Average Data Breach Costs Hit a Record $4.4 Million, Report Says

The average cost of a data breach rose to an all-time high of $4.4 million this year, according to the IBM Security report released Wednesday. That marked a 2.6% increase from a year ago and a 13% jump since 2020. CNET reports: More than half of the organizations surveyed acknowledged they had passed on those costs to their customers in the form of higher prices for their products and services, IBM said. The annual report is based on an analysis of data breaches experienced by 550 organizations around the world between March 2021 and March 2022. The research, which was sponsored and analyzed by IBM, was conducted by the Ponemon Institute.

The cost estimates are based on both immediate and longer-term expenses. While some costs like the payment of ransoms and those related to investigating and containing the breach tend to be accounted for right away, others such as regulatory fines and lost sales can show up years later. On average, those polled said they accrued just under half of the costs related to a given breach more than a year after it occurred.

Read more of this story at Slashdot.

Google Is Adding Flyover-Like Aerial Views To Maps

Google is adding “photorealistic aerial views” to almost 100 landmarks in Google Maps, the company announced on Wednesday. The Verge reports: The views, which remind me of Apple Maps’ Flyover feature, give you an overhead look at landmarks in cities including Barcelona, London, New York, San Francisco, and Tokyo, according to Google. The aerial views are a “first step” toward launching the “immersive view” the company showed off at Google I/O, according to a blog post from Google Maps director of product Amanda Leicht Moore. Immersive view will also include indoor views and information like traffic and the weather layered on the map, Google spokesperson Genevieve Park tells The Verge. At I/O, Google said immersive view would begin rolling out in Los Angeles, London, New York City, San Francisco, and Tokyo “later this year.” Google Maps will also feature cycling routes, which will include additional information “like whether a specific road you’ll be instructed to travel on is a major or minor road, if your route includes stairs or steep hills, and whether you can expect to hit heavy traffic,” reports The Verge. Additionally, you’ll be able to get notifications if someone who is sharing their location with you leaves or arrives at their location.

Read more of this story at Slashdot.

‘Stop Trying To Be TikTok’: User Backlash Over Instagram Changes

Instagram’s head defended the app against a user backlash, after the social network launched a series of changes intended to make it more like its arch-rival TikTok. The Guardian reports: The changes, which include an extremely algorithmic main feed, a push for the service’s TikTok-style “reels” videos, and heavy promotion of the TikTok-style “remix” feature, have resulted in users struggling to find content from friends and family, once the bread and butter of the social network. “We’re hearing a lot of concerns from all of you,” Adam Mosseri said in a video posted to Twitter. “I’m hearing a lot of concerns about photos, and how we’re shifting to video. We’re going to continue to support photos, but I need to be honest: more and more of Instagram is going to become video over time. We’re going to have to lean in to that shift while continuing to support photos.”

The Instagram boss also defended the platform’s new “recommendations” feature, which puts content from people users do not follow on to their feed. “The idea is to help you discover new and interesting things on Instagram that you might not even know exist,” he said. “You can snooze all recommendations for up to a month, but we’re going to try and get better at recommendations because we think it’s one of the best ways to help creators reach a new audience and grow their following. He added: “We’re going to need to evolve, because the world is changing quickly and we’re going to need to change with it.”

Instagram’s makeover is widely seen as a response to TikTok’s continued growth, in particular among younger American users. […] By boosting algorithmic recommendations, allowing users to “remix” posts (akin to TikTok’s “Duet” feature), and promoting full-screen vertical video above photos, Instagram is attempting to turn its main app experience into something similar to that of the Chinese-owned upstart. In a widely shared story, Kardashian clan member and social media star, Kylie Jenner, called on the service to “make Instagram Instagram again.” She added: “Stop trying to be TikTok, I just want to see cute photos of my friends.”

Read more of this story at Slashdot.

Saudi Arabia Plans IPO of $500 Billion For Its Megacity ‘Neom’

Saudi Arabia’s Crown Prince Mohammed bin Salman said they are planning an initial public offering of the Kingdom’s $500 billion megaproject Neom as soon as 2024. Arabian Business reports: Talking to reporters in Jeddah, the crown prince said the Kingdom is setting aside $80 billion for Neom Investment Fund, where it would invest in companies that agree to operate in the futuristic city, Bloomberg has reported. The announcement was witnessed by global investors including Bridgewater Associates founder Ray Dalio, Tim Collins of Ripplewood, Saudi Prince Alwaleed bin Talal and Kuwaiti retail billionaire Mohammed Alshaya.

The Saudi crown prince also unveiled funding details of Neom. First phase, which runs until 2030, will cost 1.2 trillion riyals, with about half of that covered by the Public Investment Fund. Officials will then seek to raise another 600 billion riyals from other sovereign wealth funds in the region, private investors in Saudi Arabia and abroad, and the planned IPO on Tadawul. The IPO, which could happen by 2024, will add more than 1 trillion riyals to the Kingdom’s stock market, the crown prince noted. In addition to the news about the IPO, a teaser video was released, revealing the design for The Line: a “vertical city” some 500 meters tall, 170 kilometers in length, and covered in mirrors.

