SoylentNews

upstart writes in with an IRC submission:

WHO team rejects lab origin of coronavirus, focuses on animals, frozen food:

After 12 days of field work in Wuhan, China, an international team of scientists assembled by the World Health Organization have wrapped up its investigation into the origins of the SARS-CoV-2 virus that mushroomed out of the city in December of 2019.

The team's findings support researchers' previous leading hypothesis of how the pandemic began—that the virus used a still-elusive intermediate animal host as a bridge to infect humans from a distant reservoir host, such as horseshoe bats. But the team did fill in new, intriguing details of the pandemic's first, crucial month—and ruled out sensational theories that the pandemic was born from a laboratory incident.

"Our initial findings suggest that the introduction [to humans] through an intermediary host species is the most likely pathway," Peter Ben Embarek, WHO International Team Lead, said in a 3-hour press conference on the team's findings, livestreamed from Wuhan on February 9. Though researchers in China have already surveyed 11,000 animals around the country in search of that host, all have tested negative for SARS-CoV-2 so far, the team noted. Identifying the intermediary host "will require more studies and more specific, targeted research," Embarek added.

upstart writes in with an IRC submission for c0lo:

Boeing to outsource IT work to Dell, eliminate 600 jobs:

Boeing Co. has said it will outsource a significant amount of information technology work to Dell starting in April, including support of cloud services, databases and information technology. The move is expected to eliminate 600 jobs.

Susan Doniz, vice president for information technology and data analytics for Boeing, told employees Thursday that the eliminated jobs represent about 10% of the company's IT staff, The Seattle Times reported.

Doniz said affected employees, most of whom are not unionized, must either find different work within the company, apply to work for Dell or be laid off.

Original Submission

upstart writes in with an IRC submission for c0lo:

Scientists use trilayer graphene to observe more robust superconductivity:

In 2018, the physics world was set ablaze with the discovery that when an ultrathin layer of carbon, called graphene, is stacked and twisted to a "magic angle," that new double layered structure converts into a superconductor, allowing electricity to flow without resistance or energy waste. Now, in a literal twist, Harvard scientists have expanded on that superconducting system by adding a third layer and rotating it, opening the door for continued advancements in graphene-based superconductivity.

The work is described in a new paper in Science and can one day help lead toward superconductors that operate at higher or even close to room temperature. These superconductors are considered the holy grail of condensed matter physics since they would allow for tremendous technological revolutions in many areas including electricity transmission, transportation, and quantum computing. Most superconductors today, including the double layered graphene structure, work only at ultracold temperatures.

"Superconductivity in twisted graphene provides physicists with an experimentally controllable and theoretically accessible model system where they can play with the system's properties to decode the secrets of high temperature superconductivity," said one of the paper's co-lead authors Andrew Zimmerman, a postdoctoral researcher in working in the lab of Harvard physicist Philip Kim.

[...] One of those mechanisms has the theorists really excited. The trilayer system showed evidence that its superconductivity is due to strong interactions between electrons as opposed to weak ones. If true, this can not only help open a path to high temperature superconductivity but possible applications in quantum computing.

[...] Realizing strong coupling superconductivity in a simple and tunable system such as trilayer could pave the way to finally develop a theoretical understanding of strongly-coupled superconductors to help realize the goal of a high temperature, maybe even room temperature, superconductor."

Journal Reference:
Zeyu Hao, A. M. Zimmerman, Patrick Ledwith, et al. Electric field tunable superconductivity in alternating twist magic-angle trilayer graphene [$], Science (DOI: 10.1126/science.abg0399)

Original Submission

upstart writes in with an IRC submission:

Nvidia is requiring laptop makers to be more transparent about RTX 30-series specs:

Nvidia is now requiring, not just encouraging, companies selling laptops with its new RTX 30-series graphics chips to be more transparent about the kind of power people can expect. Nvidia tells The Verge these companies will have to disclose specific clock speed stats and total graphics power on online product pages — all of which tells people everything they need to know about a laptop's graphics potential, for better or worse.

[...] It's encouraging to see Nvidia no longer allows companies to hide this vital information from marketing materials. It should go far enough in helping buyers make an educated purchase without having to wait on reviewers and early adopters to report on the specs.

Original Submission

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

The GNU Network Utilities (inetutils) has seen its first major release in nine years or even the first release at all in six years since the prior point release. With GNU inetutils 2.0 are several updates to common programs like ping and ifconfig.

GNU's inetutils provides the commonly used command-line network utilities on Linux and other Unix-like systems. Given the significant time since the inetutils 1.9 release in 2011, there are a number of changes to find with today's inetutils 2.0 milestone.

[...] More details on the long overdue GNU inetutils 2.0 release via the GNU mailing list.

