Articles
Pages
Products
Research Papers
Search - Easy Blog Comment
Blogs
Search Engines
Events
Webinar, Seminar, Live Classes

[Source: This article was published in infosecurity-magazine.com By Liv Rowley - Uploaded by the Association Member: Jasper Solander]

The surface web poses many threats to organizations, but the deep and dark web has gained notoriety over the years as more and more cyber-criminals make use of underground forums and marketplaces to buy and sell goods such as stolen credentials and personally identifiable information (PII).

Various anonymizing features and a lack of state-based governance has allowed cybercrime to flourish in this relatively safe space. 

Stolen information, illegal services and other illicit offerings and activity can be observed with unnerving regularity on the deep and dark web. Goods can be put together or sold as packages alongside other Cybercrime-as-a-Service (CaaS) offerings, thereby lowering the barrier to entry for novice cyber-criminals and allowing veterans to outsource parts of their operations. 

Dare to delve?

Whilst the darknet is complicated to navigate, it is far from impossible to penetrate. There are public Tor indexers available – such as Torch and Grams – though they are often clunky to use and not comprehensive in their reach.

Threat intelligence companies may offer cybersecurity modules that crawl the darknet, indexing content and providing search engine-like capabilities to defenders who purchase these services. Forums, however, may need to be infiltrated first in the same way as you would a real-world criminal organization.

However, organizations must first determine whether the risks associated with this type of hands-on research are worth it. These risks include the possibility of being unwittingly or unintentionally infected with malware or otherwise exposing yourself to those with malicious intentions. A strong understanding of operational security and acceptance of the risks associated with this type of research is key. In many cases, organizations may find it more prudent to enlist the help of threat intelligence vendors, whose professional expertise may come in useful.

Threat actors utilize Tor, I2P and other darknet browsing software to access hidden forums and marketplaces, while others lurk on the deep web behind password-protected or invitation-only closed forums or groups on Telegram, WhatsApp and other chat platforms. Some expect you to prove technical knowledge to gain entrance to a forum or to actively participate in a cyber-criminal community in order to maintain access. In other cases, you may need to be invited or recommended by a trusted relationship to gain access. 

Keep your enemies close

Organizations looking to conduct dark web research are setting out on a challenging task; dark web research can be similar to knowing that a party is taking place, but not knowing the address. Analysts need to be ready to hunt, dig and immerse themselves in the underground in order to find the action. In doing so, analysts are exposed to the myriad products and conversations surrounding cybercrime in these spaces, training their eye to be able to filter and identify the real threat.

This in turn allows organizations to better understand what they need to defend themselves against. In order to assess a threat actor’s credibility and the legitimacy of a particular threat, researchers may look at factors such as a threat actor’s reputation or length of time on the darknet.

Companies should prioritize monitoring for data related to their organization, such as proactively searching the dark web to find stolen credentials. Doing so at an early stage can massively reduce the risk or impact of an attack.

Detecting them using threat intelligence services can not only prevent additional breaches but also force IT security teams to locate the sources of the initial attacks and fix existing problems so attacks cannot occur again through that vector.

Stay alert and keep watch

In addition to looking for stolen credentials, it is also wise to monitor (using defined search terms) for documents or PII which might have been stolen or unintentionally leaked. Stricter data protection regulations mean that data leaks can have an even larger impact on an organization’s bottom line, as well as its reputation. In the event of a GDPR penalty, a company that can demonstrate robust detection capabilities can vastly reduce its liabilities.

A network of crawlers and sensors can alert organizations when their credentials have been offered for sale on the dark web – if you know what’s been stolen, it’s easier to block and mitigate damage. Good cyber threat intelligence is crucial to providing this feedback of information to build stronger defenses around any business.

Tracking for crimeware kits, malware, threat actors and TTPs that could target their sector more generally can also help security teams strengthen their security posture, broaden their situational awareness and put in place appropriate defense measures before adversaries can strike. 

The best way to fight cybercrime on the darknet is to operate in much the same way as the bad guys. If you understand the scope of what’s available to criminals, it’s a lot easier to rationalize how to defend against cyber-attacks and enable others to do the same. Collaboration and intelligence sharing is crucial in the fight against cybercrime.

Categorized in Deep Web

[Source: This article was published in csoonline.com By Josh Fruhlinger- Uploaded by the Association Member: Eric Beaudoin] 

Catch a glimpse of what flourishes in the shadows of the internet.

Back in the 1970s, "darknet" wasn't an ominous term: it simply referred to networks that were isolated from the mainstream of ARPANET for security purposes. But as ARPANET became the internet and then swallowed up nearly all the other computer networks out there, the word came to identify areas that were connected to the internet but not quite of it, difficult to find if you didn't have a map.

The so-called dark web, a catch-all phrase covering the parts of the internet not indexed by search engines, is the stuff of grim legend. But like most legends, the reality is a bit more pedestrian. That's not to say that scary stuff isn't available on dark web websites, but some of the whispered horror stories you might've heard don't make up the bulk of the transactions there.

Here are ten things you might not know about the dark web.

New dark web sites pop up every day...

A 2015 white paper from threat intelligence firm Recorded Future examines the linkages between the Web you know and the darknet. The paths usually begin on sites like Pastebin, originally intended as an easy place to upload long code samples or other text but now often where links to the anonymous Tor network are stashed for a few days or hours for interested parties. 

While searching for dark web sites isn't as easy as using Google—the point is to be somewhat secretive, after all—there are ways to find out what's there.  The screenshot below was provided by Radware security researcher Daniel Smith, and he says it's the product of "automatic scripts that go out there and find new URLs, new onions, every day, and then list them. It's kind of like Geocities, but 2018"—a vibe that's helped along by pages with names like "My Deepweb Site," which you can see on the screenshot.

fresh onions

..and many are perfectly innocent

Matt Wilson, chief information security advisor at BTB Security, says that "there is a tame/lame side to the dark web that would probably surprise most people. You can exchange some cooking recipes—with video!—send email, or read a book. People use the dark web for these benign things for a variety of reasons: a sense of community, avoiding surveillance or tracking of internet habits, or just to do something in a different way."

It's worth remembering that what flourishes on darknet is material that's been banned elsewhere online. For example, in 2015, in the wake of the Chinese government cracking down on VPN connections through the so-called "great firewall," Chinese-language discussions started popping up on the darknet — mostly full of people who just wanted to talk to each other in peace.

