An anonymous reader quotes a report from Wired: When thousands of security researchers descend on Las Vegas every August for what's come to be known as "hacker summer camp," the back-to-back Black Hat and Defcon hacker conferences, it's a given that some of them will experiment with hacking the infrastructure of Vegas itself, the city's elaborate array of casino and hospitality technology. But at one private event in 2022, a select group of researchers were actually invited to hack a Vegas hotel room, competing in a suite crowded with their laptops and cans of Red Bull to find digital vulnerabilities in every one of the room's gadgets, from its TV to its bedside VoIP phone. One team of hackers spent those days focused on the lock on the room's door, perhaps its most sensitive piece of technology of all. Now, more than a year and a half later, they're finally bringing to light the results of that work: a technique they discovered that would allow an intruder to open any of millions of hotel rooms worldwide in seconds, with just two taps.

Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security vulnerabilities that would allow a hacker to almost instantly open several models of Saflok-brand RFID-based keycard locks sold by the Swiss lock maker Dormakaba. The Saflok systems are installed on 3 million doors worldwide, inside 13,000 properties in 131 countries. By exploiting weaknesses in both Dormakaba's encryption and the underlying RFID system Dormakaba uses, known as MIFARE Classic, Carroll and Wouters have demonstrated just how easily they can open a Saflok keycard lock. Their technique starts with obtaining any keycard from a target hotel -- say, by booking a room there or grabbing a keycard out of a box of used ones -- then reading a certain code from that card with a $300 RFID read-write device, and finally writing two keycards of their own. When they merely tap those two cards on a lock, the first rewrites a certain piece of the lock's data, and the second opens it.

Dormakaba says that it's been working since early last year to make hotels that use Saflok aware of their security flaws and to help them fix or replace the vulnerable locks. For many of the Saflok systems sold in the last eight years, there's no hardware replacement necessary for each individual lock. Instead, hotels will only need to update or replace the front desk management system and have a technician carry out a relatively quick reprogramming of each lock, door by door. Wouters and Carroll say they were nonetheless told by Dormakaba that, as of this month, only 36 percent of installed Safloks have been updated. Given that the locks aren't connected to the internet and some older locks will still need a hardware upgrade, they say the full fix will still likely take months longer to roll out, at the very least. Some older installations may take years.

Hackers targeting individuals in the cryptocurrency sector are using a sophisticated phishing scheme that begins with a malicious link on Calendly. "The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call," reports Krebs on Security. "But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems." From the report: A search in Google for a string of text from that script turns up a December 2023 blog post from cryptocurrency security firm SlowMist about phishing attacks on Telegram from North Korean state-sponsored hackers. "When the project team clicks the link, they encounter a region access restriction," SlowMist wrote. "At this point, the North Korean hackers coax the team into downloading and running a 'location-modifying' malicious script. Once the project team complies, their computer comes under the control of the hackers, leading to the theft of funds."

SlowMist says the North Korean phishing scams used the "Add Custom Link" feature of the Calendly meeting scheduling system on event pages to insert malicious links and initiate phishing attacks. "Since Calendly integrates well with the daily work routines of most project teams, these malicious links do not easily raise suspicion," the blog post explains. "Consequently, the project teams may inadvertently click on these malicious links, download, and execute malicious code."

SlowMist said the malware downloaded by the malicious link in their case comes from a North Korean hacking group dubbed BlueNoroff, which Kaspersky Labs says is a subgroup of the Lazarus hacking group. "A financially motivated threat actor closely connected with Lazarus that targets banks, casinos, fin-tech companies, POST software and cryptocurrency businesses, and ATMs," Kaspersky wrote of BlueNoroff in Dec. 2023.

Fast Company notes that "the deadly impacts of Pegasus and other cyberweapons — wielded by governments from Spain to Saudi Arabia against human rights defenders, journalists, lawyers and others — is by now well documented. A wave of scrutiny and sanctions have helped expose the secretive, quasi-legal industry behind these tools, and put financial strain on firms like Israel's NSO Group, which builds Pegasus.

"And yet business is booming." New research published this month by Google and Meta suggest that despite new restrictions, the cyberattack market is growing, and growing more dangerous, aiding government violence and repression and eroding democracy around the globe.

