Encryption

Encryption Made For Police and Military Radios May Be Easily Cracked (wired.com) 64

An anonymous reader quotes a report from Wired: Two years ago, researchers in the Netherlands discovered an intentional backdoor in an encryption algorithm baked into radios used by critical infrastructure -- as well as police, intelligence agencies, and military forces around the world -- that made any communication secured with the algorithm vulnerable to eavesdropping. When the researchers publicly disclosed the issue in 2023, the European Telecommunications Standards Institute (ETSI), which developed the algorithm, advised anyone using it for sensitive communication to deploy an end-to-end encryption solution on top of the flawed algorithm to bolster the security of their communications. But now the same researchers have found that at least one implementation of the end-to-end encryption solution endorsed by ETSI has a similar issue that makes it equally vulnerable to eavesdropping. The encryption algorithm used for the device they examined starts with a 128-bit key, but this gets compressed to 56 bits before it encrypts traffic, making it easier to crack. It's not clear who is using this implementation of the end-to-end encryption algorithm, nor if anyone using devices with the end-to-end encryption is aware of the security vulnerability in them. Wired notes that the end-to-end encryption the researchers examined is most commonly used by law enforcement and national security teams. "But ETSI's endorsement of the algorithm two years ago to mitigate flaws found in its lower-level encryption algorithm suggests it may be used more widely now than at the time."
Microsoft

Microsoft's $30 Windows 10 Security Updates Cover 10 Devices 68

Microsoft's $30 Extended Security Updates license for Windows 10 will cover up to 10 devices under a single Microsoft Account, the company confirmed in updated support documentation. The ESU program, which provides security updates through October 13, 2026, requires a Microsoft Account for all three enrollment options: the $30 one-time purchase, redemption of 1,000 Microsoft Reward points, or free enrollment for users who sync their PC settings to OneDrive. Windows 10's support ends October 14, 2025.
Security

Citizen Lab Director Warns Cyber Industry About US Authoritarian Descent (techcrunch.com) 103

An anonymous reader quotes a report from TechCrunch: Ron Deibert, the director of Citizen Lab, one of the most prominent organizations investigating government spyware abuses, is sounding the alarm to the cybersecurity community and asking them to step up and join the fight against authoritarianism. On Wednesday, Deibert will deliver a keynote at the Black Hat cybersecurity conference in Las Vegas, one of the largest gatherings of information security professionals of the year. Ahead of his talk, Deibert told TechCrunch that he plans to speak about what he describes as a "descent into a kind of fusion of tech and fascism," and the role that the Big Tech platforms are playing, and "propelling forward a really frightening type of collective insecurity that isn't typically addressed by this crowd, this community, as a cybersecurity problem."

Deibert described the recent political events in the United States as a "dramatic descent into authoritarianism," but one that the cybersecurity community can help defend against. "I think alarm bells need to be rung for this community that, at the very least, they should be aware of what's going on and hopefully they can not contribute to it, if not help reverse it," Deibert told TechCrunch. [...] "I think that there comes a point at which you have to recognize that the landscape is changing around you, and the security problems you set out for yourselves are maybe trivial in light of the broader context and the insecurities that are being propelled forward in the absence of proper checks and balances and oversight, which are deteriorating," said Deibert.

Deibert is also concerned that big companies like Meta, Google, and Apple could take a step back in their efforts to fight against government spyware -- sometimes referred to as "commercial" or "mercenary" spyware -- by gutting their threat intelligence teams. [...] Deibert believes there is a "huge market failure when it comes to cybersecurity for global civil society," a part of the population that generally cannot afford to get help from big security companies that typically serve governments and corporate clients. "This market failure is going to get more acute as supporting institutions evaporate and attacks on civil society amplify," he said. "Whatever they can do to contribute to offset this market failure (e.g., pro bono work) will be essential to the future of liberal democracy worldwide," he said. Deibert is concerned that these threat intelligence teams could be cut or at least reduced, given that the same companies have cut their moderation and safety teams. He told TechCrunch that threat intelligence teams, like the ones at Meta, are doing "amazing work," in part by staying siloed and separate from the commercial arms of their wider organizations. "But the question is how long will that last?" said Deibert.

