Birmingham City Council, the largest local authority in Europe, has declared itself in financial distress after troubled Oracle project costs ballooned from $25 million to around $125.5 million. The Register reports: Contributing to the publication of a legal Section 114 Notice, which says the $4.3 billion revenue organization is unable to balance the books, is a bill of up to $954 million to settle equal pay claims. In a statement today, councillors John Cotton and Sharon Thompson, leader and deputy leader respectively, said the authority was also hit by financial stress owing to issues with the implementation of its Oracle IT system. The council has made a request to the Local Government Association for additional strategic support, the statement said.

In May, Birmingham City Council said it was set to pay up to $125.5 million for its Oracle ERP system -- potentially a fourfold increase on initial estimated expenses -- in a project suffering from delays, cost over-runs, and a lack of controls. After grappling with the project to replace SAP for core HR and finance functions since 2018, the council reviewed the plan in 2019, 2020, and again in 2021, when the total implementation cost for the project almost doubled to $48.5 million. The project, dubbed Financial and People, was "crucial to an organisation of Birmingham City Council's size," a spokesperson said at the time. Cotton said the system had a problem with how it was "tracking our financial transactions and HR transactions issues as well. That's got to be fixed," he said.

Earlier this year, one insider told The Register that Oracle Fusion, the cloud-based ERP system the council is moving to, "is not a product that is suitable for local authorities, because it's very much geared towards a manufacturing/trading organization." They said the previous SAP system had been heavily customized to meet the council's needs and it was struggling to recreate these functions in Oracle.

According to Mozilla's *Privacy Not Included project, every major car brand fails to adhere to the most basic privacy and security standards in new internet-connected models, and all 25 of the brands Mozilla examined flunked the organization's test. Gizmodo reports: Mozilla found brands including BMW, Ford, Toyota, Tesla, and Subaru collect data about drivers including race, facial expressions, weight, health information, and where you drive. Some of the cars tested collected data you wouldn't expect your car to know about, including details about sexual activity, race, and immigration status, according to Mozilla. [...] The worst offender was Nissan, Mozilla said. The carmaker's privacy policy suggests the manufacturer collects information including sexual activity, health diagnosis data, and genetic data, though there's no details about how exactly that data is gathered. Nissan reserves the right to share and sell "preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes" to data brokers, law enforcement, and other third parties.

Other brands didn't fare much better. Volkswagen, for example, collects your driving behaviors such as your seatbelt and braking habits and pairs that with details such as age and gender for targeted advertising. Kia's privacy policy reserves the right to monitor your "sex life," and Mercedes-Benz ships cars with TikTok pre-installed on the infotainment system, an app that has its own thicket of privacy problems. The privacy and security problems extend beyond the nature of the data car companies siphon off about you. Mozilla said it was unable to determine whether the brands encrypt any of the data they collect, and only Mercedes-Benz responded to the organization's questions.

Mozilla also found that many car brands engage in "privacy washing," or presenting consumers with information that suggests they don't have to worry about privacy issues when the exact opposite is true. Many leading manufacturers are signatories to the Alliance for Automotive Innovation's "Consumer Privacy Protection Principles (PDF)." According to Mozilla, these are a non-binding set of vague promises organized by the car manufacturers themselves. Questions around consent are essentially a joke as well. Subaru, for example, says that by being a passenger in the car, you are considered a "user" who has given the company consent to harvest information about you. Mozilla said a number of car brands say it's the drivers responsibility to let passengers know about their car's privacy policies -- as if the privacy policies are comprehensible to drivers in the first place. Toyota, for example, has a constellation of 12 different privacy policies for your reading pleasure.

The UK's worst air-traffic outage in a decade was caused by an anomaly in the airspace manager's software system, which confused two geographical checkpoints separated by some 4,000 nautical miles. From a report: The UK's Civil Aviation Authority said Wednesday it will conduct an independent review of the incident, which forced hundreds of flights to be canceled or delayed last week after an error in processing an airline's flight plan. The glitch triggered a shutdown of the software system run by NATS for safety reasons, according to a preliminary report from the public-private partnership formerly called National Air Traffic Services. This forced air-traffic staff to input flight plans manually, drastically reducing the amount of air traffic that could be processed.

