Baby's First Data Breach: App Exposes Baby Photos, Videos

Data Breach Today

Peekaboo Moments Hasn't Responded to Warning That It's Exposing Personal Content A baby photo and video-sharing app called Peekaboo Moments is exposing sensitive logs through an exposed Elasticsearch database, a researcher has found.

Stealing videos from VLC

Security Affairs

Technical analysis: Let’s assume a scenario where Bob & Alice are sharing a video over the WiFi using vlc-iOS, Eve could perform this attack by crawling the source IP address of Bob which would list the URL’s of the videos shared between Bob & Alice.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Facebook declares war to Deepfake videos

Security Affairs

Monika Bickert, Facebook for global policy management, announced that Facebook will ban deepfake videos and manipulated content. While these videos are still rare on the internet, they present a significant challenge for our industry and society as their use increases.”

Computers and Video Surveillance

Schneier on Security

Maybe they just recorded, and no one looked at the video unless they needed to. In either case, the video was only stored for a few days because storage was expensive. Identification technologies make it easier to automatically figure out who is in the videos.

Senators Press Social Media Firms to Fight 'Deepfake' Videos

Data Breach Today

senators Mark Warner and Marco Rubio are urging social media firms to create policies and standards to combat the spread of "deepfake" videos, which they say pose a potential threat to American democracy Warner and Rubio Want Companies to Develop Standards and Policies to Combat Fakes U.S.

195
195

Video Surveillance by Computer

Schneier on Security

The ACLU's Jay Stanley has just published a fantastic report: " The Dawn of Robot Surveillance " (blog post here ) Basically, it lays out a future of ubiquitous video cameras watched by increasingly sophisticated video analytics software, and discusses the potential harms to society.

Who Else Is in That Video Meeting? Maybe a Hacker

Data Breach Today

Forescout Finds Serious Flaws in DTEN Conferencing Systems Video conferencing and collaboration systems are must-have tools for global companies.

Capturing customer attention with video

OpenText Information Management

Consumers now spend over 3 hours per day on … The post Capturing customer attention with video appeared first on OpenText Blogs. Customers today have a lot of choices and are exposed to over 5,000 brand and advertising impressions a day.

TikTok Flaw Allows Threat Actors to Plant Forged Videos in User Feeds

Threatpost

The popular video-sharing apps’s use of HTTP to download media content instead of a secure protocol could lead to the spread of misinformation on the platform.

Critical flaw affects Cisco Video Surveillance Manager

Security Affairs

Cisco has patched a critical vulnerability in the Cisco Video Surveillance Manager (VSM) could be exploited by an unauthenticated remote attacker to gain root access. The vulnerability impacts Cisco Video Surveillance Manager (VSM) Software releases 7.10, 7.11, and 7.11.1.

Facebook Cracks Down on Deepfake Videos

Threatpost

Despite the difficulties of identifying deepfakes, social media sites are recognizing the need to crack down on the manipulated, misleading videos. Facebook Web Security 2020 election ban deepfake deepfake video disinformation free speech Reddit twitter

Detecting Fake Videos

Schneier on Security

This story nicely illustrates the arms race between technologies to create fake videos and technologies to detect fake videos: These fakes, while convincing if you watch a few seconds on a phone screen, aren't perfect (yet). academicpapers behavioraldetection fraud video

Paper 58

Hackers Deface Popular Videos Published by Vevo

Data Breach Today

Pilfered Access Credentials Could Be to Blame A handful of popular music videos published on YouTube were defaced on Tuesday, with two hackers claiming credit.

Access 141

WhatsApp Remote Code Execution Triggered by Videos

Threatpost

Mobile Security Vulnerabilities Web Security Buffer Overflow CVE-2019-11931 Data Privacy Denial of Service Facebook flaw mp4 remote code execution Security videos WhatsApp WhatsApp flawThe flaw can be trivially exploited.

SeaChange video delivery software solutions provider hit by Sodinokibi ransomware

Security Affairs

The popular SeaChange video platform is the latest victim of the Sodinokibi Ransomware gang, which is threatening to leak the stolen data. SeaChange International, the multinational supplier of video delivery software solutions, was the victim of the Sodinokibi Ransomware gang.

Streaming Video Fans Open to TV Hijacking

Threatpost

Cloud Security Hacks IoT Privacy Vulnerabilities data breach financial information infomir ministra roku streaming video subscriber data tv hijacking vulnerabilitiesCritical bugs impact a widely deployed streaming platform, common in the U.S. and elsewhere.

IoT 93

VLC Media Player Allows Desktop Takeover Via Malicious Video Files

Threatpost

Malware Vulnerabilities desktop takeover malicious video file MKV Open Source tracker Torrent videolan VLC player vulnerabilityVideoLAN has released an updated version of its VLC Player to fix over a dozen bugs.

IT 110

Guardzilla Security Video System Footage exposed online

Security Affairs

A vulnerability in the Guardzilla home video surveillance system could be exploited by users to watch Guardzilla footage of other users. The Guardzilla All-In-One Video Security System is an indoor video surveillance solution.

Linkedin Learning: Producing a Video

Adam Shostack

They even “let” you edit your own videos. Like doing a video course so we could show me drawing on a whiteboard, rather than showing fancy pictures and implying that that’s what you need to create to threat model like the instructor.

