Wall Street professionals tell everyday investors what stocks to buy. But now they have to follow some of these amateurs for signs of where the market is headed next. From a report: Venerable institutions Goldman Sachs Group and Morgan Stanley are tracking the retail trading frenzy, and hedge funds in New York and London have employees combing through the internet forum of Reddit, Twitter or chat startup Discord in search of trading opportunities. They turned to these sources following a period of market mayhem dominated by amateurs on Reddit's WallStreetBets and the Robinhood Markets Inc. trading app who collectively boosted the shares of GameStop Corp. and other companies that had fallen out of Wall Street's favor.

"It's more art than science because it's uncharted territory," said Simeon Siegel, a BMO Capital Markets analyst who has spent his career covering retail companies. One analyst who turned to WallStreetBets this year for insight was Priyesh Mehta, 26, who advises Cayman Islands-based hedge fund Bovell Global Macro Fund. He said he never considered that a group of traders could band together on online forums with the aim of jolting prices, but as GameStop's shares rose in January he downloaded the Reddit app on his phone, made an account and joined the forum.

For the next few weeks, he spent hours on the platform, familiarizing himself with its design. Mr. Mehta quickly learned that the place to pay attention to was the daily thread of people's trades. He began to recognize names of accounts that posted frequently, an indication that those users may have more sway with the group. Mr. Mehta still monitors the forum and warns Bovell's fund manager of highly mentioned stocks that could see volatility. He is also looking for potential stocks that the firm could bet against. "I never thought that retail traders would actually gain this much power in the market," he said.

"In 2016, the International Renewable Energy Agency estimated that as much as 78 million tons of solar-panel waste will be generated by 2050," writes a Bloomberg columnist, adding that that's "almost certainly an undercount..." So what will happen to all those used solar panels?

"Across the developing world, homeowners, farmers, and businesses are turning to cheap, secondhand solar to fill power gaps left by governments and utilities," reports Bloomberg. To meet that demand, businesses ranging from individual sellers on Facebook Marketplace to specialized brokerages are getting into the trade. Earlier this month, Marubeni Corp., one of Japan's largest trading houses, announced that it's establishing a blockchain-based market for such panels. Collectively, these businesses will likely play a crucial role in bringing renewable energy to the world's emerging markets — and keeping high-tech waste out of the trash...

They may not be good enough for San Francisco homeowners and cutting-edge utilities, but they work perfectly well for anyone in a sunny climate in need of stable, off-grid power who doesn't want to pay full price. That's potentially a huge market. Between 2010 and 2019, the number of people living without electricity declined from 1.2 billion to 759 million worldwide. Some of that gap was closed by new power lines and other transmission facilities. But most of it was achieved by installing small solar systems designed to power a village, farm or even a single home. As of last year, 420 million people got their electricity from off-grid solar systems. By 2030, according to the World Bank, that number could nearly double.
A staffer at the used solar equipment exchange EnergyBin said they sometimes have 5 million pieces of photovoltaic equipment on their site.

And one broker estimated there were 10 million used solar panels on the global market, saying his own customers included Pakistani farmers pumping water for irrigation and Lebanese hoteliers seeking alternatives to an unreliable local grid.

The nation's six biggest names in the business (which Leichtman Research says accounts for about 95% of the market) collectively lost a little over 1.1 million customers during the three-month stretch ending in June, slowing down Q1's cord-cutting pace of more than 1.5 million, but continuing the bigger-picture cord-cutting cadence that's been a problem for the industry since 2014. Fool.com reports: AT&T led the way with its loss of 443,000 subscribers as its flagship platform DirecTV undergoes the major disruption of changing ownership hands, although the satellite-based service was bleeding customers well before the sale of DirecTV was even considered. No outfit gained subscribers, though, even including the better-established cable television brands like Comcast's Xfinity and Charter Communications' Spectrum. [...] Market research company eMarketer estimates the number of conventional cable customers in the U.S. will continue to slide at least through 2024 when the number of non-pay-TV households is likely to eclipse the number of pay-TV households.