The event sent airlines and airports in the UK into turmoil on Aug. 28, leaving planes out of position and passengers stranded. Nearly 800 flights leaving UK airports were canceled, with a similar number of arrivals scrapped, according to analytics firm Cirium. The report by NATS showed that on the day of the incident, an airline entered a plan into the system which led through UK airspace. NATS Chief Executive Officer Martin Rolfe declined to discuss details of the flight, such as its route or the airline involved, saying the specifics weren't pertinent to the outage. While the flight plan wasn't faulty, it threw off the system because the software used by NATS received duplicate identities for two different points on the map. There are an infinite number of flight-plan waypoints in the world, and duplicates remain despite work to remove them, according to Rolfe.

An exploit for a bug in Windows appears to increase the performance of File Explorer in Microsoft's flagship operating system. From a report: Spotted over the weekend by Xitter user @VivyVCCS, the hack is triggered by a swift jab of the F11 key to switch File Explorer in and out of full-screen mode. According to the post, load performance is improved markedly.

The UK government will concede it will not use controversial powers in the online safety bill to scan messaging apps for harmful content until it is "technically feasible" to do so, postponing measures that critics say threaten users' privacy. Financial Times: A planned statement to the House of Lords on Wednesday afternoon will mark an eleventh-hour bid by ministers to end a stand-off with tech companies, including WhatsApp, that have threatened to pull their services from the UK over what they claimed was an intolerable threat to millions of users' security. The statement is set to outline that Ofcom, the tech regulator, will only require companies to scan their networks when a technology is developed that is capable of doing so, according to people briefed on the plan. Many security experts believe it could be years before any such technology is developed, if ever.

"A notice can only be issued where technically feasible and where technology has been accredited as meeting minimum standards of accuracy in detecting only child sexual abuse and exploitation content," the statement will say. The online safety bill, which has been in development for several years and is now in its final stages in parliament, is one of the toughest attempts by any government to make Big Tech companies responsible for the content that is shared on their networks.

AmiMoJo writes: In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults.

Taylor Monahan is founder and CEO of MetaMask, a popular software cryptocurrency wallet used to interact with the Ethereum blockchain. Since late December 2022, Monahan and other researchers have identified a highly reliable set of clues that they say connect recent thefts targeting more than 150 people, Collectively, these individuals have been robbed of more than $35 million worth of crypto. Monahan said virtually all of the victims she has assisted were longtime cryptocurrency investors, and security-minded individuals. Importantly, none appeared to have suffered the sorts of attacks that typically preface a high-dollar crypto heist, such as the compromise of one's email and/or mobile phone accounts.

Israel's prime minister on Sunday floated the idea of building infrastructure projects such as a fiber optic cable linking countries in Asia and the Arabian Peninsula with Europe through Israel and Cyprus. From a report: Prime Minister Benjamin Netanyahu said he's "quite confident" such an infrastructure "corridor" linking Asia to Europe through Israel and Cyprus is feasible. He said such projects could happen if Israel normalizes relations with other countries in the region. The 2020 U.S.-brokered Abraham Accords normalized relations between Israel and the United Arab Emirates and Bahrain, and the Biden administration is trying to establish official ties between Israel and Saudi Arabia.

"An example and the most obvious one is a fiber optic connection. That's the shortest route. It's the safest route. It's the most economic route," Netanyahu said after talks with Cypriot President Nikos Christodoulides. The Israeli leader's pitch is itself an extension of proposed energy links with Cyprus and Greece as part of growing collaboration on energy in the wake of discoveries of significant natural gas deposits in the economic zones of both Israel and Cyprus.

When it comes to US government employee satisfaction with IT services, one agency finds itself continually at the bottom of the heap: The rather crucial Department of Defense. From a report: Results from the General Services Administration's (GSA) Mission-Support Customer Satisfaction Survey published on Wednesday found the DoD was trailing the other 23 US federal government agencies included in the research. Of the seven technology user areas surveyed, the DoD came dead last in user satisfaction for IT support, equipment, function, and communication/collaboration.

