A US-based natural gas facility shut down operations for two days after sustaining a ransomware infection that prevented personnel from receiving crucial real-time operational data from control and communication equipment, the Department of Homeland Security said on Tuesday.
Tuesday’s advisory from the DHS’s Cybersecurity and Infrastructure Security Agency, or CISA, didn’t identify the site except to say that it was a natural gas-compression facility. Such sites typically use turbines, motors, and engines to compress natural gas so it can be safely moved through pipelines.
The attack started with a malicious link in a phishing email that allowed attackers to pivot from the facility’s IT network to the facility’s OT network, which is the operational technology hub of servers that control and monitor physical processes of the facility. With that, both the IT and OT networks were infected with what the advisory described as “commodity ransomware.”
A federal judge has slapped down a Huawei lawsuit that sought to overturn a ban on federal agencies buying Huawei telecommunications gear. Congress passed the legislation, part of the military's 2019 appropriations bill, out of concern that the Chinese government could infiltrate Huawei-based networks.
Huawei had argued that the law was unconstitutional under the Constitution's ban on bills of attainder. The federal government argued that was nonsense. On Tuesday, Texas federal Judge Amos Mazzant sided with the government.
The Constitution prohibits Congress from imposing "bills of attainder"—legislation that singles out individuals for punishment without trial. This was an infamous practice in Great Britain in the decades before the American Revolution. Huawei argued that it was a "person" under US law and hence entitled to this protection.
Amazon's video doorbell system has faced criticism for not having more robust security for users.
In bringing The Witcher 3 to Nintendo Switch late last year, the porting team at Saber Interactive already pulled off an impressive feat. This week, the developer went one step further with the port's biggest patch yet, and the included quality-of-life changes just elevated its value—especially for the game's fans on PC.
The Thursday patch was hinted at by Saber in late January in a tweet that has since been deleted, and after launching exclusively in Korea in the wee hours of the morning, it began rolling out across the globe through Thursday. While developer CD Projekt Red has yet to release a comprehensive list of patch notes about smaller bug fixes and tweaks, two of its biggest changes are front and center in the opening menus: cross-save support, and an overhauled "post-processing" list of toggles.
The former only works with the game's PC version, but you're in luck whether you've purchased the game via GOG or Steam. Choose either storefront, then enter your username and password in a Web interface to confirm that you want to connect your Switch copy with your PC version. Doing this allows you to either upload or download a single save file with either service, since both support cloud saves by default. CDPR's official update includes two warnings for longtime PC players: the Switch version will only recognize save files whose names haven't been manually edited, and any saves that contain metadata from modded versions of the game could affect Switch performance.
Apple published a note to investors this week saying that it will miss its quarterly guidance for the next quarter because of the impact the COVID-19 coronavirus has had on supply lines and Chinese consumer demand. The note says that Apple expects "worldwide iPhone supply will be temporarily constrained" and that Apple and its partners may not be able to make enough iPhones to meet demand around the world.
During the company's last quarterly earnings call on January 28, it already gave an unusually large guidance range because of concerns about the health crisis, but the situation seems to be worse than Apple predicted. Several manufacturing facilities that assemble Apple products in China have been shut down amid the Chinese government's efforts to contain the virus, and the investor note says that while those facilities are now coming back online, they're still behind schedule.
"While our iPhone manufacturing partner sites are located outside the Hubei province—and while all of these facilities have reopened—they are ramping up more slowly than we had anticipated," Apple says.
Ring, Amazon's line of cloud-connected home surveillance equipment, faced a high-profile series of camera hacks late last year. That string of breaches—though traumatic for the families that were targeted—has at least finally led to one silver lining: increased security for user accounts.
Two-factor authentication of some kind is now mandatory for all accounts, Ring announced today. Every device owner and authorized user will have to enter a one-time, six-digit code, sent through email or SMS, in order to log in to a Ring account.
While email and SMS are not necessarily the most secure forms of two-factor authentication out there, either is a sight better than what Ring had been mandating before, which was nothing. The ease with which bad actors were able to access huge numbers of Ring cameras, take control of them, and harass homeowners with them was in large part due to weak security on those Ring accounts.
