The page that you have requested could not be found at this time. We have provided you a list of related content below or you can use our site search to find the information that you are looking for.

Millions of Files Leaked from Oklahoma Department of Securities Database

The UpGuard Data Breach Research team, who previously uncovered data breaches in U.S. voting systems and an Experian partner, recently exposed a massive leak from Oklahoma's Department of Securities. The contents of the files "ran the gamut from personal information to system credentials to internal documentation and communications intended for the Oklahoma Securities Commission," but the sheer bulk of the 3TB of data is made up of Outlook backup archives dating back to at least 1999, while some data goes back to 1986. Among other things, the leak contained the social security numbers of "approximately ten thousand brokers." identifying information on over a hundred thousand brokers, sensitive medical data, credentials for various IT services, and files related to investigations and FBI interviews. While UpGuard's post wasn't particularly critical, Chris Vickery, head of research at UpGuard, told Forbes that the department's response was "irresponsible," as they "didn't check to see what was done with the mass of data downloaded by the researchers." UpGuard also found some glaring security oversights in the leaked data, such as decrypted versions of documents being stored in the same folder as encrypted versions.

Businesses and organizations naturally accumulate stores of data, both because of the value of that data and to comply with retention policies. Creating backups is a good practice to increase resilience in the face of attacks like ransomware. Backups are also necessary for migrations to ensure data can be recovered as businesses adopt newer and more secure technologies. But as this case highlights, the final crucial step is to maintain control over every copy of those data stores. The good news is that, while the contents of the server extended over years, the known period of exposure was quite short. Thanks to the Data Breach Research team's techniques for quickly identifying risks, the exposure was identified only one week after it showed up in Shodan's catalogue of global IP addresses. Shortening the window of exposure reduces the likelihood of other parties accessing the data and enables its owners to take responsive measures before the data is used maliciously.

Posted by alphaatlas January 17, 2019 9:42 AM (CST)

773 Million Records from Massive Data Breach Uploaded to Have I Been Pwned

Troy Hunt is a Microsoft Regional Director and is the owner and creator of Have I Been Owned (HIBP). Today he alerted the security community to a massive 87GB data breach that the hacker community calls "Collection #1." It contains 773 million unique email addresses, 1.1 billion unique combinations of email addresses and passwords, and over 21 million unique passwords. The data dump is from a MEGA collection that a hacker community forum used to upload stolen credentials to as they shared their latest escapades. Since "Collection #1" has so many individual hackers associated with it, verifying all of the data breaches at individual companies is extremely time consuming. Curious consumers can use HIBP to check to see if their email address is part of the collection and they can use Pwned Passwords to see if their password has been compromised.

What's the Risk If My Data Is in There? I referred to the word "combos" earlier on and simply put, this is just a combination of usernames (usually email addresses) and passwords. In this case, it's almost 2.7 billion of them compiled into lists which can be used for credential stuffing: Credential stuffing is the automated injection of breached username/password pairs in order to fraudulently gain access to user accounts. In other words, people take lists like these that contain our email addresses and passwords then they attempt to see where else they work. The success of this approach is predicated on the fact that people reuse the same credentials on multiple services. Perhaps your personal data is on this list because you signed up to a forum many years ago you've long since forgotten about, but because its subsequently been breached and you've been using that same password all over the place, you've got a serious problem.

Posted by cageymaru January 17, 2019 9:31 AM (CST)

Microsoft Puts $500 Million Towards Affordable Seattle Area Housing

Microsoft says they're committing $500 million towards an affordable housing program in the Pudget Sound region around Seattle. More specifically, $225 million will be invested "at below market rate returns, focused on preserving and developing new middle-income housing on King County’s Eastside," $250 million will be invested "at market rate returns," while $25 million will be donated as a philanthropic grant to address homelessness. Microsoft points out that the Seattle region has seen a 21% increase in jobs and a 13% increase in housing since 2011, and feels at least partially responsible for the growing housing problem. The Seattle Times notes that the announcement comes days after Microsoft revealed plans to modernize their Redmond campus, and that the company is sitting on $135 billion in cash reserves and short-term investments, to put things in perspective. Microsoft made a video for the project, which you can check out below:

