Data breach exposes trade secrets of carmakers GM, Ford, Tesla, Toyota

Security researcher UpGuard Cyber Risk disclosed Friday that sensitive documents from more than 100 manufacturing companies, including GM, Fiat Chrysler, Ford, Tesla, Toyota, ThyssenKrupp, and VW were exposed on a publicly accessible server belonging to Level One Robotics.

The exposure via Level One Robotics, which provides industrial automation services, came through rsync, a common file transfer protocol that’s used to backup large data sets, according to UpGuard Cyber Risk. The data breach was first reported by the New York Times.

According to the security researchers, restrictions weren’t placed on the rsync server. This means that any rsync client that connected to the rsync port had access to download this data. UpGuard Cyber Risk published its account of how it discovered the data breach to show how a company within a supply chain can affect large companies with seemingly tight security protocols.

This means if someone knew where to look they could access trade secrets closely protected by automakers. It’s unclear if any nefarious actors actually got their hands on the data. At least one source at an affected automaker told TechCrunch it doesn’t not appear that sensitive or proprietary data was exposed.

UpGuard’s big takeaway in all of this: rsync instances should be restricted by IP address. The researchers also suggest that user access to rsync be set up so that clients have to authenticate before receiving the dataset. Without these measures, rsync is publicly accessible, the researchers said.

The breach exposed 157 gigabytes of data—a treasure trove of 10 years of assembly line schematics, factory floor plans and layouts, robotic configurations and documentation, ID badge request forms, VPN access request forms. The breach even included sensitive non-disclose agreements, including one from Tesla.

Personal details of some Level One employees, including scans of driver’s licenses and passports, and Level One business data, including invoices, contracts, and bank account details.

The security team discovered the breach July 1. The company successfully reached Level One by July 9 and the exposure was closed by the following day.


Indie gem Stardew Valley will get multiplayer on August 1st

Stardew Valley, the popular indie farming simulator (it’s more fun than “farming simulator” makes it sound, I promise) is quite possibly the chillest game of all time. But, without any multiplayer aspect, it can get … a bit lonely. From farming, to fishing, to exploring mines, it’s always felt like a game that would be better with friends.

We’ll soon find out if that’s true. After about year of work has been put into the feature, the game will get cooperative multiplayer starting on August 1st.

There’s a slight catch: multiplayer will be limited to PC/Mac/Linux, at first. The trailer (below) says support will roll out to Nintendo Switch/PS4/Xbox One “soon,” but doesn’t get into specifics.

Multiplayer Stardew Valley will support up to four (4) players on the same farm, with all players sharing the same money and farmland. According to this page on the Stardew Valley fan wiki, groups will be able to tweak the game a bit to their tastes (specifically, they can scale things like profit margins and in-game item costs) to account for the added ease of having four players doing the work that was previously designed for one.

Stardew Valley is surprisingly in-depth for a game built primarily by just one person; while it’s published by a company, the vast majority of the work — from the pixel art, to the musical composition, to the programming — is done by Eric “ConcernedApe” Barone. By the beginning of this year, it was reported that the game had sold more than 3.5 million copies. GQ did a profile on Barone and how he built the game.

Barone clarified a few things on Twitter shortly after the trailer went live:

  • If you’ve already found your way into the multiplayer beta, there won’t be any major changes in the public releases besides a “few last-minute bug fixes”
  • While work on the console builds is underway, he doesn’t have any release dates in mind yet
  • No split-screen or shared screen co-op — if you want multiplayer, you’ll need your own device to play on

Trump's ex-Lawyer Cohen and Rev. Al Sharpton Meet 'n Tweet

President Donald Trump’s former personal lawyer Michael Cohen and the Rev. Al Sharpton have met to renew a long acquaintance – and they’ve made a point of letting the public know.

Both tweeted about their get-together Friday.

Longtime Sharpton spokeswoman Rachel Noerdlinger says Cohen recently contacted the civil rights activist, and they met at a Manhattan hotel for about an hour.

Cohen is facing an FBI investigation into his business dealings. He hasn’t been charged with any crime.

Cohen tweeted there’s “no one better to talk to!” than Sharpton.

Both men tweeted that they’ve known each other for about 20 years.

Noerdlinger says Cohen was Sharpton’s conduit to Trump during past clashes over race issues, and they revisited those conversations Friday.

Cohen hasn’t immediately responded to a message.

White House: Russia Call for Ukraine Referendum Illegitimate

The White House said Friday it “is not considering supporting” a Vladimir-Putin-backed call for a referendum in eastern Ukraine in the aftermath of President Donald Trump’s meeting with the Russian president.

