The U.S. Department of the Treasury's OFAC has sanctioned Yin Kecheng and Sichuan Juxinhe Network Technology Co. for their roles in a recent Treasury breach and espionage operations targeting U.S. telecommunications. BleepingComputer reports: "Yin Kecheng has been a cyber actor for over a decade and is affiliated with the People's Republic of China Ministry of State Security (MSS)," reads the Treasury's announcement. "Yin Kecheng was associated with the recent compromise of the Department of the Treasury's Departmental Offices network," says the agency.

OFAC also announced sanctions against Sichuan Juxinhe Network Technology Co., a Chinese cybersecurity firm believed to be directly involved with the Salt Typhoon state hacker group. Salt Typhoon was recently linked to several breaches on major U.S. telecommunications and internet service providers to spy on confidential communications of high-profile targets. "Sichuan Juxinhe Network Technology Co., LTD. (Sichuan Juxinhe) had direct involvement in the exploitation of these U.S. telecommunication and internet service provider companies," the U.S. Treasury explains, adding that "the MSS has maintained strong ties with multiple computer network exploitation companies, including Sichuan Juxinhe." [...]

The sanctions imposed on Kecheng and the Chinese cybersecurity firm under Executive Order (E.O.) 13694 block all property and financial assets located in the United States or are in the possession of U.S. entities, including banks, businesses, and individuals. Additionally, U.S. entities are prohibited from conducting any transactions with the sanctioned entities without OFAC's explicit authorization. It's worth noting that these sanctions come after OFAC sanctioned Beijing-based cybersecurity company Integrity Tech for its involvement in cyberattacks attributed to the Chinese state-sponsored Flax Typhoon hacking group. U.S. Treasury's announcement reiterates that the U.S. Department of State offers, through its Rewards for Justice program, up to $10,000,000 for information leading to uncovering the identity of hackers who have targeted the U.S. government or critical infrastructure in the country.

An anonymous reader quotes a report from the New York Times: A Russian organization linked to the Kremlin's covert influence campaigns posted more than 8,000 political advertisements on Facebook despite European and American restrictions barring companies from doing business with the organization, according to three organizations that track disinformation online. The Russian group, the Social Design Agency, evaded lax enforcement by Facebook to place an estimated $338,000 worth of ads aimed at European users over a period of 15 months that ended in October, even though the platform itself highlighted the threat, the three organizations said in a report released on Friday.

The Social Design Agency has faced punitive sanctions in the European Union since 2023 and in the United States since April for spreading propaganda and disinformation to unsuspecting users on social media. The ad campaigns on Facebook raise "critical questions about the platform's compliance" with American and European laws, the report said. [...] The Social Design Agency is a public relations company in Moscow that, according to American and European officials, operates a sophisticated influence operation known as Doppelganger. Since 2022, Doppelganger has created cartoon memes and online clones of real news sites, like Le Monde and The Washington Post, to spread propaganda and disinformation, often about the war in Ukraine.

[...] The organizations documenting the campaign -- Check First, a Finnish research company, along with Reset.Tech in London and AI Forensics in Paris -- focused on efforts to sway Facebook users in France, Germany, Poland and Italy. Doppelganger has been also linked to influence operations in the United States, Israel and other countries, but those are not included in the report's findings. [...] The researchers estimated that the ads resulted in more than 123,000 clicks by users and netted Meta at least $338,000 in the European Union alone. The researchers acknowledged that the figures provide only one, incomplete example of the Russian agency's efforts. In addition to propagating Russia's views on Ukraine, the agency posted ads in response to major news events, including theHamas attack on Israel on Oct. 7, 2023, and a terrorist attack in a Moscow suburb last March that killed 145 people. The ads would often appear within 48 hours, trying to shape public perceptions of events. After the Oct. 7 attacks, the ads pushed false claims that Ukraine sold weapons to Hamas. The ads reached more than 237,000 accounts over two to three days, "underscoring the operation's capacity to weaponize current events in support of geopolitical narratives," the researcher's report said.

Microsoft's $13 billion investment in OpenAI raises concerns that the tech giant could extend its dominance in cloud computing into the nascent AI market, the Federal Trade Commission said in a report released Friday. From a report: The commission said Microsoft's deal with OpenAI, as well as Amazon and Google's partnerships with AI company Anthropic, raise the risk that AI developers could be "fully acquired" by the tech giants in the future.

"The FTC's report sheds light on how partnerships by big tech firms can create lock-in, deprive start-ups of key AI inputs, and reveal sensitive information that can undermine fair competition," FTC Chair Lina Khan said in a statement. The FTC has the power to open market studies to glean more information about industry trends. The findings can be used to inform future actions. It's unclear what the agency's new leadership under the Trump administration will do with the report.

An anonymous reader shares a report: FBI leaders have warned that they believe hackers who broke into AT&T's system last year stole months of their agents' call and text logs, setting off a race within the bureau to protect the identities of confidential informants, a document reviewed by Bloomberg News shows.

FBI officials told agents across the country that details about their use on the telecom carrier's network were believed to be among the billions of records stolen, according to the document and interviews with a current and a former law enforcement official. They asked not to be named to discuss sensitive information. Data from all FBI devices under the bureau's AT&T service for public safety agencies were presumed taken, the document shows.

