After 170 days in space, four astronauts splashed down in the Atlantic Ocean on Friday, bringing an end to a successful NASA-SpaceX mission to the International Space Station. From a report: Following two days of weather delays, SpaceX's Crew Dragon Freedom returned to Earth off the coast of Jacksonville, Florida, beneath clear blue skies and into mild seas. The spacecraft's descent through Earth's atmosphere appeared to be nominal, with two drogue parachutes deploying on schedule, followed by four clean main parachutes, allowing Dragon to splash down at about 25 km per hour. "SpaceX, from Freedom, thank you for an incredible ride up to orbit and an incredible ride home," Kjell Lindgren, the NASA commander of the spacecraft, said after landing.

Lindgren led a mission that included NASA astronauts Bob Hines and Jessica Watkins, as well as European Space Agency astronaut Samantha Cristoforetti. Upon landing, the spacecraft was met by two SpaceX "fast boats" that secured the toasty-looking vehicle before it was brought on board the Megan recovery ship, named after Megan McArthur, an astronaut aboard an earlier SpaceX flight. This mission, Crew-4, was the fourth operational mission flown by SpaceX for NASA. Earlier this month, the Crew-5 mission launched four astronauts to the space station, where they will remain for about six months. Including an initial demonstration mission in 2020, and two private spaceflights -- Inspiration4 and Axiom-1 -- Crew Dragon has now carried 30 people into orbit.

In a little more than two years, SpaceX has surpassed the total number of astronauts launched into orbit by China, whose human spaceflight program dates back to 2003; and in the time Crew Dragon has been operational, it has exceeded even the Russian Soyuz vehicle in terms of the total number of people flown into space during that period. Over the last two years Dragon had a few flaws, including an intermittently problematic toilet and a lagging parachute on one flight, but NASA officials have been extremely pleased with the vehicle's performance. It has safely returned the United States' capability of human spaceflight, which had been lost since the space shuttle's retirement. Had Dragon not been available, NASA would have been in the uncomfortable position of relying on Russia for crew transport amid the Ukraine war.

An anonymous reader quotes a report from Phys.Org: More than five billion of the estimated 16 billion mobile phones possessed worldwide will likely be discarded or stashed away in 2022, experts said Thursday, calling for more recycling of the often hazardous materials they contain. Stacked flat on top of each other, that many disused phones would rise 50,000 kilometers (30,000 miles), more than a hundred times higher than the International Space Station, the WEEE research consortium found. Despite containing valuable gold, copper, silver, palladium and other recyclable components, almost all these unwanted devices will be hoarded, dumped or incinerated, causing significant health and environmental harm.

"Smartphones are one of the electronic products of highest concern for us," said Pascal Leroy, Director General of the WEEE Forum, a not-for-profit association representing forty-six producer responsibility organizations. "If we don't recycle the rare materials they contain, we'll have to mine them in countries like China or Congo," Leroy told AFP. Many of the five billion phones withdrawn from circulation will be hoarded rather than dumped in the trash, according to a survey in six European countries from June to September 2022. This happens when households and businesses forget cell phones in drawers, closets, cupboards or garages rather than bringing them in for repair or recycling. Up to five kilos (8 pounds) of e-devices per person are currently hoarded in the average European family, the report found.

According to the new findings, 46 percent of the 8,775 households surveyed considered potential future use as the main reason for hoarding small electrical and electronic equipment. Another 15 percent stockpile their gadgets with the intention to sell them or giving them away, while 13 percent keep them due to "sentimental value." "People tend not to realize that all these seemingly insignificant items have a lot of value, and together at a global level represent massive volumes," said Pascal Leroy. "But e-waste will never be collected voluntarily because of the high cost. That is why legislation is essential."

Leading chip equipment suppliers have suspended sales and services to semiconductor manufacturers in China, as new US export controls disrupt the Chinese tech industry and global companies' operations. From a report: Lam Research, Applied Materials and KLA Corporation, US companies which hold dominant shares in certain segments of the semiconductor manufacturing process, have all taken immediate measures to comply with the new rules, according to several people with direct knowledge of the matter. ASML, the Netherlands-based global leader in chipmaking equipment, has told its US staff to stop serving all Chinese customers while it assesses the sanctions.

