Three Iranian nationals charged with hacking into US-based computer networks sent ransom demands to the printers of at least some of their victims, according to an indictment unsealed today. The ransom demands allegedly sought payments in exchange for BitLocker decryption keys that the victims could use to regain access to their data. The three defendants remain at large and outside the US, the DOJ said. From a report: "The defendants' hacking campaign exploited known vulnerabilities in commonly used network devices and software applications to gain access and exfiltrate data and information from victims' computer systems," the US Department of Justice said in a press release. Defendants Mansour Ahmadi, Ahmad Khatibi, Amir Hossein Nickaein, "and others also conducted encryption attacks against victims' computer systems, denying victims access to their systems and data unless a ransom payment was made." The indictment in US District Court for the District of New Jersey describes a few incidents in which ransom demands were sent to printers on hacked networks. In one case, a printed message sent to an accounting firm allegedly said, "We will sell your data if you decide not to pay or try to recover them." In another incident, the indictment said a Pennsylvania-based domestic violence shelter hacked in December 2021 received a message on its printers that said, "Hi. Do not take any action for recovery. Your files may be corrupted and not recoverable. Just contact us."

TikTok repeatedly declined to commit to US lawmakers on Wednesday that the short-form video app will cut off flows of US user data to China, instead promising that the outcome of its negotiations with the US government "will satisfy all national security concerns." From a report: Testifying before the Senate Homeland Security Committee, TikTok Chief Operating Officer Vanessa Pappas first sparred with Sen. Rob Portman over details of TikTok's corporate structure before being confronted -- twice -- with a specific request. "Will TikTok commit to cutting off all data and data flows to China, China-based TikTok employees, ByteDance employees, or any other party in China that might have the capability to access information on US users?" Portman asked.

The question reflects bipartisan concerns in Washington about the possibility that US user data could find its way to the Chinese government and be used to undermine US interests, thanks to a national security law in that country that compels companies located there to cooperate with data requests. US officials have expressed fears that China could use Americans' personal information to identify useful potential agents or intelligence targets, or to inform future mis- or disinformation campaigns. TikTok does not operate in China, Pappas said, though it does have an office in China. TikTok is owned by ByteDance, whose founder is Chinese and has offices in China. [...] Pappas affirmed in Wednesday's hearing that the company has said, on record, that its Chinese employees do have access to US user data. She also reiterated that TikTok has said it would "under no circumstances ... give that data to China" and denied that TikTok is in any way influenced by China. However, she avoided saying whether ByteDance would keep US user data from the Chinese government or whether ByteDance may be influenced by China.

Craig Wright told a Norwegian court on Wednesday that he "stomped on the hard drive" that contained the "key slices" required to grant him access to Satoshi Nakamoto's private keys, making it "incredibly difficult" to cryptographically prove he is the creator of Bitcoin -- a title he has claimed but failed to prove since 2016. From a report: Wright's inability to back up his claims with acceptable evidence is the issue at the center of his trial in Norway, one of two simultaneous legal battles between Wright and crypto Twitter personality Hodlonaut (real name Magnus Granath) over a series of tweets Hodlonaut -- then, a public school teacher with roughly 8,000 Twitter followers -- wrote in March 2019, deeming Wright a pretender and calling him a "scammer" and a "fraud."

Wright previously attempted to prove he was Satoshi in 2016 by demonstrating "proof" that he controlled Satoshi's private keys -- first, in private "signing sessions" with Bitcoin developer Gavin Andresen and former Bitcoin Foundation Director Jon Matonis (Andresen later said he'd been "bamboozled" by Wright and Matonis went on to work for a company owned by Wright), and later, in a public blog post offering "proof" that was thoroughly debunked by several well-known cryptography experts. In Norway, however, Wright is no longer attempting to convince the court he is Satoshi with cryptographic evidence -- partly because he claims to have intentionally destroyed his only proof shortly after attempting suicide in May 2016, following his signing session with Andresen, and partly because he now claims cryptographic proof is inconclusive and that "identity is not related to keys."

An anonymous reader quotes a report from The Register: About 40 percent of industry professionals say their organizations have reduced their usage of open source software due to concerns about security, according to a survey conducted by data science firm Anaconda. The company's 2022 State of Data Science report solicited opinions in April and May from 3,493 individuals from 133 countries and regions, targeting academics, industry professionals, and students. About 16 percent of respondents identified as data scientists. About 33 percent of surveyed industry professionals said they had not scaled back on open source, 7 percent said they had increased usage, and 20 percent said they weren't sure. The remaining 40 percent said they had.

