Iranian Hackers Accidentally Exposed Training Videos

Data Breach Today

IBM: Videos Detail Attacks on US Navy and State Department Personnel An Iranian-backed hacking group appears to have accidentally left over 40 GB of training videos and other material exposed online, according to researchers with IBM who found the unprotected server.

194
194

A Site Published Every Face From Parler's Capitol Riot Videos

WIRED Threat Level

Faces of the Riot used open source software to detect, extract, and deduplicate every face from the 827 videos taken from the insurrection on January 6.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Video Conference Firm Targeted for Payment Card Skimming

Data Breach Today

Malwarebytes Says PlayBack Now Customer Sites Compromised While most payment card skimming attacks zero in on ecommerce sites for consumers, a newly discovered attack targeted PlayBack Now, an online video conferencing firm, Malwarebytes reports

171
171

Video-Game Piracy Group ‘Team Xecuter’ Leaders in Custody

Threatpost

The two alleged leaders of Team Xecuter targeted popular consoles like the Nintendo Switch, the Sony PlayStation Classic and Microsoft Xbox.

Video series

Adam Shostack

It will come as no surprise to regular readers of this blog that I prefer the written word to audio and video, but 2020 being 2020, I now have a YouTube Channel , with the first video below: threat modeling

IT 40

Dutch tech reporter gatecrashes EU defence secret video conference

Security Affairs

A Dutch tech reporter gatecrashed a video conference of EU defence ministers after the Dutch minister shared an image on Twitter. The post Dutch tech reporter gatecrashes EU defence secret video conference appeared first on Security Affairs.

Determining What Video Conference Participants Are Typing from Watching Shoulder Movements

Schneier on Security

He says the “text inference framework that uses the keystrokes detected from the video … predict[s] words that were most likely typed by the target user. Uncategorized academic papers side-channel attacks video

Paper 101

Computers and Video Surveillance

Schneier on Security

Maybe they just recorded, and no one looked at the video unless they needed to. In either case, the video was only stored for a few days because storage was expensive. Recent developments in video analytics -- fueled by artificial intelligence techniques like machine learning -- enable computers to watch and understand surveillance videos with human-like discernment. Identification technologies make it easier to automatically figure out who is in the videos.

Stealing videos from VLC

Security Affairs

Technical analysis: Let’s assume a scenario where Bob & Alice are sharing a video over the WiFi using vlc-iOS, Eve could perform this attack by crawling the source IP address of Bob which would list the URL’s of the videos shared between Bob & Alice. Having said that, navigating to those URL’s Eve could simply steal the video without Bob’s knowledge which successfully leads to unauthenticated IDOR.

Video Surveillance by Computer

Schneier on Security

The ACLU's Jay Stanley has just published a fantastic report: " The Dawn of Robot Surveillance " (blog post here ) Basically, it lays out a future of ubiquitous video cameras watched by increasingly sophisticated video analytics software, and discusses the potential harms to society.

Senators Press Social Media Firms to Fight 'Deepfake' Videos

Data Breach Today

senators Mark Warner and Marco Rubio are urging social media firms to create policies and standards to combat the spread of "deepfake" videos, which they say pose a potential threat to American democracy Warner and Rubio Want Companies to Develop Standards and Policies to Combat Fakes U.S.

148
148

German laptop retailer fined €10.4m under GDPR for video-monitoring employees

Security Affairs

fine under GDPR against the online laptop and electronic goods retailer NBB for video-monitoring employees. million fine under the GDPR against an online laptop and electronic goods retailer NBB’s (notebooksbilliger.de) for video-monitoring employees for at least a couple of years.

Facebook declares war to Deepfake videos

Security Affairs

Monika Bickert, Facebook for global policy management, announced that Facebook will ban deepfake videos and manipulated content. Facebook has announced it will ban deepfake videos, which are media that take a person in an existing image or video and replace them with someone else’s likeness using artificial neural networks. While these videos are still rare on the internet, they present a significant challenge for our industry and society as their use increases.”

Japanese video game firm Capcom hit by a cyberattack

Security Affairs

Japanese video game developer and publisher Capcom has disclosed a cyberattack that impacted business operations over the weekend. The post Japanese video game firm Capcom hit by a cyberattack appeared first on Security Affairs.

