Recent breaches of MGM's casino systems "were probably carried out by teens and young adults who have allied themselves with one of the world's most notorious ransomware gangs," writes the Washington Post's technology reporter.

Their alliance with the "Scattered Spider" group is described as "part of a trend that has alarmed security experts and defenders of corporate computer networks." The group is said to be "very active in the past two years, targeting large companies via stolen employee credentials and tricks such as convincing tech support employees that they have been accidentally locked out of their computers and need a new password." They moved from cryptocurrency thefts to targeting businesses that provide third-party business functions such as help desks and call center staffing, allowing them to infiltrate networks of many customers. And they extorted Western Digital and other technology firms after stealing internal data before heading for the jackpots in Las Vegas. But their willingness to deploy crippling ransomware while demanding money is a major escalation, as is their choice of a business partner: ALPHV, a hacking group whose affiliates include members of the former Russian powerhouses BlackMatter and DarkSide, the groups responsible for the Colonial Pipeline hack that awoke Washington to the national security risk of ransomware. ALPHV provided the BlackCat ransomware that the young hackers installed in the casinos' systems...

[According to new research presented Friday at the LABScon security conference] they came together through crimes enabled by SIM-swapping, which usually involves convincing phone company employees to hand over control of someone else's phone number. Because of poor security controls around those numbers, such gambits have allowed criminals to amass millions of dollars by beating SMS text-based two-factor authentication on cryptocurrency accounts. The extra money has made alliances possible with criminals who have different skills to bring to the table, including some who had hacked police servers and could send emails from purported officers demanding emergency disclosures of information on phone and internet customers. Worse, the researchers said, they have now attracted recruiters for the Russian gangs who want to combine their business savvy with the techniques and local knowledge of the native English speakers.

Meredith Whittaker, the president of the Signal Foundation, which maintains the nonprofit Signal messaging app, reaffirmed that Signal would leave the U.K. if the country's recently passed Online Safety Bill forced Signal to build "backdoors" into its end-to-end encryption. From a report: "We would leave the U.K. or any jurisdiction if it came down to the choice between backdooring our encryption and betraying the people who count on us for privacy, or leaving," Whittaker said. "And that's never not true." The Online Safety Bill, which was passed into law in September, includes a clause -- clause 122 -- that, depending on how it's interpreted, could allow the U.K.'s communications regulator, Ofcom, to break the encryption of apps and services under the guise of making sure illegal material such as child sexual exploitation and abuse content is removed.

Ofcom could fine companies not in compliance up to $22.28 million, or 10% of their global annual revenue, under the bill -- whichever is greater. Whittaker didn't mince words in airing her fears about the Online Safety Bill's implications. "We're not about political stunts, so we're not going to just pick up our toys and go home to, like, show the bad U.K. they're being mean," she said. "We're really worried about people in the U.K. who would live under a surveillance regime like the one that seems to be teased by the Home Office and others in the U.K."

Esper: Starting in Android 14, it may not be necessary to use a third-party app to turn your smartphone into a webcam for your PC, as that functionality is getting baked into the Android OS itself -- though there's a catch.

When you plug an Android phone into a PC, you have the option to change the USB mode between file transfer/Android Auto (MTP), USB tethering (NCM), MIDI, or PTP. In Android 14, however, a new option can appear in USB Preferences: USB webcam. Selecting this option switches the USB mode to UVC (USB Video Class), provided the device supports it, turning your Android device into a standard USB webcam that other devices will recognize, including Windows, macOS, and Linux PCs, and possibly even other Android devices.

Webcam support in Android 14 is not enabled out of the box, however. In order to enable it, four things are required: a Linux kernel config needs to be enabled, the UVC device needs to be configured, the USB HAL needs to be updated, and a new system app needs to be preloaded.

An anonymous reader shares a report: DuckDuckGo, a privacy-centric search engine founded about 15 years ago, has languished with a small market share as consumers face difficulties switching from Google when the behemoth is the default option on computer screens, the upstart's founder said in an antitrust trial. Founded in 2008, DuckDuckGo currently has about a 2.5% share of the market for search in the US, said CEO Gabriel Weinberg, and conducts about 100 million searches a day globally. In comparison, Google conducts several billion searches daily.

Weinberg said about 30% to 40% of DuckDuckGo's users have a "strong preferenceâ for privacy and that most of the company's users switch over from Google." The company considers Google to be "far and away" its biggest competitor. "Switching is way harder than it needs to be," Chief Executive Officer Gabriel Weinberg said in federal court on Thursday. "There's just too many steps."

