Jump to content

Search the Community

Showing results for tags 'leak'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Categories

  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions

Categories

  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

  1. Logins for 1.3 million Windows RDP servers collected from hacker market The login names and passwords for 1.3 million current and historically compromised Windows Remote Desktop servers have been leaked by UAS, the largest hacker marketplace for stolen RDP credentials. With this massive leak of compromised remote access credentials, researchers, for the first time, get a glimpse into a bustling cybercrime economy and can use the data to tie up loose ends on previous cyberattacks. Network admins will also benefit from a new service launched by cybersecurity firm Advanced Intel called RDPwned that allows organizations to check whether their RDP credentials have been sold in the marketplace. What's so special about RDP? Remote Desktop Protocol (RDP) is a Microsoft remote access solution that allows users to remotely access a Windows device's applications and desktop as if they were sitting in front of the computer. Due to its prevalent use in corporate networks, cybercriminals have built a thriving economy around selling the stolen credentials for RDP servers. While you may think that access to a corporate network would be expensive, the reality is that threat actors sell remote desktop accounts for as little as $3 and typically not more than $70. Once a threat actor gains access to a network, they can perform a variety of malicious activities. These activities include spreading further throughout the network, stealing data, installing point-of-sale (POS) malware to harvest credit cards, installing backdoors for further access, or deploy ransomware. The use of Windows Remote Desktop Services to breach networks is so pervasive that the FBI has stated that RDP is responsible for 70-80% of all network breaches leading to ransomware attacks. While all ransomware groups utilize RDP to some extent, one ransomware group known as Dharma is known to predominantly use remote desktop to gain a foothold in corporate networks. UAS, the largest marketplace for RDP credentials UAS, or 'Ultimate Anonymity Services,' is a marketplace that sells Windows Remote Desktop login credentials, stolen Social Security Numbers, and access to SOCKS proxy servers. What makes UAS stand out is that it is the largest such marketplace, performs manual verification of sold RDP account credentials, offers customer support, and provides tips on how to retain remote access to a compromised computer. "The market functions partially like eBay - a number of Suppliers work with the market. They have a separate place to log in and upload the RDPs they hacked. The system will then verify them, collect information about each one (os, admin access? internet speed, cpu, memory etc etc), which is added to the listing." "The supplier interface provides real time stats for the suppliers (what sold, what didn't, what was sold but a refund was asked for, etc)." "They also provide support if for some reason what you bought doesn't work. They do take customer support seriously," a security researcher who wishes to remain anonymous told BleepingComputer. When purchasing stolen RDP accounts, threat actors can search for compromised devices in a particular country, state, city, zip code, ISP, or operating system, allowing them to find the specific server they need. RDP servers currently sold on the UAS marketplace Potential buyers can dig down deeper on each server to see the number of Windows accounts, the Internet connection speed, the server's hardware, and more, as shown below. RDP server specs for potential buyers BleepingComputer was told that the marketplace will not sell any servers located in Russia or a Commonwealth of Independent States (CIS) country and runs a script that automatically removes any that are found. Even with this filtering of servers, UAS is currently selling a massive 23,706 RDP credentials. Secretly monitoring the UAS marketplace Since December 2018, a group of security researchers have had secret access to the database for the UAS marketplace and have been quietly collecting sold RDP credentials for almost three years. During this time period, the researchers have collected the IP addresses, usernames, and passwords, for 1,379,609 RDP accounts that have been sold at UAS since the end of 2018.. This database had been shared with Advanced Intel's Vitali Kremez, who also shared a redacted copy with BleepingComputer to review. While we will not be listing any of the companies found in the database, we can say that the listed RDP servers are from all over the world, including government agencies from sixty-three countries, with Brazil, India, and the United States being the top three. There are also RDPs servers for many well-known, high-profile companies, with many servers from the healthcare industry. Furthermore, BleepingComputer has found many RDP servers in the database that belong to organizations known to have suffered ransomware attacks over the past two years. After analyzing the 1.3 million accounts in the database, BleepingComputer has pulled out some interesting data that should be useful for all computer users and network admins: The top five login names found in the sold RDP servers are 'Administrator', 'Admin', 'User', 'test', and 'scanner'. The top give passwords used by the RDP servers are '123456', '123', '[email protected]', '1234', and 'Password1'. The top five represented countries in the database are United States, China, Brazil, Germany, India, and the United Kingdom. More complete stats are found at the end of the article. RDPwned: Checking if your RDP is compromised Vitali Kremez has launched a new service called RDPwned that allows companies and their admins to check if their servers are listed in the database. "The marketplace is tied to a number of high-profile breaches and ransomware cases across the globe. A number of ransomware groups are known to purchase initial access on UAS. This treasure trove of adversary-space data provides a lens into the cybercrime ecosystem, and confirm that low hanging fruit, such as poor passwords, and internet-exposed RDP remain one of the leading causes of breaches," "RDPwned will also help illuminate old breaches for which they never figured out initial access. For others, it will give them a chance to resolve the security problem before it becomes a breach," Kremez told BleepingComputer. To use the service, Kremez told BleepingComputer that companies would need to submit contact information from an executive or admin of the company, which Advanced Intel will vet. Once the user's identity is verified, Advanced Intel will confirm if their company's servers are listed in RDPwned. Visitors can perform this lookup via reverse DNS, IP addresses, and domain names. Further statistics Below are additional statistics showing the top 20 login names, top 20 passwords, and top 10 countries found in the 1.3 million RDP servers that UAS has listed on the marketplace. Top 20 login names Administrator 303,702 Admin 59,034 User 45,096 test 30,702 scanner 20,876 scan 16,087 Guest 12,923 IME_ADMIN 9,955 user1 8,631 Administrador 8,612 Trader 8,608 postgres 5,853 IME_USER 5,667 Usuario 5,236 user2 4,055 Passv 3,989 testuser 3,969 test1 3,888 server 3,754 student 3,592 reception 3,482 backup 3,356 openpgsvc 3,339 info 3,156 VPN 3,139 Top 20 passwords 123456 71,639 123 50,449 [email protected] 47,139 1234 34,825 Password1 27,007 1 24,955 password 19,148 12345 16,522 admin 15,587 ffff-ffc0M456x (see note) 15,114 [email protected] 13,572 User 13,437 scanner 13,193 scan 10,409 test 10,169 Aa123456 9,399 Password123 8,756 12345678 8,647 Admin123 8,214 Passw0rd 7,817 admin,[email protected]#$%^ 7,027 [email protected] 6,248 Welcome1 5,962 [email protected] 5,522 [email protected] 4,958 Note: The 'ffff-ffc0M456x' password appears to be a default password configured by the MailEnable setup program for remote access. Users are advised to change this password to something else. Top 10 countries Country Total Servers United States 299,529 China 201,847 Brazil 119,959 Germany 56,225 India 41,588 United Kingdom 37,810 France 32,738 Spain 30,312 Canada 27,347 Hong Kong 24,804 Source: Logins for 1.3 million Windows RDP servers collected from hacker market