The DoD didn't fare much better in the three areas it wasn't scraping the bottom, either. For strategic IT partnerships and development, modernizations and enhancement the Defense Department ranked twentieth (out of 24), and for operations and maintenance satisfaction it beat the US Department of Agriculture - barely - on the seven-point scale used by the GSA. Despite its abysmal ranking among its fellow federal agencies, the DoD's users were still generally okay with their IT service, with 65 percent of respondents saying they were at least somewhat satisfied with IT support, and 64.5 percent expressing some degree of satisfaction with their IT equipment. Only development, modernization and enhancement failed to net 50 percent satisfaction among DoD respondents.

America's return-to-office has been a "lagging return," reports the Washington Post: Even with millions of workers across the country being asked to return to their cubicles, office occupancy has been relatively static for the past year. The country's top 10 metropolitan areas averaged 47.2 percent of pre-pandemic levels last week, according to data from Kastle Systems. This time last year, the average was around 44 percent....

About 52 percent of remote-capable U.S. workers are operating under hybrid arrangements, according to data from Gallup, while 29 percent are exclusively remote. And though executives like Meta's Mark Zuckerberg have argued that the rise of flexible work has had a deleterious effect on productivity, data from the Bureau of Labor Statistics shows that labor productivity rose 3.7 percent in the second quarter of 2023 and is up 1.3 percent compared to this time last year.

While employers cite the collaborative benefits of spending time together in person, the majority of hybrid arrangements aren't fostering the connections bosses want to see, according to Rob Cross, associate professor of management at Babson College who studies collaboration across various companies through surveys, email and meeting data. He's found that mandates for a certain number of days in office are missing the mark, "because you're not getting the right people who need to collaborate... What we're seeing that's more successful is when companies are using some form of analytics" to determine which workers need to come in on the same days, Cross said. He estimates that only about 5 percent of organizations are taking this approach. "Leaders are just saying, 'We need water-cooler moments,' " Cross said. "They're not looking and saying, 'These are the interactions we need to stimulate.' "
But the article argues that "After more than two years of trying to coax workers back into offices, bosses are losing their patience... Even tech companies that were once champions of remote work are changing their tune." The article cites return-to-office policies at Zoom, Meta, and Amazon, arguing that "Employers have new leverage as the labor market has cooled, leaving workers less room to be choosy..." The days of enticing employees with free food, laundry services and yoga classes are largely over. Now, executives are resorting to threats — and it's forcing some workers to decide whether they're willing to give up the flexibility they've gotten used to... "The pendulum has shifted from employees having all the power," said Matt Cohen, founder and managing partner of Ripple Ventures, a venture fund in Toronto that works with early stage companies across North America. The bulk of start-up founders he works with are requiring employees to be in offices a few days a week, although there's pushback. "During the pandemic, a lot of salespeople were taking calls from the top of mountains on hiking trips," Cohen said. "That's not working anymore...."

[R]emote work is becoming harder to find. Roughly 8 percent of all job postings now advertise remote or hybrid work, according to Nick Bunker, director of North American economic research at Indeed Hiring Lab. That's down from 9.7 percent last year, he said, but still up significantly over pre-pandemic levels.
The workplace software company HqO's chief executive says workers are after "elevated experiences they can't get at home". Their data shows workers attracted by free food, high-quality tools, and attractive workspaces — but "The number one thing people want out of a workplace is concentration space..You're not going to get them into a place just built for social interaction. You've got to be able to concentrate...."

But the CEO of PR software company Muck Rack says going fully remote benefited their workers — both their well-being and their productivity. "I hope more people see the potential here and don't just go along with the return-to-office narrative.

An anonymous reader shared this report from cybersecurity blogger Brian Krebs: Domain names ending in ".US" — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the target of phishing domains ending in .US. Also, .US domains are only supposed to be available to U.S. citizens and to those who can demonstrate that they have a physical presence in the United States... [F]ew other major countries in the world have anywhere near as many phishing domains each year as .US.

