An anonymous reader quotes a report from BleepingComputer: A new ClickFix campaign is luring users to fraudulent Google Meet conference pages showing fake connectivity errors that deliver info-stealing malware for Windows and macOS operating systems. ClickFix is a social-engineering tactic that emerged in May, first reported by cybersecurity company Proofpoint, from a threat actor (TA571) that used messages impersonating errors for Google Chrome, Microsoft Word, and OneDrive. The errors prompted the victim to copy to clipboard a piece of PowerShell code that would fix the issues by running it in Windows Command Prompt. Victims would thus infect systems with various malware such as DarkGate, Matanbuchus, NetSupport, Amadey Loader, XMRig, a clipboard hijacker, and Lumma Stealer.

In July, McAfee reported that the ClickFix campaigns were becoming mode frequent, especially in the United States and Japan. A new report from Sekoia, a SaaS cybersecurity provider, notes that ClickFix campaigns have evolved significantly and now use a Google Meet lure, phishing emails targeting transport and logistics firms, fake Facebook pages, and deceptive GitHub issues. According to the French cybersecurity company, some of the more recent campaigns are conducted by two threat groups, the Slavic Nation Empire (SNE) and Scamquerteo, considered to be sub-teams of the cryptocurrency scam gangs Marko Polo and CryptoLove.

An anonymous reader quotes a report from Hackread: The United States Department of Justice (DoJ) has indicted two Sudanese nationals for their alleged role in operating the hacktivist group Anonymous Sudan. The group claimed fame for conducting "tens of thousands" of large-scale and crippling Distributed Denial of Service attacks (DDoS attacks) targeting critical infrastructure, corporate networks, and government agencies globally. Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, stand accused of conspiracy to damage protected computers. Ahmed Salah faces additional charges for damaging protected computers. The duo is believed to have controlled Anonymous Sudan, which, since early 2023, launched attacks on high-profile entities such as ChatGPT, UAE's Flydubai Airline, London Internet Exchange, Microsoft, and the Israeli BAZAN Group.

The group and its clients also utilized the Distributed Cloud Attack Tool (DCAT) to conduct over 35,000 DDoS attacks. These attacks targeted sensitive government and critical infrastructure in the U.S. and globally, including the Department of Justice, Department of Defense, FBI, State Department, and Cedars-Sinai Medical Center in Los Angeles. The attacks, which sometimes lasted days, reportedly caused major damage, often crippling websites and networks. For instance, the attack on Cedars-Sinai Medical Center forced the redirection of incoming patients for eight hours, causing over $10 million in damages to U.S. victims.

The parents of a Massachusetts student are suing his school after he was penalized for using AI in a Social Studies project, claiming it was for research purposes only. The student received a detention and a lower grade, which his parents argue could harm his college prospects. The school is defending its AI policy and fighting to dismiss the case. The Register reports: "The Plaintiff Student will suffer irreparable harm that far outweighs any harm that may befall the Defendants," their filing reads [PDF]. "He is applying to elite colleges and universities given his high level of academic and personal achievement. Early decision and early action applications in a highly competitive admissions process are imminent and start in earnest on October 1, 2024. Absent the grant of an injunction by this Court, the Student will suffer irreparable harm that is imminent."

The school, however, is fighting back with a motion to dismiss [PDF] the case. The school argues that RNH, along with his classmates, was given a copy of the student handbook in the Fall of last year, which specifically called out the use of AI by students. The class was also shown a presentation about the school's policy. Students should "not use AI tools during in-class examinations, processed writing assignments, homework or classwork unless explicitly permitted and instructed," the policy states. "RNH unequivocally used another author's language and thoughts, be it a digital and artificial author, without express permission to do so," the school argues. "Furthermore, he did not cite to his use of AI in his notes, scripts or in the project he submitted. Importantly, RNH's peers were not allowed to cut corners by using AI to craft their projects; thus, RNH acted 'unfairly in order to gain an advantage.'"

