The U.S. National Institute on Aging (NIA) is funding a 6-year, up to $300 million project to build a massive Alzheimer's research database that can track the health of Americans for decades and enable researchers to gain new insights on the brain-wasting disease. Reuters reports: The NIA, part of the government's National Institutes of Health (NIH), aims to build a data platform capable of housing long-term health information on 70% to 90% of the U.S. population, officials told Reuters of the grant, which had not been previously reported. The platform will draw on data from medical records, insurance claims, pharmacies, mobile devices, sensors and various government agencies, they said.

Tracking patients before and after they develop Alzheimer's symptoms is seen as integral to making advances against the disease, which can start some 20 years before memory issues develop. The database could help identify healthy people at risk for Alzheimer's, which affects about 6 million Americans, for future drug trials. It also aims to address chronic underrepresentation of people of color and different ethnicities in Alzheimer's clinical trials and could help increase enrollment from outside of urban academic medical centers.

Once built, the platform could also track patients after they receive treatments such as Leqembi, which won accelerated U.S. approval in January, and is widely expected to receive traditional FDA approval by July 6. The U.S. Medicare health plan for older adults will likely require such tracking in a registry as a condition of reimbursement for Leqembi. [T]he data platform could also help researchers working in other disease areas understand which patients are most at risk and the impact of medications. The grant, which was posted on March 13, has been years in the making. The funding announcement sets its earliest start date at April 2024, with a goal to establish an Alzheimer's registry 21 months later.

"Chinese officials have released an updated analysis of more than 1,300 samples taken from the Wuhan wet market at the beginning of the Covid-19 pandemic," reports the Telegraph: In a preprint published on Wednesday, researchers from the Chinese Center for Disease Control and Prevention said there was "convincing evidence" that Sars-Cov-2 was spreading widely at Wuhan's Huanan seafood market in January 2020.
Dr Tedros Adhanom Ghebreyesus, head of the WHO, tells them "This data could and should have been shared three years ago." China's paper then called for "more work involving international coordination" to investigate the potential origins of SARS-CoV-2. "Surveillance of wild animals using a viromic approach should be enhanced to explore the potential natural and intermediate hosts for SARS-CoV-2, if any, which would help to prevent future pandemics caused by animal-origin coronaviruses or alike, with a spillover event."

But the Telegraph notes that China also "claimed it's not clear how Covid got there, as no virus was found in the 457 animal swabs taken from 18 species at the market. The data behind the latest Chinese research has proved controversial, after a team of international experts downloaded the genetic sequences that had been discreetly shared on a database called GISAID. Their analysis was the first conducted on the data outside China, which has been accused by the World Health Organization of withholding critical clues. In samples taken from the Wuhan market that tested positive for Covid, the international team found genetic material from wildlife known to be susceptible to Sars-Cov-2 — including racoon dogs, palm civets and Himalayan marmots. This does not prove these animals were infected, but does confirm they were being illegally sold at Huanan market in early 2020.

"What we are seeing is the genomic ghost of that animal in the stalls," said Dr Florence Débarre, an evolutionary biologist at the French National Centre for Scientific Research, who first spotted the data when trawling GISAID. "It's close to the best [evidence] we can get, because the animals were gone when they came to sample the markets," she told the Telegraph earlier this month....

The latest paper from China CDC — published on ChinaXiv on Wednesday — reveals that although researchers sampled 18 species including bamboo rats, wild boars and hedgehogs, they did not take specimens from animals including raccoon dogs now known to be susceptible to the virus. It is likely that this is because they had already been removed. Some researchers said this undermines the China CDC's suggestion that animals did not bring the virus into the market — a route that China has consistently discredited, much like the potential for a laboratory leak, as it does not want the origin to be within its own borders. "This claim that no live animals with the virus were found at the market is one of the most pernicious and misleading talking points proffered," said Dr Michael Worobey, an evolutionary biologist at the University of Arizona who led the international analysis.

"If no live raccoon dogs... or other plausible intermediate hosts species were tested (because they had all disappeared by the time this testing took place), then saying that the lack of Sars-CoV-2 live animals at the market is evidence against a zoonotic origin is at best misinformed. At worst, it is deliberate disinformation," he told the Telegraph.

