This Hacker Tool Extracts All the Data Collected by Windows’ New Recall AI

Windows Recall takes a screenshot every five seconds. Cybersecurity researchers say the system is simple to abuse—and one ethical hacker has already built a tool to show how easy it really is.

When Microsoft CEO Satya Nadella revealed the new Windows AI tool that can answer questions about your web browsing and laptop use, he said one of the “magical” things about it was that the data doesn’t leave your laptop; the Windows Recall system takes screenshots of your activity every five seconds and saves them on the device. But security experts say that data may not stay there for long.

Two weeks ahead of Recall’s launch on new Copilot+ PCs on June 18, security researchers have demonstrated how preview versions of the tool store the screenshots in an unencrypted database. The researchers say the data could easily be hoovered up by an attacker. And now, in a warning about how Recall could be abused by criminal hackers, Alex Hagenah, a cybersecurity strategist and ethical hacker, has released a demo tool that can automatically extract and display everything Recall records on a laptop.

Dubbed TotalRecall—yes, after the 1990 sci-fi film—the tool can pull all the information that Recall saves into its main database on a Windows laptop. “The database is unencrypted. It’s all plain text,” Hagenah says.⁩ Since Microsoft revealed Recall in mid-May, security researchers have repeatedly compared it to spyware or stalkerware that can track everything you do on your device. “It’s a Trojan 2.0 really, built in,” Hagenah says, adding that he built TotalRecall—which he’s releasing on GitHub—in order to show what is possible and to encourage Microsoft to make changes before Recall fully launches.

The company unveiled Recall as part of a Surface laptop event last month. The tool continuously takes screenshots of whatever’s happening on your PC. Recall is intended to allow people to “retrieve” things you’ve done on your machine—whether it’s web pages you’ve visited or messages you’ve been sent—using natural language search queries. Microsoft’s description of the tool says Recall could be used to search for recipes you’ve looked at online but whose websites you’ve forgotten.

TotalRecall, Hagenah says, can automatically work out where the Recall database is on a laptop and then make a copy of the file, parsing all the data as it does so. While Microsoft’s new Copilot+ PCs aren’t out yet, it’s possible to use Recall by emulating a version of the devices. “It does everything automatically,” he says. The system can set a date range for extracting the data—for instance, pulling information from only one specific week or day. Pulling one day of screenshots from Recall, which stores its information in an SQLite database, took two seconds at most, Hagenah⁩ says.

Included in what the database captures are screenshots of whatever is on your desktop—a potential gold mine for criminal hackers or domestic abusers who may physically access their victim’s device. Images include captures of messages sent on encrypted messaging apps Signal and WhatsApp, and remain in the captures regardless of whether disappearing messages are turned on in the apps. There are records of websites visited and every bit of text displayed on the PC. Once TotalRecall has been deployed, it will generate a summary about the data; it is also possible to search for specific terms in the database.

Hagenah⁩ says an attacker could get a huge amount of information about their target, including insights into their emails, personal conversations, and any sensitive information that’s captured by Recall.

Hagenah’s work builds on findings from cybersecurity researcher Kevin Beaumont, who has detailed how much information Recall captures and how easy it can be to extract it. Beaumont also says he has built a website where a Recall database can be uploaded and instantly searched. He says he hasn’t released the site yet, to allow Microsoft time to potentially change the system. “InfoStealer trojans, which automatically steal usernames and passwords, are a major problem for well over a decade—now these can just be easily modified to support Recall,” Beaumont writes.

The criticisms come as hacks of Microsoft systems have led to various US government data breaches; Nadella has said security should be Microsoft’s “top priority.” Microsoft did not respond to WIRED’s request for comment about the security features of Recall by the time of publication.

Recall’s privacy pages say it is possible to disable saving screenshots (effectively turning Recall off), pause the system temporarily, filter applications where screenshots are taken, and delete what is gathered at any time. Recall runs on the laptop itself, storing data it captures on the device and not sending this information to Microsoft’s servers. Hagenah⁩ says this claim appears to be true, with no signs that data is sent to Microsoft.

Microsoft is, at least, aware of some of the possible privacy and security-related issues with Recall: Its help pages say the system does not perform any content moderation on what is contained in the images it saves. This means, Microsoft says in the guide, that it won’t “hide information such as passwords or financial account numbers.” Security researchers have already been able to extract passwords from Recall.

Recall’s main database is stored on the laptop’s system directory, and while it needs administrator rights to access, privilege escalation attacks have been around for years, making it theoretically possible for an attacker to gain initial access to a device remotely.

Hagenah⁩ says that in cases of employers with “bring your own devices” policies, there’s a risk of someone leaving with huge volumes of company data saved on their laptops. That’s a particular risk if they’re disgruntled or leave on bad terms, he says. The UK’s data protection regulator, the Information Commissioner’s Office, has asked Microsoft to provide more details about Recall and its privacy.

