SonicSpike shares a report from Politico: An agency set up under Donald Trump to protect elections and key U.S. infrastructure from foreign hackers is now fighting off increasingly intense threats from hard-right Republicans who argue it's gone too far and are looking for ways to rein it in. These lawmakers insist work by the Cybersecurity and Infrastructure Security Agency to combat online disinformation during elections singles out conservative voices and infringes upon free speech rights -- an allegation the agency vehemently denies and the Biden administration is contesting in court. The accusations started in the wake of the 2020 election and are ramping up ahead of 2024, with lawmakers now calling for crippling cuts at the agency. "CISA has blatantly violated the First Amendment and colluded with Big Tech to censor the speech of ordinary Americans," Rand Paul (R-Ky.), the ranking member of the Senate Homeland Security Committee, which oversees CISA, said in a statement to POLITICO.

The fight over CISA underscores yet another way Trump's election fraud claims are reverberating into 2024. And though the hard right doesn't have enough votes to defund CISA today, the growing backlash against it has supporters worried that a hard-right faction could hobble the agency in the years ahead -- undermining its efforts not just to secure future elections, but also protect key U.S. and federal networks from major hacks. CISA had broad bipartisan support in Congress when lawmakers passed legislation creating the agency in 2018. At the ceremony where Trump signed it into law, he called it "very, very important legislation" to protect the U.S. against both nation-state hackers and cybercriminals. But when Chris Krebs, the then-head of CISA, debunked Trump's 2020 election fraud claims, the president fired him. And since the GOP assumed control of the House in 2022, like-minded Republicans have been ratcheting up their scrutiny of the agency. [...]

Conservatives now argue that activity has become a smokescreen for left-leaning government censorship. In Congress and within the courts, they contend that pressure from federal agencies like CISA led social media companies to limit the spread of information perceived as damaging to Joe Biden's campaign, such as stories relating to Hunter Biden. In a sign of trouble for an agency once boasting strong bipartisan support, 108 Republicans supported the failed push to cut CISA's budget last month -- a near majority within the conference. Backers of the budget cut included a swathe of increasingly influential hard-right lawmakers, like Jordan and James Comer (R-Ky.), chair of the powerful House Oversight Committee. Those with direct oversight over CISA also backed the vote, such as the chief of the Homeland Security Committee, Mark Green (R-Tenn.), and another panel member, August Pfluger (R-Texas).

Since disclosing a security breach of its support systems Friday, Okta has shed more than $2 billion from its market valuation "Okta shares slumped more than 11% Friday after the company said an unidentified hacking group was able to access client files through a support system," reports CNBC. "The company did not provide more details beyond a set of technical identifiers. The company's stock continued to fall in Monday trading, ultimately closing down 8.1%." From the report: Okta is a lesser-known name but forms a critical part of cybersecurity systems at major corporations. The identity management company boasts more than 18,000 customers who use its products to provide a single login point for many different platforms that a given company uses. Zoom, for example, uses Okta to give "seamless" access through a single login to the company's Google Workspace, ServiceNow, VMware and Workday platforms. Okta said it had communicated with all affected clients in Friday's announcement. At least one of those clients said it had alerted Okta about a potential breach weeks earlier. [...]

Okta has also been at the center of other higher-profile incidents. Earlier this year, for example, casino giants Caesars and MGM were both affected by hacks. Caesars was forced to pay millions in ransom to the hacking group, sources told CNBC. MGM had to shut down critical systems that the company acknowledged would have a material effect on its bottom line in an SEC filing. The direct and indirect losses from those incidents totaled over $100 million. Both those attacks targeted MGM and Caesars' Okta installations, using a sophisticated social engineering attack that went through IT help desks. Three other companies were also targeted by the hacking group, an Okta executive told Reuters.

Okta has also been a target before. A hacking group purportedly accessed numerous Okta systems in a March attempt. That group, Lapsus$, has been tied to hacking attacks at Uber and Grand Theft Auto maker Rockstar Games, a subsidiary of Take-Two Interactive, according to a report from the Cybersecurity and Infrastructure Security Agency.

