Second Ransomware Family Exploiting Log4j Spotted In US, Europe

Researchers say a second family of ransomware has been growing in usage for attack attempts that exploit the critical vulnerability in Apache Log4j, including in the U.S. and Europe. VentureBeat reports: A number of researchers, including at cybersecurity giant Sophos, have now said they’ve observed the attempted deployment of a ransomware family known as TellYouThePass. Researchers have described TellYouThePass as an older and largely inactive ransomware family — which has been revived following the discovery of the vulnerability in the widely used Log4j logging software. TellYouThePass is the second family of ransomware that’s been observed to exploit the vulnerability in Log4j, known as Log4Shell, joining the Khonsari ransomware, according to researchers.

While previous reports indicated that TellYouThePass was mainly being directed against targets in China, researchers at Sophos told VentureBeat that they’ve observed the attempted delivery of TellYouThePass ransomware both inside and outside of China — including in the U.S. and Europe. “Systems in China were targeted, as well as some hosted in Amazon and Google cloud services in the U.S. and at several sites in Europe,” said Sean Gallagher, a senior threat researcher at Sophos Labs, in an email to VentureBeat on Tuesday. Sophos detected attempts to deliver TellYouThePass payloads by utilizing the Log4j vulnerability on December 17 and December 18, Gallagher said. TellYouThePass has versions that run on either Linux or Windows, “and has a history of exploiting high-profile vulnerabilities like EternalBlue,” said Andrew Brandt, a threat researcher at Sophos, in an email. The Linux version is capable of stealing Secure Socket Shell (SSH) keys and can perform lateral movement, Brandt said. Sophos initially disclosed its detection of TellYouThePass ransomware in a December 20 blog post.

The first report of TellYouThePass ransomware exploiting the Log4j vulnerability appears to have come from the head of Chinese cybersecurity group KnownSec 404 Team on December 12. The attempted deployment of TellYouThePass in conjunction with Log4Shell was subsequently confirmed by additional researchers, according to researcher community Curated Intelligence. In a blog post Tuesday, Curated Intelligence said its members can now confirm that TellYouThePass has been seen exploiting the vulnerability “in the wild to target both Windows and Linux systems.” TellYouThePass had most recently been observed in July 2020, Curated Intelligence said. It joins Khonsari, a new family of ransomware identified in connection with exploits of the Log4j vulnerability.

Read more of this story at Slashdot.

Twitch Co-Founder Gets Discord Hacked, $150,000 Stolen From Users In NFT Scam

Luke Plunkett writes via Kotaku: Justin Kan, a co-founder of Twitch and the dude Justin.TV was named for, last week decided to launch a site called Fractal. It was to be a ‘marketplace’ where in-game items could be bought and sold as NFTs. Later, in Fractal’s Discord server, a link appeared advertising a drop of 3,333 NFTs. You may have guessed what happened next. As Twitch reporter Zach Bussey has detailed, the message, which appeared legit since it was coming from inside the house, had actually been posted by someone gaining access to Fractal’s Discord bot, pointing towards ‘Fractai’, not Fractal. The scammers managed to “sell” 3,294 NFTs before the plug was pulled. There were of course no actual NFTs being sold at all, just money being straight up stolen — over $150,000 — though you’d be forgiven for wondering what the difference is.

In response, the Fractal team issued a statement acknowledging the breach, along with a promise they are “going to make this right.” […] ractal say they are “planning to fully compensate these 373 victims,” before adding the extraordinary warning, “We must use our best judgement as there’s no ‘undo button’ in crypto,” making the entire post read like a textbook example of showcasing why this is such a shitty space. Meanwhile, Kan issued a short video statement of his own, alongside warnings that this Discord scam had been perpetrated on other NFT communities as well.

Read more of this story at Slashdot.

