Iranian Hackers Accidentally Exposed Training Videos

Data Breach Today

IBM: Videos Detail Attacks on US Navy and State Department Personnel An Iranian-backed hacking group appears to have accidentally left over 40 GB of training videos and other material exposed online, according to researchers with IBM who found the unprotected server.

180
180

The Woman Bulldozing Video Games’ Toughest DRM

WIRED Threat Level

Security Security / Security News Culture / Video GamesFor Empress, cracking titles like Red Dead Redemption 2 and Immortals Fenyx Rising is more than a pastime. It's a mission.

IT 89
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

How Deepfakes Can Defeat Video ID Verification Tests

Data Breach Today

Ilya Volovik of Gemini Advisory Describes Research Findings Banking institutions, cryptocurrency exchanges and other companies have begun implementing video-based identity verification.

Video-Game Piracy Group ‘Team Xecuter’ Leaders in Custody

Threatpost

The two alleged leaders of Team Xecuter targeted popular consoles like the Nintendo Switch, the Sony PlayStation Classic and Microsoft Xbox.

Stealing videos from VLC

Security Affairs

Technical analysis: Let’s assume a scenario where Bob & Alice are sharing a video over the WiFi using vlc-iOS, Eve could perform this attack by crawling the source IP address of Bob which would list the URL’s of the videos shared between Bob & Alice.

Baby's First Data Breach: App Exposes Baby Photos, Videos

Data Breach Today

Peekaboo Moments Hasn't Responded to Warning That It's Exposing Personal Content A baby photo and video-sharing app called Peekaboo Moments is exposing sensitive logs through an exposed Elasticsearch database, a researcher has found.

7 Tips for Video Interviews

Adapture

7 Tips for Video Interviews. 2020 certainly taught us how to live life behind the lens of a video conferencing camera. Today we’ve got a few video-specific tips to keep in mind so you can nail your next interview. Eve contact is tricky on video, but it’s possible.

IT 52

Fast threat modeling videos

Adam Shostack

I’m exploring the concept of very fast threat modeling videos, and have posted the first one. Feedback welcome! Threat Model Thursdays threat modeling

40

Dutch tech reporter gatecrashes EU defence secret video conference

Security Affairs

A Dutch tech reporter gatecrashed a video conference of EU defence ministers after the Dutch minister shared an image on Twitter. The post Dutch tech reporter gatecrashes EU defence secret video conference appeared first on Security Affairs.

Facebook declares war to Deepfake videos

Security Affairs

Monika Bickert, Facebook for global policy management, announced that Facebook will ban deepfake videos and manipulated content. While these videos are still rare on the internet, they present a significant challenge for our industry and society as their use increases.”

SHARED INTEL: ‘Credential stuffers’ leverage enduring flaws to prey on video game industry

The Last Watchdog

The video game industry saw massive growth in 2020; nothing like a global pandemic to drive people to spend more time than ever gaming. The video game industry withstood nearly 11 billion credential stuffing attacks in 2020, a 224 percent spike over 2019. LW: Is what Akamai tracked in 2020, with respect to video game industry attacks, a sign of more credential stuffing refinements and advancements yet to come?

Video series

Adam Shostack

It will come as no surprise to regular readers of this blog that I prefer the written word to audio and video, but 2020 being 2020, I now have a YouTube Channel , with the first video below: threat modeling

IT 40

A Site Published Every Face From Parler's Capitol Riot Videos

WIRED Threat Level

Faces of the Riot used open source software to detect, extract, and deduplicate every face from the 827 videos taken from the insurrection on January 6.

Computers and Video Surveillance

Schneier on Security

Maybe they just recorded, and no one looked at the video unless they needed to. In either case, the video was only stored for a few days because storage was expensive. Recent developments in video analytics -- fueled by artificial intelligence techniques like machine learning -- enable computers to watch and understand surveillance videos with human-like discernment. Identification technologies make it easier to automatically figure out who is in the videos.

