Interpol is reporting a big win after a massive combined operation against online criminals made 41 arrests and seized hardware thought to be used for nefarious purposes.
Operation Synergia II – the follow up to the first Synergia raids that were announced in February – saw cops in 95 countries crack down on phishers, ransomware extortionists, and information thieves around the world. The operation was carried out in conjunction with the corporate world, specifically Group-IB, Trend Micro, Kaspersky and Team Cymru.
In addition to the arrests, Interpol revealed 65 people are still under investigation and claimed to have shuttered 22,000 IP addresses, taken control of 59 servers and 43 other computing devices.
Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances where cybercriminals from the country have been convicted of hacking and money laundering charges.
Russian news publication Kommersant reported that a court in St. Petersburg found Artem Zaets, Alexei Malozemov, Daniil Puzyrevsky, and Ruslan Khansvyarov guilty of illegal circulation of means of payment. Puzyrevsky and Khansvyarov have also been found guilty of using and distributing malware.
...
REvil, which was once one of the most prolific ransomware groups, was dismantled after Russia's Federal Security Service (FSB) announced arrests against several members in an unprecedented takedown.
They aren't just going to prison, they're going to a Russian prison. More of this, please.
A 25-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake.
On October 30, Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka of Kitchener, Ontario, on a provisional arrest warrant from the United States. Bloomberg first reported Moucka’s alleged ties to the Snowflake hacks on Monday.
...
In a statement on Moucka’s arrest, Mandiant said UNC5537 aka Alexander ‘Connor’ Moucka has proven to be one of the most consequential threat actors of 2024.
Too bad we can't send him to a Russian prison, nyet?
So this guy has a hydraulic press and he runs both a 100 year old American sledge hammer and a new (Harbor Freight looking) Chinese one through it. The old one was unscathed; the new one gets squished.
A sledge hammer gets squished.
But then the guy returns the old one into like new condition. If you like old tools, this is 8 minutes worth your while.
One of the major data brokers engaged in the deeply alienating practice of selling detailed driver behavior data to insurers has shut down that business.
Verisk, which had collected data from cars made by General Motors, Honda, and Hyundai, has stopped receiving that data, according to The Record, a news site run by security firm Recorded Future. According to a statement provided to Privacy4Cars, and reported by The Record, Verisk will no longer provide a "Driving Behavior Data History Report" to insurers.
Skeptics have long assumed that car companies had at least some plan to monetize the rich data regularly sent from cars back to their manufacturers, or telematics. But a concrete example of this was reported by The New York Times' Kashmir Hill, in which drivers of GM vehicles were finding insurance more expensive, or impossible to acquire, because of the kinds of reports sent along the chain from GM to data brokers to insurers. Those who requested their collected data from the brokers found details of every trip they took: times, distances, and every "hard acceleration" or "hard braking event," among other data points.
You will no doubt be shocked to hear that car dealers "helped" customers opt-in, as part of getting their brand new vehicles ready for the road.
But it looks like the revenue from this didn't offset the bad PR and customer bad feelings associated with the program, and so they dropped it like a hot potato.
GM quickly announced a halt to data sharing in late March, days after the Times' reporting sparked considerable outcry. GM had been sending data to both Verisk and LexisNexis Risk Solutions, the latter of which is not signaling any kind of retreat from the telematics pipeline. LexisNexis' telematics page shows logos for carmakers Kia, Mitsubishi, and Subaru.
...
Disclosure of GM's stealthily authorized data sharing has sparked numerous lawsuits, investigations from California and Texas agencies, and interest from Congress and the Federal Trade Commission.
Act like a Rat Bastard, get treated like a Rat Bastard.
I soaked it good with PB Blaster including underneath the housing that the bolt went into. Let it soak overnight. Got my strongest ratchet and c-a-r-e-f-u-l-l-y used the cheat bar.
Out it came. Yay, me!
Thanks to everyone who left comments yesterday. Still not happy that a one hour job turned into a whole day, but onward!
Notorious ransomware gang LockBit's website has been taken over by law enforcement authorities, who claim they have disrupted the group's operations and will soon reveal the extent of an operation against the group.
...
But Europol hasreportedlytaken credit for shutting down LockBit, so perhaps Operation Cronos really has disrupted the gang’s operations.
If that's the case, this action will be welcome. LockBit is prolific and vicious: we've reported itattackinga children's hospital,Infosys, sandwich chainSubway, and many other attacks.
