An anonymous reader quotes a report from NBC News: The former CEO of a small Kansas bank was sentenced to more than 24 years in prison for looting the bank of $47 million -- which he sent to cryptocurrency wallets controlled by scammers who had duped him in a "pig butchering" scheme that appealed to his greed, federal prosecutors said. The massive embezzlement by ex-CEO Shan Hanes in a series of wire transfers over just eight weeks last year led to the collapse and FDIC takeover of Heartland Tri-State Bank in Elkhart, one of only five U.S. banks that failed in 2023. Hanes, 53, also swindled funds from a local church and investment club -- and a daughter's college savings account -- to transfer money, purportedly to buy cryptocurrency as the scammers insisted they needed more funds to unlock the supposed returns on his investments, according to records from U.S. District Court in Wichita, Kansas. But Hanes never realized any profit and lost all of the money he stole as a result of the scam. Judge John Broomes on Monday sentenced Hanes to 293 months in prison -- 29 months more than what prosecutors requested after he pleaded guilty in May to a single count of embezzlement by a bank officer. [...] [P]rosecutors and bank regulators said that Hanes, who has three daughters with his school teacher wife, began stealing after being targeted in a pig-butchering scheme in late 2022. That scheme was described in a court filing as "a scammer convincing a victim (a pig) to invest in supposedly legitimate virtual currency investment opportunities and then steals the victim's money -- butchering the pig." Hanes, who had served on the board of the American Bankers Association, and been chairman of the Kansas Bankers Association, in December 2022 began making transactions to buy cryptocurrency, which "appeared to be precipitated by communication with an unidentified co-conspirator on the electronic messaging app 'WhatsApp,'" prosecutors wrote in a court filing. "To date, the true identity of the co-conspirator, or conspirators, remain unknown," the filing notes. Hanes initially used personal funds to buy crypto, but in early 2023 he stole $40,000 from Elkhart Church of Christ and $10,000 from the Santa Fe Investment Club, according to prosecutors and a defense filing. He also used $60,000 taken from a daughter's college fund, and nearly $1 million in stock from the Elkhart Financial Corporation, his lawyer said in a filing. In May 2023, he began to make wire transfers from Heartland Tri-State Bank to accounts controlled by scammers, at first with a $5,000 transfer. Two weeks later, on May 30, Hanes wired $1.5 million and a day after that, he sent another transfer of the same amount the following day, filings show. Three days later he directed two wire transfers totaling $6.7 million to be sent by the bank to the crypto wallet, and a whopping $10 million less than two weeks later, and another $3.3 million days afterward. Hanes told bank employees to execute the wire transfers, and "made many misrepresentations to various people" to get access to the funds so they could be transferred, prosecutors wrote. Heartland Tri-State employees circumvented the bank's own wire policy and daily limits to approve Hanes' wire transfers, according to a report by the Office of the Inspector General of the Board of Governors of the Federal Reserve System.

Read more of this story at Slashdot.

A newly discovered bug causes iPhones and iPads to briefly crash. All you need to trigger the bug are just four characters. From a report: On Wednesday, a security researcher found that typing "":: can cause the Apple mobile user interface, called Springboard, to crash. TechCrunch verified those characters do crash Springboard when typed into the Search bar in the Settings app, as well as if you swipe all the way to the right on your home screen and type them into the App Library search bar. As others noted, all that's needed is actually "": and any other character. Triggering the bug briefly crashes Springboard, then reloads to your lock screen. In other tests, the bug flashed the screen black for a second. Researchers tell TechCrunch the bug does not appear to be a security issue. "It's not a security bug," said Ryan Stortz, an iOS security researcher who analyzed the bug. Patrick Wardle, who also researches iOS and founded security startup DoubleYou, agreed.

Read more of this story at Slashdot.

Over the next 50 years, people will push further into wildlife habitats across more than half the land on Earth, scientists have found, threatening biodiversity and increasing the chance of future pandemics. From a report: Humans have already transformed or occupied between 70% and 75% of the world's land. Research published in Science Advances on Wednesday found the overlap between human and wildlife populations is expected to increase across 57% of the Earth's land by 2070, driven by human population growth. [...] As humans and animals share increasingly crowded landscapes, the bigger overlap could result in higher potential for disease transmission, biodiversity loss, animals being killed by people and wildlife eating livestock and crops, the researchers said. Biodiversity loss is the leading driver of infectious disease outbreaks. About 75% of emerging diseases in humans are zoonotic, meaning they can be passed from animals to humans, and many diseases concerning global health authorities -- including Covid-19, mpox, avian flu and swine flu -- likely originated in wildlife.

Read more of this story at Slashdot.

