A new espionage actor is breaching corporate networks to steal emails from employees involved in big financial transactions like mergers and acquisitions. From a report: Mandiant researchers, which first discovered the advanced persistent threat (APT) group in December 2019 and now tracks it as "UNC3524," says that while the group's corporate targets hint at financial motivation, its longer-than-average dwell time in a victim's environment suggests an intelligence gathering mandate. In some cases, UNC3524 remained undetected in victims' environments for as long as 18 months, versus an average dwell time of 21 days in 2021.

Mandiant credits the group's success at achieving such a long dwell time to its unique approach to its use of a novel backdoor -- tracked as "QuietExit" -- on network appliances that do not support antivirus or endpoint detection, such as storage arrays, load balancers and wireless access point controllers. The QuietExit backdoor's command-and-control servers are part of a botnet built by compromising D-Link and LifeSize conference room camera systems, according to Mandiant, which said the compromised devices were likely breached due to the use of default credentials, rather than an exploit.

PayPal helped spur a formal antitrust complaint against Apple and its iPhone payments system by raising concerns with the European Commission, Bloomberg reported, citing people with knowledge of the matter. From the report: European regulators hit Apple with a so-called statement of objections on Monday, arguing that the iPhone maker abuses its control over mobile payments. The complaint centers on the company reserving the iPhone's tap-to-pay abilities for its own Apple Pay service, rather than letting rival payment platforms use the feature. PayPal, which has its own payment service, was one of multiple companies making informal complaints about the situation to the commission, said the people, who asked not to be identified because the discussions were private. PayPal offers a tap-to-pay option on Android phones and wants to be able to offer the same feature on Apple's iPhone.

Within a decade, 1 billion people will have used or tried crypto, up from about 200 million currently, Coinbase Global Chief Executive Officer Brian Armstrong said at the Milken Institute Global Conference on Monday. From a report: "My guess is that in 10-20 years, we'll see a substantial portion of GDP happening in the crypto economy," Armstrong said, speaking at a session with ARK Investment Management CEO Cathie Wood.

His comments come at a time of turbulence in crypto markets. After hitting an all-time high of almost $69,000 in November, Bitcoin has been falling in value. The world's biggest cryptocurrency is down about 17% since the beginning of the year. The chorus of skeptics' voices has gotten louder, but Armstrong and Wood, whose Ark is one of the biggest Coinbase investors, have shown a united front. Wood is seeing promise in even decentralized finance, a lightly regulated corner of crypto where people can trade, lend and borrow tokens directly, without intermediaries like banks.

According to The Wall Street Journal, a digital advertising network was selling precise movements of millions of users of the gay-dating app Grindr. The locations were available for purchase since "at least 2017," according to the report. Gizmodo reports: According to the Journal's sources, one of the company's old ad partners, MoPub (which was sold off by Twitter earlier this year), was freely passing off location data from the tens of thousands of apps that use place-based information to monetize. At one time, this included Grindr. Once in MoPub's hands, the Journal alleges that this data was sold off, in bulk, to other partners, like Near (formerly known as UM, and formerly formerly known as UberMedia). And Near offered up that data to just about anyone. Because data privacy laws in the U.S. are vague and chaotic where they exist at all, Near can pawn off data from its upstream partners out in the open. You, dear reader, could buy it yourself.

"Grindr has shared less information with ad partners than any of the big tech platforms and most of our competitors, restricting the information we share to IP address, advertising ID, and the basic information necessary to support ad delivery," Grindr spokesperson Patrick Lenihan noted in a public statement. With all respect to Lenihan, that bar is extremely low. So-called "anonymous" data points like an ad ID or IP address can easily be tied back to a specific device, and the person who owns that device. By using "anonymous" data like this, advertisers can accurately surmise your workout routine, your favorite tunes, your immigration status and much, much more. "[A]bout one year ago, reports emerged that location data gleaned from the app was used to out a Catholic priest," adds Gizmodo. "The priest resigned, and Catholic news writers wrung their hands over the ill-gotten data source."

