thelucky8

joined 8 months ago
 

Archived

Here is the report (pdf) -- (archived)

Oasis Security's research team uncovered a critical vulnerability in Microsoft's Multi-Factor Authentication (MFA) implementation, allowing attackers to bypass it and gain unauthorized access to the user’s account, including Outlook emails, OneDrive files, Teams chats, Azure Cloud, and more. Microsoft has more than 400 million paid Office 365 seats, making the consequences of this vulnerability far-reaching.

The bypass was simple: it took around an hour to execute, required no user interaction and did not generate any notification or provide the account holder with any indication of trouble.

[Edit to insert the original link to the Oasis site.]

[–] thelucky8@beehaw.org 5 points 2 days ago (1 children)

What would be the alternative? One consequence of the so-called 'multi-polar world' will be a limited flow of capital between different blocs, limited cross-border investments across multiple industries, which might lead to market fragmentation and a divergence of technical standards. We could see degrees of globalization we had back in the 1990s.

Countries like Russia don't seem to care about international law (or they care only if it is in their favor). This summer, some officials also discussed the seizure of China-owned infrastructure in Europe regarding Beijing's support for Russia in its war against Ukraine. Russia and its allies will remain a threat to democracy which is their only real enemy. Russia won't stop with Ukraine if they get what they want.

So, what's the alternative?

 

Archived

The bloc’s diplomatic service, as well as some member states, are examining whether judicial decisions would be needed as a legal basis to seize the frozen assets, or if a damage calculation would be enough, said the people, who asked for anonymity to discuss the sensitive issue.

[...]

A decision to confiscate the money and hand it over to Ukraine would be a significant departure from the current approach. [...] Up to now, the EU and the Group of Seven nations have tapped the profits generated by some $300 billion in sanctioned Russian assets to provide aid to Ukraine. Under a G-7 plan, Kyiv’s allies approved a mechanism where the profits would be used to underpin a €50 billion ($52.5 billion) loan package for Kyiv.

[Confiscation of foreign assets, let alone of that size, would be unprecedented in history. While central bank reserves have been frozen many times -e.g., the United States are still holding the reserves of Iraq and Afghanistan, yet technically they remain the property of these countries. Central bank reserves of another country have never been confiscated before.]

[...]

Some EU member states are currently evaluating what effect such a move would have on the euro as a currency, the people said. They’re also assessing the potential impact of third countries deciding to withdraw assets from countries that proceed with seizures.

[...]

Kaja Kallas, the EU’s new foreign policy chief who runs its diplomatic service, said during her confirmation hearing last month that frozen assets should be tapped directly. “I will not use the word confiscation, because it’s really using the assets in a legal way,” she said.

[...]

[–] thelucky8@beehaw.org 16 points 3 days ago* (last edited 3 days ago)

@Viri4thus@feddit.org

No, Chomsky and Herman don't apply here, It was Russia that started the war. The aggressor is Putin's Russia. The "manufactured consent" -if at all- works here only with the tankies and other derailed communities.

[Edit typo.]

 

Archived

Poland decided to add several media and telecommunication firms to its list of strategic companies, which means their takeover will not be possible without government consent, Prime Minister Donald Tusk said on Wednesday.

Tusk had earlier said that private broadcasters TVN, owned by U.S. company Warner Discovery, and Polsat would be added to the list, highlighting increased concern about foreign interference. Tusk cited "hybrid war" against countries in the region.

Romania's top court annulled an ongoing presidential election this month after accusations of Russian meddling, particularly on social media. Russia denies interfering in elections in foreign countries.

"We adopted a regulation... on the basis of which we added to a list of entities subject to protection... companies such as Cyfrowy Polsat, P4 - the company that operates Play, TVN, Polsat television, T-Mobile and WB Electronics," Tusk said on Wednesday after a cabinet meeting. "This list already includes previously protected companies... such as Tauron Polska, Orlen, Emitel, Grupa Azoty, Gaspol. I do not need to justify the necessity for protection against the risk of these companies, which are key to the security of the Polish state, falling into the wrong hands."