By industry professionals, or commercial respondents as Anaconda puts it, the biz means a data-science-leaning mix of business analysts, product managers, data and machine-learning scientists and engineers, standard IT folks such as systems administrators, and others in technology, finance, consulting, healthcare, and so on. And by scale back, that doesn't mean stop: 87 percent of commercial respondents said their organization still allowed the use of open source. It appears a good number of them, though, are seeking to reducing the risk from relying on too many open source dependencies.

Anaconda's report found that incidents like Log4j and reports of "protestware" prompted users of open source software to take security concerns more seriously. Of the 40 percent who scaled back usage of open source, more than half did so after the Log4j fiasco. Some 31 percent of respondents said security vulnerabilities represent the biggest challenge in the open source community today. Most organizations use open source software, according to Anaconda. But among the 8 percent of respondents indicating that they don't, more than half (54 percent, up 13 percent since last year) cited security risks as the reason. Other reasons for not using open source software include: lack of understanding (38 percent); lack of confidence in organizational IT governance (29 percent); "open-source software is deemed insecure, so it's not allowed" (28 percent); and not wanting to disrupt current projects (26 percent).

An anonymous reader quotes a report from Ars Technica: FishPig, a UK-based maker of e-commerce software used by as many as 200,000 websites, is urging customers to reinstall or update all existing program extensions after discovering a security breach of its distribution server that allowed criminals to surreptitiously backdoor customer systems. The unknown threat actors used their control of FishPig's systems to carry out a supply chain attack that infected customer systems using FishPig's fee-based Magento 2 modules with Rekoobe, a sophisticated backdoor discovered in June. Rekoobe masquerades as a benign SMTP server and can be activated by covert commands related to handling the startTLS command from an attacker over the Internet. Once activated, Rekoobe provides a reverse shell that allows the threat actor to remotely issue commands to the infected server.

"We are still investigating how the attacker accessed our systems and are not currently sure whether it was via a server exploit or an application exploit," Ben Tideswell, the lead developer at FishPig, wrote in an email. "As for the attack itself, we are quite used to seeing automated exploits of applications and perhaps that is how the attackers initially gained access to our system. Once inside though, they must have taken a manual approach to select where and how to place their exploit."

FishPig is a seller of Magento-WordPress integrations. Magento is an open source e-commerce platform used for developing online marketplaces. The supply-chain attack only affects paid Magento 2 modules. Tideswell said the last software commit made to its servers that didn't include the malicious code was made on August 6, making that the earliest possible date the breach likely occurred. Sansec, the security firm that discovered the breach and first reported it, said the intrusion began on or before August 19. Tideswell said FishPig has already "sent emails to everyone who has downloaded anything from FishPig.co.uk in the last 12 weeks alerting them to what's happened." Tideswell declined to say how many active installations of its paid software there are. This post indicates that the software has received more than 200,000 downloads, but the number of paid customers is smaller. In a disclosure published after the Sansec advisory, FishPig describes how the intruders pulled off the intrusion and remained hidden for so long.

Security analysts have found a severe security vulnerability in the desktop app for Microsoft Teams that gives threat actors access to authentication tokens and accounts with multi-factor authentication (MFA) turned on. BleepingComputer reports: "This attack does not require special permissions or advanced malware to get away with major internal damage," Connor Peoples at cybersecurity company Vectra explains in a report this week. The researcher adds that by taking "control of critical seats -- like a company's Head of Engineering, CEO, or CFO -- attackers can convince users to perform tasks damaging to the organization." Vectra researchers discovered the problem in August 2022 and reported it to Microsoft. However, Microsoft did not agree on the severity of the issue and said that it doesn't meet the criteria for patching.

With a patch unlikely to be released, Vectra's recommendation is for users to switch to the browser version of the Microsoft Teams client. By using Microsoft Edge to load the app, users benefit from additional protections against token leaks. The researchers advise Linux users to move to a different collaboration suite, especially since Microsoft announced plans to stop supporting the app for the platform by December.