The new restrictions, announced on Friday last week, ban the export to China of US semiconductor equipment that cannot be provided by any foreign competitor. They also impose a licence requirement for exports of US tools or components to China-based fabrication plants, or fabs, that make advanced chips, and for exports of items used to develop Chinese homegrown chip production equipment. They also require any US citizen or entity to seek permission from the Department of Commerce for providing support to Chinese fabs.

tedlistens shares a report from Fast Company: Two corners of Brooklyn's historic Navy Yard will be connected by a small test bed for quantum networking, a first step toward a future "quantum internet" that promises to transform computing and make communications untappable. The effort, by a startup company called Qunnect, will join dozens of experiments around the U.S., Europe, and China, but would be the first commercial quantum network in the country, and the first to use only small, room-temperature devices. Such tools could make it easier to link quantum computers across the planet, opening the door to more practical uses of the technology in research, defense, finance, and other yet-to-be-determined applications.

"We can have these networks go all the way from here, coast to coast, and eventually global," says Dr. Noel Goddard, the CEO of Qunnect. In addition to testing a protocol for sharing quantum information across conventional fiber-optic lines, the 12-person startup will use the network to test a group of quantum networking hardware that can fit into the server racks of existing telecom buildings. Its flagship product, spun out of research at SUNY Stony Brook, is a type of device thought to be crucial to establishing the "magic" of quantum entanglement across a fiber line, called a quantum memory. The machines use rubidium vapor to briefly store photons' quantum information, with all of its weird uncertainty, so that the information can be repeated across a long-distance fiber network without disturbing it along the way. But unlike many quantum machines -- often sprawling tabletop contraptions that rely on cryogenic cooling, vacuums, and other delicate equipment -- Qunnect's memory machine operates at room temperature and fits inside a box the size of a large desk drawer.

Qunnect's sold just three of its memory machines so far, to Brookhaven National Lab and Stony Brook University, at a reported price of around $100,000 apiece. But a number of government and defense labs, along with big telecom and tech companies, from Amazon to Verizon, are paying close attention. The device has already received millions in backing from the Department of Energy and other federal and state agencies. And last week, Qunnect announced its largest endorsement yet: $8 million in funding, in a series A round led by Airbus Ventures and including The New York Ventures Fund, Impact Science Ventures, Motus Ventures, and SandboxAQ, a post-quantum security company Google spun off earlier this year. The new money will help build the test bed, which Qunnect plans to start operating by the middle of next year, when it will open it up to researchers and customers in government, finance, and telecom. These experiments will help the company learn more about a variety of proposals for building quantum networks, and, it hopes, position it as a device supplier for the whole quantum internet.

Global PC shipments declined in calendar Q3 by 15 percent year-on-year thanks to reduced demand and lingering supply chain issues, according to number cruncher IDC. From a report: The Q3 slowdown is similar to that seen in Q2 2022, when shipments crashed by 15.3 percent year-on-year. The slowed growth didn't just start this year. Signs first emerged in Q3 2021 as Chromebooks hit market saturation. For perspective, volumes still remain higher than before the COVID-19 pandemic.

Shipments also aren't as low as they could be thanks to companies like Apple that drove business with promotions. As industry-wide supply hit record lows, Apple supply increased to make up for lost orders during China's Q2 lockdowns, according to IDC research manager Jitesh Ubrani. [...] Apple came in fourth place in terms of market share for Q3 PC shipments behind Lenovo (first), HP (second), and Dell (third). While other companies declined in year-on-year growth, Apple soared with a net positive 40.2 percent increase in shipments year-on-year to 10.06 million Macs.

Tom's Hardware reports: We recently broke the news that Intel's Alder Lake BIOS source code had been leaked to 4chan and Github, with the 6GB file containing tools and code for building and optimizing BIOS/UEFI images. We reported the leak within hours of the initial occurrence, so we didn't yet have confirmation from Intel that the leak was genuine. Intel has now issued a statement to Tom's Hardware confirming the incident:

"Our proprietary UEFI code appears to have been leaked by a third party. We do not believe this exposes any new security vulnerabilities as we do not rely on obfuscation of information as a security measure. This code is covered under our bug bounty program within the Project Circuit Breaker campaign, and we encourage any researchers who may identify potential vulnerabilities to bring them our attention through this program...."


