An anonymous reader shares this report from Dark Reading: In recent weeks, hackers have been deploying the "IceFire" ransomware against Linux enterprise networks, a noted shift for what was once a Windows-only malware.

A report from SentinelOne suggests that this may represent a budding trend. Ransomware actors have been targeting Linux systems more than ever in cyberattacks in recent weeks and months, notable not least because "in comparison to Windows, Linux is more difficult to deploy ransomware against, particularly at scale," Alex Delamotte, security researcher at SentinelOne, tells Dark Reading....

"[M]any Linux systems are servers," Delamotte points out, "so typical infection vectors like phishing or drive-by download are less effective." So instead, recent IceFire attacks have exploited CVE-2022-47986 — a critical remote code execution (RCE) vulnerability in the IBM Aspera data transfer service, with a CVSS rating of 9.8.

Delamotte posits a few reasons for why more ransomware actors are choosing Linux as of late. For one thing, she says, "Linux-based systems are frequently utilized in enterprise settings to perform crucial tasks such as hosting databases, Web servers, and other mission-critical applications. Consequently, these systems are often more valuable targets for ransomware actors due to the possibility of a larger payout resulting from a successful attack, compared to a typical Windows user."

A second factor, she guesses, "is that some ransomware actors may perceive Linux as an unexploited market that could yield a higher return on investment."
While previous reports had IceFire targetting tech companies, SentinelLabs says they've seen recent attacks against organizations "in the media and entertainment sector," impacting victims "in Turkey, Iran, Pakistan, and the United Arab Emirates, which are typically not a focus for organized ransomware actors."

Searching Google for downloads of popular software has always come with risks, but over the past few months, it has been downright dangerous, according to researchers and a pseudorandom collection of queries. Ars Technica reports: "Threat researchers are used to seeing a moderate flow of malvertising via Google Ads," volunteers at Spamhaus wrote on Thursday. "However, over the past few days, researchers have witnessed a massive spike affecting numerous famous brands, with multiple malware being utilized. This is not "the norm.'"

The surge is coming from numerous malware families, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader. In the past, these families typically relied on phishing and malicious spam that attached Microsoft Word documents with booby-trapped macros. Over the past month, Google Ads has become the go-to place for criminals to spread their malicious wares that are disguised as legitimate downloads by impersonating brands such as Adobe Reader, Gimp, Microsoft Teams, OBS, Slack, Tor, and Thunderbird.

On the same day that Spamhaus published its report, researchers from security firm Sentinel One documented an advanced Google malvertising campaign pushing multiple malicious loaders implemented in .NET. Sentinel One has dubbed these loaders MalVirt. At the moment, the MalVirt loaders are being used to distribute malware most commonly known as XLoader, available for both Windows and macOS. XLoader is a successor to malware also known as Formbook. Threat actors use XLoader to steal contacts' data and other sensitive information from infected devices. The MalVirt loaders use obfuscated virtualization to evade end-point protection and analysis. To disguise real C2 traffic and evade network detections, MalVirt beacons to decoy command and control servers hosted at providers including Azure, Tucows, Choopa, and Namecheap. "Until Google devises new defenses, the decoy domains and other obfuscation techniques remain an effective way to conceal the true control servers used in the rampant MalVirt and other malvertising campaigns," concludes Ars. "It's clear at the moment that malvertisers have gained the upper hand over Google's considerable might."

CNET will pause publication of stories generated using artificial intelligence "for now," the site's leadership told employees on a staff call Friday. The Verge reports: The call, which lasted under an hour, was held a week after CNET came under fire for its use of AI tools on stories and one day after The Verge reported that AI tools had been in use for months, with little transparency to readers or staff. CNET hadn't formally announced the use of AI until readers noticed a small disclosure. "We didn't do it in secret," CNET editor-in-chief Connie Guglielmo told the group. "We did it quietly." CNET, owned by private equity firm Red Ventures, is among several websites that have been publishing articles written using AI. Other sites like Bankrate and CreditCards.com would also pause AI stories, executives on the call said.