Poland's list of strategic companies included mostly energy, chemical companies until now.

 

Archived version

[...]

Estonia PM Kristen Michal, who is hosting Sir Keir Starmer and eight other European leaders at a security summit in Tallinn, said that if the allies wanted to have peace, they needed to prepare for a defensive war against Russia that could begin in the next five or ten years.

“Russia has a mentality that war is something sacred, that this is a sacred war, and they are against everybody,” he said.

“They are against Europe, they are against Nato, they are against the United States. And the only way they would diverge from this path is if they were to meet something bigger or stronger on this path.”

Since the full-scale Russian invasion of Ukraine in 2022, defence spending across Nato as a whole has crept over 2 per cent of GDP for the first time in three decades. Twenty-three of the 32 allies have now crossed the threshold, compared with only seven before the onslaught. Poland’s budget is climbing towards 5 per cent and Estonia’s is projected to reach 3.7 per cent next year.

[...]

Last week Mark Rutte, Nato’s secretary-general, said the Europeans needed to get back to Cold War-era levels of military spending, when budgets were routinely well over 3 per cent, because the threat to their security was even greater today.

[...]

Estonian officials now say they are confident that Nato will raise the bar to 2.5 or 3 per cent in the near future, not least because the alliance’s new lists of specific requirements from each national military will force the issue.

“I believe that we’ll reach the momentum and more and more countries are understanding that they need to do more,” Hanno Pevkur, Estonia’s defence minister, told The Times. “It’s not only about the words that Trump is saying. It’s about the real needs.”

[...]

Estonian officials argue that if Ukraine can cling on until the spring then Putin will face mounting discontent within his own regime and find it harder to persuade other power brokers that Russia can outlast its opponents.

In the long run, Michal said, Russia was “absolutely” destroying its economic future. “If one were to look at Russia’s economy like we look at other economies … Russia’s economy would be like a train wreck in slow motion,” he said. “But because the [Russian] narrative is different, the Putin regime’s only way of staying in power is to continue this kind of war because during the war [its critics] cannot ask any questions”.

[...]

 

Archived

A Chinese man was arrested on the territory of a German naval base, police said on Wednesday, and a public broadcaster said prosecutors were considering spying charges.

[...]

The man was found carrying a camera at the naval base in Kiel on December 9, and that prosecutors were considering charges of taking security-endangering pictures of military installations.

"We have an open investigation into a Chinese man who was found on the territory of the marine port," said Carola Jeschke, spokesperson for Schlesweig-Holstein's criminal investigation department.

[...]

The investigation comes amid a greatly heightened focus on the security threat posed by China, whose booming car industry is an increasingly formidable competitor to Germany's economic mainstay, and which continues to cooperate with Russia even as the West seeks to isolate Moscow over its invasion of Ukraine.

Kiel, on the Baltic Sea, is home to one of the German navy's three flotillas and the dry dock where ThyssenKrupp Marine Systems builds submarines.

In October, Germany took over command of NATO's task force in the Baltic Sea, which is criss-crossed by fuel pipelines and data cables that have repeatedly been severed since the start of Russia's invasion in February 2022.

Germany's security agencies have frequently warned of an increased threat from Chinese intelligence services.

**In 2023, Kiel scrapped plans to establish a twin-city partnership with the Chinese military port of Qingdao after researchers warned that it could serve as a cover for espionage. **

[Replaced the link with a Cloudflare-free version.]

 

Archived

Around 30,000 Russians of working age die annually from HIV, according to Vadim Pokrovsky, the head of Russia’s Federal Methodological Centre for HIV/AIDS Prevention.

This figure continues to rise alongside increasing treatment costs for the government and a lack of early HIV testing.

Speaking to TASS, Pokrovsky revealed that the Russian government spends RUB70bn ($670mn) per year on HIV treatment. The epidemic is exacerbated by the loss of economically active individuals, which Pokrovsky highlighted as a critical economic blow.

“If each year we lose 30,000 young, able-bodied people who could work for another 20-30 years, that is an additional loss [to the economy],” he said.