While Recall remains as a “preview” feature and, according to Microsoft’s small print, could change before it launches, Beaumont writes in his research that the company “should recall Recall and rework it to be the feature it deserves to be, delivered at a later date.” He adds: “They also need to review the internal decisionmaking that led to this situation, as this kind of thing should not happen.”

Source of the Article

Categories: CyberSecurity , ITadmins , windows

Kaspersky releases free tool that scans Linux for known threats

 

Kaspersky has released a new virus removal tool named KVRT for the Linux platform, allowing users to scan their systems and remove malware and other known threats for free.

The security firm notes that despite the common misconception that Linux systems are intrinsically secure from threats, there has been a constant supply of "in the wild" examples that prove otherwise, most recently, the XZ Utils backdoor.

Kaspersky's new tool isn't a real-time threat protection tool but a standalone scanner that can detect malware, adware, legitimate programs abused for malicious purposes, and other known threats and offers to clean them.

Copies of malicious files that are deleted or disinfected are stored in a quarantine directory at '/var/opt/KVRT2024_Data/Quarantine' (for root users) in a non-harmful form.

The application uses a frequently updated antivirus database to scan the entire system for matches, but users need to download a new copy each time for the latest definitions.

"Our application can scan system memory, startup objects, boot sectors, and all files in the operating system for known malware. It scans files of all formats — including archived ones," says Kaspersky.

One thing to note is that KVRT only supports 64-bit systems and requires an active internet connection to work.

Kaspersky has tested the tool on popular Linux distributions and confirmed it works on Red Hat Enterprise Linux, CentOS, Linux Mint, Ubuntu, SUSE, openSUSE, and Debian, among others.

Even if your distribution isn't on the list of supported systems, there's a good chance that KVRT will work without problems, so it wouldn't hurt to attempt to run a scan, Kaspersky says.

KVRT main window

​​​​​​​Source: Kaspersky

Using KVRT

KVRT can be downloaded from here, and once downloaded, the user needs to make the file executable and run it as root for maximum functionality.

KVRT can be executed both in a graphical user interface (GUI) or the terminal, as a command-line tool. So, it's also usable in lower init runlevels (down to 3) where people might be stuck following a malware infection.

If regular users execute the scanner, it won't have the required permissions to scan all directories and partitions where threats could be hiding.

During initialization, the scanner unpacks some necessary files into a temporary directory at '/tmp/<random_character_sequence,' but those are wiped once it's closed.

Kaspersky has provided detailed instructions on how to set up the binary for execution both via the GUI and the console on this webpage.

BleepingComputer has not tested the effectiveness, nor can it guarantee the safety of KVRT, so use the tool at your own risk.

Categories: CyberSecurity , ITadmins

Footage in CyberSpace

About a decade ago, cyber has been considered as a union of the computers, internet and mobile technology as nowadays that sort of the asset deals with a new terminology being an information communication technology (ICT) infrastructure which broadly corresponds to a term being a cyberspace, so far. The ICT is a novel and deeply accepted concept that can be assumed as a digital ecosystem that might offer a wired and wireless transmission of the information and as anything working on an electric current will always cope with a trace among its software and hardware system.

 A couple of decades back, the entire electronics technology could be analog or digital, while with the industry 4.0 and a beginning of the digital age the majority of the technical paradigms have become digitalized giving a space for new solutions to come and open up, first, some place for cyber technologies and more recently, ICT infrastructure.

 The main challenge with those emerging products and services is a well-developed and controlled digital forensics which gives an opportunity to catch any footage within a cyberspace lawfully being defined as a clue or evidence in hands of the authorities and the other case management efforts as dealing with a trace in some electric voltage system can be recognized as a valid finding on the court leading to a final decision of any case and its investigation.

Combating a high-tech criminality is a tough task and anyone who wants to tackle such a problem must cope with skills, experiences and expertise as it can be truly difficult locating all those offenders and prove what they literally done in an illegal manner. The big concern with the cybercrime fighting is a lack and chronical need for a legal regulation as such technological landscape changes and evolves non-stop seeking from the law enforcement professionals to keep a step with upcoming trends and tendencies as the system by itself should focus on constant reforms, as well as well-provided updates, trainings and educations being an imperative in getting a competitive officer who can get at least a move ahead of the IT security threats which are also very competitive in their business literally dictating trends in the next generation security, so far.