  2. Over 8 million COVID-19 test results leaked online Millions of COVID-19 test reports were found to be publicly accessible due to flawed online system implementation. The leak, comprising over 8 million COVID-19 test results, has been attributed to the Health and Welfare Department of West Bengal, India. Researcher spots millions of COVID test results leaking online Last month, BleepingComputer exclusively reported that multiple Indian government websites were leaking COVID-19 patient test reports. This week, security researcher Sourajeet Majumder has shared with BleepingComputer his discovery of another government website exposing millions of COVID-19 test results. "I have found an issue in an Indian Government site which is resulting in the leakage of test reports of EVERYONE who took a COVID-19 test in a particular state." "These reports have sensitive information about the citizens in them like name, age, date and time of sample testing, residence address, etc," Majumder told BleepingComputer. The state the researcher refers to is the Indian state of West Bengal. At the time of his original discovery, the researcher suspected the number of publicly accessible reports was crossing the 8 million mark, based on the daily bulletin published by the government. Majumder spotted the leakage on seeing the contents of a text message sent to a COVID-19 test taker. The structure of the URL in the text leading to the result comprised a base64-encoded report's ID number ("SRF ID") as shown below. Text message seen by the researcher which had a link to COVID-19 test result Source: BleepingComputer As confirmed by BleepingComputer, the base64-encoded report number could be decoded to a simpler numeric form, incremented/decremented to construct new sets of URLs that would enable accessing other patients' COVID-19 test results. Majumder noticed that the base64 encoding applied to the numeric identifier was optional, and stripping it away had no impact on the ability to retrieve the reports. In this manner, the researcher demonstrated to BleepingComputer that an attacker could retrieve COVID-19 test results of millions of patients by simply enumerating the URLs: https://cpms.wbhealth.gov[.]in:8003/Covid19.aspx?SRFID=1931XXXXXX1 https://cpms.wbhealth.gov[.]in:8003/Covid19.aspx?SRFID=1931XXXXXX2 https://cpms.wbhealth.gov[.]in:8003/Covid19.aspx?SRFID=1931XXXXXX3 Every report revealed the patient's name, age, gender, partial home address, COVID-19 test result, date of the test, report identifier, and details pertaining to the location of the testing lab. One of the COVID-19 test reports obtained by the researcher Source: BleepingComputer Health department fixes the leak On seeing the leaky endpoint was hosted on wbhealth.gov.in domain, BleepingComputer reached out to the relevant IT contacts at West Bengal's Health and Welfare department. Additionally, the researcher had told BleepingComputer that he had attempted to make contact with the relevant parties beforehand. Although BleepingComputer did not hear back from the contacted personnel, the issue has been remediated. The URL endpoints previously leaking the COVID-19 reports now return a 404 (not found) message, as seen by BleepingComputer. Dr. Sushant Roy, a government-appointed health official tasked with overseeing the COVID-19 situation in North Bengal has also acknowledged the leak. In a statement made to a regional news outlet, Dr. Roy said that information such as the COVID-19 test result data is meant to be kept confidential especially to safeguard the privacy of COVID-19 patients. He continued that the government only provides such information to the patient's family members. Dr. Roy expressed surprise at the system flaw that made it possible to access anyone's test report and stated that immediate action will be taken to rectify the problem. This is not the first time COVID-19 test results have been spotted leaking online at such a scale. Previously, multiple independent labs were leaking patient test results due to a flawed QR code implementation that could let threat actors enumerate the test result URLs. When generating publicly accessible URLs, it is probably a good idea to include some unguessable or randomized bits of data to them so as to make enumeration challenging. Source: Over 8 million COVID-19 test results leaked online
  3. Documents that were leaked by NSA whistleblower Edward Snowden prove that the United States has been ruled by a race of tall, white space aliens who also assisted the rise of Nazi Germany in the 1930s. A Federal Security Services (FSB) report on the nearly two million highly classified top-secret documents obtained from the United States Department of Defense (DOD) run National Security Agency-Central Security Service (NSA/CSS) by the American ex-patriot Edward Snowden states that this information is providing “incontrovertible proof” that an “alien/extraterrestrial intelligence agenda” is driving US domestic and international policy. Snowden, who has been given asylum in Russia, leaked documents that a race of extraterestrial “tall whites” arrived on Earth, helped Nazi Germany build a fleet of advanced submarines in the 1930s, and then met in 1954 with President Dwight Eisenhower “where the ‘secret regime’ currently ruling over America was established. This FSB report warns that the ‘Tall White’ agenda being implemented by the ‘secret regime’ ruling the United States calls for the creation of a global electronic surveillance system meant to hide all true information about their presence here on earth as they enter into what one of Snowden’s documents calls the ‘final phase’ of their end plan for total assimilation and world rule.” The report further says that the U.S. government is embroiled in a “cataclysmic” power struggle between President Obama, who heads the alien shadow government, and some unknown force that opposed the U.S.-alien alliance. “Most to be feared by Russian policy makers and authorities, this [FSB] report concludes, is if those opposing the ‘Tall White’ ‘secret regime’ ruled over by Obama have themselves aligned with another alien-extraterrestrial power themselves.” Any good conspiracy theory needs a patina of truth, a bit of intellectual cover to camouflage the craziness. In this case, the whatdoesitmean.com/Fars story cites Paul Hellyer, the 1960s Canadian defense minister who is now a fervent UFO activist. Hellyer allegedly has confirmed the accuracy of Snowden’s UFO leaks. Source ======================== A rebuttal has been found, claiming the source is a "semi-official" news agency.
  4. Several HTC employees, including a senior executive, have been indicted in Taiwan for leaking company secrets, falsifying expenses, and taking kickbacks, reports The Wall Street Journal. Thomas Chien, HTC's vice president of product design, is alleged to have leaked upcoming smartphone interface designs to a partner who he planned to start a new business with. Along with five other HTC employees, Chien has reportedly also been charged for collectively receiving around 33.57 million New Taiwan dollars (US$1.12 million) by falsifying expenses and receiving kickbacks from suppliers. Three employees from unidentified suppliers of HTC have also been indicted. Chien and the other HTC employees were first arrested in August regarding these charges. At the time, it was reported that the designs Chien leaked were of Sense 6.0, which would be an upcoming, unannounced version of HTC's Android software and interface. HTC's R&D director, Bill Wu, and design team senior manager, Justin Huang, were reported to be among the other five facing charges at the time of the initial report, but the Journal doesn't say specifically who else has been indicted beyond Chien right now. Should so many high-level employees be facing prosecution, it would certainly be bad news for HTC, which is dealing with slumping sales and several other executive departures already. Source
  5. Back in August, five HTC employees were cuffed and detained for allegedly leaking sensitive internal information pertaining to HTC interface designs to third-parties in mainland China. As if HTC didn't have it hard enough already, three of those happen to be some pretty essential executives within the struggling Taiwanese company – VP of Product Design Thomas Chien, R&D director Wu Hung and senior manager Justin Huang. The same were allegedly about to wait out their mid-year bonuses and call it quits, having already incorporated their own design company in China. As if leaking sensitive HTC intellectual property wasn't enough, the above trio was also allegedly scammed their employer out of close to a million dollars through faux contracts. These transgressions were not left unnoticed, and formal indictments have now been put into motion, threatening to incarcerate Chien and company for up to 10 years. An unsavory business, no doubt, yet there's no denying that some of the charged had key positions within HTC. In fact, Justin Huang is said to be the very person that first sketched the initial design for the masterpiece that is the HTC One. Considering the handset maker's poor financial performance as of late, this is likely to serve as a considerable blow for the company, undermining its efforts to bounce back. Source
