SoylentNews

upstart writes in with an IRC submission:

PE Tree: Free open source tool for reverse-engineering PE files - Help Net Security:

PE Tree, a malware reverse-engineering, open source tool developed by the BlackBerry Research and Intelligence team, has been made available for free to the cybersecurity community.

PE Tree allows malware analysts to view Portable Executable (PE) files in a tree-view using pefile – a multi-platform Python module that parses and works with PE files – and PyQt5, a module that can be used to create graphical user interfaces.

[...] The Python-based tool parses PE files and maps them into a tree view, them provides a summery of various headers. Suspicious findings are highlighted, and analysts can deepen their research by doing a VirusTotal search, export portions of the PE file to CyberChef for further processing, finding and dumping PE files from an IDA database and reconstruct imports, etc.

[...] "The BlackBerry Research and Intelligence team initially developed this open source tool for internal use and is now making it available to the malware reverse engineering community."

[...] [Tom] Bonner noted that this free tool for reverse-engineering is under active development and new features will be added frequently.

Original Submission

upstart writes in with an IRC submission:

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims:

In June, KrebsOnSecurity was contacted by a cybersecurity researcher who discovered that a group of scammers was sharing highly detailed personal and financial records on Americans via a free web-based email service that allows anyone who knows an account's username to view all email sent to that account — without the need of a password.

The source, who asked not to be identified in this story, said he's been monitoring the group's communications for several weeks and sharing the information with state and federal authorities in a bid to disrupt their fraudulent activity.

The source said the group appears to consist of several hundred individuals who collectively have stolen tens of millions of dollars from U.S. state and federal treasuries via phony loan applications with the U.S. Small Business Administration (SBA) and through fraudulent unemployment insurance claims made against several states.

KrebsOnSecurity reviewed dozens of emails the fraud group exchanged, and noticed that a great many consumer records they shared carried a notation indicating they were cut and pasted from the output of queries made at Interactive Data LLC, a Florida-based data analytics company.

Interactive Data, also known as IDIdata.com, markets access to a "massive data repository" on U.S. consumers to a range of clients, including law enforcement officials, debt recovery professionals, and anti-fraud and compliance personnel at a variety of organizations.

The consumer dossiers obtained from IDI and shared by the fraudsters include a staggering amount of sensitive data, including:

-full Social Security number and date of birth;
-current and all known previous physical addresses;
-all known current and past mobile and home phone numbers;
-the names of any relatives and known associates;
-all known associated email addresses
-IP addresses and dates tied to the consumer's online activities;
-vehicle registration, and property ownership information
-available lines of credit and amounts, and dates they were opened
-bankruptcies, liens, judgments, foreclosures and business affiliations

Reached via phone, IDI Holdings CEO Derek Dubner acknowledged that a review of the consumer records sampled from the fraud group's shared communications indicates "a handful" of authorized IDI customer accounts had been compromised.

Original Submission

upstart writes in with an IRC submission:

Algorithm finds hidden connections between paintings at the Met:

Art is often heralded as the greatest journey into the past, solidifying a moment in time and space; the beautiful vehicle that lets us momentarily escape the present.

With the boundless treasure trove of paintings that exist, the connections between these works of art from different periods of time and space can often go overlooked. It's impossible for even the most knowledgeable of art critics to take in millions of paintings across thousands of years and be able to find unexpected parallels in themes, motifs, and visual styles.

To streamline this process, a group of researchers from MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) and Microsoft created an algorithm to discover hidden connections between paintings at the Metropolitan Museum of Art (the Met) and Amsterdam's Rijksmuseum.

Inspired by a special exhibit "Rembrandt and Velazquez" in the Rijksmuseum, the new "MosAIc" system finds paired or "analogous" works from different cultures, artists, and media by using deep networks to understand how "close" two images are. In that exhibit, the researchers were inspired by an unlikely, yet similar pairing: Francisco de Zurbarán's "The Martyrdom of Saint Serapion"and Jan Asselijn's "The Threatened Swan," two works that portray scenes of profound altruism with an eerie visual resemblance.

