University of Advancing Technology is an elite, private college that serves its student body by fostering knowledge creation and academic excellence in an environment that embraces the young technophiles of the world. With three centers of research and a suite of technology-centered undergraduate and graduate degrees, the University is a recognized leader in technology education.
This month, Dr. Mark Smith’s business and marketing students let their branded flags fly as they fought it out in a new brand wars challenge. The mission was not an easy one—students were required to create a solid logo, brand, and brand strategy that outshined the competition—in only 48 hours.
“Brand recognition is an extremely important aspect of any business no matter what the industry,” said Dr. Smith, UAT Professor and Program Champion of Business Studies. “Whether it's a personal brand or enterprise size organization, how people view your brand is essential for the overall success of your venture.”
To help students create real world application from what they’ve been learning, Dr. Smith came up with the idea for UAT Brand Wars. “Being able to think through a solid plan of action and placement of your brand is an important part of marketing and establishing yourself as a presence in your marketplace, he said. “Through this competition, students faced off against each other with their own company brand and marketing materials.”
The winner of 2020's Brand Wars was grad student Jeff Welch and his Grab the Axe Consulting firm. “Jeff submitted a very captivating marketing video depicting the various dangers for organizations and how they are there to remedy this,” said Dr. Smith. “He really sold his brand this way, and you will not forget his company name after viewing their material.”
View his video submission:
First runner up was Samantha Jaros and her digital marketing company setup. “Samantha submitted an amazing brand strategy and design for her marketing consulting firm Samantha Lee's Marketing,” Dr. Smith explained. “Her color scheme and logo were professional and really showcased who she is.”
Get started today! Apply at https://uatfastapp.com.
1. Use strong passwords on all of your accounts. Never reuse passwords.
2. Buy from reputable retailers and be cautious who is supplying your goods.
3. Use a tool like Eno from Capital One to obfuscate your credit card number.
4. Never use a debit card to make purchases.
5. Always use SSL. This is usually represented by a lock in the left-hand corner of the browser.
6. Do not fall for scams. Be cautious of ‘too good to be true’ deals and limited-time offers.
7. Just because something is "for sale" doesn't mean you are getting the best deal. Retailers often hike the price for weeks before dropping it to normal levels just before the holidays.
8. Keep receipts and pay attention to your credit card bills. Look for odd charges and be ready to dispute.
9. Watch out for technical support scams or offers to help you with shopping during the holiday season.
10. Don't tell people what you bought or post about expensive purchases on social media.
Be safe, and happy hunting! (Make sure to share any great deals...)
Aaron Jones, the lead Cyber Instructor at the University of Advancing Technology, is a software developer who currently creates applications for law enforcement. He is also an AZ POST certified General Instructor as well as a public speaker. He earned a B.Sc., in Computer Information Systems from Park University in 2013 and an M.A., in Intelligence Analysis with a focus in Cyber Security in 2014. He has been the recipient of recognition from the El Paso Police Department, State of Texas, Texas Military Forces, Chandler Police Department, and others.
Vertafore a company that provides insurance software services has disclosed a data breach in which a third-party got into the details of over 27.7 million Texas drivers. They believe the incident took place from March to August due to a human error where three data files were stored in an unsecured external storage service.
It is reported that the files were then removed from the storage it was contained in. Later on, in the investigation, it was discovered that someone else has accessed it without authorization. The data inside the three files contained info on driver's licenses issued before February of 2019 which was for its software solution. This data has Texas driver license numbers, names, DOB (Date of Birth), addresses, and vehicle registration histories.
Thankfully, it did not include any SSN (Social Security Numbers) or any financial account information. It appeared that the files were used for a rating system of the insurance software.
The insurance software company did notify the Texas Attorney General, Department of Public Safety, Department of Motor Vehicles, and Federal Law Enforcement. They are also beginning to notify those who had their information breached.
They did work with a security firm to see if the breach was due to abuse or misused but did not find any evidence of malicious intent.
"Although that firm did not find any evidence, to be considerate of all Texas driver license recipients and out of an abundance of caution, Vertafore is offering them one year of free credit monitoring and identity restoration services in recognition that these services offer valuable protection in other contexts beyond this event," (Vertafore, 2020)
Back in September, there was also an incident in Australia, New South Wales where the cloud storage folder which was hosted by Amazon Web Services that contained data of drivers. Of course, it contained information about their licenses and photos. The folder was apparently not properly secured.
They also had a phishing attack earlier this year which did compromise them as well. Though it seems lately government entities are having trouble with DLs (Driver Licenses) being leaked. Hopefully it won't become a more widespread trend.
A bug is another term for an insect, but in the world of computer programming, a bug represents a flaw in the programming. This could be a logical error making the program do something unintended or it could be a fatal error that crashes the program. There are many bugs in all of our programs today, but when computers were first invented the term 'bug' had not been coined. So where did it come from?
In the days of the Space Race, computers were critical in getting Man to the Moon. They calculated the amount of fuel that needed to be burned and the precise trajectories of the rockets they sent into space. These computers were cutting edge for their time, but they had less processing power than any modern day smartphone and they took up the space of entire rooms. Programming them was also a nightmare. It was very difficult and time consuming to program these room-sized computers.
One day, an error crept into the program and the computer was producing unexpected results. The programmers combed over their code again and again, but they could not determine where they had introduced the error into the program. They determined it must be a hardware malfunction, so they took the computers apart and found a moth in some of the memory banks. They figured out that this bug had been confusing the computer and sending signals to random parts of the program.