As was noted, though, people aren't spending less time in front of their television sets. They're just watching in a different way. Streaming is quickly becoming the preferred way of consuming video. [...] Last quarter, streaming services of all ilks added on the order of 44.7 million active users/subscribers. Take that number with a grain of salt for a couple of reasons, the biggest of which is it's a worldwide number and not just a U.S. figure. The other reason to not read too much into this number is it requires multiple streaming services to fully replace a canceled cable package. Recent data from Parks Associates indicates around half the U.S. households that have cut the cord now pay for four or more streaming options. Still, in that the United States remains the key market for most of these streaming brands -- like Disney+, Discovery+, Pluto TV, and HBO Max -- it's difficult to not connect the clear demise of conventional cable television with popularization of streaming alternatives.

How the transparency collective DDoSecrets eclipsed Julian Assange. From a report: Whereas WikiLeaks cultivated an anti-imperialist mystique centered on the cultish figure of Assange, DDoSecrets professes something more modest: an unvarnished commitment to providing information useful to journalists and concerned citizens. As the DDoSecrets website puts it, data must fulfill two criteria: "Is it in the public interest?" and "Can a prima facie case be made for the veracity of its contents?" If it passes that test -- and the group, which now has approximately 10 members along with an advisory board and volunteer contributors, decides collectively that they can protect their sources -- then they publish the archive, sometimes as an easily downloadable torrent, other times through its slightly more difficult to reach onion site, which requires using the Tor browser. While many archives are published for a wide audience, others are withheld and only offered to journalists upon request; and in some cases, the organization will write about data it receives without publishing its contents.

At its best, the work of DDoSecrets reveals the limits of official transparency, of authorized government leaks and incrementalist beat reporting and FOIA requests that yield pages of useless redactions. Nowhere is this more visible than with BlueLeaks. "Reading the unredacted, hacked documents gives a very different picture than the selections you get from an open records officer," said Brendan McQuade, author of Pacifying the Homeland, a book about the modern surveillance state. Based on BlueLeaks information, he wrote articles that exposed police malfeasance and brought attention to a federal whistleblower suit against the Maine Information and Analysis Center, or MIAC. Maine's state house later voted to close the site (although the bill never cleared the Senate). To McQuade, and to the members of DDoSecrets, hacked data provides what official channels cannot: truth and the potential for accountability.

An anonymous reader quotes a report from MacRumors: Apple is planning to hold multiple events this fall, which will collectively include the launch of new iPhones, Apple Watches, updated AirPods, revamped iPad mini, and the redesigned MacBook Pros, according to respected Bloomberg journalist Mark Gurman. In his latest weekly Power On newsletter, Gurman says that much like last year, Apple will hold multiple events this coming fall, with the first likely being in September for the iPhone 13. Last year, due to the global health crisis and production constraints, the iPhone 12 lineup was not announced until October. The 2020 September event, rather than focusing on new iPhones, showcased new Apple Watches, iPads, and services.

This year, Apple is expected to return to its tradition of announcing its flagship yearly iPhone update in September, according to multiple reports. In today's newsletter, Gurman reiterated his reporting from earlier last week, setting expectations for the iPhone 13 to include updates to the camera focused towards professional users, more advanced displays, and a smaller notch. Alongside the new iPhones, Gurman, as previously reported, says that Apple can be expected to launch the third-generation AirPods featuring an updated design, an updated iPad mini with a larger display, thinner borders, and improved performance, as well as the Apple Watch Series 7 with flatter and improved displays, and performance.

As for the highly anticipated MacBook Pros featuring mini-LED displays, updated designs, and the M1X Apple silicon chip, Gurman says they will be available by the time the current 16-inch MacBook Pro, powered by Intel, will celebrate its second anniversary. The 16-inch MacBook Pro was last updated in November of 2019. The first event of the fall in September will likely include the new iPhones, Apple Watches, and AirPods, while the new iPads and possible updates to some of the company's services could be reserved for a second event, with the final event of the season being focused on Apple silicon Macs.

