Hackers working for Western intelligence agencies broke into Russian internet search company Yandex in late 2018 deploying a rare type of malware in an attempt to spy on user accounts, Reuters reported Thursday, citing four people with knowledge of the matter. From the report: The malware, called Regin, is known to be used by the "Five Eyes" intelligence-sharing alliance of the United States, Britain, Australia, New Zealand and Canada, the sources said. Intelligence agencies in those countries declined to comment. Western cyberattacks against Russia are seldom acknowledged or spoken about in public. It could not be determined which of the five countries was behind the attack on Yandex, said sources in Russia and elsewhere, three of whom had direct knowledge of the hack. The breach took place between October and November 2018.

Yandex spokesman Ilya Grabovsky acknowledged the incident in a statement to Reuters, but declined to provide further details. "This particular attack was detected at a very early stage by the Yandex security team. It was fully neutralized before any damage was done," he said.

Microsoft today announced OneDrive Personal Vault, a new security layer for protecting sensitive and important files. The feature is rolling out "soon" to the web, Android, iOS, and Windows 10 in Australia, New Zealand, and Canada. From a report: Furthermore, the company is increasing OneDrive's cheapest storage plan from 50GB to 100GB at no additional cost. Office 365 subscribers are also getting new storage options. Personal Vault is a protected area in OneDrive that you can only access with the Microsoft Authenticator app or a second step of identity verification (fingerprint, face, PIN, or a code sent to you via email or SMS). Microsoft envisions OneDrive users saving travel, identification, vehicle, home, and insurance documents in their Personal Vault. You can use the OneDrive mobile app to scan documents, take pictures, or shoot video directly into your Personal Vault, keeping such items out of less secure areas like your camera roll.

New York lawmakers have agreed to pass a sweeping climate plan that could help the state achieve a net-zero economy in which all energy is drawn from carbon-free sources by 2050. "The bill would require New York to get 70 percent of its electricity from renewable sources by 2030, and by 2050, the state would have to cut emissions by at least 85 percent below 1990 levels," reports New York Magazine. "To offset the remainder, the state would enact measures to remove carbon dioxide from the atmosphere, like mass tree-planting and the restoration of wetlands." From the report: The bill, if passed, would be one of the world's most ambitious climate plans, made more impressive by the size of New York's economy. If the state were its own country, its economy would be the 11th largest in the world, falling between those of Canada and South Korea. "This unquestionably puts New York in a global leadership position," Jesse Jenkins, an energy expert and postdoctoral fellow at Harvard, told the New York Times.

Of course, energy costs will go up in pursuit of the goal. New York gets around 60 percent of its electricity from carbon-free sources -- primarily an energy mix of hydroelectric and nuclear power. To make up the difference, the state will invest in large-scale offshore wind farms and rooftop solar projects. More challenging than the electric grid is the heat for homes and commercial buildings, which generally burn natural gas or oil, and take up around a quarter of the state's emissions. In New York City, for example, an April law requiring skyscrapers to retrofit to meet new energy standards is expected to cost building owners over $4 billion. The bill also marks the first major piece of legislation to include aspects of Alexandria Ocasio-Cortez's Green New Deal, routing hundreds of millions of dollars into polluted or environmentally vulnerable areas of the state in an attempt at both economic and environmental revival.

An anonymous reader quotes a report The Weather Channel: Scientists studying climate change expected layers of permafrost in the Canadian Arctic to melt by the year 2090. Instead, it's happening now. A new study published this week in the journal Geophysical Research Letters revealed that unusually warm summers in the Canadian High Arctic between 2003 and 2016 resulted in permafrost melt up to 240% higher than previous years. Louise Farquharson, a researcher at the Permafrost Laboratory at the University of Alaska Fairbanks and the study's lead author, told weather.com the three areas of melting permafrost studied in remote northern Canada are believed to have been frozen for thousands of years. She noted that while scientists had predicted the permafrost wouldn't melt for another 70 years, those forecasts didn't take into account the unusually warm summers that have happened in recent years. While researchers believe all indicators point to warmer temperatures continuing, there's no way to know for sure just how quickly the permafrost will continue to melt. Not only is rapidly melting permafrost a symptom of global warming, but it accelerates climate change by exposing thawing biological material to the atmosphere where it decomposes and releases CO2, a key element in global warming.