Russia’s ambassador to the U.S., Anatoly Antonov, revealed Friday that the two leaders had discussed the possibility of a referendum in separatist-leaning eastern Ukraine during their Helsinki summit.

National Security Council spokesman Garrett Marquis said agreements between Russia and the Ukrainian government for resolving the conflict in the Donbas region “do not include any option for referendum.” He added any effort to organize a “so-called referendum” would have “no legitimacy.”

The White House announcement comes as it laid out the agenda for an autumn summit between Trump and Putin in Washington that would focus on national security. Moscow signaled openness to a second formal meeting between the two leaders, as criticism of Trump over his first session with his Russian counterpart continued to swirl.

A White House official said the next Trump-Putin meeting would address national security concerns discussed in Helsinki, including Russian meddling. The official did not specify if that meant Russia’s interference in U.S. elections. The official, who spoke on condition of anonymity to discuss internal planning, said the talks would also cover nuclear proliferation, North Korea, Iran and Syria.

Trump asked National Security Adviser John Bolton to invite Putin to Washington in the fall to follow up on issues they discussed this week in Helsinki, Finland, the official said.

A White House meeting would be a dramatic extension of legitimacy to the Russian leader, who has long been isolated by the West for activities in Ukraine, Syria and beyond and is believed to have interfered in the 2016 presidential election that sent Trump to the presidency. No Russian leader has visited the White House in nearly a decade.

The announcement of a second summit comes as U.S. officials have been mum on what, if anything, the two leaders agreed to in Helsinki during their more than two-hour one-on-one meeting, in which only translators were present. Director of National Intelligence Dan Coats revealed Thursday he has yet to be briefed on the private session.

The Russian government has proven to be more forthcoming.

“This issue [of a referendum] was discussed,” Antonov said, adding that Putin made “concrete proposals” to Trump on solutions for the four-year, Russian-backed insurgency in eastern Ukraine, which has killed more than 10,000 people. He did not elaborate on what Putin’s solutions would be.

The move may be seen as an effort to sidestep European peace efforts for Ukraine and increase the pressure on the Ukrainian government in its protracted conflict with pro-Russian separatists in the Donbass region.

Trump tweeted Thursday that he looked forward a “second meeting” with Putin and defended his performance at Monday’s summit, in which the two leaders conferred on a range of issues including terrorism, Israeli security, nuclear proliferation and North Korea.

“There are many answers, some easy and some hard, to these problems … but they can ALL be solved!” Trump tweeted.

In Moscow, Antonov said it is important to “deal with the results” of their first summit before jumping too fast into a new one. But he said, “Russia was always open to such proposals. We are ready for discussions on this subject.”

News of Trump’s invitation to Putin appeared to catch even the president’s top intelligence official by surprise.

“Say that again,” Coats responded, when informed of the invitation during an appearance at the Aspen Security Forum in Colorado.

“OK,” he continued, pausing for a deep breath. “That’s going to be special.”

The announcement came as the White House sought to clean up days of confounding post-summit Trump statements on Russian interference in the 2016 election. Trump’s public doubting of Russia’s responsibility in a joint news conference with Putin on Monday provoked withering criticism from Republicans as well as Democrats and forced the president to make a rare public admission of error.

Then on Thursday, the White House said Trump “disagrees” with Putin’s offer to allow U.S. questioning of 12 Russians who have been indicted for election interference in exchange for Russian interviews with the former U.S. ambassador to Russia and other Americans the Kremlin accuses of unspecified crimes. Trump initially had described the idea as an “incredible offer.”

The White House backtrack came just before the Senate voted overwhelmingly against the proposal. It was Congress’ first formal rebuke of Trump’s actions from the summit and its aftermath.

Asked about the Putin invitation, Alaska Republican Sen. Dan Sullivan said “I wouldn’t do it, that’s for damn sure.”

“If the Russians want a better relationship, trips to the White House aren’t going to help,” he added. “They should stop invading their neighbors.”

Mixed messages from Trump have increased worries in Congress that the White House is not taking seriously the threat that senior officials say Russia now poses to the upcoming 2018 midterm elections.

Democrats in the House sought Thursday to extend a state grant program for election security but were blocked by Republicans. There is $380 million approved in the current budget for the program, which is intended to help states strengthen election systems from hacking and other cyberattacks.

Democratic lawmakers erupted into chants of “USA! USA!” during the debate,

While Trump and Putin had met privately on three occasions in 2017, Trump opened the door to a potential White House meeting with him earlier this year. The Kremlin had said in April that the president had invited the Russian leader to the White House when they spoke by telephone in March. At the time, White House officials worked to convince a skeptical president that the Nordic capital would serve as a more effective backdrop — and warned of a firestorm should a West Wing meeting go through.