Cross-chain decentralized finance (DeFi) platform Poly Network was attacked on Tuesday, with the alleged hacker draining roughly $600 million in crypto. From a report: Poly Network, a protocol launched by the founder of Chinese blockchain project Neo, operates on the Binance Smart Chain, Ethereum and Polygon blockchains. Tuesday's attack struck each chain consecutively, with the Poly team identifying three addresses where stolen assets were transferred. At the time that Poly tweeted news of the attack, the three addresses collectively held more than $600 million in different cryptocurrencies, including USDC, wrapped bitcoin (WBTC), wrapped ether (WETH) and shiba inu (SHIB), blockchain scanning platforms show.

"We call on miners of affected blockchain and crypto exchanges to blacklist tokens coming from the above addresses," the Poly team tweeted. The $600 million figure would place the Poly Network hack among the largest in crypto history. Tether froze approximately $33 million in relation to the hack, Tether CTO Paul Adroino tweeted. About one hour after Poly announced the hack on Twitter, the hacker tried to move assets including USDT through the Ethereum address into liquidity pool Curve.fi, records show. The transaction was rejected.

Five social media giants failed to remove 84% of antisemitic posts in May and June -- and Facebook performed the worst despite announcing new rules to tackle the problem, a new report finds. Axios: The Center for Countering Digital Hatred (CCDH) notes in its study that it reported 714 posts containing "anti-Jewish hatred" to Facebook, Twitter, Instagram, Youtube and TikTok -- which were collectively viewed 7.3 million times. These "clearly violated" company policies, according to the CCDH. "As a result of their failure to enforce their own rules, social media platforms like Facebook have become safe places to spread racism and propaganda against Jews," states the report, titled "Failure to Act."

Facebook removed 14 out of 129 posts reported to it (10.9%); Twitter removed 15 of 137 reports (11%); TikTok took down 22 of 119 posts reported (18.5%); Instagram acted in 52 of 277 of cases (18.8%) and YouTube pulled 11 of the 52 posts it was alerted to (21.2%). "Extremist anti-Jewish hate is not acted on: platforms failed to act on 80% of posts containing Holocaust denial, 74% of posts alleging the blood libel, 70% of racist caricatures of Jewish people and 70% of neo-Nazi posts," per a statement from the CCDH, a nongovernmental organization based in the U.S. and United Kingdom.

Governments must impose a global moratorium on the international spyware trade or face a world in which no mobile phone is safe from state-sponsored hackers, Edward Snowden has warned in the wake of revelations about the clients of NSO Group. The Guardian reports: Snowden, who in 2013 blew the whistle on the secret mass surveillance programs of the US National Security Agency, described for-profit malware developers as "an industry that should not exist." He made the comments in an interview with the Guardian after the first revelations from the Pegasus project, a journalistic investigation by a consortium of international media organizations into the NSO Group and its clients. [...] Snowden said the consortium's findings illustrated how commercial malware had made it possible for repressive regimes to place vastly more people under the most invasive types of surveillance. For traditional police operations to plant bugs or wiretap a suspect's phone, law enforcement would need to "break into somebody's house, or go to their car, or go to their office, and we'd like to think they'll probably get a warrant," he said. But commercial spyware made it cost-efficient for targeted surveillance against vastly more people. "If they can do the same thing from a distance, with little cost and no risk, they begin to do it all the time, against everyone who's even marginally of interest," he said. "If you don't do anything to stop the sale of this technology, it's not just going to be 50,000 targets. It's going to be 50 million targets, and it's going to happen much more quickly than any of us expect."

Part of the problem arose from the fact that different people's mobile phones were functionally identical to one another, he said. "When we're talking about something like an iPhone, they're all running the same software around the world. So if they find a way to hack one iPhone, they've found a way to hack all of them." He compared companies commercializing vulnerabilities in widely used mobile phone models to an industry of "infectioneers" deliberately trying to develop new strains of disease. "It's like an industry where the only thing they did was create custom variants of Covid to dodge vaccines," he said. "Their only products are infection vectors. They're not security products. They're not providing any kind of protection, any kind of prophylactic. They don't make vaccines -- the only thing they sell is the virus."