That's according to The Interisle Consulting Group, which gathers phishing data from multiple industry sources and publishes an annual report on the latest trends. Interisle's newest study examined six million phishing reports between May 1, 2022 and April 30, 2023, and found 30,000 .US phishing domains.

.US is overseen by the National Telecommunications and Information Administration (NTIA), an executive branch agency of the U.S. Department of Commerce. However, NTIA currently contracts out the management of the .US domain to GoDaddy, by far the world's largest domain registrar. Under NTIA regulations, the administrator of the .US registry must take certain steps to verify that their customers actually reside in the United States, or own organizations based in the U.S. But Interisle found that whatever GoDaddy was doing to manage that vetting process wasn't working.

Samsung today revealed the world's first 32 Gb DDR5 DRAM die. From a report: The new memory die is made on the company's 12 nm-class DRAM fabrication process and not only offers increased density, but also lowers power consumption. The chip will allow Samsung to build record 1 TB RDIMMs for servers as well as lower costs of high-capacity memory modules. "With our 12nm-class 32 Gb DRAM, we have secured a solution that will enable DRAM modules of up to 1 TB, allowing us to be ideally positioned to serve the growing need for high-capacity DRAM in the era of AI (Artificial Intelligence) and big data," said SangJoon Hwang, executive vice president of DRAM product & technology at Samsung Electronics.

32 Gb memory dies not only enable Samsung to build a regular, single-rank 32 GB module for client PCs using only eight single-die memory chips, but they also allow for higher capacity DIMMs that were not previously possible. We are talking about 1 TB memory modules using 40 8-Hi 3DS memory stacks based on eight 32 Gb memory devices. Such modules may sound overkill, but for artificial intelligence (AI), Big Data, and database servers, more DRAM capacity can easily be put to good use. Eventually, 1TB RDIMMs would allow for up to 12 TB of memory in a single socket server (e.g. AMD's EPYC 9004 platform), something that cannot be done now.

The theft of IT equipment and data, as well as digital and industrial espionage and sabotage, will cost Germany 206 billion euros ($224 billion) in 2023, German digital association Bitkom said on Friday. From a report: The damage will surpass the 200 billion euro mark for the third consecutive year, according to a Bitkom survey of more than 1,000 companies. "The German economy is a highly attractive target for criminals and hostile states. The boundaries between organised crime and state-controlled actors are blurred," Bitkom President Ralf Wintergerst said. Around three quarters of the companies surveyed suffered digital attacks in the past 12 months, falling from 84% of the companies in the previous year.

Supermarket giant Lidl has issued a recall of Paw Patrol snacks after the website listed on the products' packaging began displaying explicit content unsuitable for children. From a report: Lidl, which operates more than 12,000 stores globally, is urging shoppers in the United Kingdom to return the snacks for a full refund. Affected products include Paw Patrol Yummy Bakes and Paw Patrol Mini Biscotti, snacks recommended for children aged two and above. Lidl's recall notice dated August 22 warns that the product's packaging contains a web address that has been "compromised" to display content "not suitable for child consumption."

Some customers of the network security company LogicMonitor have been hacked due to the use of default passwords, TechCrunch reports. From the report: A LogicMonitor spokesperson confirmed to TechCrunch that there's "a security incident" affecting some of the company's customers. "We are currently addressing a security incident that has affected a small number of our customers. We are in direct communication and working closely with those customers to take appropriate measures to mitigate impact," LogicMonitor's spokesperson Jesica Church said in a statement.

The incident is due to the fact that, until recently, LogicMonitor was assigning customers default -- and weak -- passwords such as "Welcome@" plus a short number, according to a source at a company that was impacted by the incident, and who asked to remain anonymous as they were not authorized to speak to the press.

An anonymous reader quotes a report from Ars Technica: Russia's military intelligence unit has been targeting Ukrainian Android devices with "Infamous Chisel," the tracking name for new malware that's designed to backdoor devices and steal critical information, Western intelligence agencies said on Thursday. "Infamous Chisel is a collection of components which enable persistent access to an infected Android device over the Tor network, and which periodically collates and exfiltrates victim information from compromised devices," intelligence officials from the UK, US, Canada, Australia, and New Zealand wrote (PDF). "The information exfiltrated is a combination of system device information, commercial application information and applications specific to the Ukrainian military."