Radware's Smith points out that there are a variety of news outlets on the dark web, ranging from the news website from the hacking group Anonymous to the New York Times, shown in the screenshot here, all catering to people in countries that censor the open internet.

nytimes

 

Some spaces are by invitation only

Of course, not everything is so innocent, or you wouldn't be bothering to read this article. Still, "you can't just fire up your Tor browser and request 10,000 credit card records, or passwords to your neighbor’s webcam," says Mukul Kumar, CISO and VP of Cyber Practice at Cavirin. "Most of the verified 'sensitive' data is only available to those that have been vetted or invited to certain groups.

"

How do you earn an invite into these kinds of dark web sites? "They're going to want to see history of crime," says Radware's Smith. "Basically it's like a mafia trust test. They want you to prove that you're not a researcher and you're not law enforcement. And a lot of those tests are going to be something that a researcher or law enforcement legally can't do."

There is bad stuff, and crackdowns means it's harder to trust

As recently as last year, many dark web marketplaces for drugs and hacking services featured corporate-level customer service and customer reviews, making navigating simpler and safer for newbies. But now that law enforcement has begun to crack down on such sites, the experience is more chaotic and more dangerous.

"The whole idea of this darknet marketplace, where you have a peer review, where people are able to review drugs that they're buying from vendors and get up on a forum and say, 'Yes, this is real' or 'No, this actually hurt me'—that's been curtailed now that dark marketplaces have been taken offline," says Radware's Smith. "You're seeing third-party vendors open up their own shops, which are almost impossible to vet yourself personally. There's not going to be any reviews, there's not a lot of escrow services. And hence, by these takedowns, they've actually opened up a market for more scams to pop up."

Reviews can be wrong, products sold under false pretenses—and stakes are high

There are still sites where drugs are reviewed, says Radware's Smith, but keep in mind that they have to be taken with a huge grain of salt. A reviewer might get a high from something they bought online, but not understand what the drug was that provided it.

One reason these kinds of mistakes are made? Many dark web drug manufacturers will also purchase pill presses and dyes, which retail for only a few hundred dollars and can create dangerous lookalike drugs. "One of the more recent scares that I could cite would be Red Devil Xanax," he said. "These were sold as some super Xanax bars, when in reality, they were nothing but horrible drugs designed to hurt you."

The dark web provides wholesale goods for enterprising local retailers...

Smith says that some traditional drug cartels make use of the dark web networks for distribution—"it takes away the middleman and allows the cartels to send from their own warehouses and distribute it if they want to"—but small-time operators can also provide the personal touch at the local level after buying drug chemicals wholesale from China or elsewhere from sites like the one in the screenshot here. "You know how there are lots of local IPA microbreweries?" he says. "We also have a lot of local micro-laboratories. In every city, there's probably at least one kid that's gotten smart and knows how to order drugs on the darknet, and make a small amount of drugs to sell to his local network."

xanax

 

...who make extensive use of the gig economy

Smith describes how the darknet intersects with the unregulated and distributed world of the gig economy to help distribute contraband. "Say I want to have something purchased from the darknet shipped to me," he says. "I'm not going expose my real address, right? I would have something like that shipped to an AirBnB—an address that can be thrown away, a burner. The box shows up the day they rent it, then they put the product in an Uber and send it to another location. It becomes very difficult for law enforcement to track, especially if you're going across multiple counties."

Not everything is for sale on the dark web

We've spent a lot of time talking about drugs here for a reason. Smith calls narcotics "the physical cornerstone" of the dark web; "cybercrime—selling exploits and vulnerabilities, web application attacks—that's the digital cornerstone. Basically, I'd say a majority of the darknet is actually just drugs and kids talking about little crimes on forums."

Some of the scarier sounding stuff you hear about being for sale often turns out to be largely rumors. Take firearms, for instance: as Smith puts it, "it would be easier for a criminal to purchase a gun in real life versus the internet. Going to the darknet is adding an extra step that isn't necessary in the process. When you're dealing with real criminals, they're going to know someone that's selling a gun."

Specific niches are in

Still, there are some very specific darknet niche markets out there, even if they don't have the same footprint that narcotics does. One that Smith drew my attention to was the world of skimmers, devices that fit into the slots of legitimate credit and ATM card readers and grab your bank account data.

And, providing another example of how the darknet marries physical objects for sale with data for sale, the same sites also provide data manual sheets for various popular ATM models. Among the gems available in these sheets are the default passwords for many popular internet-connected models; we won't spill the beans here, but for many it's the same digit repeated five times.

atm skinners

 

It's still mimicking the corporate world

Despite the crackdown on larger marketplaces, many dark web sites are still doing their best to simulate the look and feel of more corporate sites

elude

 

The occasional swear word aside, for instance, the onion site for the Elude anonymous email service shown in this screenshot looks like it could come from any above-board company.

One odd feature of corporate software that has migrated to the dark web: the omnipresent software EULA. "A lot of times there's malware I'm looking at that offers terms of services that try to prevent researchers from buying it," he says. "And often I have to ask myself, 'Is this person really going to come out of the dark and trying to sue someone for doing this?'"

And you can use the dark web to buy more dark web

And, to prove that any online service can, eventually, be used to bootstrap itself, we have this final screenshot from our tour: a dark web site that will sell you everything you need to start your own dark web site.docker

 

Think of everything you can do there—until the next crackdown comes along.

Categorized in Internet Privacy

[Source: This article was Published in wired.com BY ANDY GREENBERG - Uploaded by the Association Member: Joshua Simon]

DESPITE ALL THE cybersecurity industry’s talk of preventing “breaches,” a computer network in some ways is less like a fortress and more like a human body. And skillful hackers are like germs: They tend to get in via some orifice or another. Once inside, it’s whether they can thrive and multiply their infections—and what vital organs they can reach—that determines whether the outcome is a sneeze or a full-on catastrophic takeover.

In many modern hacking operations, the difference comes down to a technique known as “credential dumping.” The term refers to any means of extracting, or “dumping,” user authentication credentials like usernames and passwords from a victim computer so that they can be used to reenter that computer at will and reach other computers on the network. Often credential dumping pulls multiple passwords from a single machine, each of which can offer the hacker access to other computers on the network, which in turn contain their own passwords ready to be extracted, turning a single foothold into a branching series of connected intrusions. And that’s made the technique at least as crucial to hackers’ work—and as dangerous for sensitive networks—as whatever phishing email or infected attachment let hackers find entry into the network in the first place.

Credential dumping is largely possible because operating systems have long tried to spare users the inconvenience of repeatedly entering their password. Instead, after a user is prompted to enter it once, their password is stored in memory, where it can be called up by the operating system to seamlessly prove the user’s identity to other services on the network.

