Tag Archive for: locate

Inside the cyber ‘war room’ where Israeli AI experts work to locate Hamas hostages


“I have not slept for almost two weeks now, but every time I start falling asleep I have pictures of the hostages on my desk that get me up and running again,” says Omri Marcus, who is heading one half of the Gitam BBDO “war room” in Tel Aviv.

This time two weeks ago, Gitam BBDO was not a “war room” at all. It was a leading creative agency based in the Israeli capital.

The day after Hamas launched its attack on the country, it restyled itself into what it calls a war room, made up of volunteers who have abandoned their day jobs to turn their efforts towards trying to rescue the 203 hostages the militant group captured and are holding across the border in Gaza.

The Gazan enclave is under Israeli siege with food, fuel and water access blocked off. The territory, often likened to an “open air prison” has been under Israeli bombardment since Hamas, the militant group which govern it, launched the attack on Israel in which the hostages were taken and civilians deliberately targeted to be killed.

The war room in Tel Aviv has two floors – one utilises the talents of creatives to build support for the hostages around the world, while the other is more practical. It uses face recognition tools and Artificial Intelligence (AI) to verify whether hostages are dead or alive, and pinpoint their last recorded location within Gaza.

(Photo: Gitam BBDO group)

Refael Franco took i through the process of tracking the hostages. The group collects data on social media usage within Gaza, with graphs showing the number of texts sent and app usage on the tracked phones – even down to the number of times particular emojis were sent.

Data collected from social media usage and photos and videos from the Gaza strip are then uploaded to a software called tag box, which links it to hostages using images of them provided by their families and the military.

Any matches detected are shared with the IDF’s newest unit – the task force for finding missing and displaced people.

Franco, who founded Code Blue, a crisis management company based in Israel and Germany and is the former head of Israel’s National Cyber Directorate, showed i how one hostage had been detected from a TikTok uploaded from Gaza…

Source…

Milton Argos Platform (MAP) 2.0 Helps Customers Locate Potential Exchange Attacks


BREA, Calif., March 9, 2021 /PRNewswire/ — Milton Security, a leading provider of Threat Hunting as a Service, XDR & MDR (MxDR) SOC Services, announced today the Milton Argos Platform (MAP) 2.0 is successful in locating potential Exchange Server attacks, including the four recent zero-day vulnerabilities that have been actively exploited on over 30,000 servers. The AI assisted threat hunting tool uses Artificial Intelligence and Machine Learning coupled with human expertise to detect, deter, and mitigate threats in real time.

The MAP 2.0 platform can analyze millions of security events every second which allows the highly-trained Threat Hunting Team at Milton Security to focus on the most relevant instances. The Exchange Server vulnerabilities allow cyberattackers to gain access to the admin controls in order to install additional malware or stealing data. These web shells are password protected remote interfaces with the purpose of allowing access from anywhere in the world.

The zero-day vulnerabilities impact on-premise Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019, however, Exchange Online is not affected.

  • CVE-2021-26855: CVSS 9.1: a Server Side Request Forgery (SSRF) vulnerability leading to crafted HTTP requests being sent by unauthenticated attackers. Servers need to be able to accept untrusted connections over port 443 for the bug to be triggered.
  • CVE-2021-26857: CVSS 7.8: an insecure deserialization vulnerability in the Exchange Unified Messaging Service, allowing arbitrary code deployment under SYSTEM. However, this vulnerability needs to be combined with another or stolen credentials must be used.
  • CVE-2021-26858: CVSS 7.8: a post-authentication arbitrary file write vulnerability to write to paths.
  • CVE-2021-27065: CVSS 7.8: a post-authentication arbitrary file write vulnerability to write to paths.

“Our team at Milton Security has been working closely with industry partners, including Microsoft, to understand the nature of these vulnerabilities, how they are being used, and where the attacks are originating from,” said James McMurry, Milton Security CEO. “Our clients entrust us to be efficient and effective when it comes to retro hunting and…

Source…

Hacker shows he can locate, unlock and remote start GM vehicles

A security researcher has posted a video on YouTube demonstrating how a device he made can intercept wireless communications to locate, unlock and remotely start GM vehicles that use the OnStar RemoteLink mobile app.

Samy Kamkar, who refers to himself as a hacker and whistleblower, posted the video today showing him using a device he calls OwnStar. The device, he said, intercepts communications between GM’s OnStar RemoteLink mobile app and the OnStar cloud service.

screen shot 2015 07 30 at 4.08.36 pm Samy Kamkar

Hacker Samy Kamkar shows how after hacking the OnStar mobile app, he’s able to use it to control a Chevy Volt.

To read this article in full or to leave a comment, please click here

Network World Security