Russia’s HIV epidemic, which has resulted in 1.7mn infections and nearly 500,000 deaths to date, stems primarily from gaps in early diagnosis and inconsistent treatment availability. Reports indicate that shortages of antiretroviral drugs, including the vital medication Dolutegravir, have emerged due to disrupted supply chains and procurement issues, with some supply tenders being cancelled altogether.

While heterosexual transmission is now the most common means of spreading HIV in Russia, marginalised groups such as drug users, sex workers and gay men remain disproportionately vulnerable. Reduced funding for HIV testing – currently 30% below the recommended levels – has further undermined efforts at early detection, despite calls from medical experts for regular screenings to prevent immune system deterioration.

 

Archived version

The guilty plea marked a significant development in U.S. efforts to curb foreign interference as China is suspected of running covert police outposts across North America, Europe and other regions with significant Chinese diaspora communities.

While China has dismissed these allegations, claiming the facilities are merely service centers assisting citizens with tasks like renewing driver's licenses, critics and officials argue the operations serve a more sinister purpose.

[...]

Chen Jinping, 60, pleaded guilty on a single count of conspiracy to act as an agent of a foreign government in Brooklyn federal court on Wednesday.

Prosecutors say Chen and his co-defendant, Lu Jianwang, opened and operated a local branch of China's Ministry of Public Security in Manhattan's Chinatown neighborhood starting in early 2022.

According to federal prosecutors, the station offered seemingly mundane services like assisting Chinese citizens in renewing driver's licenses. However, its darker purpose was to surveil and identify pro-democracy activists living in the U.S., aligning with the People's Republic of China's broader agenda of transnational repression.

[...]

 

cross-posted from: https://beehaw.org/post/17627707

On International Human Rights Day, a protest outside the Chinese Embassy in Vienna united Tibetans, Uyghurs, and Christians demanding an end to Chinese Communist Party oppression. Demonstrators called for global action against the ongoing human rights abuses and systemic oppression of marginalized communities in China by the Chinese Communist Party (CCP).

On International Human Rights Day, a significant protest unfolded outside the Chinese Embassy in Vienna as Tibetans, Uyghurs, and Chinese Christians united against ongoing oppression by the Chinese Communist Party (CCP). The event, spearheaded by the Tibetan Community Organisation in Vienna, spotlighted widespread human rights abuses by the Chinese authorities.

Leading the demonstration, Tibetan diaspora members waved flags and held banners condemning the CCP's persistent violations in Tibet. They voiced concerns over issues such as the demolition of monasteries, enforced relocation of Tibetan children, and what many called cultural genocide. The protesters urged global recognition of these atrocities and pressed for international intervention to halt Chinese repressive policies.

Uyghur activists stood alongside their Tibetan peers, highlighting the severe persecution faced by Uyghurs, including mass detentions, forced labor, and the destruction of religious sites. Joined by Chinese Christians, who protested against the state's control over religious practices, they collectively demanded an end to CCP tyranny and urged the world to hold China accountable.

[Edit to include the link.]

 

Russian Economist Konstantin Sonin explains what a recent report on the Russian economy – which argues that “Putinomics” can both keep the war going and ensure economic growth – gets wrong.

Konstantin Sonin: [...] here are a number of artificial statistical effects that create the impression that the economy as a whole is growing. The fact is that it is not growing. In fact, two processes are taking place in the economy: a decline in people’s standard of living and a decline in consumption – in both the quantity of goods consumed and the quality of goods consumed. This is how the war is being financed [...] We get a statistical illusion.

[...]

If we take all these [official statistical] figures on faith, then we get something strange: you can take a working economy, remove a million people from the workforce – 500,000 for the war, 500,000 as emigrants – increase the costs of all transactions – because, owing to the chain of intermediaries, each transaction abroad now costs more and gets you less – and the end result is an economy producing more.

This contradicts what we know about the functioning of an economy. There is no such thing as pressing a button and producing more. Especially if your costs have increased. You can also imagine a situation where you press a button and produce more now at the expense of tomorrow, but my colleagues do not expect a downturn tomorrow.

[...]

