Remember that massive botnet run by Chinese government hackers? Flax Typhoon "compromised computer networks in North America, Europe, Africa, and across Asia, with a particular focus on Taiwan," according to the U.S. Treasury Department. (The group's botnet breaching this autumn affected "at least 260,000 internet-connected devices," reports the Washington Post, "roughly half of which were located in the United States.")

Friday America's Treasury Department sanctioned "a Beijing-based cybersecurity company for its role in multiple computer intrusion incidents against U.S. victims..." according to an announcement from the department's Office of Foreign Assets Control. "Between summer 2022 and fall 2023, Flax Typhoon actors used infrastructure tied to Integrity Tech during their computer network exploitation activities against multiple victims. During that time, Flax Typhoon routinely sent and received information from Integrity Tech infrastructure."

From the Washington Post: The group behind the attacks was active since at least 2021, but U.S. authorities only managed to wrest control of the devices from the hackers in September, after the FBI won a court order that allowed the agency to send commands to the infected devices...

Treasury's designation follows sanctions announced last month on Sichuan Silence Information Technology Company, in which U.S. officials accused the company of exploiting technology flaws to install malware in more than 80,000 firewalls, including those protecting U.S. critical infrastructure. The new sanctions on Beijing Integrity Technology are notable due to the company's public profile and outsize role in servicing China's police and intelligence services via state-run hacking competitions. The company, which is listed in Shanghai and has a market capitalization of more than $327 million, plays a central role in providing state agencies "cyber ranges" — technology that allows them to simulate cyberattacks and defenses...

In September, FBI Director Christopher A. Wray said the Flax Typhoon attack successfully infiltrated universities, media organizations, corporations and government agencies, and in some cases caused significant financial losses as groups raced to replace the infected hardware. He said at the time that the operation to shut down the network was "one round in a much longer fight...." A 2024 assessment by the Office of the Director of National Intelligence said China is the most "active and persistent" cyberthreat and that actors under Beijing's direction have made efforts to breach U.S. critical infrastructure with the intention of lying in wait to be able to launch attacks in the event of major conflict.
"The Treasury sanctions bar Beijing Integrity Technology from access to U.S. financial systems and freeze any assets the company might hold in the United States," according to the article, "but the moves are unlikely to have a significant effect on the company," (according to Dakota Cary, a fellow at the Atlantic Council who has studied the company's role in state-sponsored hacking).

President Vladimir Putin has directed Russia's government and the country's biggest bank, Sberbank, to strengthen AI cooperation with China, aiming to overcome Western sanctions and challenge U.S. dominance in AI innovation. Reuters reports: Putin's instructions were published on the Kremlin's website on Wednesday, three weeks after he announced that Russia would team up with BRICS partners and other countries to develop AI. He told the government and Sberbank, which is spearheading Russia's AI efforts, to "ensure further co-operation with the People's Republic of China in technological research and development in the field of artificial intelligence."

Western sanctions intended to restrict Moscow's access to the technologies it needs to sustain its war against Ukraine have resulted in the world's major producers of microchips halting exports to Russia, severely limiting its AI ambitions. Sberbank CEO German Gref acknowledged in 2023 that graphics processing units (GPUs), the microchips that underpin AI development, were the trickiest hardware for Russia to replace.

By partnering with non-Western countries, Russia is seeking to challenge the dominance of the United States in one of the most promising and crucial technologies of the 21st century. Putin said on Dec. 11 that a new AI Alliance Network would bring together specialists from BRICS countries and other interested states.

A U.S. appeals court ruled on Thursday the Federal Communications Commission did not have legal authority to reinstate landmark net neutrality rules. From a report: The decision is a blow to the outgoing Biden administration that had made restoring the open internet rules a priority. President Joe Biden signed a 2021 executive order encouraging the FCC to reinstate the rules.

A three-judge panel of the Cincinnati-based 6th U.S. Circuit Court of Appeals said the FCC lacked authority to reinstate the rules initially implemented in 2015 by the agency under Democratic former President Barack Obama, but then repealed by the commission in 2017 under Republican former President Donald Trump.

