Linwei Ding, a former Google software engineer, has been indicted for stealing trade secrets related to AI to benefit two Chinese companies. He faces up to 10 years in prison and a $250,000 fine on each criminal count. Reuters reports: Ding's indictment was unveiled a little over a year after the Biden administration created an interagency Disruptive Technology Strike Force to help stop advanced technology being acquired by countries such as China and Russia, or potentially threaten national security. "The Justice Department just will not tolerate the theft of our trade secrets and intelligence," U.S. Attorney General Merrick Garland said at a conference in San Francisco.

According to the indictment, Ding stole detailed information about the hardware infrastructure and software platform that lets Google's supercomputing data centers train large AI models through machine learning. The stolen information included details about chips and systems, and software that helps power a supercomputer "capable of executing at the cutting edge of machine learning and AI technology," the indictment said. Google designed some of the allegedly stolen chip blueprints to gain an edge over cloud computing rivals Amazon.com and Microsoft, which design their own, and reduce its reliance on chips from Nvidia.

Hired by Google in 2019, Ding allegedly began his thefts three years later, while he was being courted to become chief technology officer for an early-stage Chinese tech company, and by May 2023 had uploaded more than 500 confidential files. The indictment said Ding founded his own technology company that month, and circulated a document to a chat group that said "We have experience with Google's ten-thousand-card computational power platform; we just need to replicate and upgrade it." Google became suspicious of Ding in December 2023 and took away his laptop on Jan. 4, 2024, the day before Ding planned to resign. A Google spokesperson said: "We have strict safeguards to prevent the theft of our confidential commercial information and trade secrets. After an investigation, we found that this employee stole numerous documents, and we quickly referred the case to law enforcement."

An anonymous reader quotes a report from Krebs on Security: There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. "ALPHV") as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide for weeks. However, the cybercriminal who claims to have given BlackCat access to Change's network says the crime gang cheated them out of their share of the ransom, and that they still have the sensitive data Change reportedly paid the group to destroy. Meanwhile, the affiliate's disclosure appears to have prompted BlackCat to cease operations entirely. [...]

The affiliate claimed BlackCat/ALPHV took the $22 million payment but never paid him his percentage of the ransom. BlackCat is known as a "ransomware-as-service" collective, meaning they rely on freelancers or affiliates to infect new networks with their ransomware. And those affiliates in turn earn commissions ranging from 60 to 90 percent of any ransom amount paid. "But after receiving the payment ALPHV team decide to suspend our account and keep lying and delaying when we contacted ALPHV admin," the affiliate "Notchy" wrote. "Sadly for Change Healthcare, their data [is] still with us." [...] On the bright side, Notchy's complaint seems to have been the final nail in the coffin for the BlackCat ransomware group, which was infiltrated by the FBI and foreign law enforcement partners in late December 2023. As part of that action, the government seized the BlackCat website and released a decryption tool to help victims recover their systems. BlackCat responded by re-forming, and increasing affiliate commissions to as much as 90 percent. The ransomware group also declared it was formally removing any restrictions or discouragement against targeting hospitals and healthcare providers. However, instead of responding that they would compensate and placate Notchy, a representative for BlackCat said today the group was shutting down and that it had already found a buyer for its ransomware source code. [...] BlackCat's website now features a seizure notice from the FBI, but several researchers noted that this image seems to have been merely cut and pasted from the notice the FBI left in its December raid of BlackCat's network.

Fabian Wosar, head of ransomware research at the security firm Emsisoft, said it appears BlackCat leaders are trying to pull an "exit scam" on affiliates by withholding many ransomware payment commissions at once and shutting down the service. "ALPHV/BlackCat did not get seized," Wosar wrote on Twitter/X today. "They are exit scamming their affiliates. It is blatantly obvious when you check the source code of their new takedown notice." Dmitry Smilyanets, a researcher for the security firm Recorded Future, said BlackCat's exit scam was especially dangerous because the affiliate still has all the stolen data, and could still demand additional payment or leak the information on his own. "The affiliates still have this data, and they're mad they didn't receive this money, Smilyanets told Wired.com. "It's a good lesson for everyone. You cannot trust criminals; their word is worth nothing."