Qualcomm unveiled a new laptop processor designed to outperform rival products from Intel and Apple on Tuesday, stepping up its long-running effort to break into the personal computer market. From a report: Qualcomm formally launched the Snapdragon X Elite, the flagship platform of its Snapdragon X family that leverages its Oryon CPU core, and promises to double -- yes, double -- the performance of some of the most popular 13th-gen Core chips from AMD and Intel. Sound familiar? It should. Qualcomm promised the same with its earlier Snapdragon 8-series chips, and really didn't deliver. But after buying chip designer Nuvia in 2021, Qualcomm is trying again, hoping that its superpowered Arm chips can once again make Windows on Arm PCs a competitor to conventional X86 PCs when they launch in mid-2024. And they'e talking some big numbers to prove it.

Qualcomm sees Oryon first going into PCs (as the engine of the Snapdragon X Elite platform) but then moving into smartphones, cars, "extended reality" devices, and more, Qualcomm chief executive Cristiano Amon is expected to say today. [...] To begin with, Qualcomm's Snapdragon X Elite is manufactured on a 4nm process node, versus the Intel 4 process node of Intel's Meteor Lake. (The two process technologies aren't directly comparable, though they're close enough for most purposes.) Oryon is a tri-cluster design. Historically, that has meant prime, performance, and efficiency cores, with each type of core taking on their own role depending upon the task. However, it appears that Qualcomm and its X86 rivals may have swapped strategies; as Intel adopts performance and efficiency cores, Qualcomm has chosen AMD's path. There are twelve cores within the Snapdragon X Elite, all running at 3.8GHz. Well, most of the time. If needed one or two of the cores can boost to 4.3GHz, the turbo boost strategy that's become common on the PC. The 64-bit Oryon CPU will be paired with 42Mbytes of total cache, and a memory controller that can access eight channels of LPDDR5x memory (64GB in total) with 130GBps memory bandwidth, executives said. It will be a single die, not a chiplet design.

An anonymous reader shares a report: Most Android users have probably never seen Google Play Protect in action. The malware-scanning service is built into every Android device and is supposed to flag malware that users have installed. Recently it flagged some popular apps that are very much not malware: Samsung Wallet and Samsung Messages.

As spotted by 9to5Google, Samsung users have been getting hit with Play Protect warnings since earlier this month. Users on the Google Support forum have posted screenshots of Play Protect flagging the Samsung system apps, and even Samsung responded to the issue, explaining (in Korean) how to fix any damage caused by the bug. Samsung says (through translation) the issue was caused by "a temporary failure of the Google server" and should now be fixed.

Downloading Chrome using Microsoft Edge is already a nightmare filled with banners and stop-gaps, and nothing seems to be stopping Microsoft from adding even more. From a report: Last weekend, we noticed that an attempt to download Google Chrome using Microsoft Edge results in the latter opening its sidebar with a poll, asking you to explain to Microsoft how you could dare try downloading Google Chrome. Of course, the exact wording is more tame, but you get the idea. Now, besides dismissing several banners and a full-size ad injected on the Chrome website, Edge wants you to answer a questionnaire with the following options:

We love having you! Can you please take a minute to tell us why you are trying another browser?

I can't search Google easily
I can't access my Google documents
I don't have my favorites or passwords here
Too many ads and pop-ups
I don't like the news feed
It's too slow
My websites don't work on Microsoft Edge
My reason is not listed

Unciphered, a Seattle-based startup, claims to have cracked the seemingly unbreakable encryption of IronKey S200, a decade-old USB thumb drive. By exploiting an undisclosed vulnerability in the device, the company says it can bypass the drive's feature that erases its contents after 10 incorrect password attempts. The breakthrough came within a day of receiving a test device, suggesting that the firm's hacking technique, powered by high-performance computing, could have far-reaching implications.