SpaceX successfully launched and deployed three RADARSAT Canadian satellites into orbit this morning. Despite heavy fog, the company also landed the Falcon 9 rocket on the California coast. The Verge reports: The trio of satellites going up on today's flight are part of the RADARSAT Constellation developed by the Canadian Space Agency. The spacecraft are meant to operate nearly 400 miles up, where they will observe Canada's land and waters, as well as the Arctic. The goal is to gather data on sea ice in nearby oceans and the Great Lakes, as well as the changing ecosystems within Canada. Such information will be useful for many groups, including mariners who navigate in Arctic waters and scientists who want to understand the impact of climate change in the region. Satellite imagery from RADARSAT could also help with disaster relief.

SpaceX is using one of its used Falcon 9 rockets for the mission, a vehicle that previously flew the company's Crew Dragon capsule on its very first flight to the International Space Station back in March. After that launch, the Falcon 9 landed on one of SpaceX's drone ships off the coast of Florida in the Atlantic, but now it's ready to make a ground landing on the opposite coast. The first and only time that SpaceX has landed a Falcon 9 rocket on California land was in October of 2018. Nearly all of the company's attempts to land on solid ground have been successful, save for one that missed its pad in Florida and landed in the ocean instead.

Prime Minister Justin Trudeau announced on Monday that Canada will ban many single-use plastic items by 2021, including bags, straws, cutlery and stirring sticks, to cut harmful waste damaging the country's ecosystems. CNN reports: Trudeau announced the measures Monday, describing "a problem we simply can't ignore." "Plastic waste ends up in our landfills and incinerators, litters our parks and beaches, and pollutes our rivers, lakes, and oceans, entangling and killing turtles, fish, and marine mammals," the Canadian leader said in a statement. "Less than 10 per cent of plastic used in Canada gets recycled. Without a change in course, Canadians will throw away an estimated $11 billion worth of plastic materials each year by 2030." Trudeau said his government will work with companies that use or create plastic products to set targets on waste.

An anonymous reader quotes a report from Science Magazine: For a transfusion to be successful, the patient and donor blood types must be compatible. Now, researchers analyzing bacteria in the human gut have discovered that microbes there produce two enzymes that can convert the common type A into a more universally accepted type. If the process pans out, blood specialists suggest it could revolutionize blood donation and transfusion. To up the supply of universal blood, scientists have tried transforming the second most common blood, type A, by removing its "A-defining" antigens. But they've met with limited success, as the known enzymes that can strip the red blood cell of the offending sugars aren't efficient enough to do the job economically.

After 4 years of trying to improve on those enzymes, a team led by Stephen Withers, a chemical biologist at the University of British Columbia (UBC) in Vancouver, Canada, decided to look for a better one among human gut bacteria. Some of these microbes latch onto the gut wall, where they "eat" the sugar-protein combos called mucins that line it. Mucins' sugars are similar to the type-defining ones on red blood cells. So UBC postdoc Peter Rahfeld collected a human stool sample and isolated its DNA, which in theory would include genes that encode the bacterial enzymes that digest mucins. Chopping this DNA up and loading different pieces into copies of the commonly used lab bacterium Escherichia coli, the researchers monitored whether any of the microbes subsequently produced proteins with the ability to remove A-defining sugars. At first, they didn't see anything promising. But when they tested two of the resulting enzymes at once -- adding them to substances that would glow if the sugars were removed -- the sugars came right off. The enzymes also worked their magic in human blood. Tiny amounts added to a unit of type A blood could get rid of the offending sugars, they found. The findings have been reported today in the journal Nature Microbiology.

