Information Security – Data Breach

IBM’s Breakthrough Distributed Computation for Deep Learning Workloads (Update)

by

IBM’s Breakthrough Distributed Computation for Deep Learning Workloads (Update).
NEWS ANALYSIS: Why deep learning is a literal ‘killer app’ for computers, and how IBM has figured out how to distribute computing for much faster processing of big-data artificial intelligence workloads.
Connecting Servers for AI Jobs Sounds Easy, but Isn’t By merely being able to connect a group of servers together to work in concert on a single problem, IBM Research has uncovered a milestone in making Deep Learning much more practical at scale: to train AI models using millions of photos, drawings or even medical images and by increasing the speed and making significant gains in image recognition accuracy possible as evidenced in IBM’s initial results.
The software will help shorten the time it takes to train AI models from days and weeks to hours.
“We’ve been using GPU (graphics processing units) accelerators to accelerate deep learning ‘training.’ What we do is give these computer models millions of images, but then we have to train them on computers with powerful GPUs (to record and understand what the images entail).
This is hard to do!” IBM Found the ‘Ideal Scaling’ Gupta said IBM Research posted close to ideal scaling with its new distributed deep learning software that achieved record low communication overhead and 95 percent scaling efficiency on the open source Caffe deep learning framework over 256 GPUs in 64 IBM Power systems.
Previous best scaling was demonstrated by Facebook AI Research of 89 percent for a training run on Caffe2, at higher communication overhead.
IBM demonstrated the scaling of the Distributed Deep Learning software by training a ResNet-101 deep learning model on 7.5 milion images from the ImageNet-22K data set, with an image batch size of 5,120.
But progress in accuracy and the practicality of deploying deep learning at scale is gated by technical challenges running massive deep learning based AI models, with training times measured in days and weeks, Gupta said.
IBM’s cluster with its new DDL library finished the run 7 hours, and achieved 33.8 percent accuracy.

For digital trade advocates, all eyes on NAFTA

by

WASHINGTON – Rep. Erik Paulsen, R-Minn., supported the 12-nation Trans-Pacific Partnership (TPP) trade agreement for a number of reasons.
But one of the most important was the precedent TPP set for digital trade among nations.
TPP set rules guaranteeing the free flow of data among participating countries, taking away protectionist policies such as forcing foreign trading partners to store digital data in the country where they want to do business.
TPP also set parameters for cyber security and access to information stored on computer servers.
“This is not a small or niche part of the economy,” Paulsen said.
“Digital trade accounts now for more than half of all U.S. service exports.
The idea behind local data storage and management requirements is to make it so hard for foreign companies to do digital business in your country that they simply stop trying, Cory said.
” Asked about the White House commitment to digital trade, a Trump administration spokeswoman pointed to recently announced objectives in NAFTA renegotiation with Mexico and Canada.
Cory said the White House must make digital trade a high priority among its trade goals.
Microsoft received a favorable appeals court ruling that kept the U.S. Justice Department from gaining access to e-mails Microsoft stored on a server in Ireland.

Murder, Fake News, And Hacking Concerns Cloud Disputed Kenyan Election

by

Murder, Fake News, And Hacking Concerns Cloud Disputed Kenyan Election.
The opposition party blasted the vote as a “charade,” claiming results had been manipulated by a hacker using the credentials of a recently murdered election official.
There were reports on Twitter and Al Jazeera that police had used tear gas and live bullets to disperse protesters.
On Saturday, officials and witnesses told Reuters that police had shot and killed eleven people during protests since the election results were announced Friday night.
The Kenyan National Commission on Human Rights said that at least 24 people, including a 6-year-old child, had been killed.
“What is happening is that people just want to see justice.
Among the operatives working on the campaigns were two executives from Aristotle, an American data firm working for Odinga.
Aristotle told Fast Company that much of its work involved figuring out ways to fight fake news.
“Everything of this sort that happens in Kenya is politically motivated,” John Aristotle Phillips, the company’s founder and CEO, told Kenya’s The Nation after he was deported.
Related: Trump’s Big-Data Gurus Worked On The Kenyan Election, Amid Concerns Over Fake News And Hacking Allegations Cambridge Analytica has not responded to Fast Company‘s request for comment, but a spokesperson for the firm told the BBC that the company was not involved in any negative advertising in Kenya, and that it “has never advocated the exploitation of ethnic divisions in any country.” Some reports had linked another political consultancy, U.K.-based BTP, to the Kenyatta campaign.

