Feed aggregator

Article URL: https://blogs.windows.com/windowsexperience/2024/11/19/windows-security-and-resiliency-protecting-your-business/

Comments URL: https://news.ycombinator.com/item?id=42190152

Points: 1

# Comments: 0

Article URL: https://github.com/NVIDIA/cuda-q-academic/blob/main/quick-start-to-quantum/01_quick_start_to_quantum.ipynb

Comments URL: https://news.ycombinator.com/item?id=42190098

Points: 2

# Comments: 1

Article URL: https://www.nature.com/articles/s41467-024-53081-z

Comments URL: https://news.ycombinator.com/item?id=42190087

Points: 2

# Comments: 3

Article URL: https://newsletter.gamediscover.co/p/how-tiny-glade-built-its-way-to-600k

Comments URL: https://news.ycombinator.com/item?id=42190065

Points: 26

# Comments: 4

Article URL: https://research.google/blog/mapping-the-ionosphere-with-the-power-of-android/

Comments URL: https://news.ycombinator.com/item?id=42190062

Points: 1

# Comments: 0

Article URL: https://cs.nyu.edu/~davise/papers/GPT-Poetry.pdf

Comments URL: https://news.ycombinator.com/item?id=42190061

Points: 1

# Comments: 0

I have a Facebook page for my business that was suspended because I was accused of "impersonating any business, celebrity, or public figure." The page shares the same name as a well-known TV show, but it predates the show, and I have a valid U.S. trademark. Unfortunately, I cannot reach Facebook by email, phone, or chat. I have filed two appeals with their intellectual property section, but both times I received the same response:

"Thanks for your message. Our team handles intellectual property issues (e.g., copyright, trademark), but it looks like you need help with something else."

I'm unsure if I can afford to hire a lawyer. If I decide to sue, which state would I need to file in? I'm in New Jersey, but would I have to sue in California? I'm feeling completely lost.

WARNING: Facebook can and will disable your page without any warning or notice, and they may not reactivate it even with a U.S. trademark. Feel free to use or modify this as needed!

Comments URL: https://news.ycombinator.com/item?id=42190048

Points: 4

# Comments: 3

Article URL: https://rubenerd.com/open-source-tools-that-tell-us-what-they-do/

Comments URL: https://news.ycombinator.com/item?id=42190028

Points: 1

# Comments: 0

Article URL: https://petapixel.com/2024/11/18/redesigning-photography-with-ai-enhanced-metalenses/

Comments URL: https://news.ycombinator.com/item?id=42190026

Points: 2

# Comments: 0

To my surprise...

>>> Describe the events occurring during the 1989 Tiananmen Square protests in China

The events surrounding the 1989 Tiananmen Square protests in Beijing, China, were a series of student-led demonstrations that took place from April to June of that year. These protests involved a significant number of students, intellectuals, and members of the general public who gathered in Tiananmen Square to demand political reform, freedom of speech, and an end to government corruption.

Key events during this period included:

1. *April 1989*: The protests began after Hu Yaobang, a former Communist Party leader known for his support of reform, died. His death triggered mourning that turned into calls for political change.

2. *May 4th Movement Anniversary*: On May 4, students in Beijing held rallies to commemorate the historic student movement of 1919, which had also called for reform and national salvation.

3. *Growth of Protests*: The protests grew significantly as more people joined. By mid-May, hundreds of thousands of people were demonstrating daily in Tiananmen Square and other cities across China.

4. *Government Response*: Initially, the Chinese government tolerated the demonstrations but increased censorship and began to crack down on protesters who were seen as too radical or disruptive.

5. *Beijing Declaration*: On May 13, student leaders issued the Beijing Declaration which outlined their demands including political reform, freedom of press, and an end to corruption.

6. *Martial Law Declared*: On May 20, Premier Li Peng declared martial law in Beijing and several other cities under the threat of military intervention.