"These two artists did not have a correspondence or meet each other during their lives, yet their paintings hinted at a rich, latent structure that underlies both of their works," says CSAIL PhD student Mark Hamilton, the lead author on a paper about "MosAIc."

[...] "Going forward, we hope this work inspires others to think about how tools from information retrieval can help other fields like the arts, humanities, social science, and medicine," says Hamilton. "These fields are rich with information that has never been processed with these techniques and can be a source for great inspiration for both computer scientists and domain experts. This work can be expanded in terms of new datasets, new types of queries, and new ways to understand the connections between works."

Journal Reference:
Mark Hamilton, Stephanie Fu, William T. Freeman, et al. Conditional Image Retrieval (arXiv: 2007.07177)

Original Submission

upstart writes in with an IRC submission:

Peter Dutton confirms Australia could spy on its own citizens under cybersecurity plan:

Peter Dutton has confirmed the government's $1.6bn cyberstrategy will include capability for the Australian Signals Directorate to help law enforcement agencies identify and disrupt serious criminal activity – including in Australia.

By rendering support to the Australian federal police and the Australian Criminal Intelligence Commission, the cybersecurity and intelligence agency would for the first time be able to target Australians, although Dutton maintains ASD won't be able to do so directly.

Dutton said law enforcement agencies would target terrorists, paedophiles and drug traffickers operating in the dark web – promising proposed new powers will apply "to those people and those people only".

Details of the new powers – which will require legislation – are not contained in the strategy, which says only that the government will "ensure law enforcement agencies have appropriate legislative powers and technical capabilities to deter, disrupt and defeat the criminal exploitation of anonymising technology and the dark web".

[...] Dutton said the new capabilities would be exercised only in relation to people "alleged to be committing very serious offences".

"If you're a paedophile you should be worried about these powers, if you're a terrorist ... if you're committing serious offence in relation to trafficking of drugs, of ice, for example, that's being pedalled to children, you should be worried about these powers as well.

"The reality is people are trying their best to groom kids online and ... people are trading gun parts on the dark web and it cannot be a lawless space. This law applies to those people and those people only."

Original Submission

looorg writes:

Video Game Approved as Prescription Medicine:

This summer, a video game became available by prescription in the United States. This first-ever FDA-approved digital treatment builds on a tradition of gaming as a therapeutic tool that extends back more than a decade. Its game play gets good reviews, too.

[...] On 15 June, the U.S. Food and Drug Administration announced its approval of a first-person racing game called EndeavorRx. Boston-based Akili Interactive Labs, maker of the game, says its racer was originally licensed from the lab of Adam Gazzaley, a neuroscientist at the University of California, San Francisco. The company touts four peer-reviewed studies (in PLOS One, The Lancet Digital Health, The Journal of Autism, and Developmental Disorders) as well as one paper in process as support for its claims that EndeavorRx significantly improves clinical markers of attention in patients with ADHD (attention deficit hyperactivity disorder).

"EndeavorRx looks and feels like a traditional game, but it's very different," says Matt Omernick, Akili cofounder and the company's chief creative officer. "EndeavorRx uses a video-game experience to present specific sensory stimuli and simultaneous motor challenges designed to target and activate the prefrontal cortex of the brain.... As a child progresses in game play, the technology is continuously measuring their performance and using adaptive algorithms to adjust the difficulty and personalize the treatment experience for each individual."

Original Submission

An Anonymous Coward writes:

I imagine most people here already know the stats, it's nothing new, but I found it interesting to review.

Many Americans Are Convinced Crime Is Rising In The U.S. They're Wrong:

"People estimated their risks for a whole host of bad-news life events — robbery, burglary, job loss and losing their health insurance. But the survey didn't just ask respondents to rate their chances: It also asked whether those things had actually happened to them in the last year.

And that combination of questions revealed something important about American fear: We are terrible at estimating our risk of crime — much worse than we are at guessing the danger of other bad things. Across that decade, respondents put their chance of being robbed in the coming year at about 15 percent. Looking back, the actual rate of robbery was 1.2 percent. In contrast, when asked to rate their risk of upcoming job loss, people guessed it was about 14.5 percent — much closer to the actual job loss rate of 12.9 percent."

