Connect with us

Technology

SolarWinds backdoor gang pwned Microsoft support agent to turn sights on customers • The Register

Voice Of EU

Published

on

In Brief The spies who backdoored SolarWinds’ Orion software infiltrated Microsoft’s support desk systems last month and obtained information to use in cyber-attacks on some of the Windows giant’s customers, it was reported.

Redmond said it traced this latest intrusion to a member of a team it calls Nobelium, the suspected Kremlin-run crew that used tainted Orion updates to snoop on organizations around the world. Russia insists it had nothing to do with the supply-chain attack on SolarWinds.

Microsoft customers targeted by the support desk intruder have been alerted. The caper was detected during what sounds like an investigation into a wider phishing campaign that, as it turned out, hooked a Microsoft support agent, who had access to customers’ contact information, lists of their cloud subscriptions, and other records.

“A sophisticated nation-state associated actor that Microsoft identifies as NOBELLIUM accessed Microsoft customer support tools to review information regarding your Microsoft Services subscriptions,” the IT giant told those clients, Reuters reported first on Friday.

“The actor used this information in some cases to launch highly-targeted attacks as part of their broader campaign.”

Mercedes-Benz USA this week said 1,000 or so customers’ sensitive personal information – such as credit card, driving license, and social security numbers, and dates of birth – were accidentally left out in the open on an insecure cloud storage system that has since been fixed. The data was collected from its website between January 2014 and June 2017.

It seems the exposed database had as many as 1.6 million unique records in it, and the majority of those were slightly less sensitive: names, home and email addresses, phone numbers, and some purchased vehicle info.

Earlier this month, Volkswagen and its subsidiary Audi told 3.3m people their personal info had been obtained by miscreants after a third-party supplier left the data facing the public internet. Again, most of the records were contact information and details of purchased vehicles, and for 90,000 folks, more sensitive info.

AWS buys Wickr

Amazon Web Services announced on Friday it has bought Wickr, the popular encrypted messaging system, for an undisclosed sum.

Wickr started out as a secure smartphone chat app for NGOs, with end-to-end encrypted messages that could be auto-deleted. Then it branched out to the desktop, and enterprise versions appeared for on-prem and cloud servers. It’s also used by the US military and law enforcement, not to mention an Australian Prime Minister.

“The need for this type of secure communications is accelerating,” said AWS chief information security officer Stephen Schmidt. “With the move to hybrid work environments, due in part to the COVID-19 pandemic, enterprises and government agencies have a growing desire to protect their communications across many remote locations.

“Wickr’s secure communications solutions help enterprises and government organizations adapt to this change in their workforces and is a welcome addition to the growing set of collaboration and productivity services that AWS offers customers and partners.”

Wickr is also popular with some journalists, though one wonders if they’ll keep using the software seeing as it’s now owned by a corporation that seems to relish badgering and nitpicking reporters and editors. The accountants at Juniper Networks may be happy: the Silicon Valley biz was a seed funder for Wickr, and one assumes it got a good return on its investment from this acquisition.

Mozilla starts Rally for privacy

In a somewhat quixotic move, Mozilla is asking its users to send their data to third parties in the hope that it’ll one day be better protected.

The scheme, dubbed Rally, will let Firefox users install a plugin that lets them share some of their user data and personal information with academics researching how people use the internet and what data they are actually having to share to do so. Users choose how much info they send and to which project, with teams at Princeton and Stanford are already signed up to participate.

“Quantitative research is essential for understanding tech policy problems and for holding platforms accountable. Here’s the problem: methods and data often aren’t adequate,” said Jonathan Mayer, a professor of computer science at Princeton.

“Platforms could help with these research barriers. But platforms, unsurprisingly, haven’t been very interested in enabling research that examines their own problems and misconduct. Rally doesn’t depend on platform gatekeepers — it’s entirely independent, powered by users.”

Moz also released a tool called WebScience for other academics that want to get involved. Now we may actually get some realistic data, if enough people take part.

Cryptomining malware Crackonosh targets gamers

The perils of piracy were highlighted yet again this week, this time in a report on Crackonosh, a malware outbreak among gamers that netted millions in Monero.

The Windows software nasty, Avast said, was hidden in cracked versions of popular games like Far Cry 5, NBA 2K19 and, somewhat ironically, Grand Theft Auto V. Once installed, the code shut down any security software it could find, and installed a Monero miner called XMRig, which takes advantage of gamers’ rigs.

