Authentic8 Blog Category: Online Research

Authentic8 Completes FedRAMP ‘In Process’ Authorization Milestone

Authentic8, the maker of Silo, the leading web isolation platform for commercial and government organizations, announced today that it has completed all requisite steps and is formally “In Process” for FedRAMP authorization.

What Is FedRAMP?

The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide certification program that standardizes the security, reliability, and integrity of cloud products and services. FedRAMP certification aims to ensure consistent compliance across all federal agencies and streamlines approval and procurement processes.

Authentic8 began working with government organizations in 2015. With more than 160 federal, state, and local agencies relying on Silo cloud browsing and web investigation solutions to execute their most important missions, Authentic8 is the largest provider of isolation technology to US government organizations.

“Something as simple as going online presents significant risk to any organization, and government data is a particularly sweet target for cybercriminals and nation states,” said Justin Cleveland, Head of Authentic8’s government business. “Achieving FedRAMP authorization will help us expand

How to REALLY Browse Anonymously

When anonymous web access becomes business-critical, the web's favorite home remedies won't help. Worse, they can harm you and our organization.

*

A few weeks ago, I was speaking with a regional bank in the Southwestern United States, where the lack of anonymity online had jeopardized a recent investigation. The bank was doing online research necessary for them to comply with Bank Secrecy Act and Anti Money Laundering (BSA/AML) regulations.

A financial fraud analyst found incriminating evidence on the web page of a business she was investigating. Imagine her frustration when she went back the next day to collect that evidence, only to find it had been removed in the meantime. What happened?

The bank suspects that the subject of its investigation was tipped off to the analyst's research because web traffic from the bank was hitting the website of the investigated business.

This happens more often than one would think, as I've learned in conversations with other financial services firms before.

To TOR or Not to TOR?

Recent mass shootings in Christchurch, Poway, and El Paso, as well as the lesser-known attack on a synagogue in Halle, Germany all have something in common other than being acts of violence. The perpetrators all had an online presence on a forum known as "8chan".

After the El Paso attack, 8chan was dropped by service providers and went offline. The shooter in Halle couldn't announce the attack on the forum; however, it was still live-streamed, similar to the attack in Christchurch. The attacker also used the name "anon", short for anonymous, a typical username used for privacy in forums such as 8chan.

8Chan has since rebranded as "8kun" and is back online as of November 3rd, 2019. The screenshot below shows 8kun's landing page in TOR.

Screenshot: 8kun Landing Page in TOR (Authentic8 Blog)

Forums such as 8kun are not only a gathering place for users to gain inspiration to commit attacks.  They also serve as dissemination points for manifestos furthering the spread of this type of terrorism.

The Christchurch

10 Top Tools for Threat Hunters from Black Hat USA 2019

So you weren't able to make it to Las Vegas this year, or didn’t get to check out all the latest and greatest tools at the booths and workshops? We've got you covered.

Check out these ten short reviews of useful tools presented at Black Hat USA 2019 for threat intelligence analysts, OSINT researchers, forensic investigators, and threat hunters:

King Phisher: Phishing Toolkit for Red Teams

King Phisher

Source: Github

King Phisher, created by SecureState, is a tool designed to simulate real-life scenario phishing attacks that may occur on a corporate network. It’s intended for red teaming, enabling the user to create complex attack scenarios to test internally if anyone in the organization fails to identify the bait.

This highly flexible tool allows you to run numerous phishing campaigns simultaneously, control the phishing email's content (embedded images, HTML, and more), map the location of all the phishing victims, and run SPF checks (Sender Policy Framework) for forging sender address during email delivery.

Tips & Tricks for Anonymous Social Media Investigations

How can professional investigators securely conduct research on social media without exposing their organization? Authentic8’s Nick Finnberg, OSINT training specialist and former intelligence analyst, shared insights and tradecraft insights, tips and tools at a webinar on social media investigations.

*

There are more than 3.5 billion active social media users across the world. Facebook, Instagram, Twitter, LinkedIn, Reddit, 8chan and Co. can be a treasure trove for law enforcement, fraud investigators, corporate security specialists, and Open Source Intelligence (OSINT) analysts. Provided, that is, the researchers have tools at their disposal that are up to the task.

That’s a big IF. Online investigators need to be able to quickly and efficiently collect, save, and collaboratively analyze data while maintaining adequate operational security (OpSec). This often poses a challenge, because they also grapple with budget constraints, inadequate online tools with inherent security vulnerabilities, and an acute shortage of properly trained cybersecurity personnel.

How to safely, effectively, and anonymously use social media for