Second Ransomware Family Exploiting Log4j Spotted In US, Europe

Researchers say a second family of ransomware has been growing in usage for attack attempts that exploit the critical vulnerability in Apache Log4j, including in the U.S. and Europe. VentureBeat reports: A number of researchers, including at cybersecurity giant Sophos, have now said they’ve observed the attempted deployment of a ransomware family known as TellYouThePass. Researchers have described TellYouThePass as an older and largely inactive ransomware family — which has been revived following the discovery of the vulnerability in the widely used Log4j logging software. TellYouThePass is the second family of ransomware that’s been observed to exploit the vulnerability in Log4j, known as Log4Shell, joining the Khonsari ransomware, according to researchers.

While previous reports indicated that TellYouThePass was mainly being directed against targets in China, researchers at Sophos told VentureBeat that they’ve observed the attempted delivery of TellYouThePass ransomware both inside and outside of China — including in the U.S. and Europe. “Systems in China were targeted, as well as some hosted in Amazon and Google cloud services in the U.S. and at several sites in Europe,” said Sean Gallagher, a senior threat researcher at Sophos Labs, in an email to VentureBeat on Tuesday. Sophos detected attempts to deliver TellYouThePass payloads by utilizing the Log4j vulnerability on December 17 and December 18, Gallagher said. TellYouThePass has versions that run on either Linux or Windows, “and has a history of exploiting high-profile vulnerabilities like EternalBlue,” said Andrew Brandt, a threat researcher at Sophos, in an email. The Linux version is capable of stealing Secure Socket Shell (SSH) keys and can perform lateral movement, Brandt said. Sophos initially disclosed its detection of TellYouThePass ransomware in a December 20 blog post.

The first report of TellYouThePass ransomware exploiting the Log4j vulnerability appears to have come from the head of Chinese cybersecurity group KnownSec 404 Team on December 12. The attempted deployment of TellYouThePass in conjunction with Log4Shell was subsequently confirmed by additional researchers, according to researcher community Curated Intelligence. In a blog post Tuesday, Curated Intelligence said its members can now confirm that TellYouThePass has been seen exploiting the vulnerability “in the wild to target both Windows and Linux systems.” TellYouThePass had most recently been observed in July 2020, Curated Intelligence said. It joins Khonsari, a new family of ransomware identified in connection with exploits of the Log4j vulnerability.

Read more of this story at Slashdot.

New Policing System Will Send Drones To the Source of Gunshots

A new policing system is being developed that will send autonomous drones equipped with shot-locating technology to the source of gunshots. “By analyzing the live video from its onboard camera, police officers can then gain a better sense of the situation they’re heading into,” reports New Atlas. From the report: Already in use in over 120 cities in the US, South Africa and the Caribbean, the American ShotSpotter system utilizes a network of microphones within a neighborhood to detect “loud, impulsive sounds.” Whenever such a sound is detected, its geographical originating point can be triangulated by analyzing the millisecond differences in the times at which it was picked up by the different microphones — the closer a mic was to the gun, the earlier it will have detected the sound of that gun firing. That said, a combination of AI software and human staff (at a control center) is used to determine if the sound is indeed gunfire.

In the existing version of the system, police are quickly dispatched to the location. If they’re using ground transportation, however, it may take a while for them to get there. And even if the police department has a helicopter, performing pre-flight checks, etc will still take some time — assuming the aircraft isn’t already in the air on patrol, that is. With these potential limitations in mind, Israeli drone manufacturer Airobotics has teamed up with ShotSpotter to add autonomous drones to the mix. In the new version of the setup, police will still be dispatched, but so will the closest system-specific drone. That aircraft will be in the air within seconds, immediately flying to the source of the gunshots. By analyzing the live video from its onboard camera, police officers can then gain a better sense of the situation they’re heading into.

Read more of this story at Slashdot.

Twitch Co-Founder Gets Discord Hacked, $150,000 Stolen From Users In NFT Scam

Luke Plunkett writes via Kotaku: Justin Kan, a co-founder of Twitch and the dude Justin.TV was named for, last week decided to launch a site called Fractal. It was to be a ‘marketplace’ where in-game items could be bought and sold as NFTs. Later, in Fractal’s Discord server, a link appeared advertising a drop of 3,333 NFTs. You may have guessed what happened next. As Twitch reporter Zach Bussey has detailed, the message, which appeared legit since it was coming from inside the house, had actually been posted by someone gaining access to Fractal’s Discord bot, pointing towards ‘Fractai’, not Fractal. The scammers managed to “sell” 3,294 NFTs before the plug was pulled. There were of course no actual NFTs being sold at all, just money being straight up stolen — over $150,000 — though you’d be forgiven for wondering what the difference is.