The BIOS/UEFI of a computer initializes the hardware before the operating system has loaded, so among its many responsibilities, is establishing connections to certain security mechanisms, like the TPM (Trusted Platform Module). Now that the BIOS/UEFI code is in the wild and Intel has confirmed it as legitimate, both nefarious actors and security researchers alike will undoubtedly probe it to search for potential backdoors and security vulnerabilities....

Intel hasn't confirmed who leaked the code or where and how it was exfiltrated. However, we do know that the GitHub repository, now taken down but already replicated widely, was created by an apparent LC Future Center employee, a China-based ODM that manufactures laptops for several OEMs, including Lenovo.
Thanks to Slashdot reader Hmmmmmm for sharing the news.

Arm might not think RISC-V is a threat to its newfound foothold in the datacenter, but growing pressure on Chinese chipmaking could ultimately change that, Forrester Research analyst Glenn O'Donnell tells The Register. From the report: Over the past few years the US has piled on export bans and trade restrictions on Chinese chipmakers in an effort to stall the country's semiconductor industry. This has included barring companies with ties to the Chinese military from purchasing x86 processors and AI kit from the likes of Intel, AMD, and Nvidia. "Because the US-China trade war restricts x86 sales to China, Chinese infrastructure vendors and cloud providers need to adapt to remain in business," O'Donnell said. "They initially pivoted to Arm, but trade restrictions exist there too. Chinese players are showing great interest in RISC-V."

RISC-V provides China with a shortcut around the laborious prospect of developing their own architecture. "Coming up with a whole new architecture is nearly impossible," O'Donnell said. But "a design based on some architecture is very different from the architecture itself." So it should come as no surprise that the majority of RISC-V members are based in China, according to a report published last year. And the country's government-backed Chinese Academy of Sciences is actively developing open source RISC-V performance processors.

Alibaba's T-Head, which is already deploying Arm server processors and smartNICs, is also exploring RISC-V-based platforms. But for now, they're largely limited to edge and IoT appliances. However, O'Donnell emphasizes that there is no technical reason that would prevent someone from developing a server-grade RISC-V chip. "Similar to Arm, many people dismiss RISC-V as underpowered for more demanding applications. They are wrong. Both are architectures, not specific designs. As such, one can design a powerful processor based on either architecture," he said. [...] One of the most attractive things about RISC-V over Softbank-owned Arm is the relatively low cost of building chips based on the tech, especially for highly commoditized use cases like embedded processors, O'Donnell explained. While nowhere as glamorous as something like a server CPU, embedded applications are one of RISC-V's first avenues into the datacenter. [...] These embedded applications are where O'Donnell expects RISC-V will see widespread adoption, including in the datacenter. Whether the open source ISA will rise to the level of Arm or x86 is another matter entirely.

The U.S. unveiled a set of new regulations Friday that aim to choke off China's access to advanced chips, the tools necessary to manufacture years-old designs, and the service and support mechanisms needed to keep chip fabrication systems running smoothly. From a report: On a briefing call with reporters Thursday, administration officials said the goal is to block the People's Liberation Army and China's domestic surveillance apparatus from gaining access to advanced computing capabilities that require the use of advanced semiconductors. The chips, tools, and software are helping China's military, including aiding the development of weapons of mass destruction, according to the officials, who asked to remain anonymous to discuss the administration's policies freely.

The new rules are comprehensive, and cover a range of advanced semiconductor technology, from chips produced by the likes of AMD and Nvidia to the expensive, complex equipment needed to make those chips. Much of highest-quality chip manufacturing equipment is made by three U.S. companies: KLA, Applied Materials, and Lam Research, and cutting off China's access to their tools has the potential to damage the country's ambitions to become a chipmaking powerhouse. The Biden administration's new controls on chip exports represent a significant shift in U.S. policy related to China. For decades, the U.S. has attempted to keep China two generations of tech behind, typically by denying China access to the tools necessary to make advanced chips, or other technology, themselves. Now, the goal looks to be to cripple China's ability to produce chips with technology that is nearly a decade old, several generations behind the state-of-the-art capabilities.