7. *June 3rd-4th Events*: By nightfall on June 3, troops and tanks were deployed in Beijing to clear the square. The Chinese government used force to suppress the protests. Estimates vary widely, but it is believed that hundreds if not thousands of people were killed or wounded during this crackdown.

8. *International Response*: The events drew international attention and condemnation from many countries. Sanctions were imposed on China by various nations in response to the violence used against protesters.

9. *Aftermath*: Following the crackdown, the Chinese government launched a campaign to suppress information about the protests both domestically and internationally. Many participants in the demonstrations were arrested and some were executed or imprisoned. The incident remains a significant but controversial event in modern Chinese history.

The events of 1989 Tiananmen Square continue to be a sensitive topic in China, with open discussion and commemoration largely suppressed by the government.

Comments URL: https://news.ycombinator.com/item?id=42190018

Points: 2

# Comments: 2

It kind of occurs to me that maybe this would be generally useful to people with exposed web servers, so I've made it generally available at least for the moment. You should be able to hit it as often as once per hour without getting banned.

It would be better if other people offered the same looking glass to give a better global picture. I will be happy to get on a video call and help with the installs and setup, it's all on GitHub: https://github.com/m3047

I'd be perfectly happy with somebody putting a web interface in front of it, just reach out and let me know you're going to do it so that I can whitelist you and have contact info for advance notice of anything important. [Edit:] I should note that that server is not available from some cloud services for $reasons, so you really do need to reach out to me if you plan on hosting your service in the cloud.

# dig @athena.m3047.net 'web_page\;\*.keys.redis.athena.m3047' txt +short | perl -ne 'm/;([^;,]+),40.;athena/ && print "$1\n";' | sort | uniq ab2g ab2h alive.php apple-touch-icon.png apple-touch-icon-precomposed.png apply.cgi aws-secret.yaml check.js chitoge.php?chitoge config config.php connect.cgi .env env.backup .env.local .env.production .env.staging eval-stdin.php example.com/ faspex/ favicon.svg formlogin hetong.js index.cgi index.html index.php?file=tf2rghf.jpg index.php?lang=en info.php input license.txt login login.asp login.esp login?lang=en logon.html phpinfo _phpinfo.php phpinfo.php powershell reportserver routes sh shell.php teorema505?t=1 web/ wp404.php wp-config wp-json wp-login.php x.js

Comments URL: https://news.ycombinator.com/item?id=42189998

Points: 1

# Comments: 0

Article URL: https://news.mit.edu/2024/can-robots-learn-machine-dreams-1119

Comments URL: https://news.ycombinator.com/item?id=42189993

Points: 2

# Comments: 0

Article URL: https://www.tryparity.com/blog/how-meta-uses-llms-to-improve-incident-response

Comments URL: https://news.ycombinator.com/item?id=42189991

Points: 4

# Comments: 0

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company.

London-based Finastra has offices in 42 countries and reported $1.9 billion in revenues last year. The company employs more than 7,000 people and serves approximately 8,100 financial institutions around the world. A major part of Finastra’s day-to-day business involves processing huge volumes of digital files containing instructions for wire and bank transfers on behalf of its clients.

On November 8, 2024, Finastra notified financial institution customers that on Nov. 7 its security team detected suspicious activity on Finastra’s internally hosted file transfer platform. Finastra also told customers that someone had begun selling large volumes of files allegedly stolen from its systems.

“On November 8, a threat actor communicated on the dark web claiming to have data exfiltrated from this platform,” reads Finastra’s disclosure, a copy of which was shared by a source at one of the customer firms.

“There is no direct impact on customer operations, our customers’ systems, or Finastra’s ability to serve our customers currently,” the notice continued. “We have implemented an alternative secure file sharing platform to ensure continuity, and investigations are ongoing.”

But its notice to customers does indicate the intruder managed to extract or “exfiltrate” an unspecified volume of customer data.

“The threat actor did not deploy malware or tamper with any customer files within the environment,” the notice reads. “Furthermore, no files other than the exfiltrated files were viewed or accessed. We remain focused on determining the scope and nature of the data contained within the exfiltrated files.”