And thus, the first computer bug was a literal bug. From that time on, programming errors earned the nickname of 'bug.' Even though nowadays we don't get bugs nesting in our computers, we still get unexpected outcomes from the code we give them. Programmers don't have to squash literal bugs anymore, but the bugs in the program will always need to be squashed.
keywords: computer programming, computer science, history, programming, advancing computer science, software engineering, program, bug, error
Have you ever felt that Facebook or YouTube is reading your mind by giving you ads about things you've been thinking about? While it may feel that they are reading your mind, there are actually different tactics at play there which I won't get into here. But that begs the question, could we invent some sort of technology that can read your thoughts? Some researchers at the University of California, San Francisco believe they can.
Some epileptic subjects that already had electrodes implanted in their brains to monitor their seizures were used to train an artificial intelligence to read their brainwaves associated with speech and predict what they were saying. The subjects read some predetermined sentences out loud and the AI learned what words triggered what brainwaves.
After the neural network was trained on these sentences, the subjects merely spoke the sentences aloud and the AI was able to translate the brainwaves into whole sentences with less than 3 percent error. However, when the AI was told to translate one word at a time, the error rose greatly to 38 percent. This means that the AI is good at recognizing the patterns of words from the sentences it was trained on, but it is not as good at recognizing the pattern of each individual word spoken.
At the moment this technology is very limited. It requires a wired connection directly to a person's brain, and even then it is not very accurate even with only 250 words to look for. The researchers believe they will be able to increase the effectiveness of this technology with time. And there is a genuine use for this technology. There are people in the world that have had their entire bodies paralyzed, but they remain conscious. With this technology, a program will be able to read their thoughts and dictate them to the people around them. Thus allowing them to communicate with the world. But for now it is limited and we don't need to worry about people reading our minds.
keywords: AI, artificial intelligence, brainwaves, brain, HCI, human-computer interaction, neural network, machine learning, brain-computer interface, BCI
Something shocking and bizarre to the Cyber Security community has occurred. Russia has arrested a malware author, to give some context to this. Russia is normally very soft with hackers and rarely takes action against them.
The Russian Ministry of Internal Affairs states the suspect is a 20-year-old from the region of North Ossetia-Alania. They have been onto him since 2017 as they suspected he made several malware strains which later infected around 2,100 computers in Russia. The suspect also had help while operating his malware. It is believed he had six other accomplices to help distribute the malware which helped the group to earn about 4.3 million rubles which are around $55,000 USD.
Though Russian authorities haven't given too much info on the suspect other security researchers have. A malware analyst from CSIS Security Group, Benoit Ancel has twitted that they and other security groups have been tracking the suspect under the nickname of "1ms0rry."
Benoit Ancel back in 2018 worked with a team to see what 1ms0rry was capable of and their loadout:
1ms0rry-Miner: A trojan when installed on a system, starts covertly mining cryptocurrency for its author.
N0f1l3: Info-stealer trojan that can extract and steal data from infected computers. Capabilities steal browser passwords, cryptocurrency wallet configuration files, Filezilla FTP credentials, and specific files stored on a user's desktop a real nasty trojan.
LoaderBot: A trojan that can be used to infect victims in a first stage and then deploy other malware on-demand during a second stage which has gained a foothold on the infected system.
Benoit Ancel said 1ms0rry sold his malware strains on Russian-speaking hacker forums and that some of his creations were also eventually used to create even more powerful malware strains, such as Bumblebee (based on the 1ms0rry-Miner), FelixHTTP (based on N0f1l3), and EnlightenedHTTP and the highly popular Evrial (which shared some code with 1ms0rry's creations).
The security team's work in 2018 also exposed 1ms0rry's identity. Being a talented young programmer from the city of Vladikavkaz, who at one point even received praise from local authorities for his involvement in the cyber-security field. Unfortunately, he messed up this time. Allowing his malware to target Russian citizens in which Russia does not accept.
Russia has always ignored cybercrime as long these cybercriminals do no target Russians and Russian businesses. Even when US authorities have tried numerous times to get the Russian government to act.
Today, all major Russian-speaking hacking forums and black-market sites make it very clear in their rules that members are forbidden from attacking users in the former Soviet space, knowing that by not attacking Russian citizens, they will be left alone to operate undisturbed. Which is a safe haven for them, hence why many malware strains have been coded to avoid affecting Russian users. Yet 1ms0rry is now seeing as to why these rules are in place.
Cross-site scripting (XSS) has taken the cake in 2020 for being the most impactful vulnerability and thus the one reaping the highest rewards for ethical hackers this year for the second year in a row. This is all according to a list of Top 10 Vulnerabilities released on Thursday by HackerOne.
The vulnerability which enabled attackers to inject client-side scripts into web pages viewed by other users – earned hackers 4.2 million in total bug-bounty awards in the last year, with a 26-percent increase from what was paid out in 2019 for finding XSS flaws, according to the report.
Aside from XSS following on that list of top 10’s was information disclosure, Server-Side Request Forgery (SSRF), insecure direct object reference (IDOR), privilege escalation, SQL injection, improper authentication, code injection and cross-site request forgery (CSRF).
All in all, companies paid ethical hackers $23.5 million in bug bounties for all of these flaws this year, according to HackerOne, which maintains a database of 200,000 vulnerabilities found by hackers.
Attackers may use XSS vulnerabilities to gain control of online user’s accounts and steal PII, this includes passwords, bank numbers, credit card info, Social Security numbers and the like. While they account for 18 percent of all reported vulnerabilities, ethical hackers are actually underpaid for finding them, according to HackerOne.