But the result is that once a hacker has gained the ability to run code on a victim machine, he or she can often dig up the user’s password from the computer’s memory, along with any other users' passwords that might linger there. In other cases, the hacker can steal a file from the computer's disk called the Security Account Manager, or SAM, which contains a list of the network's hashed passwords. If the passwords are too simple or if the hashing is weak, they can then often be cracked one by one.

Amit Serper, a researcher for security firm Cybereason and a former Israeli intelligence hacker, compares credential dumping to a thief who sneaks through an open window, but once inside finds a spare key to the victim’s house he or she can copy—along with keys to the victim’s car and office. “You got in that one time, but if you want to come back you have to have keys to the house,” Serper says. "Once you have those keys, you can do whatever you want.”

ANDY GREENBERG IS A WIRED SECURITY WRITER AND AUTHOR OF THE FORTHCOMING BOOK, SANDWORM: A NEW ERA OF CYBERWAR AND THE HUNT FOR THE KREMLIN'S MOST DANGEROUS HACKERS.

In some cases, Serper says, he's seen hackers mess with settings on a computer to frustrate the user until he or she calls tech support, which results in an administrator logging into their machine. The hacker can then steal that administrator's much more valuable credentials from memory and use them to wreak havoc elsewhere on the network.

Credential dumping is so crucial to modern hacking operations, Serper says, that he finds in analyses of victim networks that it often precedes even the other basic moves hackers make after gaining access to a single computer, such as installing persistent malware that will survive if the user reboots the machine. “In every large breach you look at today, credentials are being dumped,” Serper says. “It’s the first thing that happens. They just get in, then they dump the passwords.”

By far the most common tool for credential dumping was created in 2012 by a French security researcher named Benjamin Delpy and is known as Mimikatz. Delpy, who worked for a French government agency, wrote it to improve his C++ coding skills and also as a demonstration of what he saw as a security oversight in Windows that he wanted to prove to Microsoft.

Since then, Mimikatz has become the go-to credential dumping tool for any hacker who hopes to expand access across a network. Dmitri Alperovitch, the chief technology officer of security firm Crowdstrike, calls it the “AK-47 of cybersecurity." Some sophisticated hackers also build their own credential dumping tools. More often they modify or customize Mimikatz, which is what happened with the likely Chinese hackers revealed last month to have targeted at least 10 global phone carriers in an espionage campaign.

THE WIRED GUIDE TO DATA BREACHES

Aside from that sort of espionage, credential dumping has become a key tool for hackers who seek to spread their infection to an entire network with the aim of destroying or holding ransom as many computers as possible. Mimikatz, for instance, served as an ingredient in a range of paralyzing incidents, from the LockerGoga ransomware attack on aluminum firm Norsk Hydro to the NotPetya worm, a piece of destructive malware released by Russian state hackers that became the most costly cyberattack in history. "Any time we hear in the news that ransomware has taken out an entire organization, this is what happened," says Rob Graham, the founder of Errata Security. "This is how it spread through the entire domain: It gets credentials and uses this mechanism to spread from one computer to the next."

The danger of credential dumping, Graham warns, is that it can turn even one forgotten computer with unpatched vulnerabilities into that sort of network-wide disaster. "It’s not the systems that everyone knows about that you need to worry about, those are patched. It's the systems you don't know about," he says. "A foothold on these unimportant systems can spread to the rest of your network."

While keeping hackers from ever gaining that foothold is an impossible task, Graham says that system administrators should carefully limit the number of users with administrative privileges to prevent powerful credentials from being accessed by hackers. Administrators should be wary of logging into computers that they suspect might be compromised by hackers. And Cybereason's Amit Serper points out that two-factor authentication can help, limiting the use of stolen passwords since anyone trying to use them would need a second authentication factor, too, like a one-time code or a Yubikey.

"Having that second factor is the best way to battle credential dumping," Serper says. "How else can you protect yourself if someone has the master key to your house?"

Categorized in Internet Privacy

[Source: This article was Published in pcmag.com By Max Eddy - Uploaded by the Association Member: Logan Hochstetler]

Once Incognito Mode is engaged in Maps, 'you can search and navigate without linking this activity with your Google account,' says CEO Sundar Pichai

Google first introduced Incognito Mode years ago with the release of the Chrome browser. Now, as part of a larger push to enhance consumer privacy, the search giant is adding Incognito Mode to both Google Search and Google Maps.

When Incognito Mode is engaged in Chrome, your activities aren't stored in your browser history. It also disables cookies, which are used to identify and sometimes track individuals around the web, and turns off browser extensions. It doesn't hide your online activity, as a VPN would.

Google Maps

Google first introduced Incognito Mode years ago with the release of the Chrome browser. Now, as part of a larger push to enhance consumer privacy, the search giant is adding Incognito Mode to both Google Search and Google Maps.

When Incognito Mode is engaged in Chrome, your activities aren't stored in your browser history. It also disables cookies, which are used to identify and sometimes track individuals around the web, and turns off browser extensions. It doesn't hide your online activity, as a VPN would.

Incognito mode for Google Maps will be similar, Google CEO Sundar Pichai explained in a blog post. Once Incognito Mode is engaged in Maps, "you can search and navigate without linking this activity with your Google account," he wrote.

Google Maps Incognito Mode

You may have noticed that when you search in Google, meanwhile, your old searches sometimes pop up again. Google uses your activity to tailor the results for you, but not so with Incognito Mode for Search.

Incognito for Google Maps and Search are coming later this year. Google has already rolled out an Incognito Mode for YouTube. "We strongly believe that privacy and security is for everyone, not just a few," said Pichai.

While this is an important move for Google, it's not yet clear what information will be saved when these new Incognito modes are engaged, and what the limitations will be. We have to assume that, like Incognito for Chrome, you won't be totally invisible.

Categorized in Search Engine

[Source: This article was Published in ibvpn.com By IBVPN TEAM - Uploaded by the Association Member: Alex Gray] 

Since when are you an Internet user? For quite a while, right?

How many times have you asked yourself which are the dangers that might hide at the other side of your connection and how a VPN software can help you? You’re about to read this article which means you’ve asked yourself this question at least once.

This article will give you all the information you need to know about the advantages of VPN plus a list of tips and tricks that will make your life easier.

Are you ready?

By the way, if you are aware of the benefits a VPN brings, it’s time to start using it!

Get ibVPN!

Let’s start at the beginning, shall we?

The VPN (Virtual Private Network) technology came as an answer to individuals’ request to protect their online activities and to maintain their online confidentiality.

Besides this functionality, the technology helps internet users access restricted content from anywhere in the world, with just a click of a mouse.

