• Products
    Digital Trust & Safety Suite

    Expand with confidence, and fight many types of fraud and abuse

    Payment Protection

    Reduce risk and grow revenue

    Content Integrity

    Protect users from spam and scams

    Account Defense

    Stop account takeover attacks

    Latest Product Releases & Enhancements
    Sift Connect
    PSD2 Solution
  • Why Sift
    The Sift Way

    Technology, Community, Partnership

    Commerce Platform Partners

    Low-code integrations for leading commerce platforms

  • Customers
    See case studies by industry

    Sift works for companies across e-commerce, travel, on-demand, and more.

    Featured Customers

    Harry’s

    85% reduction in chargebacks

    Poshmark

    70% less spam content

    Turo

    100% of ATO blocked

  • Resources
    Blog

    Digital Trust & Safety news

    Demos

    Walk-throughs of how Sift works

    Ebooks

    Guides, research, and more

    Infographics

    Data brought to life by design

    One Pagers

    Product and use case info

    Podcasts

    Stories from the fraud front lines

    Videos

    Testimonials and brand stories

    Virtual Events

    Virtual expo and online events

    Webinars

    Insights from industry experts

  • About
    Search Careers

    Make the internet a safer place â€” Grow your career.

    Our Company

    Learn how Sift helps companies grow securely

    Contact Us

    Want to get in touch? We'd love to hear from you

    Partner with Us

    Join the leader in Digital Trust & Safety

  • Request a demo
  • Sign in
Products
  • Digital Trust & Safety Suite
  • Payment Protection
  • Content Integrity
  • Account Defense
  • Latest Releases
  • Sift Connect
  • PSD2 Solution
Why Sift
  • Salesforce
  • Magento
  • Shopify
Customers
Resources
  • Blog
  • Demos
  • Ebooks
  • Infographics
  • One Pagers
  • Podcasts
  • Videos
  • Virtual Events
  • Webinars
About
  • Search Careers
  • Our Company
  • Contact Us
  • Engineering Blog
Request a Demo Sign In
  • Blog Home
  • Digital Trust & Safety
< prev / next >
Share this article on LinkedIn
Tweet this article
Share this article on Facebook
SOCIALICON
Share this article via email

News Roundup 5/22: Eddie’s stolen password database, the perfect Twizzler, and new malware

By Roxanna "Evan" Ramzipoor  / 

22 May 2017

“Eddie’s” stolen password database discovered

Fraudsters often rely on databases of stolen data to carry out their schemes, buying and selling emails and passwords over the dark web. Security researchers recently found one of these databases…and it’s huge. This particular database contains 560 million stolen passwords and emails. Some of the information was collected from site compromises like those suffered by LinkedIn, Tumblr, LastFM, and Dropbox.

Who does the database belong to? “Eddie” is the creator’s pseudonym, but that’s all we know so far. Now all we need is a database of 560 million Eddies to find the right one.

Hershey’s uses machine learning to make the perfect Twizzler

There’s a Holy Grail in the candy industry, and that’s the perfect Twizzler. In Lancaster, Pennsylvania, the licorice-making factory has chased after this elusive specimen for years. But perfection might finally be possible, with machine learning.

Each package of candy promises a specific net weight, such as 1 pound per package, but because of differences in temperature, cooking time, and pressure, Hershey’s factories experience variations across batches. To account for the variations, factories often have to adjust or redo batches – an expensive, time-consuming process. But George Lenhart, a senior manager at Hershey’s who oversees technology, set up a system to transmit data back and forth to Microsoft’s Azure cloud. Tracking pressure, temperature, and other factors, the program collected more than 60 million data points over 2 months, learning which data points affected the final weight of the candy. The machine learning system reduced Twizzler weight variability by 50 percent. Hershey’s next quest? The perfect chocolate bar.

Researchers discover new strain of malware

You’re probably familiar with WannaCry, the ransomware that targeted organizations worldwide last week. Researchers have found what might be its descendant, a ransomware they’re calling EternalRocks. Like its predecessor, EternalRocks draws on tools stolen from the National Security Agency (NSA).

According to researchers, EternalRocks uses these tools to spread ransomware from computer to computer through the Windows operating system – but unlike WannaCry, it is bolstered by six other NSA tools. The seven tools work in conjunction to propogate the strain farther and faster than WannaCry is capable of spreading. Unlike WannaCry, the new EternalRocks doesn’t seem to have any malicious elements, like locking or corrupting files. But don’t breathe a sigh of relief just yet: EternalRock does leave infected computers vulnerable to remote commands that could enable hackers to carry out these malicious activities. The ransomware also doesn’t seem susceptible to the kill switch that halted WannaCry.

Related

cybercrimefraudmachine learningtechnology

Roxanna "Evan" Ramzipoor

Roxanna "Evan" Ramzipoor was a Content Marketing Manager at Sift.

  • < prev
  • Blog Home
  • next >
Company
  • About Us
  • Careers
  • Contact Us
  • News & Press
  • Partner with us
  • Blog
Support
  • Help Center
  • Contact Support
  • System Status
  • Trust & Safety EDU
  • Fraud Management
Developers
  • Overview
  • APIs
  • Client Libraries
  • Integration Guides
  • Tutorials
  • Engineering Blog
Social

Don't miss a thing

Our newsletter delivers industry trends, insights, and more.

You're on the list.

You can unsubscribe at any time. Please see our Website Privacy Notice.

If you are using a screen reader and are having problems using this website, please email support@sift.com for assistance.

© 2021 Sift All Rights Reserved Privacy & Terms

Your information will be used to contact you about our service and subscribe you to our direct marketing communications. You can, of course, unsubscribe at any time. Please see our Website Privacy Notice.