SoylentNews

upstart writes in with an IRC submission:

Mass hijacking spree takes over subreddits to promote Donald Trump:

Dozens of discussion groups on Reddit—including those dedicated to the National Football League, the San Francisco 49ers, and the Gorillaz—were hit in a Friday morning mass takeover spree that used the subreddits to spread messages promoting President Trump.

The hijacked accounts had tens of millions of combined members. The 148,000-member subreddit Supernatural, dedicated to the TV show by the same name, was emblazoned with pro-Trump images and slogans. Reddit personnel have since restored the moderator account to its rightful owner. The image above is how the subreddit appeared when the takeover was still active. The takeovers came five weeks after Reddit banned /r/The_Donald, a leading forum for fans of the president, and hundreds of other unrelated subreddits for violating recently rewritten content rules.

Reddit personnel published this post captioned, "Ongoing incident with compromised mod accounts." Reddit personnel then warned that moderator accounts were being compromised and used to vandalize subreddits. It asked moderators of affected subreddits to report them in responses.

A larger list of subreddits reported as compromised is available at the incident report linked above.

[...] Reddit officials issued the following statement: "An investigation is underway related to a series of vandalized communities. It appears the source of the attacks were compromised moderator accounts. We are working to lock down those accounts and restore impacted communities."

[...] At the time this post went live, most or all of the affected accounts appeared to have been either restored and reverted back to their previous condition or banned for terms of service violations.

Original Submission

upstart writes in with an IRC submission:

Coronavirus clobbers Uber, leading to $1.8 billion quarterly loss:

The coronavirus pandemic hammered Uber's finances in the second quarter of 2020, the company announced on Thursday. Gross bookings for Uber's core ride-hailing business plunged by 75 percent compared with a year earlier—from $12.2 billion to $3 billion.

That was offset somewhat by rapid growth in Uber's delivery business. Delivery bookings more than doubled from $3.4 billion to $7 billion.

The company lost $1.8 billion in the second quarter on a GAAP basis. Ignoring one-time charges, Uber has been losing around $1 billion per quarter for the last couple of years.

[...] In May, Uber laid off 3,700 people in an effort to contain mounting losses.

Demand for rides cratered, while demand for deliveries soared. In his Thursday statement, Khosrowshahi argued that Uber's product portfolio had a "natural hedge" since people ordered more takeout even as they cut back on going out.

Still, Uber says that its rides business earned a $50 million profit on an EBITDA (earnings before interest, taxes, depreciation and amortization) basis. The problem is that this figure is nowhere close to offsetting losses and overhead elsewhere—including the delivery business and Uber's expensive self-driving project.

Fortunately, Uber is in no danger of running out of money; it has almost $8 billion in cash and short-term investments. It could easily burn cash at this rate for another year.

Original Submission

takyon writes:

The U.S. Air Force Space Force has awarded National Security Space Launch (NSSL) Phase 2 contracts to the United Launch Alliance (ULA) and SpaceX:

During a video call with reporters, William Roper, Assistant Secretary of the Air Force for Acquisition, Technology and Logistics, said that United Launch Alliance will receive approximately 60 percent of the launch orders and SpaceX will receive the other 40 percent. Two other bidders, Northrop Grumman with its Omega rocket, and Blue Origin with its New Glenn vehicle, will not receive awards.

"The ability to meet our technical factors to do the mission is the most important thing," Roper said, in response to a question on the Air Force criteria. Secondary factors included past performance, the ability to work with small businesses, and total evaluated price. The military has nine reference orbits for large and complex payloads that these rockets must meet.

A tertiary factor: bidding a launch vehicle that has already been flown.

From 2022 to 2026, Roper said the Air Force expects to award a total of 30 to 34 contracts for missions. Assuming the 60-40 split in total contracts, this likely will result in contract values of about $3.5 billion for United Launch Alliance and $2.5 billion for SpaceX—but these are rough estimates and the US Air Force has not released specific amounts. These awards ensure that ULA and SpaceX will continue a long-running rivalry.

