Investigations triggered by the cracking of encrypted phones three years ago have so far led to more than 6,500 arrests worldwide and the seizure of hundreds of tons of drugs, French, Dutch and European Union prosecutors said Tuesday. From a report: The announcement underscored the staggering scale of criminality -- mainly drugs and arms smuggling and money laundering -- that was uncovered as a result of police and prosecutors effectively listening in to criminals using encrypted EncroChat phones. "It helped to prevent violent attacks, attempted murders, corruption and large-scale drug transports, as well as obtain large-scale information on organised crime," European Union police and judicial cooperation agencies Europol and Eurojust said in a statement.

The French and Dutch investigation gained access to more than 115 million encrypted communications between some 60,000 criminals via servers in the northern French town of Roubaix, prosecutors said at a news conference in the nearby city of Lille. As a result, 6,558 suspects have been arrested worldwide, including 197 "high-value targets." Seized drugs included 30.5 million pills, 103.5 metric tons (114 tons) of cocaine, 163.4 metric tons (180 tons) of cannabis and 3.3 metric tons (3.6 tons) of heroin. The investigations also led to nearly 740 million euros ($809 million) in cash being recovered and assets or bank accounts worth another 154 million euros ($168 million) frozen.

"Smartwatches are being sent to random military members loaded with malware, much like malware distribution via USB drives in the past," writes longtime Slashdot reader frdmfghtr. "Recipients are advised not to turn them on and report the incident to their local security office." Defense News reports: The Department of the Army Criminal Investigation Division, or CID, in an announcement last week warned the watches may contain malware, potentially granting whoever sent the peripherals "access to saved data to include banking information, contacts, and account information such as usernames and passwords."

A more innocuous tactic may also be to blame: so-called brushing, used in e-commerce to boost a seller's ratings through fake orders and reviews. The CID, an independent federal law enforcement agency consisting of thousands of personnel, did not say exactly how many smartwatches were so far distributed.

An anonymous reader quotes a report from Gizmodo: One of the cybercriminals behind 2020's major Twitter hack was sentenced to five years in U.S. federal prison on Friday. Joseph O'Connor (AKA "PlugwalkJoe"), a 24-year-old British citizen, previously pleaded guilty to seven charges associated with the digital attack. He was arrested in Spain in 2021 and extradited to the U.S. in April of this year. In addition to the five years of jail time, O'Connor was also sentenced to three additional years under supervised release and ordered to pay back more than $790,000 in illicitly obtained funds, according to a news release from the U.S. Attorney's Office of the Southern District of New York. Previously, Graham Ivan Clark, another one of the hackers involved who was 17 at the time of the attack, pleaded guilty to related charges and was sentenced to three years in prison.

With all charges combined, O'Connor faced a maximum of 77 years in prison, per a Reuters report, while prosecutors called for a seven-year sentence. Ultimately, he will likely only serve about half of his five years, after having already spent nearly 2.5 years in pre-trial custody, Judge Jed S. Rakoff said during the Friday hearing, according to TechCrunch. Along with his fellow hackers, O'Connor "used his sophisticated technological abilities for malicious purposes -- conducting a complex SIM swap attack to steal large amounts of cryptocurrency, hacking Twitter, conducting computer intrusions to take over social media accounts, and even cyberstalking two victims, including a minor victim," according to a previous statement given by prosecuting U.S. Attorney Damian Williams. [...]

An investigation by the New York State Department of Financial Services determined that the breach was made possible because Twitter "lacked adequate cybersecurity protections," according to an October 2020 report. O'Connor and co were able to gain access to the social platform's internal systems through a simple scheme of calling Twitter employees posing as the company IT department. They were able to trick four Twitter workers into providing their login credentials. The FBI launched its own investigation, which found that O'Connor and his co-conspirators had managed to transfer account ownership to unauthorized users -- sometimes themselves, and sometimes to others willing to pay for the accounts. O'Connor himself paid $10,000 to take over one specific, unnamed account, according to a Department of Justice press statement from May. In addition to the Twitter hack, O'Connor also pleaded guilty to stealing nearly $800,000 from a crypto company by SIM swapping at least three executives' phone numbers. He further admitted to blackmailing an unnamed public figure via Snapchat and swatting a 16-year-old girl.