Even thought it was, in most ways, identical to the present planet, the Earth still looked very different at the bottom of the last ice age 20,000 years ago. The globe was around 4°C cooler on average, and ice sheets covered large portions of the Northern Hemisphere, including Canada and Scandinavia. One thing you might wonder, given how much of the planet was barely habitable, is what migratory species did.
Given the loss of all that habitat to mile-thick glacial ice and a reduced winter-summer contrast courtesy of Earth’s orbital cycles, some researchers have hypothesized that bird migration wasn’t much of a thing then. Is it possible that bird species turned this behavior on and off through the ice ages?
A team led by Yale’s Marius Somveille tested this idea with a model of the factors controlling migratory behavior—and it predicts patterns surprisingly similar to the present day.
Hackers are actively exploiting a critical WordPress plugin vulnerability that allows them to completely wipe all website databases and, in some cases, seize complete control of affected sites.
The flaw is in the ThemeGrill Demo Importer installed on some 100,000 sites, and it was disclosed over the weekend by Website security company WebARX. By Tuesday, WebArx reported that the flaw was under active exploit with almost 17,000 attacks blocked so far. Hanno Böck, a journalist who works for Golem.de, also spotted active attacks and reported them on Twitter.
If you use this plugin and your webpage hasn't been deleted yet consider yourself lucky. And remove the plugin. (Yes, remove it, don't just update.)
— hanno (@hanno) February 18, 2020
"There's currently a severe vuln in a wordpress plugin called "themegrill demo importer" that resets the whole database," Böck wrote. "https://webarxsecurity.com/critical-issue-in-themegrill-demo-importer/ It seems attacks are starting: Some of the affected webpages show a wordpress 'hello world'-post. /cc If you use this plugin and your webpage hasn't been deleted yet consider yourself lucky. And remove the plugin. (Yes, remove it, don't just update.)"
The broadband industry is suing Maine to stop a Web-browsing privacy law similar to the one killed by Congress and President Donald Trump in 2017. Industry groups claim the state law violates First Amendment protections on free speech and the Supremacy Clause of the US Constitution.
The Maine law was signed by Democratic Gov. Janet Mills in June 2019 and is scheduled to take effect on July 1, 2020. It requires ISPs to get customers' opt-in consent before using or sharing sensitive data. As Mills' announcement in June said, the state law "prohibits a provider of broadband Internet access service from using, disclosing, selling, or permitting access to customer personal information unless the customer expressly consents to that use, disclosure, sale or access. The legislation also prohibits a provider from refusing to serve a customer, charging a customer a penalty or offering a customer a discount if the customer does or does not consent to the use, disclosure, sale or access of their personal information."
Customer data protected by this law includes Web-browsing history, application-usage history, precise geolocation data, the content of customers' communications, IP addresses, device identifiers, financial and health information, and personal details used for billing.
Workers at Kickstarter voted Tuesday to form a union. It's the first time the white-collar workers at a high-profile technology company have formally chosen to be represented by a union. With growing unrest among workers at larger technology giants—including Google and Amazon—it could be the start of a trend.
Kickstarter has long been an unusual technology company. In 2015, the firm re-organized as a public benefit corporation, devoted to promoting the public interest rather than maximizing profits. In 2017, Fast Company reported that Kickstarter employed an equal number of men and women, paid its top executives less than five times more than the average employee, and was working hard to recruit interns from diverse backgrounds.
But Kickstarter became embroiled in controversy in August 2018 when it hosted a crowdfunding campaign for a comic book called "Always Punch Nazis." Conservatives cried foul, saying that Kickstarter's terms of service prohibit projects that encourage violence against others—and that some liberals have labeled mainstream conservative figures, including President Donald Trump, as Nazis.
Today's Dealmaster is headlined by a nice discount on the OnePlus 7T, one of our favorite Android phones on the market. OnePlus has the silver and blue versions of the phone down to $499 on its website, which is good for a $100 discount. Each model comes with 8GB of RAM and 128GB of storage. The deal also throws in a OnePlus car charger at checkout for no extra cost.