Therefore, we can say that a VPN is a secure solution that allows its users to send and receive data via the internet while maintaining the privacy and confidentiality of their data, based on its encryption level. The cherry on top is that a VPN will unblock the internet, by providing you the most-wanted Internet freedom that you deserve.

It’s obvious that because of people’s security need and especially because of the need for sending encrypted data over a network, the VPN technology has been developed. But besides the role of creating a “private scope of computer communications,” VPN technology has many other advantages:

  1. Enhanced security. When you connect to the network through a VPN, the data is kept secured and encrypted. In this way, the information is away from the hackers’ eyes.

  2. Remote control. In the case of a company, the great advantage of having a VPN is that the information can be accessed remotely even from home or from any other place. That’s why a VPN can increase productivity within a company.

  3. Share files. A VPN service can be used if you have a group that needs to share data for an extended period.

  4. Online anonymity. Through a VPN you can browse the web in complete anonymity. Compared to hide IP software or web proxies, the advantage of a VPN service is that it allows you to access both web applications and websites in complete anonymity.

  5. Unblock websites & bypass filters. VPNs are great for accessing blocked websites or for bypassing Internet filters. This is why there is an increased number of VPN services used in countries where Internet censorship is applied.

  6. Change IP address. If you need an IP address from another country, then a VPN can provide you this.

  7. Better performance. Bandwidth and efficiency of the network can generally be increased once a VPN solution is implemented.

  8. Reduce costs. Once a VPN network is created, the maintenance cost is very low. More than that, if you opt for a service provider, the network setup and surveillance is no more a concern.

Here is how your connection looks while using a VPN!

Advantages of VPN_your connection

Other things you need to know:

The advantages and benefits of a VPN are clear, let’s find out how to choose your VPN service and your new VPN service provider.

As a future VPN user, keep something in mind: the process of choosing and buying a VPN service should work the same as the process of doing a regular purchase.

Public networks are a real threat. The private networks are not very safe either because your internet service provider can throw an eye on anything you do. You can never be sure if you’re about to connect to a secured network unless you keep your internet activity safe.

So, no matter if you are looking for a VPN to encrypt your traffic while browsing the internet, to bypass geo-restrictions or you’re just the kind of person who likes to save some bucks while buying plane tickets, here’s what you future VPN should provide:

  • Free VPN Trial. Yes, maybe you’ve done some research on your own and saw those Five Best VPN articles all around the web. These articles are useful because are providing you information about VPN services at affordable prices, their performance, and features. When you can test these services by yourself, the experience is even better. That’s why is important to choose a VPN that provides you with a Free VPN Trial.

  • Speed. Do you have the patience to wait tons of seconds for your page to load while using a VPN? No, who has? Always look for the VPN that improves your internet connectivity, not slows it down!

  • Connectivity and reliability. Before buying a VPN service, you have to make sure that it assures you a safe/without drops connection.

  • The number of servers. The number of servers is an important thing for you to look into a VPN service. Before subscribing to a VPN provider, make sure it provides you a large number of servers around the globe.

  • Apps is compatible with various operating systems. I’m sure about one thing – you have more than one device you use to surf the web. There’s a significant probability for your devices do have different operating systems. An important thing that you should keep in mind is that your VPN provider should be able to meet your need by providing you with apps compatible with as many operating systems as possible.

  • The number of simultaneous connections. We are (almost) always online from more than one device, that’s why the number of concurrent connection is important.

  • Customer support. Not all of us are tech-savvy and, from time to time, even the experienced ones need help and guidance. Choosing a VPN provider with outstanding customer support is mandatory. Look for a VPN that allows you to contact the support via e-mail, support ticket systems and live chat. You will thank us later for this tip! ?

  • Privacy policy. One of the primary purposes of a VPN is to keep your online activities away from the curious eyes of any third party. If you don’t allow your ISP to spy on you, why would you let your VPN service provider do it? Choose a VPN service that has a transparent way of saying and doing things and make sure it won’t keep any connection logs. So, always check their Privacy Policy first, before subscribing!

  • Check their reviews page. We were mentioning above some things about the VPN reviews websites. Those websites are doing their reviews based on some tests. Wouldn’t be awesome to be able to find out what the actual customers of a VPN provider have to say about the service and its performance? Here’s a tip: if your future VPN service provider has its own reviews page, throw an eye on it.

Are you ready for some action?

Now that you know which are the advantages of a VPN, their value, and how you should choose one, it’s time for some action.

If you’re curious to test on your own the benefits of a VPN, you can do it for free, right now.
ibVPN is the perfect choice for those who care about their online privacy and freedom.

What do you have to do? It’s easy:

  1. Create a trial account – no credit card required

  2. Download a suitable app for your device(s)

  3. Enjoy a secure and open internet by connecting to one of the 180+ servers we are providing.

If you’re happy with the performance of our service, you can always subscribe to one of our premium plans.

Go Premium!

Keep in mind that a VPN has its limitations too!

Just like any other thing in this world, a VPN service has its advantages and disadvantages.

So, if you’re not an experienced technician or if you’re trying a security solution aka a VPN for the very first time, make sure you won’t dig that deep into the VPN’s settings. Before doing advanced settings into your app, please make sure you know what you’re doing otherwise, you might risk having leaks or your activity exposed.

Another thing that you should know if that, from time to time, a VPN can have connection drops. These drops are perfectly normal, that’s why you should make sure you’re connecting to a server that’s not overloaded.

Tips and tricks.

We want to make sure you make the most out of your VPN service, that’s why we have a list of tips and tricks which will help you a lot.

We have over 15 years of experience in providing our customers with security solutions so, listen to the old ones this time. ?

  1. KillSwitch. To assure the safety of your network connection, a VPN offers (or it should provide) features that enhance your level of security. One of these features is the KillSwitch. If you have never heard about it before, this feature assures your safety in case of connection drops. There are two kinds of KillSwitches: The Internet KillSwitch which will block your internet traffic in case of VPN drops and the Application Killswitch which ensures you that a list of selected apps will be closed, in case your VPN connection drops. So, for a secure connection, always use the KillSwitch!

  2. Use P2P servers. Some of you might use a VPN service to download torrents safely. To avoid any problems with your ISP, use only the P2P server for such activities!

  3. Use Double VPN. If you’re lucky enough to have Double VPN servers in your list, make sure you use them. Double VPN technology allows you to browse anonymously by connecting to a chain of VPN servers. In simple words: VPN on top of VPN (or VPN tunnel inside another VPN tunnel). Double VPN is all about VPN tunnels and levels of security and encryption. Isn’t it awesome?

