• 0 Posts
  • 24 Comments
Joined 1 year ago
cake
Cake day: August 4th, 2023

help-circle
  • This is the best summary I could come up with:


    High up in the business world, where decisions can be molded and shaped by the needs and demands of major investors and shareholders, it can be easy to forget that, well, most average people don’t really care about that, Panera’s founder says.

    Beyond not pretending to be motivated by shareholders, some younger workers have been vocal about wanting certain changes to work culture, such as a better work-life balance.

    At least one founder and former CEO agrees that the idea of boosting shareholders’ returns isn’t likely to be a key motivator to workers.

    Ron Shaich, Panera Bread’s founder and former longtime CEO, has stressed how important it is for management and members of the C-suite to empathize with their employees and better understand what can get their buy-in to the company’s mission.

    I made another penny a share today for Panera’s shareholders,'" Shaich told Business Insider in an interview.

    Shaich said that he believed a key part of good management is connecting with and understanding employees and that he is a big proponent of therapy.


    The original article contains 518 words, the summary contains 175 words. Saved 66%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    And if it continues at this pace, it may reshape the workplace for decades to come — especially, Bruno said, with the soon-to-be dominant Gen Z rethinking how work fits into their identities.

    It’s the concept that underpins the middle class in America, that group of workers meant to be tucked in between the jet setters and those striving to move up in the world.

    “The last four decades we have seen a gap between growing productivity and stagnating worker wages,” Julie Su, the acting secretary of labor, told BI.

    That drive comes alongside the Biden administration’s stated desire to build out the economy from the bottom and middle, rather than through trickling down gains from the top.

    For instance, the Treasury Department found in an August report that middle-class workers had been falling behind with more debt, more expensive houses, and increasingly pricier college education.

    For employers who want to retain their workers, or lure in Gen Zers — who helped drive the Great Resignation and the union boom — it might pay to listen up.


    The original article contains 1,155 words, the summary contains 177 words. Saved 85%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    A prolific espionage hacking group with ties to China spent over two years looting the corporate network of NXP, the Netherlands-based chipmaker whose silicon powers security-sensitive components found in smartphones, smartcards, and electric vehicles, a news outlet has reported.

    The intrusion, by a group tracked under names including “Chimera” and “G0114,” lasted from late 2017 to the beginning of 2020, according to Netherlands national news outlet NRC Handelsblad, which cited “several sources” familiar with the incident.

    “Once nested on a first computer—patient zero—the spies gradually expand their access rights, erase their tracks in between and secretly sneak to the protected parts of the network,” NRC reporters wrote in an English translation.

    According to the log files that Fox-IT finds, the hackers come every few weeks to see whether interesting new data can be found at NXP and whether more user accounts and parts of the network can be hacked.”

    NXP also provides chips for the MIFARE card used by transit companies, FIDO-compliant security keys, and tools for relaying data inside the networks of electric vehicles.

    Security firm Cycraft documented one two-year hacking spree that targeted semiconductor makers with operations in Taiwan, where NXP happens to have research and development facilities.


    The original article contains 989 words, the summary contains 199 words. Saved 80%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    The password authenticator was hit by a cyberattack in September and said earlier this month that just 1% of its customers were affected.

    David Bradbury, Okta’s chief security officer, said in the post: “While we do not have direct knowledge or evidence that this information is being actively exploited, there is a possibility that the threat actor may use this information to target Okta customers via phishing or social engineering attacks.”

    Bradbury advised all customers to use multi-factor authentication, which requires more than one security test, to keep their information safe online.

    San Francisco-based Okta offers companies identity management tools including single sign-in and multi-factor authentication for secure website logins.

    The company has more than 18,000 corporate clients including FedEx, S&P Global, T-Mobile and Zoom, per its website.

    Then in August hacking group Scatter Swine gained access to Okta customer data, it claimed in a blog post, breaching more than 100 companies including software firm Twilio.Okta didn’t immediately respond to a request for comment from Business Insider, made outside normal working hours.


    The original article contains 249 words, the summary contains 172 words. Saved 31%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    The Ukrainian government is planning to change its conscription practices as it seeks to sustain fighting capacity after nearly two years of full-fledged war with Russia.

    The summer and autumn Ukrainian counteroffensive has failed to win back large amounts of territory, and there are increasing voices among Ukraine’s western partners suggesting in private that sooner or later Kyiv may need to consider attempting a negotiated end to the war.