“Indeed, even large tech companies who were historically resistant to being transparent about their product’s security protocols have warmed to the idea of awarding ethical hackers for their work. Both Apple (Links to an external site.) and ByteDance’s TikTok (Links to an external site.) rolled out public, award-based bug-bounty programs in the last 12 months.”
The University of Advancing Technology is a 100% STEM university, and that extends even beyond the traditional student population.
Nestled in the second floor of the main campus building, Perimeter83 is UAT’s one-of-a-kind corporate training and technology startup coworking space. But as a member of Perimeter83, there’s so much more available outside of the space. The coworking space is designed specifically for tech startups, with access to technology and services you won’t find in other places, including 3D printers, laser cutters, a robotics lab, and access to more tech talent per square foot than any other resource in Arizona. The concept of Perimeter83 is that startups and businesses have access to the entire UAT campus with flexible desk space (The Study), conference rooms, and dedicated offices.
Business Development Specialist Jacy Smith leads Perimeter83, bringing her own personal tech experience into the mix. “I myself was a tech entrepreneur,” said Smith. “After I exited from the company that absorbed mine, I wanted to take some time off, but was just browsing on LinkedIn one day to see what kinds of jobs were out there. I spotted this position and had already been working with UAT for the past 4 years through CodeDay. It turned out to be a great fit for me.”
Smith definitely fits right in with UAT’s community of technophiles, innovators and entrepreneurs, and she’s very excited about a brand new offering now available to UAT alumni. “Typically, individuals and startups sign up for memberships, but now, UAT alums can also sign up as members, while greatly expanding their options!” said Smith. Called the Expansion Pack, Perimeter83 is now bundling a discounted shared room in Founder’s Hall (including rent and utilities), Perimeter83 membership, and 5 meals per week in the café—solely available to UAT alumni, and with only a month-to-month commitment.
According to UAT Provost Dr. David Bolman, “The students have paid their dues and earned their degrees; UAT is now supporting their next step." All students that graduate from UAT are required to complete a Student Innovation Project (SIP) throughout their time in class. “This Perimeter83 Expansion Pack will provide extra time for graduates to get their SIP ideas market ready, as well as help kickstart the local tech ecosystem,” Dr. Bolman said.
In addition to all of the resources Perimeter83 has available for its members, there are also certificates offered through UAT in 12 different subjects, including cybersecurity, blockchain, app development, technology leadership and many others. Startups and businesses can also leverage student talent by contracting UAT for professional services, such as video game development, software development, and video production. It’s a low-cost alternative to developing and launching a new concept or minimum viable product (MVP).
Reserve your spot!
Visit https://perimeter83.com/alumni/ to get started.
Science does not at the moment truly understand why we dream or what dreams do for us. There are some prevailing theories such as random synapses in our brains firing as the brain shifts memory from short-term to long-term storage. Some believe that dreams are the brain's way of telling us what is causing us stress in our lives. But no one theory has been proven correct as of yet. However, science has progressed to the point that we can determine how we dream.
Using machine learning, an EEG (electroencephalography) machine, and an fMRI machine (functional magnetic resonance imaging), Japanese scientists have invented a rudimentary way of recording people's dreams. To do this, they first had test subjects fall asleep in the fMRI machine and then when they detected that the subject had entered the dream phase, the subject was woken up and asked to describe what they saw.
Using machine learning algorithms, they were able to use all the data they collected from their test subjects to be able to predict what a subject was dreaming about just based on their fMRI readings. They then grabbed images from the Internet to represent the various objects people could dream about and plugged those into the algorithm as well. This allowed them to play rudimentary videos of people's dreams just based on their brainwaves. The scientists found that their algorithm was correct about 60 percent of the time. Which is a lot higher chance than just guessing!
Not only is this a breakthrough in the field of dream and brain science, but this will allow other scientists to learn more information about the dreaming process itself. And all of this was made possible because of artificial intelligence. A computer program built to recognize patterns and learn. This shows the help that AI can be in any field, be it dream science or market analytics. Artificial intelligence is paving the path of the future.
keywords: dream, brain chemistry, MRI, fMRI, EEG, electroencephalography, machine learning, algorithm, artificial intelligence, AI, brainwaves, brain
As we pause in November to celebrate our veterans and active duty service members, we are proud to be a university that is founded by a veteran and fully supports our students who have served.
At UAT, all Admissions, Financial Aid, and Student Services Advisors are trained and devoted to aiding our military students as they navigate through their tech education. We checked in with Dominique Faulkner, an online, veteran student in Piedmont, Oklahoma, about his experience in this transition.
I was in the USAF, Missile And Space Electronics Maintenance 2MO31-A. I worked on the electronics on ICBM Missiles. With sensitive information I was unable to leave the country, so served all my time in the US.
After the service I decided I was going work for Boeing or Northrop Grumman. I was sadly mistaken when I had all the tech knowledge but no degree. So I spent about 5 years in the Mobile Electronics Industry and the following 9 years working in the Oil and Gas Industry as an Electronics Tech. The issue was the stability of the industry.
Last year I decided I wanted to get into college and earn a degree that would allow me to support my family regardless of industry flex. I always have ideas and inventions running through my mind. The problem is I did not have the expertise to create my thoughts or bring them to the market.
With an interest in all things tech, 3D printing, design, and the ability to turn my ideas into working prototypes was my niche. For these reasons I chose DMF. UAT was my school of choice as they are one of the only colleges in the US to offer DMF as a degree, as well as offer the program online. It was nearly impossible to find any schools that had offered both.
My experience has been great. The learning is great. The teachers and professors have been excellent. The staff have helped in many ways.