The call was hosted by Guglielmo, Lindsey Turrentine, CNET's EVP of content and audience, and Lance Davis, Red Ventures' vice president of content. They answered a handful of questions submitted by staff ahead of time in the AMA-style call. Davis, who was listed as the point of contact for CNET's AI stories until recently, also gave staff a more detailed rundown of the tool that has been utilized for the robot-written articles. Until now, most staff had very little insight into the machine that was generating dozens of stories appearing on CNET.

The AI, which is as of yet unnamed, is a proprietary tool built by Red Ventures, according to Davis. AI editors are able to choose domains and domain-level sections from which to pull data from and generate stories; editors can also use a combination of AI-generated text and their own writing or reporting. Turrentine declined to answer staff questions about the dataset used to train AI in today's meeting as well as around plagiarism concerns but said more information would be available next week and that some staff would get a preview of the tool.

An anonymous reader quotes a report from BleepingComputer: Gen Digital, formerly Symantec Corporation and NortonLifeLock, is sending data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks. According to a letter sample shared with the Office of the Vermont Attorney General, the attacks did not result from a breach on the company but from account compromise on other platforms. "Our own systems were not compromised. However, we strongly believe that an unauthorized third party knows and has utilized your username and password for your account," NortonLifeLock said. "This username and password combination may potentially also be known to others."

More specifically, the notice explains that around December 1, 2022, an attacker used username and password pairs they bought from the dark web to attempt to log in to Norton customer accounts. The firm detected "an unusually large volume" of failed login attempts on December 12, 2022, indicating credential stuffing attacks where threat actors try out credentials in bulk. By December 22, 2022, the company had completed its internal investigation, which revealed that the credential stuffing attacks had successfully compromised an undisclosed number of customer accounts: "In accessing your account with your username and password, the unauthorized third party may have viewed your first name, last name, phone number, and mailing address." For customers utilizing the Norton Password Manager feature, the notice warns that the attackers might have obtained details stored in the private vaults. Depending on what users store in their accounts, this could lead to the compromise of other online accounts, loss of digital assets, exposure of secrets, and more. Norton has reset passwords on impacted accounts and implemented additional measures to counter the malicious attempts. They're recommending customers enable two-factor authentication and take up the offer for a credit monitoring service.

The PC market is in rough waters, and it was for much of last year. Every PC maker except Apple saw year-over-year decline. Laptop sales are said to have suffered the most. From a report: This all made for a somewhat uncertain backdrop heading into CES 2023, the annual conference where tech companies show off the products they'll be releasing in 2023. Throughout the show, executives and representatives from various PC manufacturers acknowledged that the industry has a big task ahead of it this year: keep the laptop exciting. Some companies are trying to do that with goofy hardware things (such as Lenovo's dual-screen, dual-OLED, and touchpad-less Yoga Book 9i). But others are moving away from hardware -- and the raw power that hardware can provide -- and emphasizing quirkier software capabilities in this year's lineups. AMD revealed that some of its new chips will come with its first Ryzen AI engine, built on its XDNA architecture.
Intel's upcoming Meteor Lake chips will also bring AI capabilities.
HP announced new features for its Omen Gaming Hub, including integration with Nvidia's GeForce Now, and new remote management and insight services for IT. A consumer Windows PC, the Dragonfly Pro, was also unveiled, with its integration with HP's new "live concierge" service touted as a highlight. The report adds: And HP isn't alone in this conviction -- quite a few other manufacturers that had a big presence at CES this year emphasized showy software features that utilized camera tracking and AI, from Asus' and Acer's glasses-free 3D displays to Razer's soundbar that follows your head around to optimize your music. Even Lenovo's aforementioned dual-screen Yoga Book is a software offering in many ways; the form factor is hardly new, but the investments Lenovo has made in an impressive system of gesture control are what make it a viable product.

A small but growing number of universities are now blocking access to TikTok on school-owned devices or WiFi networks, in the latest sign of a widening crackdown on the popular short-form video app. From a report: The University of Oklahoma and Auburn University in Alabama have each said they will restrict student and faculty access to TikTok, in order to comply with recent moves from the governors in their respective states to ban TikTok on government-issued devices. The 26 universities and colleges in the University System of Georgia are also reportedly taking a similar step.