The US government's cyber defense agency is recommending for the first time that companies embrace automated continuous testing to protect against longstanding online threats. From a report: The guidance, from a cluster of US and international agencies published on Wednesday, urges businesses to shore up their defenses by continually validating their security program against known threat behaviors, rather than a more piecemeal approach. "The authoring agencies recommend continually testing your security program, at scale," according to an alert from the Cybersecurity and Infrastructure Security Agency and several other US and international agencies. The alert warned malicious cyber actors allegedly affiliated with the Iranian Government's Islamic Revolutionary Guard Corps are exploiting known vulnerabilities for ransom operations. An official at CISA told Bloomberg ahead of the announcement that emulating adversaries and testing against them is key to defending against cyberattacks. Central to the effort is a freely available list of cyberattackers' most common tactics and procedures that was first made public in 2015 by MITRE, a federally funded research and development center, and is now regularly updated. While many organizations and their security contractors already consult that list, too few check if their systems can actually detect and overcome them, the CISA official said.

Backup and cloud storage company Backblaze has published data comparing the long-term reliability of solid-state storage drives and traditional spinning hard drives in its data center. Based on data collected since the company began using SSDs as boot drives in late 2018, Backblaze cloud storage evangelist Andy Klein published a report yesterday showing that the company's SSDs are failing at a much lower rate than its HDDs as the drives age. ArsTechnica: Backblaze has published drive failure statistics (and related commentary) for years now; the hard drive-focused reports observe the behavior of tens of thousands of data storage and boot drives across most major manufacturers. The reports are comprehensive enough that we can draw at least some conclusions about which companies make the most (and least) reliable drives. The sample size for this SSD data is much smaller, both in the number and variety of drives tested -- they're mostly 2.5-inch drives from Crucial, Seagate, and Dell, with little representation of Western Digital/SanDisk and no data from Samsung drives at all. This makes the data less useful for comparing relative reliability between companies, but it can still be useful for comparing the overall reliability of hard drives to the reliability of SSDs doing the same work.

Backblaze uses SSDs as boot drives for its servers rather than data storage, and its data compares these drives to HDDs that were also being used as boot drives. The company says these drives handle the storage of logs, temporary files, SMART stats, and other data in addition to booting -- they're not writing terabytes of data every day, but they're not just sitting there doing nothing once the server has booted, either. Over their first four years of service, SSDs fail at a lower rate than HDDs overall, but the curve looks basically the same -- few failures in year one, a jump in year two, a small decline in year three, and another increase in year four. But once you hit year five, HDD failure rates begin going upward quickly -- jumping from a 1.83 percent failure rate in year four to 3.55 percent in year five. Backblaze's SSDs, on the other hand, continued to fail at roughly the same 1 percent rate as they did the year before.

hackingbear shares a report from Gizmodo: China claims that America's National Security Agency used sophisticated cyber tools to hack into an elite research university on Chinese soil. The attack allegedly targeted the Northwestern Polytechnical University in Xi'an (not to be confused with a California school of the same name), which is highly ranked in the global university index for its science and engineering programs. The U.S. Justice Department has referred to the school as a "Chinese military university that is heavily involved in military research and works closely with the People's Liberation Army," painting it as a reasonable target for digital infiltration from an American perspective.

China's National Computer Virus Emergency Response Center (CVERC) recently published a report attributing the hack to the Tailored Access Operations group (TAO) -- an elite team of NSA hackers which first became publicly known via the Snowden Leaks back in 2013, helps the U.S. government break into networks all over the world for the purposes of intelligence gathering and data collection. [CVERC identified 41 TAO tools involved in the case.] One such tool, dubbed 'Suctionchar,' is said to have helped infiltrate the school's network by stealing account credentials from remote management and file transfer applications to hijack logins on targeted servers. The report also mentions the exploitation of Bvp47, a backdoor in Linux that has been used in previous hacking missions by the Equation Group -- another elite NSA hacking team. According to CVERC, traces of Suctionchar have been found in many other Chinese networks besides Northwestern's, and the agency has accused the NSA of launching more than 10,000 cyberattacks on China over the past several years.

On Sunday, the allegations against the NSA were escalated to a diplomatic complaint. Yang Tao, the director-general of American affairs at China's Ministry of Foreign Affairs, published a statement affirming the CVERC report and claiming that the NSA had "seriously violated the technical secrets of relevant Chinese institutions and seriously endangered the security of China's critical infrastructure, institutions and personal information, and must be stopped immediately."

