news aggregator

An anonymous reader quotes a report from CyberScoop: North Korean operatives seeking and gaining technical jobs with foreign companies kept CrowdStrike busy, accounting for almost one incident response case or investigation per day in the past year, the company said in its annual threat hunting report released Monday. "We saw a 220% year-over-year increase in the last 12 months of Famous Chollima activity," Adam Meyers, senior vice president of counter adversary operations, said during a media briefing about the report. "We see them almost every day now," he said, referring to the North Korean state-sponsored group of North Korean technical specialists that has crept into the workforce of Fortune 500 companies and small-to-midsized organizations across the globe. CrowdStrike's threat-hunting team investigated more than 320 incidents involving North Korean operatives gaining remote employment as IT workers during the one-year period ending June 30. CrowdStrike researchers found that Famous Chollima fueled that pace of activity with an assist from generative artificial intelligence tools that helped North Korean operatives maneuver workflows and evade detection during the hiring process. "They use generative AI across all stages of their operation," Meyers said. The insider threat group used generative AI to draft resumes, create false identities, build tools for job research, mask their identity during video interviews and answer questions or complete technical coding assignments, the report found. CrowdStrike said North Korean tech workers also used generative AI on the job to help with daily tasks and manage various communications across multiple jobs -- sometimes three to four -- they worked simultaneously. Threat hunters observed other significant shifts in malicious activity during the past year, including a 27% year-over-year increase in hands-on-keyboard intrusions -- 81% of which involved no malware. Cybercrime accounted for 73% of all interactive intrusions during the one-year period. CrowdStrike continues to find and add more threat groups and clusters of activity to its matrix of cybercriminals, nation-state attackers and hacktivists. The company identified 14 new threat groups or individuals in the past six months, Meyers said. "We're up to over 265 named adversary groups that we track, and then 150 what we call malicious activity clusters," otherwise unnamed threat groups or individuals under development, Meyers said.

Read more of this story at Slashdot.

Bypassing MFA and deploying ransomware…sounds like something that rhymes with 'schmero-day'

SonicWall on Monday confirmed that it's investigating a rash of ransomware activity targeting its firewall devices, following multiple reports of a zero-day bug under active exploit in its VPNs.…

Longtime Slashdot reader SonicSpike shares a report from TechCrunch: Sarah Murray recalls the first time she saw an artificial model in fashion: It was 2023, and a beautiful young woman of color donned a Levi's denim overall dress. Murray, a commercial model herself, said it made her feel sad and exhausted. The iconic denim company had teamed up with the AI studio Lalaland.ai to create "diverse" digital fashion models for more inclusive ads. For an industry that has failed for years to employ diverse human models, the backlash was swift, with New York Magazine calling the decision "artificial diversity." "Modeling as a profession is already challenging enough without having to compete with now new digital standards of perfection that can be achieved with AI," Murray told TechCrunch. Two years later, her worries have compounded. Brands continue to experiment with AI-generated models, to the consternation of many fashion lovers. The latest uproar came after Vogue's July print edition featured a Guess ad with a typical model for the brand: thin yet voluptuous, glossy blond tresses, pouty rose lips. She exemplified North American beauty standards, but there was one problem -- she was AI generated. The internet buzzed for days, in large part because the AI-generated beauty showed up in Vogue, the fashion bible that dictates what is and is not acceptable in the industry. The AI-generated model was featured in an advertisement, not a Vogue editorial spread. And Vogue told TechCrunch the ad met its advertising standards. To many, an ad versus an editorial is a distinction without a difference. TechCrunch spoke to fashion models, experts, and technologists to get a sense of where the industry is headed now that Vogue seems to have put a stamp of approval on technology that's poised to dramatically change the fashion industry. Amy Odell, a fashion writer and author of a recently published biography on Gwyneth Paltrow, put it simply: "It's just so much cheaper for [brands] to use AI models now. Brands need a lot of content, and it just adds up. So if they can save money on their print ad or their TikTok feed, they will."

Read more of this story at Slashdot.