At an event today focused on AI and security tools and new Surface devices, Microsoft announced that Windows 11 users will soon be able to take better advantage of passkeys, the digital credentials that can be used as an authentication method for websites and apps. From a report: Once the expanded passkeys support rolls out, Windows 11 users will be able to create a passkey using Windows Hello, Windows' biometric identity and access control feature. They'll then be able to use that passkey to access supported webs or apps using their face, fingerprint or PIN. Windows 11 passkeys can be managed on the devices on which they're stored, or saved to a mobile phone for added convenience.

"For the past several years, we've been committed to working with our industry partners and the FIDO Alliance to further the passwordless future with passkeys," Microsoft wrote in a blog post this morning. "Passkeys are the cross-platform, cross-ecosystem future of accessing websites and applications." Microsoft began rolling out support for passkey management several months ago in the Windows Insider dev channel, but this marks the capability's general availability.

MGM Resorts brought to an end a 10-day computer shutdown prompted by efforts to shield from a cyberattack data including hotel reservations and credit card processing, the casino giant said Wednesday, as analysts and academics measured the effects of the event. From a report: "We are pleased that all of our hotels and casinos are operating normally," the Las Vegas-based company posted on X, the platform formerly known as Twitter. It reported last week that the attack was detected Sept. 10. Rival casino owner Caesars Entertainment also disclosed last week to federal regulators that it was hit by a cyberattack Sept. 7. It said that its casino and online operations were not disrupted but it could not guarantee that personal information about tens of millions of customers, including driver's licenses and Social Security numbers of loyalty rewards members, had not been compromised. Caesars, based in Reno, is widely reported to have paid $15 million of a $30 million ransom sought by a group called Scattered Spider for a promise to secure the data.

Microsoft will release its next big Windows 11 update, 23H2, on September 26th. The update will include the new AI-powered Windows Copilot feature, a redesigned File Explorer, a new Ink Anywhere feature for pen users, big improvements to the Paint app, native RAR and 7-zip file support, a new volume mixer, and much more. From a report: Windows Copilot is the headline feature for the Windows 11 23H2 update, bringing the same Bing Chat feature straight to the Windows 11 desktop. It appears as a sidebar in Windows 11, allowing you to control settings on a PC, launch apps, or simply answer queries. It's integrated all over the operating system, too: Microsoft executives demoed using Copilot to write text messages using data from your calendar, navigation options in Outlook, and more. This is also Microsoft's latest attempt to deliver a digital assistant inside Windows after the company shut down the Cortana app inside Windows 11 last month.

It might be more successful this time, particularly as it's powered by the same technologies behind Bing Chat, so you can ask real questions and get answers (that might not always be accurate) in return. [...] Microsoft is also adding native RAR and 7-zip support to Windows 11 with this update. That means you'll be able to easily open files like tar, 7-zip, rar, gz, and many others using the libarchive open-source project that's now built into Windows 11. Microsoft is also planning to provide support for creating these file formats in 2024.

At the Open Source Summit Europe in Bilbao, Spain, the Linux Foundation this week announced the launch of the Unified Acceleration (UXL) Foundation. The group's mission is to deliver "an open standard accelerator programming model that simplifies development of performant, cross-platform applications." From a report: The foundation's founding members include the likes of Arm, Fujitsu, Google Cloud, Imagination Technologies, Intel, Qualcomm and Samsung. The company most conspicuously missing from this list is Nvidia, which offers its own CUDA programming model for working with its GPUs. At its core, this new foundation is an evolution of the oneAPI initiative, which is also aimed to create a new programming model to make it easier for developers to support a wide range of accelerators, no matter whether they are GPUs, FPGAs or other specialized accelerators. Like with the oneAPI spec, the aim of the new foundation is to ensure that developers can make use of these technologies without having to delve deep into the specifics of the underlying accelerators and the infrastructure they run on.

A sysadmin and his partner pleaded guilty this week to being part of a "massive" international ring that sold software licenses worth $88 million for "significantly below the wholesale price." From a report: Brad and Dusti Pearce admitted one count of conspiracy to commit wire fraud and each face a maximum penalty of 20 years in prison. After agreeing to a plea deal, the Pearces must also forfeit at least $4 million as well as gold, silver, collectible coins, cryptocurrency, and a vehicle, and "make full restitution to their victims," the US Department of Justice said. The pair from Tuttle, Oklahoma -- a city better known for its cattle ranchers and alfafa hay than pirated software -- were alleged to have sold pirated Avaya business telephone system software licenses.