[...] "In 2019, according to a survey conducted by Gallup, about 64 percent of Americans believed that there was more crime in the U.S. than there was a year ago. It's a belief we've consistently held for decades now, but as you can see in the chart below, we've been, just as consistently, very wrong."

Like I said, more of the same, but might be worth a discussion.

Original Submission

upstart writes in with an IRC submission:

Capital One Fined $80m for 2019 Breach:

According to a statement from the Office of the Comptroller of the Currency (OCC), these actions were taken against Capital One "based on the bank's failure to establish effective risk assessment processes prior to migrating significant information technology operations to the public cloud environment and the bank's failure to correct the deficiencies in a timely manner".

The breach occurred in March 2019, when a former employee of Capital One named Paige Thomson exfiltrated the data of 100 million people in the US and six million in Canada, exploiting a weakness in the configuration of perimeter security controls to gain access to sensitive files housed in its cloud storage.

Capital One blamed a "configuration vulnerability" as the customer data was exfiltrated from an AWS S3 data storage service and moved to a Github site. At the time, Capital One said the breached information "included personal information Capital One routinely collects at the time it receives credit card applications, including names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth and self-reported income."

In taking the financial action, the OCC said it considered the bank's customer notification and remediation efforts, and while it "encourages responsible innovation" in all banks it supervises, "sound risk management and internal controls are critical to ensuring bank operations remain safe and sound and adequately protect their customers."

[...] "The signal is very clear: the often referenced shared responsibility cloud model means naught when it's your data," he added. "What's very surprising about this breach is, per Capital One's prior announcements, only a fraction of the regulated data was properly tokenized (credit card and SSN data), and the rest accessible under attack. Had tokenization been applied across the full regulated data set, this breach would have been a non-event."

Original Submission

upstart writes in with an IRC submission:

Robocall Legal Advocate Leaks Customer Data:

The Blacklist Alliance provides technologies and services to marketing firms concerned about lawsuits under the Telephone Consumer Protection Act (TCPA), a 1991 law that restricts the making of telemarketing calls through the use of automatic telephone dialing systems and artificial or prerecorded voice messages. The TCPA prohibits contact with consumers — even via text messages — unless the company has "prior express consent" to contact the consumer.

With statutory damages of $500 to $1,500 per call, the TCPA has prompted a flood of lawsuits over the years.

[...] Enter The Blacklist Alliance, which promises to help marketers avoid TCPA legal snares set by "professional plaintiffs and class action attorneys seeking to cash in on the TCPA."

[...] Lawyers representing TCPA claimants typically redact their clients' personal information from legal filings to protect them from retaliation and to keep their contact information private. The Blacklist Alliance researches TCPA cases to uncover the phone numbers of plaintiffs and sells this data in the form of list-scrubbing services to telemarketers.

[...] Unfortunately for the Blacklist paying customers and for people represented by attorneys filing TCPA lawsuits, the Blacklist's own Web site until late last week leaked reams of data to anyone with a Web browser. Thousands of documents, emails, spreadsheets, images and the names tied to countless mobile phone numbers all could be viewed or downloaded without authentication from the domain theblacklist.click.

The directory also included all 388 Blacklist customer API keys, as well as each customer's phone number, employer, username and password (scrambled with the relatively weak MD5 password hashing algorithm).

Original Submission

Phoenix666 writes:

New Atlas:

A team of engineers at MIT led by C. Cem Tasan has discovered why steel razor blades go dull even when cutting hair that's 50 times softer than them. Using an electron microscopic, they found that under the right conditions a single hair can chip a blade edge.

[...] However, razor blades don't last and other steel blades, like knives and scalpels, also go dull even when used exclusively on softer materials. According to MIT, this is because there's more going on than a simple wearing down of metal, such as happens when a blade is rubbed against something harder, like a whetstone. Instead, what happens is that if a razor blade strikes a hair under the wrong conditions, it becomes stressed, cracks, and then chips due to a mechanism called stress intensification. This chipping leads to more cracks, leading to more chipping in a cascading cycle, ultimately resulting in a very dull razor and an unpleasant shave.