As part of Friday's announcement, the Air Force said ULA has been assigned the USSF-51 and USSF-106 missions scheduled for launch in second quarter fiscal year 2022 and fourth quarter fiscal year 2022, respectively. SpaceX has been assigned USSF-67, scheduled for launch in fourth quarter fiscal year 2022. Task orders for the launch service support and launch service contracts will be issued to ULA for $337M and SpaceX for $316M for launch services to meet fiscal year 2022 launch dates. (This latter value suggests the SpaceX mission will likely fly on the Falcon Heavy rocket.)

The large initial award to SpaceX could also include funding for an extended payload fairing and vertical integration.

See also: News Analysis | With Pentagon award, SpaceX joins the establishment

Also at Space News and Teslarati.

Previously: SpaceX BFR vs. ULA Vulcan Showdown in the 2020s
Blue Origin Urges U.S. Air Force to Delay Launch Provider Decision

Original Submission

"MrPlow" writes:

Submitted via IRC for RandomFactor

Many of the tools are designed as experimental steps toward human exploration of the red planet. Crucially, Perseverance is equipped with a device called the Mars Oxygen In-Situ Resource Utilization Experiment, or MOXIE: an attempt to produce oxygen on a planet where it makes up less than 0.2 percent of the atmosphere.

Oxygen is a cumbersome payload on space missions. It takes up a lot of room, and it's very unlikely that astronauts could bring enough of it to Mars for humans to breathe there, let alone to fuel spaceships for the long journey home.

That's the problem MOXIE is looking to solve. The car-battery-sized robot is a roughly 1 percent scale model of the device scientists hope to one day send to Mars, perhaps in the 2030s.

Like a tree, MOXIE works by taking in carbon dioxide, though it's designed specifically for the thin Martian atmosphere. It then electrochemically splits the molecules into oxygen and carbon monoxide, and combines the oxygen molecules into O₂.

It analyses the O₂ for purity, shooting for about 99.6 percent O₂. Then it releases both the breathable oxygen and the carbon monoxide back into the planet's atmosphere. Future scaled-up devices, however, would store the oxygen produced in tanks for eventual use by humans and rockets.

Source: https://www.businessinsider.com/moxie-robot-nasa-mars-rover-turns-co2-into-oxygen-2020-7

Original Submission

"MrPlow" writes:

Submitted via IRC for RandomFactor

An ancient amber fossil has offered scientists new insights into the deadly hunting prowess of the "hell ant" species Ceratomyrmex ellenbergeri.

The 99-million-year-old amber, unearthed in Myanmar, trapped a member of the Haidomyrmecine subfamily -- the group known as hell ants -- just as the predator snatched a cockroach relative with its scythe-like mandibles.

Animal behavior rarely becomes fossilized, and fossilized hunting behavior is especially elusive. The hell ant fossil, described Thursday in the journal Current Biology, is a one-of-a-kind find.

Journal Reference:
Phillip Barden. Specialized Predation Drives Aberrant Morphological Integration and Diversity in the Earliest Ants, Current Biology (DOI: 10.1016/j.cub.2020.06.106)

Source: https://www.upi.com/Science_News/2020/08/06/Amber-fossil-reveals-hunting-prowess-of-ancient-hell-ant/3761596726657/

Original Submission

upstart writes in with an IRC submission:

Humans Might Be So Sickly Because We Evolved to Avoid a Single Devastating Disease:

Sialic acids are a diverse group of carbohydrates that blossom like leaves from the tips of proteins covering the surfaces of human cells.

[...] Changes in sialic acid markers can give rise to a number of diseases. But it was one specific change particular to all humans that the researchers here were most keen to gain an understanding of.

Most mammals – including closely related apes – have a compound called N-glycolylneuraminic acid, or Neu5Gc. We've known for some time that the gene for this version of sialic acid is broken in us, leaving its precursor form, N-acetylneuraminic acid (Neu5Ac), to do its job.

Researchers previously speculated that this mutation was selected for in humans to make it harder for devastating malarial parasites such as Plasmodium knowlesi to latch onto red blood cells.

