Month: April 2022

Enlarge (credit: Getty Images | NurPhoto )

The last time Western sanctions hit Russia after it annexed Crimea, President Vladimir Putin turned to Huawei to rebuild and upgrade the territory’s communication infrastructure. Now, the controversial Chinese technology company is positioned to aid the Putin regime on a much larger scale, despite the threat of Washington hitting it with more sanctions.

In Crimea, Russia “ripped out Western telecom gear in the heavily militarized territory and replaced it with Huawei and ZTE,” said Hosuk Lee-Makiyama, a telecoms expert at the European Centre for International Political Economy. If Nokia and Ericsson do fully exit Russia, Moscow would “need Chinese companies more than ever, especially Huawei,” he said.

Despite an initial plunge in phone shipments, Huawei has been an early winner from the Ukraine war. Its phone sales in Russia rose 300 percent in the first two weeks of March, while other Chinese brands Oppo and Vivo also recorded triple-digit sales increases, according to analysts at MTS, Russia’s largest mobile operator.

Enlarge (credit: Aurich Lawson)

Four U.S. Senators have sent a letter to Federal Trade Commission Chairwoman Lina Khan expressing concern about Microsoft’s proposed $68.7 billion acquisition of Activision Blizzard, according to a Wall Street Journal report.

In the letter, Senators Elizabeth Warren (D-Mass.), Bernie Sanders (I-Vt.), Cory Booker (D-NJ), and Sheldon Whitehouse (D-RI) express worry that the merger could hurt efforts to hold Activision management accountable for widespread allegations of abuse, sexual harassment, and discrimination at Activision Blizzard. The letter also takes specific issue with reports that Activision CEO Bobby Kotick will be allowed to stay until the merger is finalized, and that the embattled executive might have negotiated a “graceful exit” as part of the merger talks.

“This lack of accountability, despite shareholders, employees, and the public calling for Kotick to be held responsible for the culture he created, would be an unacceptable result of the proposed Microsoft acquisition,” the letter reads in part, according to the report. The Senators also expressed general concern about “consolidation in the tech industry and its impact on workers.”

Enlarge / A Viasat Internet satellite dish in the yard of a house in Madison, Virginia. (credit: Getty Images)

Viasat—the high-speed-satellite-broadband provider whose modems were knocked out in Ukraine and other parts of Europe earlier this month—has confirmed a theory by third-party researchers that new wiper malware with possible ties to the Russian government was responsible for the attack.

In a report published Thursday, researchers at SentinelOne said they uncovered the new modem wiper and named it AcidRain. The researchers said AcidRain shared multiple technical similarities to parts of VPNFilter, a piece of malware that infected more than 500,000 home and small-office modems in the US. Multiple US government agencies—first the FBI and later organizations including the National Security Agency—have all attributed the modem malware to Russian state threat actors.

Enter ukrop

SentinelOne researchers Juan Andres Guerrero-Saade and Max van Amerongen posited that AcidRain was used in a cyberattack that sabotaged thousands of modems used by Viasat customers. Among the clues they found was the name “ukrop” for one of AcidRain’s source binaries.

(credit: Lee Hutchinson / Ars Technica)

Journalist Brian Krebs is being sued by network-equipment maker Ubiquiti for defamation over his coverage of a data breach which was eventually revealed to be the work of a company insider.

Ubiquiti initially disclosed a data breach on January 11, 2021, telling customers that the breach was minor and had occurred at a “third-party cloud provider.” But on March 30, 2021, Krebs reported that an unidentified whistleblower told him the data breach was worse than Ubiquiti had said. Krebs’ story and others like it published the next day caused Ubiquiti’s market cap to drop by $4 billion, the lawsuit alleges.

Then, in December 2021, the Department of Justice said that it had charged Nickolas Sharp “for secretly stealing gigabytes of confidential files from a New York-based technology company where he was employed.” The DOJ also said, “while purportedly working to remediate the security breach, [Sharp] extort[ed] the company for nearly $2 million for the return of the files and the identification of a remaining purported vulnerability.” Sharp reportedly worked for Ubiquiti at the time of the attack.

Enlarge (credit: Aurich Lawson / Getty Images)

Update March 31, 2022: Never mind! The Google Workspace privacy changes are not going live this week. Google originally scheduled the changes to go live March 29, but now two days after the launch date, the company says the new settings are delayed until “May 2022.” Why the update was delayed is unclear.

Original story March 29, 2022: Today is the day that Google’s controversial changes to the Google Workspace privacy settings take effect. For paying users of Google Workspace, the organization-wide “Web & App Activity” control is being removed from the administrator control panel and will be split into two different settings. We covered this announcement two months ago, but the new privacy controls started rolling out on Tuesday.

Many confusing changes are happening. First, administrators will no longer have organization-wide control over privacy settings. It will now be up to each user in an organization to hunt down and change the settings themselves. Google will not honor your previous privacy settings when it moves the controls—organizations that previously opted out of tracking will be opted back in to some tracking, and every user will now need to opt out individually.