The Internet

United Airlines Taps Starlink for Free In-Flight Wi-Fi (msn.com) 29

United Airlines said that it will outfit its entire fleet with Starlink internet service, aiming to keep fliers loyal by offering zippier, more reliable browsing and downloads that the carrier expects will mirror what travelers are used to on the ground. From a report: United's deal is a bet that Starlink's technology can propel it above rival carriers in offering fast, free Wi-Fi. The airline is in the midst of a broader effort to burnish its premium and business travel bona fides, which has included retrofitting planes with lots of power outlets and seat back screens.

The airline said it would begin testing the Starlink service early next year, with the first passenger flights likely equipped later in 2025. United said Starlink's service will be more reliable, particularly over oceans and other remote areas -- a key advantage for the airline's network of long-haul international flights that cross the Atlantic and Pacific oceans. It will allow passengers to access live TV and streaming, and to use several devices at once.

Security

Fortinet Confirms Data Breach After Hacker Claims To Steal 440GB of Files (bleepingcomputer.com) 25

Cybersecurity giant Fortinet has confirmed it suffered a data breach after a threat actor claimed to steal 440GB of files from the company's Microsoft Sharepoint server. From a report: Fortinet is one of the largest cybersecurity companies in the world, selling secure networking products like firewalls, routers, and VPN devices. The company also offers SIEM, network management, and EDR/XDR solutions, as well as consulting services.

Early this morning, a threat actor posted to a hacking forum that they had stolen 440GB of data from Fortinet's Azure Sharepoint instance. The threat actor then shared credentials to an alleged S3 bucket where the stolen data is stored for other threat actors to download. The threat actor, known as "Fortibitch," claims to have tried to extort Fortinet into paying a ransom, likely to prevent the publishing of data, but the company refused to pay. In response to our questions about incident, Fortinet confirmed that customer data was stolen from a "third-party cloud-based shared file drive."

The Almighty Buck

The Shadow Dollar That's Fueling the Financial Underworld (msn.com) 89

An anonymous reader shares a report: A giant unregulated currency is undermining America's fight against arms dealers, sanctions busters and scammers. Almost as much money flowed through its network last year as through Visa cards. And it has recently minted more profit than BlackRock, with a tiny fraction of the workforce. Its name: tether. The cryptocurrency has grown into an important cog in the global financial system, with as much as $190 billion changing hands daily. In essence, tether is a digital U.S. dollar -- though one privately controlled in the British Virgin Islands by a secretive crew of owners, with its activities largely hidden from governments.

Known as a stablecoin for its 1:1 peg to the dollar, tether gained early use among crypto aficionados. But it has spread deep into the financial underworld, enabling a parallel economy that operates beyond the reach of U.S. law enforcement. Wherever the U.S. government has restricted access to the dollar financial system -- Iran, Venezuela, Russia -- tether thrives as a sort of incognito dollar used to move money across borders. Russian oligarchs and weapons dealers shuttle tether abroad to buy property and pay suppliers for sanctioned goods. Venezuela's sanctioned state oil firm takes payment in tether for cargoes. Drug cartels, fraud rings and terrorist groups such as Hamas use it to launder income.

Yet in dysfunctional economies such as Argentina and Turkey, beset by hyperinflation and a shortage of hard currency, tether is also a lifeline for people who use it for quotidian payments and as a way to protect their savings. Tether is arguably the first successful real-world product to emerge from the cryptocurrency revolution that began over a decade ago. It has made its owners immensely rich. Tether has $120 billion in assets, mostly risk-free U.S. Treasury bills, along with positions in bitcoin and gold. Last year it generated $6.2 billion in profit, outearning BlackRock, the world's largest asset manager, by $700 million.

