The downstream attack stems from a malicious dependency that was inserted into PyPi with the same name as the one that ships with PyTorch nightly.
“Since the PyPI index takes precedence, this malicious package was installed instead of the version from our official repository. This design allows someone to register a package with the same name as one that exists in the third-party index, and pip will install its default version.”
The malicious package, called torchtriton, includes a binary file that, in addition to exfiltrating system information such as hostname, DNS configuration, username, and shell environment, also uploads the contents of /etc/hosts, /etc/passwords, ~/.gitconfig, ~/.ssh/*, and the first 1,000 files found in users’ home directories. However, the information is only exfiltrated when the user explicitly imports the triton package into their program, which reduces the impact of the attack and the ability for mass distribution.
Following the official disclosure, the alleged torchtriton maintainer said on its website that the package was not intended for malicious activity, Aks Sharma also reported on Twitter. Analyzing the attack for Bleeping Computer, however, Sharma also revealed that torchtriton used anti-virtual machine techniques as well as obfuscation to evade detection.
PyTorch maintainers immediately took action to remove torchtriton as a dependency and replace it with pytorch-triton along with a dummy package registered with PyPi to ensure the attachment would not recur.
]]>“The power shortage is here to stay. It may be in Europe today, but it’s definitely going to be a global problem that we have to deal with”,
said Sanjay Uppal, SVP and general manager of (SEBU) at VMware, in an interview with EE Times
VMware is working with cellular service providers (CSPs) and telcos to optimize services and reduce power consumption in data centers and cellular networks. Uppal believes these efforts will help alleviate the situation. However, “they are not quick fixes that you can do tomorrow,” Uppal said.
The continued deployment of 5G cellular networks will result in some reduction in power consumption, but only once autonomous 5G (3GPP Rel. 16 and higher) is deployed everywhere. In addition, data traffic is growing exponentially, already reaching 110 exabytes per month, according to the Ericsson Mobility Report. This increase in data traffic further increases the power consumption of the network and connected devices.
He believes VMware vSphere 8 will have a significant impact on power consumption, helping to consolidate workloads. These optimizing technologies, Uppal says, can result-in some cases-in up to 50% energy savings.
]]>
In its statement, the platform notes that these are the main concerns of today’s content creators and safety in the virtual space is a priority for Youtube.
Spam detection in the comments section is one of the main changes. The development team worked hard to improve automatic spam detection and in the first half of this year managed to get rid of 1.1 billion spam comments. YouTube uses machine learning models. The same goes for automated detection in the chat section during live broadcasts.
YouTube introduces a warning to remove and disconnect users who write offensive comments. The system will warn users when their comments are against community guidelines and remove their comments, and if the same user continues to leave offensive comments, they will receive a 24-hour ban.
In addition to all these changes, the system will give an estimate of when a newly uploaded video will complete its processing and be available in full resolution, whether it’s 1080p, 2160p or 4320p. This is an important detail for all content creators.
]]>“In order to be discoverable in Quick Add by someone else, users under 18 will need to have a certain number of friends in common with that person”
However, some other features and changes will be provided for parents in the next couple months. Those changes will give parents an opportunity to monitor some of their teens’ communications.
After the deaths of teens and young adults who were said to have bought fentanyl-laced drugs through Snapchat were examined, the application was forced to face a big backfire a couple of months ago.
Snapchat declared that it is working on identifying drug slang. Not only that but the company is now working with law enforcement in order to report potential cases. Snapchat stated that it will make big efforts in order to help with the fight against illegal online drug trade.
]]>A warning message showed up just before all the sites went offline. It reproduced both the Ukrainian flag and map being crossed out. A part of this message says:
“Ukrainians!…All information about you has become public, be afraid and expect worse.”
