LinkedIn has been hit by a rise in sophisticated recruitment scams, as fraudsters seek to take advantage of the trend towards remote working and widespread lay-offs across the tech sector. From a report: Jobseekers on the world's largest professional network are being defrauded out of money after taking part in fake recruitment processes set up by scammers who pose as employers, before obtaining personal and financial information. "There's certainly an increase in the sophistication of the attacks and the cleverness," Oscar Rodriguez, vice-president of product management at LinkedIn told the Financial Times "We see websites being set up, we see phone numbers with a seemingly professional operator picking up the phone and answering on the company's behalf. We see a move to more sophisticated deception," he added.

The warning comes as the Microsoft-owned social media company said it has sought to block tens of millions of fake accounts in recent months, while US regulators warn of an increase in jobs-related cons. Last month, cyber security company Zscaler revealed a scam that targeted jobseekers and a dozen US companies, where fraudsters approached people through LinkedIn's direct messaging feature InMail. Scammers identified businesses that were already hiring, including enterprise software company Zuora, software developer Intellectsoft and Zscaler itself. They then created "lookalike" websites with similar job ads and, via LinkedIn's InMail feature, invited jobseekers to enter personal information into the websites, before conducting remote interviews via Skype.

An explosion in proposed clean energy ventures in America "has overwhelmed the system for connecting new power sources to homes and businesses," reports the New York Times: So many projects are trying to squeeze through the approval process that delays can drag on for years, leaving some developers to throw up their hands and walk away.

More than 8,100 energy projects — the vast majority of them wind, solar and batteries — were waiting for permission to connect to electric grids at the end of 2021, up from 5,600 the year before, jamming the system known as interconnection.... PJM Interconnection, which operates the nation's largest regional grid, stretching from Illinois to New Jersey, has been so inundated by connection requests that last year it announced a freeze on new applications until 2026, so that it can work through a backlog of thousands of proposals, mostly for renewable energy.

It now takes roughly four years, on average, for developers to get approval, double the time it took a decade ago. And when companies finally get their projects reviewed, they often face another hurdle: the local grid is at capacity, and they are required to spend much more than they planned for new transmission lines and other upgrades. Many give up. Fewer than one-fifth of solar and wind proposals actually make it through the so-called interconnection queue, according to research from Lawrence Berkeley National Laboratory. "From our perspective, the interconnection process has become the No. 1 project killer," said Piper Miller, vice president of market development at Pine Gate Renewables, a major solar power and battery developer....

A potentially bigger problem for solar and wind is that, in many places around the country, the local grid is clogged, unable to absorb more power. That means if a developer wants to build a new wind farm, it might have to pay not just for a simple connecting line, but also for deeper grid upgrades elsewhere.... These costs can be unpredictable. In 2018, EDP North America, a renewable energy developer, proposed a 100-megawatt wind farm in southwestern Minnesota, estimating it would have to spend $10 million connecting to the grid. But after the grid operator completed its analysis, EDP learned the upgrades would cost $80 million. It canceled the project.

That creates a new problem: When a proposed energy project drops out of the queue, the grid operator often has to redo studies for other pending projects and shift costs to other developers, which can trigger more cancellations and delays. It also creates perverse incentives, experts said. Some developers will submit multiple proposals for wind and solar farms at different locations without intending to build them all. Instead, they hope that one of their proposals will come after another developer who has to pay for major network upgrades. The rise of this sort of speculative bidding has further jammed up the queue.

Three long-time Slashdot readers all submitted this story — schwit1, sinij, and DevNull127.

DevNull127 writes: Four U.S. agencies have concluded that the Covid-19 virus originated at the Wuhan market, the Wall Street Journal reports. The U.S. National Intelligence Council reached the same conclusion. Then there's two more agencies (including America's CIA) that are "undecided."

But there is one agency that decided — with "low confidence" — that the virus had somehow leaked from a lab. (And the FBI also decided with "moderate confidence" on that same theory.) "The new report highlights how different parts of the intelligence community have arrived at disparate judgments about the pandemic's origin," writes the Wall Street Journal — adding that unfortunately U.S. officials "declined" to give any details on what led to the Energy Department's position.
The Wall Street Journal also notes: Despite the agencies' differing analyses, the update reaffirmed an existing consensus between them that Covid-19 wasn't the result of a Chinese biological-weapons program, the people who have read the classified report said....