Nintendo Sues Video-Game Pirates

Threatpost

Nintendo is questing after its third successful lawsuit against circumvention-device sellers, this time against Team Xecuter. Government Web Security

IT 94

Video Surveillance by Computer

Schneier on Security

The ACLU's Jay Stanley has just published a fantastic report: " The Dawn of Robot Surveillance " (blog post here ) Basically, it lays out a future of ubiquitous video cameras watched by increasingly sophisticated video analytics software, and discusses the potential harms to society.

Anker fixed an issue that caused access to Eufy video camera feeds to random users

Security Affairs

A misconfiguration issue in the software used by the Eufy video camera exposed private information and video streams of customers. Some users reported that once signed into their accounts, they were able to access the live feeds of other users’ Eufy security cameras and recorded video.

Determining What Video Conference Participants Are Typing from Watching Shoulder Movements

Schneier on Security

He says the “text inference framework that uses the keystrokes detected from the video … predict[s] words that were most likely typed by the target user. Uncategorized academic papers side-channel attacks video

Paper 110

Detecting Fake Videos

Schneier on Security

This story nicely illustrates the arms race between technologies to create fake videos and technologies to detect fake videos: These fakes, while convincing if you watch a few seconds on a phone screen, aren't perfect (yet). But a few weeks after his team put a draft of their paper online, they got anonymous emails with links to deeply faked YouTube videos whose stars opened and closed their eyes more normally. academicpapers behavioraldetection fraud video

Paper 60

7 Considerations for a Smooth Video Conference

IG Guru

The post 7 Considerations for a Smooth Video Conference appeared first on IG GURU. by Andrew Ysasi, MS June 24, 2020 Many of us have transitioned to working from home due to COVID-19, and some of us may not return to an office setting for quite some time.

Risk 60

Capturing customer attention with video

OpenText Information Management

Consumers now spend over 3 hours per day on … The post Capturing customer attention with video appeared first on OpenText Blogs. Customers today have a lot of choices and are exposed to over 5,000 brand and advertising impressions a day.

Who Else Is in That Video Meeting? Maybe a Hacker

Data Breach Today

Forescout Finds Serious Flaws in DTEN Conferencing Systems Video conferencing and collaboration systems are must-have tools for global companies.

Facebook Cracks Down on Deepfake Videos

Threatpost

Despite the difficulties of identifying deepfakes, social media sites are recognizing the need to crack down on the manipulated, misleading videos. Facebook Web Security 2020 election ban deepfake deepfake video disinformation free speech Reddit twitter

Critical flaw affects Cisco Video Surveillance Manager

Security Affairs

Cisco has patched a critical vulnerability in the Cisco Video Surveillance Manager (VSM) could be exploited by an unauthenticated remote attacker to gain root access. Cisco has fixed a critical vulnerability in the Cisco Video Surveillance Manager software running on some Connected Safety and Security Unified Computing System (UCS) platforms. The vulnerability impacts Cisco Video Surveillance Manager (VSM) Software releases 7.10, 7.11, and 7.11.1.

Senators Press Social Media Firms to Fight 'Deepfake' Videos

Data Breach Today

senators Mark Warner and Marco Rubio are urging social media firms to create policies and standards to combat the spread of "deepfake" videos, which they say pose a potential threat to American democracy Warner and Rubio Want Companies to Develop Standards and Policies to Combat Fakes U.S.

134
134

Japanese video game firm Capcom hit by a cyberattack

Security Affairs

Japanese video game developer and publisher Capcom has disclosed a cyberattack that impacted business operations over the weekend. The post Japanese video game firm Capcom hit by a cyberattack appeared first on Security Affairs.

Black Hat Europe: Dark Reading Video News Desk Coverage

Dark Reading

Coming to you from virtual backgrounds and beautifully curated bookcases around the world, Dark Reading brings you video interviews with the leading researchers speaking at this week's Black Hat Europe

85

IoT Unravelled Part 5: Practical Use Case Videos

Troy Hunt

Now in part 5, let's look at how it all works together, and I've done 11 short videos showing different parts of my house and how the IoT bits work there. All these videos are unedited, candid versions of precisely how my house works, enjoy ??