Journal Reference:
Gianluca Roscioli, Seyedeh Mohadeseh Taheri-Mousavi, Cemal Cem Tasan. How hair deforms steel [$], Science (DOI: 10.1126/science.aba9490)

Apparently it is not because the hairs have been affected by Brundlefly hybridization.

Original Submission

upstart writes in with an IRC submission:

Google resumes human review of Assistant audio 'recordings' - 9to5Google:

Last summer, Amazon, Apple, and Google were criticized for not properly disclosing how human reviewers analyze audio snippets from each of their assistants. Google in response paused the practice for Assistant and other products, but is now resuming and making audio recordings entirely opt-in.

As noted by The Verge, Google is sending out a somewhat confusing email about how it "recently updated settings for voice and audio recordings." The crux is how the company is having human reviewers analyze audio snippets again.

This process — which involves listening, transcribing, and annotating — improves Google's speech recognition technology, and helps expand support to more languages. As of last year, only 0.2 percent of all snippets are reviewed by humans.

These language experts review and transcribe a small set of queries to help us better understand those languages. This is a critical part of the process of building speech technology, and is necessary to creating products like the Google Assistant.

Original Submission

upstart writes in with an IRC submission:

Citizen scientists help geologists to identify earthquakes and tectonic tremors:

It is not yet possible to predict earthquakes, but the analysis of different types of seismic data allows scientists to pinpoint where and when each type of earthquake originated, and hence better understand when and where tectonic slip might occur via damaging earthquakes. Tens of thousands of seismic stations around the world continuously record local seismic activity, with an output that is far beyond what scientists can process. Here, researchers from Northwestern University have called over 2,000 citizen scientists to the rescue for the crowd-based analysis of seismic recordings, rendered into audiovisual format, through the program Earthquake Detective on the Open-Science platform Zooniverse. They show that citizens are at least as accurate as machine learning, and can even identify tectonic tremors, which previously was only possible for trained professionals. The results are published today in Frontiers in Earth Science.

"My aim was to receive help with detections of these special seismic events because I felt overwhelmed by the rapidly growing mountain of data I was investigating for my Ph.D. research," says lead author Vivian Tang, a graduate student at the Department of Earth and Planetary Sciences of Northwestern University, Illlinois. "With Zooniverse and the Earthquake Detective team, we provide people everywhere with a simple and engaging way to help further scientific research."

[...] The authors conclude that citizen scientists can make a major contribution to seismology, allowing scientists to process much more data than they ever could on their own, thus helping them to better understand processes deep inside the Earth's crust and forecast earthquakes with greater precision. The citizens' ability to collectively identify tremors, which artificial intelligence can't yet do, will be especially valuable for the field.

Journal Reference:
Vivian Tang, Boris Rösler, Jordan Nelson, JaCoya Thompson, Suzan van der Lee, Kevin Chao and Michelle Paulsen. Citizen Scientists Help Detect and Classify Dynamically Triggered Seismic Activity in Alaska. Frontiers in Earth Science, https://www.frontiersin.org/articles/10.3389/feart.2020.00321/full

Original Submission

upstart writes in with an IRC submission:

California virus-fighting efforts hampered by data delays:

California has stopped removing or adding to a list of counties facing more restrictions on businesses and schools as it tries to resolve a technical problem with the state's coronavirus testing database, health officials said Wednesday.

The state has recorded a highest-in-the-nation 525,000 positive tests. But California health officials say the true number is even higher. They don't know how much so until they can add backlogged testing data and fix the problem with the California Reportable Disease Information Exchange, also known as CalREDIE.

The incomplete data in the nation's most populous state has hampered public health officials' ability to follow up with those who test positive and contact people who have been around them to limit the spread.

"Back in February and March when we didn't have enough testing, I would say we felt blind," said Dr. Sara Cody, Santa Clara County's public health director. "I would say now we're back to feeling blind. We don't know how the epidemic is trending."

Original Submission

"MrPlow" writes in with a submission, via IRC, for chromas.

Black Hat: Hackers can remotely hijack enterprise, healthcare Temi robots:

Temi's interactive assistance robots are remotely exploitable with little more than a phone number.