The licenses were then used to unlock features of the popular telephone system, which is used by thousands of companies around the globe. Dusti Pearce was said by prosecutors to have looked after the accounting side of the business, although only the wire fraud charge remains under the plea deal. Brad Pearce had previously worked as a customer service employee at Avaya, and was said to have used his admin privileges to "generate tens of thousands of ADI software license keys" that he sold to his main customer, Jason Hines, as well as "other customers, who in turn sold them to resellers and end users around the globe," said the DoJ.

Researchers have discovered a never-before-seen backdoor for Linux that's being used by a threat actor linked to the Chinese government. From a report: The new backdoor originates from a Windows backdoor named Trochilus, which was first seen in 2015 by researchers from Arbor Networks, now known as Netscout. They said that Trochilus executed and ran only in memory, and the final payload never appeared on disks in most cases. That made the malware difficult to detect. Researchers from NHS Digital in the UK have said Trochilus was developed by APT10, an advanced persistent threat group linked to the Chinese government that also goes by the names Stone Panda and MenuPass.

Other groups eventually used it, and its source code has been available on GitHub for more than six years. Trochilus has been seen being used in campaigns that used a separate piece of malware known as RedLeaves. In June, researchers from security firm Trend Micro found an encrypted binary file on a server known to be used by a group they had been tracking since 2021. By searching VirusTotal for the file name, ââlibmonitor.so.2, the researchers located an executable Linux file named "mkmon." This executable contained credentials that could be used to decrypt the libmonitor.so.2 file and recover its original payload, leading the researchers to conclude that "mkmon" is an installation file that delivered and decrypted libmonitor.so.2.

The Linux malware ported several functions found in Trochilus and combined them with a new Socket Secure (SOCKS) implementation. The Trend Micro researchers eventually named their discovery SprySOCKS, with "spry" denoting its swift behavior and the added SOCKS component. SprySOCKS implements the usual backdoor capabilities, including collecting system information, opening an interactive remote shell for controlling compromised systems, listing network connections, and creating a proxy based on the SOCKS protocol for uploading files and other data between the compromised system and the attacker-controlled command server.

The Department of Homeland Security wants Congress and other federal agencies to help it streamline 52 different cyber reporting requirements to protect critical infrastructure and ease regulatory burdens on hacking victims. On Tuesday, it released a 107-page report that it hopes will serve as a road map to smooth that process. From a report: More than 30 federal agencies and departments, including the Nuclear Regulatory Commission, Comptroller of the Currency and US Secret Service, have met since June 2022 to hammer out how to reduce regulatory overlap as the federal government grapples with the messy state of cyber reporting rules. They are among members of the Cybersecurity Incident Reporting Council, which was set up as part of a new cyber reporting law passed last year and developed the report recommendations.

"Everybody is desperate for some harmonization and standardization here," Robert Silvers, DHS's under secretary for strategy, policy and plans who chairs the council, told Bloomberg News in an interview. "This is a first-of-its-kind effort." Federal agencies know well that cyber reporting requirements have become "too much of a patchwork," Silvers added. There are already 45 existing reporting requirements administered by 22 federal agencies, spanning national and economic security concerns to consumer and privacy protections, according to the report. Seven more requirements are expected, including the reporting law that created the council, and a further five are under consideration, according to the report.

David Heinemeier Hansson, CTO of SaaS project management outfit 37Signals, has posted an update on the cloud repatriation project he's led, writing that it's already saved the company $1 million. The Register: Hansson has previously revealed that his company spent $3.2 million a year on cloud computing, most of it at Amazon Web Services. His repatriation plan called for the company to spend $600,000 on eight meaty servers that each pack 256 virtual CPUs, and have them hosted at an outfit called Deft. That plan was projected to save $7 million over five years. In his Saturday post, Hansson wrote he now thinks he can find $10 million of savings in the same period.

"Our cloud spend is down by 60 percent already... from around $180,000/month to less than $80,000," he wrote, qualifying that the number excludes the cost of Amazon Web Services's Simple Storage Service. "That's a cool million dollars in savings at the yearly run rate, and we have another big drop coming in September, before the remaining spend will petter out through the rest of the year," he added. The CTO revealed that the 37 Signals ops team remains the same size even though it now tends its own hardware, which cost "about half a million dollars."

An anonymous reader quotes a report from CNN: A cyberattack at Clorox is causing wide-scale disruption of the company's operations, hampering its ability to make its cleaning materials, Clorox said Monday. Clorox said some of its products are now in short supply as it has struggled to meet consumer demand during the disruption. Clorox didn't specify which of its products are affected.

The company on Monday revealed in a regulatory filing that it detected unauthorized activity in some of its information technology systems in August. Clorox said it immediately took action to stop the attack, including reducing its operations. It now believes the attack has been contained. Still, Clorox has not been able to get its manufacturing operations back up to full speed. The company said it is fulfilling and processing orders manually. The company doesn't expect to begin the process of returning to normal operations until next week.