Some scientists argue that the virus probably emerged naturally and leapt from an animal to a human, the same pathway for outbreaks of previously unknown pathogens. Intelligence analysts who have supported that view give weight to "the precedent of past novel infectious disease outbreaks having zoonotic origins," the flourishing trade in a diverse set of animals that are susceptible to such infections, and their conclusion that Chinese officials didn't have foreknowledge of the virus, the 2021 report said.
Also responding to the Department of Energy's outlying position was a virologist at the Vaccine and Infectious Disease Organization at Canada's University of Saskatchewan, who posted a series of observations on Twitter: The available evidence shows overwhelmingly that the pandemic started at Huanan market via zoonosis. I have no idea what this evidence that Department of Energy has is. All I know that it is "weak" and resulted in a conclusion of "low confidence".

It reportedly comes from the DOE's own network of national labs rather than through spying. But I do know that to be consistent with the available scientific evidence, the DOE has to explain how the virus emerged twice over 2 wks in humans at the same market the size of a tennis court, over 8 km & across a river from the only lab in Wuhan working on SARSr-CoVs....

Claims of a progenitor at WIV are pure speculation & unsupported by evidence.... Despite 3 years of a global search for this evidence, it has not materialized, while evidence supporting zoonosis associated with Huanan has continued to stack up. At some point, an absence of evidence might just be evidence of absence.

An interesting profile of EV entrepreneur Horace Luke from Rest of World: During his time working for companies like Microsoft and HTC on projects like the Xbox gaming system and Android phones, Luke mulled over the idea of mobility. In 2011, he pitched the idea that would form the core of his company Gogoro: an electric vehicle that didn't have to take up space and time charging its batteries, but instead relied on a network of batteries that could be swapped at roadside stations, like filling up a gas tank. Multiple investors and vehicle makers told him the idea was impossible.

Today, Gogoro battery-swapping stations are as common as gas stations in Taiwan, and the network supports nearly 400,000 battery swaps a day, by over 526,000 riders. Last year, according to the Taiwanese government, 12% of all scooters sold in Taiwan were electric, and over 90% of those relied on Gogoro batteries. But in order to make the battery network a reality, Gogoro didn't have to develop just the batteries but also the vehicles that use them, along with an internal management software that encompasses everything from the supply of vehicle parts to the number of charged batteries at stations to how far riders can go before their next swap.
And the company now has pilot projects in Germany, India, Indonesia, Israel, the Philippines, Singapore, and South Korea.

An anonymous reader quotes a report from The Verge: Since Thursday morning, Dish Network has been experiencing a major outage that's taken down the company's main websites, apps, and customer support systems, and employees tell The Verge it's not clear what's going on inside the company. The company's Dish.com website is completely blank save for a notice apologizing for "any disruptions you may be having" while promising that "teams are working hard to restore systems as soon as possible." The Boost Mobile and Boost Infinite sites display a similar message. When we called each brand's customer support lines, there were no humans on the other end -- each call automatically hung up after delivering a recorded message about the outage.

In an ironic twist, the outage started around the time that Dish was set to release its earnings for Q4 and fiscal year 2022. CEO Erik Carlson addressed it during the company's earnings call, saying the company was experiencing an "internal outage that's continuing to affect our internal servers and IT telephony." While Carlson claimed that Dish, Sling, and the company's wireless networks were operating normally, he admitted that "internal communications, customer care functions, Internet sites" were knocked out. Internally, frontline employees have been kept in the dark about what's going on. Two sources tell The Verge that they are being told to stand by for information from their leadership teams, which haven't yet been forthcoming. They say it hasn't even been made clear whether they'll be paid. Employees have also been told that they won't be able to connect to their VPN, keeping remote workers from logging in to work.

Despite Carlson's comments that Dish's services should be working normally, Downdetector shows an increase in reports of issues using Dish Network's services, which include satellite TV and Boost Mobile's wireless network. Customers are reporting on social media that they're unable to activate new equipment or SIM cards received from the company, and alleged technicians say they can't complete installs and upgrades for customers. Customers have also said that the outage is preventing them from paying their bills. Some of the company's sites, like dishwireless.com and launch.5gmobilegenesis.com, are currently completely down and don't even display an error message. The good news is that the outage doesn't appear to be the result of a cyberattack, according to The Desk, though Dish likely hasn't concluded its investigation yet.