  6. Despite a leak of its source code, an Android program aimed at compromising online bank accounts is still commanding $5,000 per copy, one of the highest prices seen for a type of malware, according to research from Symantec. Symantec and RSA published details on their blogs on Tuesday about iBanking, which is being used by two Eastern European cybercrime groups to intercept one-time SMS passcodes used for logging into bank accounts. IBanking is notable for its wide range of features and defensive measures that thwart analysis by security researchers. It can steal just about any information on an Android device, record calls or forward calls to another phone, Symantec wrote. The malware often appears in Android app marketplaces as a legitimate banking application. It appears victims who are targeted already have a separate type of malware installed on a desktop system, which prompts them to enter their phone number after navigating to their bank's website. Then, an SMS code with a link to iBanking is sent to their phone. It alternatively displays a QR code thatA also leads victims to the malware, Symantec wrote. Two gangs, which Symantec called the Neverquest crew and Zerafik, have used iBanking, with Zerafik targeting customers of the financial institution ING, Symantec wrote. In that case, iBanking was modified to appear to look like an official application from ING. RSA found that iBanking's code is scrambled in a way to make it harder for malware experts to study, using techniques that have been seen on desktop-based malicious software but not widely on mobile malware. IBanking sells for around $5,000 or for a cut of the proceeds from theft it facilitates, Symantec wrote. IBanking's source code was leaked in February after a hacker nicknamed "ReVOLVeR" found it while avenging a friend's loss of 65,000 bitcoins that were pilfered by the malware, Symantec wrote. In the course of that quest, ReVOLVeR, believed to be Russian, also came across FTP login credentials for a server belonging to the broadcaster BBC, which he tried to sell. IBanking's price should have dropped after its source code was released. But iBanking's developer, who is someone going by the nickname "GFF," has continued to develop it and provide support, which has sustained its marketability. "Despite the availability of a free version, our research suggests that most of the large cybercrime actors are continuing to opt for the paid-for version," Symantec wrote. "They appear to be willing to pay a premium for the updates and support provided by GFF." RSA wrote that its analysis of iBanking showed that it will shut itself down if it detects it is running in a virtual machine. Virtual machines are often used by malware analysts to study the behavior of an application. Trying to halt analysts and security professionals "has been a standard among PC malware developers for quite a while but is far from standard practice in the mobile malware field," RSA wrote. "The iBanking malware shows that mobile malware developers are becoming aware of the necessity to protect their bots against analysis and indicates a possible new trend in this new and evolving mobile malware space," the company wrote. Source
  7. A leaked copy of Expendables 3 was made available to 'pirate' release groups mid-July, TF has learned. Concerned at the nature of the leak, a release was shied away from, but a small public torrent uploaded by a fairly low profile Pirate Bay user changed all that. Last week saw the leak online of the brand new Expendables movie. Earmarked for an August 15 U.S. release, Expendables 3 leaked in near DVD quality a full two weeks ahead. The timing and quality combined to make the leak one of the most prominent in recent years. While the original sources of these leaks are nearly always shrouded in mystery, once made publicly available on sites like The Pirate Bay they are anyone’s for download. Originally it was believed that Pirate Bay releaser Drarbg uploaded the first public torrent, but that was not the case. Flying under the radar a hugely less popular torrent (still only with a handful of seeds) actually preceded it by almost 20 minutes. It’s certainly feasible that another release preceded even this one, but with torrents on sites other than Pirate Bay regularly deleted due to copyright complaints, it’s now too late for any certainty. It’s also impossible to say how many people were in the chain after the leak and before the first public torrent upload, but numerous public sources (including RARBG themselves) are now pointing to postings on 4chan as indicating the start of events. The thread is right here and obviously everything happened in public. The postings don’t specifically mention the title of the movie but a source close to the situation assures TF that the chat does indeed refer to The Expendables 3. Less than two hours after his initial posting on July 15, ‘Anonymous’ was back on 4chan with an update. “I am in contact with a release group that works with private trackers. They asked me for proof of what I had and I took pictures with a written timestamp of the disc in and out of the box,” he wrote. “I dumped them into some special submission link they had and they will get back to me. I’m just waiting in a secured IRC room for them to get back to me once the staff takes a look.” Precisely what happened after then is a mystery (as is the leaker’s apparent disregard for security by posting in public) but a source informs TF that whoever obtained the copy knew they had something hot – perhaps too hot. “We know that the leak was back then, around July 15, but everyone was scared to leak it. Most private groups had it for more than 10 days, but again they were scared to leak it,” TF was told. After the leaked copy was allegedly handed over July 15, the comments of ‘Anonymous’ as he returned to 4chan predicted the events of last Thursday. “Keep an eye out for the leak. No telling how long this will take, but I’m sure it will make its way to public trackers due to the demand for it,” he wrote. Interestingly, although initial demand for The Expendables 3 was brisk, downloads now sit at an estimated 500,000, and it’s currently less popular on file-sharing networks than “Divergent” which was released on the same day. Source: TorrentFreak
  8. Hackers from Cyber Berkut group are claiming to hack and leak personal emails belonging to Colonel V.M. Pushenko. of the Ukrainian Ministry of Defense. In an email one of the representative from Cyber Berkut claimed that the leaked emails contain confidential conversation between officials about ongoing conflict between Ukraine and Russia. The content of email conversation is available below: The claimed leaked emails are available here in Russian language. This is not the first time when hackers have a high profile leak. In February 13, 2014 Anonymous hackers claimed to hack and leak secret email conversations of Vitali Klitschko’s UDAR party. NOTE: We at HACKREAD are not responsible for the leaked data nor can we confirm if these emails are authentic or not. Source
  9. Several pirated copies of the sci-fi thriller 'Tenet' have appeared online. The leaks, which were recorded in theaters, appear to have at least two sources. One has badly cropped Korean subtitles and the other, which is sponsored by a gambling company, reveals partial German subtitles. Whether Warner Bros. should be overly concerned about these leaks is up for debate. In recent months many films have skipped the box office or faced delays due to the coronavirus pandemic. This was also the case for Christopher Nolan’s highly anticipated sci-fi thriller ‘Tenet,’ which was initially scheduled to premiere in July. After several delays, Warner Bros. eventually chose a staggered release schedule, which started last week. The film came out in Australia, Canada, Germany, the UK, and South Korea, among others, with the US, Russia and China following in a few days. In the lead up to the official premiere, there was a lot of piracy chatter. The highly anticipated movie and the staggered release could create a perfect piracy storm, one anti-piracy expert predicted. Warner Bros. was also on high alert. The company took down several copies of leaked Tenet footage that appeared in theaters during the re-release of Inception. In addition, it also took down many ‘fake’ pirate releases of Tenet that surfaced on torrent sites and elsewhere. Pirated Copies of Tenet Appear Online These fake releases were not really much of a threat to the movie studio. However, several pirated copies of the real Tenet film started to surface yesterday, and those are a much bigger concern. At the moment there are various ‘camcorded’ (CAM) leaks of Tenet in circulation. These are copies of the film that were recorded in a movie theater, which tend to be very low in quality. That’s no different here. As we’ve seen more often in recent years, some of the leaked copies are “sponsored” by a gaming brand. In this case, the URL of the casino referral site Slotslights.com appears throughout the film, inviting viewers to take a gamble. On closer inspection, it appears that there are at least two different sources floating around. One release is tagged as a Korean CAM, and indeed, in some parts of the movie badly cropped Korean subtitles are visible. Other copies, which don’t have any location tags, reveal parts of German