  4. Use Stealth VPN or SSTP protocols. If you’re living in a country with a high censorship level and your connection gets blocked even if you use a VPN, make sure you change the protocol and try to use Stealth VPN or SSTP. These two VPN protocols are high-speed and secure and, for example, Stealth VPNwill mask your VPN traffic and will make it look like regular web traffic. In this way, you can bypass any restriction or firewall.

  5. Use VPN + Tor. Since Tor is used to mask very sensitive information, the frequent use of this browser might light the bulb of your ISP and mark you for surveillance. That’s why the safe way is to connect to a VPN server while using the Tor browser.

  6. Leak protection. Check your VPN app’s settings and, if it allows you, make sure you check all the options that keep you away from any leak (DNS leaks, IPv6 leak protection, etc.).

  7. Use the VPN on your mobile devices too. It’s not enough to keep it safe only when you use a laptop. Public wifis are real threats that’s why you should always be connected to a VPN.

  8. Test the server network before connecting. Why are we saying this? Well, this practice assures you that you will connect to the fastest server for you. And who doesn’t love a fast server?

  9. Use browser extensions. A browser extension is a super useful tool. There are cases when you need to change your IP fast and easy and to open your app, entering your details and choosing the desired server is somehow complicated, and it takes time. If your VPN provider provides you not only VPN clients compatible with different operating systems but browser extensions too, make sure you use them…

  10. Smart DNS. This neat and useful technology allows you to access blocked streaming channels, regardless of your region. If your VPN provider has such an option, make sure you use it to watch your favorite media content while you’re far away from home.

  11. Save money by using a VPN. Who doesn’t like traveling? Here’s a piece of advice: search online for a flight, compare the prices and then go back to the page you have initially accessed. There are 80% chances that the rates have been increased. If you’re wondering how this is even possible, let us explain. Some online ticket agencies have preferential prices for different countries. Save some extra bucks using a VPN!

Are you still here?

As you can see, the discussion about VPN technology and its advantages is so complicated. We could talk about it for days.

What you should keep in mind after reading this article is that no matter if you’re looking for the best option to browse anonymously, to unblock your favorite online content, to download torrents or to watch for the cheapest plane tickets, a VPN can always help you.

Besides its disadvantages, a VPN has tons of advantages, and it allows you to keep your personal information safe in the first place.

There are lots of fishes in the sea, make sure you choose the one that meets your needs.

Always browse safely!

Categorized in Internet Privacy

[Source: This article was Published in money.cnn.com By David Goldman - Uploaded by the Association Member: Patrick Moore]

Some things just shouldn't be connected to the Internet. With Shodan, a search engine that finds connected devices, it's easy to locate dangerous things that anyone can access without so much as a username or password.

Traffic light controls

hack red light
This is why Caps Lock was invented.

When something that literally anyone in the world can access says "DEATH MAY OCCUR !!!" it's generally a good idea to build some kind of security around it.

Oops - no. For some reason, someone thought it would be a good idea to put traffic light controls on the Internet. Making matters way, way worse is that these controls require no login credentials whatsoever. Just type in the address, and you've got access.

You'd have to know where to go looking, but it's not rocket science. Security penetration tester Dan Tentler found the traffic light controls using Shodan, a search engine that navigates the Internet's back channels looking for the servers, webcams, printers, routers and all the other stuff that is connected to the Internet.

Traffic cameras

hack traffic camera
Hey, that's my car!

You know those cameras that snap photos of you speeding through a red light? Yeah, someone put an entire network of them on the Internet.

Made by a company called PIPS, a division of 3M (MMM), the "Autoplate" technology takes photos of cars going through intersections and loads their license plate numbers on a server. Those servers are intended to be accessed by police departments. They're definitely not supposed to be connected to the greater Internet without any log-in credentials.

That's what happened, though, and any Web lurker could check out who was zipping through the photo zones in the spot Tentler found. Added kicker: Autoplate actually records photos and registration information for every car that goes through the intersections it's watching -- not just speeders.

3M spokeswoman Jacqueline Berry noted that Autoplate's systems feature robust security protocols, including password protection and encryption. They just have to be used.

"We're very confident in the security of our systems," she said.

Tentler notified the FBI about the particular system he found.

A swimming pool acid pump

hack pool
Are you sure you want to get in the pool?

Swimming pools have acid pumps to adjust the pH balance of the water. They're usually not connected to the Internet.

At least one of them is, though. So, exactly how powerful and toxic is this acid pump?

"Can we turn people into soup?" wondered Tentler.

Tentler said there was no distinguishing text in this app to tip him off to where the pool was located or whom it is owned by, so the owners haven't been contacted. Enter at your own risk!

A hydroelectric plant

hack turbine
Wait, does that say kilowatts? 

French electric companies apparently like to put their hydroelectric plants online. Tentler found three of them using Shodan.

This one has a big fat button that lets you shut off a turbine. But what's 58,700 Watts between friends, right?

It's not just France that has a problem. The U.S. Department of Homeland Security commissioned researchers last year to see if they could find industrial control systems for nuclear power plants using Shodan. They found several.

Tentler told DHS about all the power plants he found -- actually, DHS called him after he accessed one of their control systems.

Once the controls were brought up on a Web browser, anyone could put lights into "test" mode. Seriously, do not try that at home.

Tentler declined to say which city put its traffic controls on the Internet, but he notified the U.S. Department of Homeland Security about it.

A hotel wine cooler

hack wine cooler
How cold do you like your champagne, exactly?

Okay, fine, there's no danger in putting a hotel wine cooler online. It's pretty strange, though.

Tentler also found controls for a display case at a seafood store, which included a lobster tank.

This wine cooler is still online at a large hotel in New York. So if your bubbly is a little toasty, you'll know why.

A hospital heart rate monitor

hack heart rate monitor
Beep ... beep ... beep ...

U.S. hospitals have to abide by the Health Insurance Portability and Accountability Act. Here's a violation: One hospital put its heart rate monitors online for the whole world to see.

Although this was a read-only tool -- you couldn't defibrillate a patient over the Internet -- it's still a major, major breach of the privacy law.

Tentler said that another security researcher reported this hospital to DHS' Industrial Control Systems Cyber Emergency Response Team last year.

A home security app

hack home control
Honey, did you leave the garage door open?

new wave of home automation tools offer a great way to control everything from your door locks to your alarm system online. But it's a good idea for your security system to have some, you know, security built into it.

Not this system. Anyone can change this home's temperature, alarm settings, and, yes, open its garage door.

Tentler said he has no idea who built this app, because there was no distinguishing text or information associated with it.

A gondola ride

hack gondola ride
Hey, why are the doors opening?