"The industry is thriving," says Maddie Stone, a researcher at Google's Threat Analysis Group (TAG) who hunts zero-day exploits, the software bugs that have yet to be fixed and are worth potentially hundreds of millions to spyware sellers. "More companies keep popping up, and their government customers are determined to buy from them, and want these capabilities, and are using them." For the first time, half of known zero-days against Google and Android products now come from private companies, according to a report published this month by Stone's team at Google. Beyond prominent firms like NSO and Candiru, Google's researchers say they are tracking about 40 companies involved in the creation of hacking tools that have been deployed against "high risk individuals."

Of the 72 zero-day exploits Google discovered in the wild between 2014 and last year, 35 were attributed to these and other industry players, as opposed to state-backed actors. "If governments ever had a monopoly on the most sophisticated capabilities, that era is certainly over," reads the report.

The Google findings and a spyware-focused threat report published by Meta a week later reflect an increasingly tough response by Big Tech to an industry that profits from breaking into its systems. The reports also put new pressure on the US and others to take action against the mostly unregulated industry.
"In its report, Google describes a 'rise in turnkey espionage solutions' offered by dozens of shady companies..."

Thanks to Slashdot reader tedlistens for sharing the article.

Government hackers last year exploited three unknown vulnerabilities in Apple's iPhone operating system to target victims with spyware developed by a European startup, according to Google. TechCrunch: On Tuesday, Google's Threat Analysis Group, the company's team that investigates nation-backed hacking, published a report analyzing several government campaigns conducted with hacking tools developed by several spyware and exploit sellers, including Barcelona-based startup Variston. In one of the campaigns, according to Google, government hackers took advantage of three iPhone "zero-days," which are vulnerabilities not known to Apple at the time they were exploited. In this case, the hacking tools were developed by Variston, a surveillance and hacking technology startup whose malware has already been analyzed twice by Google in 2022 and 2023.

Google said it discovered the unknown Variston customer using these zero-days in March 2023 to target iPhones in Indonesia. The hackers delivered an SMS text message containing a malicious link that infected the target's phone with spyware, and then redirected the victim to a news article by the Indonesian newspaper Pikiran Rakyat. Google did not say who was Variston's government customer in this case.

In a regulatory filing today, Microsoft said that a Russian intelligence group hacked into some of the company's top executives' email accounts. CNBC reports: Nobelium, the same group that breached government supplier SolarWinds in 2020, carried out the attack, which Microsoft detected last week, according to the company. The announcement comes after new U.S. requirements for disclosing cybersecurity incidents went into effect. A Microsoft spokesperson said that while the company does not believe the attack had a material impact, it still wanted to honor the spirit of the rules.

In late November, the group accessed "a legacy non-production test tenant account," Microsoft's Security Response Center wrote in the blog post. After gaining access, the group "then used the account's permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents," the corporate unit wrote. The company's senior leadership team, including finance chief Amy Hood and president Brad Smith, regularly meets with CEO Satya Nadella. Microsoft said it has not found signs that Nobelium had accessed customer data, production systems or proprietary source code.

The U.S. government and Microsoft consider Nobelium to be part of the Russian foreign intelligence service SVR. The hacking group was responsible for one of the most prolific breaches in U.S. history when it added malicious code to updates to SolarWinds' Orion software, which some U.S. government agencies were using. Microsoft itself was ensnared in the hack. Nobelium, also known as APT29 or Cozy Bear, is a sophisticated hacking group that has attempted to breach the systems of U.S. allies and the Department of Defense. Microsoft also uses the name Midnight Blizzard to identify Nobelium. It was also implicated alongside another Russian hacking group in the 2016 breach of the Democratic National Committee's systems.

"The ambient light sensors present in most mobile devices can be accessed by software without any special permissions, unlike permissions required for accessing the microphone or the cameras," writes longtime Slashdot reader BishopBerkeley. "When properly interrogated, the data from the light sensor can reveal much about the user." IEEE Spectrum reports: While that may not seem to provide much detailed information, researchers have already shown these sensors can detect light intensity changes that can be used to infer what kind of TV programs someone is watching, what websites they are browsing or even keypad entries on a touchscreen. Now, [Yang Liu, a PhD student at MIT] and colleagues have shown in a paper in Science Advances that by cross-referencing data from the ambient light sensor on a tablet with specially tailored videos displayed on the tablet's screen, it's possible to generate images of a user's hands as they interact with the tablet. While the images are low-resolution and currently take impractically long to capture, he says this kind of approach could allow a determined attacker to infer how someone is using the touchscreen on their device. [...]