Snowden said commercial malware such as Pegasus was so powerful that ordinary people could in effect do nothing to stop it. Asked how people could protect themselves, he said: "What can people do to protect themselves from nuclear weapons? "There are certain industries, certain sectors, from which there is no protection, and that's why we try to limit the proliferation of these technologies. We don't allow a commercial market in nuclear weapons." He said the only viable solution to the threat of commercial malware was an international moratorium on its sale. "What the Pegasus project reveals is the NSO Group is really representative of a new malware market, where this is a for-profit business," he said. "The only reason NSO is doing this is not to save the world, it's to make money." He said a global ban on the trade in infection vectors would prevent commercial abuse of vulnerabilities in mobile phones, while still allowing researchers to identify and fix them. "The solution here for ordinary people is to work collectively. This is not a problem that we want to try and solve individually, because it's you versus a billion dollar company," he said. "If you want to protect yourself you have to change the game, and the way we do that is by ending this trade."

"This week, a 22-year-old self-described Bitcoin millionaire introduced the Freedom Phone, a $499 device meant to be completely free from 'Big Tech's' censorship and influence," reports PC Magazine.

"But it turns out the same smartphone is actually from China, and probably just a cheap knock-off." The Freedom Phone comes from Erik Finman, who unveiled the device earlier this week. He claims the product has everything Trump supporters could dream of, including an "uncensorable" app store, preinstalled conservative-friendly apps including Parler and Rumble, and even its own anti-surveillance operating system called FreedomOS... However, The Daily Beast noticed the Freedom Phone looks strikingly similar to a budget smartphone device from a Chinese vendor called Umidigi. The device is called the Umidigi A9 pro, and you can actually buy it over on the Chinese e-commerce site AliExpress starting at $119. Finman later told The Daily Beast that the Freedom Phone was indeed sourced from Umidigi, a company that's based in Shenzhen, China...

An uncensorable app store opens the door for hackers and shady developers to circulate malware and data-collecting programs to users. We're also doubtful Freedom Phone has its own operating system if it can run apps such as Parler and Rumble, in addition to Signal, Telegram and Brave
The Daily Beast adds this anecdote: The Freedom Phone's "Freedom OS" operating system is based on Google's Android operating system, according to Finman. But during a livestream video promoting the phone, right-wing activist Anna Khait was confused by her fans' basic questions about the phone. "Is it an Android?" Khait said. "I'm not really sure. No, it's a Freedom Phone."
Gizmodo calls the phone's web site "radically vague on the details." There is no information about the phone's operating system, storage, camera, CPU, or RAM capabilities. It has a list of features, but there are no actual details about them. Instead, under each feature, there's merely a "Buy it now" button which redirects you to the site's shopping cart. The phone's hefty price, combined with the company's total lack of transparency, is ridiculous — essentially asking the buyer to cough up half a grand in exchange for, uh, something...!
But Gizmodo also shares a philosophical thought: Before we get into the specifics of why this device probably sucks, let me just say that the desire to have a phone that is dedicated to protecting your autonomy and privacy is a reasonable one — and should be encouraged. That said, I don't think the Freedom Phone provides that. Actually, aside from its overt partisan bent, it's impossible to tell what kind of device this is because Finman and his acolytes haven't provided any information about it...

The funny thing is, if Trump voters are looking for a way to get off the "Big Tech" grid, there's no need for them to buy this sketchy shit. There are actually entire subcultures within the phone industry dedicated to escaping the Android/iOS paradigm. You can wade into the de-Googled phone sector, for instance — where Android phones are sold that have ostensibly been refurbished to rid the devices of code that will "send your personal data" back to the tech giant. There's also the Linux-based Pinephone, which sells at a fraction of the Freedom Phone's cost (between $150 and $200), and is a favorite of those in the privacy community. All of these come with caveats, obviously, but the point is that there are much more transparent and affordable options than the Freedom Phone...

It'd be nice if Americans could actually come together around the issue of privacy since it's an area where — regardless of political party — we're all collectively getting screwed.