An anonymous reader shares a report: Households on individual streets will be targeted with personalised adverts under plans being rolled out by Channel 4. The channel is to use new technology which will allow brands to tailor who sees their advert by enabling them to select a demographic within a specific location down to street level. For example, someone watching Made in Chelsea on Channel 4's streaming service could be served an ad for a fashion brand in a local outlet to them if a particular fashion trend is being discussed.

Advertisers can further optimise their campaign by selecting from 26 programme genres, as well as time of day and device the show is being watched on. It forms part of a wider update to Channel 4's streaming platform that the broadcaster hopes could boost revenues by as much as $13m. The company will launch a new private marketplace enabling brands to buy advertising space directly in real-time. This will allow advertisers to amend their campaigns to respond to events, whether that be real-world events such as local weather or developments in fictional storylines within TV shows. Channel 4's new ad targeting also includes more detailed data to track whether a viewer has made a purchase after seeing an ad, as well as new viewer profiles for brands to target.

smooth wombat writes: In 2013, James Howell's partner inadvertently threw out a hard drive along with other trash. Unknown to this person, this hard drive contained approximately 8,000 bitcoins. For the past decade Howell has been petitioning the town council of Newport to excavate the landfill in the hope of recovering the drive which would now hold approximately $647 million worth of cryptocurrency. Now he is suing the council in an attempt to force them to let him excavate.

Should the hard drive be recovered, Howells thinks there is an 80 percent chance that the coins on it would be retrievable. If it all works out, he has offered the council 10% of the recovered Bitcoin: $65 million worth. But, citing environmental concerns, the council has rejected his proposal to dig through over a decade's worth of garbage. The council issued a report wherein a spokesperson said, "The council has told Mr. Howells multiple times that excavation is not possible under our environmental permit and that work of that nature would have a huge negative environmental impact on the surrounding area. The council is the only body authorized to carry out operations on the site."

An anonymous reader quotes a report from TorrentFreak: Korean game publisher Nexon is using the U.S. legal system to address online copyright infringement. The company obtained a DMCA subpoena that requires Discord to hand over the personal details of suspected pirates. While Discord has shared information in the past, it doesn't plan to cooperate any longer, refusing to play the role of 'anti-piracy police'. [...] The messaging platform wrote that it is prepared to file a motion to quash the subpoena, if needed. It further urged Nexon to withdraw their demands, and cease sending any similar 'defective' subpoenas going forward. To support its stance, Discord made a list of twenty-two general objections and reservations. Among other things, the company wants to protect user privacy and their first amendment right to anonymous speech.

"Discord objects to the Requests as infringing its users' decisions to remain anonymous, an aspect of their freedom of speech protected by the First Amendment. The Requests improperly seek to unmask anonymous speakers and consequently compel disclosure of material protected by the First Amendment," it reads. This strongly-worded letter didn't have the desired result, however. Instead of backing off, Nexon doubled down, filing a motion to compel (PDF) at a Texas federal court late last week. The game company refutes Discord's objections and asks the court to enter an order requiring Discord to produce the requested user data. Nexon says that it needs this information to protect its copyrights. "Discord's failure to cooperate discovery has impeded Nexon's ability to discover relevant, non-privileged information that will support its potential claims against the users who have provided access to the infringing material," Nexon writes. While the court has yet to rule on the matter, Discord is expected to file a formal motion to quash the subpoena in response, as indicated in its earlier communications.

Longtime Slashdot reader mprindle shares a report from BleepingComputer: Cisco has confirmed to BleepingComputer that it is investigating recent claims that it suffered a breach after a threat actor began selling allegedly stolen data on a hacking forum. [...] This statement comes after a well-known threat actor named "IntelBroker" said that he and two others called "EnergyWeaponUser and "zjj" breached Cisco on October 6, 2024, and stole a large amount of developer data from the company.

"Compromised data: Github projects, Gitlab Projects, SonarQube projects, Source code, hard coded credentials, Certificates, Customer SRCs, Cisco Confidential Documents, Jira tickets, API tokens, AWS Private buckets, Cisco Technology SRCs, Docker Builds, Azure Storage buckets, Private & Public keys, SSL Certificates, Cisco Premium Products & More!," reads the post to a hacking forum. IntelBroker also shared samples of the alleged stolen data, including a database, customer information, various customer documentation, and screenshots of customer management portals. However, the threat actor did not provide further details about how the data was obtained.