NASA is to allow tourists to visit the International Space Station from 2020, priced at $35,000 per night. From a report: The US space agency said it would open the orbiting station to tourism and other business ventures. There will be up to two short private astronaut missions per year, said Robyn Gatens, the deputy director of the ISS. NASA said that private astronauts would be permitted to travel to the ISS for up to 30 days, travelling on US spacecraft. "NASA is opening the International Space Station to commercial opportunities and marketing these opportunities as we've never done before," chief financial officer Jeff DeWit said in New York. NASA said that private commercial entities would be responsible for determining crew composition and ensuring that the private astronauts meet the medical and training requirements for spaceflight. The two companies hired by NASA are Elon Musk's SpaceX, which will use its Dragon capsule, and Boeing, which is building a spacecraft called the Starliner.

Microsoft is on the cusp of finally opening its flagship retail store in the UK next month, but all of the smaller Microsoft Specialty Stores have evidently been shuttered with many reportedly closing this past weekend. From a report: As of June 2019, Microsoft has just over 80 full-fledged Microsoft Stores in the United States, Canada, Puerto Rico, and Australia, but 17 of the smaller kiosks and so-called specialty stores have now been removed. Indeed, all the specialty stores are now gone implying a planned shift in retail strategy. In a statement, Microsoft said: After careful discussion and evaluation, we've made the decision to close our specialty store locations. We are focused on delivering great experiences throughout the customer journey. We will continue to connect with and empower our customers to achieve more and discover all that's possible with Microsoft through Microsoft Store across the globe online and in our physical stores in the U.S., Canada, Puerto Rico, Australia, and coming soon to the U.K.

Nearly all applicants for US visas will have to submit their social media details under newly adopted rules. From a report: The State Department regulations say people will have to submit social media names and five years' worth of email addresses and phone numbers. When proposed last year, authorities estimated the proposal would affect 14.7 million people annually. Certain diplomatic and official visa applicants will be exempt from the stringent new measures. However, people travelling to the US to work or to study will have to hand over their information. "We are constantly working to find mechanisms to improve our screening processes to protect US citizens, while supporting legitimate travel to the United States," the department reportedly said. Previously, only applicants who needed additional vetting -- such as people who had been to parts of the world controlled by terrorist groups -- would need to hand over this data.

An anonymous reader quotes a report from TechCrunch: Uber is now requiring the same good behavior from riders that it has long expected from its drivers. Uber riders have always had ratings, but they were never really at risk of deactivation -- until now. Starting today, riders in the U.S. and Canada are now at risk of deactivation if their rating falls significantly below a city's average. For drivers, they face a risk of deactivation if they fall below 4.6, according to leaked documents from 2015. Though, average ratings are city-specific. Uber, however, is not disclosing the average rider rating, but says "any rider at risk of losing access will receive several notifications and opportunities to improve his or her rating," an Uber spokesperson told TechCrunch. For example, Uber will offer tips to riders around encouraging polite behavior and keeping the car clean. "Ultimately, we expect this to impact only a very small number of riders," the spokesperson said. "Respect is a two-way street, and so is accountability," Uber Head of Safety Brand and Initiatives Kate Parker wrote in a blog post. "Drivers have long been required to meet a minimum rating threshold which can vary city to city. While we expect only a small number of riders to ultimately be impacted by ratings-based deactivations, it's the right thing to do."

An anonymous reader writes: iRobot today launched two new robots: the Roomba s9+ robot vacuum cleaner and the Braava jet m6 robot mop. The Roomba s9+ robot vacuum with Clean Base Automatic Dirt Disposal starts at $1,299. The Roomba s9 without the Clean Base starts at $999. The Braava jet m6 robot mop starts at $499. All the robots are available for purchase today in the U.S. and Canada. They will start shipping in select European countries on July 12, 2019. The two robots can use iRobot's Imprint Link Technology to "talk to each other" -- vacuuming and then mopping automatically. The technology also works with the Roomba i7+, which launched in September. iRobot is thus introducing two robots that can clean together "as a team." Owners of the robots can initiate a "Linked clean" in the iRobot Home app.