“Although it looks like a wall, The Line is actually supposed to be comprised of two huge parallel buildings, connected via walkways and divided into neighborhoods that are supposed to offer all the amenities of city life within a five-minute walking distance,” reports The Verge.

“Vegetables will be ‘autonomously harvested and bundled’ from community farms; ‘a high-speed train will run under the mirrored buildings’; the Line will include a stadium ‘up to 1,000 feet above the ground,’ and there’ll be a marina for yachts under an arch between the buildings.” A report from the Wall Street Journal in 2019 also noted robots will outnumber humans and hologram teachers will education genetically-enhanced students.

Read more of this story at Slashdot.

Amazon To Increase Prime Membership Fee By Up To 43% In Europe

Amazon is raising prices for its Prime subscription service in the U.K. and across Europe as the e-commerce giant grapples with the effects of rising inflation. CNBC reports: In the U.K., Amazon is set to hike the annual price of a Prime membership to 95 pounds ($114), up from 79 pounds, representing a 20% jump. The changes will take effect Sept. 15. The company is enforcing even steeper price increases in European markets. In France, the price of an annual Prime membership is going up to 69.90 euros ($70) from 49 euros, a 43% increase. German Prime members can expect a 30% hike in their annual Prime prices to 89.90 euros, up from 69 euros.

Amazon blamed the price rises on “increased inflation and operating costs,” along with higher expenses tied to faster delivery and content production for its Prime Video streaming service, Reuters reported. The company is scheduled to report second-quarter earnings Thursday. The move follows similar price hikes Amazon announced in the U.S. earlier this year. In February, the company said it would raise the price of its annual Prime membership for Americans to $139 from $119.

Read more of this story at Slashdot.

A Newly Discovered Malware Hijacks Facebook Business Accounts

An ongoing cybercriminal operation is targeting digital marketing and human resources professionals in an effort to hijack Facebook Business accounts using a newly discovered data-stealing malware. TechCrunch reports: Researchers at WithSecure, the enterprise spin-off of security giant F-Secure, discovered the ongoing campaign they dubbed Ducktail and found evidence to suggest that a Vietnamese threat actor has been developing and distributing the malware since the latter half of 2021. The firm added that the operations’ motives appear to be purely financially driven. The threat actor first scouts targets via LinkedIn where it selects employees likely to have high-level access to Facebook Business accounts, particularly those with the highest level of access. The threat actor then uses social engineering to convince the target to download a file hosted on a legitimate cloud host, like Dropbox or iCloud. While the file features keywords related to brands, products, and project planning in an attempt to appear legitimate, it contains data-stealing malware that WithSecure says is the first malware that they have seen specifically designed to hijack Facebook Business accounts.

Once installed on a victim’s system, the Ducktail malware steals browser cookies and hijacks authenticated Facebook sessions to steal information from the victim’s Facebook account, including account information, location data, and two-factor authentication codes. The malware also allows the threat actor to hijack any Facebook Business account that the victim has sufficient access to simply by adding their email address to the compromised account, which prompts Facebook to to send a link, via email, to the same email address. The recipient — in this case, the threat actor — then interacts with the emailed link to gain access to that Facebook Business. The threat actors then leverage their new privileges to replace the account’s set financial details in order to direct payments to their accounts or to run Facebook Ad campaigns using money from the victimized firms.

Read more of this story at Slashdot.

‘Ocean Cleanup’ Removes First 100,000 kg of Plastic From the Great Pacific Garbage Patch

The Ocean Cleanup, a nonprofit trying to rid the world’s oceans of plastic, announced that it’s “officially removed more than 100,000 kg of plastic from the Great Pacific Garbage Patch (GPGP).” The impressive milestone is almost 4x as much garbage it announced it removed last October. CEO Boyan Slat writes in a press release: Since deployment in August 2021, System 002 (or “Jenny”) has now collected 101,353 kg of plastic over 45 extractions, sweeping an area of ocean of over 3000km2 — comparable to the size of Luxembourg or Rhode Island. Added to the 7,173 kg of plastic captured by our previous prototype systems, The Ocean Cleanup has now collected 108,526 kg of plastic from the GPGP — more than the combined weight of two and a half Boeing 737-800s, or the dry weight of a space shuttle!

According to our 2018 study in which we mapped the patch, the total amount of accumulated plastic is 79,000,000 kg, or 100,000,000 kg if we include the Outer GPGP. Thus, if we repeat this 100,000 kg haul 1,000 times — the Great Pacific Garbage Patch will be gone.

I’m proud of The Ocean Cleanup team for crossing this milestone, which is all the more remarkable considering System 002 is still an experimental system. Now our technology is validated, we are ready to move on to our new and expanded System 03, which is expected to capture plastic at a rate potentially 10 times higher than System 002 through a combination of increased size, improved efficiency, and increased uptime. Our transition to System 03 is starting soon.

Read more of this story at Slashdot.