An anonymous reader quotes a report from CBC News: The murder trial of a tech consultant in the stabbing death of Cash App founder Bob Lee begins Monday, a year and a half after the widely admired entrepreneur was found staggering on a deserted downtown San Francisco street seeking help. Lee's death at age 43 stunned the tech community, and fellow executives and engineers penned tributes to his generosity and brilliance. Lee was chief product officer of cryptocurrency platform MobileCoin when he died. He was a father to two children.

Prosecutors say Nima Momeni, 40, planned the April 4 attack after a dispute over his younger sister, Khazar, with whom Lee was friends. They say Momeni took a knife from his sister's condo, drove Lee to a secluded area and stabbed him three times, then fled. Defence lawyers disagree, and they say that Lee, high on drugs, attacked Momeni. "Our theory is that Bob had the knife, and that Nima acted in self defence," attorney Saam Zangeneh said.

He said his client is eager to tell his side of the story, but they haven't decided whether Momeni will testify in his defence. Momeni, who lives in nearby Emeryville, Calif., has been in custody since his arrest days after Lee died at a San Francisco hospital. Momeni's mother has been a steadfast presence at court hearings, and he is close to his sister. [...] Momeni, who has pleaded not guilty, faces 26 years to life if convicted. San Francisco Superior Court Judge Alexandra Gordon has told jurors the trial could last until mid-December.

9to5Mac's Filipe Esposito reports: Passkeys were introduced two years ago, and they replace traditional passwords with more secure authentication using a security key or biometrics. To make the technology even better, the FIDO Alliance published on Monday new specifications for passkeys, which ensure a way to let users import and export them. Currently, there's no secure way to move passkeys between different password managers. For example, if you've stored a specific passkey in Apple's Passwords app, you can't simply move it to 1Password, or vice versa. But that will change soon.

As just announced by the FIDO Alliance, the new specifications aim to promote user choice by offering a way to import and export passkeys. The draft of the new specifications establishes the Credential Exchange Protocol (CXP) and Credential Exchange Format (CXF) formats for transferring not only passkeys, but other types of credentials will also be supported. The new formats are encrypted, which ensures that credentials remain secure during the process. For comparison, most password managers currently rely on CSV files to import and export credentials, which is much less secure.

"Some prominent privacy advocates are encouraging customers to pull their data" from 23andMe, reports SFGate.

But can you actually do that? 23andMe makes it easy to feel like you've protected your genetic footprint. In their account settings, customers can download versions of their data to a computer and choose to delete the data attached to their 23andMe profile. An email then arrives with a big pink button: "Permanently Delete All Records." Doing so, it promises, will "terminate your relationship with 23andMe and irreversibly delete your account and Personal Information."

But there's another clause in the email that conflicts with that "terminate" promise. It says 23andMe and whichever contracted genotyping laboratory worked on a customer's samples will still hold on to the customer's sex, date of birth and genetic information, even after they're "deleted." The reason? The company cites "legal obligations," including federal laboratory regulations and California lab rules. The federal program, which sets quality standards for laboratories, requires that labs hold on to patient test records for at least two years; the California rule, part of the state's Business and Professions Code, requires three. When SFGATE asked 23andMe vice president of communications Katie Watson about the retention mandates, she said 23andMe does delete the genetic data after the three-year period, where applicable...

Before it's finally deleted, the data remains 23andMe property and is held under the same rules as the company's privacy policy, Watson added. If that policy changes, customers are supposed to be informed and asked for their consent. In the meantime, a hack is unfortunately always possible. Another 23andMe spokesperson, Andy Kill, told SFGATE that [CEO Anne] Wojcicki is "committed to customers' privacy and pledges to retain the current privacy policy in force for the foreseeable future, including after the acquisition she is currently pursuing."
An Electronic Frontier Foundation privacy lawyer tells SFGate there's no information more personal than your DNA. "It is like a Social Security number, it can't be changed. But it's not just a piece of paper, it's kind of you."