Detecting Fake Videos

Schneier on Security

This story nicely illustrates the arms race between technologies to create fake videos and technologies to detect fake videos: These fakes, while convincing if you watch a few seconds on a phone screen, aren't perfect (yet). But a few weeks after his team put a draft of their paper online, they got anonymous emails with links to deeply faked YouTube videos whose stars opened and closed their eyes more normally. academicpapers behavioraldetection fraud video

Paper 51

Black Hat Europe: Dark Reading Video News Desk Coverage

Dark Reading

Coming to you from virtual backgrounds and beautifully curated bookcases around the world, Dark Reading brings you video interviews with the leading researchers speaking at this week's Black Hat Europe

69

Face Off: Researchers Battle AI-Generated Deep Fake Videos

Data Breach Today

Convincing Face-Swapping Clips Easy to Create With Gaming Laptops and Free Tools The easy availability of tools for designing face-swapping deep-fake videos drove Symantec security researchers Vijay Thaware and Niranjan Agnihotri to design a tool for spotting deep fakes, which they described in a briefing at the Black Hat Europe 2018 conference in London

7 Considerations for a Smooth Video Conference

IG Guru

The post 7 Considerations for a Smooth Video Conference appeared first on IG GURU. Business IG News information privacy information security Risk News Best Practices BlueJeans COVID-19 FreeConferenceCall GoToMeeting Guidelines Privacy Security Teams Teleconference Video Conference Webinars Zoomby Andrew Ysasi, MS June 24, 2020 Many of us have transitioned to working from home due to COVID-19, and some of us may not return to an office setting for quite some time.

Risk 46

Critical flaw affects Cisco Video Surveillance Manager

Security Affairs

Cisco has patched a critical vulnerability in the Cisco Video Surveillance Manager (VSM) could be exploited by an unauthenticated remote attacker to gain root access. Cisco has fixed a critical vulnerability in the Cisco Video Surveillance Manager software running on some Connected Safety and Security Unified Computing System (UCS) platforms. The vulnerability impacts Cisco Video Surveillance Manager (VSM) Software releases 7.10, 7.11, and 7.11.1.

Android Messenger App Still Leaking Photos, Videos

Threatpost

The GO SMS Pro app has been downloaded 100 million times; now, underground forums are actively sharing images stolen from GO SMS servers.

Capturing customer attention with video

OpenText Information Management

Consumers now spend over 3 hours per day on … The post Capturing customer attention with video appeared first on OpenText Blogs. Customers today have a lot of choices and are exposed to over 5,000 brand and advertising impressions a day. With reduced attention spans and the increasing complexity of paths to purchase, few messages today actually resonate with customers, making it difficult for brands to differentiate themselves.

Hackers Deface Popular Videos Published by Vevo

Data Breach Today

Pilfered Access Credentials Could Be to Blame A handful of popular music videos published on YouTube were defaced on Tuesday, with two hackers claiming credit. But Google, which owns YouTube, says that tampering didn't occur directly on its platform

Access 107

Rapper Scams $1.2M in COVID-19 Relief, Gloats with ‘EDD’ Video

Threatpost

"Nuke Bizzle" faces 22 years in prison after brazenly bragging about an identity-theft campaign in his music video, "EDD.".

Who Else Is in That Video Meeting? Maybe a Hacker

Data Breach Today

Forescout Finds Serious Flaws in DTEN Conferencing Systems Video conferencing and collaboration systems are must-have tools for global companies. But new research by Forescout illustrates that elementary security errors in one vendor's system could have allowed attackers to snoop on meetings and view sensitive documents

FlexClip Review: Online Video Maker

Cllax

Creating great video is not an uncommon concern these days. The post FlexClip Review: Online Video Maker first appeared on Cllax - Top of IT. Where even the baker from the neighborhood is active on Instagram. FlexClip from PearlMountain promises exactly that. They should be.

IT 32

IoT Unravelled Part 5: Practical Use Case Videos

Troy Hunt

Now in part 5, let's look at how it all works together, and I've done 11 short videos showing different parts of my house and how the IoT bits work there. All these videos are unedited, candid versions of precisely how my house works, enjoy ??

IoT 96

Facebook Cracks Down on Deepfake Videos

Threatpost

Despite the difficulties of identifying deepfakes, social media sites are recognizing the need to crack down on the manipulated, misleading videos. Facebook Web Security 2020 election ban deepfake deepfake video disinformation free speech Reddit twitter

Cartoon Network Hacked Worldwide to Show Brazilian Stripper Videos

Threatpost

Ricardo Milos joined Ben 10, Adventure Time and We Bare Bear videos on its websites over the weekend. Hacks Web Security arabic memes brazilian hackers cartoon network Defacement Hacked ricardo milos stripper videos Websites

IT 87

WhatsApp Remote Code Execution Triggered by Videos

Threatpost

Mobile Security Vulnerabilities Web Security Buffer Overflow CVE-2019-11931 Data Privacy Denial of Service Facebook flaw mp4 remote code execution Security videos WhatsApp WhatsApp flawThe flaw can be trivially exploited.