I would recommend UAT to anyone. Matter of fact my neighbor, a marine vet is going to UAT for Robotics and Embedded Systems, I recommended the school to him.
My advice is to find what you love and pursue it with everything you have. No matter how old or young you are, having the knowledge to make your passion a career is how life should be lived. I have struggled through life at times but now feel as if I have a real goal to achieve, make myself happy and be able to provide for my family.
Dominique Faulkner and his children.
At UAT, we appreciate the sacrifices our veterans, service members and their families have made for our country. UAT was founded by a military veteran in 1983. Our military student support services, online degrees and policies are aligned to the unique needs of our veteran and military students.
On Veterans Day—and every day—we thank you for your service!
Keywords: veterans; military; student support; tech degree; technology; service members; digital maker; active duty; online education; Air Force; student services; advancing tech education
Long ago, the most advanced robots were simple machines with one joint meant to do a single job in assembling a car. That is the very definition of a robot: a machine built to efficiently carry out a task. But we have long since moved past that. Most consumer robots still fit that definition very neatly though. Roombas were built to vacuum floors, and they do that quite well, but nothing else. Dishwashers were built to clean our dishes for us, and they do that quite well too (at least most of the time), but not much else. The really intriguing robots are the ones that can be configured to do multiple tasks or even very complex tasks such as searching disaster zones for survivors, loading and unloading pallets, and even using power tools.
Boston Dynamics has become pretty famous for their robot dog Spot, and their android Atlas. Both are capable of navigating treacherous terrain and carrying out tasks such as opening a door or carrying and operating equipment.
Another company has created an underwater submarine robot called Aquanaut that can switch between a high-speed cruiser and a half-humanoid robot that can perform underwater repairs or any other number of complex tasks.
These robots all sound amazing and they are great at what they do, but we are still a ways off from anything like the robotic world from the movie iRobot. But we are learning, and our robots are starting to learn too. By combining artificial intelligence with our robots, we will be able to create machines that can adapt very quickly to almost any situation. We have nanobots, walking robots, diving robots, talking robots, and drones, and the list keeps expanding.
Soon we will have robots that will do all the menial tasks that we don't want to do. Which will give us more time to work on more important things like making better robots. If you want to learn how to make those robots and make the world a better place, then take the Robotics and Embedded Systems program at the University of Advancing Technology.
keywords: robotics, robot, machine, machine learning, artificial intelligence, automation, android, embedded systems, drones
In a shocking display of poor management over 100 smart irrigation systems were left exposed online without any security or even a password. Which allowed anyone to access and mess with any of the water irrigation which was used for crops, trees, cities, and any building complex.
This clear example of what not to do was discovered by a security firm in Israel, Security Joes.
These systems were running off of ICC PRO designed by Motorola for agricultural use and as well landscape. Security Joes co-founder Ido Naor reported that these companies and city officials had these installed but left them on factory settings which don't have a password for the default account.
Anyone attacking the systems could have identified them with IoT (Internet of Things) search engines like Shodan. Once they did locate the ICC PRO system, they would just have to type the default username for the system, and boom they are in.
They'll have access to pause or stop the water, change settings, water quantity, water pressure, and even lock the systems by deleting the user. Honestly this sounds more like a prank to do in the park in the middle of summer. Yet it could be more dangerous as Israel is in the middle of the desert.
Security did identify that with the 100 ICC PRO systems almost half of which were located in Israel while the rest were in other places around the globe. Ido Naor notified the CERT in Israel which then contacted the companies who own these systems, Motorola, and shared the information with other CERT teams in other countries.
Thankfully Motorola sent an announcement to customers about the dangers of leaving systems on default without a password. Security Joes has stated that the number of exposed systems has gone down to about 78 as companies begin to securing their ICC PROs.
Back in April Israel did have attacks targeting water management systems to alter water systems in order to create water shortages in certain areas by emptying water reserves and causing outright civil unrest. To combat this the INCD Israel's cybersecurity agency has sent out nationwide alerts to have passwords changed for web-based management systems.
Friday, October 16 at 5:30 p.m., Professor Sharon Bolman kicked off the UAT 48-Hour PSA Challenge with a Zoom meeting to announce the secret subject of the Public Service Announcement (PSA). Once announced, participating students—working alone or in teams—had 48 hours to create a 60-second PSA, including the writing, filming, and editing of their final submissions.
The theme was chosen to combat cyber bulling, creating a PSA for cyber cheerleading. It’s common today to encounter cyber bullying, and the concept of cyber cheerleading is to shift the conversation. That doesn’t mean inflate each other’s egos, it means finding a way to encourage people to support each other online—essentially making a conscious effort to use the internet for good. Quite simply, if you see something bad happening online, you can be the one to bring the positivity. The overall goal is to instill good behaviors that will result in young people using the internet in a positive way.
"Cyber cheerleading was perfect," noted Professor Bolman. "It's a new concept so the students' creativity was the guiding force behind the PSAs. I love what they came up with!"
Although the subject matter was serious, the PSAs were allowed to be funny, smart, friendly, or sincere, and no film making experience was required. "This challenge was designed to be something any student could participate in but specifically plays into the hands of our Digital Video (DV) majors," said Professor Bolman.
On Sunday, October 18, UAT students presented their PSAs, and winners were chosen in 2 categories: Best Message (clarity of the cyber cheerleading meaning) and Best #TechRespect (showing off technology). Both winning teams were comprised of DV majors.