[...] Since chimpanzees retain the gene for Neu5Gc, the mutation must have occurred within the past 6 million years or so, sometime after we parted ways from one another.

[...] This most recent study shows Neanderthals and Denisovans share our variant of sialic acid, meaning the change happened before our branch of the family tree separated roughly 400,000 to 800,000 years ago.

[...] To differentiate between cells that belong to us from possible invaders, our immune cells are armed with a scanning chemical called sialic acid-binding immunoglobulin-type lectins. Or Siglecs for short.

When an inspection occurs, if a cell's sialic acid marker isn't up to scratch, it's curtains for that cell. Naturally, any changes to our sialic acid name-tag would imply our system of Siglecs would have needed adjusting as well.

Sure enough, on further investigation the researchers found significant mutations among a cluster of Siglec genes that are common to humans and their ilk, but not great apes.

[...] Siglec expression is linked with conditions such as asthma and Alzheimer's disease, raising the possibility that protection from a devastating disease put us at risk of other conditions.

Journal Reference:
Naazneen Khan, Marc de Manuel, Stephane Peyregne, et al. Multiple Genomic Events Altering Hominin SIGLEC Biology and Innate Immunity Predated the Common Ancestor of Humans and Archaic Hominins [open], Genome Biology and Evolution (DOI: 10.1093/gbe/evaa125)

Original Submission

RandomFactor writes:

Fast Radio Bursts (FRBs) are extremely short bursts of high energy radiation and typically originate hundreds of millions of light-years away. Now one has been detected for the first time from inside the milky way from a magnetar.

This FRB is different. Telescope observations suggest that the burst came from a known neutron star — the fast-spinning, compact core of a dead star, which packs a sun's-worth of mass into a city-sized ball — about 30,000 light-years from Earth in the constellation Vulpecula. The stellar remnant fits into an even stranger class of star called a magnetar, named for its incredibly powerful magnetic field, which is capable of spitting out intense amounts of energy long after the star itself has died. It now seems that magnetars are almost certainly the source of at least some of the universe's many mysterious FRBs, the study authors wrote.

"We've never seen a burst of radio waves, resembling a fast radio burst, from a magnetar before," lead study author Sandro Mereghetti, of the National Institute for Astrophysics in Milan, Italy, said in a statement. "This is the first ever observational connection between magnetars and fast radio bursts."

Journal Reference:
INTEGRAL Discovery of a Burst with Associated Radio Emission from the Magnetar SGR 1935+2154 - IOPscience, The Astrophysical Journal Letters (DOI: 10.3847/2041-8213/aba2cf)

Radio emissions drop off with the square of distance, and by the time they reach the Earth the high energy emissions of FRBs have been described as similar in magnitude to 'a cell phone calling from the Moon.' This burst originated several orders of magnitude closer than is typical and was detected by the European Space Agency's (ESA) Integral satellite, as well as radio telescopes in British Columbia, Canada, California and Utah.

Original Submission

upstart writes in with an IRC submission:

Snapdragon chip flaws put >1 billion Android phones at risk of data theft:

Snapdragon is what’s known as a system on a chip that provides a host of components, such as a CPU and a graphics processor. One of the functions, known as digital signal processing, or DSP, tackles a variety of tasks, including charging abilities and video, audio, augmented reality, and other multimedia functions. Phone makers can also use DSPs to run dedicated apps that enable custom features.

“While DSP chips provide a relatively economical solution that allows mobile phones to provide end users with more functionality and enable innovative features—they do come with a cost,” researchers from security firm Check Point wrote in a brief report of the vulnerabilities they discovered.

[...] Qualcomm has released a fix for the flaws, but so far it hasn’t been incorporated into the Android OS or any Android device that uses Snapdragon, Check Point said. When I asked when Google might add the Qualcomm patches, a company spokesman said to check with Qualcomm. The chipmaker didn’t respond to an email asking.

Check Point is withholding technical details about the vulnerabilities and how they can be exploited until fixes make their way into end-user devices. Check Point has dubbed the vulnerabilities Achilles. The more than 400 distinct bugs are tracked as CVE-2020-11201, CVE-2020-11202, CVE-2020-11206, CVE-2020-11207, CVE-2020-11208 and CVE-2020-11209.