Guardzilla Security Video System Footage exposed online

Security Affairs

A vulnerability in the Guardzilla home video surveillance system could be exploited by users to watch Guardzilla footage of other users. The Guardzilla All-In-One Video Security System is an indoor video surveillance solution. “During the 0DAYALLDAY Research Event a vulnerability was discovered ( CVE-2018-5560 ) in the Guardzilla Security Video System Model #: GZ521W.

Hundreds of female sports stars and celebrities have their naked photos and videos leaked online

Security Affairs

Hackers have stolen naked photos and videos from hundreds of female sports stars and celebrities and leaked them online. Threat actors have stolen naked photos and videos from hundreds of female sports stars and celebrities and leaked them online.

Baby App “Peekaboo” Leaks Photos, Videos and Personal Data

Adam Levin

An unsecured database discovered online has leaked thousands of baby photos and videos. . The leaked data includes photos, videos, and birthdates of babies, as well as 800,000 email addresses, location data as well as detailed device information. . Every Baby’s photos, audios & videos or diaries will be stored in secured space. The post Baby App “Peekaboo” Leaks Photos, Videos and Personal Data appeared first on Adam Levin.

VLC Media Player Allows Desktop Takeover Via Malicious Video Files

Threatpost

Malware Vulnerabilities desktop takeover malicious video file MKV Open Source tracker Torrent videolan VLC player vulnerabilityVideoLAN has released an updated version of its VLC Player to fix over a dozen bugs.

IT 85

Streaming Video Fans Open to TV Hijacking

Threatpost

Cloud Security Hacks IoT Privacy Vulnerabilities data breach financial information infomir ministra roku streaming video subscriber data tv hijacking vulnerabilitiesCritical bugs impact a widely deployed streaming platform, common in the U.S. and elsewhere.

IoT 68

Linkedin Learning: Producing a Video

Adam Shostack

They even “let” you edit your own videos. Like doing a video course so we could show me drawing on a whiteboard, rather than showing fancy pictures and implying that that’s what you need to create to threat model like the instructor. My producer Rae worked with me, and taught me how to write for video. My Linkedin Learning course is getting really strong positive feedback. Today, I want to peel back the cover a bit, and talk about how it came to be.

IT 63

Google Takeout Serves Up Video Files to Strangers

Dark Reading

A limited number of user videos were shared with others in a five-day incident from November

68

[Video] Offsite Document Storage Facilities

Record Nations

Video Transcription Offsite Storage: Starting Off the Process More businesses are shifting towards paperless management, but between retention laws and the reality that there are some files businesses need to keep but rarely reference, it’s often cheaper to keep these records as hard-copies instead of spending the money to scan them instead. The post [Video] Offsite Document Storage Facilities appeared first on Record Nations.

IT 67

Indian video on demand giant ZEE5 has been hacked

Security Affairs

The Indian video on demand giant ZEE5 has been hacked, attackers are threatening to sell the database on the cybercrime underground markets. A hacker that goes online with the moniker “John Wick” and “Korean Hackers” claim to have hacked the Indian video on demand giant ZEE5 and now is threatening to sell the database on cybercrime marketplaces. ZEE5 is an Indian video on demand service run by Essel Group via its subsidiary Zee Entertainment Enterprises.

TikTok Flaw Allows Threat Actors to Plant Forged Videos in User Feeds

Threatpost

The popular video-sharing apps’s use of HTTP to download media content instead of a secure protocol could lead to the spread of misinformation on the platform. Hacks Mobile Security Vulnerabilities Android apple compromise coronavirus COVID-19 deep fakes google HTTP ios misinformation MitM Routers Security social media threat actors tiktok videos WiFi

Video Interview: Know Your (Digital) Customer

Data Breach Today

IBM's Shaked Vax on Validating Digital Identities with Physical Identities to Protect Accounts In the wake of so many mega-breaches, new account fraud is easier to perpetrate than account takeovers. This puts new pressure on enterprises to know their digital customers, as well as to authenticate their identities and activities, says Shaked Vax of IBM Security