Great Firewall Report (GFW), an organization that monitors and reports on China's censorship efforts, has this week posted a pair of assessments indicating a crackdown on TLS encryption-based tools used to evade the Firewall. The Register reports: The group's latest post opens with the observation that starting on October 3, "more than 100 users reported that at least one of their TLS-based censorship circumvention servers had been blocked. The TLS-based circumvention protocols that are reportedly blocked include trojan, Xray, V2Ray TLS+Websocket, VLESS, and gRPC." Trojan is a tool that promises it can leap over the Great Firewall using TLS encryption. Xray, V2ray and VLESS are VPN-like internet tunneling and privacy tools. It's unclear what the reference to gRPC describes -- but it is probably a reference to using the gRPC Remote Procedure Call (RPC) framework to authenticate client connections to VPN servers.

GFW's analysis of this incident is that "blocking is done by blocking the specific port that the circumvention services listen on. When the user changes the blocked port to a non-blocked port and keep using the circumvention tools, the entire IP addresses may get blocked." Interestingly, domain names used with these tools are not added to the Great Firewall's DNS or SNI blacklists, and blocking seems to be automatic and dynamic. "Based on the information collected above, we suspect, without empirical measurement yet, that the blocking is possibly related to the TLS fingerprints of those circumvention tools," the organization asserts. An alternative circumvention tool, naiveproxy, appears not to be impacted by these changes. "It's not hard to guess why China might have chosen this moment to upgrade the Great Firewall: the 20th National Congress of the Chinese Communist Party kicks off next week," notes the Register. "The event is a five-yearly set piece at which Xi Jinping is set to be granted an unprecedented third five-year term as president of China."

Tools helping China's netizens to bypass the Great Firewall appear to be facing a fresh round of crackdowns in the run-up to the country's quinquennial party congress that will see a top leadership reshuffle. From a report: Greater censorship is not at all uncommon during countries' politically sensitive periods, but the stress facing censorship circumvention tools in China appears to be on a whole new level. "Starting from October 3, 2022 (Beijing Time), more than 100 users reported that at least one of their TLS-based censorship circumvention servers had been blocked," writes GFW Report, a censorship monitoring platform focused on China, in a GitHub post.

TLS, or transport layer security, is a ubiquitous internet security protocol used for encrypting data sent across the internet. Because data shared over a TLS connection is encrypted and cannot be easily read, many censorship circumvention apps and services use TLS to keep people's conversations private. A TLS-based virtual private network, or VPN, directs internet traffic through a TLS connection instead of pushing that traffic to one's internet provider. But Chinese censors seem to have found a way of compromising this strategy. "The blocking is done by blocking the specific port that the circumvention services listen on. When the user changes the blocked port to a non-blocked port and keeps using the circumvention tools, the entire IP address may get blocked," GFW Report says in the post.

Apple is asking suppliers to move some AirPods and Beats headphone production to India for the first time, in a win for the South Asia nation as it attempts to rise in the global supply chain. Nikkei Asia Review reports: The move is part of Apple's gradual diversification from China, as it looks to lower the risk of supply chain disruptions stemming from the country's strict zero-COVID policy and tensions with the U.S. Apple has been talking with a number of its suppliers about increasing production in India, including of key acoustics devices, as early as next year, three people familiar with the matter told Nikkei Asia. In response, iPhone assembler Foxconn is preparing to make Beats headphones in the country, and hopes to eventually produce AirPods there as well, two people with direct knowledge of the matter said.

Luxshare Precision Industry and its affiliates, which already produce AirPods in Vietnam and China, also plan to help Apple make the popular wireless earphones in India, sources said. However, Luxshare is focusing more on its Vietnamese AirPods operations for now and could be slower than its competitors in starting meaningful production of Apple products in India, one of the people said. Bringing AirPods and Beats production to India would enlarge Apple's production footprint in the country, following a recent announcement that the latest iPhone is already being made there. Apple started having some older iPhone models made in India in 2017 by a smaller supplier, Wistron, but only accelerated such production last year.