"[T]he data used to out the priest was anonymized, legally speaking, but the middlemen were able to tie the Grindr-using device to a certain Grindr-using priest because the device was seen frequenting the priest's residence and lake house."

schwit1 shares a report from Space.com: We'll have to wait at least another month to see the results of the U.S Federal Aviation Administration's (FAA) environmental review of SpaceX's Starship program. The FAA has been working for months on that review -- officially known as a programmatic environmental assessment (PEA) -- which is assessing the environmental impacts of Starbase, the South Texas site where SpaceX has been building and testing its huge Starship vehicle. The agency published a draft PEA in September and estimated that the final version would be wrapped up by the end of the year. But the FAA has repeatedly delayed the final PEA, generally by a month at a time, citing the need to analyze the public comments submitted in response to the draft report and discuss next steps with other government agencies. "The FAA plans to release the Final PEA on May 31, 2022. The FAA is finalizing the review of the Final PEA, including responding to comments and ensuring consistency with SpaceX's licensing application," FAA officials wrote in an update. "The FAA is also completing consultation and confirming mitigations for the proposed SpaceX operations. All consultations must be complete before the FAA can issue the Final PEA."

Scientists working on NASA's James Webb Telescope have reached an important milestone, completely aligning the space observatory's massive mirrors. New Atlas reports: The achievement means the team can now move ahead with configuring the onboard instruments and prepare them to begin capturing sharp and in-focus images of the cosmos. Back in January, the James Webb Space Telescope (JWST) finished deploying its set of 18 mirrors, which it will use to direct light from cosmic objects onto its instruments to capture images. But to do so, the mirrors had to be precisely aligned over a three-month period in order to focus that light correctly. In March, the mirrors were brought into alignment with the telescope's primary imaging instrument, the Near-Infrared Camera, enabling it to focus and snap a crystal-clear image of a bright star. The team then continued aligning the mirrors with the JWST's remaining instruments, the Near-Infrared Spectrograph, Mid-Infrared Instrument, and Near Infrared Imager and Slitless Spectrograph -- a task that is now complete.

The team confirmed the mirrors were aligned and directing light onto the JWST's four instruments by capturing a set of test images covering the telescope's full-field of view [...]. The scientists say the optical performance of the telescope continues to exceed even their most optimistic expectations. With the mirrors now in position (save for some slight periodic adjustments here and there), the scientists are now turning their attention to commissioning of the science instruments. The unique lenses, masks, filters and other gear that make these highly sophisticated instruments tick will need to be precisely configured over the next two months, to ready the telescope for the start of its science operations in the middle of the year.

An anonymous reader quotes a report from The Verge: Russian troops stole almost $5 million worth of farm equipment from a John Deere dealer in the occupied city of Melitopol, Ukraine, only to discover that the machines have been shut down remotely, making them inoperable, according to a report from CNN. Some of the equipment, which comes with a remote locking feature and a built-in GPS, was tracked over 700 miles away in the Zakhan Yurt village of Chechnya.

A source close to the situation told CNN that Russian troops gradually began taking machinery away from the dealer following their occupation of Melitopol in March. It reportedly started with two combine harvesters worth $300,000 each, a tractor, and a seeder, until troops hauled away all 27 pieces of equipment. Some of the equipment went to Chechnya, while others reportedly landed in a nearby village. "When the invaders drove the stolen harvesters to Chechnya, they realized that they could not even turn them on, because the harvesters were locked remotely," CNN's source told the outlet. Although the pieces of equipment were remotely disabled, CNN's source says that Russian troops may be trying to find a way around the block, as they're in contact with "consultants in Russia who are trying to bypass the protection."

The Biden administration plans to begin a $3.1 billion effort on Monday to spur the domestic production of advanced batteries, which are essential to its plan to speed the adoption of electric vehicles and renewable energy. The New York Times reports: President Biden has prodded automakers to churn out electric vehicles and utilities to switch to solar, wind and other clean energy, saying the transitions are critical to eliminating the pollution that is dangerously heating the planet. In the wake of surging energy prices caused largely by Russia's invasion of Ukraine, administration officials also have described the transition to clean energy as a way to insulate consumers from the fluctuation of global oil markets and achieve true energy independence. Jennifer Granholm, the energy secretary, last week called renewable energy "the greatest peace plan this world will ever know." Yet currently, lithium, cobalt and other minerals needed for electric car batteries and energy storage are processed primarily in Asia. China alone controls nearly 80 percent of the world's processing and refining of those critical minerals.

