News & Updates

How computers got shockingly good at recognizing images

Enlarge (credit: Aurich / Getty)

Right now, I can open up Google Photos, type “beach,” and see my photos from various beaches I’ve visited over the last decade. I never went through my photos and labeled them; instead, Google identifies beaches based on the contents of the photos themselves. This seemingly mundane feature is based on a technology called deep convolutional neural networks, which allows software to understand images in a sophisticated way that wasn’t possible with prior techniques.

In recent years, researchers have found that the accuracy of the software gets better and better as they build deeper networks and amass larger data sets to train them. That has created an almost insatiable appetite for computing power, boosting the fortunes of GPU makers like Nvidia and AMD. Google developed its own custom neural networking chip several years ago, and other companies have scrambled to follow Google’s lead.

Over at Tesla, for instance, the company has put deep learning expert Andrej Karpathy in charge of its Autopilot project. The carmaker is now developing a custom chip to accelerate neural network operations for future versions of Autopilot. Or, take Apple: the A11 and A12 chips at the heart of recent iPhones include a “neural engine” to accelerate neural network operations and allow better image- and voice-recognition applications.

Read 104 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

Twitter has been hit with a minor data breach incident that the social networking site believes linked to a suspected state-sponsored attack.

In a blog post published on Monday, Twitter revealed that while investigating a vulnerability affecting one of its support forms, the company discovered evidence of the bug being misused to access and steal users’ exposed information.

The impacted


Source: http://feeds.feedburner.com/TheHackersNews

Twitter discovered a possible nation-state attack while it was investigating an information disclosure flaw affecting its platform.

Experts at Twitter discovered a possible state-sponsored attack while they were investigating an information disclosure vulnerability affecting its support forms. The experts discovered that the attack was launched from IP addresses that may be linked to nation-state actors.

The flaw affected a support form that could be used to contact Twitter in case of problems with an account. The flaw could have been exploited to obtain the country code of a user’s phone number and determine whether or not the account had been locked by Twitter.

An account could be locked if it violates rules or terms of service, or if the account was compromised. The social media platform fixed the flaw on November 15, in just 24 hours.

The experts noticed a suspicious activity related to the API associated with the flawed customer support form.

“During our investigation, we noticed some unusual activity involving the affected customer support form API.” reads a blog post published by Twitter.

“Specifically, we observed a large number of inquiries coming from individual IP addresses located in China and Saudi Arabia. While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors. We continue to err on the side of full transparency in this area and have updated law enforcement on our findings.”

Twitter

Twitter, like many other social media platforms, are a privileged target for state-sponsored hackers that could use them for online propaganda and spread fake news.

In November, the researcher Terence Eden discovered that the permissions dialog when authorizing certain apps to Twitter could expose direct messages to the third-party. The expert was awarded $2,940 for reporting the bug to the company under the bug bounty program operated through the HackerOne platform.

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
});
}
catch (error) {}

Pierluigi Paganini

(SecurityAffairs – intelligence,hacking)

The post Twitter uncovered a possible nation-state attack appeared first on Security Affairs.

Source: Security affairs

Security researchers have discovered yet another example of how cybercriminals disguise their malware activities as regular traffic by using legitimate cloud-based services.

Trend Micro researchers have uncovered a new piece of malware that retrieves commands from memes posted on a Twitter account controlled by the attackers.

Most malware relies on communication with their


Source: http://feeds.feedburner.com/TheHackersNews

A Czech cyber-security agency is warning against using Huawei and ZTE technologies because they pose a threat to state security.

The Chinese nightmare is rapidly spreading among European countries, now a Czech cyber-security agency is warning against using the equipment manufactured by Chinese firms Huawei and ZTE because they pose a threat to state security.

“The main issue is a legal and political environment of the People’s Republic of China, where (the) aforementioned companies primarily operate,” reads a statement issued by the Czech National Cyber and Information Security Agency.