Alarm sirens from the C-Suite about a looming recession are gaining volume in America and elsewhere, but calls back to the office for full-time work are a lot softer. Most CEOs across the globe shared the view that a recession is on the horizon and coming sooner than later, according to a Tuesday report from KPMG on business-leader outlooks. From a report: Nine in ten CEOs in the U.S. (91%) believe a recession will arrive in the coming 12 months, while 86% of CEOs globally feel the same way, according to the findings from the international audit, tax and advisory firm. That echoes the foreboding predictions coming from big name Wall Street investors like Stanley Druckenmiller. In America, half of the CEOs (51%) say they're considering workforce reductions during the next six months -- and in the global survey overall, eight in ten CEOs say the same. One caveat for people who like working from home: Remote workers may find it in their best interest to show their faces in the office as their job security becomes more uncertain.

It is "likely" and/or "extremely likely" that remote workers will be laid off first, according to a majority (60%) of 3,000 managers polled by beautiful.ai, a presentation software provider. Another 20% were undecided, and the remaining 20% said it wasn't likely. When asked how they foresaw their company's working arrangements in three years for jobs traditionally in an office, nearly half of U.S. CEOs (45%) said it would be a hybrid mix of in-person and remote work. One-third (34%) said the jobs would still be in-office, and 20% said it was fully remote. CEOs across the globe sounded more keen on in-person work. Two-thirds (65%) said in-office work was the ideal, while 28% said hybrid would be the way and 7% said it would be fully remote. The global findings pulled from U.S. business leaders, but also from CEOs in Australia, Canada, China, India, Japan and certain European Union countries and the United Kingdom.

The top executive of an elections technology company that has been the focus of attention among election deniers was arrested by Los Angeles County officials in connection with an investigation into the text, the county said on Tuesday. From a report: Eugene Yu, the founder and chief executive of Konnech, the technology company, was taken into custody on suspicion of theft, the Los Angeles County district attorney, George Gascon, said in a statement.

Konnech, which is based in Michigan, develops software to manage election logistics, like scheduling poll workers. Los Angeles County is among its customers. The company has been accused by groups challenging the validity of the 2020 presidential election with storing information about poll workers on servers in China. The company has repeatedly denied keeping data outside the United States, including in recent statements to The New York Times. Mr. Gascon's office said its investigators had found data stored in China. Holding the data there would violate Konnech's contract with the county.

Google Translate, one of Google's last remaining products in China, has been shut down "due to low usage." According to CNBC, "The dedicated mainland China website for Google Translate now redirects users to the Hong Kong version of the service. However, this is not accessible from mainland China." From the report: Google has had a fraught relationship with the Chinese market. The U.S. technology giant pulled its search engine from China in 2010 because of strict government censorship online. Its other services -- such as Google Maps and Gmail -- are also effectively blocked by the Chinese government. As a result, local competitors such as search engine Baidu and social media and gaming giant Tencent have come to dominate the Chinese internet landscape in areas from search to translation.

Google has a very limited presence in China these days. Some of its hardware including smartphones are made in China. But The New York Times reported last month that Google has shifted some production of its Pixel smartphones to Vietnam. The company is also looking to try to get Chinese developers to make apps for its Android operating system globally that will then be available via the Google Play Store, even though that's blocked in China. In 2018, Google was exploring reentering China with its search engine, but ultimately scrapped that project after backlash from employees and politicians.

The Biden administration is expected to announce new measures to restrict Chinese companies from accessing technologies that enable high-performance computing, The New York Times reported Monday, citing several people familiar with the matter, the latest in a series of moves aimed at hobbling Beijing's ambitions to craft next-generation weapons and automate large-scale surveillance systems. From a report: The measures, which could be announced as soon as this week, would be some of the most significant steps taken by the Biden administration to cut off China's access to advanced semiconductor technology. They would build on a Trump-era rule that struck a blow to the Chinese telecom giant Huawei by prohibiting companies around the world from sending it products made with the use of American technology, machinery or software. A number of Chinese firms, government research labs and other entities are expected to face restrictions similar to Huawei, according to two people with knowledge of the plans. In effect, any firm that uses American-made technologies would be blocked from selling to the Chinese entities that are targeted by the administration. It's not yet clear which Chinese firms and labs would be impacted. The broad expansion of what is known as the foreign direct product rule is just one part of Washington's planned restrictions. The administration is also expected to try to control the sale of cutting-edge U.S.-made tools to China's domestic chip makers.