I do not think that the people sitting at [Russia's federal statistics agency] Rosstat are deliberately tweaking the numbers. But it would not be surprising if you, presented with the opportunity to decide, roughly speaking, how to calibrate a model, you did it in such a way that it gave you the most favorable numbers.

[...]

If we roughly assume that inflation [which is officially at around 9 percent year on year at the moment] is actually underestimated by about half, then GDP growth disappears, as does the growth of real incomes [...] obviously does not exist. Because if this growth were real, we would have no idea where these real incomes are going, as there is no consumption growth in any data.

[...]

Of course, the Russian economy has not collapsed, as some hotheads predicted; it has not gone away. But for each transaction, for each item, the costs have gone up. Every unit of Russian exports is sold for less than it was sold for before. Every unit of Russian imports is bought for more than it was bought for before.

[...]

The effects we are talking about, which I believe indicate an economic deterioration, are a couple percent, single percentage points. Maybe even 10%. We have seen that GDP and other macroeconomic aggregates can halve in seven years – this was the case in the early 1990s. But did trams stop running? Did clinics stop working?

In other words, this alone does not lead to an economic collapse. [...] There is a war going on now and that it is being financed by reducing the country’s standard of living. We know from the 1970s, 1980s and 1990s that people can put up with a lot for a long time. Before my eyes, from the age of 10 to 18, we went from queues for quality products to queues for butter, and then to queues for eggs and bread.

[...]

I do not think it’s possible to assist the brain drain more than it has already been assisted [...] Russia has experienced a brain drain that is unprecedented for any country in the last half century.

[...]

Regarding capital flight, we also need to understand what it means to “encourage capital flight." [...] Dollars only make sense if our oligarch bought some goods abroad and brought them to Russia. In this case, the dollars are put to work. And what would our hypothetical oligarch invest in if he were allowed to? In the most profitable business today: circumventing sanctions. This is where the biggest margins are now. Allowing Putin’s oligarchs to invest money abroad now, allowing capital flight, would amount to subsidizing the most profitable business out there.

[...]

If Putin today decisively carries out demilitarization and reduces spending on the security services and propaganda, then yes, he can prolong the life of his regime. But if, for example, next year he increases military spending and increases spending on the security services and propaganda, then he might bring it all down in a year.

[–] thelucky8@beehaw.org 1 points 4 days ago

The Russian economy is going to face a very bad long-term future, even if the war ended today and all sanctions were lifted.

 

Archive

The Russian disinformation network Matryoshka has launched a new campaign aimed at convincing social media users that scholars and professors from top global universities are calling for the West to lift sanctions against Russia. In the videos, well-known academics can purportedly be heard urging Ukraine to surrender “historically Russian lands” — and even portraying Volodymyr Zelensky as a vampire. The campaign spreads this disinformation by cloning the voices of real professors using artificial intelligence (AI) tools.

The campaign was uncovered by the Bot Blocker project (which goes by the @antibot4navalny handle on X). The videos all follow a similar structure: a speaker introduces themselves, often citing an affiliation with renowned institutions like Cambridge, Harvard, Princeton, or the University of Bristol. The footage then transitions to segments without the speaker on screen — while their voice supposedly continues. During these moments, the voice promotes claims that Europe is suffering under anti-Russian sanctions, that the West must stop providing Ukraine with weapons and financial aid, that Zelensky is sending Ukrainian soldiers to their deaths, and that Ukraine must cede its territories to Russia.

Investigations by The Insider and Bot Blocker confirmed that the opening sections, in which the speakers appear and introduce themselves in person, were taken from real videos. The other portions, however, were artificially generated using AI, which effectively cloned the academics’ voices.

[...]

In [one] video, [Historian and University of Bristol Professor Ronald] Hutton begins by discussing the study of folklore. However, the footage then shifts to a portrait of Volodymyr Zelensky as a cloned version of Hutton's voice claims that the Ukrainian president is a vampire feeding on the lives of his citizens sent to fight in the war with Russia. The original video, from which the introductory segment was taken, genuinely focuses on folklore and vampires — but makes no reference to Zelensky or Ukraine. The Insider and Bot Blocker have identified other original recordings that were manipulated for similar fake videos.