"The acquisition time in minutes is too cumbersome to launch simple and general privacy attacks on a mass scale," says Lukasz Olejnik, an independent security researcher and consultant who has previously highlighted the security risks posed by ambient light sensors. "However, I would not rule out the significance of targeted collections for tailored operations against chosen targets." But he also points out that, following his earlier research, the World Wide Web Consortium issued a new standard that limited access to the light sensor API, which has already been adopted by browser vendors.

Liu notes, however, that there are still no blanket restrictions for Android apps. In addition, the researchers discovered that some devices directly log data from the light sensor in a system file that is easily accessible, bypassing the need to go through an API. The team also found that lowering the resolution of the images could bring the acquisition times within practical limits while still maintaining enough detail for basic recognition tasks. Nonetheless, Liu agrees that the approach is too complicated for widespread attacks. And one saving grace is that it is unlikely to ever work on a smartphone as the displays are simply too small. But Liu says their results demonstrate how seemingly harmless combinations of components in mobile devices can lead to surprising security risks.

U.S. officials are worried about hacking and insider theft of AI secrets, which China has denied. From a report: On a July day in 2018, Xiaolang Zhang headed to the San Jose, Calif., airport to board a flight to Beijing. He had passed the checkpoint at Terminal B when his journey was abruptly cut short by federal agents. After a tipoff by Apple's security team, the former Apple employee was arrested and charged with stealing trade secrets related to the company's autonomous-driving program. It was a skirmish in a continuing shadow war between the U.S. and China for supremacy in artificial intelligence. The two rivals are seeking any advantage to jump ahead in mastering a technology with the potential to reshape economies, geopolitics and war.

Artificial intelligence has been on the Federal Bureau of Investigation's list of critical U.S. technologies to protect, just as China placed it on a list of technologies it wanted its scientists to achieve breakthroughs on by 2025. China's AI capabilities are already believed to be formidable, but U.S. intelligence authorities have lately made new warnings beyond the threat of intellectual-property theft. Instead of just stealing trade secrets, the FBI and other agencies believe China could use AI to gather and stockpile data on Americans at a scale that was never before possible. China has been linked to a number of significant thefts of personal data over the years, and artificial intelligence could be used as an "amplifier" to support further hacking operations, FBI Director Christopher Wray said, speaking at a press conference in Silicon Valley earlier this year.

Unciphered, a Seattle-based startup, claims to have cracked the seemingly unbreakable encryption of IronKey S200, a decade-old USB thumb drive. By exploiting an undisclosed vulnerability in the device, the company says it can bypass the drive's feature that erases its contents after 10 incorrect password attempts. The breakthrough came within a day of receiving a test device, suggesting that the firm's hacking technique, powered by high-performance computing, could have far-reaching implications.

The startup's focus is not just technological; it's after a specific IronKey that holds 7,002 bitcoins, valued at roughly $235 million, stored in a Swiss bank vault. The device belongs to Stefan Thomas, a Swiss crypto entrepreneur, who has forgotten the password and has only two password attempts left before losing access to his fortune. Unciphered believes its hacking capabilities could unlock Thomas' crypto vault and is preparing to reach out to him to offer its services. The only problem: Thomas doesn't seem to want their help. Wired: Earlier this month, not long after performing their USB-decrypting demonstration for me, Unciphered reached out to Thomas through a mutual associate who could vouch for the company's new IronKey-unlocking abilities and offer assistance. The call didn't even get as far as discussing Unciphered's commission or fee before Thomas politely declined. Thomas had already made a "handshake deal" with two other cracking teams a year earlier, he explained. In an effort to prevent the two teams from competing, he had offered each a portion of the proceeds if either one could unlock the drive. And he remains committed, even a year later, to giving those teams more time to work on the problem before he brings in anyone else -- even though neither of the teams has shown any sign of pulling off the decryption trick that Unciphered has already accomplished.

That has left Unciphered in a strange situation: It holds what is potentially one of the most valuable lockpicking tools in the cryptocurrency world, but with no lock to pick. "We cracked the IronKey," says Nick Fedoroff, Unciphered's director of operations. "Now we have to crack Stefan. This is turning out to be the hardest part." In an email to WIRED, Thomas confirmed that he had turned down Unciphered's offer to unlock his encrypted fortune. "I have already been working with a different set of experts on the recovery so I'm no longer free to negotiate with someone new," Thomas wrote. "It's possible that the current team could decide to subcontract Unciphered if they feel that's the best option. We'll have to wait and see." In past interviews, Thomas has said that his 7,002 bitcoins were left over from a payment he received for making a video titled "What is Bitcoin?" that published on YouTube in early 2011, when a bitcoin was worth less than a dollar. Later that year, he told WIRED that he'd inadvertently erased two backup copies of the wallet that held those thousands of coins, and then lost the piece of paper with the password to decrypt the third copy, stored on the IronKey. By then, his lost coins were worth close to $140,000.