Games

Call of Duty's Anti-Cheat Will Require TPM 2.0 and Secure Boot for PC Players (gamespot.com) 105

Activision will require PC players of Call of Duty: Black Ops 7 to enable Trusted Platform Module 2.0 and Windows Secure Boot when the game launches later this year. The company begins testing these anti-cheat measures with Black Ops 6's Season 5 on Thursday without enforcement.

TPM 2.0 verifies untampered boot processes while Secure Boot ensures Windows loads only trusted software at startup. Both features perform checks during system and game startup but remain inactive during gameplay. Activision has also pursued legal action against 22 individuals who developed and sold cheats.
Security

Google Suffers Data Breach in Ongoing Salesforce Data Theft Attacks (bleepingcomputer.com) 3

Google is the latest company to suffer a data breach in an ongoing wave of Salesforce CRM data theft attacks conducted by the ShinyHunters extortion group. BleepingComputer: In June, Google warned that a threat actor they classify as 'UNC6040' is targeting companies' employees in voice phishing (vishing) social engineering attacks to breach Salesforce instances and download customer data. This data is then used to extort companies into paying a ransom to prevent the data from being leaked.

In a brief update to the article last night, Google said that it too fell victim to the same attack in June after one of its Salesforce CRM instances was breached and customer data was stolen. "In June, one of Google's corporate Salesforce instances was impacted by similar UNC6040 activity described in this post. Google responded to the activity, performed an impact analysis and began mitigations," reads Google's update.

Data Storage

DRAM Prices Soar as China Eyes Self-Reliance For High-End Chips (nikkei.com) 30

Standard DDR4 DRAM prices doubled between May and June 2025, with 8-gigabit units reaching $4.12 and 4-gigabit units hitting $3.14 -- the latter's highest level since July 2021, according to electronics trading companies cited by Nikkei Asia. The unprecedented single-month doubling follows speculation that Chinese manufacturer ChangXin Memory Technologies has halted DDR4 production to shift factories toward DDR5 memory for AI applications.

DDR4 currently comprises 60% of desktop PC memory while DDR5 accounts for 40%, per Tokyo-based BCN research. Samsung Electronics, SK Hynix, and Micron Technology controlled 90% of the global DRAM market in Q2 2025.
United States

Three US Agencies Get Failing Grades For Not Following IT Best Practices (theregister.com) 19

The Government Accountability Office has issued reports criticizing the Department of Homeland Security, Environmental Protection Agency, and General Services Administration for failing to implement critical IT and cybersecurity recommendations.

DHS leads with 43 unresolved recommendations dating to 2018, including seven priority matters. The EPA has 11 outstanding items, including failures to submit FedRAMP documentation and conduct organization-wide cybersecurity risk assessments. GSA has four pending recommendations.

All three agencies failed to properly log cybersecurity events and conduct required annual IT portfolio reviews. The DHS' HART biometric program remains behind schedule without proper cost accounting or privacy controls, with all nine 2023 recommendations still open.
Wikipedia

Wikipedia Editors Adopt 'Speedy Deletion' Policy for AI Slop Articles (404media.co) 31

Wikipedia editors have adopted a policy enabling administrators to delete AI-generated articles without the standard week-long discussion period. Articles containing telltale LLM responses like "Here is your Wikipedia article on" or "Up to my last training update" now qualify for immediate removal.

Articles with fabricated citations -- nonexistent papers or unrelated sources such as beetle research cited in computer science articles -- also meet deletion criteria.
Security

CrowdStrike Investigated 320 North Korean IT Worker Cases In the Past Year (cyberscoop.com) 11

An anonymous reader quotes a report from CyberScoop: North Korean operatives seeking and gaining technical jobs with foreign companies kept CrowdStrike busy, accounting for almost one incident response case or investigation per day in the past year, the company said in its annual threat hunting report released Monday. "We saw a 220% year-over-year increase in the last 12 months of Famous Chollima activity," Adam Meyers, senior vice president of counter adversary operations, said during a media briefing about the report. "We see them almost every day now," he said, referring to the North Korean state-sponsored group of North Korean technical specialists that has crept into the workforce of Fortune 500 companies and small-to-midsized organizations across the globe.