Amidst an escalating trade war and political tensions with the US, Beijing officials have decided to develop a custom operating system that will replace the Windows OS on computers used by the Chinese military. From a report: The decision, while not made official through the government's normal press channels, was reported earlier this month by Canada-based military magazine Kanwa Asian Defence. Per the magazine, Chinese military officials won't be jumping ship from Windows to Linux but will develop a custom OS. Thanks to the Snowden, Shadow Brokers, and Vault7 leaks, Beijing officials are well aware of the US' hefty arsenal of hacking tools, available for anything from smart TVs to Linux servers, and from routers to common desktop operating systems, such as Windows and Mac. Since these leaks have revealed that the US can hack into almost anything, the Chinese government's plan is to adopt a "security by obscurity" approach and run a custom operating system that will make it harder for foreign threat actors -- mainly the US -- to spy on Chinese military operations.

Apple has issued a short statement on its website and in various newspapers announcing Apple Maps plans in Canada. From a report: The company plans to drive around the country with cars equipped with a ton of sensors in order to improve Apple Maps in Canada. Apple doesn't say when it plans to finish scanning Canadian roads and processing data. If you live in Canada, it could take a few months before you notice any change. Last year, Apple announced that it was in the process of rebuilding Apple Maps from the ground up. And you can already see some improvements in parts of the U.S. with more detailed maps, better representations of pedestrian and green areas, more accurate building shapes, etc.

Hackers breached a company that provides license plate reader technology for the US government, including at the border with Mexico. From a report: The hackers posted what appears to be the internal data of the company, called Perceptics, on a dark web website on Thursday. A company employee confirmed to Motherboard that Perceptics was hacked. "We are aware of the breach and have notified our customers. We can't comment any further because it is an ongoing legal investigation," Casey Self, director of marketing for Perceptics said in an online message. The Register first reported the news on Thursday. The data appears to include a variety of databases, company documents, and financial information, according to the file directory giving an overview of the stolen material. Boris Bullet-Dodger, the hacker who listed the data online, contacted Motherboard with a link to the stolen data on Thursday. Perceptics, once a subsidiary of major government contractor Northrop Grumman, mainly distributes license plate readers, under-vehicle cameras, and driver cameras to the U.S., Canada, Mexico to place at border crossings.

An algorithm, it seems, could determine, in some cases, who gets shown lifesaving information, and who doesn't. From a report: The researchers behind the New Media & Society paper set out to understand this odd quirk of Google's algorithm, and to find out why the company seemed to be serving some markets better than others. They developed a list of 28 keywords and phrases related to suicide, Sebastian Scherr at the University of Leuven says, and worked with nine researchers from different countries who accurately translated those terms into their own languages. For 21 days, they conducted millions of automated searches for these phrases, and kept track of whether hotline information showed up or not. They thought these results might simply, logically, show up in countries with higher suicide rates, but the opposite was true.

Users in South Korea, which has one of the world's highest suicide rates, were only served the advice box about 20% of the time. They tested different browser histories (some completely clean, some full of suicide-related topics), with computers old and new, and tested searches in 11 different countries. It didn't seem to matter: the advice box was simply much more likely to be shown to people using Google in the English language, particularly in English-speaking countries (though not in Canada, which Scherr speculates was probably down to geographical rollout). "If you're in an English-speaking country, you have over a 90% chance of seeing these results -- but Google operates differently depending on which language you use," he said. Scherr speculates that using keywords may simply have been the easiest way to implement the project, but adds that it wouldn't take much to offer it more effectively in other countries, too.

A Google spokesperson, who asked not to be quoted directly, said that the company is refining these algorithms. The advice boxes require the cooperation of local organizations which may not always be available, they said, but that relevant resources will still show up in regular search results. Google said the service does not have comprehensive global coverage, and while it is actively working on new languages and locations, rolling that out takes time.