VMware engineers have tested the Linux kernel's fix for the Retbleed speculative execution bug, and report it can impact compute performance by a whopping 70 percent. The Register reports: In a post to the Linux Kernel Mailing List titled "Performance Regression in Linux Kernel 5.19", VMware performance engineering staffer Manikandan Jagatheesan reports the virtualization giant's internal testing found that running Linux VMs on the ESXi hypervisor using version 5.19 of the Linux kernel saw compute performance dip by up to 70 percent when using single vCPU, networking fall by 30 percent and storage performance dip by up to 13 percent. Jagatheesan said VMware's testers turned off the Retbleed remediation in version 5.19 of the kernel and ESXi performance returned to levels experienced under version 5.18.

Because speculative execution exists to speed processing, it is no surprise that disabling it impacts performance. A 70 percent decrease in computing performance will, however, have a major impact on application performance that could lead to unacceptable delays for some business processes. VMware's tests were run on Intel Skylake CPUs -- silicon released between 2015 and 2017 that will still be present in many server fleets. Subsequent CPUs addressed the underlying issues that allowed Retbleed and other Spectre-like attacks.

Here's a warning from the threat intelligence unit of AT&T Cybersecurity, AT&T Alien Labs: With a rise of nearly 650% in malware and ransomware for Linux this year, reaching an all-time high in the first half year of 2022, threat actors find servers, endpoints and IoT devices based on Linux operating systems more and more valuable and find new ways to deliver their malicious payloads. New malwares like BotenaGo and EnemyBot are examples of how malware writers rapidly incorporate recently discovered vulnerabilities to find new victims and increase their reach.
But they've discovered a new malware targetting Linux endpoints and IoT devices, stealthily "delivered in a multistage infection chain where each module responds to a part of the payload and downloads and executes the next one. An attacker can gain full control of the system, in addition to the cryptocurrency miner that will be executed and set to persist."

The Register summarizes their report: The malware was dubbed "Shikitega" for its extensive use of the popular Shikata Ga Nai polymorphic encoder, which allows the malware to "mutate" its code to avoid detection. Shikitega alters its code each time it runs through one of several decoding loops that AT&T said each deliver multiple attacks, beginning with an ELF file that's just 370 bytes... AT&T didn't say how the initial infection occurs, but it did say Shikitega exploits two Linux vulnerabilities disclosed in 2021 to achieve its ultimate objective, which AT&T said appears to be the installation and execution of the XMRig cryptocurrency miner.

The final stage also establishes persistence, which Shikitega does by downloading and executing five shell scripts that configure a pair of cron jobs for the current user and a pair for the root user using crontab, which it can also install if not available. Shikitega also uses cloud hosting solutions to store parts of its payload, which it further uses to obfuscate itself by contacting via IP address instead of domain name....>
>
Bottom line: Shikitega is a nasty piece of code. AT&T recommends Linux endpoint and IoT device managers keep security patches installed, keep EDR software up to date and make regular backups of essential systems.
Ars Technica reports: The ultimate objective of the malware isn't clear. It drops the XMRig software for mining the Monero cryptocurrency, so stealthy cryptojacking is one possibility. But Shikitega also downloads and executes a powerful Metasploit package known as Mettle, which bundles capabilities including webcam control, credential stealing, and multiple reverse shells into a package that runs on everything from "the smallest embedded Linux targets to big iron." Mettle's inclusion leaves open the potential that surreptitious Monero mining isn't the sole function....

Given the work the unknown threat actors responsible devoted to the malware's stealth, it wouldn't be surprising if the malware is lurking undetected on some systems.

Patreon has confirmed it laid off five of its security team employees, TechCrunch reports, "but declined to answer our questions, or say how many employees it had on the security team prior to the layoffs."

But while a former senior security engineer posted on LinkedIn that "I and the rest of the Patreon Security Team are no longer with the company," Patreon's U.S. policy head, Ellen Satterwhite told Gizmodo that "a majority of our engineers working on security and vendors remain in place." "As part of a strategic shift of a portion of our security program, we have parted ways with five employees," said Patreon in an emailed statement attributed to the company's U.S. policy head, Ellen Satterwhite.... In response to further questions, Satterwhite also said "the entire internal Patreon security team was not laid off. As a matter of policy, we can't share the exact number of Patreon employees working on security, but can confirm a majority of Patreon's internal engineers working on security remain in place...."

Satterwhite noted that "we also partner with a number of external organizations to continuously develop our security capabilities and conduct regular security assessments." The reference to "external organizations" seemingly suggests that the company has outsourced much of its security operations.

"As a global platform, we will always prioritize the security of our creators' and customers' data," wrote Satterwhite. "The changes made this week will have no impact on our ability to continue providing a secure and safe platform for our creators and patrons."