subtitles, as shown below. This is also the release with the visible sponsored messages, that appear throughout the film. It’s clear that Warner Bros. won’t be happy with these leaks and the company will likely send out hundreds of takedown requests in the days to come. That said, thus far, the download numbers are relatively modest. It’s certainly not the most downloaded movie at the moment. This can be easily explained by the fact that one important factor for a ‘perfect piracy storm’ is missing; there is no high-quality leak available. Not Everyone Likes Low Quality Releases While so-called CAM releases draw plenty of attention from a subset of curious viewers, many film fans stay far away from them. They don’t fancy watching a good film in bad quality, especially not one that has advertisements and partial foreign subtitles. When we were browsing through various comment threads, several people rated the quality of these leaks as decent. However, that means decent for a film that’s recorded in a movie theater. Others prefer to wait. “Some movies deserve to be viewed in the best possible quality, some deserve the patience needed to be viewed. This is one such movie, I’ll be waiting,” one commenter notes. Generally speaking, a movie’s big piracy boom comes when the first high-quality copy appears online. This was also the case with ‘Star Wars: The Force Awakens’ and we have no reason to believe that it will be different here. Source: TorrentFreak
  10. The phone will reportedly have a 6.6" display and a 5,000 mAh battery. What you need to know A recently leaked photo shows off the Moto G 5G with a Snapdragon 750G SoC. This could be one of the first phones to use Qualcomm's new Snapdragon 750G. The phone will reportedly have a 6.66-inch display, 6GB of RAM, 128GB of storage, and a 5,000 mAh battery. A recently leaked photo by Slashleaks has revealed the Moto G 5G, Motorola's next 5G budget phone with Qualcomm's brand-new Snapdragon 750G chipset. This could be one of the first smartphones to carry the Snapdragon 750G SoC, following the likes of Xiaomi and Samsung. According to XDA-Developers, the Motorola Moto G 5G will have a fairly competitive spec sheet, especially as a budget phone. In addition to the Snapdragon 750G processor, the phone is rumored to have a 6.66-inch display with a 2400x1800 resolution and a 60Hz refresh rate, 6GB of RAM, 128GB of internal storage, as well as a gigantic 5,000 mAh battery. The phone will also have 3 cameras on the back including a 48MP primary sensor. On the front, there's a minimal hole-punch camera, which is a 16MP sensor. Interestingly enough, the Moto G 5G will also have a Google Assistant button on the side much like LG's recent devices. However, it seems to be missing on the Verizon-variant intended for the US market. With all these specs and features in mind, the Moto G 5G seems to be a relatively fully-featured phone. Judging from the leaked photo, it seems to have reduced bezels and a more modern design compared to previous devices in the Moto G series. While it will likely miss out on wireless charging, it doesn't miss out on essentials such as NFC and microSD support. Although certain details such as the release date and price tag are currently unknown, it's good to see more budget 5G phones coming out of the woodworks. With the ongoing pandemic and economic climate, well-worth budget phones are more imperative than ever before. Source
  11. Details about hackers obtained the files remain unclear. Ransomware gang also threatened to leak the source code of Watch Dogs: Legion, an upcoming Ubisoft game. A ransomware gang going by the of Egregor has leaked data it claims to have obtained from the internal networks of two of today's largest gaming companies — Ubisoft and Crytek. Data allegedly taken from each company has been published on the ransomware gang's dark web portal on Tuesday. Details about how the Egregor gang obtained the data remain unclear. Ransomware gangs like Egregor regularly breach companies, steal their data, encrypt files, and ask for a ransom to decrypt the locked data. However, in many incidents, ransomware gangs are also get caught and kicked out of networks during the data exfiltration process, and files are never encrypted. Nevertheless, they still extort companies, asking victims for money to not leak sensitive files. Usually, when negotiations break down, ransomware gangs post a partial leak of the stolen files on so-called leak sites. On Tuesday, leaks for both Crytek and Ubisoft were posted on the Egregor portal at the same time, with threats from the ransomware crew to leak more files in the coming days. For the Ubisoft leak, the Egregor group shared files to suggest they were in possession of source code from one of the company's Watch Dogs games. On its web portal, the group touted they were in possession of the source code for the Watch Dogs: Legion game, scheduled to be released later this month. It was, however, impossible to verify that these files came from the new game, rather than an existing release. For the past year, security researchers have tried to reach out and notify Ubisoft about several of its employees getting phished, with no results, which may provide a clue of how the hackers might have got it. But while hackers leaked only 20 MB from Ubisoft, they leaked 300 MB from Crytek, and this data contained a lot more information. The Crytek files included documents that appeared to have been stolen from the company's game development division. These documents contained resources and information about the development process of games like Arena of Fate and Warface, but also Crytek's old Gface social gaming network. Neither Ubisoft nor Crytek responded to emails seeking comment on the leaks. None of the companies reported major security incidents weeks, nor any abnormal and prolonged downtimes, suggesting the Egregor intrusion didn't likely impact cloud and gaming system, but merely backend office and work networks, where most ransomware incidents usually incur damages. However, in an email interview with ZDNet, the Egregor gang provided more details about the two incidents. The ransomware operators said they breached the Ubisoft network, but only stole data, and did not encrypt any of the company's files. On the other hand, "Crytek has been encrypted fully," the Egregor crew told ZDNet. The Egregor group said that neither company engaged in discussions, despite their intrusions, and no ransom has been officially requested yet. "In case Ubisoft will not contact us we will begin posting the source code of upcoming Watch Dogs and their engine," the group threatened, promising to publish more data in a press release tomorrow. Source
  12. Last month there was excitement when the source code for Windows XP was leaked online. The big question, however, was how quickly Microsoft would act to have it disappeared from the web. The partial answer is that the company took 10 days to have one public repository taken down. And that was hosted on Github, a platform owned by Microsoft itself. When Microsoft’s Windows XP launched in 2001, it was somewhat of a revelation. Built on Windows NT and a clear step up from the consumer variants of Windows that preceded it, the OS reigned for years after being installed on millions of machines. It’s currently estimated that around 0.8% of Windows PCs are still running Windows XP, despite Microsoft offering zero support for the relatively ancient OS. Nevertheless, there was mild euphoria among coders last month when it was confirmed that the source code for XP, among other things, had been leaked online, presumably to the dismay of Microsoft. Leaked via 4chan, Distributed via Torrents and MEGA For the vast majority of interested onlookers, the leak probably meant very little in practical terms. With no support from Microsoft, running Windows XP is already a security gamble, regardless of any additional leaks. However, when Microsoft confirmed it was actively investigating the leak, some presumed the company would act very quickly to have the code disappeared from the web. Quite when the upload to MEGA was taken down is unclear but it didn’t take long for the file to be removed following a complaint. Torrents, of course, are much more complicated. While it is possible to have some torrent sites respond to takedown requests, sites such as The Pirate Bay will happily index pretty much anything – including the source code leak. Predictably, the leaked content is available via the site today and not even the mighty Microsoft can do much about that. However, when checking the hash value in Google search and scouring the DMCA notice archive hosted by Lumen Database, there appears to have been little or even no effort to have links to the source code removed from Google or Twitter. Granted, most of the sites mentioning the content have taken care not to link directly to the leaked source itself, with many preferring to post unclickable but entirely usable magnet links instead. Nevertheless, just