"In compliance with the Governor's Executive Order 2022-33, effective immediately, no university employee or student shall access the TikTok application or website on University-owned or operated devices, including OU wired and wireless networks," the University of Oklahoma said in an email this week. According to the email, the school will also require that university-administered TikTok accounts be deleted and "alternate social media platforms utilized in their place." Further reading: TikTok steps up efforts to clinch U.S. security deal.

Longtime Slashdot reader WindBourne writes: EU is creating a tariff on certain imported goods based on their CO2 emissions that went into production and transportation. While many have opposed this, others have been correctly pointing out that little would change until nations started charging other nations for their polluting the world. In some ways, this already has a number of attributes going for it. With Kyoto, Europe forced that emissions from bio would count at the point where it was harvested and not where it was burned/utilized. This was because Europe is a major importer of bio products for heating and electricity. With this tariff, it will apply any use of bio, including H2, at point of usage, not of production.

What remains to be seen is:
1) How they will apply it to size (Nation? State? City?)?
2) What data will be used (Information from the local government? Satellite?)?
3) How the data will be normalized (GDP? Per capita?)?
4) How to calculate emissions per good (Total emissions? Worst item? Certain parts?)?

This will no doubt cause a number of nations to scream about it, as well as smaller nations, but hopefully, more nations will join in as well. Looks like the world is finally going to get serious about stopping greenhouse gas emissions. "The measure will apply first to iron and steel, cement, aluminum, fertilizers, electricity production and hydrogen before being extended to other goods," notes CNN. "Under the new mechanism, companies will need to buy certificates to cover emissions generated by the production of goods imported into the European Union based on calculations linked to the EU's own carbon price."

Details of the Carbon Border Adjustment Mechanism can be found here.

The testimony of the new FTX CEO, John Ray III, is now public (PDF), and it includes some shocking revelations about the nature of the cryptocurrency firm. The court documents show that Alameda Research borrowed FTX customer funds for trading and investment purposes without any limits. Watcher Guru reports: In the court documents, Ray relayed a detailed account of how Alameda Research would utilize FTX customer assets. Subsequently, the firm utilized them for the purposes of trading and investment. The document noted, "The ability of Alameda, the crypto hedge fund within the FTX Group, to borrow funds held at FTX.com to be utilized for its own trading or investments without any effective limits." As the shocking statement was reported under inappropriate business practices that Ray has uncovered amidst his disappointment.

Ray revealed that access to those funds was not at all protected from management. The statement noted, "The use of computer infrastructure that gave individuals in senior management access to systems that stored customer assets," according to the documents. Furthermore, Ray revealed that "Private keys to access hundreds of millions of dollars in crypto assets," lacked property security or description. Conversely, Ray notes that assets were commingled, and the platform lacked proper documentation of nearly 500 investments made by the FTX group. UPDATE 12/12/22 00:13 UTC: FTX Founder Sam Bankman-Fried Arrested

ConsenSys has informed users that it is set to collect additional data from those using its popular Infrura tool, attracting criticism on social media in the process. From a report: Infura is an API-based tool that allows users to connect their application to the Ethereum network, which provides the basis for many key Web3 projects, such as Aragon, Gnosis, OpenZeppelin, and ConsenSys's own flagship wallet service MetaMask. After Infrura was first acquired by the New York-based blockchain firm in late 2019, the tool now boasts around 350,000 developers and also includes support for other blockchains like Polygon and Filecoin.

As per updates to ConsenSys' privacy policy, when you use Infura as your default remote procedure call (RPC) provider in MetaMask, it will collect your IP address and your Ethereum wallet address whenever you make a transaction. However, if you're using your own Ethereum node or a third-party RPC provider with MetaMask, ConsenSys says that "neither Infura nor MetaMask will collect your IP address or Ethereum wallet address." Alternative RPCs which can be utilized by Ethereum developers include Alchemy, QuickNode, Moralis, and Tatum. These tools have their own data collection policies, too, which could also be subject to change in the future.