We gave the OnePlus 7T a positive review when it launched last fall. While it lacks wireless charging, a microSD slot, and an official water resistance rating, its build quality, unobtrusive take on Android, ultra-smooth 90Hz display, and flagship-level performance make it a better value than most Android phones that cost $300 more. Some sort of OnePlus 8 phone will inevitably launch in the coming months, but right now, the OnePlus 7T almost certainly provides the most bang for the buck if you don't want to spend more than $500 on a new phone. (This is especially the case now that stock for the largely similar OnePlus 7 Pro has seemingly run dry.) The phone will work on Verizon or GSM networks like AT&T and T-Mobile, and OnePlus gives the option to pay off the phone in monthly installments at checkout.
If you aren't in need of a new smartphone, though, we also have deals on Logitech gaming mice, Amazon Fire tablets, iPads, USB-C chargers, and much more, all of which you can find below.
Qualcomm has announced a new 5G modem, the Snapdragon X60. The modem offers aggregation between the two big forms of "5G" (Sub-6 GHz and mmWave), it has a theoretical top download speed of 7.5Gbps, and it's built on a ridiculously small 5nm manufacturing process. If that sounds like something from the distant future, well, it is! Qualcomm likes to announce these modems very far in advance. The X55 modem that will launch in smartphones this year was announced all the way back in February 2019, so this X60 modem should be on the market sometime in 2021.
The full name of this chip is the "Qualcomm Snapdragon X60 5G modem-RF System," meaning Qualcomm wants you to buy its X60 modem and separate RF antenna modules together since they are designed as one big package. Since 5G mmWave has poor signal characteristics (it can be blocked by just about everything, including your hand) Qualcomm's designs put several mmWave antenna modules all around the phone body. Paired with the X60 is Qualcomm's new QTM535 antenna module, which Qualcomm says is smaller (but it doesn't say how much smaller it is) than the current QTM525.
Qualcomm's strategy of building "modem-RF systems" for 5G is something the European Union is investigating right now for antitrust concerns. The EU is concerned that Qualcomm is using its position in the 5G modem market to try to own the RF chip market, locking out competitors like Broadcom (which tried to buy Qualcomm), Skyworks, and Qorvo.
It's been just over a year since the South Korean zombie period drama Kingdom wowed us with its masterful mix of horror, history, martial arts, and political intrigue. That all-too-short first season ended on a nail-biting cliffhanger, and we're finally about to learn what happens next, since Netflix just dropped an action-packed trailer for the second season.
(Some spoilers for S1 below.)
The series is based on a popular South Korean webcomic Kingdom of the Gods by Kim Eun-hee, who also adapted it for television. Set in Korea's Joseon period, a medieval dynasty that lasted some 500 years (1392-1897), Kingdom begins as the current king has succumbed to smallpox. His conniving young wife, Queen Cho (Kim Hye-jun), and her family have kept him artificially alive—via a "resurrection plant" that turns the king into a flesh-eating zombie—until her son is born. Her son would inherit the throne over the current Crown Prince, Lee Chang (Ju Ji-hoon), who was born to a concubine.
The North Carolina Breaking News page accumulated more than 50,000 followers in less than a month.
Today's surprise launch of a Switch version of the popular free-to-play, first-person military shooter Warface marks an important milestone for the system's growing list of ports: the first Switch game to make use of Crytek's CryEngine. Like many other high-end Switch ports, though, squeezing the game down to run on the Switch's Nvidia Tegra-based hardware comes with some significant drawbacks.
As publisher My.Games notes in a press release, getting Warface on the Switch meant "using a heavily customized version of CryEngine... running locked in 30fps/720p in TV mode and 540p in handheld and tabletop modes, providing an optimal balance of image clarity and performance."
Those are relatively low resolution numbers even for the Switch, where a wide variety of games manage to hit 1080p or 900p resolution when docked and 720p when in portable mode. There have been some notable exceptions, though, including Switch ports like Doom and The Witcher 3, where portable mode has to drop noticeably below HD resolution in order to ensure a playable game. You can see how that resolution downgrade looks for yourself in the above screenshots and below trailer for the Switch version of the game.