He urged 23andMe to leave customers' data out of any acquisition deals, and promise customers they'd avoid takeover attempts from companies with bad security — or with ties to law enforcement.

America's electric vehicle subsidies brought a 2-to-1 return on investment, according to a paper by the National Bureau of Economic Research. "That includes environmental benefits, but mostly reflects a shift of profits to the United States," reports the New York Times. "Before the climate law, tax credits were mainly used to buy foreign-made cars." "What the [subsidy legislation] did was swing the pendulum the other way, and heavily subsidized American carmakers," said Felix Tintelnot, an associate professor of economics at Duke University who was a co-author of the paper. Those benefits were undermined, however, by a loophole allowing dealers to apply the subsidy to leases of foreign-made electric vehicles. The provision sends profits to non-American companies, and since those foreign-made vehicles are on average heavier and less efficient, they impose more environmental and road-safety costs. Also, the researchers estimated that for every additional electric vehicle the new tax credits put on the road, about three other electric vehicle buyers would have made the purchases even without a $7,500 credit. That dilutes the effectiveness of the subsidies, which are forecast to cost as much as $390 billion through 2031.
The chief economist at Cox Automotive (which provided some of the data) tells the Times that "we could do better", but adds that the subsidies were "worth the money invested". But of course, that depends partly on how benefits were calculated: [U]ing the Environmental Protection Agency's "social cost of carbon" metric, they calculated the dollar cost of each model's lifetime carbon emissions from both manufacturing and driving. On average, emissions by gas-powered vehicles impose 57% greater costs than electric vehicles. The study then calculated harms from air pollution other than greenhouse gases — smog, for example. That's where electric vehicles start to perform relatively poorly, since generating the electricity for them still creates pollution. Those harms will probably fade as more wind and solar energy comes online, but they are significant. Finally, the authors added the road deaths associated with heavier cars. Batteries are heavy, so electric vehicles — especially the largest — are likelier to kill people in crashes.

Totaling these costs and then subtracting fiscal benefits through gas taxes and electricity bills, electric vehicles impose $16,003 in net harms, the authors said, while gas vehicles impose $19,239. But the range is wide, with the largest electric vehicles far outpacing many internal combustion cars.
By this methodology, a large electric pickup like the Rivian imposes three times the harms of a Prius, according to one of the study's co-authors (a Stanford professor of global environmental). And yet "we are subsidizing the Rivian and not the Prius..."

The Wall Street Journal delves into the origin story of that teenaged Grand Theft Auto VI leaker. Arion Kurtaj, now 19 years old, is the most notorious name that has emerged from a sprawling set of online communities called the Com... Their youthful inventiveness and tenacity, as well as their status as minors that make prosecution more complicated, have made the Com especially dangerous, according to law-enforcement officials and cybersecurity investigators. Some kids, they say, are recruited from popular online spaces like Minecraft or Roblox.... [William McKeen, a supervisory special agent with the FBI's Cyber Division] said the average age of anyone arrested for a crime in the U.S. is 37, while the average age of someone arrested for cybercrime is 19. Cybersecurity investigators have found posts they say suggest Kurtaj has been involved in online attacks since he was 11.
"He had limited social skills and trouble developing relationships, records say — and ultimately looked for approval in the booming world of cybercrime..." [When Kurtaj was 14] he landed in a residential school serving children with severe emotional and behavioral needs. Kurtaj was physically assaulted by a staff member at his school who was later convicted as a result, according to a person familiar with the case. In early 2021, his mother brought him home and removed him from government care, court records say. He never returned to school. He was 16.

A month after his mother pulled him out of school, investigators say that Kurtaj was part of a hacking group called Recursion Team that broke into the videogame firm Electronic Arts and stole 780 gigabytes of data. When Electronic Arts refused to engage, they dumped the stolen data online. Within a week of that hack, investigators had identified Kurtaj and provided his name to the FBI. Later in that summer of 2021, according to court records, Kurtaj partnered with another teenager, known as ASyntax, and several Brazilian hackers, and started calling themselves Lapsus$. The group hacked into the British telecommunications giant BT in an effort to steal money using a technique called SIM swapping... The hacks weren't always for money. In late 2021, Lapsus$ hacked into a website operated by Brazil's Ministry of Health and deleted the country's database of Covid vaccinations, according to law enforcement...