The American Registry for Internet Numbers, Ltd. (ARIN) has won a legal case against an elaborate multi-year scheme to defraud the Internet community of approximately 735,000 IPv4 addresses, the organization has revealed. An anonymous reader writes: While the specifics of the findings are not released, John Curran, ARIN President and CEO said the fraud was detected as a result of an internal due diligence process. ARIN is a nonprofit member-based organization responsible for distributing Internet number resources in the US, Canada, and parts of the Caribbean. The emerging IPv4 address transfer market and increasing demand have resulted in more attempts to obtain IPv4 addresses fraudulently. This is the first arbitration ever brought under an ARIN Registration Services Agreement, and related proceedings in the U.S. District Court for the Eastern District of Virginia. ARIN was able to prove an intricate scheme to fraudulently obtained resources that included many falsely notarized officer attestations sent to ARIN.

The U.S. will not sign onto the "Christchurch call to action" against online extremism expected to be released Wednesday, citing concerns that the pact would violate free speech protections in the First Amendment, the Washington Post reports. From a report: The document, negotiated by New Zealand and French officials as a commitment to study and stop the spread of online extremism that motivated the Christchurch mosque shootings earlier this year, is expected to be signed by Australia, Canada and the U.K., among others. It also has the support of major U.S. tech companies, including Facebook and Google, whose platforms were used to livestream and host videos of the attack.

Lenovo is launching a new AR-and-VR system targeted at businesses. It's called ThinkReality, and from the looks and description of the device and platform, it looks like a competitor for Microsoft's HoloLens. Engadget reports: There are two parts to the new ThinkReality system -- the AR headset and a software platform. The ThinkReality A6 is a comfortable 380-gram headset with two fisheye cameras on the front, as well as depth sensors and a 13-megapixel RGB sensor. There's also microphones onboard for voice control, and the headset can also detect where you're gazing to optimize resolution or navigation. You'll also be able to interact with your virtual environments using an included 3DoF controller. Untethered, the A6 can last up to four hours with its 6,800mAh battery, and you can still use the device while it's plugged in and charging.

The headset connects to an SSD-sized compute box that contains a Snapdragon 845 CPU running an Android-based platform. There's also an Intel Movidius chips powering waveguide optics here, and each eye on the A6 offers a 40-degree diagonal field of view and 1080p resolution. By comparison, the HoloLens 2 uses a Snapdragon 850 CPU and packs two 2K MEMS displays. Microsoft also squeezes all the computing components into the headset rather than in a separate box like Lenovo does. While I'm not a fan of having to carry around an additional accessory to power a headset, this setup does make the ThinkReality A6 lighter, so it's a compromise I'm willing to make. You can wear the box on a belt clip or an armband, which should make it easy to move around when wearing this setup at work. Lenovo claims this is "one of the lightest fully featured AR headsets in its class," and during a brief trial with a non-working model, I certainly found the A6 lightweight.

An anonymous reader quotes a report from The New York Times: An Israeli firm accused of supplying tools for spying on human-rights activists and journalists now faces claims that its technology can use a security hole in WhatsApp, the messaging app used by 1.5 billion people, to break into the digital communications of iPhone and Android phone users (Warning: source may be paywalled; alternative source). Security researchers said they had found so-called spyware -- designed to take advantage of the WhatsApp flaw -- that bears the characteristics of technology from the company, the NSO Group.

The spyware was used to break into the phone of a London lawyer who has been involved in lawsuits that accused the company of providing tools to hack the phones of Omar Abdulaziz, a Saudi dissident in Canada; a Qatari citizen; and a group of Mexican journalists and activists, the researchers said. There may have been other targets, they said. Digital attackers could use the vulnerability to insert malicious code and steal data from an Android phone or an iPhone simply by placing a WhatsApp call, even if the victim did not pick up the call. As WhatsApp's engineers examined the vulnerability, they concluded that it was similar to other tools from the NSO Group, because of its digital footprint. WhatsApp engineers patched the vulnerability on Monday.

"WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices," the Facebook-owned company said in a statement.