United States

RTX's Long-Delayed $7 Billion GPS-Tracking Network Is Still Troubled, GAO Says (msn.com) 19

A month before its planned delivery after years of delay and cost growth, RTX's $7.6 billion ground network to control GPS satellites is still marred by problems that may further stall its acceptance by the US Space Force, congressional auditors said Monday. From a report: RTX's system of 17 ground stations for current and improved GPS satellites was supposed to be ready by October, when it would undergo a series of intense Space Force tests to assess whether it can be declared operational by December 2025. The system continues to draw the ire of lawmakers because it's running more than seven years late in a development phase that's about 73% costlier than initial projections.

Two rounds of testing by the company have been "marked by significant challenges that drove delays to the program's schedule," the Government Accountability Office said Monday in a broad review of the US military's GPS program, including improvements intended to block jamming by adversaries.

The Next Generation Operational Control System, known as OCX, is intended to provide improvements, including access to more secure, jam-resistant software for the military's use of the GPS navigation system, which is also depended on by civilians worldwide. "The program faces challenges from product deficiencies" that "create a risk of further delay," the Pentagon's Defense Contract Management Agency told the GAO, adding that it expects RTX at the earliest to deliver OCX by December.

Social Networks

'Thousands" of Telegram Channels Sell Stolen Identities, Reports WSJ (msn.com) 91

The Wall Street Journal writes that Telegram "has become the premier internet platform to buy everything from hacked data and weapons to illicit drugs and child sexual abuse material, according to current and former law-enforcement officials and cybercrime researchers..."

And it's also being used by identity thieves: There are thousands of channels and groups on Telegram that offer stolen identities that can be used to open bank and investment accounts. Some claim to offer already created bank accounts created with stolen details. A channel called Bank Store Online listed accounts at over 60 banks and cryptocurrency exchanges for sale, ranging from $80 for a personal account to $1,800 for a business one. Payments were charged in crypto... There are thousands of channels and groups on Telegram that offer stolen identities that can be used to open bank and investment accounts. Some claim to offer already created bank accounts created with stolen details. A channel called Bank Store Online listed accounts at over 60 banks and cryptocurrency exchanges for sale, ranging from $80 for a personal account to $1,800 for a business one. Payments were charged in crypto.

In Russia, where Durov launched Telegram in 2013, it is also the go-to platform where middlemen arrange deals that get around U.S. sanctions, such as smuggling in weapons parts, the Journal previously reported. Several groups advertise the sale of drones and Starlinks — small antennas to access the satellite internet network run by Elon Musk's SpaceX — to Russian combat units in Ukraine. In February, Musk tweeted that no Starlinks had been directly or indirectly sold to Russia, to the best of the company's knowledge. "It's ground zero for every illicit activity you can think of," said Evan Kohlmann, founder of Cloudburst Technologies, which monitors cybercrime on Telegram and elsewhere, and a frequent adviser to U.S. agencies.

Communications

Starlink Now Constitutes Roughly Two Thirds of All Active Satellites (the-independent.com) 64

"SpaceX deployed its 7,000th Starlink satellite this week, making the vast majority of active satellites around earth part of a single megaconstellation," writes Slashdot reader DogFoodBuss. "The Starlink communications system is now orders of magnitude larger than its nearest competitor, offering unprecedented access to low-latency broadband from anywhere on the planet." According to the latest data from satellite tracker CelesTrak, SpaceX now controls over 62% of all operational satellites. The Independent reports: The latest data from non-profit satellite tracker CelesTrak shows that SpaceX has 6,370 active Starlink satellites in low-Earth orbit, with several hundred more inactive or deorbited. The figure, which has risen more than six-fold in just three years, represents just over 62 per cent of all operational satellites, and is roughly 10-times the number of Starlink's closest rival, UK-based startup OneWeb.