"Clorox has already resumed production at the vast majority of its manufacturing sites and expects the ramp up to full production to occur over time," the company said. "At this time, the company cannot estimate how long it will take to resume fully normalized operations." The company said the cyberattack and the delays will hurt its current-quarter financial results materially, although Clorox said determining any longer-term impact would be premature, "given the ongoing recovery."

Google Domains has registered its last domain. From a report: Google announced in July that the service was getting shut down and that it had struck a deal with Squarespace to sell off the existing customer base. Part of that transition process means winding down the existing Google Domains functionality. 9to5Google was the first site to notice that you can no longer buy a domain through the service while it waits for the Google Grim Reaper to arrive. Google Domain's homepage has a notice explaining that this all apparently went down a few days ago, saying, "On September 7, 2023 Squarespace acquired all domain registrations and related customer accounts from Google Domains. Customers and domains will be transitioned over the next few months." You can still manage existing domains on Google Domains, but that's it.

Windows blog: Today we are beginning to roll out an update for the Paint app to Windows Insiders in the Canary and Dev Channels (version 11.2308.18.0 or higher). With this update, we are introducing support for layers and transparency! You can now add, remove, and manage layers on the canvas to create richer and more complex digital art. With layers, you can stack shapes, text, and other image elements on top of each other. To get started, click on the new Layers button in the toolbar, which will open a panel on the side of the canvas. This is where you can add new layers to the canvas. Try changing the order of layers in this panel to see how the order of stacked image elements on the canvas changes. You can also show or hide and duplicate individual layers or merge layers together.

We are adding support for transparency as well, including the ability to open and save transparent PNGs! When working with a single layer, you will notice a checkerboard pattern on the canvas indicating the portions of the image that are transparent. Erasing any content from the canvas now truly erases the content instead of painting the area white. When working with multiple layers, if you erase content on one layer, you will reveal the content in layers underneath.

"Chaos and Concern in Sin City," read this morning's headline on a video report from ABC News about "the massive cyberattack in Las Vegas crippling several hotels and casinos, and putting a damper on getaways for thousands of tourists there." "Today marks a week since that cyberattack hit Las Vegas, and MGM hotels and casinos are still working on getting systems back up and running.. The online reservation site for MGM is still down, ATMs not working, and those playing the slot machines or even video poker having to wait for attendants to pay them out in cash. All of this fiasco leading to long lines at check-in, and now a cyber investigation with the FBI...

Other gaming resorts also having issues. Caesar's entertainment says they too were a victim of a cyberattack, but their online operations were not impacted. Then this weekend at the Venetian, an outage shutting down some slots, but the resort says they're back up, and that at least thankfully was not due to a cyber attack.
They report MGM properties were affected as far away as Atlantic City, New Jersey.

The Wall Street Journal reports that more companies are phasing out "feedback" bosses give to workers — and replacing it with "feedforward."

"The idea is that 'feedforward' gives people less anxiety," the Journal's reporter said in a video interview. "It's a little bit gentler. When people hear 'feedback', they think immediately, 'What have I done wrong? What are the bad things my boss is going to tell me to fix?'" And another reason that we're hearing "feedforward" at these companies over and over is employees are younger. Younger employees make up a larger percentage of the workforce today, and a number of experts with whom we spoke said that younger employees are more comfortable with gentler terms like "feedforward"...

Q: So they're trying to appeal to the younger employees who are sensitive to harsher reviews, feedback or criticism. But do the employees need to learn how to better receive this type of constructive criticism, regardless of what you call it?

A: Some experts say that younger employees do need to be prepared for negative feedback. And just the rebranding or replacing of a word could have a negative effect, and perhaps managers won't be as comfortable providing negative feedback if they're just thinking about this as a way to tell an employee what they've done well...

Certain companies are really revamping their entire review process, trying to make it so that employees and managers are more communicative and really addressing any issues or concerns, so that they can work more productively. In some cases if companies are just rebranding "feedback" with "feedforward" or other terms, people with whom I spoke were concerned that this is just a hollow effort.

And there is a possibility that younger generations won't learn about what they're doing wrong and how to improve... [W]e did speak with an expert who said that baby boomers learned to suck it up and perform. And this trend really is generational.
From the Journal's article: At Microsoft, managers are encouraged to use the word "perspectives" instead of traditional feedback, according to current and former employees. Reviews, meanwhile, have been branded as "connect" conversations. The company also recently stopped including anonymous comments from peers in employee reviews, instead showing the names of the colleagues in question... Jennifer Solomon-Baum, a former Microsoft marketing director who left early this year, says she understands why the company chose to rethink its approach to feedback, which she feels may have made employees more open to giving feedback. On the other hand, she says Microsoft's recent decision to put an end to anonymous peer feedback in reviews completely backfired. In the wake of the change, "we didn't get the richness of constructive criticism," says Solomon-Baum, who is now consulting and leading marketing for a new ballet company in Los Angeles. "It became a praise festival...."

