Feed aggregator

Threat Actors Exploit Windows and Linux Server Vulnerabilities to Deploy Web Shells  gbhackers.com

Threat Actors Exploit Windows and Linux Server Vulnerabilities to Deploy Web Shells  gbhackers.com

Threat Actors Exploit Windows and Linux Server Vulnerabilities to Deploy Web Shells  GBHackers News

Threat Actors Exploit Windows and Linux Server Vulnerabilities to Deploy Web Shells  GBHackers News

Threat Actors Exploit Windows and Linux Server Vulnerabilities to Deploy Web Shells  GBHackers News

Threat Actors Exploit Windows and Linux Server Vulnerabilities to Deploy Web Shells  GBHackers News

The Canadian government has ordered Chinese surveillance camera manufacturer Hikvision to cease operations in Canada over national security concerns, Industry Minister Melanie Joly said late on Friday. From a report: Hikvision, also known as Hangzhou Hikvision Digital Technology Co, has faced numerous sanctions and restrictions by Canada's neighbor, the United States, over the past five and a half years for the firm's dealings and the use of its equipment in China's Xinjiang region, where rights groups have documented abuses against the Uyghur population and other Muslim communities. "The government has determined that Hikvision Canada's continued operations in Canada would be injurious to Canada's national security," Joly said on X, adding that the decision was taken after a multi-step review of information provided by Canada's security and intelligence community."

Read more of this story at Slashdot.

Graphic artists in China are pushing back against AI image generators, which they say "profoundly shifts clients' perception of their work, specifically in terms of how much that work costs and how much time it takes to produce," reports The Verge. "Freelance artists or designers working in industries with clients that invest in stylized, eye-catching graphics, like advertising, are particularly at risk." From the report: Long before AI image generators became popular, graphic designers at major tech companies and in-house designers for large corporate clients were often instructed by managers to crib aesthetics from competitors or from social media, according to one employee at a major online shopping platform in China, who asked to remain anonymous for fear of retaliation from their employer. Where a human would need to understand and reverse engineer a distinctive style to recreate it, AI image generators simply create randomized mutations of it. Often, the results will look like obvious copies and include errors, but other graphic designers can then edit them into a final product. "I think it'd be easier to replace me if I didn't embrace [AI]," the shopping platform employee says. Early on, as tools like Stable Diffusion and Midjourney became more popular, their colleagues who spoke English well were selected to study AI image generators to increase in-house expertise on how to write successful prompts and identify what types of tasks AI was useful for. Ultimately, it was useful for copying styles from popular artists that, in the past, would take more time to study. "I think it forces both designers and clients to rethink the value of designers," Jia says. "Is it just about producing a design? Or is it about consultation, creativity, strategy, direction, and aesthetic?" [...] Across the board, though, artists and designers say that AI hype has negatively impacted clients' view of their work's value. Now, clients expect a graphic designer to produce work on a shorter timeframe and for less money, which also has its own averaging impact, lowering the ceiling for what designers can deliver. As clients lower budgets and squish timelines, the quality of the designers' output decreases. "There is now a significant misperception about the workload of designers," [says Erbing, a graphic designer in Beijing who has worked with several ad agencies and asked to be called by his nickname]. "Some clients think that since AI must have improved efficiency, they can halve their budget." But this perception runs contrary to what designers spend the majority of their time doing, which is not necessarily just making any image, Erbing says.

Read more of this story at Slashdot.

Japanese politicians failed to pass legislation last month that would have allowed married couples to keep separate surnames, despite surveys showing majority public support for the change. Japan remains the only country requiring married couples by law to share the same surname, with women taking their husband's name in 95% of cases. The ruling Liberal Democratic Party's skepticism blocked opposition bills aimed at reforming the system. Keidanren, Japan's largest business lobby, says the current law "hinders women's advancement" as name changes complicate professional reputations. A study by NGO Asuniwa suggests reform could prompt 590,000 cohabiting couples to marry legally, potentially boosting Japan's birth rate since strong stigmas discourage births outside marriage. Some couples have developed workarounds. Teachers Uchiyama Yukari and Koike Yukio have divorced and remarried three times to sidestep the law, living unmarried most of the time but remarrying for each child's birth registration before divorcing again.