Infamous Chisel gains persistence by replacing the legitimate system component known as netd with a malicious version. Besides allowing Infamous Chisel to run each time a device is restarted, the malicious netd is also the main engine for the malware. It uses shell scripts and commands to collate and collect device information and also searches directories for files that have a predefined set of extensions. Depending on where on the infected device a collected file is located, netd sends it to Russian servers either immediately or once a day. When exfiltrating files of interest, Infamous Chisel uses the TLS protocol and a hard-coded IP and port. Use of the local IP address is likely a mechanism to relay the network traffic over a VPN or other secure channel configured on the infected device. This would allow the exfiltration traffic to blend in with expected encrypted network traffic. In the event a connection to the local IP and port fails, the malware falls back to a hard-coded domain that's resolved using a request to dns.google.

Infamous Chisel also installs a version of the Dropbear SSH client that can be used to remotely access a device. The version installed has authentication mechanisms that have been modified from the original version to change the way users log in to an SSH session. [...] The report didn't say how the malware gets installed. In the advisory Ukraine's security service issued earlier this month (PDF), officials said that Russian personnel had "captured Ukrainian tablets on the battlefield, pursuing the aim to spread malware and abuse available access to penetrate the system." It's unclear if this was the vector.

To date, Google has processed more than seven billion copyright takedown requests for its search engine. The majority of the reported links are purged from Google's search index, as required by the DMCA. Recently, however, Google appears to gone a step further, using search takedowns to "moderate" users' privately saved links collections. TorrentFreak: A few hours ago, Eddie Roosenmaallen shared an email from Google, notifying him that a link had been removed from his Google Saved collection because it violates Google's policy. The reason cited for the removal is the "downstream impact," as the URL in question is "blocked by Google Search."

"The following saved item in one of your collections was determined to violate Google's policy. As a result, the item will be moderated..," Google writes, pointing out a defunct KickassTorrents domain as the problem. Initially, it was suggested that this removal impacted Google's synched Chrome bookmarks but further research reveals that's not the case. Instead, the removals apply to Google's saved feature. This Google service allows users to save and organize links, similar to what Pinterest does. These link collections can be private or shared with third parties.

Researchers say they have found fake apps in Google Play that masqueraded as legitimate ones for the Signal and Telegram messaging platforms. The malicious apps could pull messages or other sensitive information from legitimate accounts when users took certain actions. ArsTechnica: An app with the name Signal Plus Messenger was available on Play for nine months and had been downloaded from Play roughly 100 times before Google took it down last April after being tipped off by security firm ESET. It was also available in the Samsung app store and on signalplus[.]org, a dedicated website mimicking the official Signal.org. An app calling itself FlyGram, meanwhile, was created by the same threat actor and was available through the same three channels. Google removed it from Play in 2021. Both apps remain available in the Samsung store.

Both apps were built on open source code available from Signal and Telegram. Interwoven into that code was an espionage tool tracked as BadBazaar. The Trojan has been linked to a China-aligned hacking group tracked as GREF. BadBazaar has been used previously to target Uyghurs and other Turkic ethnic minorities. The FlyGram malware was also shared in a Uyghur Telegram group, further aligning it to previous targeting by the BadBazaar malware family. Signal Plus could monitor sent and received messages and contacts if people connected their infected device to their legitimate Signal number, as is normal when someone first installs Signal on their device. Doing so caused the malicious app to send a host of private information to the attacker, including the device IMEI number, phone number, MAC address, operator details, location data, Wi-Fi information, emails for Google accounts, contact list, and a PIN used to transfer texts in the event one was set up by the user.

A tiny island in the Caribbean is now sitting on a digital treasure. From a report: Anguilla, a tropical British territory, is known for its coral reefs and white sand beaches. Since the 1990s, however, it's also been in charge of assigning internet addresses that end in .ai to residents and businesses looking to register websites. It was one of hundreds of country-specific domain names and easy to overlook -- until recently. Stability.ai, Elon Musk's X.ai and Character.ai are just a few of the hot artificial intelligence startups that have snapped up the .ai domain assigned to the islands and cays that comprise Anguilla. Plenty of tech giants have their own web addresses ending in .ai as well: Google.ai and Facebook.ai route visitors to their company's AI-focused webpages and Microsoft.ai shows off the company's Azure AI services.

