News

The U.S. Department of the Treasury's OFAC has sanctioned Yin Kecheng and Sichuan Juxinhe Network Technology Co. for their roles in a recent Treasury breach and espionage operations targeting U.S. telecommunications. BleepingComputer reports: "Yin Kecheng has been a cyber actor for over a decade and is affiliated with the People's Republic of China Ministry of State Security (MSS)," reads the Treasury's announcement. "Yin Kecheng was associated with the recent compromise of the Department of the Treasury's Departmental Offices network," says the agency. OFAC also announced sanctions against Sichuan Juxinhe Network Technology Co., a Chinese cybersecurity firm believed to be directly involved with the Salt Typhoon state hacker group. Salt Typhoon was recently linked to several breaches on major U.S. telecommunications and internet service providers to spy on confidential communications of high-profile targets. "Sichuan Juxinhe Network Technology Co., LTD. (Sichuan Juxinhe) had direct involvement in the exploitation of these U.S. telecommunication and internet service provider companies," the U.S. Treasury explains, adding that "the MSS has maintained strong ties with multiple computer network exploitation companies, including Sichuan Juxinhe." [...] The sanctions imposed on Kecheng and the Chinese cybersecurity firm under Executive Order (E.O.) 13694 block all property and financial assets located in the United States or are in the possession of U.S. entities, including banks, businesses, and individuals. Additionally, U.S. entities are prohibited from conducting any transactions with the sanctioned entities without OFAC's explicit authorization. It's worth noting that these sanctions come after OFAC sanctioned Beijing-based cybersecurity company Integrity Tech for its involvement in cyberattacks attributed to the Chinese state-sponsored Flax Typhoon hacking group. U.S. Treasury's announcement reiterates that the U.S. Department of State offers, through its Rewards for Justice program, up to $10,000,000 for information leading to uncovering the identity of hackers who have targeted the U.S. government or critical infrastructure in the country.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: A Russian organization linked to the Kremlin's covert influence campaigns posted more than 8,000 political advertisements on Facebook despite European and American restrictions barring companies from doing business with the organization, according to three organizations that track disinformation online. The Russian group, the Social Design Agency, evaded lax enforcement by Facebook to place an estimated $338,000 worth of ads aimed at European users over a period of 15 months that ended in October, even though the platform itself highlighted the threat, the three organizations said in a report released on Friday. The Social Design Agency has faced punitive sanctions in the European Union since 2023 and in the United States since April for spreading propaganda and disinformation to unsuspecting users on social media. The ad campaigns on Facebook raise "critical questions about the platform's compliance" with American and European laws, the report said. [...] The Social Design Agency is a public relations company in Moscow that, according to American and European officials, operates a sophisticated influence operation known as Doppelganger. Since 2022, Doppelganger has created cartoon memes and online clones of real news sites, like Le Monde and The Washington Post, to spread propaganda and disinformation, often about the war in Ukraine. [...] The organizations documenting the campaign -- Check First, a Finnish research company, along with Reset.Tech in London and AI Forensics in Paris -- focused on efforts to sway Facebook users in France, Germany, Poland and Italy. Doppelganger has been also linked to influence operations in the United States, Israel and other countries, but those are not included in the report's findings. [...] The researchers estimated that the ads resulted in more than 123,000 clicks by users and netted Meta at least $338,000 in the European Union alone. The researchers acknowledged that the figures provide only one, incomplete example of the Russian agency's efforts. In addition to propagating Russia's views on Ukraine, the agency posted ads in response to major news events, including theHamas attack on Israel on Oct. 7, 2023, and a terrorist attack in a Moscow suburb last March that killed 145 people. The ads would often appear within 48 hours, trying to shape public perceptions of events. After the Oct. 7 attacks, the ads pushed false claims that Ukraine sold weapons to Hamas. The ads reached more than 237,000 accounts over two to three days, "underscoring the operation's capacity to weaponize current events in support of geopolitical narratives," the researcher's report said.

Read more of this story at Slashdot.