Cloudflare finds AI search biz ignoring crawl prohibitions and trying to hide its spiders

Perplexity, an AI search startup, has been spotted trying to disguise its content-scraping bots while flouting websites' no-crawl directives.…

OpenAI's ChatGPT is on track to hit 700 million weekly active users, "up from 500 million in March, marking a more than fourfold year-over-year surge in growth," reports CNBC. From the report: The figure spans all ChatGPT artificial intelligence products -- free, Plus Pro, Enterprise, Team, and Edu -- and comes as daily user messages surpassed three billion, according to the company. The growth rate is also accelerating, compared with 2.5 times year-over-year growth at this time last year. "Every day, people and teams are learning, creating, and solving harder problems," said Nick Turley, VP of product for ChatGPT, in announcing the benchmark. OpenAI now has five million paying business users on ChatGPT, up from three million in June, as enterprises and educators increasingly integrate AI tools. [...] OpenAI's annual recurring revenue is now at $13 billion, up from $10 billion in June, with the company on track to surpass $20 billion by year-end. Even at a $300 billion valuation and $20 billion revenue run rate, OpenAI will need massive capital to support its global push.

Read more of this story at Slashdot.

One new military branch per term would have to be some sort of record

The US Space Force won't be the only new military branch Donald Trump has created if forthcoming recommendations from a group of retired military and civilian leadership end up being adopted. They want the President to form a US "Cyber Force" too. …

An anonymous reader quotes a report from NPR: Patrick Schlott often finds himself in a cellular dead zone during his drive to work. "You go down the road, you turn the corner and you're behind a mountain and you'll lose cell coverage pretty fast," he says. The 31-year-old electrical engineer says poor reception is a common frustration for residents of Vermont's Orange County. To address this issue, he's providing his community with a new way to stay connected. Schlott has taken old pay phones, modified them to make free calls, and set them up in three different towns across the county. He buys the phones secondhand from sites like eBay and Craigslist and restores them in his home workshop. With just an internet connection, these phones can make calls anywhere in the U.S. or Canada -- no coins required. And Schlott covers all the operating costs himself. "It's cheap enough where I'm happy just footing the bill," he says. "You know, if I'm spending $20 a month on, say, Netflix, I could do that and provide phone service for the community. And to me, that's way more fun." Hundreds of calls have been made since the first phone was installed back in March last year. "I knew there would be some fringe cases where it would be really helpful," says Schlott. "But I never expected it to get daily use and for people to be this excited about it." "One of the cornerstones that I want to stick to is, no matter what happens on the backend, the calls will always be free," he says. "And I will figure out a way to make that happen."

Read more of this story at Slashdot.

Fermi America will also have 4GW of gas generators for the Amarillo 'HyperGrid'

Nuclear power is enjoying something of a second renaissance in the US as hyperscalers grapple with AI's seemingly insatiable appetite for power.…

Plastics are a "grave, growing and under-recognised danger" to human and planetary health, a new expert review has warned. From a report: The world is in a "plastics crisis," it concluded, which is causing disease and death from infancy to old age and is responsible for at least $1.5 trillion a year in health-related damages. The driver of the crisis is a huge acceleration of plastic production, which has increased by more than 200 times since 1950 and is set to almost triple again to more than a billion tonnes a year by 2060. [...] Plastic pollution has also soared, with 8 billion tonnes now polluting the entire planet, the review said, from the top of Mount Everest to the deepest ocean trench. Less than 10% of plastic is recycled.

Read more of this story at Slashdot.

An anonymous reader shares a report: The Indian IT sector has operated for decades under the dominance of major firms TCS, Infosys, Wipro, and HCLT. The historical growth of these companies was tightly coupled with the U.S. economy through a strong "multiplier effect," where Indian IT export growth significantly outpaced US GDP growth. This reliable growth model is now under pressure. The multiplier has weakened considerably, falling from a peak of 4.1x to a projected 1.6x. This is contributing to a prolonged slowdown period for India IT exports. A primary factor in this slowdown is a clear shift in client spending priorities. While overall enterprise technology spending remains strong, clients are now allocating a larger portion of their budgets to core digital infrastructure, such as cloud platforms and SaaS platforms, over traditional IT services. The firms are facing challenges on multiple fronts. Global corporations are increasingly establishing their own global capability centers in India, with projections indicating an accelerated pace of 120 new centers being added annually in fiscal years 2024 and 2025, up from some 40 six years ago. This insourcing trend diverts revenue from traditional IT vendors and creates direct competition for skilled technology talent.