The rules also forbid special arrangements in which ISPs give improved network speeds or access to favored users. The court cited the Supreme Court's June decision in a case known as Loper Bright to overturn a 1984 precedent that had given deference to government agencies in interpreting laws they administer, in the latest decision to curb the authority of federal agencies. "Applying Loper Bright means we can end the FCC's vacillations," the court ruled.

SvarDOS, a compact open-source operating system derived from DR-DOS, has switched to using the EDRDOS kernel, marking a shift from its FreeDOS distribution roots. The change allows the operating system to fit on a single 1.4MB floppy disk while offering a network-capable package manager that can fetch from a repository of over 400 packages.

Unlike its rival FreeDOS, SvarDOS can run Microsoft Windows 3.1 natively, though the capability currently requires additional configuration. The system maintains compatibility with legacy DOS applications while providing modern features like FAT32 support and network connectivity.

India has once again pushed back a contentious plan to limit major technology companies' control of the nation's digital payments system, extending a regulatory uncertainty that has weighed on the sector for years. From a report: The National Payments Corporation of India said on Tuesday it would extend the deadline for implementing a 30% cap on any individual app's share of transactions on the Unified Payments Interface, or UPI, the country's ubiquitous digital payments network, to December 31, 2026.

The decision provides temporary relief to Walmart-backed PhonePe and Google Pay, which together handle more than 85% of transactions on UPI. The network, which processes over 13 billion transactions monthly, has become the backbone of India's digital economy since its launch eight years ago.

Researchers have uncovered widespread manipulation of GitHub's star-rating system, with over 3.1 million fraudulent stars identified across 15,835 repositories, according to a new study by Socket, Carnegie Mellon University, and North Carolina State University.

The research team analyzed 20TB of data from GHArchive, spanning 6 billion GitHub events from 2019 to 2024, using their "StarScout" detection tool. The tool identified 278,000 accounts engaging in coordinated inauthentic behavior to artificially boost repository rankings.

GitHub uses stars, similar to social media likes, to rank projects and recommend content to users. The platform has previously encountered malicious exploitation of this system, including the "Stargazers Ghost Network" malware operation discovered last summer. Approximately 91% of flagged repositories and 62% of suspicious accounts were removed by October 2024.

An anonymous reader shared this report from the Washington Post: Archer is aiming to launch its first commercially operated [and electrically-powered] flights with a pilot and passengers within a year in Abu Dhabi. A competitor, Joby Aviation, says it is aiming to launch passenger service in Dubai as soon as late 2025. Advancements in batteries and other technologies required for the futuristic tilt-rotor craft are moving so fast that they could soon move beyond the novelty stage and into broader commercial use in a matter of years. Both companies are laying plans to operate at the 2028 Olympics in Los Angeles...

Scaling the industry from a novelty ride for the wealthy to a broadly available commuter option will take billions more in start-up money, executives said, including building out a network of takeoff and landing areas (called vertiports) and charging stations. Some high-profile ventures have already faltered. A plan for air taxis to transport spectators around the Paris Olympics fizzled... Still, investors, including big names like Stellantis and Toyota, have poured money into Silicon Valley companies like Archer and Joby. Boeing and Airbus are developing their own versions. All are betting that quieter, greener and battery-powered aircraft can revolutionize the way people travel. Major U.S. airlines including American, Delta, Southwest and United also are building relationships and planting seeds for deals with air taxi companies.
Two interesting quotes from the article:

• "It feels like the modern-day American Dream, where you can invent a technology and actually bring it to market even [if it's] as crazy as what some people call flying cars."
  
  — Adam Goldstein, CEO of Archer Aviation.

• "They have created these amazing new aircraft that really 10 or 15 years ago would've been unimaginable. I think there's something innately attractive about being able to leapfrog all of your terrestrial obstacles. Who hasn't wished that if you live in the suburbs that, you know, something could drop into your cul-de-sac and 15 minutes later you're at the office."
  