Original Submission

upstart writes in with an IRC submission for GrandFireWizard:

Man wins $7 million in lottery after buying every single ticket:

Kevin Clark, from Candler in North Carolina, had a hunch that the top $US5 million ($A7 million) prize in the Mega Cash scratch-off game would be won in the western part of the state.

So he came up with an unusual strategy to ensure he got his hands on the lucky ticket – by travelling from store to store and buying every ticket he could find.

Mr Clark spent four hours on his quest to purchase every $20 Mega Cash scratchie ticket he came across in around 40 different stores.

And while it is not known how much he spent in total, it’s safe to say he came out on top after a ticket he bought from a Stop N Go outlet in Swannanoa, North Carolina ended up being the winner.

[...] In the end he decided to pocket a $US3 million ($A4.2 million) lump sum instead of taking the $US5 million as an annuity of $US250,000 ($A350,267) per year for two decades.

After taxes, he was left with a total cash prize of around $US2.1 million ($A2.94 million).

“I had a real good feeling it was going to be in the western part of the state,” Mr Clark said, according to the NC Education Lottery.

However, he said he was still stunned when his tactic paid off.

Original Submission

upstart writes in with an IRC submission:

Return of the zombie cicadas: Team unearths manipulative qualities of fungal-infected flyers:

Massospora manipulates male cicadas into flicking their wings like females—a mating invitation—which tempts unsuspecting male cicadas and infects them.

It's a recent discovery into the bizarre world of cicadas plagued by a psychedelic fungus that contains chemicals including those found in hallucinogenic mushrooms.

[...] "Essentially, the cicadas are luring others into becoming infected because their healthy counterparts are interested in mating," said Brian Lovett, study co-author and post-doctoral researcher with the Davis College of Agriculture, Natural Resources and Design. "The bioactive compounds may manipulate the insect to stay awake and continue to transmit the pathogen for longer."

[...] Massospora spores gnaw away at a cicada's genitals, butt and abdomen, replacing them with fungal spores. Then they "wear away like an eraser on a pencil," Lovett said.

Journal Reference:
Brian Lovett, Angie Macias, Jason E. Stajich, et al. Behavioral betrayal: How select fungal parasites enlist living insects to do their bidding, PLOS Pathogens (DOI: 10.1371/journal.ppat.1008598)

Original Submission

upstart writes in with an IRC submission:

Hacker Leaks Passwords For 900+ Enterprise Vpn Servers | Zdnet:

EXCLUSIVE: The list has been shared on a Russian-speaking hacker forum frequented by multiple ransomware gangs.

A hacker has published [on August 4] a list of plaintext usernames and passwords, along with IP addresses for more than 900 Pulse Secure VPN enterprise servers.

ZDNet, which obtained a copy of this list with the help of threat intelligence firm KELA, verified its authenticity with multiple sources in the cyber-security community.

According to a review, the list includes:

• IP addresses of Pulse Secure VPN servers
• Pulse Secure VPN server firmware version
• SSH keys for each server
• A list of all local users and their password hashes
• Admin account details
• Last VPN logins (including usernames and cleartext passwords)
• VPN session cookies

The security researcher noted that all the Pulse Secure VPN servers included in the list were running a firmware version vulnerable to the CVE-2019-11510 vulnerability.

[...] The publication of this list as a free download is a literal DEFCON 1 danger level for any company that has failed to patch its Pulse Secure VPN over the past year, as some of the ransomware gangs active on this forum are very likely to use the list for future attacks.

Original Submission

upstart writes in with an IRC submission:

US voting hardware maker's shock discovery: Security improves when you actually work with the community:

Just hours after Professor Matt Blaze today discussed the state of election system security in America, one of the largest US voting machine makers stepped forward to say it's trying to improve its vulnerability research program.

Election Systems and Software (ES&S), whose products include electronic ballot boxes and voter registration software, said it is working with infosec outfits and bug-finders to improve the security of its products.