For Microsoft, the fund is also a call to action. The company wants philanthropies and businesses to step up with aid, Smith said. Smith said he's open to others contributing to Microsoft's fund and has had talks with executives at other companies. But few have the same amount of cash on hand, he said. He noted Boeing has much of its money tied up in aircraft construction. Smith said he's talked with leaders from Amazon, but declined to disclose details. Convincing the private sector to jump on board might be hard. In Silicon Valley, companies such as Cisco and Microsoft’s LinkedIn have donated $52 million toward a similar housing-loan program, but companies like Google and Facebook have instead chosen to build or advocate for housing near their Silicon Valley headquarters.

Posted by alphaatlas January 17, 2019 8:18 AM (CST)

New Magecart Attack Used a Compromised Advertising Agency to Deliver Its Payload

Magecart Group 12 is suspected of compromising an ad agency that delivers advertising to eCommerce websites. By directly injecting payment skimming code into JavaScript libraries provided by French online advertising company, Adverline to its eCommerce customers, it enabled all websites embedded with the script to load the skimming code. Thus the group was able to steal payment information from consumers by infecting a 3rd party website. This allows the Magecart groups to expand their reach and pilfer more data. Once information is entered into a webpage's typing form, the script will copy the information and it is stored until the victim closes the webpage. At that point, the information is sent to a remote server.

In Adverline's case, code was injected into a JavaScript library for retargeting advertising. It's an approach used by e-commerce websites where visitors are tagged so they can be delivered specific ads that could attract them back to the websites. At the time of our research, the websites embedded with Adverline's retargeting script loaded Magecart Group 12's skimming code, which, in turn, skims payment information entered on webpages then sends it to its remote server.

Posted by cageymaru January 16, 2019 5:56 PM (CST)

Here Is the Tom Clancy's The Division 2: Story Trailer

Ubisoft has released the latest story trailer for Tom Clancy's The Division 2. A deadly virus has crippled NYC and the rest of the world. Washington, D.C. is at risk of falling and with it the entire nation. You and your team are the last hope to stop the fall of society. The system requirements have been previously released and the game will be available on March 15, 2019 to PC gamers on UPLAY and the Epic Games store.

Tom Clancy's The Division 2 was built with an "endgame-first" mentality, ensuring players always have access to fresh, unique, and diverse activities long after completing the main campaign. Tom Clancy's The Division 2's endgame will introduce brand new challenges and progression systems, unique twists and surprises, and for the first time, raids. Players will also be able to access a wealth of post-launch content, including a full year of free additional story-driven missions, map expansions, and gameplay modes.

Posted by cageymaru January 16, 2019 3:43 PM (CST)

Palmer Luckey Details His Vision of Reshaping National Security During Interview

During an interview with CNN, former Oculus VR founder Palmer Luckey detailed his vision for national security. After selling his Oculus VR technology to Facebook and leaving the company he founded behind, Palmer Luckey co-founded Anduril Industries in Orange County, California. There his team of visionaries have developed a futuristic military technology system called Lattice. Lattice allows the military, law enforcement, and first responders to detect, see, and share information with real time tracking maps using head up display (HUD) technology similar to what is available to fighter jet pilots. For example, autonomous drones could scan areas to detect forest fires. When a fire is detected, a human monitoring multiple drone sensor feeds would request that fire fighting robots be deployed at the edge of the fire. These autonomous robots could continue fighting the fire even when overwhelmed by the flames. These situations would surely harm a human, but by being able to see every aspect of the emergency using the Lattice system, first responders could be kept out of harm's way. Palmer Luckey says that it has been the dream of the American military to have HUD technology available to foot soldiers on the ground. This increased situational awareness will save lives as drones and sensors will show soldiers the type of threat that is present. Not only will it detect that an intruder is in an area, it will allow the military to make decisions based on how many and how well armed the enemy is so that soldiers can be better prepared for encounters. He even gave an example during the interview where soldiers could see enemy troop movement on the opposite side of a mountain and thus make an informed decision to prepare for battle, call in backup, or withdraw to a safe place. Previously the soldiers would have been ambushed and possibly suffer casualties.