After launching My Ad Center last fall, Google is now introducing the Ads Transparency Center as a "searchable hub of all ads served from verified advertisers." 9to5Google reports: The Ads Transparency Center will let you view all the advertisements a company has run using Google's networks. Each ad includes the date it last ran, format (text, video, etc.), and what region (country) it was shown in: "For example, imagine you're seeing an ad for a skincare product you're interested in, but you don't recognize the brand, or you're curious to understand if you recognize other ads from this brand. With the Ads Transparency Center, you can look up the advertiser and learn more about them before purchasing or visiting their site."

You can search by advertiser (with approximate ad quantity noted) or website, with filters for topics, time, and country. Once an advertiser is selected, Google will show the feed of ads with the ability to select for more details. You'll be able to access it directly here or from the My Ad Center, which lets you customize advertising that appears in Search, Discover, Shopping, and YouTube.

The Verge reports: A federal judge has ruled against the Internet Archive in Hachette v. Internet Archive, a lawsuit brought against it by four book publishers, deciding that the website does not have the right to scan books and lend them out like a library. Judge John G. Koeltl decided that the Internet Archive had done nothing more than create "derivative works," and so would have needed authorization from the books' copyright holders — the publishers — before lending them out through its National Emergency Library program. The Internet Archive says it will appeal.
The decision was "a blow to all libraries and the communities we serve," argued Chris Freeland, the director of Open Libraries at the Internet Archive. In a blog post he argued the decision "impacts libraries across the U.S. who rely on controlled digital lending to connect their patrons with books online. It hurts authors by saying that unfair licensing models are the only way their books can be read online. And it holds back access to information in the digital age, harming all readers, everywhere.
The Verge adds that the judge rejected "fair use" arguments which had previously protected a 2014 digital book preservation project by Google Books and HathiTrust: Koetl wrote that any "alleged benefits" from the Internet Archive's library "cannot outweigh the market harm to the publishers," declaring that "there is nothing transformative about [Internet Archive's] copying and unauthorized lending," and that copying these books doesn't provide "criticism, commentary, or information about them." He notes that the Google Books use was found "transformative" because it created a searchable database instead of simply publishing copies of books on the internet.

Koetl also dismissed arguments that the Internet Archive might theoretically have helped publishers sell more copies of their books, saying there was no direct evidence, and that it was "irrelevant" that the Internet Archive had purchased its own copies of the books before making copies for its online audience. According to data obtained during the trial, the Internet Archive currently hosts around 70,000 e-book "borrows" a day.
Thanks to long-time Slashdot reader esme for sharing the news.

turp182 shares a report from Ars Technica: Hackers drained millions of dollars in digital coins from cryptocurrency ATMs by exploiting a zero-day vulnerability, leaving customers on the hook for losses that can't be reversed, the kiosk manufacturer has revealed. The heist targeted ATMs sold by General Bytes, a company with multiple locations throughout the world. These BATMs, short for bitcoin ATMs, can be set up in convenience stores and other businesses to allow people to exchange bitcoin for other currencies and vice versa. Customers connect the BATMs to a crypto application server (CAS) that they can manage or, until now, that General Bytes could manage for them. For reasons that aren't entirely clear, the BATMs offer an option that allows customers to upload videos from the terminal to the CAS using a mechanism known as the master server interface.

Over the weekend, General Bytes revealed that more than $1.5 million worth of bitcoin had been drained from CASes operated by the company and by customers. To pull off the heist, an unknown threat actor exploited a previously unknown vulnerability that allowed it to use this interface to upload and execute a malicious Java application. The actor then drained various hot wallets of about 56 BTC, worth roughly $1.5 million. General Bytes patched the vulnerability 15 hours after learning of it, but due to the way cryptocurrencies work, the losses were unrecoverable. [...] Once the malicious application executed on a server, the threat actor was able to (1) access the database, (2) read and decrypt encoded API keys needed to access funds in hot wallets and exchanges, (3) transfer funds from hot wallets to a wallet controlled by the threat actor, (4) download user names and password hashes and turn off 2FA, and (5) access terminal event logs and scan for instances where customers scanned private keys at the ATM. The sensitive data in step 5 had been logged by older versions of ATM software.