A bomb threat against Caesars Forum, the main venue for this week's DEF CON hacking convention, led to the halls being cleared on Saturday evening and the building searched by fire crews and police officers. The Register reports: The timing was very bad, coming in the evening of the main party night for the event. The conference Goons, the red-shirted volunteers who serve as guides and organizers, were praised by attendees for managing the evacuation with aplomb, but when it became clear that the search for the suspect device was going to be hard to find, the DEC CON team cancelled the evening's festivities at Caesars, to the disappointment of thousands.

"Last night we were asked to evacuate the building due to a report of a suspicious package. Local police and fire departments conducted a thorough investigation and ultimately determined that the package was safe," the organizers said. "They also conducted additional sweeps of the building as a precaution before allowing our team to return and prepare for today's con. We are working quickly to keep the original schedule on track, but please check here for additional updates before arriving at DEF CON." The event kicked off on August 10 and wrapped up by August 13.

Presumably the hoax caller thought of themselves as a merry prankster, rather than the selfish idiot who ruined everyone's night - particularly the timing for those in the Track Four hall who were enjoying 2001: A Space Odyssey and who were forced to miss the crucial last 10 minutes of the movie. While tricks and pranks are something of a tradition, they only get respect if they are clever and intricate, not some fool showing they could use a telephone. It's not like security at the show wasn't heavy enough. The event was patrolled regularly by security guards in body armor with handguns, tasers, the occasional police dog, and a host of other equipment that was a bit of an overkill for a bunch of peaceable hackers. Dubbed by some as "Gravy SEALs," by the end of the show they were visibly warming up, and this hack saw several of them accepting stickers from attendees.

Once known for distributing hacking tools and shaming software companies into improving their security, a famed group of technology activists is now working to develop a system that will allow the creation of messaging and social networking apps that won't keep hold of users' personal data. From a report: The group, Cult of the Dead Cow, has developed a coding framework that can be used by app developers who are willing to embrace strong encryption and forsake revenue from advertising that is targeted to individuals based on detailed profiles gleaned from the data most apps now routinely collect. The team is building on the work of such free products as Signal, which offers strong encryption for text messages and voice calls, and Tor, which offers anonymous web surfing by routing traffic through a series of servers to disguise the location of the person conducting the search.

The latest effort, to be detailed at the massive annual Def Con hacking conference in Las Vegas next week, seeks to provide a foundation for messaging, file sharing and even social networking apps without harvesting any data, all secured by the kind of end-to-end encryption that makes interception hard even for governments. Called Veilid, and pronounced vay-lid, the code can be used by developers to build applications for mobile devices or the web. Those apps will pass fully encrypted content to one another using the Veilid protocol, its developers say. As with the file-sharing software BitTorrent, which distributes different pieces of the same content simultaneously, the network will get faster as more devices join and share the load, the developers say. In such decentralized "peer-to-peer" networks, users download data from each other instead of from a central machine.

In July 2015, the marital infidelity website AshleyMadison.com was hacked by a group called the Impact Team, threatening to release data on all 37 million users unless the site shut down. In an article published earlier today, security researcher Brian Krebs explores the possible involvement of a former employee and self-describe expert in search engine optimization (SEO), William Brewster Harrison, who had a history of harassment towards then-CEO Noel Biderman and may have had the technical skills to carry out the hack. However, Harrison committed suicide in 2014, raising doubts about his role in the breach. Here's an excerpt from the report: [...] Does Harrison's untimely death rule him out as a suspect, as his stepmom suggested? This remains an open question. In a parting email to Biderman in late 2012, Harrison signed his real name and said he was leaving, but not going away. "So good luck, I'm sure we'll talk again soon, but for now, I've got better things in the oven," Harrison wrote. "Just remember I outsmarted you last time and I will outsmart you and out maneuver you this time too, by keeping myself far far away from the action and just enjoying the sideline view, cheering for the opposition." Nothing in the leaked Biderman emails suggests that Ashley Madison did much to revamp the security of its computer systems in the wake of Harrison's departure and subsequent campaign of harassment -- apart from removing an administrator account of his a year after he'd already left the company.