Russian hackers accused of spying on hotels

by

Russian hackers accused of spying on hotels.
Hackers linked to Russian military intelligence were behind a cyber-espionage campaign targeting influential figures from the West, according to a report by security researchers.
Phishing emails sent to employees at high-class hotels were designed to allow the hackers to steal passwords and other information belonging to Western government and business travellers.
The campaign was detected by cybersecurity firm FireEye and saw the attackers gain access to the IT systems of numerous hotels across Europe and the Middle East.
Researchers believe the espionage group behind the attacks is linked to the Russian military intelligence agency GRU.
The group is known colloquially as Fancy Bear, or in the more academic language of the report as Advanced Persistent Threat 28 (APT 28).
Moscow denies the group has any affiliation with the GRU.
The espionage campaign saw spear phishing emails sent which installed Fancy Bear’s signature malware GAMEFISH on victims’ systems when they clicked on a link or opened the attachment.
In several incidents the emails were successful in infecting a hotel’s systems, allowing the espionage group to control guest WiFi networks and steal guests’ passwords. ‘We did not observe any guest credentials being stolen.

When Buying Drugs on the Dark Web, Study Shows What People Look For

by

When Buying Drugs on the Dark Web, Study Shows What People Look For.
It’s the first study that examines the network of an encrypted, drug distribution network in order to provide observations on its users.
It’s probably a good idea too.
”The accessibility and ease of purchasing illegal drugs online opens up a global market where buyers and sellers are no longer constrained by locality and buyers have more options and diversity in product selection,” Dana Haynie, a professor of sociology at Ohio State and co-author of the study, said in a press release.
All the information the researchers collected was available to anyone within the market — which can only be accessed anonymously with Tor — including the usernames of buyers and sellers, and even evaluations that can be given by both parties following every transaction.
The study showed that after making an initial purchase, only 30 percent of those who ventured out to buy again sought out a different vendor.
Researchers chalk this up to the reputation scores available within the market.
Like Yelp or TripAdviser, drug purchasers are also looking to choose what has the best reviews, perceiving this to imply trustworthiness.
Researchers not that this semi-monopolized market doesn’t bode well for users if suppliers ever get busted.
Based on this study, if authorities could manage to take down just a few suppliers, the whole market would suffer tremendously: “The ‘power vacuum’ effect seen with other forms of crime, such as gangs, where a crime boss’ removal results in multiple other key players struggling for their position of influence, may even be reduced when high profile vendors disappear because the few remaining vendors would lack the necessary reputation to jockey for new customers.

Beware of hotel Wi-Fi — Russian hackers are stealing information from it

by

Russian hackers are targeting business-level hotels in a form of attack that nabs guest information, including usernames and password.
Hotel guests already have enough anxiety-inducing fodder to make their stays a bit less than desirable.
From the odd stain on the carpet to the questionable bedspread to the toilet that just won’t stop flushing (or won’t flush at all), there are plenty of reasons to think twice about even the nicest of temporary residences.
As per a new report from security firm FireEye, a Russian hacker group called APT28, or Fancy Bear, has been targeting hotel Wi-Fi networks to spy on guests.
“We believe this activity, which dates back to at least July 2017, was intended to target travelers to hotels throughout Europe and the Middle East.” Perhaps most alarming is the discovery that once hackers succeeded in tapping into hotel Wi-Fi, they managed to take guests’ usernames and passwords completely passively.
“It’s definitely a new technique,” Ben Read, the leader of FireEye’s espionage research team told Wired.
This tool allowed them to spread their control throughout the network, finally reaching servers responsible for the corporate and guest Wi-Fi networks.
“These were not super expensive places, but also not the Holiday Inn,” FireEye’s Read said.
“They’re the type of hotel a distinguished visitor would stay in when they’re on corporate travel or diplomatic business.” So what can you do to protect yourself?
FireEye recommends bringing your own wireless hot spot to steer clear of hotel Wi-Fi altogether.