A notorious group of cybercriminals whose operations were almost totally dismantled last year seems to be back in business -- in yet another example of the seemingly intractable nature of cybercrime. Gizmodo reports: The Russian-speaking group known as "Trickbot" (which is also the name of the malware that they're responsible for creating and distributing), has built up its infrastructure and seems to be preparing for some nefarious new campaign, The Daily Beast first reported. The group, which has been connected to ransomware attacks and widespread theft of financial information, is an outgrowth of an older, Russia-based cybercrime group called "Dyre." After Dyre was initially broken up by Russian authorities back in 2015, the remaining members regrouped, creating new malware tools and working to employ them in even more expansive criminal enterprises. Trickbot, which today operates out of numerous places in Eastern Europe -- including Russia, Ukraine, Belarus, and others -- is perhaps best known for running one of the world's largest botnets. Botnets are large networks of "zombie" devices -- computers that have been infected with special kinds of malware that allow them to be collectively controlled by a hacker, typically for malicious purposes. In Trickbot's case, the group has used its million-plus botnet for an assortment of sordid activities, including helping to launch ransomware attacks throughout the world.

Last fall, the Pentagon's Cyber Command attempted to debilitate Trickbot, fearing that hackers connected to the group might attempt to interfere with the 2020 presidential election. CYBERCOM launched a series of "coordinated attacks" against Trickbot's servers, ultimately succeeding in disrupting its operations. However, it was clear that federal officials did not expect their efforts to be a long-term deterrent, with anonymous sources telling the Washington Post that the action was "not expected to permanently dismantle the network." Around the same time, Microsoft launched its own campaign that was also targeted at dismantling the group. The company tracked and analyzed the servers that were involved in operating the botnet, subsequently garnering a court order that allowed them to disable the IP addresses connected to those servers. Microsoft's operation even involved working together with ISPs to reportedly go "door to door" in Latin America, where they helped to replace routers that had been compromised by the criminal group. However, as is often the case with cybercrime, few of the culprits behind the malware's distribution were ever tracked down or faced charges.

Indeed, a recent report from security firm Fortinet seems to show that the group has allegedly helped create a new strain of ransomware, dubbed "Diavol." On top of this, another report from BitDefender shows that the group has built back up its infrastructure and that it has recently been seen gearing up for new attacks and malicious activity, with the firm ultimately noting that "Trickbot shows no sign of slowing down."

An anonymous reader shares a report: Author Adam Silvera four years ago released the young adult science fiction novel "They Both Die at the End," which found success and landed a few weeks on the New York Times bestseller list. But years later in August 2020, Silvera said his publisher noticed a significant sales bump, the start of a trend that would send the book to the top of the New York Times' young adult paperback monthly bestseller list in April, where it still reigns. Silvera had no idea where the sales spike was coming from. "I kept commenting to my readers, 'Hey, don't know what's happening, but there's been a surge in sales lately, so grateful that everybody's finding the story years later,'" Silvera said. "And then that's when a reader was like, 'I'm seeing it on BookTok.' And I had no idea what they were talking about."

"BookTok" is a community of users on TikTok who post videos reviewing and recommending books, which has boomed in popularity over the past year. TikTok videos containing the hashtag #TheyBothDieAtTheEnd have collectively amassed more than 37 million views to date, many of which feature users reacting -- and often crying -- to the book's emotional ending. BookTok's impact on the book industry has been notable, helping new authors launch their careers and propelling books like Silvera's to the top of bestseller lists years after their original publication. Madeline Miller's "The Song of Achilles," E. Lockhart's "We Were Liars" and Taylor Jenkins Reid's "The Seven Husbands of Evelyn Hugo" -- all of which were published before BookTok began to dominate the industry -- are among some of the other books that have found popularity on the app years after their initial release. Retailers like Barnes & Noble have taken advantage of BookTok's popularity to market titles popular on the app to customers by creating specialized shelves featuring books that have gone viral.

An anonymous reader quotes a report from Axios: Virgin Galactic announced Thursday plans to launch its billionaire founder Richard Branson into space on July 11. The date is nine days before Jeff Bezos, founder of Virgin Galactic competitor Blue Origin, is set to take off for space. Branson will journey to space in Virgin Galactic's VSS Unity spacecraft along with two pilots and three other mission specialists as part of the company's fourth crewed mission. "After more than 16 years of research, engineering, and testing, Virgin Galactic stands at the vanguard of a new commercial space industry, which is set to open space to humankind and change the world for good," Branson said in a press release Thursday. "It's one thing to have a dream of making space more accessible to all; it's another for an incredible team to collectively turn that dream into reality," he added.