Read more of this story at Slashdot.

Seven people have now received Neuralink's N1 brain implant, which enables individuals with ALS or spinal cord injuries to control a computer with their thoughts. PCMag reports: In a February 2025 update, Neuralink confirmed that three people had received its brain-computer interface (BCI). That increased to five by June, when it also reported a $650 million funding round. We're now at seven, Barrow tweeted today; Neuralink retweeted that message. Six of the seven are participating in the PRIME study, conducted by Barrow, which handles the implantations from its Phoenix, Arizona, office. It aims to prove that the N1 implant, the R1 surgical robot, and the N1 User App on the computer are safe and effective, according to the program brochure. (No BCIs have been approved by the US Food and Drug Administration.) Participants in the study get the implant through a surgery in which a custom-built robotic arm drills a hole in their skull and implants the device. The implant connects to a computer via Bluetooth, allowing patients to move the cursor, select words to type, browse the web, and even play video games -- a favorite activity of Neuralink's first human patient, Noland Arbaugh, who can do this all without moving any limbs or fingers. [...] Arbaugh, now 31, became paralyzed during a diving accident. Other Neuralink patients include Alex, a former machine parts builder who lost function of his arms and uses his N1 Implant to design 3D machine parts with computer-aided design (CAD). The third patient is Brad, the first person with ALS to receive the N1 implant, according to Barrow. Mike is the fourth patient, and "the first person with a full-time job to use the N1 Implant," Barrow says. "He worked as a survey technician for city government and spent the majority of his time in the field until his ALS made the work too difficult. Like Alex, Mike has used CAD software with his Neuralink device to continue doing survey work from home and provide for his family." The fifth publicly named patient is RJ, a veteran who became paralyzed after a motorcycle accident, according to the University of Miami. The other two patients remain anonymous, but we can expect Neuralink to continue recruiting more people (here's how to apply).

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: The Danish government is to clamp down on the creation and dissemination of AI-generated deepfakes by changing copyright law to ensure that everybody has the right to their own body, facial features and voice. The Danish government said on Thursday it would strengthen protection against digital imitations of people's identities with what it believes to be the first law of its kind in Europe. Having secured broad cross-party agreement, the department of culture plans to submit a proposal to amend the current law for consultation before the summer recess and then submit the amendment in the autumn. It defines a deepfake as a very realistic digital representation of a person, including their appearance and voice. The Danish culture minister, Jakob Engel-Schmidt, said he hoped the bill before parliament would send an "unequivocal message" that everybody had the right to the way they looked and sounded. He told the Guardian: "In the bill we agree and are sending an unequivocal message that everybody has the right to their own body, their own voice and their own facial features, which is apparently not how the current law is protecting people against generative AI." He added: "Human beings can be run through the digital copy machine and be misused for all sorts of purposes and I'm not willing to accept that." The changes to Danish copyright law will, once approved, theoretically give people in Denmark the right to demand that online platforms remove such content if it is shared without consent. It will also cover "realistic, digitally generated imitations" of an artist's performance without consent. Violation of the proposed rules could result in compensation for those affected. The government said the new rules would not affect parodies and satire, which would still be permitted. "Of course this is new ground we are breaking, and if the platforms are not complying with that, we are willing to take additional steps," said Engel-Schmidt. He expressed hope that other European countries will follow suit and warned that "severe fines" will be imposed if tech platforms fail to comply.

Read more of this story at Slashdot.