Network hardware-maker QNAP is urging customers to update their network-attached storage devices immediately to protect them from a new wave of ongoing ransomware attacks that can destroy terabytes of data in a single stroke. From a report: Singapore-based QNAP said recently that it has identified a new campaign from a ransomware group known as DeadBolt. The attacks take aim at QNAP NAS devices that use a proprietary feature known as Photo Station. The advisory instructs customers to update their firmware, suggesting there is a vulnerability that's under exploit, but the company makes no explicit mention of a CVE designation that security professionals use to track such security flaws.

A cybercriminal group containing former members of the notorious Conti ransomware gang is targeting the Ukrainian government and European NGOs in the region, Google says. From a report: The details come from a new blog post from the Threat Analysis Group (TAG), a team within Google dedicated to tracking state-sponsored cyber activity. With the war in Ukraine having lasted more than half a year, cyber activity including hacktivism and electronic warfare has been a constant presence in the background. Now, TAG says that profit-seeking cybercriminals are becoming active in the area in greater numbers. From April through August 2022, TAG has been following "an increasing number of financially motivated threat actors targeting Ukraine whose activities seem closely aligned with Russian government-backed attackers," writes TAG's Pierre-Marc Bureau. One of these state-backed actors has already been designated by CERT -- Ukraine's national Computer Emergency Response Team -- as UAC-0098. But new analysis from TAG links it to Conti: a prolific global ransomware gang that shut down the Costa Rican government with a cyberattack in May.

Albania cut diplomatic ties with Iran and expelled the country's embassy staff over a major cyberattack nearly two months ago that was allegedly carried out by Tehran on Albanian government websites, the prime minister said Wednesday. From a report: The move by Albania, a NATO country, was the first known case of a country cutting diplomatic relations over a cyberattack. The White House vowed unspecified retaliation Wednesday against Iran for what it called "a troubling precedent for cyberspace." In a statement, the White House said it has had experts on the ground for weeks helping Albania and had concluded Iran was behind the "reckless and irresponsible" attack and subsequent hack-and-leak operation.

The government's decision was formally delivered to the Iranian Embassy in Tirana, the capital, in an official note, Prime Minister Edi Rama said. All embassy staff, including diplomatic and security personnel, were ordered to leave Albania within 24 hours. On July 15, a cyberattack temporarily shut down numerous Albanian government digital services and websites. Rama said an investigation determined that the cyberattack wasn't carried out by individuals or independent groups, calling it "state aggression."

Joe Sullivan, Uber's former chief of security, faces criminal charges for his handling of a 2016 security breach. His trial this week has divided the security industry. From a report: Joe Sullivan was a rock star in the information security world. One of the first federal prosecutors to work on cybercrime cases in the late 1990s, he jumped into the corporate security world in 2002, eventually taking on high-profile roles as chief of security at Facebook and Uber. When the security community made its annual summer pilgrimage to Las Vegas for two conferences, Mr. Sullivan was an easily recognizable figure: tall with shaggy hair, wearing sneakers and a hoodie. "Everyone knew him; I was in awe, frankly," said Renee Guttmann, who was the chief information security officer for Coca-Cola and Campbell Soup. "He was an industry leader." So it came as a shock to many in the community when Mr. Sullivan was fired by Uber in 2017, accused of mishandling a security incident the year before. Despite the scandal, Mr. Sullivan got a new job as chief of security at Cloudflare, an internet infrastructure company.

But the investigation into the incident at Uber continued, and in 2020, the same prosecutor's office where Mr. Sullivan had worked decades earlier charged him with two felonies, in what is believed to be the first time a company executive has faced potential criminal liability for an alleged data breach. Mr. Sullivan has pleaded not guilty to the charges. Mr. Sullivan stepped down from his job at Cloudflare in July, in preparation for his trial, which begins this week in U.S. District Court in San Francisco. Other chief security officers are following the case closely, worried about what it means for them. [...] At the very least, security executives are worried about being on the hook for potential legal bills. Charles Blauner, a retired CISO and cybersecurity adviser, said security chiefs had taken a strong interest in directors and officers insurance, which covers the legal costs of executives who are sued as a result of their work with a company. "A lot of sitting chief information security officers are going to their bosses and asking if they have D.&O. insurance and, if not, can I have it?" Mr. Blauner said. "They are saying, 'If I'm going to be held liable for something our company does, I want legal coverage.'" After being charged, Mr. Sullivan sued Uber to force it to pay his legal fees in the criminal case, and they reached a private settlement.