Australia's prime minister, Anthony Albanese, has told residents they should turn their smartphones off and on again once a day as a cybersecurity measure -- and tech experts agree. From a report: Albanese said the country needed to be proactive to thwart cyber risks, as he announced the appointment of Australia's inaugural national cybersecurity coordinator. "We need to mobilise the private sector, we need to mobilise, as well, consumers," the prime minister said on Friday. "We all have a responsibility. Simple things, turn your phone off every night for five minutes. For people watching this, do that every 24 hours, do it while you're brushing your teeth or whatever you're doing." The Australian government's advice is not new. In 2020, the United State's National Security Agency issued best-practice guidelines for mobile device security, which included rebooting smartphones once a week to prevent hacking.

An anonymous reader shared this report from the Washington Post: Working from home appears to be here to stay, especially for women and college-educated workers, according to economic data released Thursday that revealed how Americans spent their time in 2022. The data, from the American Time Use Survey (ATUS), suggests that the pandemic changes that upended the workplace, family life and social interactions continue to have a lasting effect on life in the United States.

Many white-collar workers who hunkered down at home during pandemic shutdowns have returned to the office, but extraordinarily high numbers have not. For many, remote work appears to be a new normal... Working from home "is a permanent shift," said Julia Pollak, chief economist at ZipRecruiter. "We're now seeing many companies start as remote-first companies." The new data is a "continuation of what we've been seeing" in the American workforce, she said...

The annual survey by the Bureau of Labor Statistics and the Census Bureau asks thousands of Americans how they spent the past 24 hours of their lives across different categories of activities. Results from 2019 through 2021 showed that the pandemic dramatically shifted how much time people spend working at home. The new data suggests those changes persisted through 2022, even as much of life returned to normal as more people got vaccinated and boosted against the coronavirus, and case counts fell...

There is a clear benefit to remote work for employees, Pollak said. Working from home saves time and money on commuting, and many employees want the flexibility to work from anywhere, to better support their parents or children. She said remote work also is "part of the reason for this huge spike in new business formation. It has lowered the barriers to starting a business."
The 2022 figures show 34% of workers over the age of 15 still said they were working at home — and 54% of workers with a workers with a bachelor's degree or higher. (Meanwhile, workers without a high school diploma "were even less likely to work from home in 2022 than they were before the pandemic.")

The Post also reports another interesting finding in the data. "Americans ages 20 to 24 are the only group that spent more time socializing than before the pandemic. Teenagers, and adults ages 55 to 64, reported an overall decline in time spent socializing since before the pandemic."

On Thursday San Francisco's mayor London Breed "proposed remaking the city's struggling downtown by tearing down abandoned retail space..." reports CNN, "and building new structures to reshape the struggling city..." Breed's comments come as San Francisco faces empty offices, a cratering commercial real estate market, and an exodus of retailers from its once-bustling downtown area, especially as pandemic work-from-home policies saw many residents leaving for less expensive parts of the country... Breed argued that an overall shift to online shopping post-pandemic has contributed to declining foot traffic in the area.

"You can convert certain spaces. A Westfield Mall could become something completely different than what it currently is," she said. "We can even tear down the whole building and build a whole new soccer stadium. We can create lab space or look at it as another company in some other capacity," she added...

Many tech companies in the city were quick to switch to remote work or flexible hybrid policies over the last few years, resulting in many workers filtering out of the city. Office vacancies in San Francisco have reached a 30-year high, negatively impacting the city's commercial real estate market and local retailers and restaurants, which have experienced declining sales and foot traffic. "Would I like for everyone to come back to the office five days a week? Of course, I would. But is that going to happen? Probably not. So, let's make some adjustments to do everything we can to reimagine what parts of San Francisco can be," Breed said.

In August, white-hat hackers at the DEFCON hacker convention will compete to try and breach the computer systems on a satellite in orbit. It took four years, but "this year, we are in space for real," said Steve Colenzo, Technology Transfer Lead for the Air Force Research Laboratory's Information Directorate in Rome, New York, and one of the contest organizers. From a report: Hack-A-Sat 4, taking place live at DEFCON Aug. 10-13 in Las Vegas, will be the first-ever hacking contest staged on a vehicle in orbit. In previous years, the contests used genuine working satellite hardware, but running safely on the ground. [...] Hack-A-Sat 4 is an attack/defend contest in which teams compete to hack each other's systems while defending their own. It is being staged by the Air Force Research Laboratory and the U.S. Space Force. More than 380 teams signed up for the qualification round in April, and the eight top-scoring ones, which include contestants from Australia, Germany, Italy and Poland, as well as the U.S., will participate in the finals at DEFCON.