SpaceX plans to launch up to 42,000 satellites to complete the Starlink constellation, capable of delivering high-speed internet and phone connectivity to any corner of the globe. Starlink currently operates in 102 countries and has more than three million customers paying a monthly fee to access the network through a $300 ground-based dish. The company expects to launch its service in dozens more countries, with only Afghanistan, China, Iran, North Korea, Russia and Syria not on the current waitlist due to internet restrictions or trade embargos.
"Starlink now constitutes roughly 2/3 of all active Earth satellites," SpaceX CEO Elon Musk said on X following the latest SpaceX launch.
Medicine

Part of Brain Network Much Bigger In People With Depression, Scientists Find 47

Researchers have discovered that people with depression have an expanded brain network, specifically the frontostriatal salience network, which is 73% larger compared to healthy individuals. "It's taking up more real estate on the brain surface than we see is typical in healthy controls," said Dr Charles Lynch, a co-author of the research, from Weill Cornell Medicine in New York. He added that expansion meant the size of other -- often neighboring -- brain networks were smaller. The Guardian reports: Writing in the journal Nature, Lynch and colleagues report how they used precision functional mapping, a new approach to brain imaging that analyses a host of fMRI (functional MRI) scans from each individual. The team applied this method to 141 people with depression and 37 people without it, enabling them to measure accurately the size of each participant's brain networks. They then took the average size for each group. They found that a part of the brain called the frontostriatal salience network was expanded by 73% on average in participants with depression compared with healthy controls.

These findings were supported by an analysis of single brain scans previously collected from 932 healthy people and 299 with depression. The team said the size of this brain network in people with depression did not change with time, mood or transcranial magnetic stimulation treatment. However, brain signals between different parts of the network became less synchronised when participants had certain symptoms of depression, with these changes also associated with the severity of future symptoms. The team added that an analysis of brain scans from 57 children who went on to develop depression as adolescents revealed this brain network was expanded years before their symptoms developed, while it was also expanded in adults with late onset depression.

The researchers said this suggested an expanded brain network could be a risk factor for developing depression, rather than a consequence of the condition. However, they said it was unclear to what extent this enlarged network was the result of genetics or experiences, and whether the association with depression arose from this expansion or from other brain networks consequently being smaller. The team added that their results could offer a way to explore whether certain people may be at increased risk of developing depression, and could help develop personalised treatments.
Android

Android Earthquake Alerts Now Available Across All 50 States, 6 US Territories (droid-life.com) 29

Google's Android Earthquake Alerts System, initially launched in 2020, is now available in all 50 U.S. states and 6 territories. Droid Life reports: For users in California, Oregon and Washington, users will continue to have their alerts powered by the ShakeAlert system, utilizing traditional seismometers to detect earthquakes. For all out states and supported territories, "this expansion uses the built-in accelerometers in Android phones to bring another layer of preparedness and potentially life-saving information to people across every state," the company explained in a blog post.

Using the accelerometer to sense vibrations and an apparent earthquake, the system quickly analyzes the crowdsourced data to determine if an earthquake is occurring. Google says it has been working with many experts to continue the system's improvement. Depending on the severity of the earthquake, you'll get two types of notifications. A little pop up on your screen if it's pretty weak with light shaking or a complete screen takeover for moderate to extreme shaking. These are called Take Action alerts, complete with the classic drop, cover, and hold instructions.

AT&T

AT&T Sues Broadcom For Breaching VMware Support Extension Contract (theregister.com) 76

AT&T has filed a lawsuit against Broadcom, alleging that Broadcom is refusing to honor an extended support agreement for VMware software unless AT&T purchases additional subscriptions it doesn't need. The company warns the consequences could risk massive outages for AT&T's customer support operations and critical federal services, including the U.S. President's office. The Register reports: A complaint [PDF] filed last week in the Supreme Court of New York State explains that AT&T holds perpetual licenses for VMware software and paid for support services under a contract that ends on September 8. The complaint also alleges that AT&T has an option to extend that support deal for two years -- provided it activates the option before the end of the current deal. AT&T's filing claims it exercised that option, but that Broadcom "is refusing to honor" the contract. Broadcom has apparently told AT&T it will continue to provide support if the comms giant "agrees to purchase scores of subscription services and software." AT&T counters that it "does not want or need" those subscriptions, because they:

- Would impose significant additional contractual and technological obligations on AT
- Would require AT&T to invest potentially millions to develop its network to accommodate the new software;
- May violate certain rights of first refusal that AT&T has granted to third parties;
- Would cost AT&T tens of millions more than the price of the support services alone.