Longtime Slashdot reader sfcat shares a report from the Associated Press: Hundreds of people were ordered to evacuate and part of Highway 1 in Northern California was closed when a major fire erupted Thursday afternoon at one of the world's largest battery storage plants. As the fire sent up towering flames and black smoke and showed no sign of easing by Thursday night, about 1,500 people were instructed to leave Moss Landing and the Elkhorn Slough area, The Mercury News reported. The Moss Landing Power Plant, located about 77 miles (about 124 kilometers) south of San Francisco, is owned by Texas-company Vistra Energy and contains tens of thousands of lithium batteries. The batteries are important for storing electricity from such renewable energy sources as solar energy, but if they go up in flames the blazes can be extremely difficult to put out. "There's no way to sugar coat it. This is a disaster, is what it is," Monterey County Supervisor Glenn Church told KSBW-TV. But he said he did not expect the fire to spread beyond the concrete building it was enclosed in. According to reports, the fire originated in the 300-megawatt Phase I section of the 750-megawatt facility, located on the site of a retired PG&E natural gas plant. It's unclear what caused the fire, but officials said a full investigation will begin after it's out. Thankfully, everyone at the site was evacuated safely. Videos and images of the fire can be found here.

Read more of this story at Slashdot.

Microsoft's $13 billion investment in OpenAI raises concerns that the tech giant could extend its dominance in cloud computing into the nascent AI market, the Federal Trade Commission said in a report released Friday. From a report: The commission said Microsoft's deal with OpenAI, as well as Amazon and Google's partnerships with AI company Anthropic, raise the risk that AI developers could be "fully acquired" by the tech giants in the future. "The FTC's report sheds light on how partnerships by big tech firms can create lock-in, deprive start-ups of key AI inputs, and reveal sensitive information that can undermine fair competition," FTC Chair Lina Khan said in a statement. The FTC has the power to open market studies to glean more information about industry trends. The findings can be used to inform future actions. It's unclear what the agency's new leadership under the Trump administration will do with the report.

Read more of this story at Slashdot.

An anonymous reader shares a report: FBI leaders have warned that they believe hackers who broke into AT&T's system last year stole months of their agents' call and text logs, setting off a race within the bureau to protect the identities of confidential informants, a document reviewed by Bloomberg News shows. FBI officials told agents across the country that details about their use on the telecom carrier's network were believed to be among the billions of records stolen, according to the document and interviews with a current and a former law enforcement official. They asked not to be named to discuss sensitive information. Data from all FBI devices under the bureau's AT&T service for public safety agencies were presumed taken, the document shows. The cache of hacked AT&T records didn't reveal the substance of communications but, according to the document, could link investigators to their secret sources. The data was believed to include agents' mobile phone numbers and the numbers with which they called and texted, the document shows. Records for calls and texts that weren't on the AT&T network, such as through encrypted messaging apps, weren't part of the stolen data.

Read more of this story at Slashdot.

Sony's PlayStation has canceled previously unannounced games at two of its top subsidiaries, the company said. From a report: The games, at Oregon-based Bend Studio and Texas-based Bluepoint Games, were both "live service" projects designed to draw recurring revenue from players. A company spokesperson confirmed the cancellations. In a statement, the spokesperson said the two games were canceled "following a recent review" and that PlayStation will continue making both online and single-player games. Neither studio will be shuttered. "Bend and Bluepoint are highly accomplished teams who are valued members of the PlayStation Studios family, and we are working closely with each studio to determine what are the next projects," the spokesperson said.

Read more of this story at Slashdot.

Microsoft began mandatory rollouts of the Windows 11 2024 Update (24H2) for eligible devices running Home and Pro editions, the company announced on its Windows 11 issues page. The update, which Microsoft describes as a "full code swap," requires longer installation times, with users reporting processes exceeding an hour. While users can briefly postpone the installation, the company is now pushing updates to mainstream users not managed by IT departments. The 24H2 update introduces USB4's 80Gbps support, Bluetooth LE Audio for hearing aids, and enhanced Energy Saver controls.

Read more of this story at Slashdot.

George Zhao, the chief executive of Chinese smartphone firm Honor, has resigned from his position due to personal reasons, the company said on Friday. CNBC: "The company and the Board of Directors sincerely appreciate Mr Zhao's outstanding contributions to the company during his tenure," Honor said in a statement. Jian Li, who's been at Honor for four years in various senior management positions, will succeed Zhao as CEO. In an internal memo posted by Chinese media and confirmed as accurate by an Honor spokesperson, Zhao said he was stepping down due to health reasons and planned to rest, recover and spend more time with his family. [...] Honor's market share in China has risen from 9.8% in 2020 to over 15% in 2024, according to Counterpoint Research. Outside of China, Honor's market share hit 2.3% in 2024, compared to under 1% in 2020.

Read more of this story at Slashdot.

Google says it has begun requiring users to turn on JavaScript, the widely-used programming language to make web pages interactive, in order to use Google Search. From a report: In an email to TechCrunch, a company spokesperson claimed that the change is intended to "better protect" Google Search against malicious activity, such as bots and spam, and to improve the overall Google Search experience for users. The spokesperson noted that, without JavaScript, many Google Search features won't work properly, and that the quality of search results tends to be degraded.