“China’s laws, among other things, require private companies residing in China to cooperate with intelligence services, therefore introducing them into the key state systems might present a threat,” 

According to the Czech News Agency (CTK), the Czech branch of the Chinese Telco giant Huawei refused any accusation and asked the agency to offer proof of the alleged espionage activities for the Chinese intelligence. 

“The warning comes on the heels of a Czech intelligence report which warned about increased spying activities of Chinese diplomats in the EU and NATO member state of 10.6 million people.” reported the AFP press.

The US first, and many other countries after, have decided to ban network equipment manufactured by the Chinese telecom giant Huawei.

In November 2018, the Wall Street Journal reported that the US Government was urging its allies, including Germany, to exclude Huawei from critical infrastructure and 5G architectures.

The Chinese firm was already excluded by several countries from building their 5G internet networks. The United StatesAustraliaNew Zealand, and Japan announced the exclusion of Huawei technology for their 5G internet networks.

Huawei cyber espionage

The United States is highlighting the risks for national security in case of adoption of Huawei equipment and is inviting internet providers and telco operators in allied countries to ban the company.

Now Germany’s IT watchdog has expressed its opinion about the ban of the Huawei technology, it has highlighted that there is no evidence that the equipment could be used by Chinese intelligence in cyber espionage activity.

On Friday, the head of Germany’s Federal Office for Information Security (BSI), Arne Schoenbohm admitted that since now there is no proof espionage activity conducted through Huawei technology.

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
});
}
catch (error) {}

Pierluigi Paganini

(SecurityAffairs – Chinese intelligence, cyberespionage)

The post Czech cyber-security agency warns over Huawei, ZTE security threat appeared first on Security Affairs.

Source: Security affairs

The word

Enlarge (credit: Aurich Lawson / Getty Images)

With Microsoft’s decision to end development of its own Web rendering engine and switch to Chromium, control over the Web has functionally been ceded to Google. That’s a worrying turn of events, given the company’s past behavior.

Chrome itself has about 72 percent of the desktop-browser market share. Edge has about 4 percent. Opera, based on Chromium, has another 2 percent. The abandoned, no-longer-updated Internet Explorer has 5 percent, and Safari—only available on macOS—about 5 percent. When Microsoft’s transition is complete, we’re looking at a world where Chrome and Chrome-derivatives take about 80 percent of the market, with only Firefox, at 9 percent, actively maintained and available cross-platform.

The mobile story has stronger representation from Safari, thanks to the iPhone, but overall tells a similar story. Chrome has 53 percent directly, plus another 6 percent from Samsung Internet, another 5 percent from Opera, and another 2 percent from Android browser. Safari has about 22 percent, with the Chinese UC Browser sitting at about 9 percent. That’s two-thirds of the mobile market going to Chrome and Chrome derivatives.

Read 20 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

A report commissioned by the US Senate Select Committee on Intelligence, based on data provided to the committee by social media platforms, provides a look at just how large and ambitious the Internet Research Agency's campaign to shape the US Presidential election was.

Enlarge / A report commissioned by the US Senate Select Committee on Intelligence, based on data provided to the committee by social media platforms, provides a look at just how large and ambitious the Internet Research Agency’s campaign to shape the US Presidential election was. (credit: Chesnot/Getty Images)

A report prepared for the Senate Select Committee on Intelligence (SSCI) due to be released later this week concludes that the activities of Russia’s Internet Research Agency (IRA) leading up to and following the 2016 US presidential election were crafted to specifically help the Republican Party and Donald Trump. The activities encouraged those most likely to support Trump to get out to vote while actively trying to spread confusion and discourage voting among those most likely to oppose him. The report, based on research by Oxford University’s Computational Propaganda Project and Graphika Inc., warns that social media platforms have become a “computational tool for social control, manipulated by canny political consultants, and available to politicians in democracies and dictatorships alike.”

In an executive summary to the Oxford-Graphika report, the authors—Philip N. Howard, Bharath Ganesh, and Dimitra Liotsiou of the University of Oxford, Graphika CEO John Kelly, and Graphika Research and Analysis Director Camille François—noted that, from 2013 to 2018, “the IRA’s Facebook, Instagram, and Twitter campaigns reached tens of millions of users in the United States… Over 30 million users, between 2015 and 2017, shared the IRA’s Facebook and Instagram posts with their friends and family, liking, reacting to, and commenting on them along the way.”