KrebsOnSecurity found nothing in Harrison's extensive domain history suggesting he had any real malicious hacking skills. But given the clientele that typically employed his skills -- the adult entertainment industry -- it seems likely Harrison was at least conversant in the dark arts of "Black SEO," which involves using underhanded or else downright illegal methods to game search engine results. Armed with such experience, it would not have been difficult for Harrison to have worked out a way to maintain access to working administrator accounts at Ashley Madison. If that in fact did happen, it would have been trivial for him to sell or give those credentials to someone else. Or to something else. Like Nazi groups. As KrebsOnSecurity reported last year, in the six months leading up to the July 2015 hack, Ashley Madison and Biderman became a frequent subject of derision across multiple neo-Nazi websites.

Some readers have suggested that the data leaked by the Impact Team could have originally been stolen by Harrison. But that timeline does not add up given what we know about the hack. For one thing, the financial transaction records leaked from Ashley Madison show charges up until mid-2015. Also, the final message in the archive of Biderman's stolen emails was dated July 7, 2015 -- almost two weeks before the Impact Team would announce their hack. Whoever hacked Ashley Madison clearly wanted to disrupt the company as a business, and disgrace its CEO as the endgame. The Impact Team's intrusion struck just as Ashley Madison's parent was preparing go public with an initial public offering (IPO) for investors. Also, the hackers stated that while they stole all employee emails, they were only interested in leaking Biderman's. Also, the Impact Team had to know that ALM would never comply with their demands to dismantle Ashley Madison and Established Men. In 2014, ALM reported revenues of $115 million. There was little chance the company was going to shut down some of its biggest money machines. Hence, it appears the Impact Team's goal all along was to create prodigious amounts of drama and tension by announcing the hack of a major cheating website, and then let that drama play out over the next few months as millions of exposed Ashley Madison users freaked out and became the targets of extortion attacks and public shaming.

After the Impact Team released Biderman's email archives, several media outlets pounced on salacious exchanges in those messages as supposed proof he had carried on multiple affairs. Biderman resigned as CEO of Ashley Madison on Aug. 28, 2015. Complicating things further, it appears more than one malicious party may have gained access to Ashley's Madison's network in 2015 or possibly earlier. Cyber intelligence firm Intel 471 recorded a series of posts by a user with the handle "Brutium" on the Russian-language cybercrime forum Antichat between 2014 and 2016. Brutium routinely advertised the sale of large, hacked databases, and on Jan. 24, 2015, this user posted a thread offering to sell data on 32 million Ashley Madison users. However, there is no indication whether anyone purchased the information. Brutium's profile has since been removed from the Antichat forum. Note: This is Part II of a story published last week on reporting that went into a new Hulu documentary series on the 2015 Ashley Madison hack.

An anonymous reader quotes a report from Ars Technica: Researchers have uncovered malware designed to disrupt electric power transmission and may have been used by the Russian government in training exercises for creating or responding to cyberattacks on electric grids. Known as CosmicEnergy, the malware has capabilities that are comparable to those found in malware known as Industroyer and Industroyer2, both of which have been widely attributed by researchers to Sandworm, the name of one of the Kremlin's most skilled and cutthroat hacking groups.

Researchers from Mandiant, the security firm that found CosmicEnergy, wrote: "COSMICENERGY is the latest example of specialized OT malware capable of causing cyber physical impacts, which are rarely discovered or disclosed. What makes COSMICENERGY unique is that based on our analysis, a contractor may have developed it as a red teaming tool for simulated power disruption exercises hosted by Rostelecom-Solar, a Russian cyber security company. Analysis into the malware and its functionality reveals that its capabilities are comparable to those employed in previous incidents and malware, such as INDUSTROYER and INDUSTROYER.V2, which were both malware variants deployed in the past to impact electricity transmission and distribution via IEC-104. The discovery of COSMICENERGY illustrates that the barriers to entry for developing offensive OT capabilities are lowering as actors leverage knowledge from prior attacks to develop new malware. Given that threat actors use red team tools and public exploitation frameworks for targeted threat activity in the wild, we believe COSMICENERGY poses a plausible threat to affected electric grid assets. OT asset owners leveraging IEC-104 compliant devices should take action to preempt potential in the wild deployment of COSMICENERGY."