    In the first months of the war, hundreds of thousands of Ukrainians volunteered to fight, as part of a wave of patriotic determination that shocked Russia and repelled its initial advances.

    Viral videos have shown men snatched from the street to be conscripted, and there have been numerous corruption scandals of officials taking bribes to provide exemption.

    Many Ukrainians say if called upon they would go to the army, but many men of conscription age who do not want to be sent to the front have spent weeks or months hiding at home, trying to avoid the roaming squads of mobilisation officers.

    In the summer, sources in Odesa explained a popular scheme in the city, whereby for a fee of $5,000 in cash, men who did not want to serve could receive a fake medical report suggesting serious spinal issues, with which they would be declared exempt from conscription and be allowed to leave the country.


    The original article contains 704 words, the summary contains 225 words. Saved 68%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    Salesforce billionaire CEO Marc Benioff seems to have somewhat of a muddled stance on hybrid working.

    59-year-old Benioff, who mandated his workers back to the office earlier this year, discussed the balance of in-person and remote working in a recent interview with GQ,

    "When I talk to my friends, and they’re going through some kind of existential crisis, I’ll say to them, ‘Just tell me what are five things that are making you super unhappy right now?’

    Leaked company messages from earlier this year, showed that non-remote employees are now expected to be in the office three days a week, while non-remote employees in customer-facing roles have to be in the office four days a week.

    This was a toned-down version of the policy too, per Business Insider’s previous reporting, after getting employee feedback.

    Salesforce joins a number of tech companies that have walked back on their remote working policies in recent months.


    The original article contains 364 words, the summary contains 153 words. Saved 58%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    Underscoring the importance of their discovery, the researchers used their findings to calculate the private portion of almost 200 unique SSH keys they observed in public Internet scans taken over the past seven years.

    SSH is the cryptographic protocol used in secure shell connections that allows computers to remotely access servers, usually in security-sensitive enterprise environments.

    The vulnerability occurs when there are errors during the signature generation that takes place when a client and server are establishing a connection.

    Another reason for the surprise is that until now, researchers believed that signature faults exposed only RSA keys used in the TLS—or Transport Layer Security—protocol encrypting Web and email connections.

    The researchers noted that since the 2018 release of TLS version 1.3, the protocol has encrypted handshake messages occurring while a web or email session is being negotiated.

    The new findings are laid out in a paper published earlier this month titled “Passive SSH Key Compromise via Lattices.”


    The original article contains 596 words, the summary contains 157 words. Saved 74%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    While Amazon has always targeted European organizations with the promise of localized data storage and controls, it had previously distanced itself from the whole “sovereign cloud” concept.

    Amazon chief security officer (CSO) Stephen Schmidt called the sovereign cloud “a marketing term more than anything else,” but last November AWS unveiled its “digital sovereignty pledge,” going some way toward enshrining its data control commitments into stone.

    At the crux of the matter is a growing array of regulations — particularly in Europe — that stipulate how people and companies’ data should be handled.

    Though even without specific regulation, companies in many industries — such as healthcare and banking — have been slower to go all-in on the cloud due to concerns about how their data might be harnessed by the tech giants.

    The company confirmed to TechCrunch that this won’t be limited to the EU specifically, and organizations across the European continent (including the U.K.) will be able to access it.

    Meanwhile, efforts are underway elsewhere to bring a more native flavor of cloud to European markets — a Swedish startup called Evroc emerged from stealth this year with €13 million in funding to develop hyperscale data centers in Europe.


    The original article contains 527 words, the summary contains 198 words. Saved 62%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    The U.S. Securities and Exchange Commission has charged SolarWinds and its top cybersecurity executive Timothy Brown with fraud and internal control failures for allegedly misleading investors about the company’s cybersecurity practices prior to a cyberattack launched by Russian hackers in 2019.

    The SEC’s complaint accused the company of making claims, including about its own security practices, that were “at odds” with its internal assessments.

    But the federal regulator said that Brown failed to sufficiently raise security risks to the company or resolve them.

    Gurbir S. Grewal, who oversees the SEC’s enforcement unit, said SolarWinds and Brown “ignored repeated red flags” and “engaged in a campaign to paint a false picture of the company’s cyber controls environment, thereby depriving investors of accurate material information.”

    “Today’s enforcement action not only charges SolarWinds and Brown for misleading the investing public and failing to protect the company’s ‘crown jewel’ assets, but also underscores our message to issuers: implement strong controls calibrated to your risk environments and level with investors about known concerns,” said Grewal.