An anonymous reader quotes a report from Ars Technica: Microsoft late Thursday confirmed the existence of two critical vulnerabilities in its Exchange application that have already compromised multiple servers and pose a serious risk to an estimated 220,000 more around the world. The currently unpatched security flaws have been under active exploit since early August, when Vietnam-based security firm GTSC discovered customer networks had been infected with malicious webshells and that the initial entry point was some sort of Exchange vulnerability. The mystery exploit looked almost identical to an Exchange zero-day from 2021 called ProxyShell, but the customers' servers had all been patched against the vulnerability, which is tracked as CVE-2021-34473. Eventually, the researchers discovered the unknown hackers were exploiting a new Exchange vulnerability.

Wednesday's GTSC post said the attackers are exploiting the zero-day to infect servers with webshells, a text interface that allows them to issue commands. These webshells contain simplified Chinese characters, leading the researchers to speculate the hackers are fluent in Chinese. Commands issued also bear the signature of the China Chopper, a webshell commonly used by Chinese-speaking threat actors, including several advanced persistent threat groups known to be backed by the People's Republic of China. GTSC went on to say that the malware the threat actors eventually install emulates Microsoft's Exchange Web Service. It also makes a connection to the IP address 137[.]184[.]67[.]33, which is hardcoded in the binary. Independent researcher Kevin Beaumont said the address hosts a fake website with only a single user with one minute of login time and has been active only since August. The malware then sends and receives data that's encrypted with an RC4 encryption key that's generated at runtime. Beaumont went on to say that the backdoor malware appears to be novel, meaning this is the first time it has been used in the wild. People running on-premises Exchange servers "should apply a blocking rule that prevents servers from accepting known attack patterns," reports Ars. The rule can be found in Microsoft's advisory.

"For the time being, Microsoft also recommends people block HTTP port 5985 and HTTPS port 5986, which attackers need to exploit CVE-2022-41082."

After more than 50 years, molten salt nuclear reactors might be making a comeback. The US Department of Energy (DoE) has tapped Los Alamos National Laboratory (LANL) to lead a $9.25 million study into the structural properties and materials necessary to build them at scale. The Register reports: "The US needs projects like this one to advance nuclear technologies and help us achieve the Biden-Harris administration's goals of clean energy by 2035 and a net-zero economy by 2050," said Asmeret Asefaw Berhe, director of the office of science, in a statement. The study, conducted as part of the Scientific Discovery though Advanced Computing (SciDAC) program, seeks to gain a better understanding of the relationship between corrosion and irradiation effects at the atomic scale in metals exposed to molten salt reactors through simulation.

This isn't the first time the DoE has explored this reactor tech. In the middle of last century, Oak Ridge National Laboratory (ORNL) took the lessons learned from the Aircraft Reactor experiment to build a functional nuclear aircraft power source and began construction of a molten salt test reactor. The experiments, conducted between 1957 and 1969, utilized a mixture of lithium, beryllium, zirconium, and uranium fluoride salts. Cooling was also achieved using a fluoride salt mixture, but it lacked the uranium and zirconium found in the fuel. The experiments proved promising, as molten salt reactors were generally smaller and considered safer compared to the pressurized water reactors still used today. But both proved too heavy for powered flight or materials design. Because cooling was achieved by circulating molten salt through a heat exchanger as opposed to water, the risk of a steam explosion is effectively nonexistent. However, as the Oak Ridge National Laboratory found during the Molten Salt Reactor Experiment, fluoride salts are incredibly corrosive and required hardened materials to safely contain them. "ORNL's Molten Salt Reactor Experiment utilized specialized materials fabricated from Hastelloy-N -- a nickel-molybdenum alloy developed by the lab with a high resistance to corrosion even at high temperatures," adds the reports. "The research program announced this week will revisit the material choices and examine a variety of metals using higher-performance compute resources to simulate how they'll perform at scale in these reactors."

