Security firm identifies hacker behind Collection 1 leak, as Collection 2-5 become public

mega-data-grab.png

More security news

The threat intel team at Recorded Future, a US-based cyber-security firm, claims to have identified the hacker who assembled and then sold a massive collection of email addresses and passwords known as Collection #1.

The company’s experts believe a hacker going online by the pseudonym of “C0rpz” is the person who rigorously and meticulously collected billions of user records over the past three years. This includes records from companies that were hacked in the past and whose data was posted or sold online.

Recorded Future says that C0rpz isn’t only responsible for assembling and selling Collection #1, a data trove of 773 million unique email addresses and just under 22 million unique passwords that grabbed headlines at the start of the year, but many more other data collections.

Researchers say Collection #1 was part of a larger package containing seven other “collections” in total.

  • “ANTIPUBLIC #1” (102.04 GB)
  • “AP MYR & ZABUGOR #2” (19.49 GB)
  • “Collection #1” (87.18 GB)
  • “Collection #2” (528.50 GB)
  • “Collection #3” (37.18 GB)
  • “Collection #4” (178.58 GB)
  • “Collection #5” (40.56 GB)

Of the seven, the AntiPublic collection had already leaked online and had been shared among other hackers since April 2017. The rest appear to be new items, that hadn’t been seen online until this month.

In total, these databases appear to contain more than 3.5 billion user records, in combinations such as email addresses and passwords, usernames and passwords, and cell phone numbers and passwords.

Recorded Future says C0rpz sold this data to other hackers, who are now disseminating it for free via online sharing portal MEGA and via torrent magnet links.

Some of the hackers who bought this data from C0rpz are Sanix, another hacker who infosec journalist Brian Krebs first identified as the source of Collection #1, and Clorox, the person who initially shared Collection #1 for free on Raid Forums at the start of the month, inadvertently exposing this huge data trove to security researchers and journalists.

“Neither of three actors has ever been on our radar,” Andrei Barysevich, Director of Advanced Collection at Recorded Future, told ZDNet in an email today. “However, we did find a previous online footprint on all actors, which does not suggest that these actors are sophisticated.”

Barysevich also told ZDNet that his team didn’t find “any proof” that the named three, including C0rpz, are hackers, responsible for actual breaches at any company.

“We believe they have merely aggregated the data over the time,” Barysevich told us.

But Recorded Future experts aren’t 100 percent sure in their attribution of these data collections to C0rpz –as no attribution that involves self-aggrandizing and braggadocio hackers can truly ever be 100 percent. Experts are also looking into another possible source of the leak, which they did not name yet.

“On January 10, 2019, an actor on a well-known Russian-speaking hacker forum posted both a magnet link and a direct download link to a database containing 100 billion user accounts hosted on a personal website,” Recorded Future said in a report published earlier today. “The following week, the actor made clear that the data dump referenced in Troy Hunt’s [Collection #1] article was included in their dump as well.”

To be fair, it doesn’t really matter who assembled, sold, or shared this data in the end. All this data was previously available for years. The difference was that in past, this data was shared in individual packages, per site of origin.

It’s only become a recent trend for data hoarders (hackers who collected data from hacked sites) to assemble these smaller leaks and breaches into gigantic packages.

This became a trend because more and more companies are getting hacked, and the value of individual leaks became smaller. Data sellers adapted and started merging leaks together to continue to make a profit.

There are likely hundreds of similar mega-packages being shared on hacking forums out of the public eye as we speak, which have not made the light of day yet.

Eventually, they will. When that happens, cyber-crime groups will collect these aggregated leaks, extract any new user records they don’t have, and use this information to spam our email inboxes, attempt brute-force attacks against our online accounts, or, even worse, use these details for extortion or financial fraud.

It is highly likely that most of our data has already leaked online by now. All, we, the users, can do is protect our accounts with strong passwords that are unique per site, enable multi-factor authentication wherever possible, and avoid entrusting our data to any company that asks for our details for no good reason.

Now, if we could only get journalists to stop blowing these “collections” out of proportion every time one of them surfaces online.

More data breach coverage:

Let’s block ads! (Why?)

Link to original source

HP sees 3D printing potential in transforming APAC manufacturing

3D printing3D printing has the potential to bring about savings in labour and smarten up logistics in Asia, but it will require a rethink of the entire manufacturing process–from design to product delivery. If properly harnessed, the technology can enable on-demand production, enabling components to be printed only when needed, and consume less material to build a complete product. 

3D printing already is seeing robust growth globally including Southeast Asia, said Koh Kong Meng, Hewlett-Packard’s Southeast Asia Korea managing director, but he declined to provide specific growth figures for the region. Worldwide, he said the vendor was working with partners such as BMW and Nike as well as other major manufacturing design companies, including BASF, to explore printing techniques and materials that could be tapped for 3D printing. 