US Returns $154 Million In Bitcoins Stolen By Sony Employee

The United States has taken legal action to seize and return over $154 million purportedly stolen from Sony Life Insurance Company Ltd, a SONY subsidiary, by an employee in a textbook business email compromise (BEC) attack. BleepingComputer reports: “According to the government’s complaint, Rei Ishii, an employee of Sony Life Insurance Company Ltd. (“Sony Life”) in Tokyo, allegedly diverted the $154 million when the company attempted to transfer funds between its financial accounts,” the Justice Dept said today. “Ishii allegedly did this by falsifying transaction instructions, which caused the funds to be transferred to an account that Ishii controlled at a bank in La Jolla, California.”

According to court documents, Ishii switched the transfer address for a Sony Life transaction to use a Silvergate Bank account under his control. Ishii later converted the stolen funds into more than 3879 bitcoins via A Coinbase set up to automatically transfer all added funds to an offline cryptocurrency cold wallet […]. After converting the money to cryptocurrency, Ishii also tried persuading his supervisor and several Sony Life executives not to help investigators by emailing them a ransom note typed in English and Japanese. “If you accept the settlement, we will return the funds back. If you are going to file criminal charges, it will be impossible to recover the funds,” the note read. “We might go down behind all of this, but one thing is for sure, you are going to be right there next to us. We strongly recommend to stop communicate (sic) with any third parties including law enforcement.”

However, on December 1, following an investigation in collaboration with Japanese law enforcement authorities, the FBI seized the 3879.16242937 BTC in Ishii’s wallet after obtaining the private key, which made it possible to transfer all the bitcoins to the FBI’s bitcoin wallet. […] Tokyo’s Metropolitan Police Department arrested the 32-year-old Ishii the same day and criminally charged him on suspicion of obtaining $154 million dollars following fraudulent money transfers from mid-May.

Read more of this story at Slashdot.

What Apple’s AR/VR Headset Could Look Like

Render creator Ian Zelbo has shared a trio of high-quality product renders of Apple’s upcoming AR/VR headset that’s expected to arrive in the fourth quarter of 2022. “The renders are based on earlier reporting from The Information and showcase the device in crisp 8K images,” reports Screen Rant. “Zelbo’s previously done renders for AirTag, iPhone 13, and other Apple gadgets leading up to their release — all of which have been incredibly representative of the final product.” From the report: Assuming Apple’s headset actually looks like this, it could be one of the best-designed gadgets in the niche so far. The front of the headset is taken up entirely by curved glass, with the frame touting a sleek (likely aluminum) construction. Behind that glass is a mesh fabric cushion — not unlike the cushions used for the earcups on AirPods Max. That AirPods Max inspiration is also seen with the oval button on top of the headset.

Moving to the headset’s strap, there’s clear inspiration taken from the Apple Watch’s sport band. It appears to have the same silicon design, loops, and metal clasp. The back of the headband also bears a resemblance to Apple’s AirTag Loop accessory thanks to its open design. Not only does the whole package look good, but it should also result in a very comfortable wearing experience. If the face cushion and head strap are even half as comfortable as the products they’re inspired by, that’s worth getting excited for.

Read more of this story at Slashdot.

Microsoft’s $19.7 Billion Nuance Acquisition Wins EU Approval

The European Commission has approved Microsoft’s $19.7 billion bid to buy Nuance Communications. Engadget reports: The regulator said on Tuesday the proposed acquisition “would raise no competition concerns” within the European Union. In analyzing the bid, it found that “Microsoft and Nuance offer very different products.” Moreover, it believes the company will continue to face “strong” competition from other firms in the future. Before today, the US and Australia had both signed off on the purchase, but it’s not yet a done deal. On December 13th, the UK’s Competition and Markets Authority said it would investigate the transaction. With the regulator accepting public comments until January 10th, 2022, it’s unlikely the deal will close by the end of 2021 as Microsoft had said it would when it first announced its intention to buy Nuance. In April, Microsoft agreed to acquire the speech-to-text software company, claiming the acquisition was about increasing its presence in the healthcare vertical.

Read more of this story at Slashdot.