Law enforcement has seized the servers and customer logs for DoubleVPN, a double-encryption service commonly used by threat actors to evade detection while performing malicious activities. BleepingComputer reports: DoubleVPN is a Russian-based VPN service that double-encrypts data sent through their service. When using the service, requests are encrypted and transmitted to one VPN server, which sends it to another VPN server, which finally connects to the final destination. The doublevpn.com [archive.org] website was seized today by law enforcement, who stated that they gained access to the servers for DoubleVPN and took personal information, logs, and statistics for the service's customers.

"On 29th of June 2021, law enforcement took down DoubleVPN. Law enforcement gained access to the servers of DoubleVPN and seized personal information, logs and statistics kept by DoubleVPN about all of its customers. DoubleVPN's owners failed to provide the services they promised," says the now-seized doublevpn.com website. "International law enforcement continues to work collectively against facilitators of cybercrime, wherever and however it is committed. The investigation regarding customer data of this network will continue." Europol has confirmed to BleepingComputer that the seizure message is legitimate and that they will be providing more information about the operation tomorrow.

James Bond has a new home: Amazon and MGM announced a definitive merger agreement under which Amazon will acquire MGM for $8.45 billion. From a report: MGM, founded in 1924, complements Amazon Studios, which has primarily focused on producing TV programming, the companies said. Amazon will help "preserve MGM's heritage and catalog of films," and provide customers with greater access to these existing works, the companies said. For Amazon, snapping up MGM -- which has more than 4,000 movies and 17,000 TV shows in its catalog -- is a way to supercharge its Prime Video service with a slew of well-known entertainment properties. In addition, Amazon is anticipating being able to tap into Metro-Goldwyn-Mayer properties like the Pink Panther, Rocky, and, yes, the 007 franchises for new originals.

"The real financial value behind this deal is the treasure trove of [intellectual property] in the deep catalog that we plan to reimagine and develop together with MGM's talented team," Mike Hopkins, senior VP of Prime Video and Amazon Studios, said in announcing the deal. "It's very exciting and provides so many opportunities for high-quality storytelling." Hopkins noted that MGM productions collectively have won more than 180 Oscars and 100 Emmys. The studio has roughly 800 employees globally.

Politico writes: President Joe Biden on Wednesday ordered a sweeping overhaul of the federal government's approach to cybersecurity, from the software that agencies buy to the security measures that they use to block hackers, as his administration continues grappling with vulnerabilities exposed by a massive digital espionage campaign carried out by the Russian government... Biden's order requires agencies to encrypt their data, update plans for securely using cloud hosting services and enabling multi-factor authentication...

It also creates a cyber incident review group, modeled on the National Transportation Safety Board that investigates aviation, railroad and vehicle crashes, to improve the government's response to cyberattacks. And it sets the stage for requiring federal contractors to report data breaches and meet new software security standards.

The directive, which sets deadlines for more than 50 different actions and reports, represents a wide-ranging attempt by the new Biden administration to close glaring cybersecurity gaps that it discovered upon taking office and prevent a repeat of Moscow's SolarWinds espionage operation, which breached nine federal agencies and roughly 100 companies... In addition to requiring agencies to deploy multi-factor authentication, the order requires them to install endpoint detection and response software, which generates warnings when it detects possible hacks. It also calls for agencies to redesign their networks using a philosophy known as zero-trust architecture, which assumes that hackers are inside a network and focuses on preventing them from jumping from one computer to another... Officials say current federal monitoring programs are outdated — they can only spot previously identified malware, and they can't protect increasingly pervasive cloud platforms...

Biden's executive order attempts to prevent another SolarWinds by requiring information technology service providers to meet new security requirements in order to do business with the federal government. These contractors will need to alert the government if they are hacked and share information about the intrusion.
The order "reflects a fundamental shift in our mindset from incident response to prevention, from talking about security to doing security," one senior administration official told reporters. The order notes "persistent and increasingly sophisticated malicious cyber campaigns" that "threaten the public sector, the private sector, and ultimately the American people's security and privacy," calling for "bold changes and significant investments."

