news aggregator

An anonymous reader shares a report: Chinese authorities have told domestic companies to stop using cybersecurity software made by roughly a dozen firms from the U.S. and Israel due to national security concerns, two people briefed on the matter said. As trade and diplomatic tensions flare between China and the U.S. and both sides vie for tech supremacy, Beijing has been keen to replace Western-made technology with domestic alternatives. The U.S. companies whose cybersecurity software has been banned include Broadcom-owned VMware, Palo Alto Networks and Fortinet, while the Israeli companies include Check Point Software Technologies, the sources said.

Read more of this story at Slashdot.

Coal power generation fell in China and India for the first time since the 1970s last year, in a "historic" moment that could bring a decline in global emissions, according to analysis. From a report: The simultaneous fall in coal-powered electricity in the world's biggest coal-consuming countries had not happened since 1973, according to analysts at the Centre for Research on Energy and Clean Air, and was driven by a record roll-out of clean energy projects. The research, commissioned by the climate news website Carbon Brief, found that electricity generated by coal plants fell by 1.6% in China and by 3% in India last year, after the boom in clean energy across both countries was more than enough to meet their rising demand for energy. China added more than 300GW of solar power and 100GW of wind power last year -- together, more than five times the UK's total existing power generation capacity -- which are both "clear new records for China and, therefore, for any country ever," the report said. India added 35GW of solar, 6GW of wind and 3.5GW of hydropower last year, according to the analysis.

Read more of this story at Slashdot.

Grid and generation capacity are not being added fast enough to support the scale of growth many forecasts assume

A looming shortage of electrical power is set to constrain datacenter expansion, potentially leaving many industry growth forecasts looking overly optimistic.…

Had it been around in 2020, it could have flagged tens of billions before payouts, PRAC tells Congress

A fraud-detection AI model trained on COVID-19 loan data could have flagged potentially tens of billions of dollars in payments before they went out, reducing the feds' pay-and-chase cleanup, the US government's Pandemic Response Accountability Committee told Congress on Tuesday.…

McKinsey is asking graduate applicants to "collaborate" with an AI tool as part of its recruitment process, as competence with the technology becomes a requirement in competing for top-level jobs. From a report: The blue-chip consultancy is incorporating an "AI interview" into some final-round interviews, according to CaseBasix, a US company that helps candidates apply for posts at leading strategic consulting companies. In an online post, CaseBasix said candidates in "select final rounds" in the US have been asked to complete tests using McKinsey's internal AI tool, Lilli. They are required to carry out practical consulting tasks with the help of Lilli. "In the McKinsey AI interview, you are expected to prompt the AI, review its output, and apply judgment to produce a clear and structured response. The focus is on collaboration and reasoning rather than technical AI expertise," CaseBasix said.

Read more of this story at Slashdot.

Amazon founder Jeff Bezos once told an audience that he views local PC hardware the same way he views a 100-year-old electric generator he saw in a brewery museum -- as a relic of a pre-grid era, destined to be replaced by centralized utilities that users simply rent rather than own. The anecdote, shared at a talk a few years ago, positioned Amazon Web Services and Microsoft Azure as the inevitable successors to the desktop tower. Bezos argued that users would eventually abandon local computing for cloud-based solutions, much as businesses once abandoned on-site power generation for the electrical grid. Current market dynamics have made that prediction feel more plausible. DRAM prices have become increasingly untenable for consumers, and companies like Dell and ASUS have signaled price increases across their PC ranges. Micron has shut down its consumer DRAM operations entirely, prioritizing AI datacenter demand instead. SSD storage is expected to face similar constraints. Cloud gaming services from Amazon Luna, NVIDIA GeForce Now and Xbox are seeing steady growth. Microsoft previously developed a consumer version of its business-grade Windows 365 cloud PC product, though the company deprioritized it -- the economics didn't work when cheap laptops remained available. That calculus could shift. Xbox Game Pass's 1440p cloud gaming runs $30 monthly and NVIDIA recently imposed a 100-hour cap on its cloud platform. The infrastructure remains expensive to operate, but rising local hardware costs may eventually close that gap.

Read more of this story at Slashdot.

Matthew McConaughey is taking a novel legal approach to combat unauthorized AI fakes: trademarking himself. From a report: Over the past several months, the "Interstellar" and "Magic Mike" star has had eight trademark applications approved by the U.S. Patent and Trademark Office featuring him staring, smiling and talking. His attorneys said the trademarks are meant to stop AI apps or users from simulating McConaughey's voice or likeness without permission -- an increasingly common concern of performers. The trademarks include a seven-second clip of the Oscar-winner standing on a porch, a three-second clip of him sitting in front of a Christmas tree, and audio of him saying "Alright, alright, alright," his famous line from the 1993 movie "Dazed and Confused," according to the approved applications. "My team and I want to know that when my voice or likeness is ever used, it's because I approved and signed off on it," the actor said in an email. "We want to create a clear perimeter around ownership with consent and attribution the norm in an AI world."

Read more of this story at Slashdot.

The chief constable of one of Britain's largest police forces has admitted that Microsoft's Copilot AI assistant made a mistake in a football (soccer) intelligence report. From a report: The report, which led to Israeli football fans being banned from a match last year, included a nonexistent match between West Ham and Maccabi Tel Aviv. Copilot hallucinated the game and West Midlands Police included the error in its intelligence report without fact checking it. "On Friday afternoon I became aware that the erroneous result concerning the West Ham v Maccabi Tel Aviv match arose as result of a use of Microsoft Co Pilot [sic]," says Craig Guildford, chief constable of West Midlands Police, in a letter to the Home Affairs Committee earlier this week. Guildford previously denied in December that the West Midlands Police had used AI to prepare the report, blaming "social media scraping" for the error.