An anonymous reader quotes a report from The Guardian: It is the children's toy, invented in Britain, that inspired a passion for engineering, science and technology in generations of youngsters -- and their parents. Meccano building sets filled with reusable perforated metal -- and later plastic -- strips, plates, nuts, bolts, winches, wires, wheels and even motors have been used to construct models and mechanical devices for more than 120 years.

Now the last dedicated Meccano factory in the world is being closed and dismantled. The Canadian company that owns Meccano has said the plant at Calais will close at the beginning of 2024, putting 51 people out of work. It blamed the soaring cost of raw materials and "a lack of competitiveness" for the closure. Spin Master, which bought the brand in 2013, said Meccano toys would continue to be produced by its "network of partners in Europe, Asia and Latin America."

"We have no other choice than to envisage the end of industrial activity at the Calais factory," Spin Master said in a statement, adding that the factory had "never managed to break even" in spite of receiving 7 million euros in investment since 2014.

Meccano was the largest toy manufacturer in the UK by the 1930s. "By the 1920s Meccano Magazine had a monthly circulation of 70,000 and Meccano groups had sprung up around the world," adds The Guardian. "It has been in decline since the 1950s."

The European Commission on Thursday launched a consultation on the future of Europe's telecoms sector, starting a process that could lead to requiring Alphabet's Google, Apple, Meta and Netflix to pay some network costs. From a report: For more than two decades Deutsche Telekom, Orange, Telefonica, Telecom Italia and other operators have lobbied for leading technology companies to contribute to 5G and broadband roll-out. They argue companies including Amazon and Microsoft account for more than half of data internet traffic. The tech firms in response call it an internet tax that will undermine EU network neutrality rules to treat all users equally. The 12-week consultation will end on May 19. EU industry chief Thierry Breton cited the heavy investments required to roll out 5G and broadband, saying he was not targeting any company.

An anonymous reader shares a report: There was speculation that Samsung could use smartphone-to-satellite technology in its Galaxy S23 much like Apple has for the iPhone 14, but that didn't happen in the end. Now, the company has unveiled a new standardized 5G NTN (non-terrestrial network) modem that will enable two-way communication between smartphones and satellites. The technology will allow users to send and receive calls, text messages and data without the need for a cellular network, and will be integrated into Samsung's future Exynos chips.

The aim is to allow people in mountains, deserts or other remote areas to communication with others in critical situations. 5G NTN conforms to 3rd Generation Partnership Project (3GPP Release 17) standards, meaning it works with traditional communication services from chip manufacturers, smartphone makers and telecoms. However, Samsung indicated that the tech could eventually be used to transmit high-definition photos and even video, on top of texts and calls.

Artifact, the personalized news reader built by Instagram's co-founders, is now open to the public, no sign-up required. TechCrunch reports: With today's launch, Artifact is dropping its waitlist and phone number requirements, introducing the app's first social feature and adding feedback controls to better personalize the news reading experience, among other changes. [...] With today's launch, Artifact will now give users more visibility into their news reading habits with a newly added stats feature that shows you the categories you've read as well as the recent articles you read within those categories, plus the publishers you've been reading the most. But it will also group your reading more narrowly by specific topics. In other words, instead of just "tech" or "AI," you might find you've read a lot about the topic "ChatGPT," specifically.

In time, Artifact's goal is to provide tools that would allow readers to click a button to show more or less from a given topic to better control, personalize and diversify their feed. In the meantime, however, users can delve into settings to manage their interests by blocking or pausing publishers or selecting and unselecting general interest categories. Also new today is a feature that allows you to upload your contacts in order to see a signal that a particular article is popular in your network. This is slightly different from Twitter's Top Articles feature, which shows you articles popular with the people you follow, because Artifact's feature is more privacy-focused.