    The SEC told SolarWinds in November 2022 that it faced enforcement action following the cyberattack, warning that the company’s cybersecurity disclosures and public statements were under scrutiny.


    The original article contains 565 words, the summary contains 197 words. Saved 65%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    On October 13, Russia’s ambassador to the United Nations, Vasily Nebenzya, said that “the so-called Ukrainian counteroffensive can be considered finished” with nothing to show for it but tens of thousands of dead recruits and that Russia had “launched active combat operations along the entire frontline.” (Nebenzya also accused the West of feeding more weapons to Ukraine “like drugs to a drug addict, thus prolonging his agony.”) Two days later, Nebenzya’s boss Vladimir Putin weighed in with his own assertion that the Ukrainian counteroffensive had “failed completely” but, confusingly, added that “the opposing side” was planning new offensive operations in some areas and described the Russian troops’ operations as “active defense,” without explaining how that differs from plain and simple defense.

    Then, after two more days, on October 17, Russia got an unpleasant surprise when Ukraine delivered powerful strikes at targets in occupied territories, in Berdyansk and Luhansk, hitting military airports and weapons depots.

    Thus ends a prolonged will-they-or-won’t-they saga in which reports last September that Zelensky’s request for the long-range missiles would not be granted during his visit to Washington, D.C. were followed by a quick reversal, albeit not officially announced.

    Putin, on his visit to Beijing, predictably claimed that the ATACMS would not help Ukraine but also made a weird invitation to President Joe Biden to take them back and come over to Russia for “tea and pancakes” instead.

    Appearing on the 60 Minutes program on Channel One with the husband-and-wife team of Olga Skabeyeva and Yevgeny Popov, retired Russian colonel and TV pundit Mikhail Khodaryonok candidly admitted that if ATACMS strikes continued, this could make it much harder for Russia to use its military aircraft to stymie Ukrainian offensive operations by strafing tanks and armored personnel vehicles.

    Pro-Ukraine commentators who are critical of the slow pace of Western weapons deliveries, such as Russian expatriate journalist Yulia Latynina, have been asking why the ATACMS were not in place before the start of the spring/summer counteroffensive, which would have likely ensured far more impressive successes.


    The original article contains 734 words, the summary contains 336 words. Saved 54%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    Much of the fallow land lies in a vast swath along the front line of the war, while other fields are in areas recently retaken by Ukrainian forces, she says.

    Becker-Reshef says that while overall, Ukraine has been able to maintain its agricultural output this year, the abandoned fields have already cost the nation around $2 billion in lost crops.

    Precise estimates of how much artillery ammunition has been used in the war so far are hard to come by, but Russian and Ukrainian forces are firing thousands of rounds a day, according to Michael Kofman, a senior fellow at the Carnegie Endowment for International Peace.

    “These can lay in the ground for over a hundred years and still be lethal,” says Iain Overton, the executive director of Action on Armed Violence, a British non-profit that focuses on the harm caused by explosive weapons.

    Still, Overton says, the amount of unexploded ordnance, land mines, and toxic pollution in farmland along the front line will make returning those fields to production a “gargantuan task.”

    The destruction of the Kakhovka Dam earlier this year drained a massive reservoir and left nearly a thousand miles of irrigation channels without a source of water.


    The original article contains 1,186 words, the summary contains 200 words. Saved 83%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    Operation Zero, which is based in Russia and launched in 2021, also added that “as always, the end user is a non-NATO country.” On its official website, the company says that “our clients are Russian private and government organizations only.”

    Zelenyuk also said that the bounties Operation Zero offer right now may be temporary, and a reflection of a particular time in the market, and the difficulty of hacking iOS and Android.

    “The price formation of specific items is heavily dependent on availability of the product on the zero-day market,” Zelenyuk said in an email.

    For at least a decade, various companies around the world have offered bounties to security researchers willing to sell the bugs and hacking techniques to exploit those flaws.

    Unlike traditional bug bounty platforms like Hacker One or Bugcrowd, companies like Operation Zero don’t alert the vendors whose products are vulnerable, but instead sell them to government customers.

    Crowdfense, a competitor based in the United Arab Emirates, offers up to $3 million for the same kind of chain of bugs on Android and iOS.


    The original article contains 700 words, the summary contains 178 words. Saved 75%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    The first American-made Abrams tanks have been delivered to Ukraine, two U.S. defense officials said, arriving months ahead of initial estimates and in time to be used in Kyiv’s counteroffensive against Russian forces.