CrowdStrike's threat-hunting team investigated more than 320 incidents involving North Korean operatives gaining remote employment as IT workers during the one-year period ending June 30. CrowdStrike researchers found that Famous Chollima fueled that pace of activity with an assist from generative artificial intelligence tools that helped North Korean operatives maneuver workflows and evade detection during the hiring process. "They use generative AI across all stages of their operation," Meyers said. The insider threat group used generative AI to draft resumes, create false identities, build tools for job research, mask their identity during video interviews and answer questions or complete technical coding assignments, the report found. CrowdStrike said North Korean tech workers also used generative AI on the job to help with daily tasks and manage various communications across multiple jobs -- sometimes three to four -- they worked simultaneously.

Threat hunters observed other significant shifts in malicious activity during the past year, including a 27% year-over-year increase in hands-on-keyboard intrusions -- 81% of which involved no malware. Cybercrime accounted for 73% of all interactive intrusions during the one-year period. CrowdStrike continues to find and add more threat groups and clusters of activity to its matrix of cybercriminals, nation-state attackers and hacktivists. The company identified 14 new threat groups or individuals in the past six months, Meyers said. "We're up to over 265 named adversary groups that we track, and then 150 what we call malicious activity clusters," otherwise unnamed threat groups or individuals under development, Meyers said.

Businesses

The Great Indian IT Squeeze 25

An anonymous reader shares a report: The Indian IT sector has operated for decades under the dominance of major firms TCS, Infosys, Wipro, and HCLT. The historical growth of these companies was tightly coupled with the U.S. economy through a strong "multiplier effect," where Indian IT export growth significantly outpaced US GDP growth. This reliable growth model is now under pressure.

The multiplier has weakened considerably, falling from a peak of 4.1x to a projected 1.6x. This is contributing to a prolonged slowdown period for India IT exports. A primary factor in this slowdown is a clear shift in client spending priorities. While overall enterprise technology spending remains strong, clients are now allocating a larger portion of their budgets to core digital infrastructure, such as cloud platforms and SaaS platforms, over traditional IT services.

The firms are facing challenges on multiple fronts. Global corporations are increasingly establishing their own global capability centers in India, with projections indicating an accelerated pace of 120 new centers being added annually in fiscal years 2024 and 2025, up from some 40 six years ago. This insourcing trend diverts revenue from traditional IT vendors and creates direct competition for skilled technology talent.
Microsoft

Microsoft Used China-Based Engineers to Support Product Recently Hacked by China (propublica.org) 27

Microsoft announced last month that Chinese state-sponsored hackers exploited vulnerabilities in SharePoint to breach hundreds of companies and government agencies, including the National Nuclear Security Administration and Department of Homeland Security. The company omitted that SharePoint support is handled by China-based engineers who have maintained the software for years.

ProPublica reviewed screenshots of Microsoft's internal systems showing China-based employees recently fixing bugs for SharePoint "OnPrem," the version targeted in the attacks. Microsoft told the publication that the China-based team operates under U.S. supervision and the company is relocating this work.
The Internet

Perplexity is Using Stealth, Undeclared Crawlers To Evade Website No-Crawl Directives, Cloudflare Says (cloudflare.com) 86

AI startup Perplexity is deploying undeclared web crawlers that masquerade as regular Chrome browsers to access content from websites that have explicitly blocked its official bots, according to a Cloudflare report published Monday. When Perplexity's declared crawlers encounter robots.txt restrictions or network blocks, the company switches to a generic Mozilla user agent that impersonates "Chrome/124.0.0.0 Safari/537.36" running on macOS, the web infrastructure firm reported.

Cloudflare engineers tested the behavior by creating new domains with robots.txt files prohibiting all automated access. Despite the restrictions, Perplexity provided detailed information about the protected content when queried, while the stealth crawler generated 3-6 million daily requests across tens of thousands of domains. The undeclared crawler rotated through multiple IP addresses and network providers to evade detection.
IT

Fujifilm Is Raising Camera Prices By Up To $800 (theverge.com) 132

Fujifilm has raised prices on cameras and lenses across its lineup, with price hikes reaching into the hundreds of dollars. From a report: Among the hikes is an increase to the price of Fuji's ultra-popular X100VI from $1,599 to $1,799. The capable X-T5 has gone from $1,699 to $1,899. And the already very expensive GFX100 II has gone from $7,499 to $8,299 -- an $800 increase.