On Thursday at Black Hat USA, McAfee's Advanced Threat Research (ATR) team disclosed new research into the robots, in which remotely-exploitable vulnerabilities were uncovered, potentially leading to mobile, audio, and video tampering on the hospital floor.

The robot in question is Robotemi Global's Temi, a "personal robot" that uses a range of sensors, artificial intelligence (AI) and machine learning (ML) technologies, as well as modern voice activation and mobile connectivity to perform functions including personal assistance tasks, answering Internet queries, and facilitating remote video calls.

[...] In total, four vulnerabilities were found, the use of hard-coded credentials, an origin validation error, missing authentication for critical functions, and an authentication bypass. The security issues spotted by McAfee have been assigned CVE-2020-16170, CVE-2020-16168, CVE-2020-16167, and CVE-2020-16169.

"Together, these vulnerabilities could be used by a malicious actor to spy on Temi's video calls, intercept calls intended for another user, and even remotely operate Temi -- all with zero authentication," the researchers say.

Original Submission

GreatOutdoors writes:

For those of you into Ham (Amateur) radio, especially the Technician class license holders, this will be pretty exciting and a good way to keep interest in the hobby going due to now having HF transmit ability. The article discusses the re-balancing for digital modes as well, which many people will find to be good move in the digital age.

"ARRL[*] has asked the FCC to expand HF privileges for Technician licensees to include limited phone privileges on 75, 40, and 15 meters, plus RTTY and digital mode privileges on 80, 40, and 15 meters. The FCC has not yet invited public comment on the proposals, which stem from recommendations put forth by the ARRL Board of Directors' Entry-Level License Committee, which explored various initiatives and gauged member opinions in 2016 and 2017."

[*] ARRL: American Radio Relay League (Wikipedia).

Link to original Story:
http://www.arrl.org/news/arrl-requests-expanded-hf-privileges-for-technician-licensees

Powerpoint presentation of changes (With new bandplan pictures):
http://www.arrl.org/files/file/Bandplanning/25%20Appendix%20BP_Committee_recs%20FINAL%20(h).pdf

Thanks for reading and 73's
KE5DKD

Original Submission

takyon writes:

Massive 20GB Intel IP Data Breach Floods the Internet, Mentions Backdoors (archive)

A leaker today posted on Twitter a link to a file sharing service that contains what an anonymous source claims is a portion of Intel's crown jewels: A 20GB folder of confidential Intel intellectual property. The leaker dubbed the release the "Intel exconfidential Lake Platform Release ;)."

[...] The folder has been posted by an anonymous source that claims more is coming soon, and while we don't know the exact specifics of the folder's contents, we have verified that it does exist. In fact, the title of many of the documents do correlate to the list of purported information posted by the leaker:

• Intel ME Bringup guides + (flash) tooling + samples for various platforms
• Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
• Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
• Silicon / FSP source code packages for various platforms
• Various Intel Development and Debugging Tools
• Simics Simulation for Rocket Lake S and potentially other platforms
• Various roadmaps and other documents
• Binaries for Camera drivers Intel made for SpaceX
• Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
• (very horrible) Kabylake FDK training videos
• Intel Trace Hub + decoder files for various Intel ME versions
• Elkhart Lake Silicon Reference and Platform Sample Code
• Some Verilog stuff for various Xeon Platforms, unsure what it is exactly.
• Debug BIOS/TXE builds for various Platforms
• Bootguard SDK (encrypted zip)
• Intel Snowridge / Snowfish Process Simulator ADK
• Various schematics
• Intel Marketing Material Templates (InDesign)
• Lots of other things

[...] The poster encourages downloaders to look for mentions of 'backdoors' in some of the Intel source code, and even provides a sample clip of one such listing, but we aren't sure of the intentions behind the listings in the code.

The source appears to be an employee of Intel or a company partnered with Intel. The roadmaps alone could be a big deal depending on how detailed they are. Some of this information could be relevant to a recent class-action lawsuit over "7nm" delays.

Also at AnandTech, Wccftech, AdoredTV, Ars Technica, and ZDNet.

Original Submission