A security researcher [1]discovered an unprotected database belonging to SL Data Services [2]containing over 600,000 sensitive files , including criminal histories and background checks with names, addresses, and social media accounts. The Register reports:

> We don't know how long the personal information was openly accessible. Infosec specialist Jeremiah Fowler says he found the Amazon S3 bucket in October and reported it to the data collection company by phone and email every few days for more than two weeks. [The info service provider eventually closed up the S3 bucket, says Fowler, although he never received any response.] In addition to not being password protected, none of the information was encrypted, he told The Register. In total, the open bucket contained 644,869 PDF files in a 713.1 GB archive.

>

> Some 95 percent of the documents Fowler saw were labeled "background checks," he said. These contained full names, home addresses, phone numbers, email addresses, employment, family members, social media accounts, and criminal record history belonging to thousands of people. In at least one of these documents, the criminal record indicated that the person had been convicted of sexual misconduct. It included case details, fines, dates, and additional charges. While court records and sex offender status are usually public records in the US, this exposed cache could be combined with other data points to make complete profiles of people -- along with their family members and co-workers -- providing everything criminals would need for targeted phishing and/or social engineering attacks.



[1] https://www.websiteplanet.com/news/propertyrecs-breach-report/

[2] https://www.theregister.com/2024/11/27/600k_sensitive_files_exposed/

The FTC has [1]opened a broad antitrust investigation into Microsoft , including of its software licensing and cloud computing business. Bloomberg [2]first reported the news. Reuters reports:

> The probe was approved by FTC Chair Lina Khan ahead of her likely departure in January. The election of Donald Trump as U.S. president and the expectation he will appoint a fellow Republican with a softer approach toward business, leaves the outcome of the investigation up in the air.

>

> The FTC is examining allegations that the software giant is potentially abusing its market power in productivity software by imposing punitive licensing terms to prevent customers from moving their data from its Azure cloud service to other competitive platforms, sources confirmed earlier this month. The FTC is also looking at practices related to cybersecurity and artificial intelligence products, the source said on Wednesday.



[1] https://www.reuters.com/technology/microsoft-faces-wide-ranging-us-antitrust-probe-2024-11-27/

[2] https://www.bloomberg.com/news/articles/2024-11-27/us-antitrust-watchdog-launches-broad-microsoft-investigation

An anonymous reader quotes a report from Ars Technica:

> Over the past decade, a new class of infections has threatened Windows users. By infecting the firmware that runs immediately before the operating system loads, these UEFI bootkits continue to run even when the hard drive is replaced or reformatted. Now the same type of chip-dwelling malware has been [1]found in the wild for backdooring Linux machines . Researchers at security firm ESET said Wednesday that Bootkitty -- the name unknown threat actors gave to their Linux bootkit -- was uploaded to VirusTotal earlier this month. Compared to its Windows cousins, Bootkitty is still relatively rudimentary, containing imperfections in key under-the-hood functionality and lacking the means to infect all Linux distributions other than Ubuntu. That has led the company researchers to suspect the new bootkit is likely a proof-of-concept release. To date, ESET has found no evidence of actual infections in the wild.

>

> Still, Bootkitty suggests threat actors may be actively developing a Linux version of the same sort of unkillable bootkit that previously was found only targeting Windows machines. "Whether a proof of concept or not, Bootkitty marks an interesting move forward in the UEFI threat landscape, breaking the belief about modern UEFI bootkits being Windows-exclusive threats," ESET researchers [2]wrote . "Even though the current version from VirusTotal does not, at the moment, represent a real threat to the majority of Linux systems, it emphasizes the necessity of being prepared for potential future threats." [...] As ESET notes, the discovery is nonetheless significant because it demonstrates someone -- most likely a malicious threat actor -- is pouring resources and considerable know-how into creating working UEFI bootkits for Linux. Currently, there are few simple ways for people to check the integrity of the UEFI running on either Windows or Linux devices. The demand for these sorts of defenses will likely grow in the coming years.