In Singapore, HP last October launched a research facility with Nanyang Technological University (NTU) that focused on digital manufacturing technologies and 3D printing. Opened with a US$84 million investment, the HP-NTU Corporate Innovation Lab was the US vendor’s largest university research partnership worldwide and first for the Asian region. 

The facility is supported by a team of 100 researchers and staff, and will focus its efforts on digital manufacturing technologies–specifically, 3D printing, artificial intelligence (AI), machine learning, new materials and applications, cybersecurity, and customisation. Amongst its research projects was the development of bioprinting models for the printing of viable tissues, and tapping AI to help printers predict and resolve issues autonomously.

Koh told ZDNet in an interview that HP was focusing on key verticals such as automotive and healthcare, including orthotics, to identify how 3D printing can be applied. A consulting firm in Japan, for instance, is assessing the use of the technology to facilitate the printing of spare parts, for the automotive and consumer electronics markets, only when they are needed by the customer. 

Pointing to its potential in China and Singapore, he said the Singapore government had put in place its “smart manufacturing” or “Industry 4.0” plans, which aimed to develop an advanced manufacturing ecosystem that combined machines with technologies such as data analytics and AI to create a “smart factory”. 

However, Koh noted, a rethink of the entire manufacturing processing would be required to support such efforts. “The whole process will have to change,” he said. “Today, for instance, we teach engineers about reducing a piece of material into the part we need. But, 3D printing is about adding layers until you get the part you need. It’s a different process.”

He added that every key component in the supply chain and logistics also would need to be reassessed. Because 3D printing could facilitate distributed manufacturing, he said big manufacturing plants would no longer be needed. 

Koh said: “[Instead], we can have a farm of 3D printers that can print the parts or products you need, when you need it. That’s the utopia of smart manufacturing. Imagine [what that means] for supply chains. There’s tremendous savings in freight and you can design products from ground zero that are strong but [require] less material.”

3D printing also would reduce the need for labour cost where different moving parts, for instance, could be printed without having to manually put the parts together. In addition, he said, product customisation could be easily offered for free with 3D printing, compared to traditional production. 

He noted that through the partnership with NTU, HP hoped to help build up the necessary capabilities in the industry and train a next generation of engineers “to think in 3D”. 

Looking for SEA growth in A3 

Apart from 3D, HP also is betting on the A3 copier market for growth. 

Koh said its 2017 acquisition of Samsung Electronics’ printer business for US$1.05 billion had significantly boosted its market footprint in Southeast Asia, pushing its A3 market share to 10 percent, up from its previous single-digit figure. 

Noting that the global A3 market was worth an estimated US$55 trillion, he said such acquisitions helped pave the way for HP to address this space, where it previously neither had the products nor intellectual property to do so.

In addition, more than three years after it split into two entities, HP now was much smaller, leaner, and more focused, Koh said, adding that the move had enabled the company to make decisions it might not have been able to do so as a larger company, such as the acquisition of Samsung’s printer business.

The split also allowed HP to invest in the development of new products that would appeal to consumers and experiment with new materials and colours as well as new market segments such as games, he said. 

Asia-Pacific, including Japan, was HP’s fastest growing region in its fiscal fourth quarter, clocking a growth rate of 17 percent year-on-year. In comparison, HP grew 6 percent in the Americas and 13 percent in EMEA. Asia-Pacific accounted for 22 percent of the vendor’s global business. 

RELATED COVERAGE

HP unveils $84M Singapore lab focused on digital manufacturing technologies

Launched together with Nanyang Technological University, where it is located, the HP-NTU Corporate Innovation Lab will focus on 3D printing, artificial intelligence, machine learning, and cybersecurity.

HP launches 3D printing center in China

The facility is HP’s largest 3D printing deployment in Asia Pacific.

HP gets new 3D printing leader, aims to scale business

HP’s 3D business has secured multiple partnerships and expanded its ecosystem. Now the goal is to scale the business.

HP launches Metal Jet 3D printing, additive manufacturing system

HP’s 3D printing efforts started with plastics but now are expanding to metals such as stainless steel. The big bet for HP is mass manufacturing.

HP buys office supplier Apogee, eyes copier market

HP is hoping to gain traction in the $55 billion A3 copier space and expand its Managed Print Services business.

Let’s block ads! (Why?)

Link to original source

New Windows 10 19H1 test build adds more search, mixed reality tweaks

build18329win1019h1.jpg

Credit: Microsoft

Windows 10

Microsoft released another new Windows 10 19H1 test build to Fast Ring Insiders on February 1. That build — No. 18329 — adds some more incremental features to the next feature update for Windows 10.