Reportedly there have been multiple arrests, data has been found that is expected to lead to more arrests, and multiple crypto currency accounts have been seized. Eleven countries worked together on this which is also impressive.
We will see how much impact this has but Lockbit is one of the biggest ransomware schemes out there.
And this isn't the only one of these takedowns in the last couple of months. Well done.
This is an excellent layman's introduction to what the big deal is about the Herculaneum Scrolls. Short answer: it's a very big deal indeed.
This video gives background on why Herculaneum is such a unique site, and why the scrolls discovered there could only have been found there. Highly, highly recommended.
Yes, the iPhone is a "Walled Garden" controlled by Apple. But this is a benefit that you'd expect from a walled garden:
The Apple App Store supports more than 36 million registered Apple developers, but not all of those coding partners are benign. In a report on App Store safety this week, the computing giant noted that last year it booted nearly a half-million (428,000) developer accounts from the platform for carrying out fraud and abuse.
Apple said that in all, it prevented more than $2 billion in potentially fraudulent transactions in 2022, rejecting nearly 1.7 million app submissions for privacy violations, spammy or misleading features, or containing hidden or undocumented capabilities.
It also dismantled 282 million customer accounts for fraud and blocked nearly 105,000 Apple Developer Program enrollments for suspected malicious activities before they could submit apps to the App Store. And it detected and blocked more than 147 million fraudulent ratings and reviews.
This costs them money, but it keeps the App Store in better shape than the equivalent for Android which is stuffed to the gills with malware. Well done, Apple. Credit where credit is due.
If you're not a tech nerd like me you might want to skip this post, but there's a significant move being made to make the base operating system more secure by rewriting it in the Rust programming language. Unlike most other languages, Rust is memory-safe. What this means is that we don't think that buffer overflow attacks will work against key OS components like sudo and su.
Buffer overflow attacks have been around for 30 years - Smashing The Stack For Fun And Profit goes all the way back to Phrack 49 in 1996. Buffer overflow attacks allow a Bad Guy to execute arbitrary code under the privilege of the attacked program - for OS binaries and drivers, this is root or System or something that you really, really don't want to happen.
Also, Microsoft is also implementing this for some of their OS drivers.
In layman's terms, this is replacing a 50 year old rusty road bridge with a brand new one that is up to modern safety standards. This kind of work isn't sexy but it's very important to the industry. Well done, everybody!
Wirecutter (you do read him every day, right? I thought so.) posts a complete concert of Allison Krauss and Union Station, which includes this song. Listening, it made me think on the weakness of Music Criticism, the dissection of songs. It made me think on the saying "All you need are three chords and the truth." This song is not sophisticated, musically speaking. But it speaks directly to the heart, with the volume turned up to eleven.
It made me ponder that it's been a while since I've posted a love letter to The Queen Of The World, and shame on me. But the lyrics here speak the truth: she literally caught me when I fell.
Allison Krauss and Union Station need no introduction; if you've never heard of them just listen to this. And listen to how how when the band first starts to play the song the crowd starts to cheer, and then settles down to "quiet as a church mouse". And at the end the applause goes on, and on, and on. That's Allison Krauss and Union Station. Oh, and this bit from her Wikipedia bio kind of sums up the phenomenon that is Allison Krauss:
It's amazing how you can speak right to my heart Without saying a word, you can light up the dark Try as I may I could never explain What I hear when you don't say a thing
The smile on your face lets me know that you need me There's a truth in your eyes saying you'll never leave me The touch of our hands say you'll catch me if ever I fall You say it best when you say nothing at all
All day long I can hear people talking aloud But when you hold me near, you drown out the crowd Old Mr. Webster could never define What's being said between your heart and mine
The smile on your face lets me know that you need me There's a truth in your eyes saying you'll never leave me The touch of our hands say you'll catch me if ever I fall You say it best when you say nothing at all
The smile on your face lets me know that you need me There's a truth in your eyes saying you'll never leave me The touch of our hands say you'll catch me if ever I fall You say it best when you say nothing at all
I would be remiss if I didn't also mention the band, especially Ron Block (guitar) and Jerry Douglass (perhaps the world's greatest dobro player).
Thanks, Wirecutter. And double thanks to my sweetheart.
And if you go to Key West, you can visit them at the Monroe County Sheriff's Office Children's Animal Farm. It's located at the county jail, and got started more or less by accident:
The farm was started in 1994 in an open area underneath the jail facility. The Stock Island Detention Center was built to withstand a Category Five Hurricane, and is built on stilts, about 11 feet above the ground. Underneath the building is employee parking, and a secure fenced area used for the evacuation of inmates in the case of a fire. It was in this evacuation area, initially a graveled area not used for anything else, that the farm was started.