[1] https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/

[2] https://www.welivesecurity.com/en/eset-research/bootkitty-analyzing-first-uefi-bootkit-linux/

A U.S. federal appeals court ruled that [1]sanctions against Tornado Cash, a crypto transaction anonymization service, [2]must be abandoned , stating that its immutable smart contracts do not constitute "property" under U.S. law and that the Treasury overstepped its authority. The ruling is available [3]here (PDF). CoinDesk reports:

> The decision answers a controversial privacy debate on whether the government -- via a sanctions list maintained by the U.S. Treasury Department -- has a right to target the technology because it's associated with criminals. The ruling reversed a district court's August ruling that had sided with the government's pursuit of what it had characterized as a "notorious" crypto-mixing service.

>

> OFAC had sanctioned Tornado Cash last year, contending that it was a vital tool used by bad actors including North Korea's Lazarus Group to launder crypto tokens pilfered from platforms and games such as Axie Infinity. Coinbase (COIN) and others had [4]sued the government , claiming it had overreached. Paul Grewal, chief legal officer of crypto exchange Coinbase, [5]cheered the ruling in a Tuesday post on X, calling it a "historic win for crypto." "These smart contracts must now be removed from the sanctions list and U.S. persons will once again be allowed to use this privacy-protecting protocol," Grewal wrote. "Put another way, the government's overreach will not stand."

"We readily recognize the real-world downsides of certain uncontrollable technology falling outside of OFAC's sanctioning authority," the judges said, referencing the ineffectiveness of a law that was established well before the world moved online. "But we must uphold the statutory bargain struck (or mis-struck) by Congress, not tinker with it."

Tornado Cash's TORN token has since [6]rallied 500% , passing the $20 mark.



[1] https://news.slashdot.org/story/22/09/14/1750234/treasury-says-sanctions-on-tornado-cash-dont-stop-people-from-sharing-code

[2] https://www.coindesk.com/policy/2024/11/26/tornado-cash-sanctions-overturned-by-u-s-appeals-court

[3] https://assets.ctfassets.net/c5bd0wqjc7v0/70EasapqSxH1kLInf3IQrd/1a1ce21cdc6bc903921f45018cce3821/Tornado_Cash.pdf

[4] https://yro.slashdot.org/story/22/09/08/1356255/coinbase-employees-and-ethereum-backers-sue-us-treasury-over-tornado-cash-sanctions

[5] https://x.com/iampaulgrewal/status/1861549058797772874

[6] https://www.coingecko.com/en/coins/tornado-cash

The Verge's Wes Davis reports:

> A new startup created by former Android leaders [1]aims to build an operating system for AI agents . Among them is Hugo Barra, Google's former VP of Android product management, who says the new company -- named "/dev/agents" -- will revisit the leaders' "Android roots."

>

> "We can see the promise of AI agents, but as a developer, it's just too hard to build anything good," /dev/agents cofounder and CEO and Google's former Android VP of engineering David Singleton [2]told Bloomberg . He said the industry needs "an Android-like moment for AI."

>

> The company is working on a cloud-based "next-gen operating system for AI agents" intended "for trusted agents to work with users across all of their devices," Singleton wrote in a post on X. He said that AI agents will "need new UI patterns, a reimagined privacy model, and a developer platform that makes it radically simpler to build useful agents."



[1] https://www.theverge.com/2024/11/27/24307525/android-leaders-dev-agents-ai-agent-operating-system-startup

[2] https://www.bloomberg.com/news/articles/2024-11-26/former-google-stripe-executives-raise-56-million-for-ai-agent-startup

An anonymous reader quotes a report from KrebsOnSecurity:

> Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect -- a prolific hacker known as Kiberphant0m -- remains at large and continues to publicly extort victims. However, this person's identity may not remain a secret for long: A careful review of Kiberphant0m's daily chats across multiple cybercrime personas [1]suggests they are a U.S. Army soldier who is or was recently stationed in South Korea.

>

> Kiberphant0m's identities on cybercrime forums and on Telegram and Discord chat channels have been selling data stolen from customers of the cloud data storage company Snowflake. At the end of 2023, malicious hackers discovered that many companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with nothing more than a username and password (no multi-factor authentication required). After scouring darknet markets for stolen Snowflake account credentials, the hackers began raiding the data storage repositories for some of the world's largest corporations. Among those was AT&T, which [2]disclosed in July that cybercriminals had stolen personal information, phone and text message records for roughly 110 million people. Wired.com [3]reported in July that AT&T paid a hacker $370,000 to delete stolen phone records.