[...] The complaint also suggests Broadcom's refusal to extend support creates enormous risk for US national security -- some of the ~8,600 servers that host AT&T's ~75,000 VMs "are dedicated to various national security and public safety agencies within the federal government as well as the Office of the President." Other VMs are relied upon by emergency responders, and still more "deliver services to millions of AT&T customers worldwide" according to the suit. Without support from Broadcom, AT&T claims it fears "widespread network outages that could cripple the operations of millions of AT&T customers worldwide" because it may not be able to fix VMware's software.

The Courts

Snap Sued Over 'Sextortion' of Kids By Predators (cnbc.com) 41

New Mexico Attorney General Raul Torrez has filed a lawsuit against Snap, accusing Snapchat of fostering and promoting illicit sexual material involving children, facilitating sextortion, and enabling trafficking of children, drugs, and guns. CNBC reports: The suit alleges that Snap "repeatedly made statements to the public regarding the safety and design of its platforms that it knew were untrue," or that were contradicted by the company's own internal findings. "Snap was specifically aware, but failed to warn children and parents, of 'rampant' and 'massive' sextortion on its platform -- a problem so grave that it drives children facing merciless and relentless blackmail demands or disclosure of intimate images to their families and friends to suicide," the suit says.

New Mexico's Department of Justice, which Torrez leads, in recent months conducted an investigation that found that there was a "vast network of dark web sites dedicated to sharing stolen, non-consensual sexual images from Snap" and that there were more than 10,000 records related to SNAP and child sexual abuse material "in the last year alone," the department said. The suit alleges violations of New Mexico's unfair trade practices law.

Apple

Apple Announces 'Find My' For South Korea (appleinsider.com) 8

Apple announced it is planning to bring its Find My service to South Korea in early 2025. Originally released in 2010, the Find My service has been unavailable in South Korea, making it the last country without access to Apple's tracking feature. AppleInsider reports: In July 2024, complaints from users in South Korea reached a point where they were finally petitioning the government to allow Apple's Find My feature to work. Any iPhone made for sale in South Korea had Find My permanently disabled, so it wouldn't work even when the owner was in a different country. Now in a statement on its Korean website, Apple has announced that it plans to bring Find My to the country shortly.

"Apple plans to introduce the 'Find My' network in Korea in the spring of 2025," says a brief statement (in translation). "Users in Korea will soon be able to use the Find My app to find their Apple devices and personal belongings with their personal information protected, and check the location of friends and family." [...] According to the user petition submitted to the National Assembly Petition website of South Korea, Apple has said that Find My is disabled "because of internal policy."

Verizon

Verizon To Buy Frontier For $9.6 Billion, Says It Will Expand Fiber Network 45

An anonymous reader quotes a report from Ars Technica: Verizon today announced a deal to acquire Frontier Communications, an Internet service provider with about 3 million customers in 25 states. Verizon said the all-cash transaction is valued at $20 billion. Verizon agreed to pay $9.6 billion and is taking on over $10 billion in debt (PDF) held by Frontier. Verizon said the deal is subject to regulatory approval and a vote by Frontier shareholders and is expected to be completed in 18 months.