The cache of hacked AT&T records didn't reveal the substance of communications but, according to the document, could link investigators to their secret sources. The data was believed to include agents' mobile phone numbers and the numbers with which they called and texted, the document shows. Records for calls and texts that weren't on the AT&T network, such as through encrypted messaging apps, weren't part of the stolen data.

Sony's PlayStation has canceled previously unannounced games at two of its top subsidiaries, the company said. From a report: The games, at Oregon-based Bend Studio and Texas-based Bluepoint Games, were both "live service" projects designed to draw recurring revenue from players. A company spokesperson confirmed the cancellations.

In a statement, the spokesperson said the two games were canceled "following a recent review" and that PlayStation will continue making both online and single-player games. Neither studio will be shuttered. "Bend and Bluepoint are highly accomplished teams who are valued members of the PlayStation Studios family, and we are working closely with each studio to determine what are the next projects," the spokesperson said.

Microsoft began mandatory rollouts of the Windows 11 2024 Update (24H2) for eligible devices running Home and Pro editions, the company announced on its Windows 11 issues page. The update, which Microsoft describes as a "full code swap," requires longer installation times, with users reporting processes exceeding an hour.

While users can briefly postpone the installation, the company is now pushing updates to mainstream users not managed by IT departments. The 24H2 update introduces USB4's 80Gbps support, Bluetooth LE Audio for hearing aids, and enhanced Energy Saver controls.

George Zhao, the chief executive of Chinese smartphone firm Honor, has resigned from his position due to personal reasons, the company said on Friday. CNBC: "The company and the Board of Directors sincerely appreciate Mr Zhao's outstanding contributions to the company during his tenure," Honor said in a statement.

Jian Li, who's been at Honor for four years in various senior management positions, will succeed Zhao as CEO. In an internal memo posted by Chinese media and confirmed as accurate by an Honor spokesperson, Zhao said he was stepping down due to health reasons and planned to rest, recover and spend more time with his family.

[...] Honor's market share in China has risen from 9.8% in 2020 to over 15% in 2024, according to Counterpoint Research. Outside of China, Honor's market share hit 2.3% in 2024, compared to under 1% in 2020.

Google says it has begun requiring users to turn on JavaScript, the widely-used programming language to make web pages interactive, in order to use Google Search. From a report: In an email to TechCrunch, a company spokesperson claimed that the change is intended to "better protect" Google Search against malicious activity, such as bots and spam, and to improve the overall Google Search experience for users. The spokesperson noted that, without JavaScript, many Google Search features won't work properly, and that the quality of search results tends to be degraded.

Microsoft researchers who tested more than 100 of the company's AI products concluded that AI systems can never be made fully secure, according to a new pre-print paper. The 26-author study, which included Azure CTO Mark Russinovich, found that large language models amplify existing security risks and create new vulnerabilities. While defensive measures can increase the cost of attacks, the researchers warned that AI systems will remain vulnerable to threats ranging from gradient-based attacks to simpler techniques like interface manipulation for phishing.

Compliance software firms are deploying AI to decode complex trader communications and detect potential financial crimes as Wall Street and London regulators intensify scrutiny of market manipulation.

Companies like Behavox and Global Relay are developing AI tools that can interpret trader slang, emoji-laden messages and even coded language that traditional detection systems might miss, WSJ reports. The technology aims to replace older methods that relied on scanning for specific trigger words, which traders could easily evade. The story adds: Traders believed that "if somebody wanted to say something sketchy, they would just make up a funny word or, you know, spell it backward or something," [Donald] McElligott (VP of Global Relay) said. "Now, none of that"s going to work anymore."

Canon is requiring users to pay a monthly subscription fee to fully use their cameras as webcams on computers. The company's new EOS Webcam Utility software restricts features like HD resolution, brightness adjustments and color correction unless users pay $4.99 monthly or $49.99 annually.

An anonymous reader shares a report: The Supreme Court on Friday unanimously upheld the federal law banning TikTok beginning Sunday unless it's sold by its China-based parent company, holding that the risk to national security posed by its ties to China overcomes concerns about limiting speech by the app or its 170 million users in the United States.

A sale does not appear imminent and, although experts have said the app will not disappear from existing users' phones once the law takes effect on Jan. 19, new users won't be able to download it and updates won't be available. That will eventually render the app unworkable, the Justice Department has said in court filings.

Tech news and research site SemiAccurate is reporting that an unidentified company is seeking to acquire Intel in its entirety. The publication -- citing a confidential email that it reviewed and a subsequent confirmation from a second source -- said the prospective buyer has not publicly disclosed its interest but has sufficient resources to purchase Intel at current valuations (about $85 billion).

Scientists warn that the devastating fires that killed at least 24 people and destroyed more than 12,000 structures in Los Angeles represent a new type of urban firestorm, distinct from traditional wilderness blazes. In densely populated areas, buildings themselves become fuel, creating a chain reaction of destruction, researchers reported Friday in Nature.

The fires were intensified by steep terrain, powerful winds and a climate pattern of extreme wet-to-dry conditions that created abundant fuel. Researchers say such urban fires are likely to become more frequent as populations expand into wildland areas and climate change accelerates.