days after the leak was reported, a very public repository of the code appeared much closer to home and nothing was done about that either. Source Code Published to Microsoft-Owned Github On September 29, a handful of days after the leak reportedly appeared on 4chan, someone called ‘shaswata56’ thought it would be a good idea to post the source code for Windows XP on Github, for the world to see and download. The interesting thing here is that Github is owned by Microsoft, so the computing giant was effectively hosting its own leak. Given the presumed sensitive nature of the source code, one might conclude that it would be spotted and deleted quickly. However, despite all the publicity, it took a full 10 days for Microsoft to do anything about it, at which point it had to serve its own company with a DMCA notice requesting that the code be taken down. Takedown Notice to Github “I work in Microsoft Security Incident Response. The code in question is from a Windows XP source code leak,” the DMCA notice dated October 8 and filed with Github reads. “The GitHub content is pulled directly form [sic] a torrent (that was also taken down),” it continues. The notice originally contained a hash value for the source but that was censored by Github, presumably to stop any additional infringement. However, archive copies of the now-removed repository show that hash value in full, which can be easily converted to a torrent, one that is very much alive and being shared by many people. Microsoft Not Too Bothered By The Leak? Clearly, Microsoft’s claim that the torrent was somehow taken down was incorrect but that’s not a huge surprise since once a torrent is being spread, stopping people with access to magnet links or even a hash is incredibly difficult. That being said, it would’ve been trivial to remove the source from Github on the day it was published. Instead, it took exactly 10 days, a lifetime where leaks are concerned and a little bit embarrassing when it’s your own site doing the distribution. Quite why a rapid removal wasn’t executed isn’t clear but coupled with what appears to be a lack of enthusiasm to remove links still available via Google, it makes one wonder how concerned Microsoft is about the leak after all. Or, just possibly, the company realizes just how futile it all is. The DMCA notice is available here Source: TorrentFreak
  13. BRUSSELS (Reuters) - Alphabet CEO Sundar Pichai has apologised to Europe's industry chief Thierry Breton over a leaked internal document proposing ways to counter the EU's tough new rules for technology companies. Google CEO Sundar Pichai Pichai and Breton exchanged views in a video-conference call late on Thursday, the third this year, according to a statement from the European Commission. “The Internet cannot remain a ‘Wild West’: we need clear and transparent rules, a predictable environment and balanced rights and obligations,” Breton told Pichai. The call came after a Google internal document outlined a 60-day strategy to counter the European Union’s push for the new rules by getting U.S. allies to push back against Breton. The call was initiated by Google before the document was leaked. Breton brought up the leaked document and showed it to Pichai during the call and said that there was no need to use old century tactics and to play one unit at the Commission against another, a person familiar with the call said. Pichai apologised for the way the document came out, a paper which he had not seen nor signed off, saying that he would engage directly with Breton if he sees language and policy that specifically targets Google, another person familiar with the call said. Google said the two had a frank but open conversation. “Our online tools have been a lifeline to many people and businesses through lockdown, and Google is committed to continuing to innovate and build services that can contribute to Europe’s economic recovery post-COVID,” spokesman Al Verney said in a statement. The incident underlines the intense lobbying by tech companies against the proposed EU rules, which could impede their businesses and force changes in how they operate. Breton will announce new draft rules known as the Digital Services Act and the Digital Markets Act together with European Competition Commissioner Margrethe Vestager on Dec. 2. The rules will set out a list of do’s and don’ts for gatekeepers - online companies with market power - forcing them to share data with rivals and regulators and not to promote their services and products unfairly. “The Internet cannot remain a ‘Wild West’: we need clear and transparent rules, a predictable environment and balanced rights and obligations,” Breton told Pichai. “Everything that is allowed offline should be authorised online; and everything that is forbidden offline should be banned online,” he said. Breton told Pichai that he would increase the EU’s power to curb unfair behaviour by gatekeeping platforms, so that the Internet doesn’t just benefit a handful of companies but also Europe’s small- and medium-sized enterprises and entrepreneurs. “Europe’s position is clear: everyone is welcome on our continent – as long as they respect our rules,” he told Pichai. Source
  14. The iPhone 12 mini won’t be available for pre-order until next week, but a YouTuber has managed to get his hands on one early. The video offers our first real-world look at the iPhone 12 mini, and its new 5.4-inch display alongside comparisons to other iPhone models as well. The over 40-minute-long video from the Romanian YouTuber George Buhnici serves as our first look at the iPhone 12 mini outside of Apple’s special event earlier this month. The device won’t be available for pre-order until November 6, and the first orders won’t arrive until November 13. We expect early press reviews to be published sometime in between those two dates. The video offers a look at the iPhone 12 mini design and size, showing how it compares against the iPhone 12 and iPhone 12 Pro, both of which feature a 6.1-inch display. We’re also able to see how various parts of iOS 14 are optimized for the 5.4-inch display, as well as a look at the camera technology. Source
  15. Microsoft's forthcoming Cloud PC remote Windows experience for Windows 10, macOS, iOS and Android takes shape. A fresh leak has revealed more details about what Microsoft may offer customers when it launches 'Cloud PC', a forthcoming Azure desktop service built on top of Windows Virtual Desktop. As ZDNet's Mary Jo Foley reported in July, Microsoft is gearing up to release a virtualized Windows PC experience under the Cloud PC brand, offering customers a way to use their own machine as a type of thin client that can access a remote Windows desktop and use software like Microsoft Office. In that report, Microsoft described Cloud PC as a "modern, elastic, cloud-based Windows experience [that] will allow organizations to stay current in a more simplistic and scalable manner". Microsoft plans to sell it as a managed Microsoft 365 experience at a flat per-user price. This is an important difference to existing Windows Virtual Desktop pricing, which revolves around Azure consumption. The new details, found by Microsoft leaker WalkingCat, don't reveal anything about pricing. While Microsoft hasn't confirmed the existence of Cloud PC, the web pages found by WalkingCat suggest Microsoft has developed a few core offerings and has codenamed Cloud PC 'Project Deschutes'. Also, Microsoft currently refers to the product as 'CloudPC' as well as 'Cloud PC. According to the leak, Microsoft plans to sell Medium, Heavy, and Advanced subscriptions. The Medium plan offers two virtual CPUs, 4GB of RAM, and 96GB of SSD storage, and is designed for "general-purpose optimized for cost and flexibility". With the Heavy plan, users get two virtual CPUs, 8GB of RAM, and 96GB of SSD storage. It's for those with "advanced compute needs optimized for performance and speed". The Advanced plan includes 8GB of RAM, three virtual CPUs, and 40GB of SSD storage. It offers "accelerated graphics optimized for scalability and data processing". At present the domains https://deschutes.microsoft.com and cloudpc.microsoft.com return an error but with the message 'Setting up your workspace – Check back later to see workspaces assigned to you'. If you're signed in to a Microsoft account, there's a menu grid at the top left for access to Microsoft 365 services, including Outlook, Word, PowerPoint, SharePoint, and Teams. To use Cloud PC, users need to install the Microsoft Remote Desktop app for Windows PCs, macOS, iOS and Android. On Windows, it's available for 64-bit, 32-bit and Windows on Arm64. WalkingCat has also posted the welcome page for Cloud PC's 'My Workspaces' from the Microsoft Remote Desktop app. It promises to let users, "Access your work apps and program online, from any device". Cloud PC is expected to launch around spring 2021. Source