Increases to lens prices appear to be somewhat more modest, with bumps in the $50 to $150 range.

IT

Is AI Causing Tech Worker Layoffs? It's Complicated (apnews.com) 56

The Associated Press investigates whether tech industry layoffs are really being caused by AI.

Their conclusion? "The reality is more complicated..." "We're kind of in this period where the tech job market is weak, but other areas of the job market have also cooled at a similar pace," said Brendon Bernard, an economist at the Indeed Hiring Lab. "Tech job postings have actually evolved pretty similarly to the rest of the economy, including relative to job postings where there really isn't that much exposure to AI...."

Tech hiring has particularly plunged in AI hubs such as the San Francisco Bay Area, as well as Boston and Seattle, according to Indeed. But in looking more closely at which tech workers were least likely to get hired, Indeed found the deepest impact on entry-level jobs in the tech industry, with those with at least five years of experience faring better. The hiring declines were sharpest in entry-level tech industry jobs that involve marketing, administrative assistance and human resources, which all involve tasks that overlap with the strength of the latest generative AI tools that can help create documents and images...

Microsoft, which is staking its future on AI in the workplace, has also had its own researchers look into the jobs most vulnerable to the current strengths of AI technology. At the top of the list are knowledge work jobs such as language interpreters or translators, as well as historians, passenger attendants, sales representatives, writers and customer service representatives, according to Microsoft's working paper. On the other end, leading in work more immune to AI changes were phlebotomists, or healthcare workers who draw blood, followed by nursing assistants, workers who remove hazardous materials, painters and embalmers.

IT

'A Black Hole': America's New Graduates Discover a Dismal Job Market (nbcnews.com) 200

NBC News reports that in the U.S., many recent graduates looking to enter the labor force "are painting a dire picture of their job search." NBC News asked people who recently finished technical school, college or graduate school how their job application process was going, and in more than 100 responses, the graduates described months spent searching for a job, hundreds of applications and zero responses from employers — even with degrees once thought to be in high demand, like computer science or engineering.

Some said they struggled to get an hourly retail position or are making salaries well below what they had been expecting in fields they hadn't planned to work in. "It was very frustrating," said Jensen Kornfeind, who graduated this spring from Temple University with a degree in international trade. "Out of 70-plus job applications, I had three job interviews, and out of those three, I got ghosted from two of them."

The national economic data backs up their experience. The unemployment rate among recent graduates has been increasing this year to an average of 5.3%, compared to around 4% for the labor force as a whole, making it one of the toughest job markets for recent graduates since 2015, according to an analysis by the Federal Reserve Bank of New York released Friday. "Recent college graduates are on the margin of the labor market, and so they're the first to feel when the labor market slows and hiring slows," said Jaison Abel, an economist at the Federal Reserve Bank of New York.

Across the economy, hiring in recent months has ground to its slowest pace since the start of the pandemic, with employers adding just 73,000 jobs in July, according to data released Friday... Tech workers have been some of the hardest hit in a slowing job market, with more than 400 employers including Meta, Intel and Cisco announcing more than 130,000 jobs cut in 2025, according to tech job site TrueUp.

The article cites an economist at Indeed Hiring Lab who believes early adoption of AI "is also likely driving some of the cuts and leading employers to rethink hiring plans in anticipation of AI's future role." So besides federal policy changes, the article blames "the emergence of AI, which some companies have said they are using to replace certain entry-level jobs, like those in customer support or basic software development."

Seven months after graduating, one CS major told NBC News he'd applied for 100 jobs, and got one job offer — for the 4 a.m. shift at Starbucks.
Programming

Fiverr Ad Mocks Vibe Coding - with a Singing Overripe Avocado (creativebloq.com) 59

It's a cultural milestone. Fiverr just released an ad mocking vibe coding.

The video features what its description calls a "clueless entrepreneur" building an app to tell if an avocado is ripe — who soon ends up blissfully singing with an avocado to the tune of the cheesy 1987 song "Nothing's Gonna Stop Us Now." The avocado sings joyously of "a new app on the rise in a no-code world that's too good to be true" (rhyming that with "So close. Just not tested through...")