Going forward, this weekend's post said, General Bytes will no longer manage CASes on behalf of customers. That means terminal holders will have to manage the servers themselves. The company is also in the process of collecting data from customers to validate all losses related to the hack, performing an internal investigation, and cooperating with authorities in an attempt to identify the threat actor. General Bytes said the company has received "multiple security audits since 2021," and that none of them detected the vulnerability exploited. The company is now in the process of seeking further help in securing its BATMs.

The Reg has seen two recent incidents of Russian developers being blocked from public development of FOSS code. One was a refusal on the Linux kernel mailing list, the other a more general block on Github. In the last week, these events have both caused active, and sometimes heated, discussions in FOSS developer communities. From the report: The GitHub account of developer Alexander Amelkin has been blocked, and his repositories marked as "archived" â" including ipmitool, whose README describes it as "a utility for managing and configuring devices that support the Intelligent Platform Management Interface." Unable to comment on Github itself, Amelkin described what happened on the project's older Soureforge page.

Amelkin works for Russian chipbuilder Yadro, which we described as working on RISC-V chips back in 2021. Microsoft is just obeying US law in this: according to the War and Sanctions database of the Ukrainian National Agency on Corruption Prevention, the NACP, Yadro is a sanctioned company. However, on LinkedIn, Amelkin disputes his employer's involvement. Over on Hacker News, commentators seem to be generally in favor of the move, although the discussion on LWN is more measured, pointing out both that there is little threat from server-management tools like this, but that Microsoft probably has no choice.

Amelkin is not alone. Over on the Linux Kernel Mailing List, a contribution from Sergey Semin has been refused with the terse notice: "We don't feel comfortable accepting patches from or relating to hardware produced by your organization. Please withhold networking contributions until further notice." Semin is a developer at chipmaker Baikal Electronics, a company whose website has been suspended for a year now, as we noted a year ago in a story that also mentions Yadro. We were reporting on Baikal's efforts to develop its own CPUs nearly a decade ago, mere months after the Russian annexation of Crimea. And once again, there is spirited debate over the move on the Orange Site.

"The World Health Organization on Friday called on China to release new data linking the Covid pandemic's origins to animal samples at Wuhan Market after the country recently took down the research," reports CNBC.

The existence of the new data was revealed by the Atlantic earlier this week, in an article reporting that the newly-discovered samples showed the virus was present in creatures for sale there near the very beginning of the pandemic: A new analysis of genetic sequences collected from the market shows that raccoon dogs being illegally sold at the venue could have been carrying and possibly shedding the virus at the end of 2019. It's some of the strongest support yet, experts told me, that the pandemic began when SARS-CoV-2 hopped from animals into humans, rather than in an accident among scientists experimenting with viruses....

The genetic sequences were pulled out of swabs taken in and near market stalls around the pandemic's start. They represent the first bits of raw data that researchers outside of China's academic institutions and their direct collaborators have had access to. A few weeks ago, the data appeared on an open-access genomic database called GISAID, after being quietly posted by researchers affiliated with the country's Center for Disease Control and Prevention. By almost pure happenstance, scientists in Europe, North America, and Australia spotted the sequences, downloaded them, and began an analysis.

The samples were already known to be positive for the coronavirus, and had been scrutinized before by the same group of Chinese researchers who uploaded the data to GISAID. But that prior analysis, released as a preprint publication in February 2022, asserted that "no animal host of SARS-CoV-2 can be deduced...." The new analysis, led by Kristian Andersen, Edward Holmes, and Michael Worobey — three prominent researchers who have been looking into the virus's roots — shows that that may not be the case. Within about half a day of downloading the data from GISAID, the trio and their collaborators discovered that several market samples that tested positive for SARS-CoV-2 were also coming back chock-full of animal genetic material — much of which was a match for the common raccoon dog. Because of how the samples were gathered, and because viruses can't persist by themselves in the environment, the scientists think that their findings could indicate the presence of a coronavirus-infected raccoon dog in the spots where the swabs were taken....

