A PwC report last year predicted that nearly 23.5 million jobs worldwide would be using AR and VR by 2030 for training, work meetings or to provide better customer service.
Companies like Spacial, which creates something like a virtual reality version of Zoom, has seen a 1,000% increase in usage since March, according to head of business Jacob Loewenstein.
But with the expansion of VR and AR could come a host of new opportunities for abuse according to legal experts: privacy and data concerns chief among them but tort and even harassment cases possible.
“With VR/AR technology we’re collecting information that to date has not generally been collected, certainly not in any broad scale,” said David Hoppe, author of “Esports in Court, Crimes in VR, and the 51% Attack.”
For example, doctors can use AR body mapping to see medical stats directly on a patient, use VR in training and education or even a surgery run-through with a virtual version of the patient’s body.
Using searches of genealogical databases to find his family tree DNA, investigators finally tracked down Manteuffel, obtained a sample of his DNA and arrested him last year at his home.
Sacramento County prosecutors never identified a suspect at the time but investigators tucked away rape kit samples from the Sacramento and Davis attacks in hopes that the budding science of DNA analysis would one day lead to a match.
Mark Jeffrey Manteuffel, 60, of Decatur, Georgia, entered pleas to three counts of forcible rape and one count of sodomy for attacks on a Rosemont woman in 1992 and a woman in east Sacramento in 1994.
SACRAMENTO, Calif. (AP) - Twenty years after prosecutors filed charges against a then-unknown serial rapist based on DNA samples, a former federal prison guard pleaded guilty Thursday to the California crimes.
“This is a case that shows the power of DNA - a ‘John Doe’ warrant that set the standard for holding people accountable,” Sacramento County District Attorney Anne Marie Schubert said after the hearing.
“What seems to be possible only in police thrillers and movies has happened before our own eyes,” said Andy Kraag, head of the National Criminal Investigations Department in the Netherlands.
What the criminals using EncroChat didn’t know was that French authorities had hacked their way into the network and installed a tool allowing them to read users’ communications for months.
The UK’s National Crime Agency (NCA) writes that EncroChat’s instant messaging service was used by 60,000 people worldwide for coordinating the distribution of illicit goods, money laundering, and plotting to kill rivals.
The company provided specially altered phones that let buyers use an encrypted network for exchanging incriminating messages without the risk of being seen by authorities.
But French authorities say 90 percent of the company's customers in the country were “engaged in criminal activity.”
The Met's cycle unit previously seized this scooter that was being ridden illegally in London (Met Cycle Police / Twitter) Amid an expected rush by tech transport firms to capitalise on the new market, likely to see devices "shared" via booking apps, insurance fees are expected to be rolled into rental costs and customers likely charged a fee to unlock and then billed per minute.
Hire companies must provide insurance cover under government rules for the trials, which will be managed by Transport for London and councils, but advisors are concerned about heightened risk from riders who have drunk alcohol or taken drugs.
Hired electric scooters limited to 15.5mph will be legal on the capital’s roads and cycle lanes in a year-long trial starting on Saturday, but not on pavements, as a new socially-distanced way of getting around.
E-scooter riders taking part in London’s rental trials risk having special insurance policies voided if they hit someone after a few drinks, experts have warned today.
Despite being banned on roads, e-scooters have become more of a common sight mixing with bicycles and vehicles in the capital (Getty Images) Mr Gerger added that a risk “evidence gap” remained for insurers, such as the effect of a scooter hitting a pothole and whether the height and weight of a rider is a variable in the danger posed to pedestrians and cyclists.
While security practitioners can and should play an active role in web application security, only developers are familiar enough with the code to fix software vulnerabilities.
For this reason, security teams can most effectively prevent software vulnerabilities from entering production by equipping their development teams with the tools to fix security issues as they’re building applications.
Security managers would be wise to implement processes that don’t interfere with development deadlines.
Application security solutions that slow developers down are unlikely to get much use, considering the pressure on development teams to deliver applications faster.
Traditional software security solutions that produce a long, dizzying list of vulnerabilities after an application’s completion require a tedious remediation process for developers.
Israeli officials have suggested Russia sought Burkov's release by offering an exchange for Naama Issachar, a 26-year-old Israeli woman who received a seven-year prison sentence in Moscow on marijuana charges.
The website — which ran from 2009 until 2015, when Burkov was arrested — even had an arbitration feature to mediate disputes between members who conducted transactions on the site.
Prosecutors say Aleksei Burkov of St. Petersburg, Russia, filled a unique niche in the world of cybercrime, describing his Direct Connection website as "the most exclusive criminal forum on the web."
A Russian computer hacker who facilitated $20 million in credit card fraud and ran a sophisticated clearinghouse for international cybercriminals was sentenced Friday to nine years in prison.