Indeed, people have been connected with each other at the end of the previous century when the world thanks to the web grid has become the global village, while in a second decade of the new millennium the devices, not just the humans have started being interconnected relying on the internet signal opening up a new chapter in a history of the science and technology which is the Internet of Things (IoT) being promising, but from a security point of view, very unreliable industrial perspective, so far. Apparently, with such a situation there must exist an appealing need for cyber defense as something which can make lives and businesses getting better safe as those relying on such an untrusted system might be in a real danger which brings with itself a search for a highly sophisticated cryptosystem which could impact any kind of communication and data storage in a fashion of the end-to-end (E2E), link and combined encryption being followed with a good decryption and getting with so much harder challenge of the perfect secrecy and multi-stage assurance of the endpoint users and their secret information exchange.

The fact is it is possible to leave a footage within those heaps of the electronic equipment including their virtual capacities and the good question with so could be how it is feasible to undoubtedly confirm someone’s identity being left within an ICT asset as it is well-known that the entire new legal regulation with the case management procedures being in compliance with those laws are needed in order to prove someone’s activity in both physical and high-tech surrounding, so far.

The overall process of the R&D of the digital forensics tools must be in accordance to the lawful suggestions and those making software and hardware for a legal evidence collecting procedure are supposed to provide exactly something that can offer a valid evidence on the court as once developed such a solution must pass an examination within the accredited government’s bodies which can issue a certificate guaranteeing that such a tested product or service does truly what has been ordered by the law not letting any space to some sort of the mistake or counterfeiting such reports and assessments as in a technological manner that piece of the equipment could be totally with a small degree of the accuracy in an engineering connotation.

On the other hand, in a case of the identity confirmation it must be strictly defined by the law what can be a valid evidence on the court regarding who has convicted a criminal justice offense and literally, the law enforcement agencies conducting an investigation should use such devices which could detect someone’s identity, for instance, catching someone’s presence with some kind of the access control platforms such as computer login screen, physical approach to some facility, crossing a border and much more as it is well-known that the identity might be determined relying on something that can give an accurate information who that person is and the unique indicator for such a finding is a biometrics parameter which can be included as a fingerprint footage, iris detection trace or

DNA collected data – all of so leading into more innovative case management which might be with a strong correlation with the science and technology endeavors being capable to accurately assess such an identity and consequently, applying some kind of the IDs analytics locate those offenders knowing without any flaw that those persons are who they are and they did what they have done which can dramatically speed up an investigation process letting much more effective evidence collecting procedures that can lead to an arrest of the criminals and probably terror individuals which are using an emerging technology not any longer untouchable and uncatchable to the law enforcement and intelligence communities, so far.

Categories: CyberSecurity , ITadmins

Data Analyst Roles and responsibilities

An Overview of Data Analyst Roles and Responsibilities

A data analyst is responsible for collecting, cleaning and organizing large data sets, and analyzing them to uncover actionable insights that can drive business strategy and decisions.

Some typical data analyst roles and responsibilities include:

• Retrieving data from multiple sources, including databases and software systems
• Data cleaning and preparation – identifying incomplete, incorrect, inaccurate or irrelevant parts of the data
• Conducting quantitative and qualitative data analysis using statistical methods and programming languages like SQL, Python and R
• Applying modeling techniques like machine learning algorithms to data in order to uncover patterns and predictive insights
• Visualizing data findings using data visualization tools like Tableau, Power BI and Excel
• Communicating data-driven insights and recommendations clearly to stakeholders through reports and presentations

 

Must-Have Data Analyst Skills

While statistics, communication and problem-solving abilities are crucial, every aspiring data analyst needs to build up a robust set of technical qualifications.

SQL

SQL (Structured Query Language) is a standard programming language used for managing and analyzing data stored in relational databases. Whether you’re extracting specific data points, identifying relationships between data sets or updating existing data, SQL querying is an indispensable aspect of a data analyst’s day-to-day work. Fluency in SQL also enables effective collaboration with database administrators and data engineers.

Some common SQL skills needed include:

• Writing SELECT statements to retrieve relevant data
• Filtering large data sets with WHERE clauses
• Using aggregate functions like COUNT, SUM, MAX and AVG
• Joining data from multiple related database tables
• Modifying database structures and contents with DDL and DML

SQL querying forms the initial stage of the data analysis process for most data analysts. Mastering this skill is therefore the first step to becoming an expert analyst.

Statistical Programming Languages

While spreadsheet programs like Excel allow you to work with small, single data sheets, statistical programming languages like Python, R and MATLAB provide the firepower for complex quantitative analysis on larger datasets.