In response, the Fractal team issued a statement acknowledging the breach, along with a promise they are “going to make this right.” […] ractal say they are “planning to fully compensate these 373 victims,” before adding the extraordinary warning, “We must use our best judgement as there’s no ‘undo button’ in crypto,” making the entire post read like a textbook example of showcasing why this is such a shitty space. Meanwhile, Kan issued a short video statement of his own, alongside warnings that this Discord scam had been perpetrated on other NFT communities as well.

Read more of this story at Slashdot.

What Apple’s AR/VR Headset Could Look Like

Render creator Ian Zelbo has shared a trio of high-quality product renders of Apple’s upcoming AR/VR headset that’s expected to arrive in the fourth quarter of 2022. “The renders are based on earlier reporting from The Information and showcase the device in crisp 8K images,” reports Screen Rant. “Zelbo’s previously done renders for AirTag, iPhone 13, and other Apple gadgets leading up to their release — all of which have been incredibly representative of the final product.” From the report: Assuming Apple’s headset actually looks like this, it could be one of the best-designed gadgets in the niche so far. The front of the headset is taken up entirely by curved glass, with the frame touting a sleek (likely aluminum) construction. Behind that glass is a mesh fabric cushion — not unlike the cushions used for the earcups on AirPods Max. That AirPods Max inspiration is also seen with the oval button on top of the headset.

Moving to the headset’s strap, there’s clear inspiration taken from the Apple Watch’s sport band. It appears to have the same silicon design, loops, and metal clasp. The back of the headband also bears a resemblance to Apple’s AirTag Loop accessory thanks to its open design. Not only does the whole package look good, but it should also result in a very comfortable wearing experience. If the face cushion and head strap are even half as comfortable as the products they’re inspired by, that’s worth getting excited for.

Read more of this story at Slashdot.

US Returns $154 Million In Bitcoins Stolen By Sony Employee

The United States has taken legal action to seize and return over $154 million purportedly stolen from Sony Life Insurance Company Ltd, a SONY subsidiary, by an employee in a textbook business email compromise (BEC) attack. BleepingComputer reports: “According to the government’s complaint, Rei Ishii, an employee of Sony Life Insurance Company Ltd. (“Sony Life”) in Tokyo, allegedly diverted the $154 million when the company attempted to transfer funds between its financial accounts,” the Justice Dept said today. “Ishii allegedly did this by falsifying transaction instructions, which caused the funds to be transferred to an account that Ishii controlled at a bank in La Jolla, California.”

According to court documents, Ishii switched the transfer address for a Sony Life transaction to use a Silvergate Bank account under his control. Ishii later converted the stolen funds into more than 3879 bitcoins via A Coinbase set up to automatically transfer all added funds to an offline cryptocurrency cold wallet […]. After converting the money to cryptocurrency, Ishii also tried persuading his supervisor and several Sony Life executives not to help investigators by emailing them a ransom note typed in English and Japanese. “If you accept the settlement, we will return the funds back. If you are going to file criminal charges, it will be impossible to recover the funds,” the note read. “We might go down behind all of this, but one thing is for sure, you are going to be right there next to us. We strongly recommend to stop communicate (sic) with any third parties including law enforcement.”

However, on December 1, following an investigation in collaboration with Japanese law enforcement authorities, the FBI seized the 3879.16242937 BTC in Ishii’s wallet after obtaining the private key, which made it possible to transfer all the bitcoins to the FBI’s bitcoin wallet. […] Tokyo’s Metropolitan Police Department arrested the 32-year-old Ishii the same day and criminally charged him on suspicion of obtaining $154 million dollars following fraudulent money transfers from mid-May.

Read more of this story at Slashdot.

Florida Manatees Facing Starvation to Be Fed in Trial Program

Wildlife officials in Florida are preparing to feed manatees in the wild, an unprecedented response to the animals’ mass starvation caused by the loss of seagrasses they normally eat. From a report: So far this year, 1,056 manatees have died in Florida, nearly double the average for the same period of the past five years, according to state data. While the record tally includes those killed by watercraft and other causes, malnourishment is the main reason propelling the increase, researchers say. The state’s total manatee population numbered at least 5,733 in 2019, the most recent year in which officials conducted a count. The U.S. Fish and Wildlife Service declared an “unusual mortality event” along Florida’s Atlantic coast this year — a designation indicating a significant die-off that demands an immediate response. The problem can worsen in the winter when the animals congregate in warmer waters that have become devoid of food, researchers say.

“The status of manatees going into this winter is so poor that without this supplemental feeding to help get them through, we’re going to have hundreds and hundreds of [them] dying,” said Patrick Rose, executive director of the advocacy group Save the Manatee Club. Seagrasses are disappearing because of deteriorating water quality caused by improperly treated sewage, leaking septic tanks and runoff containing fertilizer used for lawns and agriculture, researchers say. It’s part of a broader threat to other marine species, they say, and to Florida’s economy, which relies heavily on visitors drawn to the state’s coastline.

Read more of this story at Slashdot.