"Under the terms of the agreement, Verizon will acquire Frontier for $38.50 per share in cash, representing a premium of 43.7 percent to Frontier's 90-Day volume-weighted average share price (VWAP) on September 3, 2024, the last trading day prior to media reports regarding a potential acquisition of Frontier," Verizon said. Assuming regulatory and shareholder approval, Verizon will be buying back a former portion of its network that it sold to Frontier eight years ago. In 2016, Frontier bought Verizon's FiOS and DSL operations in Florida, California, and Texas. The 2016 changeover was marred by technical problems that caused weeks of outages for tens of thousands of customers.
"Frontier's 2.2 million fiber subscribers across 25 states will join Verizon's approximately 7.4 million FiOS connections in 9 states and Washington, D.C.," Verizon said. "In addition to Frontier's 7.2 million fiber locations, the company is committed to its plan to build out an additional 2.8 million fiber locations by the end of 2026."
Verizon

Verizon Nearing Deal for Frontier Communications (msn.com) 23

Verizon is in advanced talks to acquire Frontier Communications in a deal that would bolster the company's fiber network to compete with rivals including AT&T, WSJ reported Wednesday, citing people familiar with the matter. From the report: An announcement could come this week, granted the talks don't hit any last-minute snags, the people said. A deal would be sizable, given Frontier's market value of over $7 billion. The company, cobbled together by several deals over the years, provides broadband connections to about three million locations across 25 states.

Verizon, the top cellphone carrier by subscribers, has faced increased pressure from competitors and from cable-TV companies that offer discounted wireless service backed by Verizon's own cellular network. Verizon has its Fios-branded fiber network, and AT&T has focused on expanding its fiber network since shedding its WarnerMedia assets in 2022. Fiber M&A has heated up as telecom companies and financial firms pour capital into neighborhoods that lack high-speed broadband or offer only one internet provider, usually from a cable-TV company.

The Military

Navy Chiefs Conspired To Get Themselves Illegal Warship Wi-Fi (navytimes.com) 194

During a 2023 deployment, senior enlisted leaders aboard the Navy ship USS Manchester secretly installed a Starlink Wi-Fi network, allowing them exclusive internet access in violation of Navy regulations. "Unauthorized Wi-Fi systems like the one [then-Command Senior Chief Grisel Marrero] set up are a massive no-no for a deployed Navy ship, and Marrero's crime occurred as the ship was deploying to the West Pacific, where such security concerns become even more paramount among heightened tensions with the Chinese," reports Navy Times. From the report: As the ship prepared for a West Pacific deployment in April 2023, the enlisted leader onboard conspired with the ship's chiefs to install the secret, unauthorized network aboard the ship, for use exclusively by them. So while rank-and-file sailors lived without the level of internet connectivity they enjoyed ashore, the chiefs installed a Starlink satellite internet dish on the top of the ship and used a Wi-Fi network they dubbed "STINKY" to check sports scores, text home and stream movies. The enjoyment of those wireless creature comforts by enlisted leaders aboard the ship carried serious repercussions for the security of the ship and its crew. "The danger such systems pose to the crew, the ship and the Navy cannot be understated," the investigation notes.

Led by the senior enlisted leader of the ship's gold crew, then-Command Senior Chief Grisel Marrero, the effort roped in the entire chiefs mess by the time it was uncovered a few months later. Marrero was relieved in late 2023 after repeatedly misleading and lying to her ship's command about the Wi-Fi network, and she was convicted at court-martial this spring in connection to the scheme. She was sentenced to a reduction in rank to E-7 after the trial and did not respond to requests for comment for this report. The Navy has yet to release the entirety of the Manchester investigation file to Navy Times, including supplemental enclosures. Such records generally include statements or interview transcripts with the accused.

But records released so far show the probe, which wrapped in November, found that the entire chiefs mess knew about the secret system, and those who didn't buy into it were nonetheless culpable for not reporting the misconduct. Those chiefs and senior chiefs who used, paid for, helped hide or knew about the system were given administrative nonjudicial punishment at commodore's mast, according to the investigation. All told, more than 15 Manchester chiefs were in cahoots with Marrero to purchase, install and use the Starlink system aboard the ship. "This agreement was a criminal conspiracy, supported by the overt act of bringing the purchased Starlink onboard USS MANCHESTER," the investigation said. "Any new member of the CPO Mess which then paid into the services joined that conspiracy following the system's operational status."