>

> On October 30, Canadian authorities [4]arrested Alexander Moucka, a.k.a. Connor Riley Moucka of Kitchener, Ontario, on a provisional arrest warrant from the United States, which has since indicted him on 20 criminal counts connected to the Snowflake breaches. Another suspect in the Snowflake hacks, John Erin Binns, is an American who is currently incarcerated in Turkey. Investigators say Moucka, who went by the handles Judische and Waifu, had tasked Kiberphant0m with selling data stolen from Snowflake customers who refused to pay a ransom to have their information deleted. Immediately after news broke of Moucka's arrest, Kiberphant0m was clearly furious, and posted on the hacker community BreachForums what they claimed were the AT&T call logs for President-elect Donald J. Trump and for Vice President Kamala Harris. [...] Also on Nov. 5, Kiberphant0m offered call logs stolen from Verizon's push-to-talk (PTT) customers -- mainly U.S. government agencies and emergency first responders.

Kiberphant0m denies being in the U.S. Army and said all these clues were "a lengthy ruse designed to create a fictitious persona," reports Krebs.

"I literally can't get caught," Kiberphant0m said, declining an invitation to explain why. "I don't even live in the USA Mr. Krebs." A [5]mind map illustrates some of the connections between and among Kiberphant0m's apparent alter egos.



[1] https://krebsonsecurity.com/2024/11/hacker-in-snowflake-extortions-may-be-a-u-s-soldier/

[2] https://yro.slashdot.org/story/24/07/12/2119202/american-hacker-in-turkey-linked-to-massive-att-breach

[3] https://yro.slashdot.org/story/24/07/14/1919219/att-paid-370000-for-the-deletion-of-stolen-phone-call-records

[4] https://krebsonsecurity.com/2024/11/canadian-man-arrested-in-snowflake-data-extortions/

[5] https://krebsonsecurity.com/wp-content/uploads/2024/11/kiberphantom-mm.png

More than half of longer English posts on LinkedIn are likely generated by AI, according to research from AI detection firm Originality AI. The company analyzed nearly 9,000 public posts over 100 words published between 2018 and 2024, finding AI usage [1]surged 189% after ChatGPT's launch in early 2023 , Wired reported Wednesday.

LinkedIn, which also offers AI writing tools to premium subscribers, told Wired that it does not track AI-generated content levels but maintains "robust defenses" against low-quality and duplicate posts.



[1] https://www.wired.com/story/linkedin-ai-generated-influencers/

PetaPixel:

> Leica Camera announced that its 2023/2024 fiscal year saw it achieve [1]the highest revenue in the entire history of the company . It saw 14% growth to 554 million euros ($586.3 million) over last year's already spectacular 485 million euros.

>

> Last winter, Leica announced that it had set a sales record for the 2022/23 financial year and it has shattered that achievement now in 2024. The company says it was able to build on its successful business and sustain the growth of its earnings. The biggest driver of the company's success remains unchanged: cameras. While Leica has bolstered its business with its Mobile Imaging segment (smartphone technology and partnerships), the core of its business remains stand-alone cameras and the support of photography.

>

> Specifically, Leica says that the most potent revenue driver this year was the Leica Q3. However, it did not elaborate on sales numbers for this camera. 2024 is the best fiscal year so far in the almost 100-year history of the company and Leica says that this result confirms its "strategic alignment" of the Leica Camera Group as it continues to foster its core business as well as expansions into other markets.



[1] https://petapixel.com/2024/11/20/leica-just-recorded-the-highest-revenue-in-its-entire-100-year-history/

Wil Shipley, [1]announcing the end of Delicious Library , a media cataloging app:

> Amazon has shut off the feed that allowed Delicious Library to look up items, unfortunately limiting the app to what users already have (or enter manually).

>

> I wasn't contacted about this.

>

> I've pulled it from the Mac App Store and shut down the website so nobody accidentally buys a non-functional app.