The new analysis builds on extensive previous research that points to the market as the source of the earliest major outbreak of SARS-CoV-2: Many of the earliest known COVID-19 cases of the pandemic were clustered roughly in the market's vicinity. And the virus's genetic material was found in many samples swabbed from carts and animal-processing equipment at the venue, as well as parts of nearby infrastructure, such as storehouses, sewage wells, and water drains. Raccoon dogs, creatures commonly bred for sale in China, are also already known to be one of many mammal species that can easily catch and spread the coronavirus. All of this left one main hole in the puzzle to fill: clear-cut evidence that raccoon dogs and the virus were in the exact same spot at the market, close enough that the creatures might have been infected and, possibly, infectious.

That's what the new analysis provides. Think of it as finding the DNA of an investigation's main suspect at the scene of the crime.
The article also notes that the genetic sequences "also vanished from the database shortly after the international team of researchers notified the Chinese researchers of their preliminary findings, without explanation." And it adds that all along China has "vehemently" fought the theory that Covid-19 originated from live animals being sold at Wuhan market. Although "in June 2021, a team of researchers published a study documenting tens of thousands of mammals for sale in wet markets in Wuhan between 2017 and late 2019, including at Huanan."

"The animals were kept in largely illegal, cramped, and unhygienic settings — conditions conducive to viral transmission — and among them were more than 1,000 raccoon dogs." And there's even photos of raccoon dogs for sale at the market in December of 2019.


More coverage of the newly-discovered data is now appearing in numerous news outlets, including the New York Times, NBC News, ABC News, the Guardian, PBS, and Science.

TomTom, the Dutch navigation software company most known for its GPS navigation systems, announced that it's support the OpenStreetMap Foundation (OSMF) as a Platinum Member. It's a U-turn for the company, which launched an article in 2012 on what they called the "negative aspects" of open data projects such as OpenStreetMap. From the press release: Last year, the geolocation company explained the instrumental role that OpenStreetMap (OSM) data is playing in its efforts to build the smartest map on the planet via the TomTom Maps Platform. Its latest move further affirms the company's commitment to the global OSM project. TomTom is contributing 20,000 euros to the OSMF as the first corporate OSM member to join the foundation at the Platinum level.

The OSMF is a not-for-profit organization that supports the OSM project in various ways, such as by running the OSM infrastructure and raising funds, as well as communicating with OSM working groups. With this annual contribution to the foundation, TomTom is providing direct financial support to OSM's operations and infrastructure, including hardware, cloud costs and engineering hours.

An anonymous reader quotes a report from Ars Technica: A public pool in the UK is expected to save [about $24,000] and cut carbon emissions by 25.8 tons annually by warming a 25-meter children's pool with waste heat from a data center from startup Deep Green. UK-based Deep Green is a newcomer in the data-center heat game and is making its entrance notable by putting a monetary figure on potential savings, which are fueled by the heat's low, low rate of free. Deep Green's paying customers are machine-learning and AI firms seeking computing resources. As reported by Datacenter Dynamics on Tuesday, clients can leverage Deep Green's 28 kW system with high-performance computing (HPC) capabilities. The HPC cluster at the Exmouth Leisure Centre swimming pool has 12 four-CPU cards and could eventually be used for cloud services and video rendering, Deep Green CEO Mark Bjornsgaard told the publication. According to the BBC , the server is about the size of a washing machine.

The computers are submerged in mineral oil that captures heat that gets transferred into pool water with a heat exchanger. The pool still has a gas boiler to boost the water's temperature if required. Deep Green claims it's transferring about 96 percent of the energy used by its computers and reducing a pool's gas heat usage by 62 percent. Deep Green is paying the Exmouth Leisure Centre for all the electricity its data center uses, as well as any setup costs, and the Exmouth Leisure Centre gets the heat for free.

Deep Green CTO Mat Craggs told Datacenter Dynamics: "Our expected heat transfer from the kit is 139,284 kWh a year, equivalent to 62 percent of the pool's heat needs." He noted that adding more servers to the tub could extend the figure to 70 or 80 percent. Deep Green's data center can heat the Exmouth Leisure Centre's 25 meter pool to 86 degrees Fahrenheit for about 60 percent of the time, BBC reported. The startup has plans to set up data centers in seven more UK locations and has a 2023 target of 20 locations.