Records obtained by Navy Times via a Freedom of Information Act request reveal a months-long effort by Marrero to obtain, install and then conceal the chiefs Wi-Fi network from superiors, including the covert installation of a Starlink satellite dish on the outside of the Manchester. When superiors became suspicious about the existence of the network and confronted her about it, Marrero failed to come clean on multiple occasions and provided falsified documents to further mislead Manchester's commanding officer, the investigation states. "The installation and usage of Starlink, without the approval of higher headquarters, poses a serious risk to mission, operational security, and information security," the investigation states.

Social Networks

Bluesky Adds 2 Million New Users After Brazil's X Ban (techcrunch.com) 94

In the days following Brazil's shutdown of X, the decentralized social networking startup Bluesky added over 2 million new users, up from just half a million as of Friday. "This rapid growth led some users to encounter the occasional error that would state there were 'Not Enough Resources' to handle requests, as Bluesky engineers scrambled to keep the servers stable under the influx of new sign-ups," reports TechCrunch's Sarah Perez. From the report: As new users downloaded the app, Bluesky jumped to becoming the app to No. 1 in Brazil over the weekend, ahead of Meta's X competitor, Instagram Threads. According to app intelligence firm Appfigures, Bluesky's total downloads soared by 10,584% this weekend compared to last, and its downloads in Brazil were up by a whopping 1,018,952%. The growth seems to be having a halo effect, as downloads outside Brazil also rose by 584%, the firm noted. In part, this is due to Bluesky receiving downloads in 22 countries where it had barely seen any traction before.

In terms of absolute downloads, countries that saw the most installs outside Brazil included the U.S., Portugal, the U.K., Canada and Spain. Those with the most download growth, however, were Portugal, Chile, Argentina, Colombia and Romania. Most of the latter group jumped from single-digit growth to growth in the thousands. Bluesky's newcomers have actively engaged on the platform, too, driving up other key metrics.

As one Bluesky engineer remarked, the number of likes on the social network grew to 104.6 million over the past four-day period, up from just 13 million when compared with a similar period just a week ago. Follows also grew from 1.4 million to 100.8 million while reposts grew from 1.3 million to 11 million. As of Monday, Bluesky said it had added 2.11 million users during the past four days, up from 26,000 users it had added in the week-ago period. In addition, the company noted it had seen "significantly more than a 100% [daily active users] increase." On Tuesday, Bluesky told TechCrunch the number is now 2.4 million and continues to grow "by the minute."

The Courts

Shrinkwrap 'Contract' Found At Costco On... Collagen Peptides (mastodon.social) 74

Slashdot covered shrinkwrap licenses on software back in 2000 and 2002. But now ewhac (Slashdot reader #5,844) writes: The user Wraithe on the Mastodon network is reporting that a bottle of Vital Proteins(TM) collagen peptides purchased at Costco came with a shrinkwrap contract. Collagen peptides are often used as an anti-aging nutritional supplement. The top of the Vital Proteins bottle has a pull-to-open seal. Printed on the seal is the following: "Read This: By opening and using this product, you agree to be bound by our Terms and Conditions, fully set forth at vitalproteins.com/tc, which includes a mandatory arbitration agreement. If you do not agree to be bound, please return this product immediately."

So-called "shrinkwrap contracts" have been the subject of controversy and derision for decades since their first widespread appearance in the 1970's, attempting to alter the terms of sale after the fact, impose unethical and onerous restrictions on the purchaser, and absolving the vendor of all liability. Most such contracts appear on items involving copyrighted works (computer software, or any item containing computer software). The alleged "validity" of such contracts supposedly proceeds from the (alleged) need that the item requires a copyright license from the vendor to use (because the right to use/read/listen/view/execute is somehow not concomitant with purchase), and that the shrinkwrap contract furnishes such license.

