. I am not going to get involved in a discussion of this issue.

What I want to point out is that the Signal write up, if accurate, is another example of a specialized services vendor doing the MBA thing of over promising, overselling, and over marketing a cyber security solution.

In the context of the cyber security threat intelligence services which failed to notice the not-so-trivial SolarWinds, Microsoft Exchange Server, and Pulse Secure cyber missteps — the Signal essay is important.

Let me express my concern in questions:

What if the cyber security products and services are not able to provide security? What if the indexes of the Dark Web are not up to date and complete so queries return misleading results? What if the auto-generate alerts are based on flawed  methods?

The cyber vendors and their customers are likely to respond, “Our products are more than 95 percent effective.” That may be accurate in some controlled situations. But at the present time, the breaches and the Signal analysis may form the outlines of a cyber environment in which expensive cyber tools are little more than plastic hammers and saws. Expensive plastic tools which break when subjective to real world work.

Stephen E Arnold, April 22, 2021

DarkCyber for April 20, 2021, Now Available

The DarkCyber video news program for April 20, 2021, is now available on Beyond Search or at this link. The program covers cyber crime, lesser known online services, and related technologies. DarkCyber appears twice each month and contains no sponsored content or advertising.

This week’s program includes five stories:

1. Policeware marketing, unchanged since 1980, is given the investigative news treatment. Interesting but not news and not unusual
2. Caller ID spoofing solutions for programmers and general mobile phone users
3. The sounds of silence: How large companies are explaining security lapses
4. Cisco Systems explains who cares about privacy
5. Russia’s most advanced drone looks like a 40 year old US aircraft, just with artificial intelligence.

The DarkCyber video news program is produced by Stephen E Arnold, publisher of Beyond Search and author of CyberOSINT: Next Generation Information Access. The stories are selected and written by the team which assembled The Dark Web Notebook: A Guide for Law Enforcement.

Kenny Toth, April 20, 2021

DarkCyber for April 6, 2021, Now Available

DarkCyber is a twice-a-month video news program about the Dark Web, cyber crime, and lesser known Internet services. You can view the program at this link.

This program covers five stories:

1. Banjo, founded by a controversial figure, has been given an overhaul. There’s new management and a new name. The challenge? Turn the off tune Banjo into a sweet revenue song.
2. The Dark Web is not a hot bed of innovation. In fact, it’s stagnant, and law enforcement has figured out its technology and is pursuing persons of interest. A “new” Dark Web-like datasphere is now emerging. Robust encrypted messaging apps allow bad actors to make deals, pay for goods and services, and locate fellow travelers more easily and quickly than ever before.
3. User tracking is a generator of high value information. Some believe that user tracking is benign or nothing about which to worry. That’s not exactly the situation when third-party and primary data are gathered, cross-correlated, and analyzed. Finding an insider who can be compromised has never been easier.
4. New cyber crime reports are flowing in the aftermath of the Solarwinds’ and Microsoft Exchange Server fiascos. What’s interesting that two of these reports reveal information which provides useful insight into what the bad actors did to compromise thousands of systems.
5. The final story reports about the world’s first drone which makes it possible for law enforcement and intelligence operatives to conduct a video conference with a bad actor near the drone. The innovative device can also smash through tempered glass to gather information about persons of interest.

DarkCyber is produced by Stephen E Arnold. The program is a production of Beyond Search and Arnold Information Technology. Mr. Arnold is the author of CyberOSINT and The Dark Web Notebook. He will be lecturing at the 2021 National Cyber Crime Conference.

Kenny Toth, April 6, 2021

The Value of Threat Data: An Interesting Viewpoint

Security is not job one in the cyber security business. Making sales and applying technology to offensive cyber actions are more important. Over the past couple of decades, security for users of mainstream enterprise applications and operating systems has been a puppet show. No one wants to make these digital ecosystems too secure; otherwise, it would be more difficult, expensive, and slow to compromise these systems when used by adversaries. This is a viewpoint not widely known by some professionals, even those in the cyber security business. Don’t agree. That’s okay with me. I would invite those who take exception to reflect on the failure of modern cyber security systems, including threat intelligence systems, to prevent SolarWinds and Microsoft Exchange security breaches. Both are reasonably serious, and both illustrate the future of cyber operations for the foreseeable future. Just because the mainstream pundit-verse is not talking about these security breaches does not mean the problem is solved. It is not.