A gondola ride over a ski resort is a fun way to enjoy the mountain view. But not if you stop in the middle of the ride and the doors open.

Anyone could do that with a click of a button, even if they were sitting thousands of miles away. That's because this French ski resort put the control systems for the gondola ride on the Internet.

Attempts to contact the company was unsuccessful.

A car wash

hack car wash
Actually, I would like that undercoating!

Seriously, there is a car wash on the Internet.

By clicking through the control options, anyone in the world can adjust the chemicals used in the wash and lock someone inside. Or you could be nice and give every customer the works.

Tentler said he has no idea who owns the car wash or where it is. But if you happen to pass through this one, your next wash is on him.

Categorized in Internet Privacy

[This article is originally published in hothardware.com written by Rod Scher - Uploaded by AIRS Member: Jasper Solander] 

We have all heard of the dark web: a lawless digital world, uncharted and unstructured, full of data -- much of it illegally acquired and illegally for sale -- that cannot be viewed without special tools: proxy servers, TOR browsers, and the like. It's a murky and mysterious place, a place where much information resides but is difficult to unearth for the uninitiated.

Until now. Canada's Echosec Systems Ltd. recently released Beacon, a security tool that's designed to shed some light on the dark web.

Karl1 Karl Swannie is the CEO of Echosec, the company behind Beacon.

"Beacon is a dark web search engine that allows users to search anonymously, without the need for a TOR browser," says Echosec CTO Michael Raypold. "We’ve designed Beacon to be simple to interact with, while incorporating powerful advanced search tools, making searching unindexed data in the dark web as easy as using a surface web search engine."

The idea behind Beacon is that it can be used by a company to potentially head off -- or at the very least mitigate -- a potential disaster. Since the bulk of the data on the dark web is essentially unstructured, the Echosec team crawled the dark web, indexed its content and then build a natural language query interface that allows non-hackers to access that information quickly and easily. Simply put, Beacon is like Google for the dark web.

beacongrabWith Beacon, dark web data can be searched by a variety of criteria. Specific types of data (credit cards, emails, etc.) can be searched for explicitly.

Keep in mind, of course, that not everything on the dark web is illegal.

Says Raypold, "The dark web is a place where you can source illegal or illicit materials because the inherent privacy and anonymity baked into platforms like the TOR network makes buying and selling these goods easier to achieve without repercussions. However, that isn’t to say everything on the dark web is illegal. News organization like the NYTimes and Pro Publica maintain Onion sites for their more privacy-conscious users and to help disseminate news that might otherwise be censored." Still, much of the dark web's content was acquired illegally and can be misused to spread misinformation, victimize vulnerable populations, execute social engineering exploits, or engage in various forms of identity theft.

We all know that information in the wrong hands can be dangerous. Raypold cites the story of Coca-Cola's attempt, some years back, to acquire a Chinese soft drink company. Unbeknownst to high-level Coca-Cola executives, the company's secret plans and negotiation tactics were in fact not secret at all, because Coca-Cola had been previously hacked, thanks to a phishing email opened by a Coca-Cola exec.

Beacon did not exist at that time (2009), but it's likely that some of the information retrieved from the hack and many pilfered emails would have ended up on the dark web; if so, Beacon could have unearthed them, letting the company know of its vulnerability long before 2009 and perhaps allowing Coca-Cola to mitigate the damage. (In the end, the acquisition fell through, most likely because Coca-Cola -- having lost control of its confidential information -- had also lost any leverage it might have had in the negotiations.)

The goal of Beacon, says Raypold, is to allow companies to easily examine data on the dark web as a way of locating the potentially harmful information that’s stored there: this could include stolen corporate emails, company documents, personal info, or other such data that could be detrimental to a company, its brand, or its customers. After all, if your data has been compromised, it's always better to know than not to know.
MikeMike Raypold is the CTO of Echosec, LTD.

"Beacon allows teams to more quickly identify and respond to information that can materially damage a company’s brand and consumer trust," says Raypold. "Being able to quickly identify a sensitive problem also means that you can start putting a solution in place and notify your customers before they find out through other means."



Of course, a security tool is but another weapon in the wrong hands, and weapons can be misused; it's one thing for a pen-tester or white-hat hacker to be in possession of systems that can locate or uncover data, but what about someone finding a way to misuse Beacon? While Raypold notes that it is possible to misuse Beacon, since the tool makes it easier for users to locate data they might otherwise have difficulty finding, he says that the company has taken steps to mitigate that danger.

"First, every Echosec customer must go through a use-case approval process to determine how the customer is using the application and to make sure they are in compliance with the vendors from whom the data Is sourced," says Raypold. "If a potential customer cannot pass the use-case approval process, they do not get access to the system."

Beacon Black

Second, the company has built automated tools and manual processes into its platform and into the company workflows to notify the Echosec team if users attempt to run searches that are in violation of their approved use case.

"The checks built into the platform will outright prevent some searches from being run so that users never receive data that we perceive could be used with malicious intent. Furthermore, some of the vendors from whom we source data have asked us to prevent certain queries from being run, regardless of a customer's use case," says Raypold. (Naturally, the company publishes an "acceptable use" policy, which can be found here.)

Echosec expects to sell Beacon mainly to corporate customers interested in keeping tabs on their intellectual property, corporate secrets, and other sensitive data. White-hat hackers -- such as pen-testers -- could conceivably be a market as well, but the company feels that would be fairly uncommon. And if it did occur, it would simply be viewed as an example of contracted security experts acting on behalf of the ultimate corporate customer.

However, (and by whomever) Beacon is used, it looks as if the murky landscape of the dark web is no longer quite as dark as it once was.

Categorized in Deep Web

 Source: This article was Publishedfastcompany.com By Steven Melendez - Contributed by Member: Martin Grossner

VirusTotal, which is a product of Chronicle, a company created within Alphabet’s fabled “moonshot factory,” has been described as “Google for malware.”

Earlier this year, Google parent Alphabet unveiled a new, top-level company called Chronicle that would be dedicated to cybersecurity.

Initially created within X, Alphabet’s so-called “moonshot factory” unit, Chronicle has said that it’s developing a security analytics platform for corporate customers, harnessing the company’s strengths in search, artificial intelligence, raw computing, and data storage power. But Chronicle also includes an often-overlooked security product called VirusTotal, sometimes described as “Google for malware.”