Israeli officials have suggested Russia sought Burkov's release by offering an exchange for Naama Issachar, a 26-year-old Israeli woman who received a seven-year prison sentence in Moscow on marijuana charges.
Infraud facilitated the large-scale acquisition, sale, and distribution of stolen identity information and payment cards, personally identifiable data, financial and banking info, computer malware, and various other contraband.
"During the course of its seven-year history, the Infraud Organization inflicted approximately $2.2 billion in intended losses, and more than $568 million in actual losses, on a wide swath of financial institutions, merchants, and private individuals, and would have continued to do so for the foreseeable future if left unchecked," a DoJ release says.
In February 2018, US authorities indicted 36 individuals for alleged roles in the transnational Infraud cybercrime group, out of 10,901 registered members in March 2017, and apprehended 13 defendants from the United States and six countries: Australia, the United Kingdom, France, Italy, Kosovo and Serbia.
Russian national Sergey Medvedev, one of the co-founders of Internet-based cybercriminal enterprise Infraud Organization and an admin on the organization's carding portal, today pleaded guilty to RICO conspiracy.
The Infraud organization also "directed traffic and potential purchasers to the automated vending sites of its members, which served as online conduits to traffic in stolen means of identification, stolen financial and banking information, malware, and other illicit goods."
A malicious actor could abuse this API to introduce entries into, or make fraudulent changes to existing entries in the CCIS, CCTNS and ZIPNET database systems,” Saini said.
This meant that the entire digital infrastructure of the Delhi police was at risk for more than half a year — in which time if a malicious actor had discovered the flaw, they could do something like inserting your name and photos into the CCTNS criminals database, Saini explained.
In October, Bengaluru based security researcher Karan Saini informed the police, CERT-In (the nodal agency for reporting computer security incidents), and the NCIIPC RVDP (the rapid vulnerability disclosure program for the nodal agency for security in critical infrastructure), which acknowledged the issue, but then did not close the issue for many months.
With this unsecured API, a malicious actor could have checked FIR details, added details to the criminal tracking database CCTNS, or send emails and SMS from the Delhi Police.
In March 2019, Saini, along with Pranesh Prakash and Elonnai Hickok of the Centre for Internet and Society (CIS) also published a paper on the challenges with disclosing security vulnerabilities to the government, where he and his colleagues at CIS mention, “There is a noticeable shortcoming in the availability of information with regard to current vulnerability disclosure programmes and process of Indian Government entities, which is only exacerbated further by a lack of transparency.”
Burkov was also the owner and operator of the Direct Connection cybercrime forum, an invite-only club for elite cybercriminals who used it to advertise stolen goods, such as stolen personally identifiable information (PII) and malicious software, and criminal services, such as hacking services and money laundering.
Burkov also advertised his Cardplanet site on other underground carding forums as the only such service that would refund the money paid for invalid card data through Liberty Reserve, WebMoney, Western Union, or MoneyGram.
Burkov (also known as Aleksey Yurevich Burkov) pleaded guilty to identity theft, computer intrusions, wire fraud, money laundering, and conspiracy to commit access device fraud in January 2020, facing a maximum of 15 years of prison time.
A 30-year old Russian national named Aleksey Yurievich Burkov was sentenced today to nine years in prison for running Cardplanet and Direct Connection, two sites that facilitated payment card fraud, computer hacking, and other cybercrimes.
For instance, a New York City man is facing 25 years in prison after being charged last month with hacking, credit card trafficking, and money laundering for allegedly stealing payment card data using SQL injection attacks.
“To obtain membership in Burkov’s cybercrime forum, prospective members needed three existing members to ‘vouch’ for their good reputation among cybercriminals and to provide a sum of money, normally $5,000, as insurance,” the DoJ said in a media announcement on Friday.
The DoJ added that Burkov also ran an elite invite-only club, where other criminals could pay $5,000 to gain access to an exclusive site where they could sell personal identifying information (PII), hawk malware, and offer helpful illegal services such as money laundering and hacking.
Aleksei Burkov, a Russian national, was the operator of a website called “Cardplanet” that sold hundreds of thousands of debit- and credit-card numbers that had been hacked – mostly from U.S. citizens.
A cybercriminal responsible for running a “carding” website on the Dark Web is going to federal prison for nine years for selling stolen consumer payment information.
The DoJ also announced, Thursday, that a 22-year-old man had been sentenced to more than a year in prison for developing Mirai botnet variants that compromised hundreds of thousands of devices worldwide.
In addition to iOS home screen widgets, Apple is rolling out an App Library (which lists all one’s apps) and App Clips (a stripped-down version of an app that you can use without having to actually download it from the App Store).
It’s also going to change how developers approach the platform, because now, in addition to thinking about their “core” apps, they’ll also need to consider how a widget may operate on the home screen.
