Posts

Cyber security expert and Ethical Hacker needed for ongoing ID Theft, Harassment – Freelance Job in Information Security – Less than 30 hrs/week – 1 to 3 months

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


We already have a 6k digital forensic analysis of computer, phones. We have IP addresses and likely suspects. Our problem is that 1) my identity has been stolen and so I’m easy to find in databases- think cellular providers, ISP, banks, medical patient portals, government tax, soc sec. – anything with a database. I’ve had people call up companies and insurance providers pretending to be me and changing account info. They use their computers to access my accounts to change passwords- preventing me from banking or seeing a doctor. No matter if I choose att or Verizon or T-Mobile – they find me and my Apple ID. They have gotten past 2 factor. 2) The situation has now progressed into my work life – they have put malware on my work computer. Our understanding is that this started out as a personal  resentment due to an  inheritance issue but now the hacking, stalking, harassment has been handed over to professionals. The police have known about it for 2 years – now the County DA is looking into it – but I really have my doubts as to their ability to identify and stop these people. My ISP has written me letters from their legal department offering help – they know who’s doing it but they are shocked that no one has issued a subpoena for their records. This is what my husband and I need: a multilayered surveillance cyber security system. A VPN is not going to do it – the hackers ripped that protection off the computers and phones like it was nothing. These are persistent professional hackers getting paid for specific and targeted harassment. They never take any money even though it was there for the taking. Two years of account/data breaches but NO money was taken. While we wait and hope for the county da to investigate – we also have to get on with our lives. In addition to a new comprehensive cyber security system for our home, cars, phones – we would very much be interested in any reverse engineering or ethical hacking that Identifies the owners of 5 IP addresses – these addresses are within 3 miles of our home. The other IP addresses that were discovered in the digital forensic report are Russian.

Willing to consider multiple security solutions. Communication and…

Source…

Adversa AI Red Team Introduces Technology for Ethical Hacking of Facial Recognition Systems

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


The Adversa AI Red Team has performed a proof-of-concept attack on PimEyes, the most popular and advanced public picture face search engine.

FREMONT, CA: Adversa AI, a trusted AI research leader, has presented a novel attack method for AI facial recognition applications. It causes an AI-driven facial recognition algorithm to misidentify people by introducing subtle alterations in human faces. Compared to previous similar approaches, this method is portable across all AI models while also being far more precise, stealthy, and resilient.

The Adversa AI Red Team has performed a proof-of-concept attack on PimEyes, the most popular and advanced public picture face search engine. Clearview, a commercial facial recognition database sold to law enforcement and governments, is likewise similar. Unfortunately, PimEyes duped, and the CEO of Adversa was mistaken for Elon Musk in the photo.

The attack is unique because it is a black-box assault created without a thorough knowledge of the search engine’s algorithms. As a result, the vulnerability may get utilized with a variety of facial recognition engines. Because the attack allows malefactors to disguise themselves in various ways, we’ve given it the name Adversarial Octopus, a reference to the animal’s stealth, precision, and adaptability.

The existence of such flaws in AI systems, particularly facial recognition engines, could have disastrous implications and be utilized in poisoning and evasion scenarios like the ones below:

  • Hacktivists could cause havoc in AI-powered internet platforms that employ facial attributes as input for any judgments or further training. In addition, by changing their profile images, attackers can poison or bypass the algorithms of large Internet corporations.
  • In banks, trading platforms, and other services that provide verified remote help, cybercriminals can steal human identities and evade AI-driven biometric authentication or identity verification systems. In every case where classic deepfakes can be helpful, this attack can be even more subtle.
  • Dissidents use it to conceal their online activities in social media from police enforcement. The virtual world we now live in resembles a mask or a…

Source…

Stanford student who recovered $27,000 for ransomware victims talks ethical hacking


As a high school student, Jack Cable ’21 hacked the Pentagon through a government-sponsored program created to find bugs in Air Force security networks. Upon arriving at Stanford, he set up a bug bounty program and worked with large enterprises to secure their digital systems. In April, he hacked ransomware, saving victims over $27,000.

Certainly, Cable isn’t your ordinary student. In 2018, Time Magazine named him among the world’s 25 most influential teens. In his spare time, he consults for the Department of Homeland Security, working to secure election systems.

The Daily sat down with Cable to discuss his latest achievement: hacking the QLocker ransomware, work for which the Secretary of Homeland Security recognized him as a “tremendous example of how even a single person can make a huge difference.”

The ransomware, which Cable said likely originated from eastern Europe, locked victims’ files until they paid the hackers.

Cable first heard about the ransomware from a family friend whose computer was affected by the attack. The family friend, who is a physician, was ready to pay the requested 0.01 Bitcoin for the laptop’s release, as he had sensitive patient data on his laptop. 

When Cable heard about the incident, he tried his hand at cracking the ransomware. After trying an arsenal of techniques to crack the system, it came to him. 

“Thinking through some of the stuff I’ve seen with bug bounties — that people don’t consider all the edge cases — I tried changing a letter in the bitcoin address from lowercase to uppercase,” he said.

The subtle change immediately unlocked the files, fooling the system into thinking the victims had paid for their laptops’ release.

Cable took it a step further, tweeting that any others affected by the virus should contact him. He was able to recover $27,000 before the hackers fixed their vulnerabilities.

Cable has made a name for himself in the world of “white hat,” or ethical hacking, both in and out of Stanford. Stanford Chief Information Security Officer Michael Tran Duff wrote that Cable helped inaugurate the University’s bug bounty program, one of the first of its kind in higher education. The program…

Source…

Ethical Hacking & Computer Security MSc at Abertay