Acquired by Google in 2012, the Malaga, Spain, based company was first created by cybersecurity developer Bernardo Quintero in 2004, who’s worked on antivirus technology since he was a teenager. Quintero’s earlier projects included a Spanish-language cybersecurity newsletter and a tool designed to defeat dial-up-era malware that ran up charges calling premium toll hotlines. VirusTotal enables anyone to upload a file they suspect may contain malware to have it scanned by dozens of antivirus tools from vendors like Symantec, TrendMicro, Kaspersky, and Avast.

“When I started [VirusTotal] there were eight or nine antivirus companies working in the first version of the service,” says Quintero.

Now, there are more than 70, and the tool can extract other metadata from files as well, whether it’s a photo or an executable program, studying the uploaded content in secure virtual cloud machines. Security experts can also use the platform to share information about potential new malware files.

“They can have fast access to the malware samples to improve their product,” Quintero says.

VirusTotal played a role in the analysis of the infamous Stuxnet worm, when it collected some of the first samples, and it’s been cited in commercial and academic security research, including recent work on cryptocurrency-stealing malware.

Since Alphabet’s acquisition, VirusTotal has been largely independently managed, but it’s been able to take advantage of the larger company’s cloud computing and search capabilities—some of the same strengths that Alphabet intends to leverage for its larger Chronicle efforts.

“We’ve increased search capabilities,” says Chronicle CEO Stephen Gillett. “We’ve invested a large amount of infrastructure to make scanning faster and better.”

More fundamentally, Alphabet has also helped VirusTotal, which prior to Chronicle’s debut was administratively part of the company’s internal cybersecurity unit, combat denial of service attacks that had threatened it as an independent platform.

“For us, it was a way to perfect our mission,” says Quintero.

VirusTotal Graph [Image: courtesy of VirusTotal]
VirusTotal has also added a data visualization component, called VirusTotal Graph, that can help suss out the relationships between malware files and the URLs and IP addresses that distribute them. And this year, it unveiled a feature called VirusTotal Monitor, which lets legitimate software makers upload their applications and information about them so participating antivirus companies can avoid mistakenly flagging them as malware. The innocuous software samples are stored in a secure, private cloud, and antivirus vendors are only given access to the data if their software begins to mistakenly flag the files as viruses.

Another feature, called VirusTotal Intelligence, lets security researchers sift through the set of uploaded files to find ones matching certain criteria. A bank, for example, could spot malware trying to interact with its websites.

Gillett declined to comment too extensively on plans for Chronicle’s next project, though he emphasized it would also take advantage of Alphabet’s strengths to help customers sift through vast quantities of security data.

“We should be able to help teams search and retrieve useful information and run analysis in minutes, rather than the hours or days it currently takes,” he wrote in a January blog post. “Storage—in far greater amounts and for far lower cost than organizations currently can get it—should help them see patterns that emerge from multiple data sources and over years.”

Chronicle isn’t Alphabet’s only high-profile security project—the company’s Jigsaw unit focuses on tools to make the world safer, including combating misinformation and radicalization, and Google’s Project Zero team has focused on spotting bugs in software before they can do harm. More recently, Alphabet has announced plans to help safeguard elections, including by helping keep Google accounts safe from unauthorized access.

Contributing to cybersecurity in a world where it’s often lacking is an important mission for the company, Gillett says.

“For Alphabet, and for me personally as the founder and CEO of Chronicle, I believe there’s no better moonshot for Alphabet to be going after,” he says.

Categorized in Internet Privacy

Source: This article was Published forbes.com By Lee Mathews - Contributed by Member: James Gill

The Internet is a very leaky place. Security researchers find new servers spilling private data with alarming regularity. Some incidents have involved well-known, reputable companies. This one does not. It involves a server that helped cyber criminals run a massive SPAM campaign.

While investigating massive spam-producing malware network, security researchers at Vertek Corporation made an unexpected discovery. One of the servers linked to the malware hadn't been properly secured. Anyone who had the IP address of the server could connect at will and download a massive cache of email addresses.

Vertek tallied more than 44 million addresses in total. Of those, more than 43,500,000 were unique. The data was broken down into just over 2,200 files with each one containing more than 20,000 entries.

Bleeping Computer was provided with a list that broke down which email services were the most popular with the spammers. Yahoo addresses were the most common, at nearly 9 million. AOL was a close second at just over 8 million. Comcast addresses were the third most common at around 780,000.

The numbers fall sharply after that, with none breaking half a million. Many of the addresses that appear are provided by ISPs like AT&T, Charter, Cox, and SBC. Curiously enough, very few Gmail accounts were listed. Bleeping Computer thinks that may be because the database Vertek was able to access only contained part of the spam server's address book. It's also possible that these particular domains were chosen to target a specific type of user.

Vertek's researchers have shared their findings with Troy Hunt, who is analyzing the list against the already massive database he maintains at the breach notification service HaveIBeenPwned.

It wouldn't be at all surprising if Hunt discovers that all 43 million addresses were already exposed by other leaks or hacks. Why? Because at least two other leaks from spam-linked servers contained way, way more.

In August of last year, Hunt processed a whopping 711 million addresses from a compromised server. Many of those, he determined, had been dumped before. The biggest leak involving a SPAM service involved twice as many emails. MacKeeper's Chris Vickery discovered a mind-blowing 1.4 billion addresses exposed by a shady server.

Categorized in Internet Privacy

 Source: This article was Published wired.com By IE LAPOWSKY - Contributed by Member: Bridget Miller

IN LATE JULY, a group of high-ranking Facebook executives organized an emergency conference call with reporters across the country. That morning, Facebook’s chief operating officer, Sheryl Sandberg, explained, they had shut down 32 fake pages and accounts that appeared to be coordinating disinformation campaigns on Facebook and Instagram. They couldn’t pinpoint who was behind the activity just yet, but said the accounts and pages had loose ties to Russia’s Internet Research Agency, which had spread divisive propaganda like a flesh-eating virus throughout the 2016 US election cycle.

Facebook was only two weeks into its investigation of this new network, and the executives said they expected to have more answers in the days to come. Specifically, they said some of those answers would come from the Atlantic Council's Digital Forensics Research Lab. The group, whose mission is to spot, dissect, and explain the origins of online disinformation, was one of Facebook’s newest partners in the fight against digital assaults on elections around the world. “When they do that analysis, people will be able to understand better what’s at play here,” Facebook’s head of cybersecurity policy, Nathaniel Gleicher, said.

Back in Washington DC, meanwhile, DFRLab was still scrambling to understand just what was going on themselves. Facebook had alerted them to the eight suspicious pages the day before the press call. The lab had no access to the accounts connected to those pages, nor to any information on Facebook’s backend that would have revealed strange patterns of behavior. They could only see the parts of the pages that would have been visible to any other Facebook user before the pages were shut down—and they had less than 24 hours to do it.