"Let them say we're crazy. I don't care about bugs!" the entrepreneur sings back. "Built you in a minute, now I'm so high off this buzz..."

But despite her singing to the overripe avocado that "I don't need a backend if I've got the spark!" and that they can "build this app together, vibe-coding forever. Nothing's going to stop us now!" — the build suddenly fails. (And it turns out that avocado really was overripe...) Fiverr then suggests viewers instead hire one of their experts for building their apps...

The art/design site Creative Bloq acknowledges Fiverr "flip-flopping between scepticism and pro-AI marketing." (They point out a Fiverr ad last November had ended with the tagline "Nobody cares that you use AI! They care about the results — for the best ones higher Fiverr experts who've mastered every digital skill including AI.") But the site calls this new ad "a step in the right direction towards mindful AI usage." Just like an avocado that looks perfect on the outside, once you inspect the insides, AI-generated code can be deceptively unripe.
Fiverr might be feeling the impact of vibecoding themselves. The freelancing web site saw the company's share price fall over 14% this week, with one Yahoo! Finance site saying this week's quarterly results revealed Fiverr's active buyers dropped 10.9% compared to last year — a decrease of 3.4 million buyers which "overshadowed a 9.8% increase in spending per buyer."

Even when issuing a buy recommendation, Seeking Alpha called it "a short-term rebound play, as the company faces longer-term risks from AI and active buyer churn."
Privacy

Despite Breach and Lawsuits, Tea Dating App Surges in Popularity (www.cbc.ca) 39

The women-only app Tea now "faces two class action lawsuits filed in California" in response to a recent breach," reports NPR — even as the company is now boasting it has more than 6.2 million users.

A spokesperson for Tea told the CBC it's "working to identify any users whose personal information was involved" in a breach of 72,000 images (including 13,000 verification photos and images of government IDs) and a later breach of 1.1 million private messages. Tea said they will be offering those users "free identity protection services." The company said it removed the ID requirement in 2023, but data that was stored before February 2024, when Tea migrated to a more secure system, was accessed in the breach... [Several sites have pointed out Tea's current privacy policy is telling users selfies are "deleted immediately."]

Tea was reportedly intended to launch in Canada on Friday, according to information previously posted on the App Store, but as of this week the launch date is now in February 2026. Tea didn't respond to CBC's questions about the apparent delay. Yet even amid the current turmoil, Tea's waitlist has ballooned to 1.5 million women, all eager to join, the company posted on Wednesday. A day later, Tea posted in its Instagram stories that it had approved "well over" 800,000 women into the app that day alone.

So, why is it so popular, despite the drama and risks?

Tea tapped into a perceived weakness of ther dating apps, according to an associate health studies professor at Ontario's Western University interviewed by the CBC, who thinks users should avoid Tea, at least until its security is restored.

Tech blogger John Gruber called the incident "yet another data point for the argument that any 'private messaging' feature that doesn't use E2EE isn't actually private at all." (And later Gruber notes Tea's apparent absence at the top of the charts in Google's Play Store. "I strongly suspect that, although Google hasn't removed Tea from the Play Store, they've delisted it from discovery other than by searching for it by name or following a direct link to its listing.")

Besides anonymous discussions about specific men, Tea also allows its users to perform background and criminal record checks, according to NPR, as well as reverse image searches. But the recent breach, besides threatening the safety of its users, also "laid bare the anonymous, one-sided accusations against the men in their dating pools." The CBC points out there's a men's rights group on Reddit now urging civil lawsuits against tea as part of a plan to get the app shut down. And "Cleveland lawyer Aaron Minc, who specializes in cases involving online defamation and harassment, told The Associated Press that his firm has received hundreds of calls from people upset about what's been posted about them on Tea."