“Crackonosh has been circulating since at least June 2018 and has yielded over $2,000,000 USD for its authors in Monero from over 222,000 infected systems worldwide,” Avast claimed.

“As long as people continue to download cracked software, attacks like these will continue to be profitable for attackers. The key take-away from this is that you really can’t get something for nothing and when you try to steal software, odds are someone is trying to steal from you.”

Oklahoma! where the data goes blowing on the web

The City of Tulsa, Oklahoma, has admitted that files snatched from its police department computers have been released onto the web by extortionists.

Over 18,000 police citations and internal department files were leaked, it said, and “out of an abundance of caution, anyone who has filed a police report, received a police citation, made a payment with the City, or interacted with the City in any way where PII was shared,” should check their bank accounts.

Tulsa got hit by a major ransomware infection on May 6. Mayor G.T. Bynum refused to pay up, saying: “Know that your tax dollars are not going to go into the hands of criminals,” and vowed the city wouldn’t pay “a nickel.”

Canadian Navy bests the rest in military cyber contest

US Cyber Command’s annual war games were held this week and, despite America fielding the majority of the players, it was its upstairs neighbor who scooped the top prize.

This year’s Cyber Flag 21-2, or “Big Flag,” contest saw a simulated computer attack on a major logistics facility (sound familiar?) by two adversaries. The 430 military and civilian keyboard warriors from the US, Canada, and UK scored points for thwarting these infections, defending against threats, and shoring up unsafe systems.

“Cyber Flag 21-2 tested the best and brightest cyber protection teams. This exercise assessed their tactical cyber skills while collectively improving our cyber resiliency. I’d also like to congratulate the Royal Canadian Navy’s Cyber Protection Team, the winner of this year’s event,” said General Paul Nakasone, US Cyber Command commander, presumably through slightly gritted teeth. ®



Source link

Technology

Will this be one of the world’s first RISC-V laptops? • The Register

Voice Of EU

Published

on

Pic As Apple and Qualcomm push for more Arm adoption in the notebook space, we have come across a photo of what could become one of the world’s first laptops to use the open-source RISC-V instruction set architecture.

In an interview with The Register, Calista Redmond, CEO of RISC-V International, signaled we will see a RISC-V laptop revealed sometime this year as the ISA’s governing body works to garner more financial and development support from large companies.

It turns out Philipp Tomsich, chair of RISC-V International’s software committee, dangled a photo of what could likely be the laptop in question earlier this month in front of RISC-V Week attendees in Paris.

A slide that shows a picture of a laptop and says, 'Will we see the first RISC-V laptop released in 2022?'

A slide from the RISC-V Week event in Paris teasing a potential RISC-V laptop coming in 2022 … Click to enlarge.

Tomsich teased the device at the end of a talk with Mark Himelstein, CTO of RISC-V International, about the software optimization work needed to mature the RISC-V ecosystem.

“The big question that everybody is asking themselves, and the one where I’m wondering, Mark, if we’ll be able to pull this off: will we see the first RISC-V laptop announced this year?” Tomsich said as he showed a picture of a black, brandless laptop that had a large question mark over it.

Tomsich then hinted at the potential specs of the laptop:

Tomsich shared the photo of the mystery PC while promoting a few milestones for RISC-V, including the March launch of the first portable RISC-V computer, modeled after Kyocera’s classic TRS-80 Model 100 “slab” computer from 1983. Tomsich also hailed Alibaba Cloud for getting Android 12 to work on its own RISC-V silicon, and RISC-V compiler support for Java through OpenJDK.

What could the RISC-V laptop be for?

We were able to extract the image of the mystery laptop from the slide to get a slightly closer look:

A photo of what could be a laptop running a RISC-V processor, as shown at the RISC-V Week event in Paris in early May.

A photo of what could be a RISC-V laptop, as shown at the RISC-V Week event in Paris. Click to enlarge.

Unfortunately, there’s not much we can discern from this photo. The device itself looks fairly rough, pretty much a prototype, which means the laptop is likely being used for development and testing purposes.

However, there was one interesting detail that caught our attention: the bottle in the top-left corner of the photo. We learned from a quick Google search that this is a water bottle brand in China called Ganten.

Now, normally we wouldn’t care much about seeing a bottle of water, but we do know that, as of last summer, the Institute of Software at the Chinese Academy of Sciences (ISCAS) was planning to build 2,000 RISC-V laptops by the end of 2022 as China looks to reduce its reliance on foreign tech giants like Arm and Intel amid ongoing tensions with Western countries.