His decision to launch Anduril was prescient. As US military leaders worry other countries are developing more advanced technologies, Pentagon officials now want to work closer with emerging companies and Silicon Valley to adopt new tools, such as artificial intelligence. "I'm much more concerned about other countries like Russia and China building technology that they use to oppress their own people and also expanding their sphere of influence over other countries," said Luckey, adding he doesn't intend to sell Anduril's technology to China or Russia. "We can't afford to say, 'Just let Russia have the best military technology. Let's let China have the best military technology,'" Luckey told Segall. "I'd rather have us moving quickly trying to build the best technology for the United States."

Posted by cageymaru January 16, 2019 3:08 PM (CST)

Intel Changed Its Spirit in 2018

Intel certainly faced some issues these past few years. Their 10nm process has been plagued with delays, their CEO is MIA, their other processes aren't keeping up with demand, and Spectre/Meltdown have created serious security concerns. But WCCFTech points out that the company has reinvented its public face this past year. Instead of being secretive and uncommunicative, Intel is now one of the most active companies on social media. More specifically, WCCF pointed out how Intel officials are giving quick and solid responses to serious questions on Twitter, and Intel laid out a promising roadmap at CES. Whether they follow up on those promises is another story, but this more communicative "neo-Intel" can only be a good thing.

For the first time ever, Intel had conceded that AMD's Ryzen was competition. I had not expected Intel to even acknowledge AMD's Ryzen - as has been their modus operandi for a while now - but IAD actually contained a slide showing an AMD processor beating out Intel's on a singular benchmark (cinebench) while the next slide showed why Intel still offered superior value in tens of other scenarios thanks to its architecture. In the same breath, Intel unveiled its brand new next-generation architecture that would mark the first step of its new vision: Sunny Cove... Raja's innovation comes packaged with a more down to earth approach to interaction with consumers. I have very rarely seen high ranking executives of any public company openly discussing plans and answering queries of the public on any social media - but this is the new norm for Intel and something all other semiconductors (and public companies) can take cues from.

Posted by alphaatlas January 16, 2019 12:45 PM (CST)

Nvidia Confirms Adaptive Sync Only Works on Pascal and Turing GPUs

Nvidia has already stated that support for adaptive sync monitors is limited to Turing and Pascal GPUs, aka the GeForce 10 series and up. But the wording was a little ambiguous, and some hoped that Nvidia would eventually add support for the 900 series. But an Nvidia representative on the GeForce forums confirmed that the company has no plans to support adaptive sync on Maxwell. However, it's not clear if this is due to a hardware limitation or some other factor.

coth: Any word on when VRR will be available on GTX 900 series? ManuelGuzmanNV: Sorry but we do not have plans to add support for Maxwell and below.

Posted by alphaatlas January 16, 2019 12:20 PM (CST)

AMD Surprised Analysts with Powerful Product Launches at CES 2019

Patrick Moorhead has written a comprehensive overview of the upcoming AMD product lineup that was on display at CES 2019. He was surprised that AMD could create such a powerful GPU as the Radeon VII with 7 nm technology. The 29% uplift in gaming performance and 36% boost to productivity applications over a Vega 64 is quite compelling, but of course that is going by AMD supplied numbers. Reviews will ultimately tell the truth. The new 7 nm desktop CPU previewed at the trade show proves AMD is ready to compete directly with Intel as it equaled the Intel part while using 30% less power. Intel should be worried as it was clear that a second 8 core chip could be integrated into the package. The AMD notebook lineup sounds incredible on paper as 12 hours of battery life on an ultrathin laptop featuring AMD graphics is something that Mr. Moorhead is looking forward to. The AMD EPYC "Rome" live demonstration showed why Intel should be concerned about maintaining its data-center dominance as the AMD offering was clearly 15% faster than 2 of the Intel Xeon Platinum 8180 chips combined.