The divide on the issue is partially generational, several HR specialists say... Many younger employees entered the workforce while managers had loosened expectations on productivity and performance, and may have had less stringent grading in college amid remote classes, making the postpandemic adjustment more difficult. "It's the first time that they have not just gotten professional feedback, but it might be the first time in quite a while that somebody said, 'You know, this isn't good enough,'" says Megan Gerhardt, a management professor at Miami University and the author of a book on leading intergenerational workforces.
"I refuse to believe this is true," writes Apple blogger John Gruber, "and if it is true, my feedback is that any company that encounters an employee who bristles at the word feedback should fire them on the spot."

In 1811 working men felt threatened by the arrival of wooden, water-powered looms. And yet "The Luddite rebellion came at a time when the working class was beset by a confluence of crises that today seem all too familiar..." writes Los Angeles Times technology columnist Brian Merchant. In an upcoming book called Blood in the Machine, he writes that "amid it all, entrepreneurs and industrialists pushing for new, dubiously legal, highly automated and laborâsaving modes of production."

Fast Company has an excerpt from the book asking whether history is now repeating itself. Its headline? "A new tech rebellion is taking shape. What we can learn from the Luddites." The reason that there are so many similarities between today and the time of the Luddites is that little has fundamentally changed about our attitudes toward entrepreneurs and innovation, how our economies are organized, or the means through which technologies are introduced into our lives and societies. A constant tension exists between employers with access to productive technologies, and the workers at their whims...

The biggest reason that the last two hundred years have seen a series of conflicts between the employers who deploy technology and workers forced to navigate that technology is that we are still subject to what is, ultimately, a profoundly undemocratic means of developing, introducing, and integrating technology into society. Individual entrepreneurs and large corporations and nextâwave Frankensteins are allowed, even encouraged, to dictate the terms of that deployment, with the profit motive as their guide. Venture capital may be the radical apotheosis of this mode of technological development, capable as it is of funneling enormous sums of money into tech companies that can decide how they would like to build and unleash the products and services that shape society.

Take the rise of generative AI...
Among other things, the author argues that the unending writer's strike in Hollywood illustrates "the hunger that executives have for automating even creative work, and the lengths to which their workers will go to have some say in that disruption."

And they ultimately conclude that in the end the "disrupted lives" will include more than gig workers...

Thanks to Slashdot reader tedlistens for sharing the article.

Apple has agreed to install updates for the iPhone 12 in France after French regulators ordered the company to stop selling the model because it emits electromagnetic radiation levels that exceed European Union standards. From a report: The company, which just unveiled its newest generation of iPhones, insists the 12 model is safe and the phones have been certified in countries around the world since its introduction in 2020. It says the problem raised by the French government agency that manages wireless communications frequencies is "related to a specific testing protocol."

The French agency said the iPhone 12 recently failed one of two types of tests for electromagnetic waves capable of being absorbed by the body. On Tuesday, France's government ordered a halt to sales of the iPhone 12 and told Apple to issue a software update to address the problem or face a recall. Apple said in a statement Friday that it "will issue a software update for users in France to accommodate the protocol used by French regulators." It did not elaborate.

Among the hotel patrons snarled in the fallout of MGM Resorts' cyberattack was -- unfortunately for the company -- one very high-profile figure: Lina Khan, the chair of the US Federal Trade Commission. Bloomberg News: On Tuesday night, she was among the 45 people waiting to check in at the MGM Grand along the Las Vegas strip as staff worked to manually fulfill everyone's reservation, according to people familiar with the matter. When Khan and her staff got to the front of the line, an employee at the desk asked them to write down their credit card information on a piece of paper.

As the leader of the federal agency that, among other things, ensures companies protect consumer data wrote down her details, Khan asked the worker: How exactly was MGM managing the data security around this situation? The desk agent shrugged and said he didn't know, according to a senior aide who was traveling with Khan and described the experience to Bloomberg as surreal. Khan was among the thousands of MGM hotel patrons inconvenienced in the aftermath of the hack, which was said to be orchestrated by a group of hackers known as Scattered Spider. Days after the incident, many of the company's websites -- including its reservation system -- were still displaying error messages, some slot machines at its casinos across the country are still out of service and employees were handling processes manually.