Tech news and research site SemiAccurate is reporting that an unidentified company is seeking to acquire Intel in its entirety. The publication -- citing a confidential email that it reviewed and a subsequent confirmation from a second source -- said the prospective buyer has not publicly disclosed its interest but has sufficient resources to purchase Intel at current valuations (about $85 billion).

Roseltorg, Russia's main electronic trading platform for government and corporate procurement, confirmed it was targeted by a cyberattack claimed by the pro-Ukraine hacker group Yellow Drift. The group allegedly deleted 550 terabytes of data, causing significant operational delays and client concerns. The Record reports: The company initially confirmed last Thursday that its services had been temporarily suspended, without providing further details. In a recent Telegram statement, Roseltorg disclosed that it had been targeted by "an external attempt to destroy data and the entire infrastructure of electronic trading." Roseltorg stated that all data and infrastructure affected by the recent attack had been fully restored, and trading systems are expected to resume operations shortly. However, as of the time of writing, the company's website remains offline.

Last week, the previously unknown pro-Ukraine hacker group Yellow Drift claimed responsibility for the attack on Roseltorg, stating they had deleted 550 terabytes of data, including emails and backups. As proof, the hackers published screenshots from the platform's allegedly compromised infrastructure on their Telegram channel. "If you support tyranny and sponsor wars, be prepared to return to the Stone Age," the hackers said.

The cyberattack on Roseltorg is already impacting clients who rely on the platform's operations, including government agencies, state-owned companies and suppliers. Following the company's announcement, many clients expressed concerns in the comments section, complaining about potential financial losses and delays in the procurement process. Roseltorg said in a statement that once access to the trading systems is reinstated, all deadlines for procedures, including contract signings, will be automatically extended without requiring any requests from users.

A consortium of investors has resurrected Lilium just days after the electric air taxi startup ceased operations and laid off about 1,000 employees. From a report: Mobile Uplift Corporation, a company set up by investors from Europe and North America, has agreed to acquire the operating assets of the startup's two subsidiaries, Lilium GmbH and Lilium eAircraft GmbH, per an announcement Tuesday.

The parent company, Lilium N.V, will not receive any funds in accordance with German insolvency law. Terms of the deal, which are expected to close in January, were not disclosed. Consultancy giant KPMG handled the sale process for Lilium. Mobile Uplift Corporation said in the announcement it intends to rehire workers who were laid off immediately after opening of the proceedings and closing of the transaction. It isn't clear if all 1,000 workers will be rehired.

The Department of Homeland Security (DHS) believes that China, Russia, Iran, and Israel are the "primary" countries exploiting security holes in telecommunications networks to spy on people inside the United States, which can include tracking their physical movements and intercepting calls and texts, according to information released by Senator Ron Wyden. 404 Media: The news provides more context around use of SS7, the exploited network and protocol, against phones in the country. In May, 404 Media reported that an official inside DHS's Cybersecurity Insurance and Security Agency (CISA) broke with his department's official narrative and publicly warned about multiple SS7 attacks on U.S. persons in recent years. Now, the newly disclosed information provides more specifics on where at least some SS7 attacks are originating from.

The information is included in a letter the Department of Defense (DoD) wrote in response to queries from the office of Senator Wyden. The letter says that in September 2017 DHS personnel gave a presentation on SS7 security threats at an event open to U.S. government officials. The letter says that Wyden staff attended the event and saw the presentation. One slide identified the "primary countries reportedly using telecom assets of other nations to exploit U.S. subscribers," it continues.

Meta has been fined around $263 million in the European Union for a Facebook security breach that affected millions of users which the company disclosed back in September 2018. From a report: The penalty, issued on Tuesday by Ireland's Data Protection Commission (DPC) -- enforcing the bloc's General Data Protection Regulation (GDPR) -- is far from being the largest GDPR fine Meta has been hit with since the regime came into force over five years ago but is notable for being a substantial sanction for a single security incident.