Facebook parent company Meta Platforms has created a tool to predict the structure of hundreds of millions of proteins using artificial intelligence. Researchers say it promises to deepen scientists' understanding of biology, and perhaps speed the discovery of new drugs. From a report: Meta's research arm, Meta AI, used the new AI-based computer program known as ESMFold to create a public database of 617 million predicted proteins. Proteins are the building blocks of life and of many medicines, required for the function of tissues, organs and cells. Drugs based on proteins are used to treat heart disease, certain cancers and HIV, among other illnesses, and many pharmaceutical companies have begun to pursue new drugs with artificial intelligence. Using AI to predict protein structures is expected to not only boost the effectiveness of existing drugs and drug candidates but also help discover molecules that could treat diseases whose cures have remained elusive.

With ESMFold, Meta is squaring off against another protein-prediction computer model known as AlphaFold from DeepMind Technologies, a subsidiary of Google parent Alphabet. AlphaFold said last year that its database has 214 million predicted proteins that could help accelerate drug discovery. Meta says ESMFold is 60 times faster than AlphaFold, but less accurate. The ESMFold database is larger because it made predictions from genetic sequences that hadn't been studied previously. Predicting a protein's structure can help scientists understand its biological function, according to Alexander Rives, co-author of a study published Thursday in the journal Science and a research scientist at Meta AI. Meta had previously released the paper describing ESMFold in November 2022 on a preprint server. Further reading: What metaverse? Meta says its single largest investment is now in 'advancing AI.'

An anonymous reader quotes a report from The Guardian: More than 1,000 scientists and postgraduate students were barred from working in the UK last year on national security grounds, amid a major government crackdown on research collaborations with China. Figures obtained by the Guardian reveal that a record 1,104 scientists and postgraduate students were rejected by Foreign Office vetting in 2022, up from 128 in 2020 and just 13 in 2016.

The sharp increase follows a hardening of the government's stance on scientific ties with China, with warnings from MI5 of a growing espionage threat, major research centers being quietly shut down and accusations by a government minister that China's leading genomics company had regularly sought to hack into the NHS's genetic database. Geopolitical tensions stepped up further this week, as the US, Australia and the UK announced a multi-decade, multibillion-dollar deal aimed at countering China's military expansion in the Indo-Pacific. China said the Aukus plan to build a combined fleet of elite nuclear-powered submarines was "a path of error and danger."

The Foreign Office declined to give a breakdown by nationality, but data supplied by leading universities including Oxford, Cambridge and Imperial College suggests that, at these institutions at least, Chinese academics account for a majority of those denied clearance. Some have welcomed the policy shift, with one security expert saying the number of academics being barred is "commensurate with the threat." But leading scientists say the scheme is leaving universities struggling to recruit the best talent from abroad. "A majority of applicants are thought to be scientists seeking to move to the UK to take up offers of research degrees or fellowships," adds the Guardian. "But the Guardian is also aware of researchers, including five Chinese scientists at Imperial college, who did not pass clearance despite having already held positions at UK universities for several years -- and who may have had to leave the UK as a result."

Last month, a declassified FBI report revealed that the bureau had used Section 702 of the Foreign Intelligence Surveillance Act (FISA) to conduct multiple unlawful searches of a sitting Congress member's personal communications.

From a report by Ars Technica: Wired was the first to report the abuse, but for weeks, no one knew exactly which lawmaker was targeted by the FBI. That changed this week when Rep. Darin LaHood (R-Ill.) revealed during an annual House Intelligence Committee hearing on world threats that the FBI's abuse of 702 was "in fact" aimed at him. "This careless abuse by the FBI is unfortunate," LaHood said at the hearing, suggesting that the searches of his name not only "degrades trust in FISA" but was a "threat to separation of powers" in the United States. Calling the FBI's past abuses of Section 702 "egregious," the congressman -- who is leading the House Intelligence Committee's working group pushing to reauthorize Section 702 amid a steeply divided Congress -- said that "ironically," being targeted by the FBI gives him a "unique perspective" on "what's wrong with the FBI."