“Threat Data Helps Enterprises Strengthen Security” describes a different point of view. I am not confident that the data in the write up have factored in the very loud signals from the SolarWinds and Microsoft Exchange missteps. Maybe “collapses” is a more appropriate word.

The write up states:

Benefits of threat data feeds include; adding unique data to better inform security (71 percent), increasing preventive blocking to ensure better defense (63 percent), reducing the mean time to detect and remediate an attack (55 percent), and reducing the time spent researching false positives (51 percent). On the downside 56 percent of respondents also say threat feeds deliver data that is often too voluminous or complex to provide timely and actionable intelligence.

Let’s consider these statements.

First, with regard to benefits, knowing about what exactly? The abject failure of the cyber security defenses for the SolarWinds and Microsoft Exchange problems did zero to prevent the attacks. Victims are not 100 percent sure that recently “sanitized” systems are free from backdoors and malware. The fact that more than half of those in the survey believe that getting threat intelligence is good says more about the power of marketing and the need to cyber security professionals to do something to demonstrate to their superiors that they are on the ball. Yeah, reading about Fullz on the Dark Web may be good for a meeting with the boss, but it does and did zero for the recent, global security lapses. Organizations are in a state of engineered vulnerability, and threat intelligence is not going to address that simple fact.

Next, what about the information in the threat feeds. Like the headlines in a supermarket tabloid or a TikTok video, titillation snags attention. The problem, however, is that despite the high powered systems from developers from Herliya to Mountain View, information flows generate a sense of false security.

A single person at FireEye noticed an anomaly. That single person poked around. What did that individual find: Something in a threat feed, a snappy graphic from a $100,000 visualization tool, or specific information about a malware attack? Nope, zippy items and factoids. Links to Dark Web sites add spice.

The write up says:

Each of the organizations surveyed faced an average of 28 cyber attacks in the past two years. On average, respondents say 38 percent of these attacks were not stopped because security teams lacked timely and actionable data. Respondents also report that 50 percent of all attacks can be stopped using timely and actionable intelligence.

SolarWinds went undetected for possibly longer than 18 months. Attacks one knows about are one thing. The painful reality of SolarWinds and Microsoft Exchange breaches are another. Marketing won’t make the reality different.

Stephen E Arnold, March 29, 2021

DarkCyber for March 23, 2021, Now Available

DarkCyber for March 23, 2021, is now available at this link.

The March 23, 2021, program contains four stories.

The feature is an interview with the director of GovWizely, Erik Arnold. A former Lycos and Vivisimo executive, Mr. Arnold was a principal researcher on a study about the SolarWinds’ breach. The client for this report was an investment firm. The focus, therefore, was different from the obfuscation and marketing reports generated by cyber security firms and consultants.

Some of the report’s more interesting finding are discussed in the video. A more comprehensive review of the SolarWinds’ breach will be provided on March 25, 2021. Mr. Arnold will conduct an informational webinar on March 25, 2021, at 11 am Eastern time. Registration is required, but there is not charge for the one hour program. You can sign up at https://www.govwizely.com/contact/.

Other stories in the March 23, 2021, program are:

• A look at the management and credibility challenges the Microsoft Exchange Server security lapses create
• How anyone can implement an email tracking function. Three commercial services are mentioned and a GitHub repository is provided for those who want to reuse open source surveillance and monitoring code
• The Russian GROM. This is a weapons capable drone which has been upgraded to carry 10 mini-drones. Each mini-drone can perform kinetic (micro munition)  or reconnaissance functions. The 10 drones can function as a swarm, coordinated via artificial intelligence to adapt to changing battled conditions.

DarkCyber is a video news program published twice each month. The videos are available on YouTube. The video news program covers the Dark Web, cyber crime, and lesser known Internet services. The producer is Stephen E Arnold, publisher of Beyond Search which is available at www.arnoldit.com/wordpress.