Tre Payne’s team won Best Message. “The people who worked on this project were Cristina Ahumada, Alexandra Raipe, Eddeja Watts, Jasmin Darden, Lucas Rattigan, and myself,” Tre said. “We know how hard it is to become a content creator on the internet, so we wanted to show that good feedback will give a person motivation and courage to keep trying and succeed,” he explained about their PSA concept. “Just small comments towards people you do not know can alter their entire day, even their lives. If we all do this, the internet will be a great, friendly, and positive environment for the years to come!”
Tre's Team PSA:
Joshua Velasquez’s team was the winner of the Best #TechRespect category. “I worked on this project alongside Bryson Moss, another freshman starting his first semester,” Joshua said.
Joshua described the PSA by sharing: “The video starts out with a guitar player being confident in wanting to play a song to upload online, but as soon as he gets situated in his room and takes a deep breath, in his head he feels like he’s on stage with an empty audience that gradually grows within time. That’s why he’s playing bad at first,” he continued, “because he’s nervous and can’t concentrate—the negativity then gets to him and brings him down—but once someone compliments him, he relaxes and starts playing better.”
Joshua Velasquez left, Bryson Moss right
“I wanted the message to be that yes no matter where you go, there’s always going to be someone out there online or even in person trying to upset you or bringing you down, no matter what the reason is,” Joshua said, “but our focus shouldn’t be on them, but rather the friends and community that keep cheering us on.”
Joshua's Team PSA:
Professor Bolman was really proud of the winners! “I love them both and am really pleased that they did such a good job with a difficult theme,” she said.
UAT welcomes you to share these PSAs and continue the conversation around cyber cheerleading to make the internet a safer, more welcoming place for all.
With technology advancing at rapid speeds, digital filmmaking and the creativity behind storytelling is evolving. Through UAT’s film production degree, Digital Video Bachelor of Arts, you will gain the ability to influence your audience to feel the emotions behind of your creative mind using the film industry’s most advanced technology.
Digital Video students produce polished and professional completed works through explorations of the aesthetic principles of visual storytelling and the mastery of industry-standard production and post-production tools. Students will learn applications in the diverse industries of film, television, animation, advertising and interactive content production. As innovations in digital image creation, post-production and distribution continue to become the new standards of this industry, graduates from this degree program will be uniquely positioned to apply new technological solutions to the task of delivering visual content to an audience.
More details are available at https://www.uat.edu/digital-video-degree.
Joker Trojan Recently a Malware by the name of Joker has surfaced to our eyes. This malware is specifically a trojan that not to long ago began targeting specifically android devices to steal SMS messages, contact lists and device information. The cybersecurity researchers at CSIS has affirmed that the Joker is one of the new types of malwares that is mainly targeting and putting android devices in danger. Not only will it steal information in also signs the victim up silently for premium wireless application WAP services. All possible plots divide into three separate ranges. Direct download, One-stage download, and Two-stage download. Direct download For this situation, the last payload is being conveyed through an immediate URL that is gotten from the command and control (C&C) worker. In this situation, the contaminated Google Play store application has the C&C address put away in the code itself with chain obfuscation. Subsequent to introducing it, the tainted application speaks with the C&C worker, and afterward it responds with the URL of a last payload. One-stage download Experts in this phase have observed that in order to recover the final payload, the infected Google Play app utilizes a stager payload. “That’s why the infected Google Play store app has the stager payload URL, that is encoded in the code itself and encrypted utilizing the Advanced Encryption Standard (AES). However, the main job of this stager payload is to retrieve the final payload URL from the code and then download it.” Two-stage download For this situation, the tainted Google Play store applications have two-stage payload downloads to recoup the last payload. That is the reason the Google Play infected application downloads the stage one payload, which downloads the stage two payload, that in the long run stacks the end Joker payload. Once the execution of stage one payload Is over, it then proceeds to download the stage two payload, and that is why the stage two payload shows the same performance as stage one payload.
As I wrote before a coalition of cyber-security organizations with Microsoft orchestrated a global takedown against TrickBot, which is the second-largest malware botnets.
Microsoft brought down TrickBot backend infrastructure in the first few days of the coalition's assault, and yet the botnet survived, as TrickBot operators brought new command and control (C&C) servers online in the hopes of continuing the bot's operations of malware for service and other cybercrime schemes.
Yet TrickBot continued to fight back against the coalition of tech companies but Microsoft promised to continue their campaign against TrickBot and the crew behind it for the weeks to come.
Microsoft has confirmed their second wave of attack stating that it has slowly been chipping away at TrickBot's infrastructure over the past week and has successfully taken down 94% of its C&C servers. Even the original servers that were originally targeted any new servers as well that has come up online.
"From the time we began our operation until October 18, we have taken down 120 of the 128 servers we identified as TrickBot infrastructure around the world," (Tom Burt rep. of Customer Security and Trust at Microsoft)
Burt states that Microsoft brought down 62 out of the 69 TrickBot C&C servers as well 58 out of the 59 servers TrickBot tried to bring online after the first initial takedown.
The seven other servers that were online and could not be taken down in the first wave of attacks was Internet of Things (IoT) devices.
The main reason Microsoft didn't pull the plug on these systems is because they weren't located inside web hosting companies and data centers. But Microsoft is planning to pull the plug on these IoT devices as they need to work with the ISPs (Internet Service Providers) behind them.
Microsoft's swift second wave takedown to TrickBot's server infrastructure was accredited to the company's lawyers, which their quick response to the second wave by requesting new court orders to have these new servers taken down within days.
As of right now TrickBot and its botnets are still alive and active but has taken another blow. Yet even with just a few C&C servers online it still allows the TrickBot crew to keep control of the botnets.