LaHood has said that having his own Fourth Amendment rights violated in ways others consider "frightening" positions him well to oversee the working group charged with implementing bipartisan reforms and safeguards that would prevent any such abuses in the future. House Permanent Select Committee on Intelligence Chairman Mike Turner (R-Ohio) said that LaHood "personifies the fears and mistrust many in America have about the FBI's leadership," noting that "too many Americans are worried it could be them" next. FBI director Christopher Wray said that he "completely" understood LaHood's concerns, while emphasizing that the FBI has already implemented reforms and safeguards to prevent similar abuses in the future. An FBI spokesperson told Ars that "extensive changes" to address 702 compliance issues include "a whole new Office of Internal Audit currently focused on FISA compliance" and new policies requiring "enhanced pre-approval requirements before certain 'sensitive' US person queries can be run." The spokesperson provided an example, saying that for any sensitive queries involving elected officials, the FBI's deputy director must sign off. Wray said at the hearing that queries of the Section 702 database on US persons have dropped by 93 percent since last year. He also confirmed that the FBI launched "all sorts of mandatory enhanced training" initiatives on 702 compliance.
UPDATE: "At the same time, [LaHood] made clear that he still believes that Congress must reauthorize Section 702," reports the New York Times, "which he praised as a vital tool for combating a broad range of foreign threats."

The United States Federal Bureau of Investigation has acknowledged for the first time that it purchased US location data rather than obtaining a warrant. Wired reports: While the practice of buying people's location data has grown increasingly common since the US Supreme Court reined in the government's ability to warrantlessly track Americans' phones nearly five years ago, the FBI had not previously revealed ever making such purchases. The disclosure came [Wednesday] during a US Senate hearing on global threats attended by five of the nation's intelligence chiefs.

Senator Ron Wyden, an Oregon Democrat, put the question of the bureau's use of commercial data to its director, Christopher Wray: "Does the FBI purchase US phone-geolocation information?" Wray said his agency was not currently doing so, but he acknowledged that it had in the past. He also limited his response to data companies gathered specifically for advertising purposes. To my knowledge, we do not currently purchase commercial database information that includes location data derived from internet advertising," Wray said. "I understand that we previously -- as in the past -- purchased some such information for a specific national security pilot project. But that's not been active for some time." He added that the bureau now relies on a "court-authorized process" to obtain location data from companies."

It's not immediately clear whether Wray was referring to a warrant -- that is, an order signed by a judge who is reasonably convinced that a crime has occurred -- or another legal device. Nor did Wray indicate what motivated the FBI to end the practice. In its landmark Carpenter v. United States decision, the Supreme Court held that government agencies accessing historical location data without a warrant were violating the Fourth Amendment's guarantee against unreasonable searches. But the ruling was narrowly construed. Privacy advocates say the decision left open a glaring loophole that allows the government to simply purchase whatever it cannot otherwise legally obtain. [...] Asked during the Senate hearing whether the FBI would pick up the practice of purchasing location data again, Wray replied: "We have no plans to change that, at the current time."

According to a spokesperson for the United States Marshals Service (USMS), the agency was hit with a ransomware attack last week that compromises sensitive information. NBC News reports: In a statement Monday, U.S. Marshals Service spokesperson Drew Wade acknowledged the breach, telling NBC News: "The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees."

Wade said the incident occurred Feb. 17, when the Marshals Service "discovered a ransomware and data exfiltration event affecting a stand-alone USMS system." The system was disconnected from the network, and the Justice Department began a forensic investigation, Wade said. He added that on Wednesday, after the agency briefed senior department officials, "those officials determined that it constitutes a major incident." The investigation is ongoing, Wade said.

A senior law enforcement official familiar with the incident said the breach did not involve the database involving the Witness Security Program, commonly known as the witness protection program. The official said no one in the witness protection program is in danger because of the breach. Nevertheless, the official said, the incident is significant, affecting law enforcement sensitive information pertaining to the subjects of Marshals Service investigations. The official said the agency has been able to develop a workaround so it is able to continue operations and efforts to track down fugitives.

wiredmikey shares a report from SecurityWeek: Password management software firm LastPass says one of its DevOps engineers had a personal home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud storage resources. LastPass on Monday fessed up a "second attack" where an unnamed threat actor combined data stolen from an August breach with information available from a third-party data breach, and a vulnerability in a third-party media software package to launch a coordinated attack. [...]