NEWS IN KYIV: Several Ukrainian government websites down due to a major a cyberattack. Below is the @MFA_Ukraine website now. It reads in part: "Ukrainians!…All information about you has become public, be afraid and expect worse." Sites of MOD and Education ministry also down. pic.twitter.com/3lbA06Q3Fl
— Christopher Miller (@ChristopherJM) January 14, 2022
Oleg Nikolenko, the foreign ministry’s spokesperson, said in a message to ‘The Guardian’:
“As a result of a massive cyber-attack, the website of the ministry of foreign affairs and other government agencies are temporarily down. Our specialists have already started restoring the work of IT systems and the cyber-police has opened an investigation.”
The attacks have been condemned by Nato’s secretary general Jens Stoltenberg and Josep Borrell – the EU’s top diplomat. The EU’s political and security committee and cyber units are planning to meet with the aim of deciding how to respond and to support Kyiv. He explained:
“We are going to mobilize all our resources to help Ukraine to tackle this. Sadly, we knew it could happen.”
According to him, it’s difficult to say who is the culprit and he will not blame anybody because at that moment he has no proof. Stoltenberg said that an agreement will be signed between Ukraine and Nato in order to give Kyiv access to Nato’s malware information sharing platform. Ann Linde, Sweden’s foreign minister, commented:
“We have to be very firm in our messages to Russia, that if there are attacks against Ukraine, we will be very harsh and very strong and robust in our response.”
The US Embassy in Moscow did not give an immediate response and did not comment on the situation.
]]>Cisco Talos revealed that it “detected malware samples in the wild that are attempting to take advantage of this vulnerability.”
Abdelhamid Naceri, who is a security researcher, tracked and discovered the thread called CVE-2021-41379. The elevation of privilege flaw affecting the Windows Installer software component was actually resolved as part of Microsoft’s Patch Tuesday updates for November 2021.
Naceri, however, found that it was not only possible to bypass the fix implemented by Microsoft, but also achieve local privilege escalation via a newly discovered zero-day bug.
The proof-of-concept (POC) exploit, dubbed “InstallerFileTakeOver,” works by overwriting the discretionary access control list (DACL) for Microsoft Edge Elevation Service in order to replace any executable file on the system with an MSI installer file which allows the attacker to run code with SYSTEM privileges.
So, what can the attacker cause to the system? Well, an attacker is given admin privileges, they could then abuse the access to gather full control over the system. He can download additional software, modify, delete or even delete sensitive information stored in the machine. Kevin Beaumont who is a security researcher tweeted:
“Can confirm this works, local priv esc. Tested on Windows 10 20H2 and Windows 11. The prior patch MS issued didn’t fix the issue properly.”
In Neceri’s opinion, the best course if action is now waiting for Microsoft to release a security patch for the problem as the latest variant of CVE-2021-41379 is “more powerful than the original one.” However, we still don’t know when Microsoft will act on the public disclosure and release a fix.
]]>In terms of its collision warning system for light rail vehicles, Bosch Engineering relies on components from automotive technology to actively reduce the expensive consequences of accidents or prevent them altogether.
High availability of light rail vehicles
The collision warning system for trams supports drivers in critical situations. When congested traffic or poor visibility conditions occur, the system warns the driver about obstacles on the rails in plenty of time. This lets drivers avoid accidents, or at least significantly limit the effects.
The system consists of a multi-purpose camera, a radar sensor, and a control unit. It monitors the track ahead and any possible obstacles in front of the vehicle in real time. It sends a warning to the driver once it detects a potential collision. Whether the driver responds too late or not at all, the collision warning system can initiate automatic braking.
Detecting critical situations
Life-saving Advanced Driver Assistance Systems’ multi-purpose camera monitors the track ahead and transmits the data in real time to the radar sensor. The radar is independent of weather and light conditions. Its sensor recognizes potential obstacles in front of the vehicle from a distance of up to 80 meters away. Considering the vehicle’s speed, the system uses the information to determine the danger of a collision.
In type 1 of the system, it determines whether the threat, which can be presented by an obstacle that warrants a visual or acoustic warning to the driver. Type 2 of the system sends a signal via relay output to trigger automatic braking, should the driver respond too late or not at all to the system’s warning.
]]>