John Gruber of DaringFireball [2]adds :

> The end of an era, but it's kind of surprising it was still functional until now. (Shipley has been a full-time engineer at Apple for three years now.)

>

> It's hard to describe just what a sensation Delicious Library was when it debuted, and how influential it was. Delicious Library was simultaneously very useful, in very practical ways, and obsessed with its exuberant UI in ways that served no purpose other than looking cool as shit. It was an app that demanded to be praised just for the way it looked, but also served a purpose that resonated with many users. For about a decade it seemed as though most popular new apps would be designed like Delicious Library. Then Apple dropped iOS 7 in 2013, and now, no apps look like this. Whatever it is that we, as an industry, have lost in the now decade-long trend of iOS 7-style flat design, Delicious Library epitomized it.



[1] https://mastodon.social/@wjs/113539330521476328

[2] https://daringfireball.net/linked/2024/11/26/delicious-library-eol

The Philippine Army is recruiting [1]civilian hackers to bolster its cybersecurity defenses amid rising digital threats from China, army officials said. The 120-member Cyber Battalion has hired 70 tech experts in their 20s and 30s since 2020, offering them military training and the opportunity to serve the nation despite lower wages than private sector jobs.

The initiative follows cyber attacks on Philippine government servers, including those of the Coast Guard and President Marcos Jr., which authorities traced to China. Beijing denies involvement. The Philippines ranks among the countries most vulnerable to cyber threats, with recent attacks compromising millions of citizens' data through state and private institutions.



[1] https://restofworld.org/2024/philippines-civilian-tech-cyber-attacks/

Chinese companies are [1]aggressively recruiting foreign tech talent as a key strategy to gain technological supremacy, prompting national security concerns across Western nations and Asia, WSJ reported Wednesday, citing multiple intelligence officials and corporate sources. The campaign focuses particularly on advanced semiconductor expertise, with companies like Huawei offering triple salaries to employees at critical firms like Zeiss SMT and ASML, which produce essential components for cutting-edge chip manufacturing.

These recruitment efforts intensified after Western export controls restricted China's access to advanced technology. While Taiwan and South Korea have implemented strict countermeasures, including criminal penalties for illegal talent transfers, the U.S. and Europe struggle to balance open labor markets with national security concerns.

Chinese firms often obscure their origins through local ventures and persistent recruitment tactics. The strategy has shown results: Former employees have helped Chinese companies advance their technological capabilities, including SMIC's development of 7nm chips with help from ex-TSMC talent.



[1] https://www.msn.com/en-us/money/other/china-is-bombarding-tech-talent-with-job-offers-the-west-is-freaking-out/ar-AA1uP6YN

Sony has confirmed the PlayStation 2 has [1]sold over 160 million units worldwide since its 2000 launch, marking the first official acknowledgment of its record-breaking lifetime sales. The figure, revealed on Sony's 30th anniversary PlayStation website, cements PS2's position as the best-selling gaming console ever, ahead of Nintendo DS at 154.02 million units and Nintendo Switch at 146 million units.



[1] https://www.playstation.com/en-gb/playstation-history/2000-ps2-psp/

A piracy ring that gave 22 million subscribers in Europe cheap access to content stolen from international streaming services has been shut down by Italian authorities after a two-year investigation. From a report:

> The criminal enterprise used a complex international IT system to "capture and resell" live programming and other on-demand content from companies including sports broadcaster DAZN, Netflix, Amazon Prime, Paramount, Sky and Disney+, prosecutors said in a statement on Wednesday.

>

> Authorities estimate the operation generated revenues of [1]roughly $264.3 million a month [ [2]non-paywalled link ] , or $3.2 billion a year, and caused combined damages of more than $10.6 billion to the affected broadcast companies. "The rate of profit you get from these illegal activities with lower risk is equivalent to that of cocaine trafficking," Francesco Curcio, the criminal prosecutor who led the investigation, told reporters.