New submitter Billi-13 shares a report: Amazon's business relationships with two Chinese surveillance giants, Hikvision and Dahua, may violate a law prohibiting federal contractors from doing business with certain Chinese firms, a joint investigation by National Review and IPVM, a surveillance and security research group, reveals. While lawmakers are calling out these practices, Amazon has defended them and maintains that it is in full compliance with the law. Specifically, the Seattle-based tech giant might be running afoul of a provision in the 2019 National Defense Authorization Act barring contracts with firms that use certain Chinese surveillance hardware or software. One potentially significant issue is that Amazon Web Services simultaneously provides cloud Internet services to the U.S. National Security Agency and Hikvision, which the U.S. government designated as a Chinese military-industrial complex company last year.

"Facing a clear threat to federal networks, Congress drew a line in the sand for its contractors: if you do business with Hikvision or Dahua, you can't do business with the federal government," said Conor Healy, IPVM's director of government research. "Amazon seems determined to do the opposite. It is actively facilitating and incubating the very threat Congress sought to mitigate." Even absent the NDAA ban, enforcement of which is spotty, the record of the two Chinese surveillance firms -- neither of which responded to NR's requests for comment -- should be cause for concern. In 2019, Hikvision and Dahua were both blacklisted by the Commerce Department for their extensive work with the authorities in Xinjiang, as the Chinese Communist Party built out a sophisticated police state to systematically target ethnic minorities in the region. Dahua sells cameras that can identify Uyghur faces, with an alarm that goes off when they are in view. The company characterizes this as a smart-policing feature to detect "real-time Uyghur warnings" and "hidden terrorist inclinations." Hikvision, in addition to providing cameras used in Xinjiang prison camps, sells "tiger chair" torture and interrogation systems, among other things. Hikvision also has a well-documented relationship with the Chinese military, providing the People's Liberation Army air force with drone jammers, and pitching its technology as key to improving missile and tank systems.

An anonymous reader quotes a report from the Guardian: The CIA used hundreds of websites for covert communications that were severely flawed and could have been identified by even an "amateur sleuth," according to security researchers. The flaws reportedly led to the death of more than two dozen US sources in China in 2011 and 2012 and also reportedly led Iran to execute or imprison other CIA assets. The new research was conducted by security experts at the Citizen Lab at the University of Toronto, which started investigating the matter after it received a tip from reporter Joel Schectmann at Reuters.

The group said it was not publishing a full detailed technical report of its findings to avoid putting CIA assets or employees at risk. But its limited findings raise serious doubts about the intelligence agency's handling of safety measures. Using just a single website and publicly available material, Citizen Lab said it identified a network of 885 websites that it attributed "with high confidence" as having been used by the CIA. It found that the websites purported to be concerned with news, weather, healthcare and other legitimate websites. "Knowing only one website, it is likely that while the websites were online, a motivated amateur sleuth could have mapped out the CIA network and attributed it to the US government," Citizen Lab said in a statement.

The websites were active between 2004 and 2013 and were probably not used by the CIA recently, but Citizen Lab said a subset of the websites were sill linked to active intelligence employees or assets, including a foreign contractor and a current state department employee. Citizen Lab added: "The reckless construction of this infrastructure by the CIA reportedly led directly to the identification and execution of assets, and undoubtedly risked the lives of countless other individuals. Our hope is that this research and our limited disclosure process will lead to accountability for this reckless behavior." CIA spokesperson Tammy Kupperman Thorp said: "CIA takes its obligations to protect the people who work with us extremely seriously and we know that many of them do so bravely, at great personal risk. The notion that CIA would not work as hard as possible to safeguard them is false."

An anonymous reader quotes a report from Ars Technica: Microsoft late Thursday confirmed the existence of two critical vulnerabilities in its Exchange application that have already compromised multiple servers and pose a serious risk to an estimated 220,000 more around the world. The currently unpatched security flaws have been under active exploit since early August, when Vietnam-based security firm GTSC discovered customer networks had been infected with malicious webshells and that the initial entry point was some sort of Exchange vulnerability. The mystery exploit looked almost identical to an Exchange zero-day from 2021 called ProxyShell, but the customers' servers had all been patched against the vulnerability, which is tracked as CVE-2021-34473. Eventually, the researchers discovered the unknown hackers were exploiting a new Exchange vulnerability.