Source: https://www.phoronix.com/scan.php?page=news_item&px=GNU-inetutils-2.0

Original Submission

Arthur T Knackerbracket has processed the following story:

In a study published in the Proceedings of the National Academy of Sciences, Professor Richard Thomas and alumnus Justin Mathias (BS Biology, '13 and Ph.D. Biology, '20) synthesized published tree ring studies. They found that increases in carbon dioxide in the atmosphere over the past century have caused an uptick in trees' water-use efficiency, the ratio of carbon dioxide taken up by photosynthesis to the water lost by transpiration -- the act of trees "breathing out" water vapor.

"This study really highlights the role of forests and their ecosystems in climate change," said Thomas, interim associate provost for graduate academic affairs. "We think of forests as providing ecosystem services. Those services can be a lot of different things -- recreation, timber, industry. We demonstrate how forests perform another important service: acting as sinks for carbon dioxide. Our research shows that forests consume large amounts of carbon dioxide globally. Without that, more carbon dioxide would go into the air and build up in the atmosphere even more than it already is, which could exacerbate climate change. Our work shows yet another important reason to preserve and maintain our forests and keep them healthy."

Previously, scientists have thought that trees were using water more efficiently over the past century through reduced stomatal conductance -- meaning trees were retaining more moisture when the pores on their leaves began closing slightly under rising levels of carbon dioxide.

However, following an analysis using carbon and oxygen isotopes in tree rings from 1901 to 2015 from 36 tree species at 84 sites around the world, the researchers found that in 83% of cases, the main driver of trees' increased water efficiency was increased photosynthesis -- they processed more carbon dioxide. Meanwhile, the stomatal conductance only drove increased efficiency 17% of the time. This reflects a major change in how trees' water efficiency has been explained in contrast to previous research.

Journal Reference:
Justin M. Mathias, Richard B. Thomas. Global tree intrinsic water use efficiency is enhanced by increased atmospheric CO2 and modulated by climate and plant functional types [$], Proceedings of the National Academy of Sciences (DOI: 10.1073/pnas.2014286118)

Original Submission

upstart writes in with an IRC submission for Fnord666:

New phishing attack uses Morse code to hide malicious URLs:

After first learning of this attack from a post on Reddit, BleepingComputer was able to find numerous samples of the targeted attack uploaded to VirusTotal since February 2nd, 2021.

The phishing attack starts with an email pretending to be an invoice for the company with a mail subject like 'Revenue_payment_invoice February_Wednesday 02/03/2021.'

[...] When viewing the attachment in a text editor, you can see that they include JavaScript that maps letters and numbers to Morse code. For example, the letter 'a' is mapped to '.-' and the letter 'b' is mapped to '-...', as shown below.

[...] The script then calls a decodeMorse() function to decode a Morse code string into a hexadecimal string. This hexadecimal string is further decoded into JavaScript tags that are injected into the HTML page.

[...] These injected scripts combined with the HTML attachment contain the various resources necessary to render a fake Excel spreadsheet that states their sign-in timed out and prompts them to enter their password again.

[...] Once a user enters their password, the form will submit the password to a remote site where the attackers can collect the login credentials.

This campaign is highly targeted, with the threat actor using the logo.clearbit.comservice to insert logos for the recipient's companies into the login form to make it more convincing. If a logo is not available, it uses the generic Office 365 logo, as shown in the image above.

For extra obfuscation:

• encode a DOT symbol as a space (0x20)
• encode a DASH symbol as a horizontal tab (0x09)
• encode a SPACE symbol as a carriage return (0x0d)

When viewed on a screen or printer, no apparent text would display.

Bonus points for using a Caesar cypher on the hex-encoded text.

Original Submission

upstart writes in with an IRC submission:

Google Chrome sync feature can be abused for C&C and data exfiltration:

Threat actors have discovered they can abuse the Google Chrome sync feature to send commands to infected browsers and steal data from infected systems, bypassing traditional firewalls and other network defenses

[...] Bojan Zdrnja, a Croatian security researcher, said on Thursday that during a recent incident response, he discovered that a malicious Chrome extension was abusing the Chrome sync feature as a way to communicate with a remote command and control (C&C) server and as a way to exfiltrate data from infected browsers.

Zdrnja said that in the incident he investigated, attackers gained access to a victim's computer, but because the data they wanted to steal was inside an employee's portal, they downloaded a Chrome extension on the user's computer and loaded it via the browser's Developer Mode.

The extension, which posed as a security add-on from security firm Forcepoint, contained malicious code that abused the Chrome sync feature as a way to allow attackers to control the infected browser.

[...] Malicious code found in the extension suggested that the attacker was using the malicious add-on to create a text-based field to store token keys, which would then be synced to Google cloud servers as part of the sync feature.