[1] https://www.ft.com/content/48f63457-9c6f-4d5e-adfb-d6d47fb71c66

[2] https://www.bleepingcomputer.com/news/technology/police-bust-pirate-streaming-service-making-250-million-per-month/

Nearly 89% of smart device manufacturers fail to disclose how long they will provide software updates for their products, a Federal Trade Commission [1]staff study found this week . The review of 184 connected devices, including hearing aids, security cameras and door locks, revealed that 161 products lacked clear information about software support duration on their websites.

Basic internet searches failed to uncover this information for two-thirds of the devices. "Consumers stand to lose a lot of money if their smart products stop delivering the features they want," said Samuel Levine, Director of the FTC's Bureau of Consumer Protection. The agency warned that manufacturers' failure to provide software update information for warranted products costing over $15 may violate the Magnuson Moss Warranty Act. The FTC also cautioned that companies could violate the FTC Act if they misrepresent product usability periods. The study excluded laptops, personal computers, tablets and automobiles from its review.



[1] https://www.ftc.gov/news-events/news/press-releases/2024/11/smart-products-surveyed-fail-provide-consumers-information-how-long-companies-will-provide-software

Startup Spines plans to [1]publish up to 8,000 books in 2025 using AI , charging authors between $1,200 and $5,000 for editing, design and distribution services. The venture-backed company, which recently secured $16 million in funding, promises to reduce publishing timelines to two to three weeks while allowing authors to retain full royalties.

Co-founder Yehuda Niv describes Spines as a "publishing platform" rather than self-publishing. The announcement has drawn criticism from industry professionals. Independent publisher Canongate condemned the company for automating book production "with the least possible attention, care or craft." The Society of Authors urged writers to exercise caution, citing concerns about AI systems potentially trained on unlicensed content.



[1] https://www.theguardian.com/books/2024/nov/26/writers-condemn-startups-plans-to-publish-8000-books-next-year-using-ai-spines-artificial-intelligence

Singapore is positioning itself as [1]a key testing ground for autonomous vehicles , attracting major Chinese firms and establishing unified national guidelines that contrast with fragmented regulations in the U.S. and China.

China's WeRide launched the country's first public autonomous bus service on Sentosa island in June, while multiple companies are deploying self-driving vehicles for logistics and transportation. The controlled rollout aligns with Singapore's strategy to address labor shortages and land constraints.

Singapore topped KPMG's Autonomous Vehicles Readiness Index, with companies citing its political neutrality and stringent safety standards as major draws for testing operations.



[1] https://restofworld.org/2024/singapore-self-driving-vehicles/

Microsoft has confirmed that Windows 11 24H2 has issues with USB-connected devices that support the Scanner Communication Language (eSCL) protocol. From a report:

> A compatibility hold [1]has been applied to the hardware . The hold means that hardware connected to a USB device supporting the eSCL protocol will not be offered an upgrade to Windows 11 24H2. Microsoft said: "This issue primarily affects USB-connected multifunction devices or standalone scanners that support scan functionality and the eSCL protocol."

>

> According to Microsoft, the issue lies in device discovery. Install Windows 11 24H2, wait for it to discover USB-connected peripherals, and... nothing. Or as Microsoft put it: "You might observe that your device does not discover the USB-connected peripheral and the device discovery does not complete." The company added: "This issue is caused due to the device not switching out of eSCL mode to USB mode, which allows the scanner drivers to be matched."



[1] https://www.theregister.com/2024/11/26/microsoft_escl_issue/

Qualcomm's [1]interest in acquiring Intel is [2]cooling due to the complexity of the deal, Intel's debt, and regulatory hurdles . However, according to [3]Bloomberg , Qualcomm may still explore acquiring certain divisions of Intel to expand into markets like PCs and networking. Tom's Hardware reports:

> [T]he proposed acquisition faced significant obstacles, including Intel's $50 billion debt, dropping CPU market share, and its struggling semiconductor manufacturing unit, an area where Qualcomm lacks expertise. A deal of this magnitude would also likely trigger extensive regulatory scrutiny, particularly in China, a key market for both companies.