Intel 471 a cyber security firm has said that these last few TrickBot C&C servers are in Brazil, Colombia, Indonesia, and Kyrgyzstan.
Whether or not Microsoft's campaign will purge TrickBot off the planet is up in the air. But Microsoft plans to continue till the US Presidential Elections is done on November 3rd.
Microsoft goal is to make sure TrickBot is unable to rent access to the botnets to other cybercrime crews which TrickBot has done numerous times before. As they fear that a ransomware crew may want these botnets to disrupt the election by targeting the systems that directly or indirectly correlate with the elections.
TrickBot crew even while under heat by Microsoft has partnered with Emotet another botnet that I have reported on in the past. Both crews have been busy causing more infected victims.
3D printing is a actually not a new technology. 3D printing was invented in the 1980's by Chuck Hull. And the first 3D printed object was an eye wash cup. However, back then this technology could only be found in labs and was not available to the public. The 2010's saw the rise of the most popular form of 3D printing today, which is called filament deposition modeling (FDM), which takes a strand of plastic filament and melts it into a 3D shape. Its popularity is due to how much cheaper it is to operate these printers instead of printers that use metal and lasers.
Today entire companies base their business off various 3D printers. Some print airplane parts, others print motorcycle prototypes, but all are very happy with how quickly and efficiently the 3D printers work for them. 3D printers are becoming widespread and cheap enough to have them in many people's homes.
3D printing has enabled production to quicken its pace in many industries and even causing UPS to change its business model. 3D printing allows companies to produce products far closer to the end user so they do not need to be shipped long distances. 3D printing also allows companies to produce only as many products as are needed, it is far less likely that they will have a larger quantity of products than they need. It allows companies to send individual orders to individual customers, and this helps UPS increase its business because of the increase of individual shipments.
This is an example of how a single innovation can have many different ramifications for the world at large. These are the kinds of big changes we want to cause in the world, and we want to change it for good. It's time to make something new and create the change in the world that we want to see.
keywords: 3D printing, FDM, filament deposition modeling, history, innovation, change, business, industry, production, mass production
A group of tech companies formed together a coalition to make a coordinated effort to break the back-end infrastructure of the TrickBot malware botnet.
Some of these tech companies included organizations from Microsoft's Defender, ESET, Broadcom's Cybersecurity Division Symantec, FS-ISAC, Lumen's Black Lotus Lab, and NTT. To hit the infrastructure and malware modules.
This coalition has been spending months collecting over 100,000 TrickBot malware samples to analyze the content inside, extracting it, and sniffing through information about the Malware workings as well the servers the botnet used to control infected computers. After all the information is gathered Microsoft went to court and asked before a Judge to be granted control over the malware Trickbot servers.
The Judge approved and allowed Microsoft and the other organizations to disable the IP addresses, make the command and control servers inaccessible, disable all services to the botnet operators, and made sure any TrickBot member was unable to buy another server.
TrickBot has had over a million infected systems. Being the second biggest botnet since it started in 2016 from humble beginnings as a banking trojan then turn into a business model for Malware as a Service (MaaS)
Yet even being a successful takedown TrickBot was able to be brought back online. Activity picked back up after it's temporarily shut down. This is not the first for a Botnet to be taken down only to be put back online.
Even with it being brought back up it does setback the malware operations quite a bit. It adds costs for them to get back their infrastructure and of course the botnet being offline. It could also play another role in damaging the reputation in the cybercrime world by showing that the botnet is not safe from the coalition. Making it where customers show that it's not as worth all the fees they pay.
Another positive showed that with Microsoft's legal team. The approval of the Judge to show that TrickBot was violating against Terms of Service (ToS) and allowed Microsoft to use full force against the botnet which may prove valuable for future takedowns on other botnets.
Erin Ali is a 2007 graduate of UAT, and somewhat of a legend. From Student Showcase Organizer to Co-Ed Softball player, she made her mark during her time on campus, and continues to do so in her gaming career. Erin has worked at Blizzard Entertainment and Twitch, and she is currently the Senior Producer for Forza Motorsport by Turn 10 Studios.
Dr. David Bolman, UAT Provost, said that Erin is—simply put—awesome. “The thing about Erin, which has been true about so many top tier UAT grads, is that they first gained notice by being so engaged on campus,” Dr. Bolman said. “Erin was a leader in student government and inserted seeds of ideas into many of the traditions that continue today. She worked as a student-staff person all over the building, and so we became accustomed to seeing her and talking about her goals and ideas. Towards the end of her time at UAT, the experiences she cultivated led her to being hired as a student to work on a "triple A" massive multiplayer online
(MMO) project, and that’s very rare, and very impressive. What she learned there launched her into a career in the game industry that covered some of the most well-regarded companies out there.”
Dr. Bolman also notes that Erin is a great influence for women in tech. “She is a voice for women in the industry and speaks to it when she returns to campus every year or so to speak to current students. When she is on stage in the UAT theater, I see someone who is every bit as smart and enthusiastic about tech and game studies, but also has learned enough through her career to be completely confident in her ideas and perspective. What I love most about this, beyond the joy of seeing Erin happy in her career, is that she leans in and tells the current students that finding their own values and creative voice is one of the best things you can do with your life.”
We asked Erin if she could share some of her insight into the world of gaming, and she took the time to share many great pieces of career advice. Read on to find out more about Erin and how she turned her transitioned from a successful student to a thriving game producer!
When in high school, I was big into Electronic Gaming Monthly and Official PlayStation Magazine. At the time I wanted to be a journalist in games, but had never really considered making them. It didn’t really feel like something I knew I could do.