The breach it relates to dates back to July 2017 when Facebook, as the company was still known then, rolled out a video upload function that included a "View as" feature which let the user see their own Facebook page as it would be seen by another user. A bug in the design allowed users making use of the feature to invoke the video uploader in conjunction with Facebook's 'Happy Birthday Composer' facility to generate a fully permissioned user token that gave them full access to the Facebook profile of that other user. They could then use the token to exploit the same combination of features on other accounts -- gaining unauthorized access to multiple users' profiles and data, per the DPC.

Primarily used by law enforcement, Graykey unlocks mobile devices to extract data from both Android and iOS systems, according to the blog AppleInsider, "though its effectiveness varies depending on the specific hardware and software involved." But while its capabilities are rarely disclosed, "a leak of some Grayshift's internal documents was recently reported on by 404 Media." According to the data, Graykey can only perform "partial" data retrieval from iPhones running iOS 18 and iOS 18.0.1. These versions were released in September and early October, respectively. A partial extraction likely includes unencrypted files and metadata, such as folder structures and file sizes, according to past reports. Notably, Graykey struggles with beta versions of iOS 18.1. Under the latest update, the tool fails to extract any data, as per the documents.

Meanwhile, Graykey's performance with Android phones varies, largely due to the diversity of devices and manufacturers. On Google's Pixel lineup, Graykey can only partially access data from the latest Pixel 9 when in an "After First Unlock" (AFU) state — where the phone has been unlocked at least once since being powered on.
Thanks to long-time Slashdot reader AmiMoJo for sharing the article.

Intel must maintain majority control of its foundries as a condition of receiving $7.86 billion in U.S. CHIPS Act funding, according to terms disclosed in a regulatory filing [PDF]. The semiconductor giant will need to keep at least 50.1% ownership if the foundry unit is spun off privately, while no single shareholder can hold more than 35% of shares if it goes public unless Intel remains the largest stakeholder. The restrictions, which also require Intel to remain a customer, come as the company struggles financially and recently restructured its foundry business as an independent unit.

An anonymous reader quotes a report from KrebsOnSecurity: Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect -- a prolific hacker known as Kiberphant0m -- remains at large and continues to publicly extort victims. However, this person's identity may not remain a secret for long: A careful review of Kiberphant0m's daily chats across multiple cybercrime personas suggests they are a U.S. Army soldier who is or was recently stationed in South Korea.

Kiberphant0m's identities on cybercrime forums and on Telegram and Discord chat channels have been selling data stolen from customers of the cloud data storage company Snowflake. At the end of 2023, malicious hackers discovered that many companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with nothing more than a username and password (no multi-factor authentication required). After scouring darknet markets for stolen Snowflake account credentials, the hackers began raiding the data storage repositories for some of the world's largest corporations. Among those was AT&T, which disclosed in July that cybercriminals had stolen personal information, phone and text message records for roughly 110 million people. Wired.com reported in July that AT&T paid a hacker $370,000 to delete stolen phone records.

On October 30, Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka of Kitchener, Ontario, on a provisional arrest warrant from the United States, which has since indicted him on 20 criminal counts connected to the Snowflake breaches. Another suspect in the Snowflake hacks, John Erin Binns, is an American who is currently incarcerated in Turkey. Investigators say Moucka, who went by the handles Judische and Waifu, had tasked Kiberphant0m with selling data stolen from Snowflake customers who refused to pay a ransom to have their information deleted. Immediately after news broke of Moucka's arrest, Kiberphant0m was clearly furious, and posted on the hacker community BreachForums what they claimed were the AT&T call logs for President-elect Donald J. Trump and for Vice President Kamala Harris. [...] Also on Nov. 5, Kiberphant0m offered call logs stolen from Verizon's push-to-talk (PTT) customers -- mainly U.S. government agencies and emergency first responders. Kiberphant0m denies being in the U.S. Army and said all these clues were "a lengthy ruse designed to create a fictitious persona," reports Krebs.

"I literally can't get caught," Kiberphant0m said, declining an invitation to explain why. "I don't even live in the USA Mr. Krebs." A mind map illustrates some of the connections between and among Kiberphant0m's apparent alter egos.