  — Roger Connor, curator of the vertical flight collection at the Smithsonian's National Air and Space Museum.

It had a 4.8-inch display. Introduced in 1991, Hewlett-Packard's (DOS-based) HP 95LX Palmtop PC — a collaboration with Lotus — was finally discontinued back in 2003.

But one found its way to long-time Slashdot reader Shayde (who in November repaired a 48-year-old handheld videogame console from Mattel). "I really wanted to get this HP95LX talking to the internet at large," they told Slashdot, " but network stacks for DOS in 1991 were pretty limited, and this machine didn't even have the hardware for a network connection.

"It did have a serial port though — a flat 4-pin custom interface. I did a bunch of research and learned how to custom-build an RS-232 hookup for this port, and using an external Wifi module, got it online — and talking to the retrocomputing BBS!"

There's a video documenting the whole experience. (Along the way he uses 20-gauge hook-up wire from Amazon, a zip tie, solder cups, and an internet modem (the WiFi232 Hayes modem emulator). The whole thing is powered by two AA batteries — it has 512K of memory, and about half a meg of storage. My favorite technical detail?

"Conveniently, the HP 95 [Palmtop PC] uses the exact same pinout as the HP 48GX handheld graphing calculator. So looking up on the Internet, we can determine what pins we need to map from the HP unit over to what would be a DB25 serial port..."

Accidental missile attacks on commercial airliners have become the leading cause of aviation fatalities in recent years (Warning: source paywalled; alternative source), driven by rising global conflicts and the proliferation of advanced antiaircraft weaponry. Despite improvements in aviation safety overall, inconsistent risk assessments, political complexities, and rapid military escalations make protecting civilian flights in conflict zones increasingly difficult. The Wall Street Journal reports: The crash Wednesday of an Azerbaijan Airlines jetliner in Kazakhstan, if officially confirmed as a midair attack, would be the third major fatal downing of a passenger jet linked to armed conflict since 2014, according to the Flight Safety Foundation's Aviation Safety Network, a global database of accidents and incidents. The tally would bring to more than 500 the number of deaths from such attacks during that period. Preliminary results of Azerbaijan's investigation into the crash indicate the plane was hit by a Russian antiaircraft missile, or shrapnel from it, said people briefed on the probe.

"It adds to the worrying catalog of shootdowns now," said Andy Blackwell, an aviation risk adviser at security specialist ISARR and former head of security at Virgin Atlantic. "You've got the conventional threats, from terrorists and terrorist groups, but now you've got this accidental risk as well." No other cause of aviation fatalities on commercial airliners comes close to shootdowns over those years, according to ASN data. The deadliness of such attacks is a dramatic shift: In the preceding 10 years, there were no fatal shootdowns of scheduled commercial passenger flights, ASN data show. The trend highlights the difficulty -- if not impossibility -- of protecting civilian aviation in war zones, even for rigorous aviation regulators, because of the politics of war. Early last century similar woes plagued sea travel, when belligerents targeted ocean transport.

Increasing civilian aviation deaths from war also reflect both a growing number of armed conflicts internationally and the increasing prevalence of powerful antiaircraft weaponry. If a missile was indeed the cause of this week's disaster, it would mean that the three deadliest shootdowns of the past decade all involved apparently unintended targetings of passenger planes flying near conflict zones, by forces that had been primed to hit enemy military aircraft. Two of those incidents were linked to Russia: Wednesday's crash of an Embraer E190 with 67 people aboard, of whom 38 died, and the midair destruction in 2014 of a Malaysia Airlines Boeing 777 flying over a battle zone in Ukraine, on which all 298 people aboard died. The other major downing was the mistaken shooting in 2020 by Iranian forces of a Ukraine International Airlines Boeing 737 departing Tehran, killing all 176 people onboard. Iran's missile defense systems had been on alert for a potential U.S. strike at the time.