The startup's focus is not just technological; it's after a specific IronKey that holds 7,002 bitcoins, valued at roughly $235 million, stored in a Swiss bank vault. The device belongs to Stefan Thomas, a Swiss crypto entrepreneur, who has forgotten the password and has only two password attempts left before losing access to his fortune. Unciphered believes its hacking capabilities could unlock Thomas' crypto vault and is preparing to reach out to him to offer its services. The only problem: Thomas doesn't seem to want their help. Wired: Earlier this month, not long after performing their USB-decrypting demonstration for me, Unciphered reached out to Thomas through a mutual associate who could vouch for the company's new IronKey-unlocking abilities and offer assistance. The call didn't even get as far as discussing Unciphered's commission or fee before Thomas politely declined. Thomas had already made a "handshake deal" with two other cracking teams a year earlier, he explained. In an effort to prevent the two teams from competing, he had offered each a portion of the proceeds if either one could unlock the drive. And he remains committed, even a year later, to giving those teams more time to work on the problem before he brings in anyone else -- even though neither of the teams has shown any sign of pulling off the decryption trick that Unciphered has already accomplished.

That has left Unciphered in a strange situation: It holds what is potentially one of the most valuable lockpicking tools in the cryptocurrency world, but with no lock to pick. "We cracked the IronKey," says Nick Fedoroff, Unciphered's director of operations. "Now we have to crack Stefan. This is turning out to be the hardest part." In an email to WIRED, Thomas confirmed that he had turned down Unciphered's offer to unlock his encrypted fortune. "I have already been working with a different set of experts on the recovery so I'm no longer free to negotiate with someone new," Thomas wrote. "It's possible that the current team could decide to subcontract Unciphered if they feel that's the best option. We'll have to wait and see." In past interviews, Thomas has said that his 7,002 bitcoins were left over from a payment he received for making a video titled "What is Bitcoin?" that published on YouTube in early 2011, when a bitcoin was worth less than a dollar. Later that year, he told WIRED that he'd inadvertently erased two backup copies of the wallet that held those thousands of coins, and then lost the piece of paper with the password to decrypt the third copy, stored on the IronKey. By then, his lost coins were worth close to $140,000.

Lawrence Abrams reports via BleepingComputer: 1Password, a popular password management platform used by over 100,000 businesses, suffered a security breach after hackers gained access to its Okta ID management tenant. "We detected suspicious activity on our Okta instance related to their Support System incident. After a thorough investigation, we concluded that no 1Password user data was accessed," reads a very brief security incident notification from 1Password CTO Pedro Canahuati. "On September 29, we detected suspicious activity on our Okta instance that we use to manage our employee-facing apps. We immediately terminated the activity, investigated, and found no compromise of user data or other sensitive systems, either employee-facing or user-facing."

On Friday, Okta disclosed that threat actors breached its support case management system using stolen credentials. As part of these support cases, Okta routinely asks customers to upload HTTP Archive (HAR) files to troubleshoot customer problems. However, these HAR files contain sensitive data, including authentication cookies and session tokens that can be used to impersonate a valid Okta customer. Okta first learned of the breach from BeyondTrust, who shared forensics data with Okta, showing that their support organization was compromised. However, it took Okta over two weeks to confirm the breach.

Google is getting ready to test a new "IP Protection" feature for the Chrome browser that enhances users' privacy by masking their IP addresses using proxy servers. From a report: Recognizing the potential misuse of IP addresses for covert tracking, Google seeks to strike a balance between ensuring users' privacy and the essential functionalities of the web. IP addresses allow websites and online services to track activities across websites, thereby facilitating the creation of persistent user profiles. This poses significant privacy concerns as, unlike third-party cookies, users currently lack a direct way to evade such covert tracking.