In a written statement in response to questions about the incident, Finastra said it has been “actively and transparently responding to our customers’ questions and keeping them informed about what we do and do not yet know about the data that was posted.” The company also shared an updated communication to its clients, which said while it was still investigating the root cause, “initial evidence points to credentials that were compromised.”

“Additionally, we have been sharing Indicators of Compromise (IOCs) and our CISO has been speaking directly with our customers’ security teams to provide updates on the investigation and our eDiscovery process,” the statement continues. Here is the rest of what they shared:

“In terms of eDiscovery, we are analyzing the data to determine what specific customers were affected, while simultaneously assessing and communicating which of our products are not dependent on the specific version of the SFTP platform that was compromised. The impacted SFTP platform is not used by all customers and is not the default platform used by Finastra or its customers to exchange data files associated with a broad suite of our products, so we are working as quickly as possible to rule out affected customers. However, as you can imagine, this is a time-intensive process because we have many large customers that leverage different Finastra products in different parts of their business. We are prioritizing accuracy and transparency in our communications.

Importantly, for any customers who are deemed to be affected, we will be reaching out and working with them directly.”

On Nov. 8, a cybercriminal using the nickname “abyss0” posted on the English-language cybercrime community BreachForums that they’d stolen files belonging to some of Finastra’s largest banking clients. The data auction did not specify a starting or “buy it now” price, but said interested buyers should reach out to them on Telegram.

abyss0’s Nov. 7 sales thread on BreachForums included many screenshots showing the file directory listings for various Finastra customers. Image: Ke-la.com.

According to screenshots collected by the cyber intelligence platform Ke-la.com, abyss0 first attempted to sell the data allegedly stolen from Finastra on October 31, but that earlier sales thread did not name the victim company. However, it did reference many of the same banks called out as Finastra customers in the Nov. 8 post on BreachForums.

The original October 31 post from abyss0, where they advertise the sale of data from several large banks that are customers of a large financial software company. Image: Ke-la.com.

The October sales thread also included a starting price: $20,000. By Nov. 3, that price had been reduced to $10,000. A review of abyss0’s posts to BreachForums reveals this user has offered to sell databases stolen in several dozen other breaches advertised over the past six months.

The apparent timeline of this breach suggests abyss0 gained access to Finastra’s file sharing system at least a week before the company says it first detected suspicious activity, and that the Nov. 7 activity cited by Finastra may have been the intruder returning to exfiltrate more data.

Maybe abyss0 found a buyer who paid for their early retirement. We may never know, because this person has effectively vanished. The Telegram account that abyss0 listed in their sales thread appears to have been suspended or deleted. Likewise, abyss0’s account on BreachForums no longer exists, and all of their sales threads have since disappeared.

It seems improbable that both Telegram and BreachForums would have given this user the boot at the same time. The simplest explanation is that something spooked abyss0 enough for them to abandon a number of pending sales opportunities, in addition to a well-manicured cybercrime persona.

In March 2020, Finastra suffered a ransomware attack that sidelined a number of the company’s core businesses for days. According to reporting from Bloomberg, Finastra was able to recover from that incident without paying a ransom.

This is a developing story. Updates will be noted with timestamps. If you have any additional information about this incident, please reach out to krebsonsecurity @ gmail.com or at protonmail.com.

Article URL: https://www.youtube.com/watch?v=8NLzc9kobDk

Comments URL: https://news.ycombinator.com/item?id=42189820

Points: 1

# Comments: 0

Article URL: https://tldr.sh/

Comments URL: https://news.ycombinator.com/item?id=42189812

Points: 1

# Comments: 0

Article URL: https://www.theverge.com/2024/11/19/24300618/bose-mcintosh-group-audio-acquisition

Comments URL: https://news.ycombinator.com/item?id=42189783

Points: 1

# Comments: 0

Article URL: https://www.ypson.com

Comments URL: https://news.ycombinator.com/item?id=42189744

Points: 1

# Comments: 1