For the past 13 iOS iterations, Apple kept the home screen as a locked-down grid of app icons and folders.
Before we all shut down for the weekend, let’s look at just a few of the big stories of the week, including some of Apple’s more colorful tweaks to iOS, Facebook’s big virtual-reality decision, and Amazon’s new crime-fighting unit.
Facebook is also changing how VR developers can distribute apps via the Oculus platform, although the details are unclear at this time.
There were few objections in Congress to a program of economic sanctions designed to hold the Assad regime accountable for systematic war crimes for which there is overwhelming and grisly evidence.
As James Jeffrey and Joel Rayburn — America’s top diplomats working on Syria — noted in a recent briefing, the Caesar Act has the potential to do so by gradually sapping the regime of the resources it needs to mount the military operations against civilians.
Previous U.S. sanctions against Syria mainly prohibited American individuals and companies from doing business with the Assad regime and others blacklisted by the Treasury Department.
Yet there is also a contingent of good faith critics who acknowledge the gravity of the crimes for which Assad is responsible, but assess that sanctions cause unintended harm to civilians that outweighs their impact on the Syrian regime.
The essential difference, at least in principle, is that aid directly addresses the need of civilians, while sanctions seek to deprive the regime of revenue it can direct to military offensives, offshore bank accounts, or other undesirable uses.
Posh government buildings gleaming in the midst of the world’s poorest countries are part of what I call China’s “palace diplomacy,” the decades-long cultivation of senior African leaders that has been hugely successful.
This unpleasant reality should spark a rethink of the U.S. approach towards Africa if it wishes to better compete with an aggressive Chinese government that sees African countries as critical sources of support.
Last year, many African countries supported the Chinese candidate to head the U.N. Food and Agriculture Organization in a vote he easily won over the U.S. supported aspirant, and cast 30 of the 79 “yes” votes to pass a controversial Russia and China-backed U.N. cyber crime resolution opposed by the United States and many European countries.
A number of African governments resisted public calls to evacuate their nationals from China at the height of its COVID-19 outbreak, giving the Chinese Communist Party much-needed support for its campaign to convince the world that it was effectively battling the pandemic.
As Washington battles Beijing’s increasingly aggressive international agenda, the large, dependable bloc of African support that China enjoys will remain a competitive advantage for the Chinese Communist Party.
The internet is not "lawless" and there's no indication of increased criminal activity, nor any evidence that law enforcement cannot solve crimes because of encryption or the internet.
On top of that, we've discussed how law enforcement and the FBI have access to so much other information thanks to social media, and various open source intelligence tools, that the idea that they need to attack encryption is just ridiculous.
This whole thing is so incredibly dangerous, and it's not even clear that encryption is a real problem for law enforcement.
That's now the rumor making the rounds, and I even received a press release from an anti-porn activist group supporting this bill because they think it will help clarify that EARN IT won't end encryption (none of that makes sense to me either, but...) The announcement of the bill includes all the usual "think of the children" nonsense, claiming that we can't have encryption because some bad people might use it for bad stuff.
This bill should be trashed and these three Senators (and the Attorney General) deserve mockery for a technically ignorant, totally clueless and dangerous bill that would harm Americans and destroy both privacy and security, because some law enforcement agencies are too lazy to do their jobs.
The ACLU of Michigan's complaint calls on the Detroit Police Department to halt its use of facial recognition.
The National Institute of Standards and Technology, a federal agency within the Commerce Department, released an expansive study in December finding that the majority of facial recognition systems have “demographic differentials” that can worsen their accuracy based on a person’s age, gender or race.
This case may be the first national example of facial recognition leading to a wrongful arrest, and highlights biases advocates have pointed to in the technology.
A failed facial recognition match led to a wrongful arrest in Detroit, the American Civil Liberties Union (ACLU) alleged in a complaint Wednesday.
Nationwide protests against police of facial recognition systems, prompting tech giants like Amazon, Microsoft and IBM to scale back their sales of the software to law enforcement at the state and local level.
TechRepublic: Only 31% of Americans concerned with data security, despite 400% rise in cyberattacks In addition, law enforcement wants the former owner to answer for allegedly allowing criminal groups to conduct money laundering via BTC-e, which may have included the theft of funds from the Mt. Gox cryptocurrency exchange.
New Zealand Police Commissioner Andrew Coster said the platform effectively acted as a service for laundering criminal proceeds generated through computer hacking, ransomware, theft, fraud, corruption, and drug crime.
Local law enforcement called the seizure "the largest restraint of funds in New Zealand Police history."
Vinnik, claimed to be BTC-e's founder and CEO, has been sought by law enforcement in the US, France, and Russia on charges of money laundering.
Law enforcement in New Zealand has seized $140 million NZD ($90 million USD) as part of a case against Alexander Vinnik, the alleged former operator of BTC-e.