If the Com has a social center, it's a website called Doxbin, where users publish personal details, such as home addresses and phone numbers, of their online rivals in an attempt to intimidate each other. Kurtaj bought Doxbin in November 2021 for $75,000, according to Chainalysis. But after a few months, the previous owners accused Kurtaj of mismanaging the site and pressured him to sell it back. He relented. Then in January 2022, cybersecurity investigators say, he doxxed the entire site, publishing a database that included usernames, passwords and email addresses that he'd downloaded when he was the owner. For cybersecurity experts, it was a gold mine. "It helped investigators piece together which crimes were done by who," said Allison Nixon, chief research officer at Unit 221B, an online investigations firm.

Doxbin's owners responded with a dox of Kurtaj and his family, including his home address and photos of him, investigators say — setting up the chain of events that would put Kurtaj in the Travelodge.
After two weeks of "protective custody" there — during which time he was supposed to be computer-free — Kurtaj "was arrested a third time and charged with hacking, fraud and blackmail. Authorities said that while at the Travelodge, he broke into Uber and taunted the company by posting a link to a photo of an erect penis on the company's internal Slack messaging system, then stole software and videos from Rockstar Games. Stolen clips had popped up in a Grand Theft Auto discussion forum from a user named teapotuberhacker and stirred a frenzy.

"As officers collected evidence, the teen stood by, emotionless, police say...."

"Kurtaj's lawyers and some experts on autism have said a potential lifetime of incarceration isn't appropriate for a teenager like Kurtaj..."

Thanks to long-time Slashdot reader SpzToid for sharing the article.

In mid-2021 Ameria's National Security Advisor set up a new directorate focused on "advanced chips, quantum computing, and other cutting-edge tech," reports Wired. And the next year as Congress was working on boosting America's semiconductor sector, he was "closing in on a plan to cripple China's... In October 2022, the Commerce Department forged ahead with its new export controls."

So what happened next? In a phone call with President Biden this past spring, Xi Jinping warned that if the US continued trying to stall China's technological development, he would not "sit back and watch." And he hasn't. Already, China has answered the US export controls — and its corresponding deals with other countries — by imposing its own restrictions on critical minerals used to make semiconductors and by hoovering up older chips and manufacturing equipment it is still allowed to buy. For the past several quarters, in fact, China was the top customer for ASML and a number of Japanese chip companies. A robust black market for banned chips has also emerged in China. According to a recent New York Times investigation, some of the Chinese companies that have been barred from accessing American chips through US export controls have set up new corporations to evade those bans. (These companies have claimed no connection to the ones who've been banned.) This has reportedly enabled Chinese entities with ties to the military to obtain small amounts of Nvidia's high-powered chips.

Nvidia, meanwhile, has responded to the US actions by developing new China-specific chips that don't run afoul of the US controls but don't exactly thrill the Biden administration either. For the White House and Commerce Department, keeping pace with all of these workarounds has been a constant game of cat and mouse. In 2023, the US introduced the first round of updates to its export controls. This September, it released another — an announcement that was quickly followed by a similar expansion of controls by the Dutch. Some observers have speculated that the Biden administration's actions have only made China more determined to invest in its advanced tech sector.

And there's clearly some truth to that. But it's also true that China has been trying to become self-sufficient since long before Biden entered office. Since 2014, it has plowed nearly $100 billion into its domestic chip sector. "That was the world we walked into," [NSA Advisor Jake] Sullivan said. "Not the world we created through our export controls." The United States' actions, he argues, have only made accomplishing that mission that much tougher and costlier for Beijing. Intel CEO Pat Gelsinger estimated earlier this year that there's a "10-year gap" between the most powerful chips being made by Chinese chipmakers like SMIC and the ones Intel and Nvidia are working on, thanks in part to the export controls.