"It doesn't tell you who read it. It doesn't tell you how many of them read it, so it keeps privacy -- and we clearly don't do it with just one read. So you can't have one contact and like figure out what that one contact is reading ... it has to meet a certain minimum threshold," notes [Instagram co-founder Kevin Systrom]. This way, he adds, the app isn't driven by what your friends are reading, but it can use that as a signal to highlight items that everyone was reading. In time, the broader goal is to expand the social experience to also include a way to discuss the news articles within Artifact itself. The beta version, limited to testers, offers a Discover feed where users can share articles and like and comment on those shared by others. There's a bit of a News Feed or even Instagram-like quality to engaging with news in this way, we found.

An anonymous reader quotes a report from Ars Technica: Today Google search works by building a huge index of the web, and when you search for something, those index entries gets scanned and ranked and categorized, with the most relevant entries showing up in your search results. Google's results page actually tells you how long all of this takes when you search for something, and it's usually less than a second. A ChatGPT-style search engine would involve firing up a huge neural network modeled on the human brain every time you run a search, generating a bunch of text and probably also querying that big search index for factual information. The back-and-forth nature of ChatGPT also means you'll probably be interacting with it for a lot longer than a fraction of a second.

All that extra processing is going to cost a lot more money. After speaking to Alphabet Chairman John Hennessy (Alphabet is Google's parent company) and several analysts, Reuters writes that "an exchange with AI known as a large language model likely costs 10 times more than a standard keyword search" and that it could represent "several billion dollars of extra costs."

Exactly how many billions of Google's $60 billion in yearly net income will be sucked up by a chatbot is up for debate. One estimate in the Reuters report is from Morgan Stanley, which tacks on a $6 billion yearly cost increase for Google if a "ChatGPT-like AI were to handle half the queries it receives with 50-word answers." Another estimate from consulting firm SemiAnalysis claims it would cost $3 billion. [...] Alphabet's Hennessy told Reuters that Google is looking into driving down costs, calling it "a couple year problem at worst."

Regulators have told major Chinese tech companies not to offer ChatGPT services to the public amid growing alarm in Beijing over the AI-powered chatbot's uncensored replies to user queries. From a report: Tencent Holdings and Ant Group, the fintech affiliate of Alibaba Group Holding, have been instructed not to offer access to ChatGPT services on their platforms, either directly or via third parties, people with direct knowledge of the matter told Nikkei Asia. Tech companies will also need to report to regulators before they launch their own ChatGPT-like services, the sources added.

ChatGPT, developed by Microsoft-backed startup OpenAI, is not officially available in China but some internet users have been able to access it using a virtual private network (VPN). There have also been dozens of "mini programs" released by third-party developers on Tencent's WeChat social media app that claim to offer services from ChatGPT. Under regulatory pressure, Tencent has suspended several such third-party services regardless of whether they were connected to ChatGPT or were in fact copycats, people familiar with the matter told Nikkei. This is not the first time that China has blocked foreign websites or applications. Beijing has banned dozens of prominent U.S. websites and apps. Between 2009 and 2010, it moved to block Google, Facebook, YouTube, and Twitter. Between 2018 and 2019, it instituted bans on Reddit and Wikipedia.

Tumblr's parody of paid verification has already delivered the social network and blogging platform a 125% boost in iOS in-app purchase revenue since November, according to a new analysis of the app's in-app consumer spending. TechCrunch reports: The company, now operated by WordPress.com owner Automattic following its 2019 acquisition, launched its response to Twitter's paid verification hustle with the addition of its own purely cosmetic double blue checks -- a sort of tongue-in-cheek rebuttal to the idea that subscription-based verification had any real value. As it turns out, at least some Tumblr users were willing to pay -- though perhaps not for clout, but because in-jokes have proven to be a more successful monetization strategy for the blogging network than some of its more legitimate attempts to make money, such as its creator-focused subscription, Post+. After being met with community backlash, at one point Post+ was being outperformed from a monetization perspective by crabs -- a goofy paid feature that let users send animated dancing crabs to each other's dashboards.

According to new data from app intelligence firm Sensor Tower provided to TechCrunch, consumer spending on Tumblr's iOS app increased since November 2022's double-blue check launch, now totaling $263,000 in net revenue. While that's not a significant figure in the grand scheme of things by any means, it still represents a 125% jump in spending compared with the prior three-month total of August through October 2022. When looking at more long-term trends, Tumblr's revenue remains up -- but not by as much. Sensor Tower says the in-app purchase revenue on iOS is up 19%, compared with the prior ten months ahead of the blue check's launch (January through October 2022).