"We always knew our objective was to do this in space," Colenzo said. But when, back in 2020, organizers asked satellite operators if they could stage a hacking contest on their space assets, "The answer, and there was really no hesitation, the answer was always no." Hack-A-Sat organizers realized that, if they wanted to reach their objective of staging such a contest in space, they would have to launch their own satellite, Colenzo said. The Moonlighter satellite was launched on a SpaceX rideshare rocket to the International Space Station June 5 by the U.S. government-backed non-profit The Aerospace Corporation. It's a foot-long toaster-sized cubesat satellite with extendable solar panels.

If all goes according to plan, Moonlighter will be deployed into orbit early in July, Project leader Aaron Myrick told Newsweek. Moonlighter is designed to be hacked, he said, and there are numerous safety measures in place. "The first thing that we said was that propulsion was off the table," Moonlighter can't change its own orbit, which might make it a hazard to other satellites. And its ground controllers have the ability to reboot the system, kicking out any intruders and restoring their control.

Cyberattacks on US hospitals are on the rise, adding a layer of financial pressure onto an industry still struggling to recover from the pandemic. From a report: Health facilities have been hit with 226 digital incursions affecting 36 million people this year, on track to be more widespread than 2022 attacks, according to John Riggi, the national advisor for cybersecurity and risk at the American Hospital Association. Cyber raids on hospitals more than tripled in the past five years and have become more sophisticated, just when hospitals are coping with higher costs for labor and supplies and grappling with staff shortages. The industry in 2022 had what Moody's Investors Service analyst Matthew Cahill called "arguably the worst year in health-care history" for financial performance. "There's really no wiggle room for hospitals to deal with this," Cahill said in an interview. He said cyber risk has contributed to downgrades, including one at Missouri's Capital Region Medical Center last year following a breach.

Health-care facilities are attractive targets for cybercriminals because they hold ample personal data on patients, Matt Fabian and Lisa Washburn of Municipal Market Analytics wrote in a research note. Staffing shortages and wide use of third-party technology make the sector particularly vulnerable. The problem is particularly dire at smaller and rural hospitals, which have more financial distress and tend to use older technology. In an April note, Moody's cited an IBM survey that showed hospitals for 12 years have had the highest average cyberattack cost per industry, with $10.1 million in 2022. The AHA's Riggi said that while most hospitals have insurance, the cost to recover from attacks could be up to 10 times what insurance pays out.

An anonymous reader quotes a report from KrebsOnSecurity: The United Parcel Service (UPS) says fraudsters have been harvesting phone numbers and other information from its online shipment tracking tool in Canada to send highly targeted SMS phishing (a.k.a. "smishing") messages that spoofed UPS and other top brands. The missives addressed recipients by name, included details about recent orders, and warned that those orders wouldn't be shipped unless the customer paid an added delivery fee. In a snail mail letter sent this month to Canadian customers, UPS Canada Ltd. said it is aware that some package recipients have received fraudulent text messages demanding payment before a package can be delivered, and that it has been working with partners in its delivery chain to try to understand how the fraud was occurring.

"During that review, UPS discovered a method by which a person who searched for a particular package or misused a package look-up tool could obtain more information about the delivery, potentially including a recipient's phone number," the letter reads. "Because this information could be misused by third parties, including potentially in a smishing scheme, UPS has taken steps to limit access to that information." The written notice goes on to say UPS believes the data exposure "affected packages for a small group of shippers and some of their customers from February 1, 2022 to April 24, 2023." [...]