In a first-of-its-kind prosecution, a California man was arrested and charged Monday with allegedly smuggling potent, greenhouse gases from Mexico. From a report: Michael Hart, a 58-year-old man from San Diego, pleaded not guilty to smuggling hydrofluorocarbons, or HFCs -- commonly used in air conditioning and refrigeration -- and selling them for profit, in a federal court hearing Monday. According to the indictment, Hart allegedly purchased the HFCs in Mexico and smuggled them into the US in the back of his truck, concealed under a tarp and tools. He is then alleged to have sold them for a profit on sites including Facebook Marketplace and OfferUp. [...] Hart has pleaded not guilty to 13 charges including conspiracy, importation contrary to law and sale of merchandise imported contrary to law. The charges carry potential prison sentences ranging from five to 20 years.

HFCs, which are also used in building insulation, fire extinguishing systems and aerosols, are banned from import into the US without permission from the Environmental Protection Agency. These greenhouse gases are short-lived in the atmosphere," but powerful -- some are thousands of times more potent than carbon dioxide in the near-term. "The illegal smuggling of hydrofluorocarbons, a highly potent greenhouse gas, undermines international efforts to combat climate change," said David M. Uhlmann, the assistant administrator for the EPA's Office of Enforcement and Compliance Assurance. "Anyone who seeks to profit from illegal actions that worsen climate change must be held accountable," he added. "Today is a significant milestone for our country," said US Attorney Tara McGrath in a statement. "This is the first time the Department of Justice is prosecuting someone for illegally importing greenhouse gases, and it will not be the last."

According to the San Francisco police department, police have made the first arrest in relation to several recent vehicle arsons, including the crowd attack of a Waymo robotaxi last month in Chinatown. The San Francisco Standard reports: Police say officers arrested a man meeting the description of a person suspected of lighting several vehicles on fire. That man was arrested on Feb. 27 near Union Square. The department did not share the suspect's name because it said the case is open and remains under investigation. Nor did the department comment on which other vehicle fires the suspect may have been suspected of starting. Several Teslas were set alight in the weeks after the Waymo arson. The suspect was also found to have had methamphetamine on them.

In 1970 an Oregon man discovered a body with "clear signs of foul play".

NPR reports that "The identity of the young woman remained a mystery — until Thursday." State authorities identified the woman as Sandra Young, a teenager from Portland who went missing between 1968 and 1969. Her identity was discovered through advanced DNA technology, which has helped solve stubborn cold cases in recent years. The case's breakthrough came last year in January, when a person uploaded their DNA to the genealogy database GEDMatch and the tool immediately determined that the DNA donor was a distant family member of Young....

From there, a genetic genealogist working with local law enforcement helped track down other possible relatives and encouraged them to provide their DNA. That work eventually led to Young's sister and other family members, who confirmed that Young went missing around the same time.
Thanks to Slashdot reader Tony Isaac for sharing the news.

"These days in San Francisco, every major business closure triggers a rush to assign blame," argues the San Francisco Standard: When Macy's announced this week that it would shutter its flagship store in Union Square, it unleashed a wave of mourning and recriminations... Mayor London Breed and other local pols like state Sen. Scott Wiener tried to allay fears that Macy's was leaving because of crime, noting the planned closure is one of 150 nationwide. But in a tough election year, it seems few had the appetite to listen to her call for nuance...

The unavoidable truth is the pandemic hollowed out downtown San Francisco's offices and led to an exodus of tech staffers who preferred remote work. It meant the loss of thousands of people who had reason to regularly stroll by Macy's and so many other corporate retailers. Meanwhile, everybody else had even less reason to go shopping in an urban core. Why bother dressing up and schlepping downtown when you could get the same layaway deals online...? [R]etail has been recovering. But it should be no surprise that the recovery has happened largely in suburban markets, which have not experienced a mass exit of workers... Elsewhere, the reality is simple: Malls and department stores have been dying for the last decade, struggling to attract young people and redevelop growing vacant space into desirable uses.