During a public joint hearing today titled "Unidentified Anomalous Phenomena: Exposing the Truth," four experts testified that the U.S. is running secret UAP programs, including crash retrieval and reverse-engineering programs for advanced nonhuman technology. Although the Pentagon maintains there's no evidence of alien spacecraft, witnesses like Luis Elizondo and Michael Gold argue that UAPs represent an intelligence enigma and call for open, stigma-free study to address potential security concerns and unknown scientific possibilities. NPR reports: Tim Gallaudet, retired rear admiral, U.S. Navy; CEO of Ocean STL Consulting, LLC
"Confirmation that UAPs are interacting with humanity came for me in January 2015," Gallaudet said in his written testimony (PDF). He describes being part of a pre-deployment naval exercise off the U.S. East Coast that culminated in the famous "Go Fast" video, in which a Navy F/A-18 jet's sensors recorded "an unidentified object exhibiting flight and structural characteristics unlike anything in our arsenal." He was among a group of commanders involved in the exercise who received an email containing the video, which was sent by the operations officer of Fleet Forces Command, Gallaudet said. "The very next day, the email disappeared from my account and those of the other recipients without explanation," he said.

Luis Elizondo, author and former Department of Defense official
Elizondo's written testimony (PDF) was brief and alleged that a secretive arms race is playing out on the global stage. "Let me be clear: UAP are real," he wrote. "Advanced technologies not made by our Government -- or any other government -- are monitoring sensitive military installations around the globe. Furthermore, the U.S. is in possession of UAP technologies, as are some of our adversaries." Elizondo is a former intelligence officer who later "managed a highly sensitive Special Access Program on behalf of the White House and the National Security Council," according to his official bio (PDF). "By 2012, [Elizondo] was the senior ranking person of the DOD's Advanced Aerospace Threat Identification Program, a secretive Pentagon unit that studied unidentified anomalous phenomena," his bio states, adding that he resigned in 2017.

Michael Gold, former NASA associate administrator of space policy and partnerships; member of NASA UAP Independent Study Team
Gold's written testimony (PDF) stressed the need for government agencies and academics to "overcome the pernicious stigma that continues to impede scientific dialogue and open discussions" about unexplained phenomena. "As the saying goes, the truth is out there," Gold said, "we just need to be bold enough and brave enough to face it."

Michael Shellenberger, founder of Public, a news outlet on the Substack platform
Shellenberger's testimony (PDF) ran to some 214 pages, including a lengthy timeline of UAP reports from 1947 to 2023. Shellenberger pressed the White House and Congress to act, calling for the adoption of UAP transparency legislation and cutting funds for any related programs that aren't disclosed to lawmakers. "UAP transparency is bi-partisan and critical to our national security," his written testimony stated. You can watch the proceeding here.

Red Hat, the IBM-owned open source software firm, is acquiring Neural Magic, a startup that optimizes AI models to run faster on commodity processors and GPUs. From a report: The terms of the deal weren't disclosed. MIT research scientist Alex Matveev and professor Nir Shavit founded Somerville, Massachusetts-based Neural Magic in 2018, inspired by their work in high-performance execution engines for AI. Neural Magic's software aims to process AI workloads on processors and GPUs at speeds equivalent to specialized AI chips (e.g. TPUs). By running models on off-the-shelf processors, which usually have more available memory, the company's software can realize these performance gains.

Big tech companies like AMD and a host of other startups, including NeuReality, Deci, CoCoPie, OctoML and DeepCube, offer some sort of AI optimization software. But Neural Magic is one of the few with a free platform and a collection of open source tools to complement it. Neural Magic had so far managed to raise $50 million in venture capital from backers like Andreessen Horowitz, New Enterprise Associations, Amdocs, Comcast Ventures, Pillar VC and Ridgeline Ventures.

Slashdot reader spatwei shared this report from SC World: Nearly three dozen flaws in open-source AI and machine learning (ML) tools were disclosed Tuesday as part of [AI-security platform] Protect AI's huntr bug bounty program.