“We screenshotted as much as possible,” says Graham Brookie, the group’s 28-year-old director. “But as soon as those accounts are taken down, we don’t have access to them... We had a good head start, but not a full understanding.” DFRLab is preparing to release a longer report on its findings this week.

As a company, Facebook has rarely been one to throw open its doors to outsiders. That started to change after the 2016 election, when it became clear that Facebook and other tech giants missed an active, and arguably incredibly successful, foreign influence campaign going on right under their noses. Faced with a backlash from lawmakers, the media, and their users, the company publicly committed to being more transparent and to work with outside researchers, including at the Atlantic Council.

'[Facebook] is trying to figure out what the rules of the road are, frankly, as are research organizations like ours.'

GRAHAM BROOKIE, DIGITAL FORENSICS RESEARCH LAB

DFRLab is a scrappier, substantially smaller offshoot of the 57-year-old bipartisan think tank based in DC, and its team of 14 is spread around the globe. Using open source tools like Google Earth and public social media data, they analyze suspicious political activity on Facebook, offer guidance to the company, and publish their findings in regular reports on Medium. Sometimes, as with the recent batch of fake accounts and pages, Facebook feeds tips to the DFRLab for further digging. It's an evolving, somewhat delicate relationship between a corporate behemoth that wants to appear transparent without ceding too much control or violating users' privacy, and a young research group that’s ravenous for Intel and eager to establish its reputation.

“This kind of new world of information sharing is just that, it’s new,” Brookie says. “[Facebook] is trying to figure out what the rules of the road are, frankly, as are research organizations like ours.”

The lab got its start almost by accident. In 2014, Brookie was working for the National Security Council under President Obama when the military conflict broke out in eastern Ukraine. At the time, he says, the US intelligence community knew that Russian troops had invaded the region, but given the classified nature of their intel they had no way to prove it to the public. That allowed the Russian government to continue denying their involvement.

What the Russians didn’t know was that proof of their military surge was sitting right out in the open online. A working group within the Atlantic Council was among the groups busy sifting through the selfies and videos that Russian soldiers were uploading to sites like Instagram and YouTube. By comparing the geolocation data on those posts to Google Earth street view images that could reveal precisely where the photos were taken, the researchers were able to track the soldiers as they made their way through Ukraine.

“It was old-school Facebook stalking, but for classified national security interests,” says Brookie.

This experiment formed the basis of DFRLab, which has continued using open source tools to investigate national security issues ever since. After the initial report on eastern Ukraine, for instance, DFRLab followed up with a piece that used satellite images to prove that the Russian government had misled the world about its air strikes on Syria; instead of hitting ISIS territory and oil reserves, as it claimed, it had in fact targeted civilian populations, hospitals, and schools.

But Brookie, who joined DFRLab in 2017, says the 2016 election radically changed the way the team worked. Unlike Syria or Ukraine, where researchers needed to extract the truth in a low-information environment, the election was plagued by another scourge: information overload. Suddenly, there was a flood of myths to be debunked. DFRLab shifted from writing lengthy policy papers to quick hits on Medium. To expand its reach even further, the group also launched a series of live events to train other academics, journalists, and government officials in their research tactics, creating even more so-called “digital Sherlocks.”

'Sometimes a fresh pair of eyes can see something we may have missed.'

KATIE HARBATH, FACEBOOK

This work caught Facebook’s attention in 2017. After it became clear that bad actors, including Russian trolls, had used Facebook to prey on users' political views during the 2016 race, Facebook pledged to better safeguard election integrity around the world. The company has since begun staffing up its security team, developing artificial intelligence to spot fake accounts and coordinated activity, and enacting measures to verify the identities of political advertisers and administrators for large pages on Facebook.

According to Katie Harbath, Facebook’s director of politics, DFRLab's skill at tracking disinformation not just on Facebook but across platforms felt like a valuable addition to this effort. The fact that the Atlantic Council’s board is stacked with foreign policy experts including former secretary of state Madeleine Albright and Stephen Hadley, former national security adviser to President George W. Bush, was an added bonus.

“They bring that unique, global view set of both established foreign policy people, who have had a lot of experience, combined with innovation and looking at problems in new ways, using open source material,” Harbath says.

That combination has helped the Atlantic Council attract as much as $24 million a year in contributions, including from government and corporate sponsors. As the think tank's profile has grown, however, it has also been accused of peddling influence for major corporate donors like FedEx. Now, after committing roughly $1 million in funding to the Atlantic Council, the bulk of which supports the DFRLab’s work, Facebook is among the organization's biggest sponsors.

But for Facebook, giving money away is the easy part. The challenge now is figuring out how best to leverage this new partnership. Facebook is a $500 billion tech juggernaut with 30,000 employees in offices around the world; it's hard to imagine what a 14-person team at a non-profit could tell them that they don't already know. But Facebook's security team and DFRLab staff swap tips daily through a shared Slack channel, and Harbath says that Brookie’s team has already made some valuable discoveries.

During the recent elections in Mexico, for example, DFRLab dissected the behavior of a political consulting group called Victory Lab that was spamming the election with fake news, driven by Twitter bots and Facebook likes that appeared to have been purchased in bulk. The team found that a substantial number of those phony likes came from the same set of Brazilian Facebook users. What's more, they all listed the same company, Frases & Versos, as their employer.

The team dug deeper, looking into the managers of Frases & Versos, and found that they were connected with an entity called PCSD, which maintained a number of pages where Facebook users could buy and sell likes, shares, and even entire pages. With the Brazilian elections on the horizon in October, Brookie says, it was critical to get the information in front of Facebook immediately.

"We flagged it for Facebook, like, 'Holy cow this is interesting,'" Brookie remembers. The Facebook team took on the investigation from there. On Wednesday, the DFRLab published its report on the topic, and Facebook confirmed to WIRED that it had removed a network of 72 groups, 46 accounts, and five pages associated with PCSD.

"We’re in this all day, every day, looking at these things," Harbath says. "Sometimes a fresh pair of eyes can see something we may have missed."

Of course, Facebook has missed a lot in the past few years, and the partnership with the DFRLab is no guarantee it won't miss more. Even as it stumbles toward transparency, the company remains highly selective about which sets of eyes get to search for what they've missed, and what they get to see. After all, Brookie's team can only examine clues that are already publicly accessible. Whatever signals Facebook is studying behind the scenes remain a mystery.

Categorized in Internet Privacy
Page 1 of 5

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.
Please wait

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Subscribe to Our Newsletter

Receive Great tips via email, enter your email to Subscribe.
Please wait

Follow Us on Social Media