The farm began as a haven for homeless animals. The first inhabitants were Muscovy ducks and a group of chickens which were plaguing a nearby golf course and were being killed on a regular basis by vehicles traveling on the road leading to the jail. A short time after the chickens and ducks were brought to the area, the SPCA in Miami called and asked if the facility would have space for a blind horse they had found abandoned in their area. Using inmate labor, a pen was created for the horse, who was christened Angel, and the animal farm was born. Since, it has blossomed into a beautiful park, complete with an large aviary, reptile exhibit, rabbit warren, farm animals and other domestic and exotic animal species.
The inmates work the farm, taking care of the animals, under the supervision of one of the Deputies. I must say that The Queen Of The World and I heartily approve of this. It rescues animals, and it has got to be good for the inmates.
Note that they have an Amazon wish list for the animals, if you want to send something. TQOTW sent some baby food to Kinx the Kinkajou (a rain forest species).
Bravo to the Monroe County Sheriff for a very creative effort. We intend to visit the next time we're in Key West.
The Ventures are an interesting band. They're the most successful rock band in Japanese history (and that's not shabby, as Japan has bought more records than any country but the USA). They're in the Rock 'n Roll Hall of Fame. They have a Grammy. Sadly, a lot of them are dead. Interestingly for a rock band, the cause of death was mostly old age.
But their first drummer was when they were in High School. George Babbitt was a drummer in the marching band, and joined them when they recorded this song, their very first hit. Then he graduated and joined the Air Force. Thirty-odd years later, he was a four star general. When they played a gig for the Air Force, they asked him to sit in on drums. He obliged, in full uniform.
This was 38 or 39 years after his days in the band, when he was Commander, Air Force Material Command (COMAFMC). GEN Babbitt retired two years after this concert. He seems to still be alive at the ripe old age of 80.
This post was inspired by one over at American Digest, which has a different (and more surf) song by the band.
Longtime readers will no doubt be shocked to find out that I am a nerd, and have been for a long time. Back in the 1970s I subscribed to Galaxy science fiction magazine in no small measure because of Jerry Pournelle's monthly column "A Step Farther Out" about space and space technology.
I've just run across a blog that is basically this for the modern age: Casey Handmer is a former JPL techie who seems to be in one of the many space exploration companies that are popping up everywhere these days*. I think I ran across his blog via a link at The Silicon Graybeard, but Handmer doesn't focus on "what's the space news from this week" - rather, it's in-depth discussion of fascinating topics that I either didn't know, or topics that I thought I did know but actually knew wrong. Here is a smattering of some of the most interesting ones:
Historically, mission/system design has been grievously afflicted by absurdly harsh mass constraints, since launch costs to LEO are as high as $10,000/kg and single launches cost hundreds of millions. This in turn affects schedule, cost structure, volume, material choices, labor, power, thermal, guidance/navigation/control, and every other aspect of the mission. Entire design languages and heuristics are reinforced, at the generational level, in service of avoiding negative consequences of excess mass. As a result, spacecraft built before Starship are a bit like steel weapons made before the industrial revolution. Enormously expensive as a result of embodying a lot of meticulous labor, but ultimately severely limited compared to post-industrial possibilities.
Starship obliterates the mass constraint and every last vestige of cultural baggage that constraint has gouged into the minds of spacecraft designers. There are still constraints, as always, but their design consequences are, at present, completely unexplored. We need a team of economists to rederive the relative elasticities of various design choices and boil them down to a new set of design heuristics for space system production oriented towards maximizing volume of production. Or, more generally, maximizing some robust utility function assuming saturation of Starship launch capacity. A dollar spent on mass optimization no longer buys a dollar saved on launch cost. It buys nothing. It is time to raise the scope of our ambition and think much bigger.
He then goes on to think bigger. There's all sorts of things wrong in this world, but what's happening in space is not on that list. We are witnessing the birth of The industry of the 21st Century, just like aviation was the industry of the 20th.
Pournelle wrote a column when the Space Shuttle Enterprise first flew, comparing it to the DC-3 "Gooney Bird". I think that Starship is the actual space DC-3. It will make space travel routine, in ways that we can't imagine any better than someone looking at the first DC-3 in 1935 could. They would never have figured on Freddy Laker's People's Express; we can't imagine what a Moon Shuttle will be.