Although Macy's is a legacy name, industry reports show it has been in a real doom loop of its own making. Everyone is angry about retail "shrinkage," an industry term for losses in inventory due to external theft, employee theft and mismanagement. However, reporting by CNBC and others has demonstrated that while corporate retailers may be seeing a bump in retail shrink, it is a smaller factor than other operational missteps. Industry experts suggest that "shrink" can be an excuse for poor inventory management and staffing issues, and brands like Lowe's, Foot Locker and Walgreens are now downplaying organized theft as a primary cause of revenue loss. The reality is that a swath of American retail chains have needed to downsize to remain profitable... [R]eactionary cries for police crackdowns on petty theft and homelessness miss how similar retail shutdowns are happening in cities with tougher crime laws and less visible poverty. Consider that Macy's has already conducted layoffs and cut employee benefits to remain afloat, triggering a worker strike in 2022. Then there's Macy's faltering credit card revenue, which the company said accounted for nearly triple the revenue loss as retail shrink.

While The Standard has reported on Macy's workers blaming theft for the closure, my own visit to Macy's on Tuesday and conversations with longtime sales associates in multiple departments suggested that low staffing, an aging clientele and dips in seasonal shopping have greatly affected business...

Turns out, "scary people stealing things" is a boogeyman that feels more tangible than the obscure machinations of a faltering corporation.
The San Francsico Standard itself was funded in part by billionaire venture capitalist Michael Moritz of Sequoia Capital...

"A ransomware gang once thought to have been crippled by law enforcement has snarled prescription processing for millions of Americans over the past week..." reports the Washington Post.

"The hackers stole data about patients, encrypted company files and demanded money to unlock them, prompting the company to shut down most of its network as it worked to recover." Insurance giant UnitedHealthcare Group said the hackers struck its Change Health business unit, which routes prescription claims from pharmacies to companies that determine whether patients are covered by insurance and what they should pay... Change Health and a rival, CoverMyMeds, are the two biggest players in the so-called switch business, charging pharmacies a small fee for funneling claims to insurers. "When one of them goes down, obviously it's a major problem," said Patrick Berryman, a senior vice president at the National Community Pharmacists Association...

UnitedHealth estimated that more than 90 percent of the nation's 70,000-plus pharmacies have had to alter how they process electronic claims as a result of the Change Health outage. But it said only a small number of patients have been unable to get their prescriptions at some price. At CVS, which operates one of the largest pharmacy networks in the nation, a spokesperson said there are "a small number of cases in which our pharmacies are not able to process insurance claims" as a result of the outage. It said workarounds were allowing it to fill prescriptions, however...

For pharmacies that were not able to quickly route claims to a different company, the Change Health outage left pharmacists to try to manually calculate a patient's co-pay or offer them the cash price. Compounding the impact, thousands of organizations cut off Change Health from their systems to ensure the hackers did not infect their networks as well... The attack on Change Health has left many pharmacies in a cash-flow bind, as they face bills from the companies that deliver the medication without knowing when they will be reimbursed by insurers. Some pharmacies are requiring customers to pay full price for their prescriptions when they cannot tell if they are covered by insurance. In some cases, that means people are paying more than $1,000 out of pocket, according to social media posts.

The situation has been "extremely disruptive," said Erin Fox, associate chief pharmacy officer at University of Utah Health. "At our system, our retail pharmacies were providing three-day gratis emergency supplies for patients who could not afford to pay the cash price," Fox said by email. "In some cases, like for inhalers, we had to send product out at risk, not knowing if we will ever get paid, but we need to take care of the patients." Axis Pharmacy Northwest near Seattle is "going out on a limb and dispensing product with absolutely no inkling if we'll get paid or not," said Richard Molitor, the pharmacist in charge. UPDATE: CNN reports Change Healthcare has now announced "plans for a temporary loan program to get money flowing to health care providers affected by the outage." It's a stop-gap measure meant to give some financial relief to health care providers, which analysts say are losing millions of dollars per day because of the outage. Some US officials and health care executives told CNN it may be weeks before Change Healthcare returns to normal operations.
"Once standard payment operations resume, the funds will simply need to be repaid," the company said in a statement. Change Healthcare has been under pressure from senior US officials to get their systems back online. Officials from the White House and multiple federal agencies, including the department of Health and Human Services, have been concerned by the broad financial and health impact of the hack and have been pressing for ways to get Change Healthcare back online, sources told CNN...