In a statement provided to KrebsOnSecurity, Sandy Springs, Ga. based UPS [NYSE:UPS] said the company has been working with partners in the delivery chain to understand how that fraud was being perpetrated, as well as with law enforcement and third-party experts to identify the cause of this scheme and to put a stop to it. "Law enforcement has indicated that there has been an increase in smishing impacting a number of shippers and many different industries," reads an email from Brian Hughes, director of financial and strategy communications at UPS. "Out of an abundance of caution, UPS is sending privacy incident notification letters to individuals in Canada whose information may have been impacted," Hughes said. "We encourage our customers and general consumers to learn about the ways they can stay protected against attempts like this by visiting the UPS Fight Fraud website."

Privacy-focused firm DuckDuckGo has released a public beta of its browser for Windows, offering more default privacy protections and an assortment of Duck-made browsing tools. From a report: Like its Mac browser, DuckDuckGo (DDG) uses "the underlying operating system rendering API" rather than its own forked browser code. That's "a Windows WebView2 call that utilizes the Blink rendering engine underneath," according to DuckDuckGo's blog post. Fittingly, the browser reports itself as Microsoft Edge at most header-scanning sites. Inside the DuckDuckGo browser, you'll find:

1. Duck Player, which shows (most) YouTube videos "without privacy-invading ads" and doesn't feed your recommendations
2. Tracker blocking that DDG cites as "above and beyond" other browsers, including third-party tracker loading
3. Enforced encryption
4. The "fire button" that instantly closes all tabs and clears website data
5. Cookie pop-up management, automatically selecting a private option and hiding "I accept" pop-ups
6. Email protection, making it easier to use an auto-forwarding duck.com address on web forms

SUSE's latest release of SUSE Linux Enterprise 15 Service Pack 5 (SLE 15 SP5) has a focus on security, claiming it as the first distro to offer full support for confidential computing to protect data. From a report: According to SUSE, the latest version of its enterprise platform is designed to deliver high-performance computing capabilities, with an inevitable mention of AI/ML workloads, plus it claims to have extended its live-patching capabilities. The release also comes just weeks after the community release openSUSE Leap 15.5 was made available, with the two sharing a common core. The Reg's resident open source guru noted that Leap 15.6 has now been confirmed as under development, which implies that a future SLE 15 SP6 should also be in the pipeline.

SUSE announced the latest version at its SUSECON event in Munich, along with a new report on cloud security issues claiming that more than 88 percent of IT teams have reported at least one cloud security incident over the the past year. This appears to be the justification for the claim that SLE 15 SP5 is the first Linux distro to support "the entire spectrum" of confidential computing, allowing customers to run fully encrypted virtual machines on their infrastructure to protect applications and their associated data. Confidential computing relies on hardware-based security mechanisms in the processor to provide this protection, so enterprises hoping to take advantage of this will need to ensure their servers have the necessary support, such as AMD's Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP) and Intel's Trust Domain Extensions (TDX).

An anonymous reader shares a report: A handful of subreddits have classified themselves as not safe for work (NSFW) to protest Reddit's recent treatment of the platform's volunteer moderators, and as a result, some non-porn communities are starting to get a lot of porn. More than 8,000 subreddits went dark last week in protest of the company's API pricing changes that are set to shut down popular third-party apps. But as the protests went on, Reddit started to push back. In an interview with The Verge, CEO Steve Huffman said that, while the platform allows the protests, "the users are not in support of it now. It's like a protest in a city that goes on too long, and the rest of the citizens of the city would like to go about their lives."

In an interview with NBC News, Huffman characterized moderators as "landed gentry." And some mods have felt threatened by messages sent to them by the company. Thousands of subreddits have reopened; one tracker indicates only about 3,300 remain private or restricted. But switching to NSFW creates a new level of friction in reopened communities.

You can now forgo entering your password on icloud.com and apple.com domains thanks to newly added passkey support. From a report: When running iOS 17 on an iPhone, any Apple site on the web can rely instead on Face ID or Touch ID to authenticate your login. As part of iOS 17, iPadOS 17, and macOS Sonoma, your Apple ID is automatically assigned a passkey that can be used for iCloud and Apple sites. If you're running iOS 17 on your iPhone, you can try it out now. Just go to any sign-in page with an apple.com or icloud.com domain, like appleid.apple.com or www.apple.com/shop/bag, and look for the Sign in with iPhone button after your enter your Apple ID email address. We've tried this from Safari on the Mac, although you can use passkeys on non-Apple devices as well. Once you select Sign in with iPhone, a QR code is presented that you scan with your iPhone. If you scan the QR code from the Camera app, you can tap the yellow link box to invoke Face ID or Touch ID to authenticate your identity on the web without ever entering your password.