Read more of this story at Slashdot.

Microsoft researchers who tested more than 100 of the company's AI products concluded that AI systems can never be made fully secure, according to a new pre-print paper. The 26-author study, which included Azure CTO Mark Russinovich, found that large language models amplify existing security risks and create new vulnerabilities. While defensive measures can increase the cost of attacks, the researchers warned that AI systems will remain vulnerable to threats ranging from gradient-based attacks to simpler techniques like interface manipulation for phishing.

Read more of this story at Slashdot.

Compliance software firms are deploying AI to decode complex trader communications and detect potential financial crimes as Wall Street and London regulators intensify scrutiny of market manipulation. Companies like Behavox and Global Relay are developing AI tools that can interpret trader slang, emoji-laden messages and even coded language that traditional detection systems might miss, WSJ reports. The technology aims to replace older methods that relied on scanning for specific trigger words, which traders could easily evade. The story adds: Traders believed that "if somebody wanted to say something sketchy, they would just make up a funny word or, you know, spell it backward or something," [Donald] McElligott (VP of Global Relay) said. "Now, none of that"s going to work anymore."

Read more of this story at Slashdot.

Canon is requiring users to pay a monthly subscription fee to fully use their cameras as webcams on computers. The company's new EOS Webcam Utility software restricts features like HD resolution, brightness adjustments and color correction unless users pay $4.99 monthly or $49.99 annually.

Read more of this story at Slashdot.

An anonymous reader shares a report: The Supreme Court on Friday unanimously upheld the federal law banning TikTok beginning Sunday unless it's sold by its China-based parent company, holding that the risk to national security posed by its ties to China overcomes concerns about limiting speech by the app or its 170 million users in the United States. A sale does not appear imminent and, although experts have said the app will not disappear from existing users' phones once the law takes effect on Jan. 19, new users won't be able to download it and updates won't be available. That will eventually render the app unworkable, the Justice Department has said in court filings.

Read more of this story at Slashdot.

Tech news and research site SemiAccurate is reporting that an unidentified company is seeking to acquire Intel in its entirety. The publication -- citing a confidential email that it reviewed and a subsequent confirmation from a second source -- said the prospective buyer has not publicly disclosed its interest but has sufficient resources to purchase Intel at current valuations (about $85 billion).

Read more of this story at Slashdot.

Scientists warn that the devastating fires that killed at least 24 people and destroyed more than 12,000 structures in Los Angeles represent a new type of urban firestorm, distinct from traditional wilderness blazes. In densely populated areas, buildings themselves become fuel, creating a chain reaction of destruction, researchers reported Friday in Nature. The fires were intensified by steep terrain, powerful winds and a climate pattern of extreme wet-to-dry conditions that created abundant fuel. Researchers say such urban fires are likely to become more frequent as populations expand into wildland areas and climate change accelerates.

Read more of this story at Slashdot.

Indonesia plans to issue a regulation to set a minimum age for users of social media, a move aimed at protecting children, its communications minister has said. From a report: The plans follows Australia's decision to ban children under 16 from accessing social media, with fines for tech giants from Instagram and Facebook owner Meta to TikTok if they failed to prevent children accessing their platforms. Minister Meutya Hafid did not say what the minimum age would be in Indonesia. Her remarks, made late on Jan 13, came after she discussed the plan with President Prabowo Subianto.

Read more of this story at Slashdot.

The FTC announced Thursday that it's banned General Motors and its subsidiary OnStar from selling customer geolocation and driving behavior data for five years. The Verge reports: The settlement comes after a New York Times investigation found that GM had been collecting micro-details about its customers' driving habits, including acceleration, braking, and trip length -- and then selling it to insurance companies and third-party data brokers like LexisNexis and Verisk. Clueless vehicle owners were then left wondering why their insurance premiums were going up. FTC accused GM of using a "misleading enrollment process" to get vehicle owners to sign up for its OnStar connected vehicle service and Smart Driver feature. The automaker failed to disclose to customers that it was collecting their data, nor did GM seek out their consent to sell it to third parties. After the Times exposed the practice, GM said it was discontinuing its OnStar Smart Driver program. The settlement also requires GM to obtain consent from customers before collecting their driving behavior data, and allow them to request and delete their data if they choose.

Read more of this story at Slashdot.