The discoveries include three critical vulnerabilities: two in the Lunary AI developer toolkit [both with a CVSS score of 9.1] and one in a graphical user interface for ChatGPT called Chuanhu Chat. The October vulnerability report also includes 18 high-severity flaws ranging from denial-of-service to remote code execution... Protect AI's report also highlights vulnerabilities in LocalAI, a platform for running AI models locally on consumer-grade hardware, LoLLMs, a web UI for various AI systems, LangChain.js, a framework for developing language model applications, and more.
In the article, Protect AI's security researchers point out that these open-source tools are "downloaded thousands of times a month to build enterprise AI Systems."

The three critical vulnerabilties have already been addressed by their respective companies, according to the article.

Apple is taking a 20 percent stake in its iPhone satellite connectivity partner GlobalStar -- a stake worth $400 million -- as part of an expansion of its deal with the company. From a report: GlobalStar will also receive a prepayment of $1.1 billion from Apple that is intended to improve satellite infrastructure.

Apple relies on GlobalStar's satellites to enable to send emergency text messages, iMessage reactions, and more through the skies in areas with no cell signal. GlobalStar disclosed the details of the deal expansion in an SEC filing, which includes "a new satellite constellation, expanded ground infrastructure, and increased global [mobile satellite services] licensing."

Apple has reached an agreement to acquire Pixelmator, the maker of popular photo and image editing apps Pixelmator Pro, Pixelmator for iOS, and Photomator. Financial terms of the deal wasn't disclosed.

The Register's Tobias Mann reports: Supermicro shares took a nose dive on Wednesday, sliding more than 30 percent after the accounting firm hired to review its reporting practices resigned after determining they were just a bit too sketchy to warrant the risk. "We are resigning due to information that has recently come to our attention which has led us to no longer be able to rely on management's and audit committee's representations," Ernst & Young wrote in a resignation letter, which also raised alarm bells regarding Supermicro CEO Charles Liang's influence over the board. The concerns, disclosed in a recent SEC filing, only serve to stoke the fires of controversy surrounding Supermicro, which, after more than two months, still hasn't filed its 10-K annual report and faces the possibility of being de-listed from the Nasdaq as a result. [...]

EY's resignation apparently came months after it raised concerns with management regarding the "governance, transparency, and completeness of" Supermicro's financial reporting, and warned that the release of the server maker's annual report was at significant risk. In response, Supermicro's board appointed an independent special committee and hired Cooley and forensic accounting firm Secretariat Advisors to review its internal controls and governance procedures. It seems EY was not too pleased with the special committee's findings which apparently raised yet more red flags. "After receiving additional information through the Review process, EY informed the special committee that the additional information EY received raised questions, including about whether the Company demonstrates a commitment to integrity and ethical values," the SEC filing reads.

French newspaper Le Monde found that the fitness app Strava can easily track confidential movements of foreign leaders, including U.S. President Joe Biden, and presidential rivals Donald Trump and Kamala Harris. The Independent reports: Le Monde found that some U.S. Secret Service agents use the Strava fitness app, including in recent weeks after two assassination attempts on Trump, in a video investigation released in French and in English. Strava is a fitness tracking app primarily used by runners and cyclists to record their activities and share their workouts with a community. Le Monde also found Strava users among the security staff for French President Emmanuel Macron and Russian President Vladimir Putin. In one example, Le Monde traced the Strava movements of Macron's bodyguards to determine that the French leader spent a weekend in the Normandy seaside resort of Honfleur in 2021. The trip was meant to be private and wasn't listed on the president's official agenda.

Le Monde said the whereabouts of Melania Trump and Jill Biden could also be pinpointed by tracking their bodyguards' Strava profiles. In a statement to Le Monde, the U.S. Secret Service said its staff aren't allowed to use personal electronic devices while on duty during protective assignments but "we do not prohibit an employee's personal use of social media off-duty." "Affected personnel has been notified," it said. "We will review this information to determine if any additional training or guidance is required." "We do not assess that there were any impacts to protective operations or threats to any protectees," it added. Locations "are regularly disclosed as part of public schedule releases."