[...]

The creators of these fake videos have used the voices and images of real academics from institutions including Cambridge, Harvard, Princeton, the University of Bristol, the University of Cumbria, and Sciences Po (Paris Institute of Political Studies). They also manipulated footage from events like the Bank of America Chicago Marathon.

[...]

The disinformation campaign known as Matryoshka began no later than September 2023, as first reported by Bot Blocker. Initially, the campaign organizers posted messages on Twitter (now X) addressed to Western media, urging them to “verify information” that proved to be fabricated materials containing anti-Ukrainian propaganda created by the organizers themselves. These posts were then widely shared by stolen accounts, allowing the content to spread rapidly across the platform.

The bots operate in a coordinated manner. One account might share a photo of supposed graffiti in Los Angeles depicting President Zelensky as a beggar, while another account calls on journalists to confirm whether the image is real or fake. In most cases, the bots spread defamatory videos targeting Ukrainians, often overlaid with logos of credible media outlets to lend an appearance of authenticity.

[...]

 

Archived

Layoffs of IT specialists in Russia have accelerated as 2024 draws to a close. According to reporting by The Bell in its subscribers-exclusive newsletter, the cutbacks have hit both tech firms and the IT divisions of companies in other industries. However, Russia’s wartime political posture has made it difficult to speak openly about economic setbacks, and businesses have labored to conceal or deny mounting troubles with IT personnel. Meduza summarizes The Bell’s report.

Multiple IT recruitment specialists told The Bell that businesses have tried to conceal information about the layoffs or denied outright that cutbacks are happening at all. One source explained that layoffs have been “quietly underway” all year, but the rate intensified in recent months. “No one is ready to make this public. They say, ‘Sure, we let some people go, sure, it was the whole department, sure, it was the entire project, but it’s not layoffs, come on,’” the source said. Another IT recruiter told The Bell that layoffs have become routine. “Entire teams are coming to us,” he explained.

The Bell reported layoffs at the social media conglomerate VK and the telecom giant MTS, though both companies deny it. The Bell’s sources also mentioned cutbacks to IT workers at the development group Samolet. (Samolet says it merely “streamlined” its IT department to eliminate redundant functions when creating a new division called Samolet Technologies.) Sberbank is also rolling back investments in testing and evaluation, reportedly by cutting contracts with outsourced IT product developers.

Additionally, the founder and former CEO of MyOffice (which designs office software intended to replace Microsoft Office products in Russia) revealed earlier this month that executives had laid off its entire senior management (who were appointed only two years earlier when Kaspersky Lab gained control over the company). The IT Workers Union has reported cutbacks at other firms, as well.

[...]

“The economy is screwed,” the source said. “IT specialists were supposedly in high demand, there was a labor shortage, and so on. But the market has no money for growth, and marketing instruments have failed. Sure, companies need marketers and IT specialists, but there’s no money [to pay them]. However, they’re hiding all this because, in Russia, the economy can’t possibly be screwed.”

[...]

 

Archived

European Union regulators are investigating whether TikTok breached the bloc’s digital rulebook by failing to deal with risks to Romania’s presidential election, which has been thrown into turmoil over allegations of electoral violations and Russian meddling.

The European Commission is escalating its scrutiny of the popular video-sharing platform after Romania’s top court canceled results of the first round of voting that resulted in an unknown far-right candidate becoming the front-runner.

The court made its unprecedented decision after authorities in the European Union and NATO member country declassified documents alleging Moscow organized a sprawling social media campaign to promote a long shot candidate, Calin Georgescu.

“Following serious indications that foreign actors interfered in the Romanian presidential elections by using TikTok, we are now thoroughly investigating whether TikTok has violated the Digital Services Act by failing to tackle such risks,” European Commission president Ursula on der Leyen said in a press release. “It should be crystal clear that in the EU, all online platforms, including TikTok, must be held accountable.”

The European Commission is the 27-nation EU’s executive arm and enforces the bloc’s Digital Services Act, a sweeping set of regulations intended to clean up social media platforms and protect users from risks such as election-related misinformation. It ordered TikTok earlier this month to retain all information related to the election.