The application of such a contract to a good where copyright has no scope, however, is something new. The alleged contract itself governs consumers' use of, "the VitalProteins.com website and any other applications, content, products, and services (collectively, the "Service")...," contains the usual we're-not-responsible-for-anything indemnification paragraph, and unilaterally removes your right to seek redress in court of law and imposes binding arbitration involving any disputes that may arise between the consumer and the company. Indeed, the arbitration clause is the first numbered section in the alleged contract.

The same contract has been spotted by numerous others — including someone who posted about it on Reddit two years ago. ("When I opened it, encountered a vacuum seal with the following 'READ THIS: by opening and using this product, you agree to...'") But the same verbiage still appears in online listings today for the product from Albertsons, Walgreens, and CVS.

Shrinkwrap contracts. They're not just for software any more...
IT

How Not To Hire a North Korean IT Spy (csoonline.com) 17

CSO Online reports that North Korea "is actively infiltrating Western companies using skilled IT workers who use fake identities to pose as remote workers with foreign companies, typically but not exclusively in the U.S."

Slashdot reader snydeq shares their report, which urges information security officers "to carry out tighter vetting of new hires to ward off potential 'moles' — who are increasingly finding their way onto company payrolls and into their IT systems." The schemes are part of illicit revenue generation efforts by the North Korean regime, which faces financial sanctions over its nuclear weapons program, as well as a component of the country's cyberespionage activities.

The U.S. Treasury department first warned about the tactic in 2022. Thosands of highly skilled IT workers are taking advantage of the demand for software developers to obtain freelance contracts from clients around the world, including in North America, Europe, and East Asia. "Although DPRK [North Korean] IT workers normally engage in IT work distinct from malicious cyber activity, they have used the privileged access gained as contractors to enable the DPRK's malicious cyber intrusions," the Treasury department warned... North Korean IT workers present themselves as South Korean, Chinese, Japanese, or Eastern European, and as U.S.-based teleworkers. In some cases, DPRK IT workers further obfuscate their identities by creating arrangements with third-party subcontractors.

Christina Chapman, a resident of Arizona, faces fraud charges over an elaborate scheme that allegedly allowed North Korean IT workers to pose as U.S. citizens and residents using stolen identities to obtain jobs at more than 300 U.S. companies. U.S. payment platforms and online job site accounts were abused to secure jobs at more than 300 companies, including a major TV network, a car manufacturer, a Silicon Valley technology firm, and an aerospace company... According to a U.S. Department of Justice indictment, unsealed in May 2024, Chapman ran a "laptop farm," hosting the overseas IT workers' computers inside her home so it appeared that the computers were located in the U.S. The 49-year-old received and forged payroll checks, and she laundered direct debit payments for salaries through bank accounts under her control. Many of the overseas workers in her cell were from North Korea, according to prosecutors. An estimated $6.8 million were paid for the work, much of which was falsely reported to tax authorities under the name of 60 real U.S. citizens whose identities were either stolen or borrowed...

Ukrainian national Oleksandr Didenko, 27, of Kyiv, was separately charged over a years-long scheme to create fake accounts at U.S. IT job search platforms and with U.S.-based money service transmitters. "Didenko sold the accounts to overseas IT workers, some of whom he believed were North Korean, and the overseas IT workers used the false identities to apply for jobs with unsuspecting companies," according to the U.S. Department of Justice. Didenko, who was arrested in Poland in May, faces U.S. extradition proceedings...

How this type of malfeasance plays out from the perspective of a targeted firm was revealed by security awareness vendor KnowBe4's candid admission in July that it unknowingly hired a North Korean IT spy... A growing and substantial body of evidence suggests KnowBe4 is but one of many organizations targeted by illicit North Korean IT workers. Last November security vendor Palo Alto reported that North Korean threat actors are actively seeking employment with organizations based in the U.S. and other parts of the world...

Mandiant, the Google-owned threat intel firm, reported last year that "thousands of highly skilled IT workers from North Korea" are hunting work. More recently, CrowdStrike reported that a North Korean group it dubbed "Famous Chollima" infiltrated more than 100 companies with imposter IT pros.