Read more of this story at Slashdot.

PXA Stealer pilfers data from nearly 40 browsers, including Chrome

More than 4,000 victims across 62 countries have been infected by stealthy infostealers pilfering people's passwords, credit card numbers, and browser cookies, which are then sold to other criminals on Telegram-based marketplaces.…

Google released a 30-second Pixel 10 ad today that mocks Apple's year-long delay in delivering promised AI improvements to Siri on iPhone 16 devices. The ad suggests users could "just change your phone" if they purchased a device for a feature that's been "coming soon for a full year."

Read more of this story at Slashdot.

Major cloud storage providers maintain unclear policies about deleting user data after subscription cancellations, Wired reports, with deletion timelines ranging from six months to indefinite preservation. Apple reserves the right to delete iCloud backups after 180 days of device inactivity but does not specify what happens to general file storage. Google may delete content after users exceed free storage limits for extended periods, though files remain safe for two years after cancellation. Microsoft may delete OneDrive files after six months of non-payment, while Dropbox preserves files indefinitely without expiration dates. All providers revert users to limited free storage tiers upon cancellation with Apple and Microsoft offering 5GB, Google providing 15GB, and Dropbox allowing 2GB.

Read more of this story at Slashdot.

The payroll growth we thought we experienced in May and June? Gone, like tears in the rain

The US IT jobs market hasn't exactly been robust thus far in 2025, and downward revisions to May and June's Bureau of Labor Statistics data mean IT jobs lost in July are part of an even deeper sector slowdown than previously believed.…

Delta Air Lines has walked back previous statements about individualized pricing after lawmakers questioned the airline's AI-assisted dynamic pricing model. In November, Delta president Glen Hauenstein told investors the company would have pricing "available on that flight, on that time, to you, the individual." Responding to senators' concerns in July, EVP Peter Carter now states Delta has never used, is not testing, and does not plan to use individualized pricing based on personal data. Carter describes the AI technology, developed by Fetcherr, as a decision-support tool that uses aggregated data to assist analysts rather than target individual customers with personalized fares.

Read more of this story at Slashdot.

Microsoft announced last month that Chinese state-sponsored hackers exploited vulnerabilities in SharePoint to breach hundreds of companies and government agencies, including the National Nuclear Security Administration and Department of Homeland Security. The company omitted that SharePoint support is handled by China-based engineers who have maintained the software for years. ProPublica reviewed screenshots of Microsoft's internal systems showing China-based employees recently fixing bugs for SharePoint "OnPrem," the version targeted in the attacks. Microsoft told the publication that the China-based team operates under U.S. supervision and the company is relocating this work.

Read more of this story at Slashdot.

Instrument works fine. Now, about those transistors

NASA's Europa Clipper probe checked out its radar as the spacecraft hurtled past Mars on the way to Jupiter's moon Europa.…

AI startup Perplexity is deploying undeclared web crawlers that masquerade as regular Chrome browsers to access content from websites that have explicitly blocked its official bots, according to a Cloudflare report published Monday. When Perplexity's declared crawlers encounter robots.txt restrictions or network blocks, the company switches to a generic Mozilla user agent that impersonates "Chrome/124.0.0.0 Safari/537.36" running on macOS, the web infrastructure firm reported. Cloudflare engineers tested the behavior by creating new domains with robots.txt files prohibiting all automated access. Despite the restrictions, Perplexity provided detailed information about the protected content when queried, while the stealth crawler generated 3-6 million daily requests across tens of thousands of domains. The undeclared crawler rotated through multiple IP addresses and network providers to evade detection.

Read more of this story at Slashdot.

Fujifilm has raised prices on cameras and lenses across its lineup, with price hikes reaching into the hundreds of dollars. From a report: Among the hikes is an increase to the price of Fuji's ultra-popular X100VI from $1,599 to $1,799. The capable X-T5 has gone from $1,699 to $1,899. And the already very expensive GFX100 II has gone from $7,499 to $8,299 -- an $800 increase. Increases to lens prices appear to be somewhat more modest, with bumps in the $50 to $150 range.

Read more of this story at Slashdot.

Devs told to exercise 'extreme caution' with emails disguised as account update prompts

Mozilla is warning of an ongoing phishing campaign targeting developers of Firefox add-ons.…