Asteroid Sample Could Reveal Our Solar System’s Origin Story

Just over a year after Japan’s Hayabusa2 mission returned the first subsurface sample of an asteroid to Earth, scientists have determined that the near-Earth asteroid Ryugu is a pristine remnant from the formation of our solar system. From a report: This was the first material to be returned to Earth from a carbon-rich asteroid. These asteroids can reveal how our cosmic corner of the universe was formed. The organic and hydrated minerals locked within these asteroids could also shed light on the origin of the building blocks of life. Ryugu is a dark, diamond-shaped asteroid that measures about 3,000 feet (1 kilometer) wide. Hayabusa2 collected one sample from the asteroid’s surface on February 22, 2019, then fired a copper “bullet” into the asteroid to create a 33-foot wide impact crater. A sample was collected from this crater on July 11, 2019. Then, Hayabusa2 flew by Earth and dropped the sample off in Australia last December.

The C-type, or carbonaceous, asteroid is much darker than scientists originally thought, only reflecting about 2% of the light that hits it, according to one study published Monday in the journal Nature Astronomy. After opening the sample, scientists were surprised to find that the spacecraft collected 5.4 grams from the asteroid — much more than the single gram they were expecting, said Toru Yada, lead study author and associate senior researcher at the Japan Aerospace Exploration Agency’s Institute of Space and Astronautical Science.
In the second study, also published Monday in Nature Astronomy, the researchers determined that Ryugu is made of clay and other hydrated minerals, with a number of carbonates and organics inside the sample.

Read more of this story at Slashdot.

Himalayan Glaciers Are Melting at Furious Rate, New Study Shows

Glaciers across the Himalayas are melting at an extraordinary rate, with new research showing that the vast ice sheets there shrank 10 times faster in the past 40 years than during the previous seven centuries. From a report: Avalanches, flooding and other effects of the accelerating loss of ice imperil residents in India, Nepal and Bhutan and threaten to disrupt agriculture for hundreds of millions of people across South Asia, according to the researchers. And since water from melting glaciers contributes to sea-level rise, glacial ice loss in the Himalayas also adds to the threat of inundation and related problems faced by coastal communities around the world. “This part of the world is changing faster than perhaps anybody realized,” said Jonathan Carrivick, a University of Leeds glaciologist and the co-author of a paper detailing the research published Monday in the journal Scientific Reports. “It’s not just that the Himalayas are changing really fast, it’s that they’re changing ever faster.”

Scientists have long observed ice loss from large glaciers in New Zealand, Greenland, Patagonia and other parts of the world. But ice loss in the Himalayas is especially rapid, the new study found. The researchers didn’t pinpoint a reason but noted that regional climate factors, such as shifts in the South Asian monsoon, may play a role. The new finding comes as there is scientific consensus that ice loss from glaciers and polar ice sheets results from rising global temperatures caused by greenhouse-gas emissions from the burning of fossil fuels. Many peer-reviewed scientific studies have identified human activity as a cause of rising global temperatures. So did a report issued in August by the United Nations Intergovernmental Panel on Climate Change, which said “human influence is very likely the main driver of the global retreat of glaciers since the 1990s.” For the new study, Dr. Carrivick and his colleagues scanned satellite photos of almost 15,000 glaciers in the region for signs of the large ridges of rock and debris that glaciers leave behind as they slowly grind their way through the valleys. Using the locations of these ancient glacial tracks, the scientists estimated the span of ice sheet coverage in previous centuries.

Read more of this story at Slashdot.

NASA Releases New Photos of Jupiter – and a Recording of Its Moon that Sounds Like R2-D2

“As it seeks answers about the cosmos and what they mean for Earth’s origins, NASA on Friday announced a slew of discoveries about Jupiter,” reports the Washington Post

“And scientists brought home an interstellar tune from the road.”

The Juno spacecraft is gathering data about the origin of the solar system’s biggest planet — in which more than 1,300 Earths could fit. Among its recent findings are photos from inside the planet’s ring, a map of its magnetic field, details of its atmosphere and a trippy soundtrack from a spacecraft’s travels around one of its moons.

But it’s not exactly a song, or even perceptible to the human ear.

The radio emissions Juno recorded are not what a person would hear if they went to Jupiter — space is a vacuum and does not carry soundwaves like air does on Earth. But the probe zooming through space captured the electric and magnetic emissions that scientists later converted into perceptible sound. Turns out, orbiting Ganymede, which is one of Jupiter’s moons and the largest satellite in the solar system, kind of sounds like R2-D2.

Launched in 2011, became the eighth spacecraft to ever reach Jupiter in 2016, “and the first to probe below the giant planet’s thick gas cover.

“It fought Jupiter’s extreme temperatures and hazardous radiation to survey its north and south poles, chugging along despite a lack of sunshine on its solar panels.”

Read more of this story at Slashdot.