Still, Trump has expressed a preference for the White House setting for major meetings, including floating an invitation to Washington for North Korea’s Kim Jong Un after their meeting in Singapore last month.

Putin would be setting foot inside the building for the first time in more than a decade.

He last visited the White House in 2005, when he met President George W. Bush, who welcomed the Russian leader in the East Room as “my friend.”

President Barack Obama welcomed then-Russian President Dmitry Medvedev to the White House in 2010, and took him on a burger run at a joint just outside the capital.

Putin, in his first public comments about the summit, told Russian diplomats that U.S.-Russian relations are “in some ways worse than during the Cold War,” but that the meeting with Trump allowed a start on “the path to positive change.”

A Hairy Issue: Sailors Tell the US Navy, ‘We Want Beards’

Now that women in the Navy can wear ponytails, men want beards.

The Navy said last week that servicewomen could sport ponytails, lock hairstyles, or ropelike strands, and wider hair buns, reversing a policy that long forbade females from letting their hair down.

Servicemen immediately chimed in on social media, asking the Navy if they could grow beards. A sailor’s Facebook post with a #WeWantBeards hashtag was shared thousands of times.

Beards were banned in 1984. The Navy wanted professional-looking sailors who could wear firefighting masks and breathing apparatuses without interference.

The Navy says that’s still the case. Still, some hope the change in female grooming standards opens the door.

Travis Rader, a 29-year-old naval physical security officer, said allowing beards would boost morale for men, just like allowing ponytails and locks has for women. There are two things that would make many Navy men happy: beards and better boots, he added.

Rader had a 6-inch-long beard when he joined the Navy after high school.

“You take something away from somebody, and they want it more,” said Rader, a master-at-arms assigned to Tinker Air Force Base in Oklahoma City.

The Navy announced it was adding grooming options for women during a Facebook Live event. Many black women had asked the Navy to be more inclusive of different hair textures. The Navy had the standards in place because of safety concerns and to ensure everyone maintained a uniform, professional look.

Rader was one of several sailors who wrote in the comments section of the Facebook Live event to press for beards. Bill Williams, a 20-year-old naval information systems technician, commented too, asking why sailors can’t have beards if bearded civilian firefighters wear masks.

Williams said he thinks a nice, well-groomed beard looks very professional.

“It’d be great because I know that when I shave for multiple days in a row, it starts to really hurt,” said Williams, who works at the Naval Computer and Telecommunications Station Hampton Roads in Virginia.

Sailors can get permission to grow a beard for religious reasons or if they have a skin condition that’s irritated by shaving. Mustaches are allowed as long as they are trimmed and neat.

“Handlebar mustaches, goatees, beards or eccentricities are not permitted,” the policy states. The Navy isn’t currently considering changing that.

Safety continues to be the primary concern, said Lt. j.g. Stuart Phillips, a spokesman for the chief of naval personnel. He referenced a 2016 study by the Naval Safety Center, which concluded that facial hair affects the proper fit and performance of respirators.

Google joins Microsoft and others to make it easy to transfer data between services

Transferring your data between services can prove difficult, and that’s why the Data Transfer Project has been founded. Created by Google, Microsoft, Twitter, and Facebook, the service tries to make it easy for you to transfer your files between different services. You could import your photos from Microsoft OneDrive to Google Photos, for example. It’s not just Google, Microsoft, Twitter, and Facebook either – any company can get in on the action and add support for their own service. It’s entirely open source. The service is not quite ready for a widespread rollout yet, but it’s getting there.

So how does the Data Transfer Project work? It utilises existing APIs to initiate transfers between participating platforms, making it as easy as possible on the end user. This makes it feasible to try out other services and migrate your data easily, without having to make a commitment to a service and stick to it forever. The project is also great for those who may just want to back their data up on another service for safekeeping. It also aims to give you complete control over your files, giving you the ability to have them where you feel comfortable.

While it’s not officially released, companies can get going on implementing it for their services. It’s not quite ready for general usage, but there’s nothing stopping you from giving it a try anyway. Given its open source nature, individuals can contribute too! It’s a great solution to the continuing fragmentation of data-preservation services online. You can upload your photos to Facebook, Microsoft OneDrive, or Google Photos and there’s nothing holding you back if you want to move to another service. It’s not only photos though, it aims to be able to transfer all of your data. In the future, we could see it be the solution many have searched for in migrating their playlists to a new service, for example. There’s a lot of use cases once it truly takes off, and we can’t wait to see what becomes of it.