Speaking at this year's online Black Hat USA conference, CISO Chris Wlaschin outlined a number of steps his biz has already or will soon take to overhaul its relationship with bug-bounty hunters.

In addition to its ongoing vulnerabilities rewards program, ES&S said it will employ the services of security house Synack to bridge the gap with bounty hunters, and make its products better able to withstand attacks from the likes of state-sponsored groups.

Most notably, ES&S will beef up said rewards program. With the help of ethical hackers at Synack, testers will be able to hammer on devices like the ES&S ExpressPoll without fear of legal reprisal.

[...] One of the bounty hunters who has worked with ES&S, industry veteran Jack Cable, issued his seal of approval to the expanded program.

Today, the nation's largest voting vendor released a vulnerability disclosure policy giving hackers authorization to test their systems. This is a great step towards transparency for election security. I hope that other vendors follow suit and welcome hackers with open arms. 🧵

— Jack Cable (@jackhcable) August 5, 2020

Original Submission

upstart writes in with an IRC submission:

Social Movements Are Pushing Google Sheets to the Breaking Point:

For a brief period, panicking international students across the nation found hope in a Google Sheet.

When the U.S. Immigration and Customs Enforcement (ICE) agency announced on July 6 that international students who weren't enrolled in courses meeting in-person could face deportation in the fall, Sumana Kaluvai — the creator of H-4 Hope, a Facebook group that supports students of varying immigration backgrounds — built a system for connecting international students with peers who were willing to surrender their seats in courses that could grant their classmates the right to stay in the country. She used the closest tool in her reach, Google Sheets, to facilitate these class exchanges and began circulating the resource on social media.

Her spreadsheet quickly went viral, attracting levels of traffic that rendered it unresponsive. McClain Thiel, a data science student at the University of California, Berkeley, eventually reached out and offered to build a website to replace the Google Sheet, and on July 9, they launched Support Our International Students. Though ICE would rescind the policy days later, their new website managed to mitigate the problems the original Google Sheet encountered.

[...] When Stella Nguyen, a UCLA student from Vietnam, came across Kaluvai's spreadsheet, she "found it comforting that many students — international or not — were coming together." Google Docs has helped get us here, to an era where anyone who can create and edit a document can feel empowered to help others and foster hope and connection. Now, we just need tools that are as ambitious as we are.

Original Submission

upstart writes in with an IRC submission:

New Windows Print Spooler Zero-Day Flaws Harken Back to Stuxnet:

Ten years after the game-changing Stuxnet attack was first discovered, a Windows printer program it exploited has been found to contain additional dangerous zero-day flaws that could allow an attacker to gain a foothold in the network as a privileged user.

The researchers who discovered the new flaws in Microsoft's ubiquitous Windows Print Spooler service say they wanted to see if there still was a way to game Print Spooler for a Stuxnet 2.0-style attack 10 years after the first known cyberweapon attack was unearthed. "We started digging in, looking at the original Stuxnet propagation, and then we found out there were problems. ... We decided to take the Spooler service to the next level, and eventually we found it was not fully patched," explains Tomer Bar, research team leader at Safe Breach, who along with his colleague Peleg Hadar found the flaws that they plan to detail today at Black Hat USA.

upstart writes in with an IRC submission for nutherguy:

New Jersey prosecutors drop charges over tweeting a cop's photo [Updated]:

Update (~4pm ET): Mid-afternoon on Friday, August 7, the Essex County Prosecutor's Office dropped its cyber harassment charges against all five defendants, the Asbury Park Press reports. These charges stemmed from an incident involving a Tweet attempting to identify a New Jersey police officer. Our original story on the situation appears unchanged below.

A New Jersey man is facing felony charges for a tweet seeking to identify a police officer. Four others are facing felony charges for retweeting the tweet, the Washington Post reports.

[...] The complaint against Sziszak claims that the tweet caused the officer to "fear that harm will come to himself, family, and property."

"As a 20 year old that simply retweeted a tweet to help my friend, I am now at risk of giving up my career, serving time, and having a record," Sziszak wrote.

Original Submission