kenmay

Uber paid off a 20-year-old Florida man to destroy hacked data

More details are coming to light about Uber’s huge data breach . Reuters is reporting that a 20-year-old Florida man was behind the 2016 extortion-oriented cyberattack and was paid through the firm’s bug bounty program. We know that the individual, whose identity Uber refuses to disclose, received $100, 000 for destroying the info, which exposed the personal data of roughly 57 million customers and drivers. The ride-hailing firm then kept quiet about the breach for more than a year. You can bet Congress and the five sates investigating Uber will be paying close attention to any new nuggets of info. Bug bounties (where compensation is offered to hackers who find vulnerabilities) are commonplace within tech circles — everyone from Apple to Samsung utilizes them. And, while highly-publicized rewards of up to $200, 000 are the norm, it’s rare that the largest sum is dispensed to any one person. Making Uber’s $100, 000 silent payout an all-time record for HackerOne, the firm that hosts Uber’s bug bounty program, according to a former exec who spoke to Reuters . The Florida hacker, described in the report as “living with his mom, ” reportedly paid a second individual for help accessing GitHub’s resources to procure credentials for Uber data stored elsewhere. Upon divulging the breach last month, the company fired chief security officer Joe Sullivan and one of his deputies, senior lawyer Craig Clark, for covering up the breach. But Reuters sources claim the coverup went straight to the top of the food chain to former CEO Travis Kalanick . Both Uber and Kalanick refused to comment. Source: Reuters

See the original post:
Uber paid off a 20-year-old Florida man to destroy hacked data

A mysterious Thai singer performing in an oyster costume is the top YouTube video for 2017

With nearly 183 million views since June, this Thai music video is the top globally trending video of 2017, according to YouTube. It’s called “Until we become dust” and it’s performed by a singer in a full silver and white costume whose head is elaborately masked in oyster shells and pearls. The mysteriously-garbed musician is competing in a strange Thai TV singing show called ” The Mask Singer .” Here are the show’s rules : The contestants are broken up into four groups, each group containing 8 masked celebrities. Each episode consists of two pairs of battling contestants, up until the final for each group, where the contestants perform a duet before battling it out. The winner reveals their identity in the last episode of each season… The contestants are prompted to sing a song of their choice and design a unique costume with a team of designers. Each costume covers the entirety of the contestant’s body… The identity of each contestant is kept confidential. When they arrive at the studio, staff members bring them cloaks to conceal their identity. Before filming the show, each contestant has to sign a contract ensuring they keep their identity a secret. During rehearsals, their voices are modified. The staff members who are authorized to know contestants’ identity such as makeup artists, costume designers, the director, and studio staff, have signed contracts to keep it confidential. When editing the footage and audio, they lock the doors to stop anyone from looking through. Later, according to CNBC , the masked celebrity was revealed to be singer Pandavaram Prasarnmitr of the Thai rock band, Cocktail. Here’s one of their music videos where you can see what he looks like without oyster shells on his face: https://youtu.be/UsnIyScLe-s

See more here:
A mysterious Thai singer performing in an oyster costume is the top YouTube video for 2017

Keylogger Found On Nearly 5,500 WordPress Sites

An anonymous reader writes: Nearly 5, 500 WordPress sites are infected with a malicious script that logs keystrokes and sometimes loads an in-browser cryptocurrency miner. The malicious script is being loaded from the “cloudflare.solutions” domain, which is not affiliated with Cloudflare in any way, and logs anything that users type inside form fields as soon as the user switches away from an input field. The script is included on both the sites’ frontends and backends, meaning it can steal both admin account credentials and credit card data from WP sites running e-commerce stores. According to site source code search engine PublicWWW, there are 5, 496 sites running this keylogger. The attacker has been active since April. Read more of this story at Slashdot.