Apple today announced that its self-service repair program will be expanding to the iPhone 14 lineup, 13-inch MacBook Air with the M2 chip, and 14-inch and 16-inch MacBook Pro models with M2 Pro and M2 Max chips starting June 21. From a report: First launched in April 2022, Apple's program provides customers with access to parts, manuals, and tools to repair select devices. Apple says the program is designed for anyone with "experience repairing electronic devices," but says the "vast majority" of customers are better off visiting an Apple Store or Apple Authorized Service Provider. Apple also announced that customers can now complete the post-repair System Configuration process by placing the device into Diagnostics Mode and following the on-screen prompts. Users no longer need to contact the program's support team to complete this step, which verifies that the parts are genuine and working properly.

ASUS has released new firmware for several router models to address security vulnerabilities, including critical ones like CVE-2022-26376 and CVE-2018-1160, which can lead to denial-of-service attacks and code execution. The company advises customers to update their devices immediately or restrict WAN access until the devices are secured, urging them to create strong passwords and follow security measures. BleepingComputer reports: The first is a critical memory corruption weakness in the Asuswrt firmware for Asus routers that could let attackers trigger denial-of-services states or gain code execution. The other critical patch is for an almost five-year-old CVE-2018-1160 bug caused by an out-of-bounds write Netatalk weakness that can also be exploited to gain arbitrary code execution on unpatched devices.

"Please note, if you choose not to install this new firmware version, we strongly recommend disabling services accessible from the WAN side to avoid potential unwanted intrusions. These services include remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port trigger," ASUS warned in a security advisory published today. "We strongly encourage you to periodically audit both your equipment and your security procedures, as this will ensure that you will be better protected."

The list of impacted devices includes the following models: GT6, GT-AXE16000, GT-AX11000 PRO, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT-AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, TUF-AX6000, and TUF-AX5400.

An anonymous reader shares a report: In early June, sporadic but serious service disruptions plagued Microsoft's flagship office suite -- including the Outlook email and OneDrive file-sharing apps -- and cloud computing platform. A shadowy hacktivist group claimed responsibility, saying it flooded the sites with junk traffic in distributed denial-of-service attacks. Initially reticent to name the cause, Microsoft has now disclosed that DDoS attacks by the murky upstart were indeed to blame.

But the software giant has offered few details -- and did not immediately comment on how many customers were affected and whether the impact was global. A spokeswoman confirmed that the group that calls itself Anonymous Sudan was behind the attacks. It claimed responsibility on its Telegram social media channel at the time. Some security researchers believe the group to be Russian. Microsoft's explanation in a blog post Friday evening followed a request by The Associated Press two days earlier. Slim on details, the post said the attacks "temporarily impacted availability" of some services. It said the attackers were focused on "disruption and publicity" and likely used rented cloud infrastructure and virtual private networks to bombard Microsoft servers from so-called botnets of zombie computers around the globe.

Hackers are threatening to release confidential data stolen from Reddit unless the company pays a ransom demand -- and reverses its controversial API price hikes. From a report: In a post on its dark web leak site, the BlackCat ransomware gang, also known as ALPHV, claims to have stolen 80 gigabytes of compressed data from Reddit during a February breach of the company's systems. Reddit spokesperson Gina Antonini declined to answer TechCrunch's questions but confirmed that BlackCat's claims relate to a cyber incident confirmed by Reddit on February 9.

At the time, Reddit CTO Christopher Slowe, or KeyserSosa, said that hackers had accessed employee information and internal documents during a "highly-targeted" phishing attack. Slowe added that the company had "no evidence" that personal user data, such as passwords and accounts, had been stolen. Reddit didn't share any further details about the attack or who was behind it. However, BlackCat over the weekend claimed responsibility for the February intrusion and threatened to leak "confidential" data stolen during the breach. It's unclear exactly what types of data the hackers have stolen, and BlackCat hasn't shared any evidence of data theft.

In the heart of Silicon Valley, the city of Mountain View, California "just approved its biggest development ever," reports SFGate, "and it's for exactly the company you'd expect." Google got the go-ahead to build a 153-acre mixed-use neighborhood just south of its headquarters in north Mountain View on June 13, with unanimous city council approval.