I recall getting a mailer about UAT (as I grew up in Arizona) and had decided to check it out with my Dad. Once I realized I could explore getting into game development, and after checking out the school at an info session, I had decided UAT would be a good fit for me.
My BA from UAT is in Multimedia. I can’t entirely recall what classes tied to my BA, but I can say while at UAT I tried a lot of different things to help my future, a lot of which UAT supported.
My first goal at UAT was to first figure out what I wanted to do in games. I took programming, animation, web design, and it wasn’t until roughly junior year of college that I realized production was what I wanted to do.
I sought out ways to get as close to job experience as I could by joining student led projects. I was the Web Admin on the Counter Organic Revolution Mod and became a Modeler for CiTAGA.
Outside of my studies, I also tried to find ways to network. I attended UAT’s Tech Forum and engaged with some of the speakers. I worked at GDC as a Conference Associate so I could attend GDC and meet others. I don’t think networking for me at the time was very intentional, I was more or less looking to meet cool people in the industry and make friends. What I ended up with was some strong connections to people who eventually did refer me early in my career.
Erin's COR Team at UAT.
For almost every job I’ve landed in the industry, it started with being a referred candidate (which before started with making friends and connections in the industry). That means someone I knew who was comfortable referring me to their company sent my information through internal employment channels to refer me as a candidate for the position. Cold applications for jobs can be successful (I’ve done it once before), however I’ve found with some companies the best way to get a shot for an interview is a referral.
For my first job, I actually applied through the UAT Industry Career Services team. They had a posting for an Assistant Producer, and I worked with the UAT Career Services Coordinator to get my application in. It was like a referral as I went through ICS, so maybe all the positions I’ve landed started with referrals, haha.
After landing the interview, a lot of it is about preparation:
⇒ I researched the studio and titles to feel better prepared. For some titles in my career I hadn’t played them, so I made sure to play them in advance for perspective.
⇒ I looked up my interviewers on LinkedIn to get a sense of their histories and tenure within the company.
⇒ I keep a list of questions to bring to the interview. Some of them are tailored to specific interviewers and a few are to be asked in every interview I’m in. I like to get different perspectives from various employees in the company, and using a question where you can gauge answers to the same question can give you an idea of things across disciplines, teams, or levels.
Seeing the enthusiasm our team has for supporting each other. When we get together to review our past month of work or to present on something we did, people care. They celebrate big and small wins. For me it’s usually about the team first.
Working from home presents pros and cons on its own, just like working only from the office, and you find ways to adjust to them. For example, working from home means we aren’t commuting to the office or needing to transition between meetings from one room to another. It can be easy to fall into a trap of now having even more meetings in a day because we’re not commuting. We have been going through trial and error for what has worked for our team as a whole and among our smaller teams. We recognize a lot is going on right now though so our meetings may have dog barking, kids running around, etc. We all take it in stride and know everyone is trying their best.
Some other WFH considerations:
⇒ Communication tactics may not work as well as they did when in the office, so you have to find ways to adjust.
⇒ People at home are also dealing with being with family, kids, dogs, etc. We all are practicing empathy with each other for what it means to have to miss meetings, having loud interruptions on calls, etc.
We are still working from home.
While I figured out that I wanted to be a Producer late in my time at UAT, I have spent my entire career finding who I am and what I want to do and should do. Please remember you don’t have to have it all figured out by the time you are interviewing for your first job in the industry. Just start somewhere, and be open to opportunities you may never have thought you’d go for.
⇒ Had I not spent time working on teams like Blizzard’s Billing Engineering team for Battle.net, I wouldn’t have realized how good I was at, or how much I enjoyed working on problems that impacted all games at a global scale.
⇒ By working as a Product Manager at Twitch, I learned how to focus on my customer and think about tough decisions, about how to be more intentional in how I was player/customer-centered.
⇒ Over time I have figured out what I don’t like and what I do. Every job is a shift, even if it’s sometimes small.
Asking questions solves so many things — it was something my tech director in my first industry job encouraged me to do. It has helped me learn things I didn’t know. I’ve been able to diffuse tense conversations with them. Other teammates in the room felt better knowing I asked something they too had questions about.
When used with good intent, questions have always been a go-to tool for me. Be curious, be open to learn and know that if you have a question in the room, it’s very likely someone else does too. 🕹️
Learn more about degree options for the gaming industry!
Email an advisor at email@example.com to get started!
Stefani Johnson, Data Manager at the University of Advancing Technology, has just started working on two master's degrees, one in Technology Leadership and one in Cybersecurity. We asked her to share her experiences as a student, why she chose to pursue an advanced cyber degree, and her advice for future tech students.
Although I found a passion for cybersecurity, my background includes mostly administrative work and data management. Currently, I have been working for the University of Advancing Technology (UAT) for around 5.5 years. My main key performance indicators (KPIs) include data integrity, Customer Relationship Management System (CRM) admin, and process documentation and improvement. I am fortunate enough to have the ability to relate everything that I am learning in my cybersecurity courses directly into my current position!
You can view my LinkedIn at https://www.linkedin.com/in/stefani-johnson-5091b3133/.