By modifying the client, the malware becomes persistent and will send the victim's user tokens to the attacker's Discord channel every time they start the Discord client.
Last week, MalwareHunterTeam found a new malware called NitroHack that modifies the Windows discord client to turn it into an account-stealing Trojan.
These modifications are precisely what a new malware called NitroHack is doing to steal Discord user tokens, steal saved credit cards, and spread the malware to your friends via Discord DMs.
New malware is being distributed that pretends to be a hack that gets you the premium Discord Nitro service for free but instead steals user tokens saved in the various browsers, credit card information, and then tries to spread it to others.
Last month, we reported on a new version of the AnarchyGrabber malware that was modifying a Discord client to perform malicious activity.
As Sister Alice, the charismatic leader of the Radiant Assembly of God, Orphan Black’s Tatiana Maslany gives a fantastic performance that shines a light on a complicated moment in history, as the depression between World Wars had far-reaching effects on American culture.
Merely replicating the bigotry of the past does not make a period portrait more compelling Perry Mason is a detective story that’s strangely reluctant to go all-in on being a mystery.
The grotesque crime becomes a media flashpoint, and Perry Mason (Matthew Rhys, every bit as fun to watch as he was on The Americans) — a down-on-his luck, alcoholic World War I vet scraping by as a private investigator — becomes the only person willing to get to the bottom of the death of little Charlie Dodson.
HBO’s new Perry Mason miniseries, however, has little in common with these previous iterations — it’s less a legal drama and more an old-school hard-boiled detective story with a prestige TV sheen.
The long, slow development of Paul Drake (Chris Chalk), a black police officer who finds himself caught between American racism and police corruption, feels rote in the wake of a more satisfying, confrontational show like Watchmen.
There is a possibility that Tesla’s interior camera will now record video during a break-in or a collision.
Redditor Brandude87 noted that the Google translation was poor but the Chinese release notes showed that the interior camera will record video during an accident or break-in.
Note: In order to protect your privacy, e-room camera images and video settings will not be related to your vehicle ID.
I could be wrong — it could actually be part of Sentry Mode — but if we are talking about the interior camera, then this isn’t a normal Sentry camera, as those are located on the outside of the vehicle.
After all, Autopilot cameras can definitely be trained to recognize emergency and police vehicles — perhaps having the car be able to tell when a police officer is pulling someone over, it can automatically record.
In yet another instance of Google dropping the ball when it comes to Chrome spyware, a security research team called Awake Security found a ring of extensions all working together that compromised the security and privacy of millions of users.
After informing Google of the problematic Chrome spyware, Google removed over 70 extensions from the platform (via Reuters).
In other words, the Chrome spyware was smart enough to know if security protocols were in place and then kill its illegal activity in response.
According to Awake Security, the information collected by these Chrome spyware applications bounced around a criminal network of over 15,000 domains.
With 15,000 domains, nearly 100 Chrome spyware extensions, and 32 million downloads, one begins to wonder how Google didn’t find this on its own.
The British cyber security watchdog has further stated that over 700,000 user accounts were previously compromised in one way or another, due to the use of weak or redundant passwords, failure to detect scams, and falling for cyber traps.
Urging people to “avoid scoring a cyber own goal”, the UK NCSC said Wednesday that the return of football broadcast streams may lead to increased cyber criminal activity in a bid to steal passwords, hack in to user accounts and conduct cyber theft, phishing attacks, ransomware, identity thefts and so on.
While all this is mighty exciting for football-starved fans, the United Kingdom National Cyber Security Centre (NCSC) has underlined a new aspect that all fans eagerly tuning in to Premier League telecasts from various streams need to be aware of – cyber crime.
True to English Premier League’s style, the first day was a fair bit of entertainment, with a clear goal disallowed for Sheffield United despite having goal-line technology, and Manchester City stomping their way to a 3-0 defeat of Arsenal.
With the Premier League being streamed live on Disney+ Hotstar in India, users are advised to update their account passwords, and ensure that their Hotstar apps, be it on phones, tablets or TVs, are updated to the latest version available.
AWS Shield provides always-on detection and automatic inline mitigations that minimize application downtime and latency, so there is no need to engage AWS Support to benefit from DDoS protection," Amazon explains.
It is also by far the biggest DDoS attack AWS has seen this year, as shown in the graph above.
Amazon shared the details in its latest AWS Shield Threat Landscape report (PDF) , in which it notes that the "largest known DDoS attacks are UDP reflection attacks."
Amazon has earned itself some well-deserved bragging rights for putting a stop to what ranks as the largest distributed denial of service (DDoS) attack ever, and by quite a bit.
In short, AWS Shield monitors network traffic for network volumetric events and places mitigations as needed to protect services and applications running on AWS.