Yet in response to Tea's latest Instagram post, "The comments were almost entirely from people asking Tea to approve them, so they could join the app."
Bug

A Luggage Service's Web Bugs Exposed the Travel Plans of Every User (wired.com) 1

An anonymous reader quotes a report from Wired: An airline leaving all of its passengers' travel records vulnerable to hackers would make an attractive target for espionage. Less obvious, but perhaps even more useful for those spies, would be access to a premium travel service that spans 10 different airlines, left its own detailed flight information accessible to data thieves, and seems to be favored by international diplomats. That's what one team of cybersecurity researchers found in the form of Airportr, a UK-based luggage service that partners with airlines to let its largely UK- and Europe-based users pay to have their bags picked up, checked, and delivered to their destination. Researchers at the firm CyberX9 found that simple bugs in Airportr's website allowed them to access virtually all of those users' personal information, including travel plans, or even gain administrator privileges that would have allowed a hacker to redirect or steal luggage in transit. Among even the small sample of user data that the researchers reviewed and shared with WIRED they found what appear to be the personal information and travel records of multiple government officials and diplomats from the UK, Switzerland, and the US.

Airportr's CEO Randel Darby confirmed CyberX9's findings in a written statement provided to WIRED but noted that Airportr had disabled the vulnerable part of its site's backend very shortly after the researchers made the company aware of the issues last April and fixed the problems within a few day. "The data was accessed solely by the ethical hackers for the purpose of recommending improvements to Airportr's security, and our prompt response and mitigation ensured no further risk," Darby wrote in a statement. "We take our responsibilities to protect customer data very seriously." CyberX9's researchers, for their part, counter that the simplicity of the vulnerabilities they found mean that there's no guarantee other hackers didn't access Airportr's data first. They found that a relatively basic web vulnerability allowed them to change the password of any user to gain access to their account if they had just the user's email address -- and they were also able to brute-force guess email addresses with no rate limitations on the site. As a result, they could access data including all customers' names, phone numbers, home addresses, detailed travel plans and history, airline tickets, boarding passes and flight details, passport images, and signatures.

By gaining access to an administrator account, CyberX9's researchers say, a hacker could also have used the vulnerabilities it found to redirect luggage, steal luggage, or even cancel flights on airline websites by using Airportr's data to gain access to customer accounts on those sites. The researchers say they could also have used their access to send emails and text messages as Airportr, a potential phishing risk. Airportr tells WIRED that it has 92,000 users and claims on its website that it has handled more than 800,000 bags for customers. [...] The researchers found that they could monitor their browser's communications as they signed up for Airportr and created a new password, and then reuse an API key intercepted from those communications to instead change another user's password to anything they chose. The site also lacked a "rate limiting" security measure that would prevent automated guesses of email addresses to rapidly change the password of every user's account. And the researchers were also able to find email addresses of Airportr administrators that allowed them to take over their accounts and gain their privileges over the company's data and operations.
"Anyone would have been able to gain or might have gained absolute super-admin access to all the operations and data of this company," says Himanshu Pathak, CyberX9's founder and CEO. "The vulnerabilities resulted in complete confidential private information exposure of all airline customers in all countries who used the service of this company, including full control over all the bookings and baggage. Because once you are the super-admin of their most sensitive systems, you have have the ability to do anything."
IT

Belgium Bans Internet Archive's 'Open Library' (torrentfreak.com) 34

A Brussels court has issued an unusually broad site-blocking order targeting Internet Archive's Open Library alongside shadow libraries including Anna's Archive, Libgen, and Z-Library. The order, requested by publishing and author organizations, directs an unprecedented range of intermediaries to take action beyond traditional ISP blocks.

Search engines, DNS resolvers, advertisers, domain name services, CDNs, hosting companies, and payment processors -- including Google, Microsoft, Cloudflare, Amazon Web Services, PayPal, and Starlink -- must restrict access to the targeted sites. The court found "clear and significant infringement" in the ex parte proceeding.
Google

Google Backpedals On Goo.gl Shutdown To Preserve Active Links (nerds.xyz) 19

BrianFagioli writes: Google is changing its mind about killing off all goo.gl short links. The company had originally planned to shut them down entirely by August 25, 2025. That decision sparked concern among developers, educators, journalists, and everyday users who rely on these links across the web.

Now, just weeks before the deadline, Google is taking a softer approach. It turns out the company is only going to disable goo.gl links that haven't seen any activity since late 2024. If your link is still being used or clicked, it should keep working. This adjustment comes after what Google describes as community feedback.

Slashdot Top Deals