LastPass worked with incident response experts at Mandiant to perform forensics and found that a DevOps engineer's home computer was targeted to get around security mitigations. The attackers exploited a remote code execution vulnerability in a third-party media software package and planted keylogger malware on the employee's personal computer. "The threat actor was able to capture the employee's master password as it was entered, after the employee authenticated with MFA, and gain access to the DevOps engineer's LastPass corporate vault," the company said. "The threat actor then exported the native corporate vault entries and content of shared folders, which contained encrypted secure notes with access and decryption keys needed to access the AWS S3 LastPass production backups, other cloud-based storage resources, and some related critical database backups," LastPass confirmed. LastPass originally disclosed the breach in August 2022 and warned that "some source code and technical information were stolen."

SecurityWeek adds: "In January 2023, the company said the breach was far worse than originally reported and included the theft of account usernames, salted and hashed passwords, a portion of Multi-Factor Authentication (MFA) settings, as well as some product settings and licensing information."

Web hosting giant GoDaddy says it suffered a breach where unknown attackers have stolen source code and installed malware on its servers after breaching its cPanel shared hosting environment in a multi-year attack. From a report: While GoDaddy discovered the security breach in early December 2022 following customer reports that their sites were being used to redirect to random domains, the attackers had access to the company's network for multiple years. "Based on our investigation, we believe these incidents are part of a multi-year campaign by a sophisticated threat actor group that, among other things, installed malware on our systems and obtained pieces of code related to some services within GoDaddy," the hosting firm said in an SEC filing. The company says that previous breaches disclosed in November 2021 and March 2020 are also linked to this multi-year campaign. The November 2021 incident led to a data breach affecting 1.2 million Managed WordPress customers after attackers breached GoDaddy's WordPress hosting environment using a compromised password. They gained access to the email addresses of all impacted customers, their WordPress Admin passwords, sFTP and database credentials, and SSL private keys of a subset of active clients.

"Wherever you live, you should be paying attention to Utah Senate Bill 152 and the somewhat similar House Bill 311," writes tech journalist and long-time child safety advocate Larry Magid in an op-ed via the Mercury News. "Even though it's legislation for a single state, it could set a dangerous precedent and make it harder to pass and enforce sensible federal legislation that truly would protect children and other users of connected technology." From the report: SB 152 would require parents to provide their government-issued ID and physical address in order for their child or teenager to access social media. But even if you like those provisions, this bill would require everyone -- including adults -- to submit government-issued ID to sign up for a social media account, including not just sites like Facebook, Instagram, Snapchat and TikTok, but also video sharing sites like YouTube, which is commonly used by schools. The bill even bans minors from being online between 10:30 p.m. and 6:30 a.m., empowering the government to usurp the rights of parents to supervise and manage teens' screen time. Should it be illegal for teens to get up early to finish their homework (often requiring access to YouTube or other social media) or perhaps access information that would help them do early morning chores? Parents -- not the state -- should be making and enforcing their family's schedule.

I oppose these bills from my perch as a long-time child safety advocate (I wrote "Child Safety on the Information Highway" in 1994 for the National Center for Missing & Exploited Children and am currently CEO of ConnectSafely.org). However well-intentioned, they could increase risk and deny basic rights to children and adults. SB 152 would require companies to keep a "record of any submissions provided under the requirements," which means there would not only be databases of all social media users, but also of users under 18, which could be hacked by criminals or foreign governments seeking information on Utah children and adults. And, in case you think that's impossible, there was a breach in 2006 of a database of children that was mandated by the State of Utah to protect them from sites that displayed or promoted pornography, alcohol, tobacco and gambling. No one expects a data breach, but they happen on a regular basis. There is also the issue of privacy. Social media is both media and speech, and some social media are frequented by people who might not want employers, family members, law enforcement or the government to know what information they're consuming. Whatever their interests, people should have the right to at least anonymously consume information or express their opinions. This should apply to everyone, regardless of who they are, what they believe or what they're interested in. [...]

It's important to always look at the potential unintended consequences of legislation. I'm sure the lawmakers in Utah who are backing this bill have the best interests of children in mind. But this wouldn't be the first law designed to protect children that actually puts them at risk or violates adult rights in the name of child protection. I applaud any policymaker who wants to find ways to protect kids and hold technology companies accountable for doing their part to protect privacy and security as well as employing best-practices when it comes to the mental health and well being of children. But the legislation, whether coming from Utah, another state or Washington, D.C., must be sensible, workable, constitutional and balanced, so it at the very least, does more good than harm.