Apple will change how users choose browser options in the European Union, add a dedicated section for changing default apps, and make more apps deletable, the company said on Thursday. From a report: The iPhone maker came under pressure from regulators to make changes after the EU's sweeping Digital Markets Act took effect on March 7, forcing it to offer mobile users the ability to select from a list of available web browsers on a "choice screen" the first time they open Safari. In an update later this year, Apple users will be able to select a default browser directly from the choice screen after going through a mandatory list of options. A randomly ordered list of 12 browsers per EU country will be shown to the user with short descriptions, and the chosen one will be automatically downloaded, Apple said. The choice screen will also be available on iPads through an update later this year. Apple released a previous update in response to the new rules in March, but browser companies criticized the design of its choice screen, and the Commission opened an investigation on March 25 saying it suspected that the measures fell short of effective compliance. [...] Users will also be able to delete certain Apple-made apps such as App Store, Messages, Camera, Photos and Safari.

Read more of this story at Slashdot.

Microsoft will begin sending a revised version of its controversial Recall feature to Windows Insider PCs beginning in October, according to an update published to the company's original blog post about the Recall controversy. From a report: The company didn't elaborate further on specific changes it's making to Recall beyond what it already announced in June. For those unfamiliar, Recall is a Windows service that runs in the background on compatible PCs, continuously taking screenshots of user activity, scanning those screenshots with optical character recognition (OCR), and saving the OCR text and the screenshots to a giant searchable database on your PC. The goal, according to Microsoft, is to help users retrace their steps and dig up information about things they had used their PCs to find or do in the past.

Read more of this story at Slashdot.

Gartner is warning that any prospect of Artificial General Intelligence (AGI) is at least 10 years away and perhaps not certain to ever arrive. It might not even be a worthwhile pursuit, the analyst says. From a report: AGI has become a controversial topic in the last couple of years as builders of large language models (LLMs), such as OpenAI, make bold claims that they've established a near-term path toward human-like intelligence. At the same time, others from the discipline of cognitive science have scorned the idea, arguing that the concept of AGI is poorly understood and the LLM approach is insufficient. In its Hype Cycle for Emerging Technologies, 2024, Gartner says it distills "key insights" from more than 2,000 technologies and, using its framework, produces a succinct set of "must-know" emerging technologies that have the potential to deliver benefits over the next two to ten years. The consultancy notes that GenAI -- the subject of volumes of industry hype and billions in investment -- is about to enter the dreaded "trough of disillusionment." Arun Chandrasekaran, Gartner distinguished VP analyst, told The Register: "The expectations and hype around GenAI are enormously high. So it's not that the technology, per se, is bad, but it's unable to keep up with the high expectations that I think enterprises have because of the enormous hype that's been created in the market in the last 12 to 18 months." However, GenAI is likely to have a significant impact on investment in the longer term, Chandrasekaran said. "I truly still believe that the long-term impact of GenAI is going to be quite significant, but we may have overestimated, in some sense, what it can do in the near term."

Read more of this story at Slashdot.

Software engineers at Microsoft earn an average total compensation ranging from $148,436 to $1,230,000 annually, depending on their level, according to a leaked spreadsheet viewed by Business Insider. The data, voluntarily shared by hundreds of U.S.-based Microsoft employees, includes information on salaries, performance-based raises, promotions, and bonuses. The highest-paid engineers work in Microsoft's newly formed AI organization, with average total compensation of $377,611. Engineers in Cloud and AI, Azure, and Experiences and Devices units earn between $242,723 and $255,126 on average.

Read more of this story at Slashdot.

Peloton on Thursday said it will start charging new subscribers a one-time $95 activation fee if they bought their hardware on the secondary market as more consumers snag lightly used equipment for a fraction of the typical retail price. From a report: The used equipment activation fee for subscribers in the U.S. and Canada comes as Peloton starts to see a meaningful increase in new members who bought used Bikes or Treads from peer-to-peer markets such as Facebook Marketplace. During its fiscal fourth quarter, which ended June 30, Peloton said it saw a "steady stream of paid connected fitness subscribers" who bought hardware on the secondary market. The company said the segment grew 16% year over year. "We believe a meaningful share of these subscribers are incremental, and they exhibit lower net churn rates than rental subscribers," the company said in a letter to shareholders. "It's also worth highlighting that this activation fee will be a source of incremental revenue and gross profit for us, helping to support our investments in improving the fitness experience for our members," interim co-CEO Christopher Bruzzo later added on a call with analysts.

Read more of this story at Slashdot.