The total number of registrations of sites ending with these two letters has effectively doubled in the past year to 287,432, according to Vince Cate, who for decades has managed the .ai domain for Anguilla. Cate estimates Anguilla will bring in as much as $30 million in domain-registration fees for 2023. Once one of the many obscure top-level domains assigned to countries and territories, .ai websites experienced a slow but steady increase in demand in recent years. But the sudden spike in .ai domains nine months ago highlights the broader frenzy around artificial intelligence and its ripple effects throughout the global economy. Since ChatGPT launched, a growing number of tech companies have raced to raise billions in capital, scoop up engineering talent and secure powerful but increasingly scarce chips. A domain may sound less essential, but for an industry obsessed with clever branding, the right name can be everything. "Since November 30, things are very different here," Cate said, referring to the date when ChatGPT launched publicly.

Some of the world's leading astronomical observatories have reported cyberattacks that have resulted in temporary shutdowns. Space.com reports: The National Science Foundation's National Optical-Infrared Astronomy Research Laboratory, or NOIRLab, reported that a cybersecurity incident that occurred on Aug. 1 has prompted the lab to temporarily halt operations at its Gemini North Telescope in Hawaii and Gemini South Telescope in Chile. Other, smaller telescopes on Cerro Tololo in Chile were also affected. "Our staff are working with cybersecurity experts to get all the impacted telescopes and our website back online as soon as possible and are encouraged by the progress made thus far," NOIRLab wrote in a statement on its website on Aug. 24.

It's unclear exactly what the nature of the cyberattacks were or from where they originated. NOIRLab points out that because the investigation is still ongoing, the organization will be cautious about what information it shares about the intrusions. The cyberattacks on NOIRLab's facilities occurred just days before the United States National Counterintelligence and Security Center (NCSC) issued a bulletin (PDF) advising American space companies and research organizations about the threat of cyberattacks and espionage.

Foreign spies and hackers "recognize the importance of the commercial space industry to the U.S. economy and national security, including the growing dependence of critical infrastructure on space-based assets," the bulletin stated. "They see US space-related innovation and assets as potential threats as well as valuable opportunities to acquire vital technologies and expertise."

Slash_Account_Dot shares a report from 404 Media, written by cybersecurity journalist Joseph Cox: In the mid-afternoon one Saturday earlier this month, the target got on the New York subway. I knew what station they entered the subway at and at what specific time. They then entered another station a few hours later. If I had kept monitoring this person, I would have figured out the subway station they often start a journey at, which is near where they live. I would also know what specific time this person may go to the subway each day. During all this monitoring, I wasn't anywhere near the rider. I didn't even need to see them with my own eyes. Instead, I was sitting inside an apartment, following their movements through a feature on a Metropolitan Transportation Authority (MTA) website, which runs the New York City subway system. With their consent, I had entered the rider's credit card information -- data that is often easy to buy from criminal marketplaces, or which might be trivial for an abusive partner to obtain -- and punched that into the MTA site for OMNY, the subway's contactless payments system. After a few seconds, the site churned out the rider's travel history for the past 7 days, no other verification required.

On the OMNY website, the MTA offers the ability for riders to "Check trip history." This feature works for people who use contactless bank cards when entering the subway, or other solutions like Apple Pay and Google Pay. The issue is that the feature requires no other authentication -- no account linked to an email, for example -- meaning that anyone with a target's details can enter it and snoop on their movements. The MTA does offer the option of an OMNY account, which requires a password. The website says having an account lets riders "Securely access your trip history." But the first option that appears on the trip history website is the unauthenticated version. After 404 Media raised the concerns to the MTA, a spokesperson said the agency will look into improving the system. "But at the moment, the tracking feature is still accessible without any authentication," notes Cox.

UPDATE 8/31/23: The MTA says it will disable the feature that leaked trip history.