While IP addresses are potential vectors for tracking, they are also indispensable for critical web functionalities like routing traffic, fraud prevention, and other vital network tasks. The "IP Protection" solution addresses this dual role by routing third-party traffic from specific domains through proxies, making users' IP addresses invisible to those domains. As the ecosystem evolves, so will IP Protection, adapting to continue safeguarding users from cross-site tracking and adding additional domains to the proxied traffic. "Chrome is reintroducing a proposal to protect users against cross-site tracking via IP addresses. This proposal is a privacy proxy that anonymizes IP addresses for qualifying traffic as described above," reads a description of the IP Protection feature. Initially, IP Protection will be an opt-in feature, ensuring users have control over their privacy and letting Google monitor behavior trends.

Matter -- the IOT connectivity standard with ambitions to fix the smart home and make all of our gadgets talk to each other -- has hit version 1.2, adding support for nine new types of connected devices. From a report: Robot vacuums, refrigerators, washing machines, and dishwashers are coming to Matter, as are smoke and CO alarms, air quality sensors, air purifiers, room air conditioners, and fans. It's a crucial moment for the success of the industry-backed coalition that counts 675 companies among its members. This is where it moves from the relatively small categories of door locks and light bulbs to the real moneymakers: large appliances.

The Connectivity Standards Alliance (CSA), the organization behind Matter, released the Matter 1.2 specification this week, a year after launching Matter 1.0, following through on its promise to release two updates a year. Now, appliance manufacturers can add support for Matter to their devices, and ecosystems such as Apple Home, Amazon Alexa, Google Home, and Samsung SmartThings can start supporting the new device types. Yes, this means you should finally be able to control a robot vacuum in the Apple Home app -- not to mention your wine fridge, dishwasher, and washing machine.

The initial feature set for the new device types includes basic function controls (start / stop, change mode) and notifications -- such as the temperature of your fridge, the status of your laundry, or whether smoke is detected. Robot vacuum support is robust -- remote start and progress notifications, cleaning modes (dry vacuum, wet mopping), and alerts for brush status, error reporting, and charging status. But there's no mapping, so you'll still need to use your vacuum app if you want to tell the robot where to go.

An anonymous reader shares a report: In 2020, scientists decided just to rework the alphanumeric symbols they used to represent genes rather than try to deal with an Excel feature that was interpreting their names as dates and (un)helpfully reformatting them automatically. Last week, a member of the Excel team posted that the company is rolling out an update on Windows and macOS to fix that. Excel's automatic conversions are intended to make it easier and faster to input certain types of commonly entered data -- numbers and dates, for instance. But for scientists using quick shorthand to make things legible, it could ruin published, peer-reviewed data, as a 2016 study found.

Microsoft detailed the update in a blog post last week, adding a checkbox labeled "Convert continuous letters and numbers to a date." You can probably guess what that toggles. The update builds on the Automatic Data Conversions settings the company added last year, which included the option for Excel to warn you when it's about to get extra helpful and let you load your file without automatic conversion so you can ensure nothing will be screwed up by it.

"Twenty phone companies may soon have all their voice calls blocked by US carriers," reports Ars Technica, "because they didn't submit real plans for preventing robocalls on their networks." The 20 carriers include a mix of US-based and foreign voice service providers that submitted required "robocall mitigation" plans to the Federal Communications Commission about two years ago. The problem is that some of the carriers' submissions were blank pages and others were bizarre images or documents that had no relation to robocalls. The strange submissions, according to FCC enforcement orders issued Monday, included "a .PNG file depicting an indiscernible object," a document titled "Windows Printer Test Page," an image "that depicted the filer's 'Taxpayer Profile' on a Pakistani government website," and "a letter that stated: 'Unfortunately, we do not have such a documents.'"

Monday's FCC announcement said the agency's Enforcement Bureau issued orders demanding that "20 non-compliant companies show cause within 14 days as to why the FCC should not remove them from the database for deficient filings." The orders focus on the certification requirements and do not indicate whether these companies carry large amounts of robocall traffic. Each company will be given "an opportunity to cure any deficiencies in its robocall mitigation program description or explain why its certification is not deficient." After the October 30 deadline, the companies could be removed from the FCC's Robocall Mitigation Database.

Removal from the database would oblige other phone companies to block all of their calls.