    But Kyrylo Budanov, the head of Ukraine’s military intelligence, has warned that the Abrams would need to be deployed “in a very tailored way, for very specific, well-crafted operations,” or risk being destroyed.

    Their arrival represents part of an extraordinary effort by Western allies — responding to relentless pushing from Ukraine — to deliver a powerful weapon months ahead of schedule.

    Just one year ago, allies had resisted sending Western-made tanks to Ukraine, concerned that doing so would draw NATO more directly into the war and further escalate tensions with President Vladimir V. Putin of Russia.

    By January, however, convinced that Ukraine needed more heavy armored vehicles to confront Russian forces, Britain, Germany and the United States each agreed to supply the modern Western tanks or allow for them to be transferred to Kyiv.

    U.S. troops began training Ukrainian forces in late spring, conducting an abbreviated 12-week course to operate Abrams tanks at American military bases in Germany.


    The original article contains 511 words, the summary contains 191 words. Saved 63%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    Apple released security updates on Thursday that patch two zero-day exploits — meaning hacking techniques that were unknown at the time Apple found out about them — used against a member of a civil society organization in Washington, D.C., according to the researchers who found the vulnerabilities.

    Citizen Lab, an internet watchdog group that investigates government malware, published a short blog post explaining that last week they found a zero-click vulnerability — meaning that the hackers’ target doesn’t have to tap or click anything, such as an attachment — used to target victims with malware.

    The researchers said the vulnerability was used as part of an exploit chain designed to deliver NSO Group’s malware, known as Pegasus.

    “The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim,” Citizen Lab wrote.

    Citizen Lab said it called the exploit chain BLASTPASS, because it involved PassKit, a framework that allows developers to include Apple Pay in their apps.

    “Once more, civil society, is serving as the cybersecurity early warning system for… billions of devices around the world,” John Scott-Railton, a senior researcher at the internet watchdog Citizen Lab, wrote on Twitter.


    The original article contains 357 words, the summary contains 199 words. Saved 44%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    The war in Ukraine has forced the Kremlin to reassess its relationship with Pyongyang as it seeks to secure weapons to replace its own depleted stocks.

    In return, North Korea is hoping to receive valuable foreign currency to continue funding its development of intercontinental ballistic missiles – its trump card in its quest to secure concessions, and recognition as a legitimate nuclear state, from the US.

    Russia’s growing isolation has sent it in a new, worrying direction as it seeks to build a united front against a “hostile” west that includes China and now, it seems, North Korea and its million-strong army.

    As news emerged of Kim’s possible trip to Vladivostok, media reported that the North could take part in joint naval drills with Russia and China.

    In a message to Putin to mark Russia’s national day in June this year, the Kim pledged his regime’s “full support” for the invasion of Ukraine, and vowed to “hold hands” with the Russian leader in their common aim to build “a powerful country”.

    Pyongyang knows that Moscow is desperate for munitions, Everard said, adding that he expected North Korea to demand an “eye-wateringly high” price.


    The original article contains 667 words, the summary contains 193 words. Saved 71%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    Cloud host CloudNordic says most of its customers have “lost all data with us” following a ransomware attack on its datacenter systems, including its backups.

    In a notice on its website translated from Danish, CloudNordic said: “The attackers succeeded in encrypting all servers’ disks, as well as on the primary and secondary backup system, whereby all machines crashed and we lost access to all data.”

    The cloud host said that it believes the hackers had access to the company’s administrative systems “from which they could encrypt entire disks.”

    It’s not clear how the ransomware attack began, but the company said that the attack happened — or was at least exacerbated — by moving infected systems from one datacenter to another datacenter that was “unfortunately wired to access our internal network that is used to manage all of our servers.” CloudNordic said that it “had no knowledge that there was an infection.”

    At the time of writing, no ransomware group has appeared to publicly acknowledge or take credit for the cyberattack.

    Both CloudNordic and Azero said that they were working to rebuild customers’ web and email systems from scratch, albeit without their data.


    The original article contains 432 words, the summary contains 192 words. Saved 56%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    This request concerns legal experts who argue that powerful technology like the one Cellebrite builds and sells, and how it gets used by law enforcement agencies, ought to be public and scrutinized.

    “We don’t really want any techniques to leak in court through disclosure practices, or you know, ultimately in testimony, when you are sitting in the stand, producing all this evidence and discussing how you got into the phone,” the employee, who we are not naming, says in the video.

