Alternative Invidious link without using YouTube directly: https://yt.artemislena.eu/watch?v=ihtAijebU-M

Insane method to read your PCs memory, based on certain electromagnetic emissions your system makes when you write or read data to the RAM.

Video Description:

The RAMBO Attack on RAM is truly amazing. Some of the best research I've seen.

covertchannels.com arxiv.org/pdf/2409.02292 wired.com/story/air-gap-researcher-mordechai-guri

youtube.com/watch?v=CjpEZ2LAazM&t=0s youtube.com/watch?v=-D1gf3omRnw&t=0s

cross-posted from: https://feddit.org/post/2724505

Archived link

Russia's naval activity near undersea cables is reportedly drawing the scrutiny of US officials, further sparking concerns that the Kremlin may be plotting to "sabotage" underwater infrastructure via a secretive, dedicated military unit called the General Staff Main Directorate for Deep Sea Research (GUGI).

[...]

Knocking out internet and telecommunications traffic traveling across these fiber-optic cables would have a devastating effect on government, military, and private-sector communications.

More than 95 percent of international data flows through those submarine cables, which puts them at increasing risk of both cyber and physical attacks .

[...]

Last year, public broadcasters of Sweden, Denmark, Norway, and Finland uncovered a Russian fleet of suspected spy ships operating in Nordic waters, reportedly for purposes of sabotaging both submarine cables and wind farms.

**In addition to communications, the cables also carry electricity between European countries. **

[...]

"Any activities that damaged seabed infrastructure including undersea cables especially during periods of heightened tensions risks misunderstandings and misperceptions that could lead to unintended escalation," [said an] US official. "The US would be especially concerned about damage to our or our allies' critical undersea infrastructure."

cross-posted from: https://feditown.com/post/650064

Archived version

• Earth Preta has upgraded its attacks, which now include the propagation of PUBLOAD via a variant of the worm HIUPAN
• Additional tools, such as FDMTP and PTSOCKET, were used to extend Earth Preta’s control and data exfiltration capabilities
• Another campaign involved spear-phishing emails with multi-stage downloaders like DOWNBAIT and PULLBAIT, leading to further malware deployments
• Earth Preta’s attacks are highly targeted and time-sensitive, often involving rapid deployment and data exfiltration, with a focus on specific countries and sectors within the APAC region

Earth Preta has been known to launch campaigns against valued targets in the Asia-Pacific (APAC). Recent observations on their attacks against various government entities in the region show that the threat group has updated their malware and strategies.

The spread of disinformation is one of the biggest risks to societies. Recent examples have been conspiracy narratives about COVID-19 vaccinations and false claims about Russia’s invasion of Ukraine.

The trend is linked partly to competition among world powers, which is being played out in Africa too.

Across the continent, multiple foreign powers, including China, France, Russia, the US and others, are competing to shape public opinion. In most cases, states use legitimate approaches to get their messages across. But there are many recent examples of foreign powers spreading misleading or false narratives about current affairs.

For example, in 2020, Meta revealed that the French military was behind an online campaign to sway public opinion in the Central African Republic against Russia. And in 2022, the US was accused of leading a disinformation campaign targeting Arab-speaking communities.

[Edit typo.]

The University of Pennsylvania in tbe U.S. announced $10 million in funding dedicated to its new Center for Media, Technology, and Democracy. The Center will be housed in the School of Engineering and Applied Science (Penn Engineering) and will operate in partnership with five other schools at Penn.

The Center will benefit from a five-year, $5 million investment from the John S. and James L. Knight Foundation as well as an additional $5 million in combined resources from Penn Engineering, Penn Arts & Sciences, the Annenberg School for Communication, the Wharton School, Penn Carey Law, and the School of Social Policy & Practice.

[...]

The Center will propel research involving media, technology, and democracy within Penn. Once established, however, the hope is for the Center to become a global hub for researchers, private sector leaders, and for policymakers—by sharing research findings and creating near real-time dashboards that provide a clear view of the current media landscape, informed by empirical research. Over the long term, the Center also aims to serve as a central repository for data sharing with the broader research community.

Early on a Saturday morning in April, Akara Etteh was checking his phone as he came out of Holborn tube station, in central London.

A moment later, it was in the hand of a thief on the back of an electric bike - Akara gave chase, but they got away.

He is just one victim of an estimated 78,000 "snatch thefts" in England and Wales in the year to March, a big increase on the previous 12 months. The prosecution rate for this offence is very low - the police say they are targeting the criminals responsible but cannot "arrest their way out of the problem". They also say manufacturers and tech firms have a bigger role to play.

[...]

Then, in May, just over a month after the theft, Akara checked Find My iPhone again - his prized possession was now on the other side of the world - in Shenzhen, China.

[..]

It is not uncommon for stolen phones to end up in Shenzhen - where if devices can't be unlocked and used again, they are disassembled for parts.

[...]