IoT 97

Face Off: Researchers Battle AI-Generated Deep Fake Videos

Data Breach Today

Convincing Face-Swapping Clips Easy to Create With Gaming Laptops and Free Tools The easy availability of tools for designing face-swapping deep-fake videos drove Symantec security researchers Vijay Thaware and Niranjan Agnihotri to design a tool for spotting deep fakes, which they described in a briefing at the Black Hat Europe 2018 conference in London

Streaming Video Fans Open to TV Hijacking

Threatpost

Cloud Security Hacks IoT Privacy Vulnerabilities data breach financial information infomir ministra roku streaming video subscriber data tv hijacking vulnerabilitiesCritical bugs impact a widely deployed streaming platform, common in the U.S. and elsewhere.

IoT 87

Android Messenger App Still Leaking Photos, Videos

Threatpost

The GO SMS Pro app has been downloaded 100 million times; now, underground forums are actively sharing images stolen from GO SMS servers.

Hackers Deface Popular Videos Published by Vevo

Data Breach Today

Pilfered Access Credentials Could Be to Blame A handful of popular music videos published on YouTube were defaced on Tuesday, with two hackers claiming credit. But Google, which owns YouTube, says that tampering didn't occur directly on its platform

Access 109

Indian video on demand giant ZEE5 has been hacked

Security Affairs

The Indian video on demand giant ZEE5 has been hacked, attackers are threatening to sell the database on the cybercrime underground markets. ZEE5 is an Indian video on demand service run by Essel Group via its subsidiary Zee Entertainment Enterprises.

TikTok Flaw Allows Threat Actors to Plant Forged Videos in User Feeds

Threatpost

The popular video-sharing apps’s use of HTTP to download media content instead of a secure protocol could lead to the spread of misinformation on the platform.

Liverpool Voyeur Used IM-RAT to Video Women at Home

Threatpost

Government Malware Mobile Security Web Security Court case im-rat imminent monitor liverpool malware remote access tool scott crowley Spying Spyware stalkerware video voyeurThe case highlights the rising issue of stalkerware, which has reached epidemic proportions.

SeaChange video delivery software solutions provider hit by Sodinokibi ransomware

Security Affairs

The popular SeaChange video platform is the latest victim of the Sodinokibi Ransomware gang, which is threatening to leak the stolen data. SeaChange International, the multinational supplier of video delivery software solutions, was the victim of the Sodinokibi Ransomware gang.

WhatsApp Remote Code Execution Triggered by Videos

Threatpost

Mobile Security Vulnerabilities Web Security Buffer Overflow CVE-2019-11931 Data Privacy Denial of Service Facebook flaw mp4 remote code execution Security videos WhatsApp WhatsApp flawThe flaw can be trivially exploited.

German laptop retailer fined €10.4m under GDPR for video-monitoring employees

Security Affairs

fine under GDPR against the online laptop and electronic goods retailer NBB for video-monitoring employees. million fine under the GDPR against an online laptop and electronic goods retailer NBB’s (notebooksbilliger.de) for video-monitoring employees for at least a couple of years.

Retail 103

Rapper Scams $1.2M in COVID-19 Relief, Gloats with ‘EDD’ Video

Threatpost

"Nuke Bizzle" faces 22 years in prison after brazenly bragging about an identity-theft campaign in his music video, "EDD.".

Guardzilla Security Video System Footage exposed online

Security Affairs

A vulnerability in the Guardzilla home video surveillance system could be exploited by users to watch Guardzilla footage of other users. The Guardzilla All-In-One Video Security System is an indoor video surveillance solution. “During the 0DAYALLDAY Research Event a vulnerability was discovered ( CVE-2018-5560 ) in the Guardzilla Security Video System Model #: GZ521W.