Plans for the 30-year project, which will supplant the Google offices and parking lots currently in the area, include over 3 million square feet of office space and 7,000 residential units... Originally, the developers planned to dedicate 20% of the new housing to affordable units, but the approved plan sets aside only 15% for lower- and middle-income housing. Google lowered the target to make the project viable in an uncertain economic climate, a spokesperson told SFGATE. This past January, the firm laid off 12,000 workers.

The new development sounds an awful lot like the "company towns" of 1900-era American settlement — firms ran all the stores and housing for their workers — but a Google spokesperson said the new project's restaurants, housing and services would serve the broader Mountain View community. Along with the housing and Google office space, the plans include 26 acres of public parks and open space, up to 288,990 square feet of ground-floor commercial space, land for a school, new streets and a private utility system. The developers have 30 years to complete the project, as long as Google and Lendlease hit permit benchmarks and complete other terms within the first 15.

An anonymous reader shared this report from the nonprofit journalism site, the San Francisco Standard: The San Francisco Board of Supervisors on Tuesday approved legislation that aims to shore up the city's beleaguered Downtown by filling empty storefronts and expediting the conversion of underused office buildings into housing. The bill is a major component of Mayor London Breed's recovery agenda. Co-sponsored by Board President Aaron Peskin, it amends the city's planning code to expand residential uses and Downtown office conversions. It also streamlines the review of certain projects, among other changes...

Even with speedier project approvals, converting San Francisco office buildings to housing remains a costly endeavor; few developers have explored the option to date. At an April 3 hearing of the board's Land Use Committee, lawmakers outlined the need for multiple reforms to make conversions economically feasible; Supervisor Dean Preston voiced concerns that even those reforms would not accommodate low-income housing. Many say San Francisco's Downtown is currently caught in a "doom loop" driven by economic knock-on effects of the pandemic, including an office vacancy rate approaching 30% and trophy office towers changing hands at deep discounts...

The bill passed Tuesday is one of several legislative efforts to aid Downtown and the city's overall economy. Initiatives have included legislation to delay tax increases for retail, food service and other businesses hit hard by the pandemic, an "Office Attraction Tax Credit" for new companies opening in the city and a program called "Vacant to Vibrant," which provides grants to businesses which open "pop-up" shops and art spaces in Downtown's empty storefronts.

The Washington Post reports that "Since the pandemic, employers — particularly in major cities — have been struggling to get their workers to return to the office, while others have given up and allowed workers to go fully remote.

"That trend is finally starting to catch up with the owners of office buildings in the form of rising vacancy rates and declining property values." Earlier this month, real estate data provider Trepp reported that an estimated $270 billion in commercial bank loans are coming due in 2023 — and warned of the potential for defaults. Office delinquencies spiked in May, signaling a "tipping point," according to Manus Clancy, senior managing director at Trepp. Asked about commercial real estate concerns in a television appearance on Wednesday, [U.S.] Treasury Secretary Janet L. Yellen said she thinks banks are "broadly preparing for some restructuring and difficulties going ahead...."

"If office and retail owners are having trouble generating rental income because people just aren't going into the office and shopping, then it increases the odds that they aren't going to be able to pay back those loans in timely way," said Mark Zandi, chief economist for Moody's Analytics. "That means losses will start to mount on those loans. And because the banking and financial system more broadly is already struggling with lots of other problems ... there's going to be more banking failures." Despite the public debate over return-to-office mandates at major companies, experts say office occupancy will never return to the levels experienced before 2020. In February, workplace data company Kastle Systems estimated that half of workers in the United States had returned, but that figure has stagnated since...

Still, many experts say the worst can still be avoided. The issues have been known for a while, giving lenders plenty of time to consider what to do. Banks can always renegotiate the terms of their loans to landlords... Although cities themselves could be in trouble because of property taxes and budget shortfalls, the financial system as a whole is more protected, said Brookings Institution fellow Tracy Hadden Loh, who researches real estate and cities. "It's in no one's interest to have them all fall into foreclosure at once, because that could destabilize the banking system," she said. "So banks will take what they can get in terms of payment and work through this."