Right now, the link is circumstantial and mainly limited to a comment found in the code suggesting it works with software designed for training exercises sponsored by the Kremlin. Consistent with the theory that CosmicEnergy is used in so-called Red Team exercises that simulate hostile hacks, the malware lacks the ability to burrow into a network to obtain environment information that would be necessary to execute an attack. The malware includes hardcoded information object addresses typically associated with power line switches or circuit breakers, but those mappings would have to be customized for a specific attack since they differ from manufacturer to manufacturer. "For this reason, the particular actions intended by the actor are unclear without further knowledge about the targeted assets," Mandiant researchers wrote.

Activision has sent cease-and-desist letters to two makers of popular fan clients for legacy Call of Duty titles in recent weeks. From a report: The move cuts off access to the many gameplay and quality-of-life improvements brought by these clients and stops what fans say is the only safe way to play these older games without the threat of damaging hacking by opponents. The first victim of Activision's recent efforts was SM2, a major Modern Warfare 2 modding project whose development started over two years ago.

Since then, the modding group has been working on updating that seminal 2009 release with new weapons, in-game perks, a redesigned UI, new streak and progression systems, and even a recent move to a more modern game engine. Those efforts stopped last week, though, before the mod could even release its first version. The SM2 Twitter account reported that "a team member received a Cease & Desist letter on behalf of Activision Publishing in relation to the SM2 project. We are complying with this order and shutting down all operations permanently."

An anonymous reader quotes a report from TorrentFreak: Last year, a U.S. federal court handed a 40-month prison sentence to Gary Bowser. The Canadian pleaded guilty to being part of the Nintendo hacking group "Team Xecuter" and has now served his time. In part due to his good behavior, Bowser got an early release from federal prison. [...] In a recent video interview with Nick Moses, Bowser explains that he was released from federal prison on March 28th. He is currently in processing at the Northwest Detention Center in Tacoma, Washington, to prepare for his return to Canada.

What his life will look like in Canada remains uncertain. However, in federal prison, Bowser has shown that he doesn't shy away from putting in work and helping other people in need. Aside from his prison job, he spent several nightly hours on suicide watch. The prison job brought in some meager income, a large part of which went to pay for the outstanding restitution he has to pay, which is $14.5 million in total. Thus far, less than $200 has been paid off. "I've been making payments of $25 per month, which they've been taking from my income because I had a job in federal prison. So far I paid $175," Bowser tells Nick Moses.

If Bowser manages to find a stable source of income in Canada, Nintendo will get a chunk of that as well. As part of a consent judgment, he agreed to pay $10 million to Nintendo, which is the main restitution priority. "The agreement with them is that the maximum they can take is 25 to 30 percent of your gross monthly income. And I have up to six months before I have to start making payments," Bowser notes. At that rate, it is unlikely that Nintendo will ever see the full amount. Or put differently, Bowser will carry the financial consequences of his Team-Xecuter involvement for the rest of his life.

"Researchers have 'hacked' the earliest stages of photosynthesis," according to a new announcement from the University of Cambridge.

CNET reports: Scientists have studied photosynthesis in plants for centuries, but an international team believes they've unlocked new secrets in nature's great machine that could revolutionize sustainable fuels and fight climate change. The team says they've determined it's possible to extract an electrical charge at the best possible point in photosynthesis. This means harvesting the maximum amount of electrons from the process for potential use in power grids and some types of batteries. It could also improve the development of biofuels. While it's still early days, the findings, reported in the journal Nature, could reduce greenhouse gasses in the atmosphere and provide insights to improve photovoltaic solar panels.

The key breakthrough came when researchers observed the process of photosynthesis at ultrafast timescales. "We can take photos at different times which allow us to watch changes in the sample really, really quickly — a million billion times faster than your iPhone," Dr. Tomi Baikie, from the University of Cambridge's Cavendish Laboratory, told CNET....

Previous demonstrations connected cyanobacteria, algae and other plants to electrodes to create so-called bio-photoelectrochemical cells that tap into the photosynthetic process to generate electricity. Baikie said they were surprised to discover a previously unknown pathway of energy flow at the beginning of the process that could enable extracting the charge in a more efficient way.

A U.S. and Greek national who worked on Meta's security and trust team while based in Greece was placed under a yearlong wiretap by the Greek national intelligence service and hacked with a powerful cyberespionage tool, according to documents obtained by The New York Times and officials with knowledge of the case. From the report: The disclosure is the first known case of an American citizen being targeted in a European Union country by the advanced snooping technology, the use of which has been the subject of a widening scandal in Greece. It demonstrates that the illicit use of spyware is spreading beyond use by authoritarian governments against opposition figures and journalists, and has begun to creep into European democracies, even ensnaring a foreign national working for a major global corporation.