In the moments after Akara’s phone was stolen, he saw police officers on the street and he told them what had happened. Officers, he said, were aware of thieves doing a “loop of the area” to steal phones, and he was encouraged to report the offence online, which he did. A few days later, he was told by the Metropolitan Police via email the case was closed as “it is unlikely that we will be able to identify those responsible”.

Imagine your search terms, key-strokes, private chats and photographs are being monitored every time they are sent. Millions of students across the U.S. don’t have to imagine this deep surveillance of their most private communications: it’s a reality that comes with their school districts’ decision to install AI-powered monitoring software such as Gaggle and GoGuardian on students’ school-issued machines and accounts.

"As we demonstrated with our own Red Flag Machine, however, this software flags and blocks websites for spurious reasons and often disproportionately targets disadvantaged, minority and LGBTQ youth," the Electronic Software Foundation (EFF) says.

The companies making the software claim it’s all done for the sake of student safety: preventing self-harm, suicide, violence, and drug and alcohol abuse. While a noble goal, given that suicide is the second highest cause of death among American youth 10-14 years old, no comprehensive or independent studies have shown an increase in student safety linked to the usage of this software. Quite to the contrary: a recent comprehensive RAND research study shows that such AI monitoring software may cause more harm than good.

tacking on a bunch of LLMs sure is a way to "make the web more human".

Did you know you can play Doom on a diffusion model now? It’s true, Google just announced it! Just don’t read the paper too closely.

Alexey Soldatov, known as the “father of the Russian Internet,” was sentenced in July to two years in prison by a Moscow court for alleged “misuse” of IP addresses.

In 1990, Soldatov led the Relcom computer network that made the first Soviet connection to the global internet. He also served as Russia’s Deputy Minister of Communications from 2008 to 2010.

Soldatov was convicted on charges related to an alleged deal to transfer IP addresses to a foreign organization. He and his lawyers have denied the accusations. His family, many supporters, and Netzpolitik suggest that the accusations are politically motivated. Soldatov’s former business partner, Yevgeny Antipov, was also sentenced to eighteen months in prison.

Archived version

Unit 42 researchers recently found that Stately Taurus abused the popular Visual Studio Code software in espionage operations targeting government entities in Southeast Asia. Stately Taurus is a Chinese advanced persistent threat (APT) group that carries out cyberespionage attacks.

This threat actor used Visual Studio Code’s embedded reverse shell feature to gain a foothold in target networks. This is a relatively new technique that a security researcher discovered in 2023. According to our telemetry, this is the first time a threat actor used it in the wild.

We assess that this campaign is a direct continuation of a previously reported campaign that we attributed with moderate-high confidence to Stately Taurus. We come to this conclusion based on consideration of the TTPs, timeline and victimology targeting government entities in Southeast Asia.

We will also discuss a connection between the Stately Taurus activity and a second cluster of activity occurring simultaneously in the same targeted environment that leveraged the ShadowPad backdoor.

Palo Alto Networks customers receive better protection against threats discussed in this article through the following products and services, which we detail further in the Conclusion section:

• Advanced WildFire
• Advanced URL Filtering
• Advanced DNS Security
• Cortex XDR
• Cortex XSIAM
• Prisma Cloud Compute

Enticing though they are, such arguments conceal a logical flaw. As a classic 19th-century theory known as a Jevons paradox explains, even if autonomous vehicles eventually work perfectly — an enormous “if” — they are likely to increase total emissions and crash deaths, simply because people will use them so much.

Earlier this year, the Australia's eSafety commissioner took X to court over its refusal to remove videos of a religiously motivated Sydney church stabbing for its global users.

The case was ultimately dropped, but commissioner Julie Inman Grant says she received an "avalanche of online abuse" after Mr Musk called her the "censorship commissar" in a post to his 196 million followers.

[...]

A Columbia University report into technology-facilitated gender-based violence - which used Ms Inman Grant as a case study - found that she had been mentioned in almost 74,000 posts on X ahead of the court proceedings, despite being a relatively unknown figure online beforehand.

According to the analysis, the majority of the messages were either negative, hateful or threatening in some way. Dehumanising slurs and gendered language were also frequently noted, with users calling Ms Inman Grant names such as "left-wing Barbie", or "captain tampon".

[...]

Ms Inman Grant said that Mr Musk's decision to use "disinformation" to suggest that she was "trying to globally censor the internet" had amounted to a "dog whistle from a very powerful tech billionaire who owns his own megaphone".

She said that the torrent of online vitriol which followed had prompted Australian police to warn her against travelling to the US, and that the names of her children and other family members had been released across the internet.

[...]

The case turned into a test of Australia's ability to enforce its online rules against social media giants operating in multiple jurisdictions – one which failed after a Federal Court judge found that banning the posts from appearing on X globally would not be “reasonable” as it would likely be "ignored or disparaged by other countries".

In June, Ms Inman Grant's office said it would not pursue the case further, and that it would focus on other pending litigation against the platform.

X's Global Government Affairs team described the outcome as a win for "freedom of speech".

It could also identify your voice and recognize you and your ad preferences, and those of your passengers.

Why...