Hackers are now using the exploit behind WannaCry to snoop on hotel Wi-Fi

by

Hackers are now using the exploit behind WannaCry to snoop on hotel Wi-Fi.
A hacking group accused of linked meddling in the run up to the US presidential election is harnessing the Windows exploit which made WannaCry ransomware and Petya so powerful — and using it to perform cyberattacks against hotels in Europe.
Researchers at FireEye have attributed a campaign to remotely steal credentials from guests using Wi-Fi networks at hotels in Europe to APT28 — also known as Fancy Bear — a hacking organisation which many security firms have linked to Russia’s military intelligence. “This is the first time we have seen APT28 incorporate this exploit into their intrusions, and as far as we believe, the variant used was based on the public version,” Cristiana Brafman Kittner, senior analyst at FireEye, told ZDNet.
Once GameFish is installed on the network, it uses EternalBlue to worm its way through the network and find computers responsible for controlling both guest and internal Wi-Fi networks.
Researchers note that in one incident, a victim was compromised after connecting to a hotel network, but that the attackers didn’t immediately take action — they waited 12 hours before remotely accessing the systems.
The group behind DarkHotel also compromises hotel Wi-Fi connections and combines it with spear phishing attacks to compromise specific targets.
However, FireEye says the two campaigns aren’t linked and that DarkHotel — also known as Fallout Team — looks to be the work of a “Korean peninsula-nexus cyber espionage actor” and not APT28. “While the previous targeting of victims through hotel public Wi-Fi by Fallout Team is similar to the latest APT28 campaign, these are two separate actors conducting operations for national security interests in support of their respective state sponsor,” said Kittner.
With the public release of the EternalBlue exploit, it’s unfortunately unsurprising that hacking groups are looking to harness that and other Vault7 leaks for their own gain.

Texas Cities Feel Stunted by Governor

by

AUSTIN, Texas (AP) — As Texas’ big cities boom like few places in the U.S., Republican Gov.
Greg Abbott is trying to rein them in and reassert himself ahead of his 2018 re-election bid, but some of his summer demands are wilting.
For Abbott, who is out to satisfy his restless base of social conservatives, a special 30-day legislative session that began with him demanding 20 new laws could end next week with many failing.
It also deepened a rift between Republican leaders and Texas’ biggest and most economically vibrant cities — Houston, Dallas, San Antonio and Austin — which felt under attack by an agenda heavy on curbing municipal authority.
Similar power struggles between cities and states are increasingly playing out nationwide as GOP governors take aim at liberal urban areas where Democrats wield most influence.
On Saturday, the Republican-controlled House was poised to push one measure closer to Abbott’s desk to the dismay of cities: Requiring local officials to get voter approval for tax hikes above a certain threshold, which mayors say would hamper their ability to keep financial pace with their fast-growing cities. “The irony of all this is that if it is the truly in the business of the Legislature to ensure a strong Texas economy and educate its citizens, they’re cutting of their nose off to spite its face.”
Republicans have also made attempts to put spending caps on cities and limit the ability to annex new land.
Not at the state level run by Republicans, but in our cities that are mostly controlled by Democrat mayors and Democrat city council men and women,” Patrick told Fox Business Network. “If you have a problem with a plastic bag or an Uber car or a fire because there wasn’t enough money to buy a new firetruck, the people who pass those bills need to own up to the fact that it’s hard to be mayor,” Sandlin said.

Leaked email suggests HBO willing to haggle with hackers

by

Leaked email suggests HBO willing to haggle with hackers.
The July 27 email was sent by John Beyler, an HBO executive who thanked the hackers for “making us aware” of previously unknown security vulnerabilities.
It appears to be an effort by the hackers to embarrass HBO, according to The Hollywood Reporter, which obtained a copy of the email.
The Daily Beast posted the full text of the email. “In the spirit of professional cooperation,” the executive asked for a one-week delay and said HBO was willing to make a “good faith” payment of $250,000, calling it a “bug bounty” reward for IT professionals rather than a ransom.
HBO declined to comment.
If it was a bug bounty, it’d be on the up and up.”
Then, last week, hackers using the name “Mr. Smith” posted a fresh cache of stolen HBO files online, and demanded that the network pay a ransom of several million dollars to prevent further such releases.
But paying ransoms to hackers can be dangerous because it shows that being a bad-guy hacker is a good business, said cyber-security expert Oren Falkowitz, CEO of Redwood City, Calif-based Area 1 Security.
Companies would be better off investing in preventing email spear-fishing attempts and other hacking techniques, he said.

Facebook snuck an app past China’s firewall – and nobody noticed

by

Facebook snuck an app past China’s firewall – and nobody noticed.
Facebook and its family of apps been banned in China for years, but it appears the company found a way to get past the country’s Great Firewall.
The New York Times reports Facebook snuck an app called ‘Colorful Balloons’ through – without anybody noticing.
Facebook approved the app’s release back in May, and published it in China via a local company called Youge Internet Technology.
To the outsider, there’s no indication that the app has anything to do with Facebook, other than the fact it looks very similar to Facebook’s Moments app.
The primary difference between Colorful Balloons and Moments is that the former connects users through WeChat, rather than Facebook.
Facebook, for its part, didn’t deny the report.
We don’t know to what extent Facebook was involved, with the app’s development, but it’s clear the company played a substantial role.
It appears Colorful Balloons (I’m still resisting a chuckle) isn’t trying to go viral, but rather help Facebook better understand the market.
But if Colorful Balloons is any indication, it’s not going to stop trying.