Tech companies Google and Palo Alto Networks are sounding the alarm over the "Scattered Spider" hacking group's interest in the aviation sector. From a report: In a statement posted on LinkedIn, Sam Rubin, an executive at Palo Alto's cybersecurity-focused Unit 42, said his company had "observed Muddled Libra (also known as Scattered Spider) targeting the aviation industry." In a similar statement, Charles Carmakal, an executive with Alphabet-owned Google's cybersecurity-focused Mandiant unit, said his company was "aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider." Axios adds: The group of mostly Western, English-speaking hackers has been on a months-long spree that's prompted operational disruptions at grocery suppliers, major retail storefronts and insurance companies in the U.S. and U.K. Hawaiian Airlines said Thursday it's addressing a "cybersecurity incident" that affected some of its IT systems. Canadian airline WestJet faced a similar incident last week that caused outages for some of its systems and mobile app. A source familiar with the incidents told Axios that Scattered Spider was likely behind the WestJet incident.

Read more of this story at Slashdot.

Canonical’s Revenue Soars to $300M in 2024  WebProNews

Steven J. Vaughan-Nichols writes in an opinion piece for The Register: Microsoft, tactically admitting it has failed at talking all the Windows 10 PC users into moving to Windows 11 after all, is -- sort of, kind of -- extending Windows 10 support for another year. For most users, that means they'll need to subscribe to Microsoft 365. This, in turn, means their data and meta-information will be kept in a US-based datacenter. That isn't sitting so well with many European Union (EU) organizations and companies. It doesn't sit that well with me or a lot of other people either. A few years back, I wrote in these very pages that Microsoft didn't want you so much to buy Windows as subscribe to its cloud services and keep your data on its servers. If you wanted a real desktop operating system, Linux would be almost your only choice. Nothing has changed since then, except that folks are getting a wee bit more concerned about their privacy now that President Donald Trump is in charge of the US. You may have noticed that he and his regime love getting their hands on other people's data. Privacy isn't the only issue. Can you trust Microsoft to deliver on its service promises under American political pressure? Ask the EU-based International Criminal Court (ICC) which after it issued arrest warrants for Israeli Prime Minister Benjamin Netanyahu for war crimes, Trump imposed sanctions on the ICC. Soon afterward, ICC's chief prosecutor, Karim Khan, was reportedly locked out of his Microsoft email accounts. Coincidence? Some think not. Microsoft denies they had anything to do with this. Peter Ganten, chairman of the German-based Open-Source Business Alliance (OSBA), opined that these sanctions ordered by the US which he alleged had been implemented by Microsoft "must be a wake-up call for all those responsible for the secure availability of state and private IT and communication infrastructures." Microsoft chairman and general counsel, Brad Smith, had promised that it would stand behind its EU customers against political pressure. In the aftermath of the ICC reports, Smith declared Microsoft had not been "in any way [involved in] the cessation of services to the ICC." In the meantime, if you want to reach Khan, you'll find him on the privacy-first Swiss email provider, ProtonMail. In short, besides all the other good reasons for people switching to the Linux desktop - security, Linux is now easy to use, and, thanks to Steam, you can do serious gaming on Linux - privacy has become much more critical. That's why several EU governments have decided that moving to the Linux desktop makes a lot of sense... Besides, all these governments know that switching from Windows 10 to 11 isn't cheap. While finances also play a role, and I always believe in "following the money" when it comes to such software decisions, there's no question that Europe is worried about just how trustworthy America and its companies are these days. Do you blame them? I don't. The shift to the Linux desktop is "nothing new," as Vaughan-Nichols notes. Munich launched its LiMux project back in 2004 and, despite ending it in 2017, reignited its open-source commitment by establishing a dedicated program office in 2024. In France, the gendarmerie now operates over 100,000 computers on a custom Ubuntu-based OS (GendBuntu), while the city of Lyon is transitioning to Linux and PostgreSQL. More recently, Denmark announced it is dropping Windows and Office in favor of Linux and LibreOffice, citing digital sovereignty. The German state of Schleswig-Holstein is following suit, also moving away from Microsoft software. Meanwhile, a pan-European Linux OS (EU OS) based on Fedora Kinoite is being explored, with Linux Mint and openSUSE among the alternatives under consideration.

Read more of this story at Slashdot.