According to researcher samczsun at Paradigm, Curve Finance has had its front end compromised, with over $500K stolen within a matter of minutes. The automated market maker is warning users to exercise caution when interacting with the site. Binance CEO Changpeng Zhao also shared the news and is monitoring the situation. CoinTelegraph reports: Curve stated via Twitter that its exchange -- which is a separate product -- appeared to be unaffected by the attack, as it uses a different DNS provider. Twitter user LefterisJP speculated that the alleged attacker had likely utilized DNS spoofing to execute the exploit on the service: "It's DNS spoofing. Cloned the site, made the DNS point to their ip where the cloned site is deployed and added approval requests to a malicious contract."

Other participants in the DeFi space quickly took to Twitter to spread the warning to their own followers, with some noting that the alleged thief appears to have stolen more than $573K USD at time of publication: "Alert to all @CurveFinance users, their frontend has been compromised! Do not interact with it until further notice! It appears around $570k stolen so far."

Mojang has drawn a line in the sand against NFTs in Minecraft, saying in an update posted today that NFT integration with the game is "generally not something we will support or allow." From a report: The update begins with a quick rundown of what NFTs are, including a note about their extreme volatility, before laying out the current policies on Minecraft servers. The overall goal of those policies, Mojang said, is "to ensure that Minecraft remains a community where everyone has access to the same content." NFTs, on the other hand, are specifically designed to "create models of scarcity and exclusion," which obviously conflicts with that principle. And so, they're out.

"To ensure that Minecraft players have a safe and inclusive experience, blockchain technologies are not permitted to be integrated inside our client and server applications, nor may Minecraft in-game content such as worlds, skins, persona items, or other mods, be utilized by blockchain technology to create a scarce digital asset," Mojang wrote. The update was apparently prompted by the fact that numerous Minecraft-associated NFTs and play-to-earn servers are already available, taking advantage of the gap in official policy and dividing the community into "the haves and the have-nots," Mojang said.

Apple's M1 chips have an "unpatchable" hardware vulnerability that could allow attackers to break through its last line of security defenses, MIT researchers have discovered. TechCrunch reports: The vulnerability lies in a hardware-level security mechanism utilized in Apple M1 chips called pointer authentication codes, or PAC. This feature makes it much harder for an attacker to inject malicious code into a device's memory and provides a level of defense against buffer overflow exploits, a type of attack that forces memory to spill out to other locations on the chip. Researchers from MIT's Computer Science and Artificial Intelligence Laboratory, however, have created a novel hardware attack, which combines memory corruption and speculative execution attacks to sidestep the security feature. The attack shows that pointer authentication can be defeated without leaving a trace, and as it utilizes a hardware mechanism, no software patch can fix it.

The attack, appropriately called "Pacman," works by "guessing" a pointer authentication code (PAC), a cryptographic signature that confirms that an app hasn't been maliciously altered. This is done using speculative execution -- a technique used by modern computer processors to speed up performance by speculatively guessing various lines of computation -- to leak PAC verification results, while a hardware side-channel reveals whether or not the guess was correct. What's more, since there are only so many possible values for the PAC, the researchers found that it's possible to try them all to find the right one.

Streaming right now on Hulu: a three-hour live special in which two members of something called the "Red Bull Air Force" try to make aviation history, reports People: On Sunday, April 24, Aikins and Farrington will try to switch planes mid-air in a stunt at Sawtooth Airport in Eloy, Arizona, that can be seen exclusively on Hulu, according to a press release from Red Bull. The planes will be "completely empty" and facing the ground when Luke Aikins and Andy Farrington attempt the daring switch, which will air during a three-hour livestream event.

To complete the feat, Aikins and Farrington will fly a pair of Cessna 182 single-seat aircraft up to 14,000 feet before putting them into a vertical nosedive and jumping out, with the goal of skydiving into each other's planes.

The cousins will stop the planes' engines and aim them toward the ground as they complete the stunt. A custom airbrake with the ability to hold the planes in a controlled-descent terminal velocity speed of 140 mph will also be utilized to complete the trick. After catching up to the opposing stuntman's plane, Aikins and Farrington will enter the cockpits and turn the planes back on as normal, piloting them to land.