"Dropbox said Friday that it's agreed to return over one quarter of its San Francisco headquarters to the landlord," reports CNBC, "as the commercial real estate market continues to soften following the Covid pandemic."

The article notes that last year Dropbox's accountants declared a $175.2 million "impairment" on the office — a permanent reduction in its value — calling it "a result of adverse changes" in the market. And the year before they announced another $400 million charge "related to real estate assets."

Friday CNBC reported: In a filing, Dropbox said it agreed to surrender to its landlord 165,244 square feet of space and pay $79 million in termination fees. Under the amendment to its lease agreement, Dropbox will offload the space over time through the first quarter of 2025. Since going remote during the pandemic three years ago, Dropbox has been trying to figure out what to do with much of the 736,000 square feet of space in Mission Bay it leased in 2017, in what was the largest office lease in the city's history. The company subleased closed to 134,000 square feet of space last year to Vir Biotechnology, leaving it with just over 604,000 square feet...

"As we've noted in the past, we've taken steps to de-cost our real estate portfolio as a result of our transition to Virtual First, our operating model in which remote work is the primary experience for our employees, but where we still come together for planned in-person gatherings," a company spokesperson told CNBC in an emailed statement... Dropbox's 2017 lease for the brand new headquarters was for 15 years... "As a result of the amendment the company will avoid future cash payments related to rent and common area maintenance fees of $137 million and approximately $90 million, respectively, over the remaining 10 year lease term," Dropbox said in Friday's filing.

A short walk away from Dropbox, Uber has been trying to sublease part of its headquarters.
The article also notes that San Francisco's office vacancy rate "stood at 30% in the third quarter, the highest level since at least 2007, according to city data."

In 1999 cybersecurity pundit Bruce Schneier answered questions from Slashdot's readers.

24 years later on his personal blog, Schneier is still offering his insights. Last month Schneier said that warnings about millions of vacant cybersecurity positions around the world never made sense to me" — and then shared this alternate theory. From the blog of cybersecurity professional Ben Rothke: [T]here is not a shortage of security generalists, middle managers, and people who claim to be competent CISOs. Nor is there a shortage of thought leaders, advisors, or self-proclaimed cyber subject matter experts. What there is a shortage of are computer scientists, developers, engineers, and information security professionals who can code, understand technical security architecture, product security and application security specialists, analysts with threat hunting and incident response skills. And this is nothing that can be fixed by a newbie taking a six-month information security boot camp....

In fact, security roles are often not considered entry-level at all. Hiring managers assume you have some other background, usually technical before you are ready for an entry-level security job. Without those specific skills, it is difficult for a candidate to break into the profession. Job seekers learn that entry-level often means at least two to three years of work experience in a related field.
Rothke's post offers two conclusions:

• "Human resources needs to understand how to effectively hire information security professionals. Expecting an HR generalist to find information security specialists is a fruitless endeavor at best."

• "So is there really an information security jobs crisis? Yes, but not in the way most people portray it to be."

echo123 shares a report from the Associated Press: Thousands of information technology workers contracting with U.S. companies have for years secretly sent millions of dollars of their wages to North Korea for use in its ballistic missile program, FBI and Department of Justice officials said. The Justice Department said Wednesday that IT workers dispatched and contracted by North Korea to work remotely with companies in St. Louis and elsewhere in the U.S. have been using false identities to get the jobs. The money they earned was funneled to the North Korean weapons program, FBI leaders said at a news conference in St. Louis.

Court documents allege that North Korea's government dispatched thousands of skilled IT workers to live primarily in China and Russia with the goal of deceiving businesses from the U.S. and elsewhere into hiring them as freelance remote employees. The workers used various techniques to make it look like they were working in the U.S., including paying Americans to use their home Wi-Fi connections, said Jay Greenberg, special agent in charge of the St. Louis FBI office. Greenberg said any company that hired freelance IT workers "more than likely" hired someone participating in the scheme. An FBI spokeswoman said Thursday that the North Koreans contracted with companies across the U.S. and in some other countries. "We can tell you that there are thousands of North Korea IT workers that are part of this," spokeswoman Rebecca Wu said. Federal authorities announced the seizure of $1.5 million and 17 domain names as part of the investigation, which is ongoing. FBI officials said the scheme is so prevalent that companies must be extra vigilant in verifying whom they are hiring, including requiring interviewees to at least be seen via video.