Steven J. Vaughan-Nichols writes in an opinion piece for The Register: Microsoft, tactically admitting it has failed at talking all the Windows 10 PC users into moving to Windows 11 after all, is -- sort of, kind of -- extending Windows 10 support for another year. For most users, that means they'll need to subscribe to Microsoft 365. This, in turn, means their data and meta-information will be kept in a US-based datacenter. That isn't sitting so well with many European Union (EU) organizations and companies. It doesn't sit that well with me or a lot of other people either. A few years back, I wrote in these very pages that Microsoft didn't want you so much to buy Windows as subscribe to its cloud services and keep your data on its servers. If you wanted a real desktop operating system, Linux would be almost your only choice. Nothing has changed since then, except that folks are getting a wee bit more concerned about their privacy now that President Donald Trump is in charge of the US. You may have noticed that he and his regime love getting their hands on other people's data. Privacy isn't the only issue. Can you trust Microsoft to deliver on its service promises under American political pressure? Ask the EU-based International Criminal Court (ICC) which after it issued arrest warrants for Israeli Prime Minister Benjamin Netanyahu for war crimes, Trump imposed sanctions on the ICC. Soon afterward, ICC's chief prosecutor, Karim Khan, was reportedly locked out of his Microsoft email accounts. Coincidence? Some think not. Microsoft denies they had anything to do with this. Peter Ganten, chairman of the German-based Open-Source Business Alliance (OSBA), opined that these sanctions ordered by the US which he alleged had been implemented by Microsoft "must be a wake-up call for all those responsible for the secure availability of state and private IT and communication infrastructures." Microsoft chairman and general counsel, Brad Smith, had promised that it would stand behind its EU customers against political pressure. In the aftermath of the ICC reports, Smith declared Microsoft had not been "in any way [involved in] the cessation of services to the ICC." In the meantime, if you want to reach Khan, you'll find him on the privacy-first Swiss email provider, ProtonMail. In short, besides all the other good reasons for people switching to the Linux desktop - security, Linux is now easy to use, and, thanks to Steam, you can do serious gaming on Linux - privacy has become much more critical. That's why several EU governments have decided that moving to the Linux desktop makes a lot of sense... Besides, all these governments know that switching from Windows 10 to 11 isn't cheap. While finances also play a role, and I always believe in "following the money" when it comes to such software decisions, there's no question that Europe is worried about just how trustworthy America and its companies are these days. Do you blame them? I don't. The shift to the Linux desktop is "nothing new," as Vaughan-Nichols notes. Munich launched its LiMux project back in 2004 and, despite ending it in 2017, reignited its open-source commitment by establishing a dedicated program office in 2024. In France, the gendarmerie now operates over 100,000 computers on a custom Ubuntu-based OS (GendBuntu), while the city of Lyon is transitioning to Linux and PostgreSQL. More recently, Denmark announced it is dropping Windows and Office in favor of Linux and LibreOffice, citing digital sovereignty. The German state of Schleswig-Holstein is following suit, also moving away from Microsoft software. Meanwhile, a pan-European Linux OS (EU OS) based on Fedora Kinoite is being explored, with Linux Mint and openSUSE among the alternatives under consideration.

Read more of this story at Slashdot.