Ms. Granholm plans to announce the funding plan on Monday during a visit to Detroit, a senior administration official said. The $3.1 billion in grants, along with a separate $60 million program for battery recycling, is an effort to "reduce our reliance on competing nations like China that have an advantage over the global supply chain," according to a Department of Energy statement. The funding is aimed at companies that can create new, retrofitted or expanded processing facilities as well as battery recycling programs, officials with the Department of Energy said. The grants will be funded through the $1 trillion infrastructure law, which includes more than $7 billion to improve the domestic battery supply chain.

Venkat Srinivasan, director of the Argonne Collaborative Center for Energy Storage Science at Argonne National Laboratory, told the panel that the United States "can become a dominant force in energy storage technology" and has a "once-in-a-lifetime opportunity to seize the moment." Between electric vehicles and grid storage, the market for lithium-ion batteries in the United States is expected to increase by a factor of 20 to 30 in the next decade but a secure domestic supply chain is needed, Dr. Srinivasan said. The Biden administration wants half of all new vehicles sold in the United States to be electric by 2030. The president also has issued procurement guidelines to transform the 600,000-vehicle federal fleet, so that all new cars and trucks purchased by the federal government by 2035 are zero-emission.

Alphabet's Google will provide any U.S. business over $100,000 worth of online courses in data analytics, design and other tech skills for their workers free of charge, the search company said on Monday. Reuters reports: The offer marks a big expansion of Google's Career Certificates, a program the company launched in 2018 to help people globally boost their resumes by learning new tools at their own pace. Over 70,000 people in the United States and 205,000 globally have earned at least one certificate, and 75% receive a benefit such as a new job or higher pay within six months, according to Google.

The courses, designed by Google and sold through online education service Coursera, each typically cost students about $39 a month and take three to six months to finish. Google will now cover costs for up to 500 workers at any U.S. business, and it valued the grants at $100,000 because people usually take up to six months to finish. Lisa Gevelber, founder of Grow with Google, the company unit overseeing certificates, said course completion rates are higher when people pay out of pocket but that the new offer was still worthwhile if it could help some businesses gain digital savvy. Certificates also are available in IT support, project management, e-commerce and digital marketing. They cover popular software in each of the fields, including Google advertising services.

Staff at a top London law firm have been told they can work from home permanently â" but they will have to take a 20% pay cut. The Guardian reports: Managing partners at Stephenson Harwood are offering lawyers and other staff the option as City firms try to move beyond solely office-based working in a post-pandemic cultural shift to flexible and remote models. Junior lawyers at the company have starting salaries of 90,000 pounds, meaning anyone taking up the officer would lose about 18,000 pounds. Stephenson Harwood, one of the top 50 highest earning legal firms in the UK and with its headquarters in London, employs more than 1,100 people and has offices in Paris, Greece, Hong Kong, Singapore and South Korea. A spokesperson for the firm told the Times that the new working policy would apply to staff at its London office and most of the company's international offices. Partners will not be eligible, though. Full equity partners receive an average of 685,000 pounds annually.

The new salary sacrifice for full remote working policy is being introduced after the company's experience of recruiting lawyers during the coronavirus pandemic who were not based in London, where living costs tend to be higher. However, the company said it expected only a few staff to take up the full-time work from home option because "for the vast majority of our people, our hybrid working policy works well." Staff already have the option of working remotely for two days a week. "Like so many firms, we see value in being in the office together regularly, while also being able to offer our people flexibility," the spokesman said.

An anonymous reader quotes a report from Reuters: Spanish authorities have detected "Pegasus" spyware in the mobile phones of Prime Minister Pedro Sanchez and Defense Minister Margarita Robles, the government minister for the presidency, Felix Bolanos, said on Monday. Bolanos told a news conference Sanchez's phone was infected in May 2021 and at least one data leak occurred then. He did not say who could have been spying on the premier or whether foreign or Spanish groups were suspected of being behind it.

"The interventions were illicit and external. External means carried out by non-official bodies and without state authorization," he said, adding that the infections had been reported to the justice ministry, and the High Court would be in charge of the case. [...] The European Union's data watchdog has called for a ban on Pegasus over allegations it has been abused by client governments to spy on rights activists, journalists and politicians.