  16. 500K+ records of C-level people from Capital Economics leaked online Experts from Cyble recently found a leak of 500K+ records of C-level people from Capital Economics on a Russian-speaking forum. During a routine Darkweb monitoring, researchers from Cyble found a leak of 500K+ records of C-level people from Capital Economics on a Russian-speaking forum. CapitalEconomics.com is one of the leading independent economic research companies in the world that provides macroeconomic, financial market and sectoral forecasts and consultancy. “Upon analysis of the data, Cyble discovered that there are 500K+ lines of record containing various prominent user profiles.” reads the post published by Cyble. Leaked records include email IDs, password hashes, addresses, etc. Cyble experts informed its clients about this leak, it pointed out that the availability of corporate email IDs could allow threat actors to carry out a broad range of malicious activities. Cyble recommends people to: Never share personal information, including financial information over phone, email or SMSes. Use strong passwords and enforce multi-factor authentication wherever possible. Regularly monitor your financial transactions, and if you notice any suspicious activity, contact your bank immediately. Turn on the automatic software update feature on your computer, mobile and other connected devices wherever possible and pragmatic. Use a reputed anti-virus and Internet security software package on your connected devices including PC, laptop, and mobile. People who are concerned about their exposure in the Darkweb can register at AmiBreached.com to ascertain their exposure. Refrain from opening untrusted links and email attachments without verifying their authenticity. Source: 500K+ records of C-level people from Capital Economics leaked online
  17. Three big movies, all of which are being touted as Oscar contenders for Best Picture, have leaked online to torrent and streaming sites. Promising Young Woman, Nomadland & Minari were released in WEBSCR format, meaning that they were all sourced from secure online screenings that should have been limited to select viewers. All year round pirate sites are key sources for the latest movies but around Christmas time and the turn of the New Year, visitors are often treated to unexpected gems. These often appear in the form of screener copies of recent movies, often in advance of their official release. They are sent out to critics and others involved in the awards voting process and are only meant to be viewed only by this select audience. Every year, however, pirates manage to get hold of at least some. Pirate Release Group EVO Delivers Yet Again A few months ago we reported how pirate release group EVO obtained early copies of the films ‘Falling‘ and ‘My Salinger Year,’ both of which were sourced from online screeners, and placed them online. Over the past few days EVO has done it again, releasing copies of three high-profile movies, in two cases well ahead of their full theatrical release. All are well-known titles that are currently listed by Variety as potential Oscar contenders for Best Picture. Nomadland: Searchlight Pictures Based on the 2017 book Nomadland: Surviving America in the Twenty-First Century, ‘Nomadland’ from Searchlight Pictures was aired at the Venice Film Festival in September 2020 but is set for a February 19, 2021 release in the United States. However, the EVO release that appeared on torrent sites in recent days beats that by around seven weeks. The NFO (information) file with the release provides no details on the source but credits a number of entities by their pseudonyms (BOSS_HITMAN + DdHD + KING_DVD + Ach + Mr. Spy + Warm + MUSE) for their participation in getting the movie online. At 1080p, the quality will be good enough for most people and as far as we can ascertain, there are no visible watermarks. However, EVO itself does admit that the video source was “a little bit jittery” but nevertheless it’s the best copy available online at the time of writing. Promising Young Woman: Focus Features American thriller film ‘Promising Young Woman’ had its world premiere at the Sundance Film Festival on January 25, 2020. Its theatrical release followed 11 months later on Christmas Day in the United States so it’s the only movie of the three released by EVO that managed to get out to the public in a full official release before it was leaked online. At 720p, the headline quality is significantly lower than the ‘Nomadland’ release. According to sources, however, there are no major issues other than a pretty intrusive watermark at the bottom of the screen that plays throughout the movie declaring that it’s the property of Focus Features. Whether there are any other watermarks in the release isn’t revealed in the release notes. It’s certainly possible that security tracking features were present in the original source but release groups tend to remove these whenever possible since that contribute to the overall safety of the group and ensure sources aren’t compromised. Minari: A24 In common with ‘Promising Young Woman’, A24’s ‘Minari’ also premiered at the Sundance Festival in January 2020. Documenting the life of a Korean-American family searching for their ‘American Dream’ on an Arkansas farm, the movie is set for a US theatrical release on February 12, 2021. The 720p EVO release trumps that full launch by around six weeks, although the film did have a limited release in early December for Oscar qualification purposes. As far as we are aware, the release has no overtly visible watermarks but has hardcoded subtitles which are necessary for non-Korean speakers at various points in the movie. Sources and Popularity Among Downloaders Traditionally, screener copies of movies have been mostly leaked online after pirates have somehow managed to intercept or obtain physical discs intended for critics and awards voters, for example. However, this system has become outdated so these days it’s more likely for screeners to be made available more privately via online streaming services, so the ‘DVDSCR’ (DVD screener) tag is becoming increasingly less common. The switch to digital delivery is more convenient for movie companies and critics/voters but also adds a significant level of additional security to prevent screeners from leaking out online. However, all three of the above-mentioned movies appear to have been obtained from web sources, something that is made clear by the inclusion of the term ‘WEBSCR’ (web screener) in their release titles and notes. Precisely where or when these copies were obtained remains a mystery, at least for now. TorrentFreak has contacted EVO for comment and should the group respond, we will update this article accordingly. Finally, given the movies’ chances of becoming Oscar-nominated, it’s perhaps interesting to note their popularity among downloaders. Currently, ‘Promising Young Woman’ appears to be at the top of the list just ahead of ‘Nomadland’. While trailing behind in third place, ‘Minari’ is not that far behind. Source: TorrentFreak
  18. Leaked Nintendo documents have revealed a frightening surveillance operation carried out against a hacker who was researching exploits for the 3DS handheld. In addition to monitoring his private life, including aspects of his education, when he left the house and where he went, the company followed its target from his place of work in order to pressure him into stopping his activities. Projects to protect the intellectual property rights of corporations are underway all around the world on a continual basis but it is rare for operational details to leak out to the public. Unfortunately for Nintendo, leaked documents are now revealing how frightening things can get for console hackers in their crosshairs, even when those targets have already declared that their work isn’t designed for piracy purposes. Leaked Documents Reveal Police-Style Surveillance Operation During the past 24 hours, various Twitter accounts (1,2) have been posting snippets from documents that were recently leaked from Nintendo. While there are numerous items of interest, the most shocking revelations involve Neimod, a hacker who several years ago developed exploits for the 3DS handheld console. Of course, it’s not surprising for a company like Nintendo to have a keen interest in work carried out by someone like Neimod. Nintendo’s documentation described him as a “highly skilled hardware engineer” with “a very high reputation within the hacker scene, for Nintendo products.” However, the scale of the operation, which is revealed in detail in the leaked documents, shows just how far the gaming giant was prepared to go to stop his work. For example, the leak reveals personal profiling that dug deeply into Neimod’s education status, listed details of his working life, while offering evidence of physical snooping on his daily lifestyle. What time he could be found at home, who came to see him there, and even when he visited places like banks and restaurants are all included. While this kind of surveillance is creepy in its own right, additional documents reveal a detailed plan to use the