In a message on its website Friday afternoon, Change Healthcare also said that it was launching a new version of its online prescribing service following the cyberattack.
Thanks to Slashdot reader CaptainDork for sharing the news.

According to the Washington Post (paywalled), the FBI is using mobile push notification data to unmask people suspected of serious crimes, such as pedophilia, terrorism, and murder. Gizmodo reports: The Post did a little digging into court records and found evidence of at least 130 search warrants filed by the feds for push notification data in cases spanning 14 states. In those cases, FBI officials asked tech companies like Google, Apple, and Facebook to fork over data related to a suspect's mobile notifications, then used the data to implicate the suspect in criminal behavior linked to a particular app, even though many of those apps were supposedly anonymous communication platforms, like Wickr.

How exactly is this possible? Push notifications, which are provided by a mobile operating system provider, include embedded metadata that can be examined to understand the use of the mobile apps on a particular phone. Apps come laced with a quiet identifier, a "push token," which is stored on the corporate servers of a company like Apple or another phone manufacturer after a user signs up to use a particular app. Those tokens can later be used to identify the person using the app, based on the information associated with the device on which the app was downloaded. Even turning off push notifications on your device doesn't necessarily disable this feature, experts contend. [...]

If finding new ways to catch pedophiles and terrorists doesn't seem like the worst thing in the world, the Post article highlights the voices of critics who fear that this kind of mobile data could be used to track people who have not committed serious crimes -- like political activists or women seeking abortions in states where the procedure has been restricted.

An anonymous reader quotes a report from Ars Technica: Convicted FTX fraudster Sam Bankman-Fried pleaded for a lenient prison sentence in a court filing yesterday, saying that he isn't motivated by greed and "is already being punished." Bankman-Fried requested a sentence of 63 to 78 months, or 5.25 to 6.5 years. Because of "Sam's charitable works and demonstrated commitment to others, a sentence that returns Sam promptly to a productive role in society would be sufficient, but not greater than necessary, to comply with the purposes of sentencing," the court filing (PDF) said. Bankman-Fried's filing also said that he maintains his innocence and intends to appeal his convictions.

A presentence investigation report (PSR) prepared by a probation officer recommended that Bankman-Fried be sentenced to 100 years in prison, according to the filing. "That recommendation is grotesque," SBF's filing said, arguing that it is based on an erroneously calculated loss of $10 billion. The $10 billion loss asserted in the PSR is "illusory" because the "victims are poised to recover -- were always poised to recover -- a hundred cents on the dollar" in bankruptcy proceedings, SBF's filing said. The filing urged the court to "reject the PSR's barbaric proposal" of 100 years, saying that such sentences should only be for "heinous conduct" like terrorism and child sexual abuse.

The founder and ex-CEO of cryptocurrency exchange FTX, Bankman-Fried was convicted on seven charges with a combined maximum sentence of 110 years after a monthlong trial in US District Court for the Southern District of New York. The charges included wire fraud and conspiracy to commit wire fraud, securities fraud, commodities fraud, and money laundering. US government prosecutors are required to make a sentencing recommendation by March 15, and US District Judge Lewis Kaplan is scheduled to issue a sentence on March 28.

San Francisco will vote next week on a divisive ballot measure that would authorize police to use surveillance cameras, drones and AI-powered facial recognition as the city struggles to restore a reputation tarnished by street crime and drugs. From a report: The Safer San Francisco initiative, formally called Proposition E, is championed by Mayor London Breed who believes disgruntled citizens will approve the proposal on Tuesday. Although technology fueled the Silicon Valley-adjacent city's decades-long boom, residents have a history of being deeply suspicious. In 2019, San Francisco, known for its progressive politics, became the first large U.S. city to ban government use of facial recognition due to concerns about privacy and misuse.

Breed, who is running for re-election in November, played down the potential for abuse under the ballot measure, saying safeguards are in place. "I get that people are concerned about privacy rights and other things, but technology is all around us," she said in an interview. "It's coming whether we want it to or not. And everyone is walking around with AI in their hands with their phones, recording, videotaping," Breed said. Critics of the proposal contend it could hurt disadvantaged communities and lead to false arrests, arguing surveillance technology requires greater oversight.