    “The results these super-secretive products spit out are used in court to try to prove whether someone is guilty of a crime,” Riana Pfefferkorn, a research scholar at the Stanford University’s Internet Observatory, told TechCrunch.

    “The accused (whether through their lawyers or through an expert) must have the ability to fully understand how Cellebrite devices work, examine them, and determine whether they functioned properly or contained flaws that might have affected the results.”

    “And anyone testifying about those products under oath must not hide important information that could help exonerate a criminal defendant solely to protect the business interests of some company,” said Pfefferkorn.

    “It’s super important to keep all these capabilities as protected as possible, because ultimately leakage can be harmful to the entire law enforcement community globally,” the Cellebrite employee says in the video.


    The original article contains 821 words, the summary contains 217 words. Saved 74%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    Recapturing cities like Tokmak, and a further advance on to Melitipol, will be a daunting task for a Ukrainian counteroffensive that has made incremental gains since it launched earlier this summer.

    Kyiv got more welcome news Friday as the United States has given the green light for the Netherlands to deliver F-16s to Ukraine, a major gain for the country that has long sought the U.S.-made fighter jets to counteract Russian superiority in the air.

    Dutch Foreign Minister Wopke Hoekstra confirmed the approval from Washington in a post on social media.

    This comes as the Pentagon told CBS News on Thursday that the Biden administration is willing to host training on F-16 fighter jets in the United States for Ukrainian pilots if additional capacity is needed.

    Meanwhile, Russian officials claimed on Friday that air defenses stopped drone attacks on central Moscow and on the country’s ships in the Black Sea.

    Moscow Mayor Sergei Sobyanin claimed some of the fragments fell on the grounds of the Expocentre, a building located in close proximity to the Moscow City commercial and office complex that has been struck twice by drones in the past month.


    The original article contains 364 words, the summary contains 191 words. Saved 48%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    Russian President Vladimir Putin has declared an existential war, framing Western revulsion at his brutalization of Ukraine as an insidious plot to “dismember” and subjugate Moscow.

    In his deepening crusade against the “degenerate” West, the Russian strongman has banned the use of foreign words, ordered his officials to drop foreign-made cars, and barred them from using Western technology—including Apple devices.

    The independent media organization revealed this month that Russian government agencies allocated more than 53 million rubles ($570,000) for foreign cars, one week after Putin’s order that officials stop using them.

    With the Wagner Group mutiny close in the rear-view mirror—and concerns over the supposedly lethargic reaction of Russian authorities to it—Putin’s position atop the Kremlin kleptocracy is perhaps not as secure as it once was.

    The order to stop using foreign cars and Apple goods “will be difficult to implement, because on the market you cannot find a lot of alternatives,” Oleg Ignatov, the Crisis Group think tank’s senior Russian analyst, told Newsweek.

    Putin decried Prigozhin’s “treason,” but quickly agreed to give the Wagner financier and his fighters amnesty in exchange for their exile in Belarus under the watch of President Alexander Lukashenko.


    The original article contains 1,100 words, the summary contains 194 words. Saved 82%. I’m a bot and I’m open source!


  • This is the best summary I could come up with:


    Researchers have discovered a suite of vulnerabilities that largely break a next-generation protocol that was designed to prevent the hacking of access control systems used at secure facilities on US military bases and buildings belonging to federal, state, and local governments and private organizations.

    Like an earlier protocol, known as Wiegand, OSDP provides a framework for connecting card readers, fingerprint scanners, and other types of peripheral devices to control panels that check the collected credentials against a database of valid personnel.

    When surreptitiously inserted by a would-be intruder into the wiring behind a peripheral device, Gecko performed an adversary-in-the-middle attack that monitors all communications sent to and from the control panel.

    Secure Channel allowed OSDP-based communications between peripheral devices and control panels to be encrypted with 128-bit AES, a tried and tested algorithm that is virtually impossible to break when used correctly.

    While all but four of the vulnerabilities can be effectively eliminated, mitigations require configuration settings that aren’t described in the official OSDP specification (available here for $200) and differ depending on the manufacturer of each device.

    OSDP works over RS-485, a serial communication protocol designed to provide relatively high bandwidth (up to 10 megabits per second), the ability to span reasonably long distances (up to 4,000 feet), tolerance for lots of radio frequency noise, and capacity for 32 devices on a single line.


    I’m a bot and I’m open source!