An anonymous reader quotes a report from CNET: In a new study, published Monday in the journal npj Flexible Electronics, an international team of researchers revealed it has engineered a system to remotely control the legs of cockroaches from afar. The system, which is basically a cockroach backpack wired into the creature's nervous system, has a power output about 50 times higher than previous devices and is built with an ultrathin and flexible solar cell that doesn't hinder the roach's movement. Pressing a button sends a shock to the backpack that tricks the roach into moving a certain direction.

Cockroach cyborgs are not a new idea. Back in 2012, researchers at North Carolina State University were experimenting with Madagascar hissing cockroaches and wireless backpacks, showing the critters could be remotely controlled to walk along a track. The way scientists do this is by attaching the backpack and connecting wires to a cockroach's "cerci," two appendages at the end of the abdomen that are basically sensory nerves. One on the left, one on the right. Previous studies have shown electrical impulses to either side can stimulate the roach into moving in that direction, giving researchers some control over locomotion. But to send and receive signals, you need to power the backpack. You might be able to use a battery but, eventually, a battery will run out of power and the cyborg cockroach will be free to disappear into the leaf litter.

The team at Riken crafted the system to be solar-powered and rechargeable. They attached a battery and stimulation module to the cockroach's thorax (the upper segment of its body). That was the first step. The second step was to make sure the solar cell module would adhere to the cockroach's abdomen, the segmented lower section of its body. [T]he Riken team tested a number of thin electronic films, subjecting their roaches to a bunch of experiments and watching how the roaches moved depending on the thickness of the film. This helped them decide on a module about 17 times thinner than a human hair. It adhered to the abdomen without greatly limiting the degree of freedom the roaches had and also stuck around for about a month, greatly outlasting previous systems. "The current system only has a wireless locomotion control system, so it's not enough to prepare an application such as urban rescue," said Kenjiro Fukuda, an expert in flexible electronics at Japan's Riken. "By integrating other required devices such as sensors and cameras, we can use our cyborg insects for such purposes."

Fukuda notes the design of the ultrathin solar cell could be applied to other insects, like beetles and cicadas.

Beijing this week accused the United States of launching "tens of thousands" of cyberattacks on China and pilfering troves of sensitive data, including from a public research university. From a report: Washington has accused Beijing of cyberattacks against US businesses and government agencies, one of the issues over which ties between the two powers have nosedived in recent years. China has consistently denied the claims and in turn lashed out against alleged US cyber espionage, but has rarely made public disclosures of specific attacks. But a report released Monday by its National Computer Virus Emergency Response Center (CVERC) accused the US National Security Agency (NSA) of carrying out "tens of thousands of malicious attacks on network targets in China in recent years." It specifically accused the NSA's Office of Tailored Access Operations (TAO) of infiltrating the Northwestern Polytechnical University in the city of Xi'an.

The Los Angeles Unified School District (LAUSD) has confirmed it was hit by a ransomware attack that is causing ongoing technical disruptions. From a report: LAUSD is the second largest school district in the U.S. after the New York City Department of Education. The LAUSD serves over 600,000 students spanning from kindergarten through 12th grade at over 1,000 schools, and employs more than 26,000 teachers. The district said on Monday that it was hit by a cyberattack over the weekend, which it later confirmed was ransomware.

Although the attack caused "significant disruption" to LAUSD's infrastructure, the district said it will resume classes on Tuesday -- after observing Labor Day on Monday -- while it works to restore impacted services. LAUSD said that it does not expect technical issues to impact transportation, food or after-school programs, but noted that "business operations may be delayed or modified." It warned that ongoing disruptions include "access to email, computer systems, and applications," while a post from Northridge Academy High, a school in the district, confirmed that teachers and students might be unable to access Google Drive and Schoology, a K-12 learning management system, until further notice.

Google has released Chrome 105.0.5195.102 for Windows, Mac, and Linux users to address a single high-severity security flaw, the sixth Chrome zero-day exploited in attacks patched this year. From a report: "Google is aware of reports that an exploit for CVE-2022-3075 exists in the wild," the company said in a security advisory published on Friday. This new version is rolling out in the Stable Desktop channel, with Google saying that it will reach the entire user base within a matter of days or weeks. It was available immediately when BleepingComputer checked for new updates by going into the Chrome menu > Help > About Google Chrome. The web browser will also auto-check for new updates and automatically install them after the next launch.