[...] In this way, the extension could be used as an exfiltration channel from inside corporate networks to an attacker's Chrome browser instance or as a way to control the infected browser from afar, bypassing local security defenses.

Once an adversary gets physical access to your computer it's pretty much game over.

Original Submission

An Anonymous Coward writes:

How Lyft discovered OpenStreetMap is the Freshest Map for Rideshare:

Lyft moves people — from home to work, work to play, play to rest, through cities and beyond. Maps play a critical role, helping Lyft figure out where drivers and riders are, how best to connect them, and estimate how long it will take to get to the destination.

Lyft Mapping is built on top of OpenStreetMap. This global map database is used by millions of people around the world, for combatting climate change, tracking agricultural land use, disaster recovery, refugee response, academic research, and much more. After 16 years of growth, OSM is now commonly used by many companies to power applications like logistics platforms, social media, and gaming. OSM is now the biggest crowdsourced repository of human geospatial knowledge. But is this map suitable for supporting the rideshare experience? Is it the best option available? Can Lyft support the OSM community and contribute to making the map better? Though we had a strong intuition that OSM offered a complete road network, we didn't know how well the map matched the real world — so we ran a study.

Original Submission

Arthur T Knackerbracket has processed the following story:

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin, a software package used to administer what’s being called “one of the world’s largest phishing services.” The operation was carried out in coordination with the FBI and authorities in Australia, which was particularly hard hit by phishing scams perpetrated by U-Admin customers.

The Ukrainian attorney general’s office said it worked with the nation’s police force to identify a 39-year-old man from the Ternopil region who developed a phishing package and special administrative panel for the product.

“According to the analysis of foreign law enforcement agencies, more than 50% of all phishing attacks in 2019 in Australia were carried out thanks to the development of the Ternopil hacker,” the attorney general’s office said, noting that investigators had identified hundreds of U-Admin customers.

[...] Cybersecurity threat intelligence firm Intel 471 describes U-Admin as an information stealing framework that uses several plug-ins in one location to help users pilfer victim credentials more efficiently. Those plug-ins include a phishing page generator, a victim tracker, and even a component to help manage money mules (for automatic transfers from victim accounts to people who were hired in advance to receive and launder stolen funds).

Perhaps the biggest selling point for U-Admin is a module that helps phishers intercept multi-factor authentication codes. This core functionality is what’s known as a “web inject,” because it allows phishers to dynamically interact with victims in real-time by injecting content into the phishing page that prompts the victim to enter additional information. The video below, produced by the U-Admin developer, shows a few examples (click to enlarge).

Original Submission

upstart writes in with an IRC submission:

Billions of Passwords Offered for $2 in Cyber-Underground:

About 3.27 billion stolen account logins have been posted to the RaidForums English-language cybercrime community in a 'COMB' collection.

A "compilation of many breaches" – COMB for short – has been leaked on the cyber-underground, according to researchers. The so-called COMB contains a staggering 3.27 billion unique combinations of cleartext email addresses and passwords.

The trove is an aggregate database that brings together older stolen data from breaches past – including credentials from Netflix, LinkedIn, Exploit and others. COMB – which was given that name by the person who posted it online – was first made public on Feb. 2 by a user dubbed "Singularity0x01," a researcher told Threatpost.

[...] In order to view the download link for the password-protected .ZIP file containing the data, forum users were asked to spend 8 RaidForums credits (about $2), he added. Then, they can use the database's built-in tool for querying and sorting the information to slice and dice the data.

[...] The data itself was not that well-received by underground denizens, Righi noted.

"Some users claimed that files were corrupted, files were missing, the total number of credentials was smaller than advertised, and the data was of low quality," he explained – all of which led to Singularity0x01 gaining a negative reputation rating on the criminal forum.

[...] The data may be old, but it's not without value. Thanks to password reuse, hackers can use the data to mount brute-force or credential-stuffing attacks in an effort to hijack any number of types of accounts. And from there, the potential fallout becomes notable.

Original Submission

aristarchus writes:

Coverage from How does a glacier burst? Flooding in India leaves at least 31 dead and 165 missing:

At least 31 people are dead and 165 are missing after a flood hit northern India on Sunday. The flood was caused when part of a Himalayan glacier broke off and sent a wall of water and debris down a mountain, sweeping away everything in its path.

Rescuers on Monday were trying to rescue 37 power plant workers who remained trapped in a tunnel.

More than 2,000 members of the military, paramilitary groups and police have been taking part in search-and-rescue operations in the northern state of Uttarakhand.

The flood was caused when a portion of the Nanda Devi glacier snapped off Sunday morning, releasing water trapped behind it.

"Everything was swept away, people, cattle and trees," Sangram Singh Rawat, a former village council member of Raini, the site closest to the glacier, told local media, according to Reuters.