The implementation of the Corporate Transparency Act -- a law aimed at getting shell companies to disclose their true ownership -- was paused again just days before a reporting deadline was set to take effect, as a federal appeals court handed the case to a panel for further consideration. From a report: In a court filing late Thursday, the Fifth Circuit Court of Appeals vacated a stay on a national injunction the court had issued Monday that reinstated the Jan. 1 reporting deadline for millions of companies. The lifting of the stay means the January filing deadline will be postponed once again and bars the government and the Treasury Department from enforcing the law, pending oral arguments before the court's so-called merits panel, a group of judges tasked with considering appeals.

The Corporate Transparency Act, a bipartisan law passed in 2021 to curtail the use of anonymous shell companies and help track flows of illicit money, would require companies to file beneficial ownership information with the Treasury's Financial Crimes Enforcement Network or face the possibility of penalties such as fines and jail time. The law could cover more than 32 million small businesses nationwide.

Japan Airlines said it was hit by a cyberattack Thursday, causing delays to more than 20 domestic flights but the carrier said there was no impact on flight safety. From a report: JAL said the problem started Thursday morning when the company's network connecting internal and external systems began malfunctioning. The airline said the cyberattack had delayed 24 domestic flights for more than 30 minutes, and the impact could expand later in the day.

An AI system has outperformed human experts in distinguishing between American whiskey and Scotch, achieving 100% accuracy by identifying subtle differences in the chemical composition of the spirits. New Scientist reports: Andreas Grasskamp at the Fraunhofer Institute for Process Engineering and Packaging IVV in Germany and his colleagues trained an AI molecular odor prediction algorithm called OWSum on descriptions of different whiskies. Then, in a study involving 16 samples -- nine types of Scotch whisky and seven types of American bourbon or whiskey -- they tasked OWSum with telling drinks from the two nations apart based on keyword descriptions of their flavors, such as flowery, fruity, woody or smoky. Using these alone, the AI could tell which country a drink came from with almost 94 per cent accuracy.

Because the complex aroma of these spirits is determined by the absence or presence of many chemical compounds, the researchers also fed the AI a reference dataset of 390 molecules commonly found in whiskies. When they gave the AI data from gas chromatography -- mass spectrometry showing which molecules were present in the sample spirits, it boosted OWSum's ability to differentiate American from Scotch drams to 100 percent. Compounds such as menthol and citronellol were a dead giveaway for American whiskey, while the presence of methyl decanoate and heptanoic acid pointed to Scotch.

The researchers also tested both OWSum and a neural network on their ability to predict the top five odor keywords based on the chemical contents of a whisky. On a score from 1 for perfect accuracy to 0 for consistent inaccuracy, OWSum achieved 0.72. The neural network achieved 0.78 and human whisky expert test participants achieved only 0.57. The study has been published in the journal Nature Communications Chemistry.

An anonymous reader quotes a report from TorrentFreak: In a landmark ruling, the Court of Milan has ordered (PDF) Cloudflare to block pirate streaming services that offer Serie A football matches. The court found that Cloudflare's services are instrumental in facilitating access to live pirate streams, undermining Italy's 'Piracy Shield' legislation. The order, which applies in Italy, affects Cloudflare's CDN, DNS resolver, WARP and proxy services. It also includes a broad data disclosure section. [...]

The Court of Milan's decision prohibits Cloudflare from resolving domain names and routing internet traffic to IP addresses of all services present on the "Piracy Shield" system. This also applies to future domains and aliases used by these pirate services. The order applies to Cloudflare's content delivery network (CDN), DNS services, and reverse proxy services. The order also mentions Cloudflare's free VPN among the targets, likely referring to the WARP service. If any of the targeted pirate streaming providers use Cloudflare's services to infringe on Serie A's copyrights, the company Cloudflare must stop providing CDN, authoritative DNS, and reverse proxy services to these customers. (Note: This is an Italian court order and Cloudflare previously used geotargeting to block sites only in Italy. It may respond similarly here, but terminating customer accounts only in Italy might be more complicated. )

Finally, the order further includes a data disclosure component, under which Cloudflare must identify customers who use Cloudflare's services to offer pirated streams. This should help Serie A to track down those responsible. The data disclosure section also covers information related to the 'VPN' and alternative public DNS services, where these relate to the IPTV platforms identified in the case. That covers traffic volume and connection logs, including IP-addresses and timestamps. In theory, that could also cover data on people who accessed these services using Cloudflare's VPN and DNS resolver. [...] The court ordered Cloudflare to cover the costs of the proceeding and if it doesn't implement the blocking requirements in time, an additional fine of 10,000 euros per day will apply.