Aikins is an experienced skydiver, having completed more than 21,000 jumps throughout his career. Farrington, meanwhile, has completed 27,000 jumps.
"I call it more calculated than crazy," Aikins says in an interview with the web site Complex. "We work really hard to make sure that everything's going to be okay. We don't flip a coin and fingers crossed and hope it all works out. We mitigate the risk down to something that's acceptable and what's acceptable to me."

The nonprofit online news site Virginia Mercury investigated their state police departments' "real-time location warrants," which are "addressed to telephone companies, ordering them to regularly ping a customers' phone for its GPS location and share the results with police." Public records requests submitted to a sampling of 18 police departments around the state found officers used the technique to conduct more than 7,000 days worth of surveillance in 2020. Court records show the tracking efforts spanned cases ranging from high-profile murders to minor larcenies.... Seven departments responded that they did not have any relevant billing records, indicating they don't use the technique. Only one of the departments surveyed, Alexandria, indicated it had an internal policy governing how their officers use cellphone tracking, but a copy of the document provided by the city was entirely redacted....

Drug investigations accounted for more than 60 percent of the search warrants taken out in the two jurisdictions. Larcenies were the second most frequent category. Major crimes like murders, rapes and abductions made up a fraction of the tracking requests, accounting for just under 25 of the nearly 400 warrants filed in the jurisdictions that year.
America's Supreme Court "ruled that warrantless cellphone tracking is unconstitutional back in 2012," the article points out — but in practice those warrants aren't hard to get. "Officers simply have to attest in an affidavit that they have probable cause that the tracking data is 'relevant to a crime that is being committed or has been committed'.... There's been limited public discussion or awareness of the kinds of tracking warrants the judiciary is approving." "I don't think people know that their cell phones can be converted to tracking devices by police with no notice," said Steve Benjamin, a criminal defense lawyer in Richmond who said he's recently noticed an uptick in cases in which officers employed the technique. "And the reality of modern life is everyone has their phone on them during the day and on their nightstand at night. ... It's as if the police tagged them with a chip under their skin, and people have no idea how easily this is accomplished."
The case for these phone-tracking warrants?

• The executive director of the Virginia Association of Chiefs of Police tells the site that physical surveillance ofen requires too many resources — and that cellphone tracking is safer. "It may be considered an intrusive way of gathering data on someone, but it's certainly less dangerous than physical tracking."
• A spokesperson for the Chesterfield County police department [responsible for 64% of the state's tracking] argued that "We exist to preserve human life and protect the vulnerable, and we will use all lawful tools at our disposal to do so." And they added that such "continued robust enforcement efforts" were a part of the reason that the county's still-rising number of fatal drug overdoses had not risen more.

The site also obtained bills from four major US cellphone carriers, and reported how much they were charging police for providing their cellphone-tracking services:

• "T-Mobile charged $30 per day, which comes to $900 per month of tracking."
• "AT&T charged a monthly service fee of $100 and an additional $25 per day the service is utilized, which comes to $850 per 30 days of tracking..."
• "Verizon calls the service 'periodic location updates,' charging $5 per day on top of a monthly service fee of $100, which comes to $200 per 30 days of tracking."
• "Sprint offered the cheapest prices to report locations back to law enforcement, charging a flat fee of $100 per month."

Thanks to Slashdot reader Beerismydad for sharing the article!

On Wednesday, the OpenAI consortium unveiled (PDF) the next iteration of the DALL-E machine learning system, which can draw anything you'd like but bigger, better, and faster than before. Engadget reports: The first DALL-E (a portmanteau of "Dali," as in the artist, and "WALL-E," as in the animated Disney character) could generate images as well as combine multiple images into a collage, provide varying angles of perspective, and even infer elements of an image -- such as shadowing effects -- from the written description. [...] DALL-E was never intended to be a commercial product and was therefore somewhat limited in its abilities given the OpenAI team's focus on it as a research tool, it's also been intentionally capped to avoid a Tay-esque situation or the system being leveraged to generate misinformation. Its sequel has been similarly sheltered with potentially objectionable images preemptively removed from its training data and a watermark indicating that its an AI-generated image automatically applied. Additionally, the system actively prevents users from creating pictures based on specific names.