We tend to view the bodies of the Solar System as creations of gravity, which pulled their parts together and holds them in place as they orbit. But as we saw with ideas about the formation of Arrokoth, there are lots of situations where gravity is essentially a constant for long periods of time. And given enough of that time, relatively small forces like friction from sparse gas clouds or pressure from the light of the Sun can add up and create dramatic changes. In fact, a remarkable number of these potential influences have been identified and simulated.
One of these has been named the YORP effect, for its developers, Yarkovsky, O'Keefe, Radzievskii, and Paddack. It describes how light can alter the rotational properties of orbiting bodies. In a recent edition of the Monthly Notices of the Royal Astronomical Society, Dimitri Veras and Daniel Scheeres decided to calculate what happens as the Sun ages, the intensity of its light increases dramatically, and the entire asteroid belt gets YORPed.A (perhaps too) bright future
It's pretty widely understood that, as the Sun ages, it will expand until its outer edges come close to the Earth's orbit. What's less widely recognized is that it will get quite a lot brighter than it is at present. Other stars with masses similar to the Sun can get thousands of times brighter than the Sun in the last stages of their fusion-driven lives, allowing effects that might otherwise be a bit weak to become dominant.
After a long road to The Clone Wars’ final season, the animated series returns to wrap up a story over a decade in the making. The opening episodes of the new season—which debuts on Friday, February 21, exclusively on Disney+—are by turns thrilling, funny, and as good as anything the series’ live-action side has ever turned out.
But appreciating how far The Clone Wars has traveled to get to this point is impossible without tracing the series' previous steps.After cancellation, a return of familiar story arcs
Minor plot spoilers for the entire series, and a preview of the new episodes' plot, follow below.
The Microsoft founder said in an interview that he liked Tesla but had chosen a Porsche as his first electric car.
Over the weekend, a trip to the Californian boonies by Guardian journalist Kari Paul turned into a cautionary tale about the perils of the connected car and the Internet of Things. Paul had rented a car through a local car-sharing service called GIG Car Share, which offers a fleet of hybrid Toyota Priuses and electric Chevrolet Bolt EVs in the Bay Area and Sacramento, with plans to spend the weekend in a more rural part of the state about three hours north of Oakland. But on Sunday, she was left stranded on an unpaved road when the car's telematics system lost its cell signal. Without being able to call home, the rented Prius refused to move.
today in sharing economy struggles: our app powered car rental lost cell service on the side of a mountain in rural California and now I live here I guess pic.twitter.com/XoqqMpEwdN
— Kari Paul (@kari_paul) February 17, 2020
Adding insult to injury, Paul's cellphone was not similarly troubled by the remote location, allowing her to express her frustration, but also to talk to GIG's customer service to try to get the car back in motion. At first, the company's plan was to send a tow truck to tow the Prius a few miles closer to civilization, but that would be too easy. It appears GIG's customer service unhelpfully suggested Paul and her companion spend the night sleeping in the car and trying to start the car again the next morning. Instead, after a six-hour wait and not one but two tow trucks—the second of which Paul called herself—plus 20 (!) calls to GIG, the problem was finally solved in the early hours of Monday morning.
six hours, two tow trucks, and 20 calls to customer service later apparently it was a software issue and the car needed to be rebooted before we could use it @internetofshit pic.twitter.com/LZBZQwRJk8
— Kari Paul (@kari_paul) February 17, 2020
In fairness to GIG, on its website the company does explain that users can order an RFID card to use to lock or unlock the car in areas of poor cell service, although that isn't entirely compatible with the ability to "sign up instantly" and rent a car on the spot. It also appears to be a different approach than that taken by Car2Go (now known as Share Now), the now-defunct car-sharing service from Daimler that filled cities like Seattle and Washington, DC, with blue-and-white Smart cars. Those vehicles were geofenced to particular cities and also needed cellular reception to start a trip. But they included the option to turn the car off while still keeping the rental running, therefore only requiring the key to unlock them and turn them back on.
In a letter to the Financial Times, the billionaire argues they should be removed from their roles.