Source: Data Transfer Project
Via: Windows Central

Want more posts like this delivered to your inbox? Enter your email to be subscribed to our newsletter.

One Plus 6 India Launch: Check offers, deals, how to pre-book and much more

One Plus 6 India Launch: Check offers, deals, how to pre-book and much more

The launch of One Plus 6, one amongst the much awaited smartphone of the leading brand OnePlus, has been announced at an international launch event in London held on May 16. However, the smartphone will make an entry in India on May 17 with the sale kicking off from May 21 in an exclusive sale on the e-commerce website, Amazon India. The base model will be available at £469 making it approximately Rs. 42,900 in India.

Further, the OnePlus 6 India launch event concluded successfully in Mumbai and shall reveal its price for India. The mobile brand will also host other events in coming days across 8 cities in India.

Check out exciting Amazon credit card offers here

The features and specifications have already been released and demonstrated at the London event and OnePlus 6 is an incremental upgrade of OnePlus 5T. It also sets a competition for other premier smartphones like iPhone X and Samsung Galaxy S9+. The smartphone will also be available on OnePlus’ online store, OnePlus exclusive stores and other offline retail stores.

OnePlus 6 Full Specifications

OnePlus 6 comes as an improvement over its predecessor featuring new design outlook. The most prominent feature is the display competing with iPhone X-like and a Gorilla Glass 5 back panel. It is the first water resistant smartphone from the company. Check out the detailed specifications of OnePlus 6.

  • Display: OnePlus 6 has a 6.28-inch optic display with an aspect ratio of 19:9.

  • Processor Type: The smartphone runs on a Qualcomm’s Snapdragon 845 octa-core processor.

  • Camera: On the camera front, OnePlus 6 has a dual-camera setup with a 20-megapixel rear camera and 16-megapixel front camera. The combination of cameras supports optical image stabilisation, slow motion video recording at 480fps and electronic image stabilization.

  • Operating System: Under the hood, the smartphone operates on OxygenOS 5.1 based on Android 8.1 Oreo.

  • Connectivity: The smartphone is compatible for Android P public beta along with connectivity support to Bluetooth 5.0, Wi-Fi, and NFC.

  • Battery: OnePlus 6 is fuelled by a 3,300mAh battery.  

  • Lock System: The smartphone has a ‘Face Unlock’ system with an unlock time of 0.4 seconds and cubical rear fingerprint lock system with an unlock time of 0.2 seconds.

OnePlus 6 Offers: Idea, Amazon & more
Ahead of OnePlus 6 India launch, a number of offers have been announced by companies like India, Amazon and SBI. Check out the details of the same below.

Idea Cellular: The cellular company has some exclusive offers for the latest OnePlus flagship smartphone. Idea will offer Rs. 2,000 cashback for 20 billing cycles as monthly discount of Rs. 100 along with 50GB of monthly data. It will also offer free music, movies and games via Idea applications. Idea postpaid customers will enjoy device security and other benefits on Nirvana 499 plan. Its prepaid customers will get an additional 370 GB monthly data on recharge of Rs. 199. The cellular company is likely to announce VoLTE support for OnePlus 6 very soon.

Amazon: The ecommerce giant, Amazon has new offers for its online purchasers which have been announced ahead of its official launch in India. The OnePlus 6 sale would happen from May 21 through Amazon India. Shoppers making purchases through SBI debit or credit card will get Rs 2,000 discount on OnePlus 6 during the first week only. There will no cost EMI offers up to three months on select bank purchases.

Amazon Prime Video subscribers can avail gift cards worth Rs 250, while Amazon Kindle users will be entitled to receive discounts up to Rs 500. Further, OnePlus 6 customers can also get accidental damage insurance for a period of 12 months from Amazon.

Clear Lastly, the smartphone buyers can enjoy benefits up to Rs 25,000 on flights and hotel booking made through

OnePlus 6 pre-booking orders 

Talking of pre-booking orders, OnePlus has already started taking them via Amazon India from May 13 with last date being May 16. The customers who have pre-booked OnePlus 6 during the ‘Fast AF Sale’ will be entitled to receive an extended three months warranty (applicable from June 30) and cashback offer of Rs. 1000. Pre-booking customers are supposed to make a purchase of Amazon e-gift card worth Rs. 1000 for OnePlus 6.

The e-gift card, valid only for Amazon Prime subscribers, can be redeemed during the final payment of OnePlus 6 on May 21 and May 22 sale days. The cashback will be given back in the form of Amazon Prime Pay balance by May 25.


iGadgetware iGW

A Social Media and Cyber Security Expert. Love to write about latest technology and Gadgets.