Coding Mistake Made Intel GPUs 100X Slower in Ray Tracing

Intel Linux GPU driver developers have released an update that results in a massive 100X boost in ray tracing performance. This is something to be celebrated, of course. However, on the flip side, the driver was 100X slower than it should have been because of a memory allocation oversight. Tom’s Hardware reports: Linux-centric news site Phoronix reports that a fix merged into the open-source Intel Mesa Vulkan driver was implemented by Intel Linux graphics driver engineering stalwart Lionel Landwerlin on Thursday. The developer wryly commented that the merge request, which already landed in Mesa 22.2, would deliver “Like a 100x (not joking) improvement.” Intel has been working on Vulkan raytracing support since late 2020, but this fix is better late than never.

Usually, the Vulkan driver would ensure temporary memory used for Vulkan raytracing work would be in local memory, i.e., the very fast graphics memory onboard the discrete GPU. A line of code was missing, so this memory allocation housekeeping task wasn’t set. Thus, the Vulkan driver would shift ray tracing data to slower offboard system memory and back. Think of the continued convoluted transfers to this slower memory taking place, slowing down the raytracing performance significantly. It turns out, as per our headline, that setting a flag for “ANV_BO_ALLOC_LOCAL_MEM” ensured that the VRAM would be used instead, and a 100X performance boost was the result. “Mesa 22.2, which includes the new code, is due to be branched in the coming days and will be included in a bundle of other driver refinements, which should reach end-users by the end of August,” adds the report.

Read more of this story at Slashdot.

Source Code For Rust-Based Info-Sealer Released On Hacker Forums

The source code for an information-stealing malware coded in Rust has been released for free on hacking forums, with security analysts already reporting that the malware is actively used in attacks. BleepingComputer reports: The malware, which the author claims to have developed in just six hours, is quite stealthy, with VirusTotal returning a detection rate of around 22%. As the info-stealer is written in Rust, a cross-platform language, it allows threat actors to target multiple operating systems. However, in its current form, the new info-stealer only targets Windows operating systems.

Analysts at cybersecurity firm Cyble, who sampled the new info-stealer and named it “Luca Stealer,” report that the malware comes with standard capabilities for this type of malware. When executed, the malware attempts to steal data from thirty Chromium-based web browsers, where it will steal stored credit cards, login credentials, and cookies. The stealer also targets a range of “cold” cryptocurrency and “hot” wallet browser addons, Steam accounts, Discord tokens, Ubisoft Play, and more. Where Luca Stealer stands out against other info-stealers is the focus on password manager browser addons, stealing the locally stored data for 17 applications of this kind. In addition to targeting applications, Luca also captures screenshots and saves them as a .png file, and performs a “whoami” to profile the host system and send the details to its operators.

Read more of this story at Slashdot.

Chinese-Made Huawei Equipment Could Disrupt US Nuclear Arsenal Communications, FBI Determines

There’s been “a dramatic escalation of Chinese espionage on US soil over the past decade,” sources in the U.S. counterintelligence community have told CNN this weekend.

But some dramatic new examples have been revealed. For example, in 2017 China’s government offered to build a $100 million pavilion in Washington D.C. with an ornate 70-foot pagoda. U.S. counterintelligence officials realized its location — two miles from the U.S. Capitol — appeared “strategically placed on one of the highest points in Washington DC…a perfect spot for signals intelligence collection.”
Also alarming was that Chinese officials wanted to build the pagoda with materials shipped to the US in diplomatic pouches, which US Customs officials are barred from examining, the sources said. Federal officials quietly killed the project before construction was underway…

Since at least 2017, federal officials have investigated Chinese land purchases near critical infrastructure, shut down a high-profile regional consulate believed by the US government to be a hotbed of Chinese spies and stonewalled what they saw as clear efforts to plant listening devices near sensitive military and government facilities.
Among the most alarming things the FBI uncovered pertains to Chinese-made Huawei equipment atop cell towers near US military bases in the rural Midwest. According to multiple sources familiar with the matter, the FBI determined the equipment was capable of capturing and disrupting highly restricted Defense Department communications, including those used by US Strategic Command, which oversees the country’s nuclear weapons…. It’s unclear if the intelligence community determined whether any data was actually intercepted and sent back to Beijing from these towers. Sources familiar with the issue say that from a technical standpoint, it’s incredibly difficult to prove a given package of data was stolen and sent overseas.

The Chinese government strongly denies any efforts to spy on the US…. But multiple sources familiar with the investigation tell CNN that there’s no question the Huawei equipment has the ability to intercept not only commercial cell traffic but also the highly restricted airwaves used by the military and disrupt critical US Strategic Command communications, giving the Chinese government a potential window into America’s nuclear arsenal…. As Huawei equipment began to proliferate near US military bases, federal investigators started taking notice, sources familiar with the matter told CNN. Of particular concern was that Huawei was routinely selling cheap equipment to rural providers in cases that appeared to be unprofitable for Huawei — but which placed its equipment near military assets.

Read more of this story at Slashdot.