A U.S. government auction site was breached by an Oklahoma man, reports NBC News. So when it came time to pay up on his winning bids, he "falsified the true auction price to $1," according to the U.S. attorney's office.

He defrauded the government out of more than $150,000 between Jan. 31 and March 21, 2019, the indictment alleges. Included in the $1-buys were a 2010 Ford Escape Hybrid, for which Coker submitted a bid of $8,327; a Ford F550 pickup, with a bid of $9,000; and a Chevrolet C4500 box truck, bid $22,700; the U.S. attorney's office said...

Nineteen items in all were bought through the auctions, according to prosecutors. Coker used eight accounts and pre-paid debit cards with very little balances to make the purchases, the indictment says.
"Coker was indicted on three counts of wire fraud in March 2023 and pleaded guilty to one count Wednesday, according to court records."

Thanks to Slashdot reader Thelasko for sharing the news.

"One London resident watched on CCTV as a thief walked up to his £40,000 car and drove away," reports the Observer. "Now manufacturers say they are being drawn in to a hi-tech 'arms race' with criminals." [H]i-tech devices disguised as handheld games consoles are being traded online for thousands of pounds and are used by organised crime gangs to mimic the electronic key on an Ioniq 5, opening the doors and starting the engine. The device, known as an "emulator", works by intercepting a signal from the car, which is scanning for the presence of a legitimate key, and sending back a signal to gain access to the vehicle...

Hyundai says it is looking at measures to prevent the use of emulators "as a priority". But it is not the only carmaker whose vehicles appear to be vulnerable. An Observer investigation found that models by Toyota, Lexus and Kia have also been targeted... British motorists now face an increase in the number of thefts and rising insurance premiums... Car thefts are at their highest level for a decade in England and Wales, rising from 85,803 vehicles in the year to March 2012 to 130,270 in the year to March 2023 — an increase of more than 50%. Part of the reason, say experts, is the rise of keyless entry...

Kia did not respond to a request for comment. A spokesperson for Toyota, which owns Lexus, said: "Toyota and Lexus are continuously working on developing technical solutions to make vehicles more secure. Since introducing enhanced security hardware on the latest versions of a number of models, we have seen a significant drop-off in thefts. For older models we are currently developing solutions."
Another common attack requires entry to the vehicle first, according to the article, but then uses the vehicle's onboard diagnostic port to program "a new key linked to the vehicle..."

"Many owners of Ioniq 5s, which sell from around £42,000, now use steering locks to deter thieves."

Kalyeena Makortoff reports via The Guardian: US regulators have accused a man of making $1.8 million by trading on confidential information he overheard while his wife was on a remote call, in a case that could fuel arguments against working from home. The Securities and Exchange Commission (SEC) said it charged Tyler Loudon with insider trading after he "took advantage of his remote working conditions" and profited from private information related to the oil firm BP's plans to buy an Ohio-based travel centre and truck-stop business last year.

The SEC claims that Loudon, who is based in Houston, Texas, listened in on several remote calls held by his wife, a BP merger and acquisitions manager who had been working on the planned deal in a home office 20ft (6 meters) away. The regulator said Loudon went on a buying spree, purchasing more than 46,000 shares in the takeover target, TravelCenters of America, without his wife's knowledge, weeks before the deal was announced on 16 February 2023. TravelCenters's stock soared by nearly 71% after the deal was announced. Loudon then sold off all of his shares, making a $1.8m profit.

Loudon eventually confessed to his wife, and claimed that he had bought the shares because he wanted to make enough money so that she did not have to work long hours anymore. She reported his dealings to her bosses at BP, which later fired her despite having no evidence that she knowingly leaked information to her husband. She eventually moved out of the couple's home and filed for divorce.

jbmartin6 shares a report from Phys.Org: Threatening messages aimed to prevent digital piracy have the opposite effect if you're a man, a new study from the University of Portsmouth has found. According to the research, women tend to respond positively to this kind of messaging, but men typically increase their piracy behaviors by 18%. [...] This paper studies how effective anti-piracy messages are as a deterrent, examining the change in TV and film piracy intentions among 962 adults compared with their past behavior. The three messages examined in the study were verbatim copies of three real-world anti-piracy campaigns. Two of the campaigns used threatening messages to try to combat piracy and the third was educational in tone.

