Thingiverse Data Leak Affects 228,000 Subscribers

Thingiverse, a website dedicated to sharing user-created digital design files, has reportedly leaked a 36GB backup file that contains 228,000 unique email addresses and other personally identifiable information, confirms Troy Hunt, creator of the Have I Been Pwned data breach notification service, citing the circulation of this data set on a popular hacking forum.

Read more…

All of #Twitch has just leaked, including its source code and user payouts

What just happened? A hacker appears to have leaked the entirety of livestreaming service Twitch, from the source code and user payouts to encrypted passwords. It’s recommended that all users change their passwords, enable two-factor authentication, and reset their stream key.

A 4Chan user posted the 125GB torrent link on the forum earlier today, saying it was to “foster more disruption and competition in the online video streaming space” because “their community is a disgusting toxic cesspool.”

Read more…

Hackers found a new way to store viruses in GPU memory

According to Bleeping Computer, cybercriminals have found a new way to hide malware in graphics cards memory. This method of utilizing graphics card memory instead of system memory is undetectable by the antivirus software, the original advertisement on hacking forums claims.

The malware uses graphics memory allocation space, from where the code is executed. The technology uses OpenCL 2.0 API on Windows operating system, no other systems are affected by the malicious code.

The hacker confirmed that the code has been tested on Intel UHD 620/630 graphics as well as Radeon RX 5700 GPU and GeForce GTX 740M and GTX 1650 discrete cards. It is unclear if other graphics cards are affected, but assuming that this method uses OpenCL 2.0, it is very likely to be compatible with other modern GPUs.

Read more…

Ashcon Mohseninia’s Rust-Based Open Vehicle Diagnostics Aim to Break the Manufacturer Stranglehold

Written in Rust, Open Vehicle Diagnostics aims to reach feature-parity with expensive manufacturer-specific ECU management solutions.

Undergraduate student Ashcon Mohseninia has released a Rust-based open source tool, created for a final year project at the University of Reading, designed to offer engine control unit (ECU) diagnostics: Open Vehicle Diagnostics (OVD).

“I know there are some open source diagnostic software suites out there that work on Linux,” Mohseninia writes of the project. “However they are focused on the ELM327 adapter and OBD2, whereas this is focused more on the more advanced diagnostics, essentially building a utility which could have feature parity to OEM diagnostics software such as Daimler’s Veidmao/Xentry/Das or VW VAG software.”

Read more…

PasswordPump v2.0 Can Manage Credentials for Up to 250 Accounts

The USB device is outfitted with a pair of removable EEPROM chips that store credentials using AES-256 encryption.

It’s not uncommon for most PC users to have multiple accounts and passwords for a host of different sites and applications. Trying to remember all of those credentials can be a pain or a downright disaster if passwords are forgotten, not to mention hackers could steal any sensitive information. To that end, the safest and easiest way to manage website passwords and other credentials are to store that information offsite, rather than locally or in the cloud.

Read more…