After nearly three years of preparation, small satellite launch company Rocket Lab has successfully caught one of its rockets in mid-air today, after launching the vehicle to space from New Zealand. The Verge reports: But by catching and reusing its rockets after flight, Rocket Lab hopes to cut down on the manufacturing cost associated with building an entirely new rocket for each of its missions. The goal is similar to that of SpaceX, which has become famous for landing and reusing its rockets post-flight. Rocket Lab also claims that recovering and reusing its rockets could also help speed up its flight cadence. "By bringing one back, it just saves a tremendous amount of time where you don't have to build a whole new rocket from scratch," Peter Beck, CEO of Rocket Lab, tells The Verge. "So we'll obviously see some good cost savings, but I think the most important thing for us right now is just getting the vehicles back into the production line."

When Electron launches to space, computers on board the vehicle guide the booster back through Earth's atmosphere, maneuvering it in just the right way so that it stays intact during the fall to the ground. Once the rocket reaches an altitude of about 8.3 miles up, it deploys a drogue parachute to slow its fall, followed by a main parachute. As the rocket leisurely floats down toward the ocean, that's when the helicopter will arrive and attempt to capture the line of the parachute with a dangling hook, avoiding a splashdown in salty seawater. UPDATE 4:08PM PST: Rocket Lab confirmed the helicopter catch. The summary and headline have been updated to reflect the successful mission.

You can view the livestream of the launch here.

Hmmmmmm shares a report from Ars Technica: On Monday, Japanese game publisher Square Enix confirmed that it was selling all three of its Western video game studios, along with many significant game series and intellectual property attached to those studios, to the European game publisher Embracer. The sale includes game studios Crystal Dynamics, Eidos Montreal, and Square Enix Montreal. All three had previously been wholly owned by Square Enix, and Embracer will acquire their entire staffs, combined at roughly 1,100 people, along with popular IP such as Tomb Raider, Deus Ex, and Legacy of Kain, and a game-publishing catalog of "over 50 games," for $300 million.

Not all of the deal's IP has been confirmed thus far, however, and an announcement from Square Enix indicates that its Western operations "will continue to publish franchises such as Just Cause, Outriders, and Life Is Strange." This suggests that Square Enix will retain some of its Western-specific IP and that its future collaborations with Western game makers will come via publishing deals with outside developers. The report notes that Embracer "will likely also claim the rights to Tomb Raider's legacy as a Hollywood film series."

They also confirmed that "development has already begun on 'the next mainline Tomb Raider game,' complete with 'next-generation storytelling and gameplay experiences,' while several other 'AAA' projects were teased as being in development by the combined studios." Furthermore, Eidos Montreal confirmed that its next major game would be set in the world of Deus Ex.

An anonymous reader quotes a report from Engadget: Facebook's podcast offerings are vanishing just a year after they launched. Parent company Meta has confirmed to Bloomberg that it will wind down podcasting, Soundbites and its general audio hub. It will no longer let podcasters add shows to Facebook as of this week, and will remove them entirely on June 3rd. The hub and Soundbites will close sometime in the "coming weeks," while Live Audio Rooms will fold into Facebook Live. A Meta spokesperson characterized the move as a matter of concentration. The move will help Meta "focus on the most meaningful experiences," according to the representative.

Several readers have shared this report: One foggy night in December 2018, David Hill was trying to land a helicopter when a beam of light suddenly overwhelmed his night vision goggles. Mr. Hill, an emergency services pilot, had been called to airlift a teenager who had been badly injured in an all-terrain vehicle crash from a village 35 miles north of Madison, Wis. But now, Mr. Hill was temporarily blinded. Flying about 500 feet above the ground, he tried to get his bearings. It was "like looking into the sun, and all I can see are bright spots," he recalled. A person had pointed a laser at his helicopter. From 2010 to 2021, close to 70,000 pilots reported similar episodes, according to the Federal Aviation Administration. Last year it recorded more than 9,700 cases, a record high, and a 41 percent increase from 2020. When a laser pointer reaches a cockpit, the light can disorient or "completely incapacitate" a pilot, who on a commercial airplane could be responsible for hundreds of passengers, the F.A.A. said. Some commercial flight paths have been disrupted, causing pilots to change course or even turn around. "What you might see as a toy has the capacity to momentarily blind the crew member," Billy Nolen, the acting administrator of the F.A.A., said. Though no plane has ever been reported to have crashed as a result of a laser strike, Mr. Nolen said in a phone interview that there was always a risk of a "tragic outcome." He added, "This is not an arcade game."