One of the threatening messages was from crime reduction charity, Crimestoppers, which focused on the individual's risk of computer viruses, identity fraud, money and data theft and hacking. The other message was based on a campaign by the French government, which used a "three strike" process, whereby infringers were given two written warnings before their internet access was terminated. The educational message was taken from the campaign "Get It Right from a Genuine Site," which focuses on the cost to the economy and to the individual creative people, and signposts consumers away from piracy sites and towards legal platforms such as Spotify or Netflix.

The study found that one threatening message influences women to reduce their piracy intentions by over 50%, but men increase their piracy behaviors. The educational messages had no effect on either men or women. "The research shows that anti-piracy messages can inadvertently increase piracy, which is a phenomenon known as psychological reactance," explained [lead author, Kate Whitman, from the University of Portsmouth's Centre for Cybercrime and Economic Crime]. "From an evolutionary psychology point of view, men have a stronger reaction to their freedom being threatened and therefore they do the opposite." Moreover, the study found that participants with the most favorable attitudes towards piracy demonstrated the most polarized changes in piracy intentions -- the threatening messages increased their piracy even more. The study has been published in the Journal of Business Ethics.

"I'm not so sure about the author's attribution of this difference to evolutionary psychology, so looking forward to some educational comments on that," adds Slashdot reader jbmartin6.

A coalition of global law enforcement agencies including the FBI and UK National Crime Agency have taken control of the LockBit ransomware gang's dark web site, replacing it with a notice saying their services had been disrupted by joint international action. The "Operation Cronos" task force includes Europol and enforcement agencies from a dozen countries across Europe, Asia and North America. LockBit is a prolific ransomware group that hacks corporate networks then threatens to leak stolen data unless ransom demands are paid. The notice said the operation against them was "ongoing and developing."

Connor Jones reports via The Register: A Ukrainian cybercrime kingpin who ran some of the most pervasive malware operations faces 40 years in prison after spending nearly a decade on the FBI's Cyber Most Wanted List. Vyacheslav Igorevich Penchukov, 37, pleaded guilty this week in the US to two charges related to his leadership role in both the Zeus and IcedID malware operations that netted millions of dollars in the process. Penchukov's plea will be seen as the latest big win for US law enforcement in its continued fight against cybercrime and those that enable it. However, authorities took their time getting him in 'cuffs. [...]

"Malware like IcedID bleeds billions from the American economy and puts our critical infrastructure and national security at risk," said US attorney Michael Easley for the eastern district of North Carolina. "The Justice Department and FBI Cyber Squad won't stand by and watch it happen, and won't quit coming for the world's most wanted cybercriminals, no matter where they are in the world. This operation removed a key player from one of the world's most notorious cybercriminal rings. Extradition is real. Anyone who infects American computers had better be prepared to answer to an American judge."

This week, he admitted one count of conspiracy to commit a racketeer influenced and corrupt organizations (RICO) act offense relating to Zeus, and one count of conspiracy to commit wire fraud in relation to IcedID. Each count carries a maximum sentence of 20 years. His sentencing date is set for May 9, 2024. Zeus malware, a banking trojan that formed a botnet for financial theft, caused over $100 million in losses before its 2014 dismantlement. Its successor, SpyEye, incorporated enhanced features for financial fraud. Despite the 2014 takedown of Zeus, Penchukov moved on to lead IcedID, a similar malware first found in 2017. IcedID evolved from banking fraud to ransomware, severely affecting the University of Vermont Medical Center in 2020 with over $30 million in damages.

Lauren Feiner reports via The Verge: Reps. Mark Takano (D-CA) and Dwight Evans (D-PA) reintroduced the Justice in Forensic Algorithms Act on Thursday, which would allow defendants to access the source code of software used to analyze evidence in their criminal proceedings. It would also require the National Institute of Standards and Technology (NIST) to create testing standards for forensic algorithms, which software used by federal enforcers would need to meet.