Getty Images has filed a lawsuit in the US against Stability AI, creators of open-source AI art generator Stable Diffusion, escalating its legal battle against the firm. From a report: The stock photography company is accusing Stability AI of "brazen infringement of Getty Images' intellectual property on a staggering scale." It claims that Stability AI copied more than 12 million images from its database "without permission ... or compensation ... as part of its efforts to build a competing business," and that the startup has infringed on both the company's copyright and trademark protections. The lawsuit is the latest volley in the ongoing legal struggle between the creators of AI art generators and rights-holders. AI art tools require illustrations, artwork, and photographs to use as training data, and often scrape it from the web without the creator's consent.

MIT's Technology Review reports: Popular image generation models can be prompted to produce identifiable photos of real people, potentially threatening their privacy, according to new research. The work also shows that these AI systems can be made to regurgitate exact copies of medical images and copyrighted work by artists. It's a finding that could strengthen the case for artists who are currently suing AI companies for copyright violations.

The researchers, from Google, DeepMind, UC Berkeley, ETH Zürich, and Princeton, got their results by prompting Stable Diffusion and Google's Imagen with captions for images, such as a person's name, many times. Then they analyzed whether any of the images they generated matched original images in the model's database. The group managed to extract over 100 replicas of images in the AI's training set....

The paper with title "Extracting Training Data from Diffusion Models" is the first time researchers have managed to prove that these AI models memorize images in their training sets, says Ryan Webster, a PhD student at the University of Caen Normandy in France, who has studied privacy in other image generation models but was not involved in the research. This could have implications for startups wanting to use generative AI models in health care, because it shows that these systems risk leaking sensitive private information. OpenAI, Google, and Stability.AI did not respond to our requests for comment.
Slashdot user guest reader notes a recent class action lawsuit arguing that an art-generating AI is "a 21st-century collage tool.... A diffusion model is a form of lossy compression applied to the Training Images."

The development team behind the open-source password management software KeePass is disputing what is described as a newly found vulnerability that allows attackers to stealthily export the entire database in plain text. BleepingComputer reports: KeePass is a very popular open-source password manager that allows you to manage your passwords using a locally stored database, rather than a cloud-hosted one, such as LastPass or Bitwarden. To secure these local databases, users can encrypt them using a master password so that malware or a threat actor can't just steal the database and automatically gain access to the passwords stored within it. The new vulnerability is now tracked as CVE-2023-24055, and it enables threat actors with write access to a target's system to alter the KeePass XML configuration file and inject a malicious trigger that would export the database, including all usernames and passwords in cleartext. The next time the target launches KeePass and enters the master password to open and decrypt the database, the export rule will be triggered, and the contents of the database will be saved to a file the attackers can later exfiltrate to a system under their control. However, this export process launches in the background without the user being notified or KeePass requesting the master password to be entered as confirmation before exporting, allowing the threat actor to quietly gain access to all of the stored passwords. [...]

While the CERT teams of Netherlands and Belgium have also issued security advisories regarding CVE-2023-24055, the KeePass development team is arguing that this shouldn't be classified as a vulnerability given that attackers with write access to a target's device can also obtain the information contained within the KeePass database through other means. In fact, a "Security Issues" page on the KeePass Help Center has been describing the "Write Access to Configuration File" issue since at least April 2019 as "not really a security vulnerability of KeePass." If the user has installed KeePass as a regular program and the attackers have write access, they can also "perform various kinds of attacks." Threat actors can also replace the KeePass executable with malware if the user runs the portable version.

"In both cases, having write access to the KeePass configuration file typically implies that an attacker can actually perform much more powerful attacks than modifying the configuration file (and these attacks in the end can also affect KeePass, independent of a configuration file protection)," the KeePass developers explain. "These attacks can only be prevented by keeping the environment secure (by using an anti-virus software, a firewall, not opening unknown e-mail attachments, etc.). KeePass cannot magically run securely in an insecure environment." If the KeePass devs don't release a version of the app that addresses this issue, BleepingComputer notes "you could still secure your database by logging in as a system admin and creating an enforced configuration file."

"This type of config file takes precedence over settings described in global and local configuration files, including new triggers added by malicious actors, thus mitigating the CVE-2023-24055 issue."