Read more of this story at Slashdot.

Three major GDPR violations, including a lack of basic security controls, lead to hefty dent in profits

The French data protection regulator, CNIL, today issued a collective €42 million ($48.9 million) fine to two French telecom companies for GDPR violations stemming from a data breach.…

Support expires for Windows Server 2008, and the codebase released to manufacturing in 2006

Microsoft has quietly maintained support for an OS that's nearly 18 years old, but its time has finally passed - the Windows Vista-powered Windows Server 2008 took its last breath this week.…

After spending years pushing digital payments to combat tax evasion and money laundering, European Union ministers decided in December to ban businesses from refusing cash. The reversal comes as 12% of European businesses flatly refused cash in 2024, up from 4% three years earlier. Over one in three cinemas in the Netherlands no longer accept notes and coins. Cash usage across the euro area dropped from 79% of in-person transactions in 2016 to just 52% in 2024. Sweden leads the digital shift where 90% of purchases now happen digitally and cash represents under 1% of GDP compared to 22% in Japan. The policy change stems from concerns about financial inclusion for elderly and poor populations who struggle with digital systems. Resilience worries also drove the decision after Spaniards facing nationwide power cuts last spring found themselves unable to buy food. European officials worry about dependence on American payment giants Visa and MasterCard. The EU now recommends citizens store enough cash to survive a week without electricity or internet access.

Read more of this story at Slashdot.

New crooks on the block get crafty with blockchain to evade defenses

Researchers at Group-IB say the DeadLock ransomware operation is using blockchain-based anti-detection methods to evade defenders' attempts to analyze their tradecraft.…

The European Union published guidance on December 30 that reclassified nuclear weapons as acceptable investments under its sustainable finance framework, completing a policy change approved in November that narrowed the definition of banned armaments from "controversial" to "prohibited." The shift addresses earlier vagueness that the Commission said hindered efforts to raise $932 billion in defense investments over four years. Under the revised rules, only four weapon categories remain expressly outlawed by a majority of EU states: personnel mines, cluster munitions, and biological and chemical weapons. Nuclear weapons manufacturers avoided exclusion because only Austria, Ireland and Malta signed the Treaty on the Prohibition of Nuclear Weapons, though all EU members support non-proliferation under the Non-Proliferation Treaty. The updated guidance also permits ESG labeling for companies handling depleted uranium for anti-tank ammunition and white phosphorus, which is toxic but not classified as a chemical weapon. European ESG funds currently hold minimal defense stocks, according to Jefferies data. The Commission's notice now makes these investments eligible for funds operating under Article 8 and Article 9 sustainable investment mandates.

Read more of this story at Slashdot.

Investment in datacenters to peak by 2029, place your bets please

The AI-driven datacenter construction frenzy shows no signs of slowing, but neither do concerns that the whole edifice could collapse under the weight of its own hype and mounting investment demands.…

Latest update focuses on hardware acceleration, security tightening, and a handful of quality-of-life tweaks

The latest Firefox is here with some handy changes – most of which differ depending on what OS and type of CPU you run it on.…

An anonymous reader quotes a report from Ars Technica: Researchers have discovered a never-before-seen framework that infects Linux machines with a wide assortment of modules that are notable for the range of advanced capabilities they provide to attackers. The framework, referred to as VoidLink by its source code, features more than 30 modules that can be used to customize capabilities to meet attackers' needs for each infected machine. These modules can provide additional stealth and specific tools for reconnaissance, privilege escalation, and lateral movement inside a compromised network. The components can be easily added or removed as objectives change over the course of a campaign. VoidLink can target machines within popular cloud services by detecting if an infected machine is hosted inside AWS, GCP, Azure, Alibaba, and Tencent, and there are indications that developers plan to add detections for Huawei, DigitalOcean, and Vultr in future releases. To detect which cloud service hosts the machine, VoidLink examines metadata using the respective vendor's API. Similar frameworks targeting Windows servers have flourished for years. They are less common on Linux machines. The feature set is unusually broad and is "far more advanced than typical Linux malware," said researchers from Checkpoint, the security firm that discovered VoidLink. Its creation may indicate that the attacker's focus is increasingly expanding to include Linux systems, cloud infrastructure, and application deployment environments, as organizations increasingly move workloads to these environments. "VoidLink is a comprehensive ecosystem designed to maintain long-term, stealthy access to compromised Linux systems, particularly those running on public cloud platforms and in containerized environments," the researchers said in a separate post. "Its design reflects a level of planning and investment typically associated with professional threat actors rather than opportunistic attackers, raising the stakes for defenders who may never realize their infrastructure has been quietly taken over." The researchers note that VoidLink poses no immediate threat or required action since it's not actively targeting systems. However, defenders should remain vigilant.

Read more of this story at Slashdot.

Attack enters second day with major disruption to healthcare provision

Two hospitals in Belgium have cancelled surgeries and transferred critical patients to other facilities after shutting down servers following a cyberattack.…

Travel biz tells customers to change passwords beyond its own services

Eurail has confirmed customer information was stolen in a data breach, according to notification emails sent out this week.…

U-turn leaves questions on costs, funding, and benefits unanswered

The UK government has backed down from making digital ID mandatory for proof of a right to work in the country, adding to confusion over the scheme's cost and purpose.…

Committee raises concerns over delays and loopholes in proposed law

The Science, Innovation and Technology Committee has criticized the UK government's handling of AI nudification tools, saying it is taking too long to ban apps, and that expedited legislation does not encompass multi-purpose platforms used to create nude images.…