IT 83

Secure Together: video conferencing, credential stuffing and eye strain

IT Governance

Maybe you feel less guilty about having a mid-morning video chat with a colleague in lieu of your normal coffee break. The video conferencing platform Zoom has been heavily criticised in recent weeks , amid a series of allegations related to its inadequate cyber security and privacy measures.

Video Interview: Know Your (Digital) Customer

Data Breach Today

IBM's Shaked Vax on Validating Digital Identities with Physical Identities to Protect Accounts In the wake of so many mega-breaches, new account fraud is easier to perpetrate than account takeovers.

[Video] Offsite Document Storage Facilities

Record Nations

The post [Video] Offsite Document Storage Facilities appeared first on Record Nations.

IT 87

Google Takeout Serves Up Video Files to Strangers

Dark Reading

A limited number of user videos were shared with others in a five-day incident from November

72

Liverpool Voyeur Used IM-RAT to Video Women at Home

Threatpost

Government Malware Mobile Security Web Security Court case im-rat imminent monitor liverpool malware remote access tool scott crowley Spying Spyware stalkerware video voyeurThe case highlights the rising issue of stalkerware, which has reached epidemic proportions.

Baby App “Peekaboo” Leaks Photos, Videos and Personal Data

Adam Levin

An unsecured database discovered online has leaked thousands of baby photos and videos. . The leaked data includes photos, videos, and birthdates of babies, as well as 800,000 email addresses, location data as well as detailed device information. . Every Baby’s photos, audios & videos or diaries will be stored in secured space. The post Baby App “Peekaboo” Leaks Photos, Videos and Personal Data appeared first on Adam Levin.

Insecure Real-Time Video Protocols Allow Hollywood-Style Hacking

Dark Reading

Lack of security in the default settings of Internet-enabled video cameras make co-opting video feeds not just a movie-hacker technique, but a reality for millions of cameras

Cartoon Network Hacked Worldwide to Show Brazilian Stripper Videos

Threatpost

Ricardo Milos joined Ben 10, Adventure Time and We Bare Bear videos on its websites over the weekend. Hacks Web Security arabic memes brazilian hackers cartoon network Defacement Hacked ricardo milos stripper videos Websites

IT 87

Video: Don’t be a Security Zombie!

MediaPro

From clicking on phishing emails to leaving personal information unsecured, the video explores the variety of dangers a lack of security awareness can pose. The post Video: Don’t be a Security Zombie!

Threat Modeling in 2018 (video release)

Adam Shostack

Blackhat has released all the 2018 US conference videos. My threat modeling in 2018 video is, of course, amongst them. Slides are linked here. threat modeling

65

Video: Zoom Researcher Details Web Conference Security Risks, 2020 Threats

Threatpost

IoT Malware Mobile Security Videos cloud cloud infrastructure cyberattack flaw malware ransomware vulnerability web conferencing zoomMaya Horowitz with Check Point Research discussed recently-disclosed Zoom vulnerabilities that could have opened up web conferencing meetings to hackers.

Risk 63

Facebook Discloses WhatsApp MP4 Video Vulnerability

Dark Reading

A stack-based buffer overflow bug can be exploited by sending a specially crafted video file to a WhatsApp user

49

VSDC video editing software website hacked again

Security Affairs

VSDC is a popular, free video editing and converting app and its website has over 1.3 “Doctor Web researchers discovered that the official website of a well-known video editing software, VSDC, was compromised.”

New Video Course for State Agencies

The Texas Record

We are pleased to announce a new online video course for state agency records management officers and records liaisons. Click here to access the video on the course page. We will be further developing our online courses to add video and interactive functionality, so stay tuned for more.

Android devices could be hacked by playing a video due to CVE-2019-2107 flaw

Security Affairs

Playing a video on Android devices could be a dangerous operation due to a critical CVE-2019-2107 RCE flaw in Android OS between version 7.0 The PoC code, an HEVC encoded video, could allow an attacker to crash the media player. Watch out!

IoT Bug Grants Access to Home Video Surveillance

Dark Reading

Due to a shared Amazon S3 credential, all users of a certain model of the Guardzilla All-In-One Video Security System can view each other's videos

What’s NewCo? These Videos Will Help

John Battelle's Searchblog

These Videos Will Help appeared first on John Battelle's Search Blog. The NewCo festival model is counter-intuitive, so we made these videos to help explain what the fuss is all about. These Videos Will Help appeared first on John Battelle's Search Blog.

81

Fake Video Could End Viral Justice

WIRED Threat Level

Opinion: Videos provide transformative new avenues for justice, often summoning well-deserved Twitter mobs. Deep fakes could change all that. Security Opinion

RSA Conference Preview: More Video Interviews in 2018

Data Breach Today

Leading the latest edition of the ISMG Security Report: A preview of our extensive coverage of the 2018 RSA Conference, which will include dozens of video interviews with thought leaders

Retro video game website Emuparadise suffered a data breach

Security Affairs

Retro video game website Emuparadise revealed to have suffered a data breach that exposed 1.1 Emuparadise is a website that offers tons of roms, isos and retro video games, users can download and play them with an emulator or play them with the web browser.

Amazon Fixes Ring Video Doorbell Flaw That Leaked Wi-Fi Credentials

Threatpost

Vulnerabilities amazon Amazon Ring Video Doorbell Pro cyberattack IoT Security Smart HomeAttackers could access Wi-Fi credentials due to a problem in initial configuration of the smart doorbell device.