The IT workers generated millions of dollars a year in their wages to benefit North Korea's weapons programs. In some instances, the North Korean workers also infiltrated computer networks and stole information from the companies that hired them, the Justice Department said. They also maintained access for future hacking and extortion schemes, the agency said. Officials didn't name the companies that unknowingly hired North Korean workers, say when the practice began, or elaborate on how investigators became aware of it. But federal authorities have been aware of the scheme for some time.

Long-time Slashdot reader Noryungi writes: OpenBSD 7.4 has been officially released. The 55th release of this BSD operating system, known for being security oriented, brings a lot of new things, including dynamic tracer, pfsync improvements, loads of security goodies and virtualization improvements. Grab your copy today! As mentioned by Phoronix's Michael Larabel, some of the key highlights include:

- Dynamic Tracer (DT) and Utrace support on AMD64 and i386 OpenBSD
- Power savings for those running OpenBSD 7.4 on Apple Silicon M1/M2 CPUs by allowing deep idle states when available for the idle loop and suspend
- Support for the PCIe controller found on Apple M2 Pro/Max SoCs
- Allow updating AMD CPU Microcode updating when a newer patch is available
- A workaround for the AMD Zenbleed CPU bug
- Various SMP improvements
- Updating the Direct Rendering Manager (DRM) graphics driver support against the upstream Linux 6.1.55 state
- New drivers for supporting various Qualcomm SoC features
- Support for soft RAID disks was improved for the OpenBSD installer
- Enabling of Indirect Branch Tracking (IBT) on x86_64 and Branch Target Identifier (BTI) on ARM64 for capable processors

You can download and view all the new changes via OpenBSD.org.

An anonymous reader shares a Tom's Hardware report: Unfortunately, a default setting in Windows 11 Pro, having its software BitLocker encryption enabled, robs as much as 45 percent of the speed from your SSD as it forces your processor to encrypt and decrypt everything. According to our tests, random writes and reads -- which affect the overall performance of your PC -- get hurt the most, but even large sequential transfers are affected.

While many SSDs come with hardware-based encryption, which does all the processing directly on the drive, Windows 11 Pro force-enables the software version of BitLocker during installation, without providing a clear way to opt out. (You can circumvent this with tools like Rufus, if you want, though that's obviously not an official solution as it allows users to bypass the Microsoft's intent.) If you bought a prebuilt PC with Windows 11 Pro, there's a good chance software BitLocker is enabled on it right now. Windows 11 Home doesn't support BitLocker so you won't have encryption enabled there.

To find out just how much software BitLocker impacts performance, we ran a series of tests with three scenarios: unencrypted (no BitLocker), software BitLocker (the Windows 11 Pro default), and with hardware BitLocker (OPAL) enabled. While the software encryption increased latency and decreased transfer rates, hardware encryption and no encryption at all were basically tied. If you have software BitLocker enabled, you may want to change your settings.

An anonymous reader quotes a report from Krebs on Security: Okta, a company that provides identity tools like multi-factor authentication and single sign-on to thousands of businesses, has suffered a security breach involving a compromise of its customer support unit, KrebsOnSecurity has learned. Okta says the incident affected a "very small number" of customers, however it appears the hackers responsible had access to Okta's support platform for at least two weeks before the company fully contained the intrusion. In an advisory sent to an undisclosed number of customers on Oct. 19, Okta said it "has identified adversarial activity that leveraged access to a stolen credential to access Okta's support case management system. The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases."