According to Axios, Google has told the EU it will not add fact checks to search results and YouTube videos or use them in ranking or removing content, despite the requirements of a new EU law. From the report: In a letter written to Renate Nikolay, the deputy director general under the content and technology arm at the European Commission, Google's global affairs president Kent Walker said the fact-checking integration required by the Commission's new Disinformation Code of Practice "simply isn't appropriate or effective for our services" and said Google won't commit to it. The code would require Google to incorporate fact-check results alongside Google's search results and YouTube videos. It would also force Google to build fact-checking into its ranking systems and algorithms. Walker said Google's current approach to content moderation works and pointed to successful content moderation during last year's "unprecedented cycle of global elections" as proof. He said a new feature added to YouTube last year that enables some users to add contextual notes to videos "has significant potential." (That program is similar to X's Community Notes feature, as well as new program announced by Meta last week.) The EU's Code of Practice on Disinformation, introduced in 2022, includes several voluntary commitments that tech firms and private companies, including fact-checking organizations, are expected to deliver on. The Code, originally created in 2018, predates the EU's new content moderation law, the Digital Services Act (DSA), which went into effect in 2022. The Commission has held private discussions over the past year with tech companies, urging them to convert the voluntary measures into an official code of conduct under the DSA. Walker said in his letter Thursday that Google had already told the Commission that it didn't plan to comply. Google will "pull out of all fact-checking commitments in the Code before it becomes a DSA Code of Conduct," he wrote. He said Google will continue to invest in improvements to its current content moderation practices, which focus on providing people with more information about their search results through features like Synth ID watermarking and AI disclosures on YouTube.

Read more of this story at Slashdot.

Megan Hellerer, a career coach and founder of Coaching for Underfulfilled Overachievers, offers an alternative to the relentless "hustle culture" and "destinational living" mindsets, which often emphasize long-term goals at the expense of present happiness. "There's another way and I call it directional living," writes Hellerer. "Here's the catch: I can't find fulfilment for you. The good news is that it's all up to you..." An anonymous Slashdot reader shares an excerpt from the report published by The Guardian: Directional living is like the scientific method but for life. You begin with a hypothesis -- your best guess as to the direction of a loose "something bigger". You conduct tests and collect data through your experiences, refining your life hypothesis as you go. If you have a hypothesis that involves living on the beach, you may test that by renting a house on the coast for one month and collecting data on how right, or not, that is for you. The goal is not to permanently relocate but to find out whether you want to continue exploring that path. Success is in finding what's true, not in proving your original theory correct. I've found this idea speaks uniquely to UFOAs at this moment in time. [UFOA is a term Hellerer came up with that stands for "underfulfilled overachiever." This describes a constant striver who is living a great-on-paper life, yet feels disconnected from their work, life and self.] The closest thing I have to a personal motto is a quotation that's widely attributed to Carl Jung but that, as it turns out, he never actually said at all. "The privilege of a lifetime is to become who you truly are." My greatest hope for you is that you get to live this privilege fully.

Read more of this story at Slashdot.

Google has partnered with Indian startup Varaha to purchase 100,000 tons of carbon dioxide removal credits by 2030, marking its largest deal in India and the largest involving biochar, a carbon removal solution made from biomass. TechCrunch reports: The offtake agreement credits will be delivered to Google by 2030 from Varaha's industrial biochar project in the western Indian state of Gujarat, the two firms said on Thursday. [...] Biochar is produced in two ways: artisanal and industrial. The artisanal method is community-driven, where farmers burn crop residue in conical flasks without using machines. In contrast, industrial biochar is made using large reactors that process 50-60 tons of biomass daily. Varaha's project will generate industrial biochar from an invasive plant species, Prosopis Juliflora, using its pyrolysis facility in Gujarat. The invasive species impacts plant biodiversity and has overtaken grasslands used for livestock. Varaha will harvest the plant and make efforts to restore native grasslands in the region, the company's co-founder and CEO Madhur Jain said in an interview. Once the biochar is produced, a third-party auditor will submit their report to Puro.Earth to generate credits. Although biochar is seen as a long-term carbon removal solution, its permanence can vary between 1,000 and 2,500 years depending on production and environmental factors. Jain told TechCrunch that Varaha tried using different feedstocks and different parameters within its reactors to find the best combination to achieve permanence close to 1,600 years. The startup has also built a digital monitoring, reporting and verification system, integrating remote sensing to monitor biomass availability. It even has a mobile app that captures geo-tagged, time-stamped images to geographically document activities, including biomass excavation and biochar's field application. With its first project, Varaha said it processed at least 40,000 tons of biomass and produced 10,000 tons of biochar last year.

Read more of this story at Slashdot.