The simultaneous tapping of the target's phone by the national intelligence service and the way she was hacked indicate that the spy service and whoever implanted the spyware, known as Predator, were working hand in hand. The latest case comes as elections approach in Greece, which has been rocked by a mounting wiretapping and illegal spyware scandal since last year, raising accusations that the government has abused the powers of its spy agency for illicit purposes. The Predator spyware that infected the device is marketed by an Athens-based company and has been exported from Greece with the government's blessing, in possible breach of European Union laws that consider such products potential weapons, The New York Times found in December. The Greek government has denied using Predator and has legislated against the use of spyware, which it has called "illegal."

Slashdot reader sleeping cat shares a recent FOSDEM talk by a compiler engineer on the team building Rust-GCC, "an alternative compiler implementation for the Rust programming language."

"If gccrs interprets a program differently from rustc, this is considered a bug," explains the project's FAQ on GitHub.

The FAQ also notes that LLVM's set of compiler technologies — which Rust uses — "is missing some backends that GCC supports, so a gccrs implementation can fill in the gaps for use in embedded development." But the FAQ also highlights another potential benefit: With the recent announcement of Rust being allowed into the Linux Kernel codebase, an interesting security implication has been highlighted by Open Source Security, inc. When code is compiled and uses Link Time Optimization (LTO), GCC emits GIMPLE [an intermediate representation] directly into a section of each object file, and LLVM does something similar with its own bytecode. If mixing rustc-compiled code and GCC-built code in the Linux kernel, the compilers will be unable to perform a full link-time optimization pass over all of the compiled code, leading to absent CFI (control flow integrity).

If Rust is available in the GNU toolchain, releases can be built on the Linux kernel (for example) with CFI using LLVM or GCC.
Started in 2014 (and revived in 2019), "The effort has been ongoing since 2020...and we've done a lot of effort and a lot of progress," compiler engineer Arthur Cohen says in the talk. "We have upstreamed the first version of gccrs within GCC. So next time when you install GCC 13 — you'll have gccrs in it. You can use it, you can start hacking on it, you can please report issues when it inevitably crashes and dies horribly."

"One big thing we're doing is some work towards running the rustc test suite. Because we want gccrs to be an actual Rust compiler and not a toy project or something that compiles a language that looks like Rust but isn't Rust, we're trying really hard to get that test suite working."

Read on for some notes from the talk...

An anonymous reader quotes a report from Techdirt: "In an enormous breakthrough for those seeking transparency and accountability to the shadowy surveillance industry, the Swiss Government has been forced to publish the list of export licenses for surveillance technologies and other equipment, including details of their cost and destination," [reports The Unwanted Witness.] "The decision by the Federal Information and Data Protection Commissioner comes on the heels of consistent pressure from Privacy International, Swiss journalists, and several Members of Parliament on policymakers, government officials, and companies in Switzerland over the past year and a half. The commissioner's decision was the result of a FOI challenge filed against the State Secretariat for Economic Affairs (SECO) for its refusal to reveal information regarding the destination of the pending exports for surveillance technologies."

The beneficiary of this release by SECO is, of course, everyone who's interested in government accountability and transparency, especially when it involves an area of government work that tends to shrouded in often impenetrable secrecy. The most direct beneficiary -- Swiss news agency Tagblatt -- has plenty to say about the release of this information, including how much SECO simply did not want to reveal the countries Swiss surveillance tech providers sell to. (The following was translated by Google Translate, so apologies for the clunky English.) The Seco does not act entirely voluntarily: Our newspaper only received the list after it requested access to the administration in 2013 based on the principle of transparency. At the end of 2014, the federal data protection officer recommended granting access, although Seco wanted to refuse this. [The Data Protection Commissioner] picks [Seco's] arguments to pieces. It didn't even provide a minimal justification. But that's not all: Seco was unable to prove why the announcement of the recipients was affecting Switzerland's foreign policy relations.