But the order also argues that "In the end, the trust we place in our digital infrastructure should be proportional to how trustworthy and transparent that infrastructure is..." warning that "The development of commercial software often lacks transparency, sufficient focus on the ability of the software to resist attack, and adequate controls to prevent tampering by malicious actors." To that end, the order also requires guidelines for a "Software Bill of Materials" or "SBOM," a "formal record containing the details and supply chain relationships of various components used in building software... analogous to a list of ingredients on food packaging." [A]n SBOM allows the builder to make sure those components are up to date and to respond quickly to new vulnerabilities. Buyers can use an SBOM to perform vulnerability or license analysis, both of which can be used to evaluate risk in a product. Those who operate software can use SBOMs to quickly and easily determine whether they are at potential risk of a newly discovered vulnerability. A widely used, machine-readable SBOM format allows for greater benefits through automation and tool integration. The SBOMs gain greater value when collectively stored in a repository that can be easily queried by other applications and systems. Understanding the supply chain of software, obtaining an SBOM, and using it to analyze known vulnerabilities are crucial in managing risk.
ZDNet reports that "the Linux and open-source community are already well on their way to meeting the demands of this new security order," citing security projects in both its Core Infrastructure Initiative (CII) and from the Open Source Security Foundation (OpenSSF).

The German company CureVac hopes its RNA vaccine will rival those made by Moderna and Pfizer-BioNTech. It could be ready next month. From a report: In early 2020, dozens of scientific teams scrambled to make a vaccine for Covid-19. Some chose tried-and-true techniques, such as making vaccines from killed viruses. But a handful of companies bet on a riskier method, one that had never produced a licensed vaccine: deploying a genetic molecule called RNA. The bet paid off. The first two vaccines to emerge successfully out of clinical trials, made by Pfizer-BioNTech and by Moderna, were both made of RNA. They both turned out to have efficacy rates about as good as a vaccine could get. In the months that followed, those two RNA vaccines have provided protection to tens of millions of people in some 90 countries. But many parts of the world, including those with climbing death tolls, have had little access to them, in part because they require being kept in a deep freeze.

Now a third RNA vaccine may help meet that global need. A small German company called CureVac is on the cusp of announcing the results of its late-stage clinical trial. As early as next week, the world may learn whether its vaccine is safe and effective. CureVac's product belongs to what many scientists refer to as the second wave of Covid-19 vaccines that could collectively ease the world's demand. Novavax, a company based in Maryland whose vaccine uses coronavirus proteins, is expected to apply for U.S. authorization in the next few weeks. In India, the pharmaceutical company Biological E is testing another protein-based vaccine that was developed by researchers in Texas. In Brazil, Mexico, Thailand and Vietnam, researchers are starting trials for a Covid-19 shot that can be mass-produced in chicken eggs. Vaccines experts are particularly curious to see CureVac's results, because its shot has an important advantage over the other RNA vaccines from Moderna and Pfizer-BioNTech. While those two vaccines have to be kept in a deep freezer, CureVac's vaccine stays stable in a refrigerator -- meaning it could more easily deliver the newly discovered power of RNA vaccines to hard-hit parts of the world.

A federal judge tossed a $506.2 million damages award against Apple after ruling the iPhone maker should have been able to argue that patent owner Optis Wireless Technology was making unfair royalty demands, though he refused to throw out the liability finding. From a report: Optis and its partners in the case, PanOptis Patent Management and Unwired Planet, claimed that Apple's smartphones, watches, and tablets that operate over the LTE cellular standard were using its patented technology. U.S. District Court Judge Rodney Gilstrap said the jury should have been allowed to consider whether the royalty demand was consistent with a requirement that standard-essential patents be licensed on "fair, reasonable and non-discriminatory," or FRAND, terms. The patent trial in August, one of the few held during the pandemic, was part of an unusual sweep of verdicts in Texas that collectively resulted in $3.7 billion in damages against tech companies like Apple and Intel Corp. Apple was also hit with damages awards of $502.8 million in a decade-long battle over security communications technology, and $308.5 million in a case over digital rights management.

