Daily Archives: June 13, 2021

The Elephant Ethogram – Google Translate for Animals

Posted on by

The Elephant Ethogram is a uniquely detailed catalogue, or library, of the behavior and communication of African savanna elephants (Loxodonta africana). It is based on decades of ElephantVoices behavioral studies, photographs, and audio and video recordings, the referenced research of other elephant biologists, as well as professional and amateur footage made available to ElephantVoices. You can read more about how elephants communicate within this section of elephantvoices.org.

The Elephant Ethogram consists of written and referenced descriptions, video examples, photographic illustrations and, where relevant, audio recordings, of 404 Behaviors, 109 Behavioral Constellations and 23 Behavioral Contexts. There are close to 3,000 media files in the fully searchable Elephant Ethogram including approximately 2,400 video clips (May 2021).

[…]

African savanna elephants are among the most socially complex non-human species on our planet, but their lives and behavior are increasingly impacted by humans. The Elephant Ethogram aims to document the rich behavior and communication of this species, including rare, novel and idiosyncratic behavior, and those acquired, through social learning, in response to rapidly increasing anthropogenic threats. We intend The Elephant Ethogram to be a repository for scientific study and comparison, and to inspire broader interest in elephant behavior, conservation and welfare.

[…]

Source: The Elephant Ethogram

Internal data + games source code from breach CD Projekt Cyberpunk 2077 circulating online

Posted on by

Internal company data leaked during a February security breach is now being circulated on the internet, Polish video games maker CD Projekt (CDR.WA) said in a statement published on Thursday.

The attack, which compromised some of its internal systems including the source code to its much-hyped game Cyberpunk 2077, dealt another blow to the Warsaw-based business after the game’s launch was beset by glitches.

“We are not yet able to confirm the exact contents of the data in question, though we believe it may include current/former employee and contractor details in addition to data related to our games,” the statement said.

[…]

Source: Internal data from breach circulating online -CD Projekt | Reuters

Volkswagen says a vendor’s security lapse exposed 3.3 million drivers’ details

Posted on by

Volkswagen says more than 3.3 million customers had their information exposed after one of its vendors left a cache of customer data unsecured on the internet.

The car maker said in a letter that the vendor, used by Volkswagen, its subsidiary Audi and authorized dealers in the U.S. and Canada, left the customer data spanning 2014 to 2019 unprotected over a two-year window between August 2019 and May 2021.

The data, which Volkswagen said was gathered for sales and marketing, contained personal information about customers and prospective buyers, including their name, postal and email addresses, and phone number.

But more than 90,000 customers across the U.S. and Canada also had more sensitive data exposed, including information relating to loan eligibility. The letter said most of the sensitive data was driver’s license numbers, but that a “small” number of records also included a customer’s date of birth and Social Security numbers.

Volkswagen would not name the vendor, when asked. “We have also informed the appropriate authorities, including law enforcement and regulators, and are working with external cybersecurity experts and the vendor to assess and respond to this situation,” said a spokesperson, via a crisis communications firm.

It’s the latest security incident involving driver license numbers in recent months. Insurance giants Metromile and Geico admitted earlier this year that their quote forms had been abused by scammers trying to obtain driver license numbers. Several other car insurance companies have also reported similar incidents involving the theft of driver license numbers. Geico said it was likely an effort by scammers to file and cash fraudulent unemployment benefits in another person’s name.

[…]

Source: Volkswagen says a vendor’s security lapse exposed 3.3 million drivers’ details | TechCrunch

McDonald’s Hit by Data Breach – WSJ

Posted on by

McDonald’s Corp. said hackers stole some data from its systems in markets including the U.S., South Korea and Taiwan, in another example of cybercriminals infiltrating high-profile global companies.

The burger chain said Friday that it recently hired external consultants to investigate unauthorized activity on an internal security system, prompted by a specific incident in which the unauthorized access was cut off a week after it was identified, McDonald’s said. The investigators discovered that company data had been breached in markets including the U.S., South Korea and Taiwan, the company said.

In a message to U.S. employees, McDonald’s said the breach disclosed some business contact information for U.S. employees and franchisees, along with some information about restaurants such as seating capacity and the square footage of play areas. The company said no customer data was breached in the U.S., and that the employee data exposed wasn’t sensitive or personal. The company advised employees and franchisees to watch for phishing emails and to use discretion when asked for information.

McDonald’s said attackers stole customer emails, phone numbers and addresses for delivery customers in South Korea and Taiwan. In Taiwan, hackers also stole employee information including names and contact information, McDonald’s said. The company said the number of files exposed was small without disclosing the number of people affected. The breach didn’t include customer payment information, McDonald’s said.

[…]

Source: McDonald’s Hit by Data Breach – WSJ

Also Russia and South Africa may have been hit

How Hackers Used Slack to Break into EA Games

Posted on by

The group of hackers who stole a wealth of data from game publishing giant Electronic Arts broke into the company in part by tricking an employee over Slack to provide a login token, Motherboard has learned.

The group stole the source code for FIFA 21 and related matchmaking tools, as well as the source code for the Frostbite engine that powers games like Battlefield and other internal game development tools. In all, the hackers claim they have 780GB of data, and are advertising it for sale on various underground forums. EA previously confirmed the data impacted in the breach to Motherboard.

A representative for the hackers told Motherboard in an online chat that the process started by purchasing stolen cookies being sold online for $10 and using those to gain access to a Slack channel used by EA. Cookies can save the login details of particular users, and potentially let hackers log into services as that person. In this case, the hackers were able to get into EA’s Slack using the stolen cookie. (Although not necessarily connected, in February 2020 Motherboard reported that a group of researchers discovered an ex-engineer had left a list of the names of EA Slack channels in a public facing code repository).

“Once inside the chat, we messaged a IT Support members we explain to them we lost our phone at a party last night,” the representative said.

The hackers then requested a multifactor authentication token from EA IT support to gain access to EA’s corporate network. The representative said this was successful two times.

Once inside EA’s network, the hackers found a service for EA developers for compiling games. They successfully logged in and created a virtual machine giving them more visibility into the network, and then accessed one more service and downloaded game source code.

The representative for the hackers provided screenshots to help corroborate the various steps of the hack, including the Slack chats themselves. EA then confirmed to Motherboard the contours of the description of the breach given by the hackers.

[…]

Source: How Hackers Used Slack to Break into EA Games