The technology these countries acquired from Swiss tech purveyors are IMSI catchers -- cell tower spoofers capable of forcing all phones in the area to connect to it so investigators can locate sought devices or (if enabled) intercept communications. Twenty-one export licenses were issued in 2014, with the list encompassing a long list of human rights abusers. [...] The approved list for full licenses doesn't exactly suggest a whole lot of discretion from Swiss IMSI manufacturers. Nor does it say much about SECO, which allowed these sales (and demonstrations) to happen. The list of denied license applications (which includes Russia, Yemen, and Turkmenistan) suggests some restraint by SECO. But the fact that Swiss spy tech makers requested the licenses shows they are just as willing to sell to terrible governments as other surveillance tech purveyors who've made international headlines repeatedly. (Yes, we're talking about Israel's NSO Group. And, to a lesser extent, Italy's Hacking Team.) "And it's not just IMSI catchers," says Techdirt's Tim Cushing. "Plenty of human rights violators were on the list of potential customers for internet surveillance tech sold by Swiss companies. That those violators were unable to access this tech is largely due to the Snowden leaks, which forced a lot of countries to look more closely at their own spying efforts and surveillance contractors."

"That's a pretty nasty group of customers to want to sell to. And that the companies appear to have been deterred by a series of leaks suggests they were more motivated by potential backlash from the Snowden revelations, rather than any sense of responsibility or propriety."

In closing, Cushing writes: "You don't have to sell to the worst governments in the world. But, like far too many other surveillance tech purveyors, Swiss companies seemed more than willing to sell powerful spy tech to governments they knew with certainty would abuse it."

New submitter CrankyOldGuy writes: Chinese hackers have stolen tens of millions of dollars worth of U.S. COVID relief benefits since 2020, the Secret Service said on Monday. The Secret Service declined to provide any additional details but confirmed a report by NBC News that said the Chinese hacking team that is reportedly responsible is known within the security research community as APT41 or Winnti. APT41 is a prolific cybercriminal group that had conducted a mix of government-backed cyber intrusions and financially motivated data breaches, according to experts.

Several members of the hacking group were indicted in 2019 and 2020 by the U.S. Justice Department for spying on over 100 companies, including software development companies, telecommunications providers, social media firms, and video game developers. "Regrettably, the Chinese Communist Party has chosen a different path of making China safe for cybercriminals so long as they attack computers outside China and steal intellectual property helpful to China," former Deputy Attorney General Jeffrey Rosen said at the time.

An anonymous reader quotes a report from The Register: Modified off-the-shelf drones have been found carrying wireless network-intrusion kit in a very unlikely place. Greg Linares, a security researcher, recently recounted an incident that he said occurred over the summer at a US East Coast financial firm focused on private investment. He told The Register that he was not involved directly with the investigation but interacted with those involved as part of his work in the finance sector. In a Twitter thread, Linares said the hacking incident was discovered when the financial firm spotted unusual activity on its internal Atlassian Confluence page that originated from within the company's network.

The company's security team responded and found that the user whose MAC address was used to gain partial access to the company Wi-Fi network was also logged in at home several miles away. That is to say, the user was active off-site but someone within Wi-Fi range of the building was trying to wirelessly use that user's MAC address, which is a red flag. The team then took steps to trace the Wi-Fi signal and used a Fluke system to identify the Wi-Fi device. "This led the team to the roof, where a 'modified DJI Matrice 600' and a 'modified DJI Phantom' series were discovered," Linares explained. The Phantom drone was in fine condition and had a modified Wi-Fi Pineapple device, used for network penetration testing, according to Linares. The Matrice drone was carrying a case that contained a Raspberry Pi, several batteries, a GPD mini laptop, a 4G modem, and another Wi-Fi device. It had landed near the building's heating and ventilation system and appeared to be damaged but still operable. "During their investigation, they determined that the DJI Phantom drone had originally been used a few days prior to intercept a worker's credentials and Wi-Fi," Linares said. "This data was later hard coded into the tools that were deployed with the Matrice."

According to Linares, the tools on the drones were used to target the company's internal Confluence page in order to reach other internal devices using the credentials stored there. The attack, he said, had limited success and is the third cyberattack involving a drone he's seen over the past two years. "The attackers specifically targeted a limited access network, used by both a third-party and internally, that was not secure due to recent changes at the company (e.g. restructuring/rebranding, new building, new building lease, new network setup or a combination of any of these scenarios)," Linares told The Register. "This is the reason why this temporary network unfortunately had limited access in order to login (credentials + MAC security). The attackers were using the attack in order to access an internal IT confluence server that contained other credentials for accessing other resources and storing IT procedures." [...] While the identity of the attacker has not been disclosed, Linares believes those responsible did their homework. "This was definitely a threat actor who likely did internal reconnaissance for several weeks, had physical proximity to the target environment, had a proper budget and knew their physical security limitations," he said.