An anonymous reader quotes a report from Ars Technica: New data suggests that psychedelics may activate serotonin signaling in a very different way than serotonin itself can, reaching the receptors in parts of the cell that serotonin can't get to. Serotonin signaling is complicated. There are seven classes of receptors in humans; some activate signaling pathways, while others inhibit them. One group of receptors allows ions into a cell in response to serotonin, triggering nerve impulses. The rest interact with proteins inside the cell, triggering longer-term responses to serotonin. Psychedelics such as LSD and mescaline bind to members of this latter group and activate it.

This action produces some rather dramatic changes in how people perceive their surroundings. But there's also some evidence that psychedelics promote changes to nerve cells that allow these cells to alter their connectivity. This occurs by causing the structures that receive input from other nerve cells, called dendrites, to grow and branch, potentially allowing additional or altered inputs. One hypothesis is that this altered connectivity allows cells to escape whatever network configuration has been associated with a medical disorder. The researchers confirmed these results using DMT, a psychedelic found in ayahuasca, and psilocin, the active form of the drug psilocybin, which is typically obtained from mushrooms. Twenty-four hours after mice received one of these drugs, nerve cells in their brains had an increased density of extensions from their dendrites. This growth was accompanied by an increased frequency of activity in individual nerve cells. Running the same tests in mice that lacked the gene for the specific serotonin receptor that these drugs target blocked both of these effects, confirming that serotonin signaling is central to the changes.

The researchers then started testing close chemical relatives of the drugs and saw a clear pattern: Making the drug less likely to interact with water boosted their effects on neurons. This suggested that the ability to cross membranes, which are very water-repellant, might be needed to promote changes in dendrites. To confirm this, the researchers poked holes in the membranes, which boosted the activity of water-friendly drug variants that wouldn't readily cross the membrane. This is all a bit confusing because the serotonin receptors sit inside the membrane and interact with the cell's exterior. They have to -- that's where the serotonin is. So why would anything that interacted with those receptors need to cross a membrane to the cell's interior? The receptors on the cell's surface are definitely key to the cell's response to serotonin. But the receptors don't just magically appear on the cell's surface -- they're made elsewhere in the cell and take a while to be processed and transported to the surface. The researchers found a population of serotonin receptors sitting inside a structure called the Golgi. It's not clear whether this population is simply on its way to the cell surface or whether it's retained there by some specific biological activity. Normally, these receptors wouldn't come into contact with serotonin, so they wouldn't signal from this location. But the researchers modified a protein to make it pump serotonin inside of cells and showed that it had the same effect the psychedelics had, suggesting the receptors could be activated and that this activation was key to altering neural connectivity. The study has been published in the journal Science.

Web hosting giant GoDaddy says it suffered a breach where unknown attackers have stolen source code and installed malware on its servers after breaching its cPanel shared hosting environment in a multi-year attack. From a report: While GoDaddy discovered the security breach in early December 2022 following customer reports that their sites were being used to redirect to random domains, the attackers had access to the company's network for multiple years. "Based on our investigation, we believe these incidents are part of a multi-year campaign by a sophisticated threat actor group that, among other things, installed malware on our systems and obtained pieces of code related to some services within GoDaddy," the hosting firm said in an SEC filing. The company says that previous breaches disclosed in November 2021 and March 2020 are also linked to this multi-year campaign. The November 2021 incident led to a data breach affecting 1.2 million Managed WordPress customers after attackers breached GoDaddy's WordPress hosting environment using a compromised password. They gained access to the email addresses of all impacted customers, their WordPress Admin passwords, sFTP and database credentials, and SSL private keys of a subset of active clients.