An anonymous reader quotes a report from Ars Technica: On Thursday, a large group of university and private industry researchers unveiled Genesis, a new open source computer simulation system that lets robots practice tasks in simulated reality 430,000 times faster than in the real world. Researchers also plan to introduce an AI agent to generate 3D physics simulations from text prompts. The accelerated simulation means a neural network for piloting robots can spend the virtual equivalent of decades learning to pick up objects, walk, or manipulate tools during just hours of real computer time.

"One hour of compute time gives a robot 10 years of training experience. That's how Neo was able to learn martial arts in a blink of an eye in the Matrix Dojo," wrote Genesis paper co-author Jim Fan on X, who says he played a "minor part" in the research. Fan has previously worked on several robotics simulation projects for Nvidia. [...] The team also announced they are working on the ability to generate what it calls "4D dynamic worlds" -- perhaps using "4D" because they can simulate a 3D world in motion over time. The system will reportedly use vision-language models (VLMs) to generate complete virtual environments from text descriptions (similar to "prompts" in other AI models), utilizing Genesis's own simulation infrastructure APIs to create the worlds.

The Consumer Financial Protection Bureau is suing America's three largest banks, accusing the institutions of failing to protect customers from fraud on Zelle, the payment platform they co-own. From a report: According to the suit, which also targets Early Warning Services LLC, Zelle's official operator, Zelle users have lost more than $870 million over the network's seven-year existence due to these alleged failures. "The nation's largest banks felt threatened by competing payment apps, so they rushed to put out Zelle," said CFPB Director Rohit Chopra in a statement. "By their failing to put in place proper safeguards, Zelle became a gold mine for fraudsters, while often leaving victims to fend for themselves."

Among the charges:
1. Poor identity verification methods, which have allowed bad actors to quickly create accounts and target Zelle users.
2. Allowing repeat offenders to continue to gain access to the platform
3. Ignoring and failing to report instances of fraud
4. Failing to properly investigate consumer complaints

The CFPB's suit seeks to change the platform's operations, as well as obtain a civil money penalty, that would be paid into the CFPB's victims relief fund.

Teenagers using Meta's virtual reality headsets to cheat at the popular game Gorilla Tag are unknowingly selling access to their home internet connections to potential cybercriminals, cybersecurity researchers found. The players have been side-loading Big Mama VPN, a free Android app, onto their VR headsets to create lag that makes it easier to win the tag-based game. However, the app simultaneously operates as a residential proxy service, selling access to users' IP addresses on a marketplace frequented by cybercriminals.

Cybersecurity firm Trend Micro discovered VR headsets were the third most common devices using Big Mama VPN, after Samsung and Xiaomi devices. The company's proxy services have been promoted on cybercrime forums and were linked to at least one cyberattack, according to research from security firms Trend Micro and Kela.

An anonymous reader quotes a report from Gizmodo: Hackers aligned with the Chinese government have infiltrated U.S. telecommunications infrastructure so deeply that it allowed the interception of unencrypted communications on a number of people, according to reports that first emerged in October. The operation, dubbed Salt Typhoon, apparently allowed hackers to listen to phone calls and nab text messages, and the penetration has been so extensive they haven't even been booted from the telecom networks yet. The Cybersecurity and Infrastructure Security Agency (CISA) issued guidance this week on best practices for protecting "highly targeted individuals," which includes a new warning (PDF) about text messages.