While the IRA’s activity focusing on the US began on Twitter in 2013, as Ars previously reported, the company had used Twitter since 2009 to shape domestic Russian opinion. “Our analysis confirms that the early focus of the IRA’s Twitter activity was the Russian public, targeted with messages in Russian from fake Russian users,” the report’s authors stated. “These misinformation activities began in 2009 and continued until Twitter began closing IRA accounts in 2017.”

Read 11 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

A second sample of the Shamoon wiper was uploaded to Virus total on December 13, from the Netherlands, experts analyzed it.

Last week security experts at Chronicle announced the discovery of a new variant of the infamous Shamoon malware, the sample was uploaded to Virus Total from Italy at around the time Italian oil services company Saipem announced to have suffered a cyber attack.

Over 300 of the servers at Saipem had been infected by Shamoon.

Now security experts have spotted a different sample of the new Shamoon variant, a circumstance that could suggest the attack was greater than initially thought, 

The second sample was uploaded to Virus total on December 13, from the Netherlands.

Malware researchers at Anomali Labs confirmed that this second sample is different from the one discovered by Chronicle.

The trigger date is set in the past, but to December 12, 2017, five days later than the one set in the variant identified by Chronicle. The trigger date is likely set to the past to allow immediate execution on the target system. 

The trigger date could be retrieved by the C2, but the sample analyzed by 
Anomali Labs did not include any reference to command and control servers. 

“A defining characteristic of this new Shamoon version is that it shares nearly 80 percent similarity with earlier versions of Shamoon and may use a historic trigger date, so that it can immediately perform destructive actions once infecting a user’s machine.” reads the analysis published by Anomaly Labs.

“Although not confirmed to be the work of Iranian APT groups, the malware’s codebase, targeted sector, and targeted geography have all been observed in historic attacks which were later attributed to adversaries from the region.”

The newly identified sample is UPX packed in the attempt to modify the signature of the malware to make it harder the detection.

The new Shamoon variant also uses “VMWare Workstation” in its file description in an attempt to utilize a legitimate software product as a lure to victims.

“Anomali Labs has not correlated this sample to an active cyber-attack at this time, however, analysts believe that it may represent additional targets as part of the Shamoon V3 campaign.” concludes Anomali Labs.

Further details, including IoCs are reported in the analysis 

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
});
}
catch (error) {}

Pierluigi Paganini

(SecurityAffairs –Shamoon v3, hacking)

The post A second sample of the Shamoon V3 wiper analyzed by the experts appeared first on Security Affairs.

Source: Security affairs

A woman sending a text message on a smartphone.

Enlarge (credit: Getty Images | Tom Werner)

California telecom regulators have abandoned a plan to impose government fees on text-messaging services, saying that a recent Federal Communications Commission vote has limited its authority over text messaging.

The FCC last week voted to classify text-messaging as an information service, rather than a telecommunications service.

“Information service” is the same classification the FCC gave to broadband when it repealed net neutrality rules and claimed that states aren’t allowed to impose their own net neutrality laws. California’s legislature passed a net neutrality law anyway and is defending it in court. But the state’s utility regulator chose not to challenge the FCC on regulation of text messaging.

Read 13 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

A large number of keys against a light-colored wooden background.

Enlarge (credit: Taki Steve / Flickr)

It has been a while since I wrote about quantum key distribution. Once a technology is commercially available, my interest starts to fade. But commercial availability in this case hasn’t meant widespread use. Quantum key distribution has ended up a niche market because creating shared keys with it for more than one connection using a single device is so difficult.

That may all change now with a very inventive solution that makes use of all the best things: lasers, nonlinear optics, and conservation of energy.

Quantum key distribution in less than 500 words

The goal of quantum key distribution is to generate a random number that is securely shared between two people, always termed Alice and Bob. The shared random number is then used to seed classical encryption algorithms.

Read 14 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/