In another example, Le Monde reported that a U.S. Secret Service agent's Strava profile revealed the location of a hotel where Biden subsequently stayed in San Francisco for high-stakes talks with Chinese President Xi Jinping in 2023. A few hours before Biden's arrival, the agent went jogging from the hotel, using Strava which traced his route, the newspaper found. The newspaper's journalists say they identified 26 U.S. agents, 12 members of the French GSPR, the Security Group of the Presidency of the Republic, and six members of the Russian FSO, or Federal Protection Service, all of them in charge of presidential security, who had public accounts on Strava and were therefore communicating their movements online, including during professional trips. Le Monde did not identify the bodyguards by name for security reasons.

JPMorgan Chase is suing customers who exploited an ATM glitch that allowed them to withdraw funds before a check bounced. CNBC reports: The bank on Monday filed lawsuits in at least three federal courts, taking aim at some of the people who withdrew the highest amounts in the so-called infinite money glitch that went viral on TikTok and other social media platforms in late August. [...] JPMorgan, the biggest U.S. bank by assets, is investigating thousands of possible cases related to the "infinite money glitch," though it hasn't disclosed the scope of associated losses. Despite the waning use of paper checks as digital forms of payment gain popularity, they're still a major avenue for fraud, resulting in $26.6 billion in losses globally last year, according to Nasdaq's Global Financial Crime Report.

The infinite money glitch episode highlights the risk that social media can amplify vulnerabilities discovered at a financial institution. Videos began circulating in late August showing people celebrating the withdrawal of wads of cash from Chase ATMs shortly after bad checks were deposited. Normally, banks only make available a fraction of the value of a check until it clears, which takes several days. JPMorgan says it closed the loophole a few days after it was discovered.

The lawsuits are likely to be just the start of a wave of litigation meant to force customers to repay their debts and signal broadly that the bank won't tolerate fraud, according to the people familiar. JPMorgan prioritized cases with large dollar amounts and indications of possible ties to criminal groups, they said. The civil cases are separate from potential criminal investigations; JPMorgan says it has also referred cases to law enforcement officials across the country. "Fraud is a crime that impacts everyone and undermines trust in the banking system," JPMorgan spokesman Drew Pusateri said in a statement to CNBC. "We're pursuing these cases and actively cooperating with law enforcement to make sure if someone is committing fraud against Chase and its customers, they're held accountable."

Democratic senators Elizabeth Warren, Ron Wyden, Richard Blumenthal and Representative Katie Porter are demanding the Justice Department prosecute tax preparation companies for allegedly sharing sensitive taxpayer data with Meta and Google through tracking pixels. The lawmakers' call follows a Treasury Inspector General audit confirming their earlier investigation into TaxSlayer, H&R Block, and Tax Act. The audit found multiple companies failed to properly obtain consent before sharing tax return information via advertising tools. Violations could result in one-year prison terms and $1,000 fines per incident, potentially reaching billions in penalties given the scale of affected users.

In a letter shared with The Verge, the lawmakers said: "Accountability for these tax preparation companies -- who disclosed millions of taxpayers' tax return data, meaning they could potentially face billions of dollars in criminal liability -- is essential for protecting the rule of law and the privacy of taxpayers," the letter reads. "We urge you to follow the facts and the conclusions of TIGTA and the IRS and to take appropriate action against any companies or individuals that have violated the law."

"Six years after the Spectre transient execution processor design flaws were disclosed, efforts to patch the problem continue to fall short," writes the Register: Johannes Wikner and Kaveh Razavi of Swiss University ETH Zurich on Friday published details about a cross-process Spectre attack that derandomizes Address Space Layout Randomization and leaks the hash of the root password from the Set User ID (suid) process on recent Intel processors. The researchers claim they successfully conducted such an attack.... [Read their upcomong paper here.] The indirect branch predictor barrier (IBPB) was intended as a defense against Spectre v2 (CVE-2017-5715) attacks on x86 Intel and AMD chips. IBPB is designed to prevent forwarding of previously learned indirect branch target predictions for speculative execution. Evidently, the barrier wasn't implemented properly.