Does this mean the mystery laptop is being developed by ISCAS? It’s too soon to say. There could be other RISC-V laptop developments in China, though the ISCAS project is the only one in the country El Reg knows of so far.

The only other public RISC-V laptop development we’re aware of is one in Russia, which is expected to have homegrown RISC-V laptop chips ready for devices by 2025, according to a report from last year. The country is now cut off from Arm and Intel due to its invasion of Ukraine, so RISC-V is probably its best option now due to the ISA’s borderless nature.

As for RISC-V laptops popping up elsewhere in the world, we shouldn’t expect commercial products for a while – though if you know of any, or can identify the machine above, please do let us know. We’re also more than aware of the RISC-V boards out there for developers.

Patrick Little, the CEO of RISC-V chip designer SiFive, told us earlier this year he doesn’t think system-on-chips using the company’s CPU blueprints will find their way into PCs until roughly late 2025.

There’s also the fact that much work is needed for the RISC-V ISA to provide the same level of software support and cross-platform stability that x86 and, to a somewhat lesser extent, Arm, provide for PCs now. ®

Source link

Continue Reading

Technology

Engineering jobs are coming to Shannon as Ryanair creates 200 roles

Voice Of EU

Published

on

The new facility will create jobs for engineers, mechanics and support staff as Ryanair seeks to expand its fleet to more than 600 aircraft over the next four years.

Ryanair is opening its first heavy maintenance facility in Ireland at Shannon Airport, which the airline said will lead to 200 “high-skill” jobs in the region.

The airline said it will invest €10m into the “state-of-the-art” facility, leased from Shannon Group. This will support the maintenance of Ryanair’s fleet, which it is looking to expand to more than 600 aircraft over the next four years.

Future Human

Jobs to be created at the maintenance facility include licensed engineers, mechanics and support staff.

“Ryanair creates opportunities for highly skilled engineering jobs, with our industry-leading rosters and the youngest fleet in Europe,” Ryanair director of operations Neal McMahon said. “Shannon is an ideal location with opportunities to attract, train and employ local talent to support this new facility.”

Ryanair has operated from Shannon Airport since 1986, opening a base at the airport in 2005. It has carried more than 17m customers to and from the airport to date.

The airline said the investment is a mark of its commitment to both Ireland and the mid-west region.

Shannon Group CEO Mary Considine added that it represents a “vote of confidence” by Ryanair in the future of the airport.

“Having Ryanair at hangar 5, one of 10 fully occupied hangars on our Shannon campus, is another significant boost for the region, creating high-quality jobs for local aviation specialists,” Considine said. “The resulting jobs and investment are also consistent with our strategic plan to increase economic growth and retain skills and talent in the region.”

Ryanair carries around 154m passengers every year on more more than 2,400 daily flights from 82 bases, with its fleet of roughly 470 aircraft. The airline said it has a headcount of more than 19,000 skilled aviation professionals globally.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Source link

Continue Reading

Technology

Older people using TikTok to defy ageist stereotypes, research finds | TikTok

Voice Of EU

Published

on

Older TikTok users are using the online platform, regarded as the virtual playground of teenagers, to defy ageist stereotypes of elderly people as technophobic and frail.

Research has found increasing numbers of accounts belonging to users aged 60 and older with millions of followers. Using the platform to showcase their energy and vibrancy, these TikTok elders are rewriting expectations around how older people should behave both on and off social media.

“These TikTok elders have become successful content creators in a powerful counter-cultural phenomenon in which older persons actually contest the stereotypes of old age by embracing or even celebrating their aged status,” said Dr Reuben Ng, the author of the paper Not Too Old for TikTok: How Older Adults are Reframing Ageing, and an assistant professor at Yale University.

Interestingly, said Ng, most TikTok elders are women who “fiercely resist common stereotypes of older women as passive, mild-mannered and weak, instead opting to present themselves as fierce or even foul-mouthed,” he said.

The immense reach that these older TikTok users have means they have the potential to transform negative age stereotypes that proliferate on social media.

“There is considerable evidence that ageist stereotypes preponderate among the young on social media,” said Ng. These prejudices reached an all-time high during the Covid pandemic, during which the deadly virus was labelled a “Boomer remover”.

“The strength of anti-age prejudices means the participation of older adults in social media is vital in ensuring that such ageist ideas are not left unchallenged,” said Ng, whose paper is to be published in the Gerontologist journal.