gathered intelligence to physically confront Neimod in order to pressurize him into complying with the company’s demands. Detailed Operational Planning to Intercept Target According to Nintendo’s planning, the operation would begin around April 15, 2013, with its team meeting at a local hotel to discuss and finalize their plans. Following a review of Neimod’s movements of the previous week, the team would then decide where and when contact would be made – after work or at home, for example. With an undercover investigator monitoring Neimod to discover what time he left work, Neimod was to be approached by a ‘contact team’, who were instructed to approach their target “in a friendly, non-threatening, professional, and courteous manner. “Provide a business card,” the instructions read. After Neimod had been engaged in conversation, the team was instructed to flatter the hacker by “acknowledging his engineering/programming aptitude.” They were also told to reference his stated aim of not “facilitating piracy” with his hacks but point out Nintendo’s concerns that a release of his hack could do just that. Whether Neimod complied or resisted, Nintendo prepared for both eventualities. The following slide, posted to Twitter by Eclipse-TT, shows a flow chart that begins with instructions for the “Knock and Talk Team”, details a staging area, rules of engagement, and plans for what should happen when things go to plan – or otherwise. The Nintendo “Final Enforcement Proposal” document describes a “carrot and stick” approach, with the stick being a laundry list of potential offenses committed by Neimod under Belgian law and the carrot representing a number of sweeteners that might be of interest to the hacker. If cooperation was achieved, Nintendo suggested it could refrain from filing a criminal complaint. It may also enter into a “bounty” contract with Neimod with payments made for finding and documenting exploits. Within certain parameters, his discoveries could still be announced to the public, allowing him to retain “bragging rights.” This could help Nintendo’s image, the company wrote. “If successful, Nintendo’s public image may be further bolstered as a modern, tech-savvy company, while hinting that hackers should be cooperative rather than aggressive with Nintendo in the future (in contrast to Sony’s missteps with George ‘geohot’ Hotz),” the document adds, noting that a trip to Japan to meet Nintendo’s hardware engineers might also prove attractive. Of course, significantly boosting public image long term is only possible when details of invasive surveillance operations stay out of the public eye. With the leak of the full “Hacker Enforcement Proposal” now in full swing (here, pdf), that will be just a little bit harder for Nintendo. On the other hand, it might also give hackers pause for thought. Or, indeed, drive them further underground. Source: TorrentFreak
  19. Nissan investigating possible source code exposure Nissan is examining whether source code for its North American division’s mobile apps, marketing tools and more have leaked online, the company said. “We are aware of a claim regarding a reported improper disclosure of Nissan’s confidential information and source code,” said a Nissan spokesperson. “We take this type of matter seriously and are conducting an investigation.” Tillie Kottmann, a software engineer, publicized the apparently leaked information earlier this week on Twitter and Telegram. They told CyberScoop the information came via a “severely mismanaged” server that had the username and password of “admin:admin.” “I was informed about the server by an anonymous source but acquired it myself and can thus mostly verify it,” Kottmann said via a Twitter direct message exchange. Kottmann said they also heard some ex-Nissan employees recognized projects there. Poorly configured servers are a common source of online data leaks, in recent months afflicting Razer, medical scans, hotel guests, dating websites and more. On Monday, Kottmann said the server exposed a broad range of data. RELEASE: Nissan North America Source Code Dump A COMPLETE dump of all git repositories from Nissan NA, most notably including sources for: – the Nissan NA Mobile apps – some parts of the ASIST diagnostics tool – the Dealer Business Systems / Dealer Portal (1/n) pic.twitter.com/ltDvg9blTB — tillie, doer of crime (@antiproprietary) January 4, 2021 Nissan Canada previously suffered a data breach in 2017. Kottmann, a Swiss IT consultant and developer, has previously publicized security shortcomings at Deloitte, Mercedes-Benz, Intel and elsewhere. The technology news site ZDNet first reported on the incident Wednesday. Source: Nissan investigating possible source code exposure
  20. Pirated Promo Screeners of ‘American Gods’ and Other TV-Shows Leak Online Unreleased episodes of several high-profile TV-shows including American Gods, The 100, Bless This Mess, and Knightfall have leaked online. The leaks appear to come from promotional screeners, some of which carry revealing watermarks. The pirate releases are sponsored by a Russian gambling site. Roughly a decade ago, new episodes of TV-series regularly found their way onto the Internet, before appearing on TV. These leaks were often linked to promotional screeners, which are generally sent out to reviewers and critics at the start of a new season. In recent years these TV-screener leaks have become rarer, but a series of pirated releases that have appeared over the past several days is one of the largest breaches ever. While the source is unconfirmed, all signs suggest that a serious security hole has been exploited. It all started when a new episode of The CW’s hit series “The 100” leaked online, weeks before the sixth season officially premieres. Soon after, a pattern started to emerge when three unreleased episodes of “American Gods” came out too. The leaked American Gods episodes show the typical hallmarks of a promotional screener. There is a clearly visible “For Screening Purposes Only” message popping up, for example, and the name “Jessica Silvester” is visible as a permanent watermark throughout the episodes. From one of the leaked episodes The name in question could point to the reviewer who received the screeners, or was supposed to at least. While the source of the leak has not yet been confirmed, the name matches that of a New York Magazine editor. Whether that’s the same “Jessica Silvester” is presently unknown. What we do know is that the leaks didn’t stop there. Advance screener leaks of other shows including “Bless This Mess,” “The Bold Type,” “The Act,” “The Code,” “Knightfall,” and “The Chi” followed (full overview below). In the case of the “The Bold Type,” which airs on Freeform, it’s clear that the review copies are for the press. This leak includes the first three episodes of season two, which starts this June. The Bold Type There are also two full and unreleased seasons of Starz’ “The Spanish Princess” and Hulu’s “Ramy” among the leaked files. Both series have yet to premiere. The leaks are from various production companies, distributors, and TV networks. The only clear pattern we see is that they all appear to be promo screeners. These are obviously not intended to show up at pirate sites, which the leak of the aptly named show “Bless This Mess” nicely illustrates. “For Review Only. Not for Downloading, Recording, File Sharing, Sale or Public Performance,” an embedded message reads. Bless This Mess Aside from the screener watermarks, there are other messages visible as well, pointing to the ‘Russian’ gambling site 1XBET. This name has popped up regularly in recent months as a “sponsor” of pirate releases. 1XBET promo in the leaked video Andrey Busargin, Director of Brand Protection at international cybersecurity outfit Group-IB, previously told us that casinos are increasingly teaming up with pirates to increase their revenues. “This scheme allows online casinos to generate leads, wherever a user watches a pirated copy and whatever ads are displayed on a website with pirated copies,” Busargin said. The name of the site is per manently visible throughout the various episodes, and there’s a promo code for a deposit bonus, in case any pirates want to take a gamble. The leaks are a major setback for the rightsholders as it will draw people to pirate sites. Whether author Neil Gaiman, whose novel American Gods is based on, will complain has yet to be seen. In 2011 he admitted that in some instances piracy had boosted his book sales by 300%. The big question that remains is the source of the leak, and whether the breach is a one-off or something more structural. — Here’s overview of the leaked screeners that have come out thus far: The 100, Season 6, Episode 1 and 2 American Gods, Season 2, Episode 5, 6 and 7 In The Dark, Season 1, Episode 1, 2 and 3 The Code, Season 1, Episode 1 The Bold Type, Season 3, Episode 1, 2 and 3 Bless This Mess, Season 1, Episode 1 Knightfall, Season 2, Episode 3 and 4 The Chi, Season 2, Episode 2, 3, 4 and 5 The Act, Season 1, Episode, 5, 6, 7 and 8 The Spanish Princess, Full Season Ramy, Full Season Source