If the measure of Sullivan's success is how effectively the United States has constrained China's advancement, it's hard to argue with the evidence. "It's probably one of the biggest achievements of the entire Biden administration," said Martijn Rasser, managing director of Datenna, a leading intelligence firm focused on China. Rasser said the impact of the US export controls alone "will endure for decades." But if you're judging Sullivan's success by his more idealistic promises regarding the future of technology — the idea that the US can usher in an era of progress dominated by democratic values — well, that's a far tougher test. In many ways, the world, and the way advanced technologies are poised to shape it, feels more unsettled than ever.

Four years was always going to be too short for Sullivan to deliver on that promise. The question is whether whoever's sitting in Sullivan's seat next will pick up where he left off.

Formed in 2021 by cybersecurity professionals (and backed by high-powered VCs including Dell Technologies Capital), Halcyon sells an enterprise-grade anti-ransomware platform.

And this month they announced they're offering protection against ransomware attacks targeting Linux systems, according to Linux magazine: According to Cynet, Linux ransomware attacks increased by 75 percent in 2023 and are expected to continue to climb as more bad actors target Linux deployments... "While Windows is the favorite for desktops, Linux dominates the market for supercomputers and servers."
Here's how Halcyon's announcement made their pitch: "When it comes to ransomware protection, organizations typically prioritize securing Windows environments because that's where the ransomware operators were focusing most of their attacks. However, Linux-based systems are at the core of most any organization's infrastructure, and protecting these systems is often an afterthought," said Jon Miller, CEO & Co-founder, Halcyon. "The fact that Linux systems usually are always on and available means they provide the perfect beachhead for establishing persistence and moving laterally in a targeted network, and they can be leveraged for data theft where the exfiltration is easily masked by normal network traffic. As more ransomware operators are developing the capability to target Linux systems alongside Windows, it is imperative that organizations have the ability to keep pace with the expanded threat."

Halcyon Linux, powered through the Halcyon Anti-Ransomware Platform, uniquely secures Linux-based systems offering comprehensive protection and rapid response capabilities... Halcyon Linux monitors and detects ransomware-specific behaviors such as unauthorized access, lateral movement, or modification of critical files in real-time, providing instant alerts with critical context... When ransomware is suspected or detected, the Halcyon Ransomware Response Engine allows for rapid response and action.... Halcyon Data Exfiltration Protection (DXP) identifies and blocks unauthorized data transfers to protect sensitive information, safeguarding the sensitive data stored in Linux-based systems and endpoints...

Halcyon Linux runs with minimal resource impact, ensuring critical environments such as database servers or virtualized workloads, maintain the same performance.
And in addition, Halcyon offers "an around the clock Threat Response team, reviewing and responding to alerts," so your own corporate security teams "can attend to other pressing priorities..."

The Fifth Circuit Court of Appeals has affirmed a copyright infringement verdict against Internet provider Grande, which failed to take action against allegedly pirating subscribers. The jury's $47 million damages award in favor of the major music label plaintiffs is vacated. According to the Court (PDF), individual tracks that are part of an album, should not be counted as separate works. TorrentFreak reports: After hearing both sides, the Fifth Circuit Court of Appeals affirmed the jury verdict yesterday. Grande's arguments, suggesting that the district court mistakenly upheld the verdict earlier, were rejected. "The district court did not err in upholding the jury's unanimous liability verdict because Plaintiffs satisfied each element legally and factually," the decision reads. "The court correctly interpreted the law and instructed the jury on the relevant legal standards in light of the factual issues disputed by the parties, and Plaintiffs introduced ample evidence from which a reasonable jury could find in Plaintiffs' favor." [...]

In addition to the material contribution challenge, Grande and its supporters also pointed out that terminating Internet access isn't a "simple measure," as the jury concluded. Instead, it is drastic and overbroad, which could also impact innocent subscribers. The Court of Appeals rejects this reasoning. Instead, it states that the jury could and did conclude that terminations are a simple measure. There is no evidence to reach a different conclusion. All in all, the Court sees no reason to reverse the jury's verdict that Grande is liable for contributory infringement. This means that the jury verdict is affirmed.