Here is one and another of many video reports on YouTube.

Original Submission

Cryptomining Causes Power Outages in Tehran

takyon writes:

Tehran Faces Power Outages Due To Massive Crypto Mining Operations Consuming Up To 450 Megawatts, That Much Power Can Power A City Of 100K People

Everyone already knows that crypto miners are causing a shortage of the newest graphics cards on top of the preexisting shortages, but now large scale mining farms are causing power outages. In Iran, authorities investigated the cause of power outages and found out the root cause was GPU mining farms taking huge amounts of power.

These aren't just some average mining farms run by a miner, these are full industrial level operations that have moved from China to Iran. In Iran, power is produced at a cost of 1.8 cents per kilowatt-hour and sold at over 10 times that to the public, but the miners are able to get it for 2.2 cents per kilowatt-hour. Not even China can match those prices, so miners have moved their operations to Tehran because it's the most cost-effective.

After investigations, Iranian authorities concluded that there are 14 huge crypto mining operations in Iran that consumed 300 megawatts, but at full capacity could consume up to 450 megawatts. For reference, that much power can provide for a city with a population of 100,000 people. All of this makes Iran the 6th most popular destination for crypto mining in the world.

Also at Radio Free Europe, Washington Post, and Business Insider.

A German man is keeping $60 million in bitcoin from police by never revealing his password

An Anonymous Coward writes:

https://www.theverge.com/tldr/2021/2/5/22268646/german-police-bitcoin-digital-wallet-missing-password

The wonderful thing about bitcoin is many of its apparent benefits, like the ability to be anonymously owned and securely transferred, are also the things that often create situations like this: police in Germany have seized more than €50 million ($60 million) in bitcoin, but they can't access any of it because, as Reuters reports, the person they took it from won't tell them his password.

The man in question was sentenced and has served his time in jail for covertly installing bitcoin mining software on people's computers, but throughout the entire process, he never shared a peep about how German authorities should get in. "We asked him but he didn't say" is the explanation Reuters was offered by a prosecutor. It presents a big, and probably obvious, question: can you really seize something, particularly money, that you can't access or use?

Original Submission #1  Original Submission #2 

mhajicek writes:

https://www.teslarati.com/spacex-opens-starlink-internet-preorders-worldwide/:

SpaceX has quietly opened up preorders around the world for its Starlink internet service, with confirmations already rolling in from across the US, as well as Australia, New Zealand, Canada, and others.

People who are outside the current area of availability for the #Starlink Beta can place a $99 deposit to acquire the service once it becomes available in your region – NET mid-to-late 2021, for example.

"Orders will be fulfilled on a first-come, first-served basis." pic.twitter.com/lgEKFTd0V8

— Tyler Gray (@TylerG1998) February 9, 2021

[...] Crucially, Starlink's international rollout is entirely contingent upon a complex, bureaucratic process of regulatory approvals in every single country SpaceX wants to operate in. As of 2021, SpaceX has managed to secure licenses to distribute Starlink internet service in the US, Canada, and United Kingdom, with beta customers already widespread in all three countries.

Work to secure licenses is well underway in Mexico, Germany, Greece, France, Australia, Argentina, and Chile. The process is also in the earlier stages – but already underway – in the Caribbean, Austria, Spain, Ireland, Italy, New Zealand, The Philippines, India, Japan, South Africa, Brazil, and Columbia. Many additional countries are likely in work, as well, but have yet to be confirmed via government filings or officials.

I threw my money at them for a place in line. I'm currently using Hughesnet, which is incredibly slow and unreliable, in preference to my only other option, Comcast, which kept raising our bill $20 per month, per month, to well over $200/mo for basic internet, despite promising every month to fix it on the next bill. They will never get another penny of mine.

Original Submission

takyon writes:

Hacker tries to poison water supply of Florida city

A computer hacker gained access to the water system of a city in Florida and tried to pump in a "dangerous" amount of a chemical, officials say.

The hacker briefly increased the amount of sodium hydroxide (lye) in Oldsmar's water treatment system, but a worker spotted it and reversed the action. Lye is used in small amounts to control acidity but a large amount could have caused major problems in the water.

Oldsmar Mayor Eric Seidel said: "There's a bad actor out there." No arrests have yet been made and it is not known if the hack was done from within the US or outside.

A computer controlling Oldsmar's water treatment system was remotely accessed on Friday. A plant operator saw an attempt to access the system in the morning but assumed it was his supervisor, the Tampa Bay Times reported. But another attempt was made early in the afternoon and this time the hacker accessed the treatment software and increased the sodium hydroxide content from 100 parts per million to 11,100 ppm. The operator immediately reduced the level to normal.

Also at CNN, Ars Technica, and WWSB.

Original Submission