Wednesday's GTSC post said the attackers are exploiting the zero-day to infect servers with webshells, a text interface that allows them to issue commands. These webshells contain simplified Chinese characters, leading the researchers to speculate the hackers are fluent in Chinese. Commands issued also bear the signature of the China Chopper, a webshell commonly used by Chinese-speaking threat actors, including several advanced persistent threat groups known to be backed by the People's Republic of China. GTSC went on to say that the malware the threat actors eventually install emulates Microsoft's Exchange Web Service. It also makes a connection to the IP address 137[.]184[.]67[.]33, which is hardcoded in the binary. Independent researcher Kevin Beaumont said the address hosts a fake website with only a single user with one minute of login time and has been active only since August. The malware then sends and receives data that's encrypted with an RC4 encryption key that's generated at runtime. Beaumont went on to say that the backdoor malware appears to be novel, meaning this is the first time it has been used in the wild. People running on-premises Exchange servers "should apply a blocking rule that prevents servers from accepting known attack patterns," reports Ars. The rule can be found in Microsoft's advisory.

"For the time being, Microsoft also recommends people block HTTP port 5985 and HTTPS port 5986, which attackers need to exploit CVE-2022-41082."

Suspected Chinese hackers tampered with widely used software distributed by a small Canadian customer service company, another example of a "supply chain compromise" made infamous by the hack on U.S. networking company SolarWinds. From a report: U.S. cybersecurity firm CrowdStrike will say in an upcoming blog post seen by Reuters that it had discovered malicious software being distributed by Vancouver-based Comm100, which provides customer service products, such as chat bots and social media management tools, to a range of clients around the globe. The scope and scale of the hack wasn't immediately clear. In a message, Comm100 said it had fixed its software earlier Thursday and that more details would soon be forthcoming. The company did not immediately respond to follow-up requests for information. CrowdStrike researchers believe the malicious software was in circulation for a couple of days but wouldn't say how many companies had been affected, divulging only that "entities across a range of industries" were hit.

In a global first, wind and solar energy combined to generate more than 10 percent of the world's electricity in 2021 -- though coal-fired power plant generation and emissions jumped to new highs in the same period, too. The Register reports: The 2022 Power Transition Trends report by Bloomberg New Energy Fund (BNEF) found that power generation emissions in general leapt up in 2021 as the global economy rebounded from the COVID-19 pandemic. Much of that new power generation came from renewable sources, with wind and solar accounting for three quarters of capacity added in 2021. When accounting for hydro, nuclear, and other zero-carbon power sources, that number rises to 85 percent of 2021's new capacity.

Those gains were spoiled by a resurgence in coal-fired power plants, use of which BNEF said was up by a record 8.5 percent between 2020 and 2021. BNEF cites rapidly rebounding energy demand (which rose 5.6 percent year-on-year in 2021), reduced hydro generation due to droughts, and high natural gas prices in Europe as primary drivers of the coal surge. [...] For the first time since 2013, BNEF said in the report (PDF), "coal-fired power plants were the top contributor to top-line power generation growth." The report said that coal accounted for the majority of additional generation in 2021 -- not to be confused with newly added generation, of which coal was a small component.

Still, coal continues to occupy the largest single share of global electricity generation at 27 percent, and it may continue to rise in 2022 "as European nations seek short-term solutions to compensate for droughts and extremely high gas prices," BNEF said. While European coal plants might be earning the blame, they aren't responsible for most of the coal generation, BNEF said. That honor belongs to three countries that account for 63 percent of burned coal: China, India, and the United States. China holds the crown for coal-fired power generation, accounting for 52 percent of total coal usage in the world. India accounts for 11 percent of coal, while the US burns approximately 9 percent. The US could see itself slip out of the top three, however, as BNEF said it's the only country in the top 10 coal burners to reduce its coal generation since the beginning of the decade.