DALL-E 2, which utilizes OpenAI's CLIP image recognition system, builds on those image generation capabilities. Users can now select and edit specific areas of existing images, add or remove elements along with their shadows, mash-up two images into a single collage, and generate variations of an existing image. What's more, the output images are 1024px squares, up from the 256px avatars the original version generated. OpenAI's CLIP was designed to look at a given image and summarize its contents in a way humans can understand. The consortium reversed that process, building an image from its summary, in its work with the new system.

Unlike the first, which anybody could play with on the OpenAI website, this new version is currently only available for testing by vetted partners who themselves are limited in what they can upload or generate with it. Only family-friendly sources can be utilized and anything involving nudity, obscenity, extremist ideology or "major conspiracies or events related to major ongoing geopolitical events" are right out. [...] The current crop of testers are also banned from exporting their generated works to a third-party platform though OpenAI is considering adding DALL-E 2's abilities to its API in the future. If you want to try DALL-E 2 for yourself, you can sign up for the waitlist on OpenAI's website.

The U.S. Securities and Exchange Commission is scrutinizing creators of NFTs and the crypto exchanges where they trade to determine if some of the assets run afoul of the agency's rules, Bloomberg News reported Thursday, citing people familiar with the matter. From the report: A focus of the probe is on whether certain nonfungible tokens, digital assets that can be used to denote ownership of things like a painting or sports memorabilia, are being utilized to raise money like traditional securities, said the people. Over the past several months, attorneys in the SEC's enforcement unit have sent subpoenas demanding information about the token offerings. The inquiry is the latest attempt by the SEC under Chair Gary Gensler to ensure the crypto market adheres to its regulations. In February, the commission and state regulators levied a record $100 million fine against BlockFi, a popular virtual-currency exchange, for failing to register products that pay customers high interest rates to lend out their digital tokens.

An anonymous reader quotes a report from Reuters: Rights groups petitioned Israel's top court on Monday to repeal new COVID-19 measures that authorize the country's domestic intelligence service to use counter-terrorism phone tracking technology to contain the spread of the Omicron virus variant. Announcing the emergency measures on Saturday, Prime Minister Naftali Bennett said the phone tracking would be used to locate carriers of the new and potentially more contagious variant in order to curb its transmission to others. Israeli rights groups say the emergency measures violate previous Supreme Court rulings over such surveillance, used on-and-off by the country's Shin Bet domestic intelligence agency since March, 2020.

A senior health ministry official said on Sunday that use of phone tracking would be "surgical" in nature, only to be utilized on confirmed or suspected carriers of the variant. The surveillance technology matches virus carriers' locations against other mobile phones nearby to determine with whom they have come into contact. Israel's Supreme Court this year limited the scope of its use after civil rights groups mounted challenges over privacy concerns. Further reading: Omicron Covid Variant Poses Very High Global Risk, Says WHO

Movie theatre chain AMC and Sony Pictures are giving away 86,000 Spider-man NFTs to people who buy/reserve tickets for December 16th's premiere of Spider-Man: No Way Home.

The special tickets go on sale tonight at midnight EST on the AMC web site and app (available only to people who've signed up for one of the chain's special perks programs like Stubs Premiere, A-List, and Investor Connect). "The movie ticket must be scanned at the theatre when the guest arrives for the movie," explains the movie industry site Boxoffice Pro. "If the ticket purchase is refunded or the ticket goes unused, or is not scanned, the NFT code will not be delivered." The Spider-Man NFT will be available to be redeemed at a dedicated site operated by WAX, an energy efficient, ultra-low carbon footprint blockchain and the first certified carbon neutral. WAX is the most utilized blockchain in the world processing 15 million transactions daily.

Adam Aron, Chairman of the Board and CEO of AMC, commented: "Our AMC Theatres guests and our AMC Entertainment shareholders have been calling for AMC to get into the world of NFTs, and we couldn't imagine a more perfect way to start doing so than with our good friends at Sony Pictures."
Over 100 NFT designs will be available (designed by Cub Studios), the announcement points out

In a tweet Sunday, AMC's CEO said the idea came from the company's shareholders.