The article notes the infiltrators use chatbots to tailor the perfect resume "and further leverage AI-created deepfakes to pose as real people." And the article includes this quote from a former intelligence analyst for the U.S. Air Force turned cybersecurity strategist at Sysdig. "In some cases, they may try to get jobs at tech companies in order to steal their intellectual property before using it to create their own knock-off technologies."

The article closes with its suggested "countermeasures," including live video-chats with prospective remote-work applicants — and confirming an applicant's home address.
Verizon

Verizon Taps Another Satellite Operator To Make Texting From the Middle of Nowhere Easier (theregister.com) 20

Verizon has teamed up with another satellite operator to offer US customers a commercial direct-to-device messaging service for when a terrestrial cell network is not available, starting this fall. From a report: The telecoms giant says that US customers with compatible smartphones will have access to emergency messaging and location sharing, even when out of range of a cell tower, and from early next year it will offer the ability to text anywhere via a satellite connection, again with compatible devices. Verizon told The Register that there are no additional costs planned for this service, and any customer with a capable device can take advantage of it, irrespective of price plan.

It will be available on the Pixel 9 family of devices out of the box, with the Galaxy S25 to follow, a Verizon spokesperson told us. "Next year we will add text anywhere functionality to the emergency text and location services available this year," they added. This sounds somewhat similar to the Emergency SOS feature introduced by Apple with the iPhone 14 two years ago, which also enabled users to contact emergency services via a satellite link. Verizon says its service will complement Apple's iOS 18 satellite features, so customers using different devices will also have the ability to text anywhere. As partner for this service, Verizon has picked Skylo, a company that styles itself as a pioneer in Non-Terrestrial Network (NTN) communications for smartphones and other devices.

Power

Publicly Available EV Charger Network Doubles Under Biden-Harris Administration (electrek.co) 247

An anonymous reader quotes a report from Electrek: Over 192,000 publicly available charging ports are now online, and approximately 1,000 new chargers are being added each week. To build on this momentum, the federal government has awarded $521 million in grants to further expand the national network, with new chargers being deployed across 29 states, two Federally Recognized Tribes, and the District of Columbia.

The $521 million investment is divided into two key areas: 41 community projects ($321 million) and 10 corridor fast-charging projects ($200 million). The grant awards also support President Biden's Justice40 Initiative, which aims for 40% of the overall benefits of federal investments to flow to disadvantaged communities, with over half of the funding going to sites in disadvantaged communities.
US Transportation Secretary Pete Buttigieg emphasized the importance of this initiative, stating, "The Biden-Harris Administration has been clear about America leading the EV revolution, and thanks to the historic [Bipartisan Infrastructure Law] package, we're building a nationwide EV charger network to make sure all drivers have an accessible, reliable, and convenient way to charge their vehicles."
China

Chinese Hackers Breach US Internet Firms via Startup, Lumen Says (msn.com) 16

The state-sponsored Chinese hacking campaign known as Volt Typhoon is exploiting a bug in a California-based startup to hack American and Indian internet companies, according to security researchers. From a report: Volt Typhoon has breached four US firms, including internet service providers, and another in India through a vulnerability in a Versa Networks server product, according to Lumen's unit Black Lotus Labs. Their assessment, much of which was published in a blog post on Tuesday, found with "moderate confidence" that Volt Typhoon was behind the breaches of unpatched Versa systems and said exploitation was likely ongoing.

Versa, which makes software that manages network configurations and has attracted investment from Blackrock and Sequoia Capital, announced the bug last week and offered a patch and other mitigations. The revelation will add to concerns over the susceptibility of US critical infrastructure to cyberattacks. The US this year accused Volt Typhoon of infiltrating networks that operate critical US services, including some of the country's water facilities, power grid and communications sectors, in order to cause disruptions during a future crisis, such as an invasion of Taiwan.

Slashdot Top Deals