Florida Manatees Facing Starvation to Be Fed in Trial Program

Wildlife officials in Florida are preparing to feed manatees in the wild, an unprecedented response to the animals’ mass starvation caused by the loss of seagrasses they normally eat. From a report: So far this year, 1,056 manatees have died in Florida, nearly double the average for the same period of the past five years, according to state data. While the record tally includes those killed by watercraft and other causes, malnourishment is the main reason propelling the increase, researchers say. The state’s total manatee population numbered at least 5,733 in 2019, the most recent year in which officials conducted a count. The U.S. Fish and Wildlife Service declared an “unusual mortality event” along Florida’s Atlantic coast this year — a designation indicating a significant die-off that demands an immediate response. The problem can worsen in the winter when the animals congregate in warmer waters that have become devoid of food, researchers say.

“The status of manatees going into this winter is so poor that without this supplemental feeding to help get them through, we’re going to have hundreds and hundreds of [them] dying,” said Patrick Rose, executive director of the advocacy group Save the Manatee Club. Seagrasses are disappearing because of deteriorating water quality caused by improperly treated sewage, leaking septic tanks and runoff containing fertilizer used for lawns and agriculture, researchers say. It’s part of a broader threat to other marine species, they say, and to Florida’s economy, which relies heavily on visitors drawn to the state’s coastline.

Read more of this story at Slashdot.

Asteroid Sample Could Reveal Our Solar System’s Origin Story

Just over a year after Japan’s Hayabusa2 mission returned the first subsurface sample of an asteroid to Earth, scientists have determined that the near-Earth asteroid Ryugu is a pristine remnant from the formation of our solar system. From a report: This was the first material to be returned to Earth from a carbon-rich asteroid. These asteroids can reveal how our cosmic corner of the universe was formed. The organic and hydrated minerals locked within these asteroids could also shed light on the origin of the building blocks of life. Ryugu is a dark, diamond-shaped asteroid that measures about 3,000 feet (1 kilometer) wide. Hayabusa2 collected one sample from the asteroid’s surface on February 22, 2019, then fired a copper “bullet” into the asteroid to create a 33-foot wide impact crater. A sample was collected from this crater on July 11, 2019. Then, Hayabusa2 flew by Earth and dropped the sample off in Australia last December.

The C-type, or carbonaceous, asteroid is much darker than scientists originally thought, only reflecting about 2% of the light that hits it, according to one study published Monday in the journal Nature Astronomy. After opening the sample, scientists were surprised to find that the spacecraft collected 5.4 grams from the asteroid — much more than the single gram they were expecting, said Toru Yada, lead study author and associate senior researcher at the Japan Aerospace Exploration Agency’s Institute of Space and Astronautical Science.
In the second study, also published Monday in Nature Astronomy, the researchers determined that Ryugu is made of clay and other hydrated minerals, with a number of carbonates and organics inside the sample.

Read more of this story at Slashdot.

Himalayan Glaciers Are Melting at Furious Rate, New Study Shows

Glaciers across the Himalayas are melting at an extraordinary rate, with new research showing that the vast ice sheets there shrank 10 times faster in the past 40 years than during the previous seven centuries. From a report: Avalanches, flooding and other effects of the accelerating loss of ice imperil residents in India, Nepal and Bhutan and threaten to disrupt agriculture for hundreds of millions of people across South Asia, according to the researchers. And since water from melting glaciers contributes to sea-level rise, glacial ice loss in the Himalayas also adds to the threat of inundation and related problems faced by coastal communities around the world. “This part of the world is changing faster than perhaps anybody realized,” said Jonathan Carrivick, a University of Leeds glaciologist and the co-author of a paper detailing the research published Monday in the journal Scientific Reports. “It’s not just that the Himalayas are changing really fast, it’s that they’re changing ever faster.”