Kenny Toth, March 23, 2021

Facebook WhatsApp, No Code Ecommerce, and Google: What Could Go Wrong?

The Dark Web continues to capture the attention of some individuals. The little secret few pursue is that much of the Dark Web action has shifted to encrypted messaging applications. Even Signal gets coverage in pot boiler novels. Why? Encrypted messaging apps are quite robust convenience stores? Why go to Ikea when one can scoot into a lightweight, mobile app and do “business.” How hard is it to set up a store, make its products like malware or other questionable items available in WhatsApp, and start gathering customers? Not hard at all. In fact, there is a no code wrapper available. With a few mouse clicks, a handful of images, and a product or service to sell, one can be in business. The developer – an outfit called Wati – provides exactly when the enterprising marketer requires. None of that Tor stuff. None of the Amazon police chasing down knock off products from the world’s most prolific manufacturers. New territory, so what could go wrong. If you are interested in using WhatsApp as an ecommerce vehicle, you can point your browser to this Google Workspace Marketplace. You will need both a Google account and a WhatsApp account. Then you can us “a simple and powerful Google Sheet add-on to launch an online store from Google Sheets and take orders on WhatsApp.” How much does this service cost? The developer asserts, “It’s free forever.” There is even a video explaining what one does to become a WhatsApp merchant. Are there legitimate uses for this Google Sheets add on? Sure. Will bad actors give this type of service a whirl? Sure. Will Google police the service? Sure. Will Facebook provide oversight? Sure. That’s a lot of sures. Why not be optimistic? For me, the Wati wrapper is a flashing yellow light that a challenge to law enforcement is moving from the Dark Web to apps which are equally opaque. Progress? Nope.

Stephen E Arnold, March 5, 2021

DarkCyber for February 9, 2021, Now Available

DarkCyber is a twice-a-month video news program about the Dark Web, cyber crime, and lesser known online services. The program is produced by Stephen E Arnold. You can view the program on the Beyond Search blog or on YouTube at this link.

This week’s program features a discussion of Microsoft’s explanation of the SolarWinds’ misstep. The online explanation is a combination of forensic information with an old-fashioned, almost Balmer-esque marketing pitch. Plus, DarkCyber responds to a viewer who wanted more information about locating bad actor hackers promoting their criminal capabilities on the Dark Web. The program highlights two Dark Web services and provides information to two online resources which offer additional information. Three other stories round out the February 9, 2021, program. Allegedly some of the software stolen in the SolarWinds’ misstep (a data breach which compromised more than 18,000 companies and government organizations) is available for sale. Information about the cost of the software and how to buy are provided. Next you learn about the app tracking technology which is creating friction between Apple and Facebook. Who benefits from tracking users’ actions hundreds of times each day? DarkCyber answers this question. The final story is another signature drone news item. If you think that one drone poses a challenge, consider the difficulty of dealing with thousands of miniature weaponized drones converging on a unit or disrupting warfighting tactics under live fire.

Kenny Toth, February 9, 2021

DarkCyber for January 26, 2021, Now Available

DarkCyber is a twice-a-month video news program. The stories cover cyber crime, lesser known Internet services, and online. The feature in the January 26, 2021, program is a conversation between Ric Manning, a former Gannett technology columnist and author, and Stephen E Arnold, author of CyberOSINT: Next Generation Information Access. Arnold and Manning talk about the online implications of deplatforming users. Manning points out that protections extended to online platforms free the managers from the constraints in which other media are enmeshed. Arnold points out that government involvement is likely to take place and have significant unforeseen consequences.

Others stories in this program are the deanonymization of digital currency users, a book of algorithms selected for their usefulness in intelligence analysis, and our mini-feature about drones. This week, learn about the flying ginsu knife.

You can view the video at www.arnoldit.com/wordpress or at this url on YouTube.

Kenny Toth, January 26, 2021

« Previous Page — Next Page »

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • So Much for Silicon Valley Solidarity
  • Google AI: Who Is on First? I Do Not Know. No, No, He Is on Third
  • More Inside Dope about McKinsey & Company
  • Harvard University: A Sticky Wicket, Right, Old Chap?
  • Paranoia or Is it Parano-AI? Yes

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org