Monthly Archives: January 2021

The US Justice Department has become the latest federal agency to say its network was breached in a long and wide-ranging hack campaign that’s believed to have been backed by the Russian government.

In a terse statement issued Wednesday, Justice Department spokesman Marc Raimondi said that the breach wasn’t discovered until December 24, which is nine days after the hack campaign came to light. The hackers, Raimondi said, took control of the department’s Office 365 system and accessed email sent or received from about 3 percent of accounts. The department has more than 100,000 employees.

Investigators believe the campaign started when the hackers took control of the software distribution platform of SolarWinds, an Austin, Texas-based maker of network management software that’s used by hundreds of thousands of organizations. The attackers then pushed out a malicious update that was installed by about 18,000 of those customers. Only a fraction of

Read More

Enlarge / Side view of colorful St. Basil’s Cathedral in Moscow on Red Square in front of the Kremlin, Russia.

Hackers working for the Russian government were “likely” behind the software supply chain attack that planted a backdoor in the networks of 180,000 private companies and governmental bodies, officials from the US National Security Agency and three other agencies said on Tuesday.

The assessment—made in a joint statement that also came from the FBI, the Cybersecurity and Infrastructure Security Agency, and the Office of the Director of National Intelligence—went on to say that the hacking campaign was a “serious compromise that will require a sustained and dedicated effort to remediate.”

Russia, Russia, Russia

The statement is at odds with tweets from US President Donald Trump disputing the Russian government’s involvement and downplaying the severity of the attack, which compromised the software distribution system of Austin, Texas-based SolarWinds and used it

Read More

Hackers are attempting to exploit a recently discovered backdoor built into multiple Zyxel device models that hundreds of thousands of individuals and businesses use as VPNs, firewalls, and wireless access points.

The backdoor comes in the form of an undocumented user account with full administrative rights that’s hardcoded into the device firmware, a researcher from Netherlands-based security firm Eye Control recently reported. The account, which uses the username zyfwp, can be accessed over either SSH or through a Web interface.

A serious vulnerability

The researcher warned that the account put users at considerable risk, particularly if it were used to exploit other vulnerabilities such as Zerologon, a critical Windows flaw that allows attackers to instantly become all-powerful network administrators.

“As the zyfwp user has admin privileges, this is a serious vulnerability,” Eye Control researcher Niels Teusink wrote. “An attacker could completely compromise the confidentiality, integrity and availability of

Read More

Credit: CC0 Public Domain

Three-dimensional (3-D) printing techniques have the ability to fabricate wearable sensors with customized and complex designs compared with conventional processes. The vat photopolymerization 3-D printing technique exhibits better printing resolution, faster printing speed, and is capable of fabricating a refined structure. Due to the lack of highly conductive photocurable resins, it is difficult to prepare sensors through vat photopolymerization 3-D printing technique.

In a study published in Advanced Functional Materials, the research group led by Prof. Wu Lixin from Fujian Institute of Research on the Structure of Matter (FJIRSM) of the Chinese Academy of Sciences developed porous flexible strain (PFSS) with high stretchability and an excellent recoverability.

The researchers first synthesized a bifunctional monomer, hydrolyzably hindered urea acrylate, to create a crosslinked polymer network, preventing the dissolution of printed parts in the uncured resin. 3-D printed scaffolds can be hydrolyzed in hot water, which

Read More

Enlarge / Alexa, how do I create something that combines AI with a creepy 1980s toy?

Update, 1/2/21: It’s New Year’s weekend, and Ars staff is still enjoying some necessary downtime to prepare for a new year (and a slew of CES emails, we’re sure). While that happens, we’re resurfacing some vintage Ars stories like this 2017 project from Ars Editor Emeritus Sean Gallagher, who created generations of nightmare fuel with only a nostalgic toy and some IoT gear. Tedlexa was first born (err, documented in writing) on January 4, 2017, and its story appears unchanged below.

It’s been 50 years since Captain Kirk first spoke commands to an unseen, all-knowing Computer on Star Trek and not quite as long since David Bowman was serenaded by HAL 9000’s rendition of “A Bicycle Built for Two” in 2001: A Space Odyssey. While we’ve been talking to our computers and

Read More

PPPL physicist Gerrit Kramer with conceptual image of SPARC fusion reactor. Credit: Collage and Kramer photo by Elle Starkman/PPPL Office of Communications. SPARC image courtesy of Commonwealth Fusion Systems.

The U.S. Department of Energy’s (DOE) Princeton Plasma Physics Laboratory (PPPL) is collaborating with private industry on cutting-edge fusion research aimed at achieving commercial fusion energy. This work, enabled through a public-private DOE grant program, supports efforts to develop high-performance fusion grade plasmas. In one such project PPPL is working in coordination with MIT’s Plasma Science and Fusion Center (PSFC) and Commonwealth Fusion Systems, a start-up spun out of MIT that is developing a tokamak fusion device called “SPARC.”

The goal of the project is to predict the leakage of fast “alpha” particles produced during the reactions in SPARC, given the size and potential misalignments of the superconducting magnets that confine the plasma. These particles can create a largely self-heated

Read More