Once you step foot upon the UAT campus, you immediately feel the excitement and comfortability that UAT provides. UAT has been more than just a career or university for me, they have been a family. The faculty team provides me the tight-knit, mentorship, and project-focused education that I thrive in. I learn best visually and by actually getting my hands on the tech, project, process, whatever it is. In fact, within just the first few weeks of the UAT cybersecurity program, I had created an entire factitious information technology (IT) department with mission, value, and goals for certain time periods. The IT department included an organizational chart with roles and responsibilities, cyber laws relating to the industry, basic Business Continuity, Disaster Recovery, and Incident Response plans, as well as in-depth security structure. I even had laid out an entire interview process including questions, qualifications, industry-respected certifications and more. Keep in mind, I had no more than 2 prior cyber courses in my undergraduate, nor much exposure to any of this before. I could not imagine attending another university that could provide me not just the information but the comprehension and real-life skills I am learning now on a daily basis.
The advice I wish I had, or better yet, had listened to is to push past your fear and preconceived limitations. My educational journey has not been typical. I graduated high school early, did not start my undergraduate program in UAT’s Business Technology program until 7 years later, and then the graduate program at almost 30 years old. I was initially afraid of returning back to school after many years, and within a year of my undergraduate program, I felt completely invigorated with the passion and drive as I saw my skills as a student, employee, and technical worker skyrocket. If I would have given in to my fear of returning to school after so long, I would not be where I am today, and my journey is nowhere near completion.
After receiving my Bachelor’s, I was determined to continue my educational journey at UAT. However, the choices weighed heavy on my heart. Do I continue in the familiar path of Technology Leadership or venture out and face my fear of something completely foreign? Could I even succeed on a new path with limited knowledge? After much consideration, I decided to do both! I decided to be ambitious and work towards obtaining two master's, one in Technology Leadership and one in Cybersecurity, in under a year and a half. Since the courses at UAT are billed per semester, or per module, there is no reason to not double the efforts. Knowing what I do now, I am confident in my decision. Thanks to the support I have among my faculty, coworkers, and family, I was able to push past my preconceived notions of what was obtainable.
Not so long ago, I was fearful of the thought of trying something unfamiliar, and now my career ambitions have completely changed. Since beginning the Cybersecurity program, I have spent over 10 hours per week doing extracurricular research, just to learn as much as I can. I plan on taking everything that I am learning and directly applying it to my current position as I move more to the IT path. I plan to use both my Cybersecurity and Technology Master’s Degrees towards a managerial position within IT in the future.
Instead of writing a Graduate thesis at UAT, we are required to complete a portfolio and G-SIP, aka Graduate Student Innovation Project, before completion. Each final you do in one of your major-specific courses directly relates to one or more of the pre-determined portfolio objectives. If you attend UAT, it helps to be focused on these from day one. Employers will want to see that you one – have a respected degree in your industry, two – have the expertise to succeed, and three – have the passion and determination for your craft. Focus on the projects you are incredibly proud of and spend extra time fine-tuning it as portfolio pieces. Upon graduation, you will have a a professional, meaningful portfolio to present to potential employers.
It is important to be cognizant of our perception of cybersecurity. The word hacker has such a derogatory stereotype. Yes, there are malicious attackers that are stealing and selling information and holding companies hostage to ransomware. There are also hackers working diligently to protect our information, data-privacy, even our economy. One of my first assignments was to watch and analyze The History of Hacking. I highly recommend watching this short documentary that provides prospective on how hacking originated with phones to Wozniak creating the personal computer to the implementation of cyberlaws.
Watch from YouTube now:
UAT’s cyber security degree programs and cyber security lab are recognized by industry and government entities alike for their ability to help generate the future innovators of the cyber security industry. We focus on creating true leaders who will have mastery in ethical hacking and uphold the highest industry standard of integrity in our quickly evolving world of cyber security tech and online security.
Leading cyber security education in the southwest, University of Advancing Technology (UAT) is marking 15 successful years since the inception of its elite Network Security degree program. As one of the longest-running cyber security degrees in the southwest, our complete continuum of undergraduate and graduate cyber security degrees have helped prepare more graduates with a NSA and CAE-credentialed education than any other university’s cyber security program in the southwest.
Our prestigious cyber security degrees include the undergraduate Network Security, Network Engineering, and Technology Forensics, and the elite Graduate degree in Information Assurance transporting graduates to the leading edge of industry.
The United Nations International Maritime Organization (UN IMO) announced that they had a security breach during the past couple of days. The agency characterized the attack as a "sophisticated cyber-attack" that targeted its IT systems.
International Maritime Organization is a United Nations organization that issues international guidance on shipping, passenger ships, maritime security, and maritime environmental protection. It's a very vital organization in the international rulemaking scene, which often sets international policies regarding the entire maritime sector.
The incident impacted the Maritime Organization public website and web-based services, the UN agency stated in a public report.
"Email systems, its virtual conferencing platform, along with other internal and external collaboration platforms, were unaffected." a UN spokesperson said. Systems that were affected have been taken down and over the course of a couple of days were restored.
The UN agency also stated that the attack "overcame robust security measures" which were in place to protect the affected IT systems.
The UN agency also disclosed that "The IMO Headquarters file servers are located in the UK, with extensive backup systems in Geneva. The backup and restore system is regularly tested," statement to reinforce that the attack was an advanced one to breach into UN systems.
"Following the attack, the Secretariat shut down key systems to prevent further damage from the attack. The Secretariat is working with international security experts to restore systems as soon as possible, to identify the source of the attack, and further enhance security systems to prevent recurrence."
It is uncertain if the United Nations International Maritime Organization was hit by some sort of ransomware, malware, or its website was used for a watering hole attack. Which this type of attack where hackers host malicious code on the Maritime website to potentially trick members of the organization and visitors into downloading malware which would infect their system.
The United Nations as a whole has many sub-organizations within itself that play a vital role in the international community. It is also unclear who may have launched this attack. Hopefully, more information about the attack and breach will be public in the upcoming months.