  21. So small that it doesn’t require FAA approval An early retail listing on Newegg’s Canadian store has given us official images of DJI’s unannounced Mavic Mini, as well as listing its specs. DJI’s new drone is something of an open secret at this point. We saw an FCC listing for the drone back in August, and DroneDJ published hands on images just last week. But the retailer listing adds credence to those earlier leaks, and prices the diminutive drone at $646.15 Canadian dollars (around $494) when sold with DJI’s Fly More kit. One of the more important specs listed on Newegg’s page is the drone’s weight of just 249g. This means that any owners in the US (and soon the UK) won’t have to register this drone with the authorities in order to fly it. Previously, DJI’s lightest Mavic drone was the Mavic Air, which weighs 430g, far above the FAA registration cutoff of 8.8 ounces (250g). Both the retailer listing as well as images leaked earlier this month from DroneDJ show how it’s small enough to sit in the palm of your hand. DroneDJ notes that it has a similar width and height to a smartphone. Flight time is rated at 30 minutes according to the product listing (which corroborates with DroneDJ’s previous report), and recording resolution apparently tops out at 2.7K rather than 4K, which DroneDJ speculates is an attempt to stop the Mavic Mini from cannibalizing sales of DJI’s Mavic Air or Mavic Pro drones. You can find more pictures of the new drone over on WinFuture. The retailer listing doesn’t give any information about when the Mavic Mini might see a release, but with a DJI announcement set to take place at 9am ET on Wednesday, it sounds like we might not have long to wait. Update October 28th, 6:55AM ET: Updated with details of DJI event taking place on Wednesday. Source: DJI Mavic Mini images and specs leak in new retailer listing (via The Verge)
  22. zanderthunder

    Intel Frost Canyon NUC Details Leak

    Intel's tiny desktop PC gets 10th-gen Core i3, Core i5, and Core i7 processor upgrades. If you're looking for a tiny/budget desktop PC you can't go far wrong by choosing to buy an Intel NUC. It's worth holding off on purchasing one right now, though, as the next generation of NUCs just leaked. As Liliputing reports, the new Intel Frost Canyon NUC models are expected to be officially announced soon, but promotional images for the new tiny PCs have leaked via Chinese website Kgula. As the images reveal, it's hard to make the NUC look much different from previous generations. The key change for Frost Lake on the exterior is a USB Type-C port appearing on the front of the case as a replacement for one of the Type-A ports. It's inside where the most important change has happened, though. Intel is set to offer the short and tall NUC models again, with the short restricted to an M.2 SSD slot for storage, while the tall version adds the option of a 2.5-inch drive, be that an SSD or hard drive. Three processors will be offered in the form of the 10th generation Core i3-10110U, Core i5-10210U, and Core i7-10710U. The Core i3 offers two cores and four threads running at 2.1GHz (boosting to 4.1GHz), the Core i5 offers four cores and eight threads running at 1.6GHz (boosting to 4.2GHz), and the Core i7 offers six cores and 12 threads running at 1.1GHz (boosting to 4.7GHz). All three chips rely on Intel UHD Graphics rather than Intel Iris GPUs, which is a shame. The good news is, all three chips can be configured at either a 15W or 25W TDP, with 25W allowing for better performance. FanlessTech confirmed that these NUCs will be configured at 25W, so they should offer a noticeable performance benefit over the previous generation NUC line-up, with the one exception being the Bean Canyon NUC which used a 28W 8th-gen Coffee Lake Core i7 complete with Iris Graphics 655. It's unlikely this leak shows the complete line-up of Intel's next-gen NUCs. Don't forget we're already expecting an eight core Xeon Quartz Canyon NUC at some point. Source: Intel Frost Canyon NUC Details Leak (via PCMag)
  23. Google has fired an employee for leaking and sharing names and personal details of staffers to the media. Additionally, it has placed two other employees on leave for violation of company policies. The move comes amidst rising tension between employees and management. Workers have been unhappy with the way the management has dealt with sexual harassment cases. Last year, Google employees worldwide staged a walkout in protest of this. The search giant is currently investigating the employees who were placed on leave. A Google spokeswoman said that one of the employees looked for and shared confidential documents that were beyond the scope of their job. These documents relate to a new Chrome tool that Google has made mandatory for workers to install on their computers. Many employees have raised concerns about this tool as they believe it is being used by the management to spy on them. The tool automatically reports employees that create calendar meetings with more than 100 people or 10 rooms. The Google spokesperson said that the tool was aimed at keeping calendar spam in check; she said that the person was put on leave for accessing a wide range of company documents and not for opening or accessing just one file. The second employee was put on leave for tracking individual calendars of the staff working in human resources, communications teams, and community platforms. As per the Google spokeswoman, this tracking made the staff in these departments feel unsafe. Both employees had taken part in activism activities against Google's management for poorly handling sexual harassment cases as well as for working on projects like a censored version of the search engine for China. The investigation against them has angered many employees inside the company as they believe Google is punishing them for protesting against the management. They now believe that the work culture of Google is no longer as open as it was before. Previously, Google employees could access any of the company's internal documents on any of the projects. However, in a bid to reduce leaks to the media, Google's management cut down access to documents to thousands of contractors and other employees. Instead, access is now provided to employees or a group on a "need-to-know" basis. Source: Google fires an employee for leaking personal staff details to media, puts two others on leave (via Neowin)
  24. Images of what appears to be packaging boxes of AMD's upcoming third-generation Threadripper processors have leaked, and it seems like the company is set to continue the tradition of fancy-looking packaging for Threadripper CPUs. The leak indicates that the launch of Threadripper 3000 series processors is nearly upon us and in fact, Videocardz alleges that these, alongside the accompanying TRX40 chipset motherboards, may be launching as early as tomorrow. A previous report had mentioned a possible November 5 announcement which has evidently been pushed back. As reported earlier, the Threadripper 3990X is reportedly launching later with only a teaser awaiting us at the alleged launch tomorrow. Information on the pricing of these HEDT parts has still managed to elude us but we could expect to see some competitive pricing judging by AMD's past practices. Source: 1. AMD's Threadripper 3000 packaging leaked, allegedly launching tomorrow (via Neowin) 2. AMD 3rd Gen Ryzen Threadripper packaging leaked (via VideoCardz)
  25. Oops Microsoft has accidentally released an internal-only version of Windows 10 to testers, revealing a new Start menu design. The software giant has distributed Windows 10 build 18947, meant for internal Xbox development, to Windows Insider testers using 32-bit devices. It’s an internal-only build from the company’s canary branch, and yet Microsoft has published it to all Windows 10 testers whether they’re in release preview, fast ring, or even slow ring testing. Thankfully, it’s only released to 32-bit systems, which aren’t widely used, but it’s an embarrassing mistake for Microsoft’s Windows 10 testing efforts. This internal build appears to include a new Start menu design, that’s very early in testing, without Microsoft’s Live Tiles. It’s something Microsoft is testing internally, but it’s not clear whether Windows 10 will fully drop Live Tiles in the Start menu anytime soon. This new build also includes a GIF search tool within the emoji picker for Windows 10. This isn’t the first time Microsoft has made this mistake. Back in 2017 the company released internal versions of Windows 10 for PC and mobile, and caused some devices to enter a reboot loop. Microsoft quickly spotted the mistake, and helped affected Windows 10 users with a device recovery tool. Microsoft’s Windows Insider chief, Dona Sarkar, says the company is “looking into” this latest issue. We’ve also reached out to Microsoft for further comment, and we’ll update you accordingly. Source
×
×
  • Create New...