Scientists have long observed ice loss from large glaciers in New Zealand, Greenland, Patagonia and other parts of the world. But ice loss in the Himalayas is especially rapid, the new study found. The researchers didn’t pinpoint a reason but noted that regional climate factors, such as shifts in the South Asian monsoon, may play a role. The new finding comes as there is scientific consensus that ice loss from glaciers and polar ice sheets results from rising global temperatures caused by greenhouse-gas emissions from the burning of fossil fuels. Many peer-reviewed scientific studies have identified human activity as a cause of rising global temperatures. So did a report issued in August by the United Nations Intergovernmental Panel on Climate Change, which said “human influence is very likely the main driver of the global retreat of glaciers since the 1990s.” For the new study, Dr. Carrivick and his colleagues scanned satellite photos of almost 15,000 glaciers in the region for signs of the large ridges of rock and debris that glaciers leave behind as they slowly grind their way through the valleys. Using the locations of these ancient glacial tracks, the scientists estimated the span of ice sheet coverage in previous centuries.

Read more of this story at Slashdot.

After 50 Years, Vacuum-Sealed Container From 1972 Moon Landing Will Finally Be Opened

“Apollo mission planners were really smart. Recognizing that future scientists will have better tools and richer scientific insights, they refrained from opening a portion of the lunar samples returned from the historic Apollo missions,” writes Gizmodo.

“One of these sample containers, after sitting untouched for 50 years, is now set to be opened.”

The sample in question was collected by Gene Cernan in 1972. The Apollo 17 astronaut was working in the Taurus-Littrow Valley when he hammered a 28-inch-long (70 cm) tube into the surface, which he did to collect samples of lunar soil and gas. The lower half of this canister was sealed while Cernan was still on the Moon. Back on Earth, the canister was placed in yet another vacuum chamber for good measure. Known as the 73001 Apollo sample container, it remains untouched to this very day.

But the time has come to open this vessel and investigate its precious cargo, according to a European Space Agency press release. The hope is that lunar gases might be present inside, specifically hydrogen, helium, and other light gases. Analysis of these gases could further our understanding of lunar geology and shed new light on how to best store future samples, whether they be gathered on asteroids, the Moon, or Mars.

Like I said, Apollo mission planners were really clever — but they didn’t exactly explain how future scientists were supposed to extract the presumed gases from the vacuum-sealed container. That task is now the responsibility of the Apollo Next Generation Sample Analysis Program (ANGSA), which manages these untouched treasures. In this case, ANGSA tasked the European Space Agency, among several other institutions, to figure out a way to safely release this trapped gas, marking the first time that ESA has been involved in the opening of samples returned from the Apollo program…

The ANGSA consortium spent the past 16 months working on the problem, and the solution, dubbed the “Apollo can opener,” is now ready to rock.

Sometime in the next few weeks the gas will finally be decanted into multiple containers, and then sent to specialized labs around the world.

Read more of this story at Slashdot.

NASA Releases New Photos of Jupiter – and a Recording of Its Moon that Sounds Like R2-D2

“As it seeks answers about the cosmos and what they mean for Earth’s origins, NASA on Friday announced a slew of discoveries about Jupiter,” reports the Washington Post

“And scientists brought home an interstellar tune from the road.”

The Juno spacecraft is gathering data about the origin of the solar system’s biggest planet — in which more than 1,300 Earths could fit. Among its recent findings are photos from inside the planet’s ring, a map of its magnetic field, details of its atmosphere and a trippy soundtrack from a spacecraft’s travels around one of its moons.

But it’s not exactly a song, or even perceptible to the human ear.

The radio emissions Juno recorded are not what a person would hear if they went to Jupiter — space is a vacuum and does not carry soundwaves like air does on Earth. But the probe zooming through space captured the electric and magnetic emissions that scientists later converted into perceptible sound. Turns out, orbiting Ganymede, which is one of Jupiter’s moons and the largest satellite in the solar system, kind of sounds like R2-D2.

Launched in 2011, became the eighth spacecraft to ever reach Jupiter in 2016, “and the first to probe below the giant planet’s thick gas cover.

“It fought Jupiter’s extreme temperatures and hazardous radiation to survey its north and south poles, chugging along despite a lack of sunshine on its solar panels.”

Read more of this story at Slashdot.