The paper looked at 1,382 videos posted by TikTok users who were aged 60 or older and had between 100,000 and 5.3 million followers. In total, their videos, all of which explicitly discussed their age, had been viewed more than 3.5bn times.

Ng found that 71% of these videos – including those from accounts such as grandadjoe1933, who has 5.3 million followers, and dolly_broadway, who has 2.4 million followers – were used to defy age stereotypes. A recurring motif was the “glamma”, a portmanteau combining “glamorous” and “grandma”, with videos including those of a 70-year-old woman joyfully parading around the streets in a midriff-bearing top.

Allow TikTok content?

This article includes content provided by TikTok. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. To view this content, click ‘Allow and continue’.

Almost one in five of the videos analysed made light of age-related vulnerabilities, and one in 10 called out ageism among both younger people and their own contemporaries. Other videos positioned older users as superior to younger people. “I may be 86 but I can still drink more than you lightweights” says one clip. “I may be 86 but I can still twerk better than you,” says another, showing an octogenarian leaping up from a fall down the stairs with a twerk.

Analysis by the Pew Research Centre has found a remarkable uptake of technology by older Americans during recent years: in 2000, 14% of people aged 65-plus were internet users; in 2019, it was 73%. Only half of adults owned smartphones in 2014, 81% of those aged 60 to 69 have them today.

Emma Twyning, the director of communications at the Centre for Ageing Better said: “We need to see much more diverse portrayals if we are to truly shift attitudes and cast off negative perceptions of growing older. Social media is the perfect platform to do this and to call out ageism more generally.”

Stuart Lewis, the chief executive of Rest Less, said TikTok was the ideal platform for midlife influencers to take to the stage and defy ageist stereotypes. “Creators are encouraged to be original, raw and unedited – making it the ideal soapbox on which to stand if you want a space to debunk stereotypes and be your uncensored self,” he said.

Prof Fiona Gillison, from the Healthy Later Living Network at the University of Bath, who is leading work on challenging stereotypes about ageing, said the study was important. But she added: “There is a balance to be struck in challenging stereotypes about ageing while also accepting that it is OK to want different things from younger people as we grow older, and accepting that our interests and abilities may change.”

Ultimately, she said, people need to “take the stigma out of needing adjustments as we age while also challenging assumptions that can accompany these. For example that having a hearing aid somehow implies that we are ‘fragile’ or ‘infirm’ in other ways.”

The older users showcasing their energy and vibrancy

@grandadjoe1933

The 88-year-old Staffordshire man is TikTok’s wealthiest “granfluencer”, his videos apparently earning him about £134,000 a year. Grandad Joe has won 5.4 million followers and 156.7 million likes for videos including one of him giggling after his youngest granddaughter gives his grown-up daughter “attitude just like she gave me [when she was younger]”.

Allow TikTok content?

This article includes content provided by TikTok. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. To view this content, click ‘Allow and continue’.

@grandma_droniak

92-year-old Grandmother Droniak went viral, reaching 4.2 million followers, after laying down rules for her funeral including “Cry, but not too much,” “Bertha isn’t invited” and “Get drunk afterwards”.

Allow TikTok content?

This article includes content provided by TikTok. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. To view this content, click ‘Allow and continue’.

@grandmaann2

Grandmaann2 lures viewers to her account with the strapline “I’m old so follow before I die”. Two million people couldn’t resist, and to date they have given her lip-syncs and comedy skits 63.5m likes.

Allow TikTok content?

This article includes content provided by TikTok. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. To view this content, click ‘Allow and continue’.

@its_j_dog

Jenny Krupa, 87, has won 2 million followers and 93m likes since a 2019 video accidentally posted by her grandson, Skylar Krupa, titled “Perks of being old” reached 1,000 views in about 15 minutes.

Allow TikTok content?

This article includes content provided by TikTok. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. To view this content, click ‘Allow and continue’.

@dolly_broadway

The latest video for her 1 million followers shows 89-year-old Dolores Paolino dressing up in a Marilyn Monroe-type dress and telling Kim Kardashian she looks better in it than her.

Other videos show the grandmother from south Philadelphia wearing sequined jumpsuits and swigging from a bottle on her birthday, and pushing ice-cream cones into her grandchildren’s face.

Allow TikTok content?

This article includes content provided by TikTok. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. To view this content, click ‘Allow and continue’.

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!