Last month America's Federal Bureau of Investigation released its annual report on internet crime, which a former federal prosecutor bemoans as "another record year." The bureau received 791,790 complaints of "internet-enabled crime" in 2020 (a 69 percent increase over the prior year), representing over $4.1 billion in reported losses (a 20 percent increase). These complaints included a wide array of crimes, such as phishing, spoofing, extortion, data breaches, and identity theft. Collectively, they represent further evidence of the Justice Department's long-running failure to effectively pursue internet fraud.

Since the start of the pandemic, the scope and frequency of this criminal activity has become noticeably worse. Online fraudsters have stolen government relief checks, sold fake test kits and vaccines, and exploited the altruistic impulses of the American public through fake charities. But the broader failure has wreaked incalculable harm on the American public for years, including those in our most vulnerable and less tech-savvy populations, like senior citizens. The FBI's most recent report makes it clear that the government needs to dramatically step up and rethink its approach to combating internet-based fraud — including how it tracks this problem, as well as how it can punish and deter these crimes more effectively going forward...

One major reason that internet fraud remains such a persistent and vexing problem is that the Justice Department has never made it a real priority — in part because these kinds of cases are not particularly attractive to prosecutors. Victim losses on an individual basis tend to be relatively small and widely dispersed. A substantial amount of this crime also originates abroad, and it can be hard and bureaucratically cumbersome to obtain evidence from foreign governments — particularly from countries where these scams comprise a large, de facto industry that employs many people. It is also far more challenging to find and secure cooperating insider witnesses when the perpetrators are beyond our borders. And even under the best of circumstances, the large body of documentary evidence that fraud cases involve can be exceedingly difficult to gather and review. If you manage to overcome all of those obstacles, you may still end up having to deal with years of extradition-related litigation before anyone ever sees the inside of a courtroom. Making matters worse, much of the press does not treat these cases as particularly newsworthy — itself a symptom of how routine internet fraud has become — and prosecutors like being in the press...

[T]ime is not on our side. This is a problem that will continue to metastasize — including in new and unpredictable ways — unless and until the federal government dramatically steps up its enforcement efforts.

Merchant groups are forming a national coalition to campaign for stricter antitrust laws, including measures they hope could force Amazon.com to spin off some of its business lines. From a report: The effort is being launched Tuesday by trade groups that represent small hardware stores, office suppliers, booksellers, grocers and others, along with business groups from 12 cities, organizers say. Merchants plan to push their congressional representatives for stricter antitrust laws and tougher enforcement of existing ones. The groups, which collectively represent thousands of businesses, want federal legislation that would prevent the owner of a dominant online marketplace from selling its own products in competition with other sellers, a policy that could effectively separate Amazon's retail product business from its online marketplace. Members of the House Antitrust Subcommittee are considering legislation along those lines as they weigh changes to U.S. antitrust law, though no bill has yet been introduced. The merchant groups also want tougher enforcement of competition laws and legal changes that would make it easier for the government to win antitrust lawsuits against big companies.

Astronomers have found the farthest known source of radio emissions in the universe: a quasar 13 billion light-years from Earth spewing jets of particles at nearly the speed of light. Live Science reports: Quasars are some of the oldest, most distant, most massive and brightest objects in the universe. They make up the cores of galaxies where a rapidly spinning supermassive black hole gorges on all the matter that's unable to escape its gravitational grasp. While the black hole is devouring this matter, it's also blasting out an enormous amount of radiation that collectively can be more than a trillion times more luminous than the brightest stars, making quasars the brightest objects in the observable universe.

This quasar in particular, named P172+18, is a relic from around 780 million years after the Big Bang and reveals clues about one of the earliest ages of the universe -- the epoch of reionization. At the start of this period, the universe was darkly veiled by a mostly uniform cloud of hydrogen gas. Scientists refer to this time as the universe's dark ages, because most light emitted was quickly absorbed by the neutrally charged gas. Eventually, gravity collapsed the primordial gas into the first stars and quasars, which began to heat and ionize the surrounding gases, allowing light to pass through. [...] Further observations from telescopes [...] showed that P172+18 is nearly 300 million times more massive than the sun and is among the fastest-growing quasars ever discovered. The problem is, scientists don't know how a black hole became so massive this early on in the universe. The radio jets could be an explanation. The researchers' findings will be published in The Astrophysical Journal.