The bill would act as a check on unintended outcomes that could be created by using technology to help solve crimes. Academic research has highlighted the ways human bias can be built into software and how facial recognition systems often struggle to differentiate Black faces, in particular. The use of algorithms to make consequential decisions in many different sectors, including both crime-solving and health care, has raised alarms for consumers and advocates as a result of such research.

Takano acknowledged that gaining or hiring the deep expertise needed to analyze the source code might not be possible for every defendant. But requiring NIST to create standards for the tools could at least give them a starting point for understanding whether a program matches the basic standards. Takano introduced previous iterations of the bill in 2019 and 2021, but they were not taken up by a committee.

New York Gov. Kathy Hochul is proposing legislation that would criminalize some deceptive and abusive uses of AI and require disclosure of AI in election campaign materials, her office told Axios. From the report: Hochul's proposed laws include establishing the crime of "unlawful dissemination or publication of a fabricated photographic, videographic, or audio record." Making unauthorized uses of a person's voice "in connection with advertising or trade" a misdemeanor offense. Such offenses are punishable by up to one year jail sentence. Expanding New York's penal law to include unauthorized uses of artificial intelligence in coercion, criminal impersonation and identity theft.

Amending existing intimate images and revenge porn statutes to include "digital images" -- ranging from realistic Photoshop-produced work to advanced AI-generated content. Codifying the right to sue over digitally manipulated false images. Requiring disclosures of AI use in all forms of political communication "including video recording, motion picture, film, audio recording, electronic image, photograph, text, or any technological representation of speech or conduct" within 60 days of an election.

An anonymous reader shares a report: More than 1,000 Ubiquiti routers in homes and small businesses were infected with malware used by Russian-backed agents to coordinate them into a botnet for crime and spy operations, according to the Justice Department. That malware, which worked as a botnet for the Russian hacking group Fancy Bear, was removed in January 2024 under a secret court order as part of "Operation Dying Ember," according to the FBI's director. It affected routers running Ubiquiti's EdgeOS, but only those that had not changed their default administrative password. Access to the routers allowed the hacking group to "conceal and otherwise enable a variety of crimes," the DOJ claims, including spearphishing and credential harvesting in the US and abroad.

Unlike previous attacks by Fancy Bear -- that the DOJ ties to GRU Military Unit 26165, which is also known as APT 28, Sofacy Group, and Sednit, among other monikers -- the Ubiquiti intrusion relied on a known malware, Moobot. Once infected by "Non-GRU cybercriminals," GRU agents installed "bespoke scripts and files" to connect and repurpose the devices, according to the DOJ. The DOJ also used the Moobot malware to copy and delete the botnet files and data, according to the DOJ, and then changed the routers' firewall rules to block remote management access. During the court-sanctioned intrusion, the DOJ "enabled temporary collection of non-content routing information" that would "expose GRU attempts to thwart the operation." This did not "impact the routers' normal functionality or collect legitimate user content information," the DOJ claims. "For the second time in two months, we've disrupted state-sponsored hackers from launching cyber-attacks behind the cover of compromised US routers," said Deputy Attorney General Lisa Monaco in a press release.

Mark Tyson reports via Tom's Hardware: A serial burglar in Edina, Minnesota is suspected of using a Wi-Fi jammer to knock out connected security cameras before stealing and making off with the victim's prized possessions. [...] Edina police suspect that nine burglaries in the last six months have been undertaken with Wi-Fi jammer(s) deployed to ensure incriminating video evidence wasnâ(TM)t available to investigators. The modus operandi of the thief or thieves is thought to be something like this:

- Homes in affluent areas are found - Burglars carefully watch the homes - The burglars avoid confrontation, so appear to wait until homes are empty - Seizing the opportunity of an empty home, the burglars will deploy Wi-Fi jammer(s) - "Safes, jewelry, and other high-end designer items," are usually taken

A security expert interviewed by the source publication, KARE11, explained that the jammers simply confused wireless devices rather than blocking signals. They usually work by overloading wireless traffic âoeso that real traffic cannot get through,â the news site was told. [...] Worryingly, Wi-Fi jamming is almost a trivial activity for potential thieves in 2024. KARE11 notes that it could buy jammers online very easily and cheaply, with prices ranging from $40 to $1,000. Jammers are not legal to use in the U.S. but they are very easy to buy online.