dark web

Investigating the Dark Web 101

The internet is in a state of exponential growth, producing high volumes of content that is available for public scrutiny, whether for social means or, in the case of the intelligence community, for security purposes. In the shadows of our increasingly digital world, the dark web has grown and gained momentum. It has become a community where malicious actors thrive, building empires through stealing and selling IP, PII, attack methods, and more, including information that affects everyone from consumers and the general public to large enterprises and governments.

facial recognition, anonymous, misattribution, anonymity, identity, identify

Implications of Universal Facial Recognition

In my recent Security Week Article, “The Impending Facial Recognition Singularity,” I discuss how it is more difficult to remain anonymous, both online and off, these days. A major reason is that facial recognition systems are becoming cheaper, better, easier to use, and more widely deployed, while social media platforms are creating an ocean of easily identifiable faces that are widely accessible.

ISS World Americas

Another RSA: Evolving Trends in Cyberthreats

The idea that firewalls and the perimeter are becoming less important is a growing trend. There is so much opportunity for compromised devices inside the network, including BYOD laptops and phones, that we can’t think of the inside as safe anymore. If the inside is dangerous, then we need to secure all the internal surfaces to withstand attack. And if we are doing that, why not make everything easier and make them public facing? This idea is not completely crazy. It will be interesting to see how it stands up in real world use.

RSA Peer2Peer

RSA 2018 Peer2Peer Session: Successes and Pitfalls of Penetrating Hostile Online Groups

Earlier this month, I had the privilege of hosting a Peer2Peer speaker session at RSA 2018, where I joined attendees on an exploratory deep-dive through the pros, cons, and intricacies that surround the practice of proactively infiltrating malicious groups online. My goal was simple: learn how my peers are conducting anonymous operations, what problems they are experiencing, and where they have seen success.