"Do not use SMS as a second factor for authentication. SMS messages are not encrypted—a threat actor with access to a telecommunication provider's network who intercepts these messages can read them. SMS MFA is not phishing-resistant and is therefore not strong authentication for accounts of highly targeted individuals," the guidance, which has been posted online, reads. Not every service even allows for multi-factor authentication and sometimes text messages are the only option. But when you have a choice, it's better to use phishing-resistant methods like passkeys or authenticator apps. CISA prefaces its guidance by insisting it's only really speaking about high-value targets. The telecommunications hack mentioned above has been called the "worst hack in our nation's history," according to Sen. Mark Warner (D-VA).

An anonymous reader quotes a report from PCWorld: Smart home devices compatible with the Matter standard have garnered most of our attention lately, but the compelling features in the latest generation of Z-Wave chips convinced the IoT developer Shelly Group to build no fewer than 11 new products powered by Z-Wave technology. The new collection includes a smart plug, in-wall dimmers, relays, and various sensors aimed at DIYers, installers, and commercial builders. Citing the ability of Z-Wave 800 (aka Z-Wave Long Range or LR) chips to operate IoT devices over extremely long range -- up to 1 mile, line of sight -- while running on battery power for up to 10 years, Shelly Group CTO Leon Kralj said "Shelly is helping break down smart home connectivity barriers, empowering homeowners, security installers, and commercial property owners and managers with unmatched range, scalability, and energy efficiency to redefine their automation experience."

[...] While most homeowners won't need to worry about the number of IoT devices their networks can support, commercial builders will appreciate the scalability of Z-Wave 800-powered devices -- namely, you can deploy as many as 4,000 nodes on a single mesh network. That's a 20x increase over what was possible with previous generations of the chip. And since Z-Wave LR is backward compatible with those previous generations, there should be no worries about integrating the new devices into existing networks. Shelly says all 11 of its new Z-Wave 800-powered IoT devices will be available in the first half of 2025. The new Shelly devices will be available in the U.S. in the first half of 2025.

Here's a list of the devices enhanced with the new long-range capabilities:
- Shelly Wave Plug US
- Shelly Wave Door/Window
- Shelly Wave H&T
- Shelly Wave Motion
- Shelly Wave Dimmer
- Shelly Wave Pro Dimmer 1 PM
- Shelly Wave Pro Dimmer 2 PM
- Shelly Wave 1
- Shelly Wave 1 PM
- Shelly Wave 2 PM
- Shelly Wave Shutter

Nebraska's attorney general has sued Change Healthcare over a massive data breach that exposed sensitive medical information of more than 100 million Americans following a February ransomware attack. The lawsuit alleges the UnitedHealth-owned company failed to implement basic security measures, including multi-factor authentication, allowing hackers to breach its systems using credentials from a customer support employee that were posted on Telegram.

The Russian-speaking ALPHV ransomware group accessed personal health records, financial data and treatment information across Change Healthcare's poorly segmented network, according to the complaint filed by Attorney General Mike Hilgers.

The Department of Homeland Security (DHS) believes that China, Russia, Iran, and Israel are the "primary" countries exploiting security holes in telecommunications networks to spy on people inside the United States, which can include tracking their physical movements and intercepting calls and texts, according to information released by Senator Ron Wyden. 404 Media: The news provides more context around use of SS7, the exploited network and protocol, against phones in the country. In May, 404 Media reported that an official inside DHS's Cybersecurity Insurance and Security Agency (CISA) broke with his department's official narrative and publicly warned about multiple SS7 attacks on U.S. persons in recent years. Now, the newly disclosed information provides more specifics on where at least some SS7 attacks are originating from.

The information is included in a letter the Department of Defense (DoD) wrote in response to queries from the office of Senator Wyden. The letter says that in September 2017 DHS personnel gave a presentation on SS7 security threats at an event open to U.S. government officials. The letter says that Wyden staff attended the event and saw the presentation. One slide identified the "primary countries reportedly using telecom assets of other nations to exploit U.S. subscribers," it continues.