AI filter launched to block Twitter cyberflashing

By John E Dunn

It seems strange to report, yet a small but determined group of Twitter users think it is a good idea to direct message (DM) pictures of male genitals to complete strangers.

Does this sound a bit like street flashing harassment in digital form?

It did to developer Kelsey Bressler after she received such an unsolicited image as a DM via Twitter last August. She later told the BBC:

You’re not giving them a chance to consent, you are forcing the image on them, and that is never okay.

Instead of shrugging it off, she and a friend had the idea of using AI pattern recognition to screen the pictures out before they were seen. But that AI still needed a set of – ahem – images to train itself on, which Bressler requested via Twitter.

Bressler has reportedly received over 4,000 pictures in response – enough to train the system to a state where it has just been released as a Safe DM service that anyone can sign up for.

Media site Buzzfeed tested Safe DM against a selection of images taken from Wikimedia Commons and found that it works well, albeit with a lag of a few minutes.

In tests, the filter blocked penises in a range of states, including full body shots and condoms and drawings. It even blocked examples that looked like a penis without being one.

Read more at https://nakedsecurity.sophos.com/2020/02/18/ai-filter-launched-to-block-twitter-cyberflashing/

IOTA shuts down network temporarily to fight wallet hacker

By Danny Bradbury

Popular cryptocurrency IOTA has temporarily shut down its entire network after a hacker stole funds from ten of its highest-value users.

IOTA is a cryptocurrency that uses an alternative to the conventional blockchain technology seen in assets like Bitcoin. Called tangle, it’s a ‘blockless’ network that the development team created with vast connected networks of small-footprint connected machines (the internet of things) in mind. Its advantages include fast verification of transactions and no transaction fees. However, for this network to operate effectively, it needs a system called the Coordinator to protect the network when the transaction volume is low.

On Wednesday 12 February, IOTA published a status update, explaining:

Currently the Coordinator is halted until further notice to investigate reported issues with stolen funds. We ask you to keep the Trinity wallet closed for now until further notice.

In a series of further updates, the team explained that the problem lay in a third-party integration with the desktop version of Trinity, a wallet that the company released in July 2019. The vulnerability apparently allowed an attacker to steal users’ seeds – digital keys that provide access to the wallet’s funds. The IOTA team published an updated version on Sunday to fix the problem.

The attacker had hit ten people that the IOTA team said were high-value clients, and may have intended to work their way down to clients with fewer funds, it said.

Read more at https://nakedsecurity.sophos.com/2020/02/18/iota-shuts-down-network-temporarily-to-fight-wallet-hacker/

Council returns to using pen and paper after cyberattack

By John E Dunn

Ten days after a suspected ransomware attack, residents of the English borough of Redcar and Cleveland must be starting to wonder when their Council’s IT systems will return.

The first public sign of trouble appeared on the morning of Saturday, February 8, when the following message appeared on the Council’s website:

The requested service is temporarily unavailable. It is either overloaded or under maintenance. Please try later.

The Council later confirmed that it had been hit with a cyberattack affecting its internal and external-facing IT systems, with the notable exception of property tax payments.

The Council is back to working from pen and paper and able to field only urgent emails and telephone enquiries. Council leader, Councilor Mary Lanigan, told the BBC:

Computers have been taken offline and systems are being rebuilt. We have a massive team here – including cyber-security experts – working around the clock flat out to get it fixed.

The Council hasn’t explained the nature of the cyberattack, but it’s quite possible that this is yet another ransomware attack of a type that has become a huge problem across the world. The UK’s National Cyber Security Centre (NCSC) has confirmed it is assisting the Council.

This is happening over and over again. In January, it was schools in California, in November it was a company managing 110 nursing homes in the US, and in September the city of New Bedford in Massachusetts – the latest in a long line of US cities hit by the plague of hijacking networks for money.

Read more at https://nakedsecurity.sophos.com/2020/02/18/council-returns-to-using-pen-and-paper-after-cyberattack/

Sensitive plastic surgery images exposed online

By Danny Bradbury

Researchers at VPN advisory company vpnMentor have found yet another online data exposure caused by a misconfigured cloud database. This time, the culprit was the French plastic surgery technology company NextMotion.

Established in 2015, NextMotion sells digital photography and video devices for dermatology clinics, concentrating on images including those that document the effects of treatment. Its proprietary software includes facial analysis and augmented reality tools, and also documents treatment plants, digital consent forms, treatment reports, quotes, and invoices. It reports selling its services to over 170 clinics in 35 countries. It has received investments of €1.58m, a million of which it raised last year in a single round.

The images are the contentious part here. According to a team led by vpnMentor researchers Noam Rotem and Ran Locar, NextMotion’s compromised database contained sensitive images of thousands of plastic surgery patients, uploaded via its devices and software.

There were almost 900,000 images in an Amazon Web Services S3 bucket, showing patients’ faces along with the parts of their bodies that had been treated. These images were often highly sensitive, showing patients’ genitalia and other body parts.

The French company was quick to clarify what hadn’t been exposed. In a press release on its site, it said:

These media are stored in a specific database separated from the patients’ personal data database (names, birth dates, notes, etc) – only the media database was exposed, not the patients’ database.

Read more at https://nakedsecurity.sophos.com/2020/02/18/sensitive-plastic-surgery-images-exposed-online/