Build 18329 includes a quick-access capability for most used apps in Search. It also adds the ability to launch Win32 desktop apps, such as Spotify, Paint.NET and Visual Studio Code, in Windows Mixed Reality in the same way users can launch Store apps. (Users already could launch Win32 apps in Mixed Reality, but not simply or directly.)

Microsoft made some additional tweaks to other related apps as part of today’s rollout. A new update to Mail & Calendar adds Dark mode for Mail and Calendar items. It also adds a Default font feature allowing users to customize how new messages will look.

Microsoft earlier this week opened up access to the “Skip Ahead” Ring for testers who want early access to the next Windows 10 feature update. That update, known as “Vanadium” and/or 19H2, is slated to roll out to mainstream users around October 2019. Windows 10 19H1, also known as 1903/April 2019 update, should be finalized by March 2019 and start rolling out to mainstream users around April 2019.

For a full list of fixes and known issues in today’s test build 18329, check out Microsoft’s blog post.

Let’s block ads! (Why?)

Link to original source

Siri Shortcuts can be abused for extortion demands, malware propagation

Siri Shortcuts, a feature that Apple added in iOS 12, can be abused to scare or trick users into paying ransom demands, spread malware, and for data exfiltration, according to a proof-of-concept video published by IBM Security researchers.

More security news

This is possible because Siri Shortcuts is one of the most powerful and intrusive features present on modern versions of the iOS operating system.

Siri Shortcuts were created as a way for users to automate a sequence of operations that they can call using a Siri voice command. Besides being able to create Siri Shortcuts themselves, iOS users can also download the official Shortcuts app from the App Store to gain access to thousands of other user-made Shortcuts, and the iOS apps they install can install their own Siri Shortcuts as well.

Siri Shortcuts support a wide range of operations, from simple file moving tasks or opening apps, to more complex ones like screen locking or uploading content online.

It’s these latter features that John Kuhn, a senior threat researcher at IBM X-Force, believes are primed for abuse.

“Using Siri for malicious purposes, Shortcuts could be created for scareware, a pseudo ransom campaign to try to scare victims into paying a criminal by making them believe their data is in the hands of a remote attacker,” Kuhn said.

The expert says Siri Shortcuts that speak out ransom demands are easy to create. Further, attackers can use the scripts to first gather data from the phone, and use it in the spoken extortion threat to give it more authenticity and sound more convincing.

The malicious script can be even made to open a web page showing a ransom demand, and this web page can also display sample data uploaded from the victim’s phone seconds before.

These might sound silly schemes in the eyes of technical users with knowledge of cyber-security issues, but a non-technical user can be easily impressed. There’s a reason why scareware and tech support scams are efficient today, in 2019, even if they’ve been around for more than 20 years. Non-technical users can’t always distinguish an empty threat from a valid one, especially when coming from their phone.

Furthermore, Kuhn argues that a malicious Siri Shortcut script can also be made into a worm that automatically messages a victim’s entire contacts list with a link to its source, asking others to install the script as well. It can also spread download links to even more potent malware, not just other Siri Shortcuts.

Kuhn and the IBM X-Force team urge users to take the same precautions with scripts as they do with normal iOS apps and browser extensions.

Users should install Siri Shortcuts only from trusted sources, and they should always check the permissions a Shortcut is requesting access to, before moving on with the installation process.

“As tempting as it might be to just scroll past that text and hit accept, users must be more aware of good security practices, which includes reading and understanding anything they authorize to run on their device,” Kuhn said.

Let’s block ads! (Why?)

Link to original source

​Survey: The rise of industrial IoT

The infrastructure around the world is being linked together via sensors, machine learning, and analytics, which means that industrial Internet of Things (IoT) deployments are increasing. This should come to no surprise since industrial IoT holds great potential for enhancing quality control, sustainable practices, supply chain, data analysis, inefficiencies and more.

Featured stories

What does that mean for your industry or company? We want to know. TechRepublic’s sister site, Tech Pro Research is doing a survey to find out.

Also: Internet of Things policy (Tech Pro Research)

If you’re familiar with your company’s IoT plans, we want your feedback. What purposes does your company use IoT devices for? What data is your company collecting with IoT devices? What, if any, measures are taken to secure the IoT devices your company uses? Take the survey and let us know.

You’ll be asked eight or fewer survey questions, plus a couple of demographic questions. Data from this survey will be used in an upcoming Tech Pro Research report. All responses are confidential.

All respondents will have a chance to enter their email at the end of the survey and receive a free copy of the resulting research report, which is normally only available to Tech Pro Research subscribers.

To begin the survey click here.

Related stories:

Let’s block ads! (Why?)

Link to original source