Python and R in particular have become ubiquitous in data science and analytics. Learning at least one of them is indispensable for aspiring data analysts. Here’s an overview:

Python

Python is a versatile, beginner-friendly and general-purpose programming language, equipped with specialized libraries and frameworks tailored for machine learning, predictive modeling, data visualization and statistical analysis. Key reasons data analysts should learn Python:

• Open-source, with rich documentation and active community support
• Easy to read and write, enabling faster development
• Integrates seamlessly with Big Data tech like Apache Spark and Hadoop
• Packed with data-focused libraries like NumPy, SciPy, Pandas, Matplotlib and Seaborn

R

Developed specifically for statistical analysis and graphics, R provides an extensive collection of packages and functionalities for advanced analytics. Some notable R features:

• Specialized data structures and data manipulation capabilities
• Inbuilt statistical and graphical capabilities
• Highly extensible with over 17,000 libraries for niche tasks
• Dominates statistical modeling and machine learning applications
• Integrates with Python, SQL and other Big Data tools

Whichever route you take, developing proficiency in using Python or R will dramatically boost your capabilities as a data analyst or data scientist.

Data Visualization

While number crunching and coding form the backbone of data analysis, visualizing data findings is equally important – especially when presenting insights to business teams and stakeholders.

Data analysts rely on data visualization software like Tableau, Power BI, Qlik and D3.js to create interactive dashboards, charts, graphs and other graphics that bring data analysis to life.

Some useful data visualization skills include:

• Transforming raw datasets into formats like charts, graphs and maps
• Conveying relationships between variables through scatter plots and heat maps
• Comparing categorical data visually using pie, donut and bar charts
• Highlighting chronological patterns over time using line graphs
• Simplifying complex numerical figures via reports and summaries

Data presentation is where data analysts can truly provide intelligence and value to an organization. Strong data visualization skills enable you to communicate insights far more effectively to drive business strategy.

 

Categories: codes , CyberSecurity , ITadmins

Blender 4.0 Release Arrives With Game-Changing Rendering Upgrades

 Blender 4.0 release makes it an exciting program for all kinds of graphics professionals and artists.

Blender is a very popular open-source 3D computer graphics suite that has a vast variety of use cases, ranging from the creation of animated films, all the way to motion graphics, visual effects, and more.

With a recent announcement, the Blender Foundation revealed the Blender 4.0 release, that represents “a major leap for rendering, creating tools, and more to take your Freedom to Create to new heights.” So, let's look at what's behind this release.

Being a major release, Blender 4.0 has plenty to offer. However, we will be only taking a look at some of the key highlights:

• User Interface Improvements
• Light and Shadow Linking
• Revamped Principled BSDF
• Better Rigging

While we mention some details as you read on, here is the official video to sum up the major changes:

User Interface Improvements

The most important user-facing thing on Blender, the interface font, has been changed to “Inter”. This move was made in a bid to improve text readability across the application, irrespective of the display size.

Then there's the newly added ability to search for stuff by pressing the space bar on regular dropdown/context menus, and a tweaked splash screen which now makes it easier to carry over saved settings from older Blender installs.

Even a new “Save Incremental” option was added to the File menu that saves the current .blender file with a numerically incremented name.

Light and Shadow Linking

Dubbed by the devs as their most awaited feature, Blender 4.0 features Light and Shadow Linking. With these features, a designer could set lights to affect specific objects in a scene, and even have control over which objects can block light, acting as shadow blockers.

For more details on how these work, you can refer to the official documentation.

Revamped Principled BSDF

Blender's Principled BSDF system has seen a big revamp with the upgrade, it now features support for a larger variety of material types and is more efficient.

Some highlights of the revamp include:

• Coat, it is placed above all the base layers, including the emission layer, to simulate things like a phone display behind a glass surface.
• Sheen, it now uses a new microfiber shading model, and acts as the top layer above emission and coat.
• Implementation of Multiple scattering GGX for more efficient rendering in Cycles, resulting in less power being used while rendering.
• Edge tinting for metallic surfaces, allowing for an artist-friendly way to render complex index of refraction, based on the F82 tint model.

The illustration below should give you a better look at how things are with this revamp of Principled BSDF:

Better Rigging

Blender 4.0 features a dedicated “Bone Collections” for Armature Bones, this implementation is carried over from the existing implementation for objects.

It replaces both the legacy numbered layers and bone groups feature, allowing for the Select Grouped operator to select by bone color/collection, setting bone colors on armature bones, and more.

Even the pose library sees an update with the recently introduced asset shelf that makes pose assets available in the 3D viewport.

🛠️ Other Changes and Improvements

There's more. Some other noteworthy changes include:

• Support for Intel HD4000 series GPUs has been dropped.
• A new blendfile compatibility policy has been implemented.
• Snapping has been improved, allowing for faster and more precise snaps.
• The minimum required OpenGL version for Linux and Windows is now 4.3.
• Filmic has been replaced by AgX view transform for better handling of colors in over-exposed areas.

You may also refer to the official release notes for more details of this Blender release.

📥 Download Blender 4.0

You can get the latest tar package of Blender from the official website for Linux, Windows, and macOS.

But, if you were looking for something different, then you could also get it from the Snap store and Steam.

Categories: 3D-design , Blender , codes , graphics , opensource