More here:
Keylogger Found On Nearly 5,500 WordPress Sites

Cryptocurrency mining marketplace loses $64 million to hackers

A cryptocurrency marketplace called NiceHash has suffered a security breach that left its bitcoin wallet tens of millions of dollars lighter. Slovenia-based NiceHash connects miners, or people selling their hashing/computer power, with people willing to pay for that power. Andrej P. Škraba, the marketplace’s head of marketing, told Reuters that the company was targeted by “a highly professional attack” that involved “sophisticated social engineering.” He also revealed that the infiltrators got away with 4, 700 bitcoins — or around $64 million. Before Škraba talked to Reuters , NiceHash posted an announcement on Reddit and on its website that it’s pausing all operations for the next 24 hour to investigate the incident. The post said the company’s payment system was compromised, and that it’s working with authorities on top of conducting its own investigation. Unfortunately, Škraba didn’t reveal more details than that, but it’s advising users to change their passwords on NiceHash and other services — a great advice now that bitcoin looks more alluring to hackers than ever. It has soared past $15, 000 in value, just hours after it broke past the $14, 000 mark. Authorities in some countries are cracking down on cryptocurrency, however, in hopes of gaining greater control over the virtual currency. Source: Reuters , Reddit

View the original here:
Cryptocurrency mining marketplace loses $64 million to hackers

John Scalzi’s ‘Old Man’s War’ sci-fi series is headed to Netflix

Award-winning science fiction author John Scalzi famously chose military SF for his Old Man’s War series because it was a marketable sub-genre . Lucky for us that he did, as the eventual six-book series has been a critical and commercial success. According to a report from Deadline , Netflix has just acquired the first novel with intentions to make it into a film. In the Old Man’s War universe, set hundreds of years from now, older people are given a loaded choice. Either age and die on Earth or get healthy young bodies that are conscripted into the military to fight space aliens. Protagonist John Perry makes the obvious choice and becomes a high-octane space marine who ends up being pretty good at leading troops into battle. Of course, all is not as it seems, and Perry begins to piece together what’s really going on. The engaging story will likely make a good movie, provided it’s done right (looking at you, Ender’s Game ). The film is being produced by John Shestak Productions ( Air Force One , Dan in Real Life ) and Madhouse Entertainment . Source: Deadline

See more here:
John Scalzi’s ‘Old Man’s War’ sci-fi series is headed to Netflix

Almost All Bronze Age Artifacts Were Made From Meteorite Iron

dryriver shares a report from Science Alert: According to a new study, it’s possible that all iron-based weapons and tools of the Bronze Age were forged using metal salvaged from meteorites. The finding has given experts a better insight into how these tools were created before humans worked out how to produce iron from its ore. While previous studies had found specific Bronze Age objects to be made from meteoric metal — like one of the daggers buried with King Tutankhamun — this latest research answers the question of just how widespread the practice was. Albert Jambon, from the National Centre for Scientific Research (CNRS) in France, studied museum artifacts from Egypt, Turkey, Syria, and China, analyzing them using an X-Ray Fluorescence Spectrometer to discover they all shared the same off-world origins. “The present results complementing high quality analyses from the literature suggest that most or all irons from the Bronze Age are derived from meteoritic iron, ” writes Jambon in his published paper. “The next step will be to determine where and when terrestrial iron smelting appeared for the first time.” Read more of this story at Slashdot.

More here:
Almost All Bronze Age Artifacts Were Made From Meteorite Iron

NVIDIA’s ‘most powerful GPU’ ever is built for AI

NVIDIA’s newest Titan GPU is now available for purchase, and the company says it’s the “world’s most powerful GPU for the PC” yet. The GPU-maker has launched the Volta-powered Titan V at the annual Neural Information Processing Systems conference. Volta is NVIDIA’s latest microarchitecture designed to double the energy efficiency of its predecessor, and Titan V can apparently deliver 110 teraflops of raw horsepower or around 9 times what the previous Titan is capable of. This powerful new GPU’s target? Scientists and researchers working on AI, deep learning and high performance computing. Since Volta was designed to work on a mixture of computation and calculations and has features created specifically for deep learning, scientists can use the GPU to build their own desktop PCs if they don’t need special servers. NVIDIA CEO Jensen Huang said during the event: “Our vision for Volta was to push the outer limits of high performance computing and AI. We broke new ground with its new processor architecture, instructions, numerical formats, memory architecture and processor links. With TITAN V, we are putting Volta into the hands of researchers and scientists all over the world. I can’t wait to see their breakthrough discoveries.” Those scientists and researchers probably need the backing of their educational institutions and donors to build computers with Titan V, though. The GPU, which is now available from NVIDIA’s website and retailers, will set them back $2, 999. Source: NVIDIA