Researchers have discovered a clever piece of malware that stealthily exfiltrates data and executes malicious code from Windows systems by abusing a feature in Microsoft Internet Information Services (IIS). From a report: IIS is a general-purpose web server that runs on Windows devices. As a web server, it accepts requests from remote clients and returns the appropriate response. In July 2021, network intelligence company Netcraft said there were 51.6 million instances of IIS spread across 13.5 million unique domains. IIS offers a feature called Failed Request Event Buffering that collects metrics and other data about web requests received from remote clients. Client IP addresses and port and HTTP headers with cookies are two examples of the data that can be collected. FREB helps administrators troubleshoot failed web requests by retrieving ones meeting certain criteria from a buffer and writing them to disk. The mechanism can help determine the cause of 401 or 404 errors or isolate the cause of stalled or aborted requests.

Criminal hackers have figured out how to abuse this FREB feature to smuggle and execute malicious code into protected regions of an already compromised network. The hackers can also use FREB to exfiltrate data from the same protected regions. Because the technique blends in with legitimate eeb requests, it provides a stealthy way to further burrow into the compromised network. The post-exploit malware that makes this possible has been dubbed Frebniis by researchers from Symantec, who reported on its use on Thursday. Frebniis first ensures FREB is enabled and then hijacks its execution by injecting malicious code into the IIS process memory and causing it to run. Once the code is in place, Frebniis can inspect all HTTP requests received by the IIS server.

Sarah Blesener writes via The New York Times: Since his arrest two months ago, Samuel Bankman-Fried, the disgraced cryptocurrency executive, has been physically confined to the Palo Alto home of his parents, under the force of a $250 million bail package. But he has roamed largely unfettered in the wilderness of the internet: conducting interviews, posting narratives, making calls on encrypted apps and using a virtual private network, a web tool that allows users to conceal data and visit websites without detection. Those unrestrained days may soon be over. On Thursday, a federal judge overseeing Mr. Bankman-Fried's multibillion-dollar fraud case signaled a willingness to jail him for his persistent testing of his confinement's boundaries, going beyond what prosecutors had asked. "Why am I being asked to turn him loose in this garden of electronic devices?" the judge, Lewis A. Kaplan, asked prosecutors, describing the well-wired home of Mr. Bankman-Fried's parents, both professors at Stanford Law School.

No new conditions were set during Thursday's hearing, the latest of several hearings, held in federal court in Manhattan, to consider more restrictive bail terms. Judge Kaplan asked both sides to prepare concrete proposals that would limit and monitor Mr. Bankman-Fried's access to the internet without inhibiting his ability to participate in his defense. Federal prosecutors in Manhattan have charged Mr. Bankman-Fried with orchestrating widespread fraud at FTX, the cryptocurrency exchange he founded, accusing him of misappropriating billions of dollars of customers' money. Prosecutors said he used the funds to finance lavish real estate purchases, political contributions and investments in other companies. After he was charged in December, Mr. Bankman-Fried was released on bail with the requirement that he wear an ankle monitor and stay confined to his parents' house. [...]

When you use supermarket discount cards, you are sharing much more than what is in your cart. From a report: When you hit the checkout line at your local supermarket and give the cashier your phone number or loyalty card, you are handing over a valuable treasure trove of data that may not be limited to the items in your shopping cart. Many grocers systematically infer information about you from your purchases and "enrich" the personal information you provide with additional data from third-party brokers, potentially including your race, ethnicity, age, finances, employment, and online activities.

Some of them even track your precise movements in stores. They then analyze all this data about you and sell it to consumer brands eager to use it to precisely target you with advertising and otherwise improve their sales efforts. Leveraging customer data this way has become a crucial growth area for top supermarket chain Kroger and other retailers over the past few years, offering much higher margins than milk and eggs. And Kroger may be about to get millions of households bigger. In October 2022, Kroger and another top supermarket chain, Albertsons, announced plans for a $24.6 billion merger that would combine the top two supermarket chains in the U.S., creating stiff competition for Walmart, the overall top seller of groceries.

U.S. regulators and members of Congress are scrutinizing the deal, including by examining its potential to erode privacy: Kroger has carefully grown two "alternative profit business" units that monetize customer information, expected by Kroger to yield more than $1 billion in "profits opportunity." Folding Albertsons into Kroger will potentially add tens of millions of additional households to this data pool, netting half the households in America as customers. While Kroger is certainly not the only large retailer collecting and monetizing shopper data through the use of loyalty programs, the company's evolution from a traditional grocery business to a digitally sophisticated retailer with its own data science unit sets it apart from its larger competitors like Walmart, which also collects, analyzes and monetizes shopper data for brands and for targeted advertising on its own retail ad network.