>

> Intel is undergoing significant restructuring under CEO Pat Gelsinger to reclaim its competitiveness in the semiconductor market in terms of products and process technologies. Still, for now, both Intel and Qualcomm are quite successful standalone companies. While the combination would make a formidable firm (probably facing unprecedented antitrust scrutiny), it does not make much sense for Qualcomm to make such a massive takeover. These factors have collectively made a complete takeover less appealing to Qualcomm. Meanwhile, selling off a part of the company to Qualcomm may not make sense for Intel.

>

> Qualcomm aims to generate $22 billion in annual revenue by 2029 by expanding into markets like personal computers, networking, and automotive chips. Although Cristiano Amon, Qualcomm's chief executive, has stated that his company did not need a major takeover to achieve this goal, the company initiated preliminary discussions with Intel regarding a potential acquisition in September. Yet, it does not look like the deal is going to happen.



[1] https://hardware.slashdot.org/story/24/09/21/1035249/qualcomm-approached-intel-about-a-takeover

[2] https://www.tomshardware.com/tech-industry/qualcomm-reportedly-loses-interest-in-intel-takeover

[3] https://www.bloomberg.com/news/articles/2024-11-26/qualcomm-s-takeover-interest-in-intel-is-said-to-cool?utm_medium=social&utm_source=telegram&utm_content=business&embedded-checkout=true

An anonymous reader quotes a report from TechCrunch:

> Security researchers have uncovered two previously unknown zero-day vulnerabilities that are [1]being actively exploited by RomCom , a Russian-linked hacking group, to target Firefox browser users and Windows device owners across Europe and North America. RomCom is a cybercrime group that is known to carry out cyberattacks and other digital intrusions for the Russian government. The group -- which was last month linked to a ransomware attack targeting Japanese tech giant Casio -- is also known for its aggressive stance against organizations allied with Ukraine, which Russia invaded in 2014.

>

> Researchers with security firm ESET say they found evidence that RomCom combined use of the two zero-day bugs -- described as such because the software makers had no time to roll out fixes before they were used to hack people -- to create a "zero click" exploit, which allows the hackers to remotely plant malware on a target's computer without any user interaction. "This level of sophistication demonstrates the threat actor's capability and intent to develop stealthy attack methods," ESET researchers Damien Schaeffer and Romain Dumont said in a [2]blog post on Monday. [...] Schaeffer told TechCrunch that the number of potential victims from RomCom's "widespread" hacking campaign ranged from a single victim per country to as many as 250 victims, with the majority of targets based in Europe and North America.

Mozilla and the Tor Project quickly patched a Firefox-based vulnerability after being alerted by ESET, with no evidence of Tor Browser exploitation. Meanwhile, Microsoft addressed a Windows vulnerability on November 12 following [3]a report by Google's Threat Analysis Group, indicating potential use in government-backed hacking campaigns.



[1] https://techcrunch.com/2024/11/26/russia-linked-hackers-exploited-firefox-and-windows-zero-day-bugs-in-widespread-hacking-campaign/

[2] https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/

[3] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49039

The FCC said it has [1]approved a license for T-Mobile and SpaceX's Starlink to provide supplemental coverage to cover internet dead zones. Reuters reports:

> The license marks the first time the FCC has authorized a satellite operator collaborating with a wireless carrier to provide supplemental telecommunications coverage from space on some flexible-use spectrum bands allocated to terrestrial service. The partnership aims to extend the reach of wireless networks to remote areas and eliminate "dead zones."

>

> T-Mobile and SpaceX announced a partnership [2]in 2022 and in January the first set of satellites supporting the partnership was [3]launched into low-Earth orbit with SpaceX's Falcon 9 rocket. "The FCC is actively promoting competition in the space economy by supporting more partnerships between terrestrial mobile carriers and satellite operators to deliver on a single network future that will put an end to mobile dead zones," said FCC Chair Jessica Rosenworcel.



[1] https://www.reuters.com/technology/us-agency-approves-t-mobile-spacex-license-extend-coverage-dead-zones-2024-11-26/

[2] https://tech.slashdot.org/story/22/08/26/0855207/spacex-and-t-mobile-plan-to-connect-mobile-phones-to-satellites-boost-cell-coverage

[3] https://science.slashdot.org/story/24/01/06/0532229/spacex-has-launched-starlinks-first-direct-to-smartphone-satellites