[...]

[–] thelucky8@beehaw.org 1 points 5 days ago

How Russia prepares children in occupied Ukraine to fight against their own country

Russia is using a militaristic youth organization, Yunarmia, to foster the loyalty of teenagers in occupied parts of Ukraine and prepare them to fight in Moscow's war against their native country [...]

Russia opened the first Yunarmia branch in the occupied territories of Ukraine in Crimea months after the organisation's official formation. By September 2016, Yunarmia had spread across the Black Sea peninsula, according to Oleh Okhredko, an analyst at the Almenda Center Of Civic Education, a Ukrainian group whose activities include documenting violations of the rights of children in wartime [...]

In 2014, Russia occupied Crimea and fomented war in the Donetsk and Luhansk regions in eastern Ukraine – the Donbas [...]

Yunarmia "was created with the specific idea of the militarised reeducation of not only Russian [children] but also Ukrainian children from the occupied territories," said Kateryna Rashevska, a lawyer at the Regional Center for Human Rights, which was forced to move from Crimea to Kyiv after the Russian occupation.

By January 2022, a month before Russia's full-scale invasion of Ukraine, Yunarmia had 29,000 members in Crimea alone, according to the Russian Defence Ministry [...]

[–] thelucky8@beehaw.org 10 points 6 days ago (2 children)

This is a good question. There's is no reason why this -and a lot of other things imho- must be connected.

[–] thelucky8@beehaw.org 10 points 1 week ago* (last edited 1 week ago)

Amazon is donating $1 million to Trump’s inauguration

Bezos and the company decided on the contribution earlier this week, and communicated it to Trump’s team, according to some of the people. “Bezos is donating through Amazon,” according to a person close to Bezos. Amazon also will stream the inauguration through its Prime Video business, a separate, in-kind donation valued at $1 million, another of the people said.

Seems to be sort of a flat rate.

[–] thelucky8@beehaw.org 3 points 1 week ago

Yeah, or the West would have reacted accordingly already in 2014.

[–] thelucky8@beehaw.org 3 points 1 week ago

That's true. I corrected that now, thanks.

[–] thelucky8@beehaw.org 4 points 2 weeks ago

As an addition to the article: Douyin, the Chinese version of the Western TikTok, might work in a different way. As a study regarding visual propaganda of Douyin accounts of Chinese central and local news agencies on China's Douyin found in May 2024:

The results [of the research] delineate a divergence in focus between central and local news agencies: while the former prioritizes content related to the military, police, and firefighting, the latter emphasizes “livelihood warmth” topics. Central agencies predominantly feature soldiers, police officers, and firefighters, whereas local agencies portray individuals devoid of explicit political affiliations alongside other influencers. Emotional scrutiny unveils a contrast in strategies, with central agencies predominantly evoking emotions such as anger, disgust, fear, and intolerance, while local agencies employ anticipation, acceptance, and respect. This investigation underscores the profound influence of political authority within China’s propaganda framework, shaping both the substance and emotional resonance of political short videos within a hierarchical paradigm [...]

Owing to their distinct positions within the hierarchical framework and their varying areas of jurisdiction, local government media at each level exhibit more pronounced hierarchical disparities in their propaganda compared to the central government. In general, the closer the themes and visual characteristics are to “Military, the police, and firefighting”, the less distinguishable they are from central media. Conversely, the more they focus on “People’s livelihood and warmth”, the more likely local governments are to adopt innovative promotional strategies concerning “points” while emphasizing regional characteristics. Although the local news agencies more actively produced content on Douyin than did the central news agencies, the central news agencies received more attention from the public.

[–] thelucky8@beehaw.org 6 points 2 weeks ago (1 children)

That's fair, it doesn't make China's behavior better in any way, though.

[–] thelucky8@beehaw.org 3 points 2 weeks ago

Yes, I know of the OMEMO issues. Most users would probably find that too difficult (although it isn't imo). It's very hard to convince people of more secure, non-mainstream tools, unfortunately.

view more: next ›