Okta explained that when it is troubleshooting issues with customers it will often ask for a recording of a Web browser session (a.k.a. an HTTP Archive or HAR file). These are sensitive files because in this case they include the customer's cookies and session tokens, which intruders can then use to impersonate valid users. "Okta has worked with impacted customers to investigate, and has taken measures to protect our customers, including the revocation of embedded session tokens," their notice continued. "In general, Okta recommends sanitizing all credentials and cookies/session tokens within a HAR file before sharing it."

Okta has published a blog post about this incident that includes some "indicators of compromise" that customers can use to see if they were affected. But the company stressed that "all customers who were impacted by this have been notified. If you're an Okta customer and you have not been contacted with another message or method, there is no impact to your Okta environment or your support tickets." The security firm BeyondTrust is among the Okta customers who was involved in the breach. "BeyondTrust Chief Technology Officer Marc Maiffret said that [Okta's] alert came more than two weeks after his company alerted Okta to a potential problem," reports Krebs. They have also published a blog post detailing their findings.

Redis, the go-to in-memory database used as a cache and system broker, is looking to include disk as part of a tiered storage architecture to reduce costs and broaden the system's appeal. From a report: Speaking to The Register, CEO Rowan Trollope said he hoped the move would help customers lower costs and simplify their architecture. Redis counts Twitter X, Snapchat, and Craigslist among its customers, and it's popular among developers of modern internet-scale applications owing to its ability to create a cache to prevent the main database from overloading. Trollope said the sub-millisecond distributed system gives devs the performance they need, but admitted other systems built for internet scale, such as MongoDB, might offer price advantages. To address this, the company has already created a tiered approach to memory by offering flash support behind its in-memory system.

"We have a half-step between disk and memory. For some specific use cases, in gaming for example, a company might use us for leaderboards and other in-game stats, which they need in real time," he said. However, after an initial flush of the game launch, a large chunk of users would finish the game and their accounts would go dormant until the release of a new episode or some new content, when they might return. Trollope said using flash allowed users to dynamically tier memory. "We can take the lesser-used data that hasn't been touched in a while and shuttle it off to flash where it can sit for a while. When the user comes back eventually, it's very easy for us to seamlessly move it from flash back into memory. And that allows the company to save costs," he said.

A critical vulnerability that hackers have exploited since August, which allows them to bypass multifactor authentication in Citrix networking hardware, has received a patch from the manufacturer. Unfortunately, applying it isn't enough to protect affected systems. ArsTechnica: The vulnerability, tracked as CVE-2023-4966 and carrying a severity rating of 9.8 out of a possible 10, resides in the NetScaler Application Delivery Controller and NetScaler Gateway, which provide load balancing and single sign-on in enterprise networks, respectively. Stemming from a flaw in a currently unknown function, the information-disclosure vulnerability can be exploited so hackers can intercept encrypted communications passing between devices. The vulnerability can be exploited remotely and with no human action required, even when attackers have no system privileges on a vulnerable system.

Citrix released a patch for the vulnerability last week, along with an advisory that provided few details. On Wednesday, researchers from security firm Mandiant said that the vulnerability has been under active exploitation since August, possibly for espionage against professional services, technology, and government organizations. Mandiant warned that patching the vulnerability wasn't sufficient to lock down affected networks because any sessions hijacked before the security update would persist afterward.

Acting on information from Microsoft and Amazon, India's Central Bureau of Investigation (CBI) has raided alleged fake tech support operators and other tech-related crims across the country. From a report: The Bureau shared news of a Thursday operation that saw it conduct 76 searches in relation to five cases. The Bureau stated its effort "was conducted in collaboration with national and international agencies, alongside private sector giants," and described two of its targets as international tech support fraud scams that "impersonated a global IT major and a multinational corporation with an online technology-driven trading platform."

The alleged scammers operated call centers in five regions of India and "systematically preyed on foreign nationals, masquerading as technical support representatives" for at least five years. The scammers sent users pop-up messages that appeared to come from multinational companies and advised of PC problems -- with a toll-free number at which assistance could be had. Victims who called the fakers had their PCs taken over, and were charged hundreds of dollars for a fix.