"Tyr" Announced As New Rust-Written Linux Kernel Graphics Driver  Phoronix

Longtime Slashdot reader sinij shares a report from Car and Driver with the comment: "Lack of visibility is a significant consequence of improving safety on the front overlap crash testing." Here's an excerpt from the report: The Insurance Institute for Highway Safety has a new method to look at what drivers can't look at, and the results of a DOT study using the method suggest that things have gotten worse over the past quarter-century. [...] For the study, researchers with the U.S. Department of Transportation's Volpe Center used the IIHS method to examine every generation of some popular vehicles sold between 1997 and 2023. The models chosen were the Chevrolet Suburban, the Ford F-150, the Honda Accord, the Honda CR-V, the Jeep Grand Cherokee, and the Toyota Camry. The analysis measured how much of a 10-meter radius is visible to a driver; this distance was chosen because that's approximately how much space a driver needs to react and stop when traveling at 10 mph. The study also measured visibility between 10 and 20 meters from the vehicle. The biggest model-specific difference was observed with the Honda CR-V. In a 1997 model, the researchers measured 68 percent visibility, while the 2022 came in at just 28 percent. In a 2000 Suburban, the study measured 56 percent visible area within the 10-meter radius, but in a 2023 model it was down to 28 percent. The study concluded that higher hoods on newer versions of both models had the biggest impact on outward visibility. The F-150 started out with low visibility (43% for a 1997 model) and also declined (36% for the 2015 version). The two sedans in the study saw the least regression: A 2003 Accord was measured at 65 percent visibility, with the 2023 close behind at 60 percent, and the Camry went from 61 percent for the 2007 model to 57 percent for a 2023. Results for visibility between 10 and 20 meters were mixed, with some improving and others decreasing over subsequent generations. While this is not conclusive evidence across the industry, the results from these representative vehicles suggest an overall decline in outward frontal visibility. The study also notes that, during the same time period, pedestrian and bicyclist deaths on U.S. roads increased dramatically -- 37 and 42 percent, respectively. There's likely at least some causation with that correlation, even when you consider the addition of features such as automated emergency braking that are meant to intervene and prevent such collisions.

Read more of this story at Slashdot.

GEEKDeck Is A SteamDeck For Your Living Room  Hackaday

Federal Reserve Chair Jerome Powell told the U.S. Senate that while AI hasn't yet dramatically impacted the economy or labor market, its transformative effects are inevitable -- though the timeline remains uncertain. The Register reports: Speaking to the US Senate Banking Committee on Wednesday to give his semiannual monetary policy report, Powell told elected officials that AI's effect on the economy to date is "probably not great" yet, but it has "enormous capabilities to make really significant changes in the economy and labor force." Powell declined to predict how quickly that change could happen, only noting that the final few leaps to get from a shiny new technology to practical implementation can be a slow one. "What's happened before with technology is that it seems to take a long time to be implemented," Powell said. "That last phase has tended to take longer than people expect." AI is likely to follow that trend, Powell asserted, but he has no idea what sort of timeline that puts on the eventual economy-transforming maturation point of artificial intelligence. "There's a tremendous uncertainty about the timing of [economic changes], what the ultimate consequences will be and what the medium term consequences will be," Powell said. [...] That continuation will be watched by the Fed, Powell told Senators, but that doesn't mean he'll have the power to do anything about it. "The Fed doesn't have the tools to address the social issues and the labor market issues that will arise from this," Powell said. "We just have interest rates."

Read more of this story at Slashdot.

An anonymous reader quotes a report from UploadVR: Software developer Stijn Spanhove used the newest SDK features of Snap OS to build a prototype of [a real-world ad blocker for Snap Spectacles]. If you're unfamiliar, Snap Spectacles are a bulky AR glasses development kit available to rent for $99/month. They run Snap OS, the company's made-for-AR operating system, and developers build apps called Lenses for them using Lens Studio or WebXR. Spanhove built the real-world ad blocker using the new Depth Module API of Snap OS, integrated with the vision capability of Google's Gemini AI via the cloud. The Depth Module API caches depth frames, meaning that coordinate results from cloud vision models can be mapped to positions in 3D space. This enables detecting and labeling real-world objects, for example. Or, in the case of Spanhove's project, projecting a red rectangle onto real-world ads. However, while the software approach used for Spanhove's real-world ad blocker is sound, two fundamental hardware limitations mean it wouldn't be a practical way to avoid seeing ads in your reality. Firstly, the imagery rendered by see-through transparent AR systems like Spectacles isn't fully opaque. Thus, as you can see in the demo clip, the ads are still visible through the blocking rectangle. The other problem is that see-through transparent AR systems have a very limited field of view. In the case of Spectacles, just 46 degrees diagonal. So ads are only "blocked" whenever you're looking directly at them, and you'll still see them when you're not.

Read more of this story at Slashdot.