"We found a microcode bug in the recent Intel microarchitectures — like Golden Cove and Raptor Cove, found in the 12th, 13th and 14th generations of Intel Core processors, and the 5th and 6th generations of Xeon processors — which retains branch predictions such that they may still be used after IBPB should have invalidated them," explained Wikner. "Such post-barrier speculation allows an attacker to bypass security boundaries imposed by process contexts and virtual machines." Wikner and Razavi also managed to leak arbitrary kernel memory from an unprivileged process on AMD silicon built with its Zen 2 architecture.

Videos of the Intel and AMD attacks have been posted, with all the cinematic dynamism one might expect from command line interaction.

Intel chips — including Intel Core 12th, 13th, and 14th generation and Xeon 5th and 6th — may be vulnerable. On AMD Zen 1(+) and Zen 2 hardware, the issue potentially affects Linux users. The relevant details were disclosed in June 2024, but Intel and AMD found the problem independently. Intel fixed the issue in a microcode patch (INTEL-SA-00982) released in March, 2024. Nonetheless, some Intel hardware may not have received that microcode update. In their technical summary, Wikner and Razavi observe: "This microcode update was, however, not available in Ubuntu repositories at the time of writing this paper." It appears Ubuntu has subsequently dealt with the issue.

AMD issued its own advisory in November 2022, in security bulletin AMD-SB-1040. The firm notes that hypervisor and/or operating system vendors have work to do on their own mitigations. "Because AMD's issue was previously known and tracked under AMD-SB-1040, AMD considers the issue a software bug," the researchers explain. "We are currently working with the Linux kernel maintainers to merge our proposed software patch."
BleepingComputer adds that the ETH Zurich team "is working with Linux kernel maintainers to develop a patch for AMD processors, which will be available here when ready."

Amazon said on Wednesday it has signed three agreements on developing the nuclear power technology called small modular reactors, becoming the latest big tech company to push for new sources to meet surging electricity demand from data centers. From a report: Amazon said it will fund a feasibility study for an SMR project near a Northwest Energy site in Washington state. The SMR is planned to be developed by X-Energy. Financial details were not disclosed. Under the agreement, Amazon will have the right to purchase electricity from four modules. Energy Northwest, a consortium of state public utilities, will have the option to add up to eight 80 MW modules, resulting in a total capacity up to 960 MWs, or enough to power the equivalent of more than 770,000 U.S. homes. The additional power would be available to Amazon and utilities to power homes and businesses. "Our agreements will encourage the construction of new nuclear technologies that will generate energy for decades to come," said Matt Garman, CEO of Amazon Web Services. SMRs will have their components built in a factory to reduce construction costs. [...]

Amazon said it is also leading a funding round for $500 million to support X-Energy's development of SMRs. Amazon and X-Energy aim to bring more than 5 gigawatts online in the United States by 2039, which the companies call the largest commercial deployment target of SMRs yet. Amazon also signed an agreement with Dominion Energy, opens new tab to explore the development of an SMR project near the utility's existing power station in Virginia. The about 300 megawatt project would help meet power needs in a region where demand is expected to jump 85% in 15 years, Dominion said.

Casio confirmed it suffered a ransomware attack earlier this month, resulting in the theft of personal and confidential data from employees, job candidates, business partners, and some customers. Although customer payment data was not compromised, Casio warns the impact may broaden as the investigation continues. BleepingComputer reports: The attack was disclosed Monday when Casio warned that it was facing system disruption and service outages due to unauthorized access to its networks during the weekend. Yesterday, the Underground ransomware group claimed responsibility for the attack, leaking various documents allegedly stolen from the Japanese tech giant's systems. Today, after the data was leaked, Casio published a new statement that admits that sensitive data was stolen during the attack on its network.

As to the current results of its ongoing investigation, Casio says the following information has been confirmed as likely compromised:

- Personal data of both permanent and temporary/contract employees of Casio and its affiliated companies.
- Personal details related to business partners of Casio and certain affiliates.
- Personal information of individuals who have interviewed for employment with Casio in the past.
- Personal information related to customers using services provided by Casio and its affiliated companies.
- Details related to contracts with current and past business partners.
- Financial data regarding invoices and sales transactions.
- Documents that include legal, financial, human resources planning, audit, sales, and technical information from within Casio and its affiliates.