It was a triumphant return to the big stage in Las Vegas for AMD. The company's Radeon VII announcement was totally stealthy -- a masterful stroke that shows that things are about to get really interesting competitively- if AMD can deliver in volume. The 3rd Gen Ryzen desktop processor appears sets a new standard for performance and efficiency, and the 2nd Gen Ryzen mobile processor, if the battery measurements are true in the real world, could be a real gamechanger for notebooks. Rome is a harbinger of good things to come for EPYC and AMD's datacenter efforts. Nice work, AMD.

Posted by cageymaru January 16, 2019 12:08 PM (CST)

SuperData Breaks Down the Global Gaming Market

A recent report from market research firm SuperData, which VentureBeat was kind enough to share, paints an interesting picture of the global gaming market in 2018. Among PC gamers, there's certainly a perception that mobile games, console games and free-to-play titles are eating into or even blowing past the traditional PC market, and dragging some good IPs with them, but the SuperData data attaches hard numbers to those assumptions. The "mobile" gaming market, for example, made $61.6 billion dollars in 2018, which is quite a sum compared to the $7.6 billion the "Premium PC" market made. F2P. P2P, and "social" PC games made $16.7B $4.2B, and $7.5B. respectively, while the entire "premium console" market edged out the PC market at $10.9B.

Meanwhile, interactive media generated $5.2 billion in game viewing content, as viewership crossed 850 million viewers. Twitch had a smaller audience than YouTube (183 million versus 594 million), but it generated more revenue since Twitch draws more dedicated viewers who spend directly to support their favorite creators. Donations and channel subscriptions accounted for 32 percent of video revenue on Twitch compared to only 9 percent on YouTube. Esports generated $1.2 billion in revenue. Augmented reality, mixed reality, and virtual reality revenue rose from $4.4 billion for hardware and software in 2017 to $6.6 billion in 2018.

Posted by alphaatlas January 16, 2019 11:34 AM (CST)

Check Point Finds Fortnite Login Vulnerability

Security experts from Check Point Research claim they found a bug in Fortnite's login system that allowed potential attackers to hijack accounts. Unlike the thousands of Fortnite scams that already exist online, this hack allegedly didn't require entering any login credentials or financial info. According to the researchers' technical writeup, the exploit used existing authentication tokens tied to other accounts and a vulnerability related to old Epic Games domains. Once logged in, the attacker could buy V-Bucks, listen in on chat, and presumably mess with Fortnite accounts in other ways. Fortunately, CPR says that "a fix was responsibly deployed" after informing Epic Games. Check out a video of the exploit below:

The code opens a window and makes an oAuth request to the SSO provider server (in our case, Facebook) with all user cookies and the crafted "state" parameter. Facebook then responds with a redirection to "" which contains the SSO token ("code" parameter) and the crafted "state" parameter that was previously affected by the attacker. As the user has already logged on with his Facebook account, the server "" makes a redirection to the URL that is found within the crafted "state" parameter. In our case, the redirection goes to "" with the XSS payload and the Facebook user oAuth token. Finally, the token is then extracted from the request and sent to the attackers' server (for POC purposes we used "ngrok" server - The attacker now has the users' Facebook token and can make a login to the victims' account.

Posted by alphaatlas January 16, 2019 10:13 AM (CST)

Facebook and Other Corporations Spend Millions on Executive Security

Wired just ran a story claiming that the Silicon Valley giants spend huge amounts of money to protect their CEOs and other executives. Apple, for example, reportedly dropped $310,000 protecting Tim Cook, while Amazon and Oracle spent $1.6 Million protecting Jeff Bezos and Larry Ellison. But Facebook's expenditures seem to dwarf everyone else. The social media company reportedly spent $7.3 Million protecting Mark Zuckerberg in 2017, while the company told investors it anticipated spending "$10 million annually" last summer. And that was before Facebook's bad news train really picked up steam. I can only imagine how much they're paying to protect Zuckerberg now.

"I'd put that $10 million among the top five highest in the country. And from what I've read in the media about Facebook, that seems to be an appropriate level of expense," says Heintze... We don't believe in our clients using regular phones," says Moyer. "We set up anonymous phones; mine are in Faraday bags." His firm also recommends using VPNs to obscure a device's location and using search engines that don't track users.

Posted by alphaatlas January 16, 2019 9:32 AM (CST)