See the original post:
NVIDIA’s ‘most powerful GPU’ ever is built for AI

Marvel comics arrive in Hoopla’s public library app

Comic books are a brilliant medium, but keeping up with the latest releases can be expensive. If you live in the US, it’s worth checking out Hoopla ; the service is supported by more than 1, 500 public libraries, and offers free digital access to DC, Image and IDW titles. And starting today, another major publisher is joining the platform: Marvel . More than 250 collections and graphic novels will be available, including Black Panther: A Nation Under Our Feet book one — by author, journalist and comic book writer Ta-Nehisi Paul Coates — Civil War and X-Men: The Dark Pheonix Saga . There’s a handy map here that shows all of the Hoopla-supported libraries in the US. As Variety explains , the libraries set their own lending limits, so you might be able to check out five or 10 at a time through the app. You won’t, of course, get every new Marvel release, but it’s a good place to start if you’re unsure which characters or series to follow. Hoopla says there should be plenty of familiar faces from the Marvel Cinematic Universe, including Spider-Man , Daredevil , The Runaways , The Avengers and the Guardians of the Galaxy . As Luke Cage would say: Sweet Christmas… Via: Variety Source: Hoopla (Press Release)

Originally posted here:
Marvel comics arrive in Hoopla’s public library app

Zimbabwe’s Internet Went Down for About Five Hours. The Culprit Was Reportedly a Tractor.

Zimbabweans lost internet access en masse on Tuesday when a tractor reportedly cut through key fiber-optic cables in South Africa and another internet provider experienced simultaneous issues with its primary internet conduits. From a report: The outage began shortly before noon local time and persisted for more than five hours, affecting not only citizens’ day-to-day internet usage but businesses that rely upon web access. And while five internet-free hours might sound unfathomable to those of us accustomed to having the web constantly at our fingertips, large-scale internet outages — from inadvertent lapses caused by ship anchors to government-calculated blackouts designed to showcase political power — do happen, and maybe more frequently than you’d thought. According to local news sources, a tractor in South Africa damaged cables belonging to Liquid Telecom, which has an 81.5 percent market share of Zimbabwe’s international-equipped internet bandwidth as of the second quarter of 2017 and leases capacity to other internet providers. In a bad coincidence, city council employees in Kuwadzana, a suburb of Zimbabwe’s capitol city of Harare, cut an additional TelOne cable around the same time. (According to NewsDay Zimbabwe, it was an accident. The company blamed “faults that occurred on our main links through South Africa and Botswana” in a statement.) Read more of this story at Slashdot.

Read the original:
Zimbabwe’s Internet Went Down for About Five Hours. The Culprit Was Reportedly a Tractor.

Woman makes earring to store her two-factor authentication device

Etsy engineer Samantha Goldstein made a small wooden earring to hold her YubiKey 4 Nano , a tiny USB two-factor authentication device. From Motherboard : She laser cut wood and acrylic for the base, and then used sterling silver for the posts. The key slides into the base portion for safe keeping. Goldstein plans to put up a small batch for sale later this week on her Etsy store . “Between my work badge and my phone (and sometimes my computer) I’m lugging around a lot of accessories all the time,” Goldstein told me in a Twitter direct message. “I wanted a way to carry around a Yubikey but not burden myself with one more thing to carry in my hands.” Working late in the labs on these yubikey earrings! eeee! pic.twitter.com/fDto5kSDwZ — *:･ﾟ✧ Samantha ✧･ﾟ:* (@samantha_gold) December 5, 2017

Excerpt from:
Woman makes earring to store her two-factor authentication device

Tech Today w/ Ken May

Author: kenmay