Community Health Systems (CHS), one of the largest healthcare providers in the United States with close to 80 hospitals in 16 states, confirmed this week that criminal hackers accessed the personal and protected health information of up to 1 million patients. TechCrunch reports: The Tennessee-based healthcare giant said in a filing with government regulators that the data breach stems from its use of a popular file-transfer software called GoAnywhere MFT, developed by Fortra (previously known as HelpSystems), which is deployed by large businesses to share and send large sets of data securely. Community Health Systems said that Fortra recently notified it of a security incident that resulted in the unauthorized disclosure of patient data. "As a result of the security breach experienced by Fortra, protected health information and personal information of certain patients of the company's affiliates were exposed by Fortra's attacker," according to the filing by Community Health Systems, which was first spotted by DataBreaches.net. The healthcare giant added that it would offer identity theft protection services and notify all affected individuals whose information was exposed, but said there had been no material interruption to its delivery of patient care.

CHS hasn't said what types of data were exposed and a spokesperson has not yet responded to TechCrunch's questions. This is CHS' second-known breach of patient data in recent years. The Russia-linked ransomware gang Clop has reportedly taken responsibility for exploiting the new zero-day in a new hacking campaign and claims to have already breached over a hundred organizations that use Fortra's file-transfer technology -- including CHS. While CHS has been quick to come forward as a victim, Clop's claim suggests there could be dozens more affected organizations out there -- and if you're one of the thousands of GoAnywhere users, your company could be among them. Thankfully, security experts have shared a bunch of information about the zero-day and what you can do to protect against it. Security researcher Brian Krebs first flagged the zero-day vulnerability in Fortra's GoAnywhere software on February 2.

"A zero-day remote code injection exploit was identified in GoAnywhere MFT," Fortra said in its hidden advisory. "The attack vector of this exploit requires access to the administrative console of the application, which in most cases is accessible only from within a private company network, through VPN, or by allow-listed IP addresses (when running in cloud environments, such as Azure or AWS)."

Tesla will open part of its U.S. charging network to electric vehicles (EVs) made by rivals as part of a $7.5 billion federal program to expand the use of EVs to cut carbon emissions, the Biden administration said on Wednesday. Reuters reports: Such a move could help turn Tesla into the universal "filling station" of the EV era - and risk eroding a competitive edge for vehicles made by the company, which has exclusive access to the biggest network of high-speed Superchargers in the United States. By late 2024, Tesla will open 3,500 new and existing Superchargers along highway corridors to non-Tesla customers, the Biden administration said. It will also offer 4,000 slower chargers at locations like hotels and restaurants.

A White House official said at a briefing that Tesla would be eligible for a subsidy - including retrofitting its existing fleet - as long as its chargers would allow other vehicles with a federally backed charging standard called CCS to charge. The administration said Tesla has not committed to adopting CCS as its standard, but it must comply with the requirements to qualify for federal funds.

An anonymous reader quotes a report from BleepingComputer: Oakland has declared a local state of emergency because of the impact of a ransomware attack that forced the City to take all its IT systems offline on February 8th. Interim City Administrator G. Harold Duffey declared (PDF) a state of emergency to allow the City of Oakland to expedite orders, materials and equipment procurement, and activate emergency workers when needed. "Today, Interim City Administrator, G. Harold Duffey issued a local state of emergency due to the ongoing impacts of the network outages resulting from the ransomware attack that began on Wednesday, February 8," a statement issued today reads. The incident did not affect core services, with the 911 dispatch and fire and emergency resources all working as expected.

While last week's ransomware attack only impacted non-emergency services, many systems taken down immediately after the incident to contain the threat are still offline. The ransomware group behind the attack is currently unknown, and the City is yet to share any details regarding ransom demands or data theft from compromised systems. "The City's IT Department is working with a leading forensics firm to perform an extensive incident response and analysis, as well as with additional cybersecurity and technology firms on recovery and remediation efforts," the statement said. "This continues to be an ongoing investigation with multiple local, state, and federal agencies involved."