Epic Games launched its alternative app store in the European Union last week, capitalizing on new regulations opening up iOS. The store aims to offer developers lower commissions and greater payment flexibility compared to Apple's App Store. However, Apple's new terms for alternative marketplaces present significant challenges for developers. Apple imposes a 50 euro cent per user per year installation fee, a 10% commission on external sales, and a 5% fee on purchases within a year of installation. These fees apply on top of Epic's 12% commission, potentially making the alternative store less attractive for many developers, The Verge writes. While Epic can likely absorb these costs for its hit game Fortnite, smaller developers face a steeper hurdle. Some industry insiders express skepticism about the viability of the new ecosystem for most app creators. Epic plans to offer a curated selection of third-party games on its mobile store by December, but widespread adoption remains uncertain.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Bloomberg: Blue Origin sustained failures in recent weeks of testing including a factory mishap that damaged a portion of a future New Glenn rocket, the long-awaited centerpiece of the Jeff Bezos-backed startup's push to take on SpaceX. The upper portion of one rocket crumpled into itself, in part due to worker error, while it was being moved to a storage hangar, according to people familiar with the situation. In a separate incident, another upper rocket portion failed during stress testing and exploded, the people said. Repairs are underway, another person said, noting there were no injuries during either episode. The previously unreported incidents illustrate the hurdles Blue Origin is grappling with while ramping up production of New Glenn, which is four years overdue. At the same time, new Chief Executive Officer Dave Limp has hired a slate of executives to shake the company out of a years-long R&D slump.

Read more of this story at Slashdot.

Lionsgate is recalling its latest trailer for Francis Ford Coppola's epic "Megalopolis," which featured a littany of fabricated quotes from famous film critics. From a report: "Lionsgate is immediately recalling our trailer for 'Megalopolis,'" a Lionsgate spokesperson said in a statement provided to Variety. "We offer our sincere apologies to the critics involved and to Francis Ford Coppola and American Zoetrope for this inexcusable error in our vetting process. We screwed up. We are sorry." The trailer, released on Wednesday morning, aimed to position Coppola's latest film as a work of art that would withstand the test of time, much like his previous masterpieces "The Godfather" and "Apocalypse Now." The video included several quotes from critics panning Coppola's previous work -- but none of the phrases, attributed to the likes of Roger Ebert and Pauline Kael, could be found in any of their reviews.

Read more of this story at Slashdot.

Phoronix's Michael Larabel benchmarked AMD's latest Ryzen 9 9950X in several different Linux distros and found that the Zen 5 chip performs up to 16% faster with the Intel-optimized Clear Linux distro. Here's an excerpt from the report: The Linux distributions for this round of testing on the AMD Ryzen 9 9950X included Arch Linux, CachyOS, Clear Linux, Fedora Workstation 40, Ubuntu 24.04 LTS, and a recent daily snapshot of Ubuntu 24.10 in its current development form. Intel's Clear Linux is the one most interesting for looking at on the new AMD Zen 5 hardware. While there hasn't been so much Clear Linux news in recent times, it remains the most well optimized x86_64 Linux distribution out of the box. Clear Linux makes use of compiler function multi versioning, performance-minded defaults, aggressive compiler CFLAGS/CXXFLAGS defaults, optional AVX-512 usage for more libraries, and many other patches and optimizations in the name of delivering the greatest x86_64 Linux performance. And while not Intel's focus, it works typically on AMD hardware too. [...] Using the same Ryzen 9 9950X system, all of these Linux distributions were tested in their default / out-of-the-box state. [...] When taking the geometric mean of 59 benchmarks run across all of the Linux distributions on this AMD Ryzen 9 9950X system, Intel's Clear Linux easily took the crown. Ubuntu 24.04 LTS -- which was used for all of the Ryzen 9000 series Linux testing so far on Phoronix -- was the slowest. Tapping Intel's Clear Linux netted a 16% improvement on top of the performance offered by Ubuntu 24.04 LTS! Ubuntu 24.04 with the Ryzen 9000 series was already looking great generationally, but as shown today the performance can be even better with further software optimizations. The Arch Linux powered CachyOS that is tuned out-of-the-box with a similar aim to Clear Linux also performed great. CachyOS was 7% faster than Ubuntu 24.04 LTS based on the geo mean and 3% faster than upstream Arch Linux itself. For different workloads though the CachyOS advantage over Arch Linux varied from a minimal difference to quite significant advantages. From the performance of PHP and Python scripts atop Clear Linux to compiling various server and HPC minded software, Intel's Clear Linux -- and a commendable second place for CachyOS -- were showing that even greater performance can be achieved on the AMD Ryzen 9 9950X. Even for devoted Ubuntu Linux users, these results did show some nice advantages of the upcoming Ubuntu 24.10 release over Ubuntu 24.04 LTS thanks to the GCC 14 compiler. Ubuntu 24.10 performance is also still subject to change since the current daily ISOs haven't yet moved past the Linux 6.8 kernel while Ubuntu 24.10 in October will be shipping with Linux 6.11.

Read more of this story at Slashdot.

In a blog post on Wednesday, Neuralink said its second human recipient is using the brain chip to play Counter-Strike 2 and develop 3D designs in CAD software. "Alex" was given the brain chip last month to help restore his autonomy after a spinal cord injury. PCMag reports: Like the first Neuralink patient, Noland Arbaugh, Alex has also been using the brain chip to play his favorite computer games, such as Counter-Strike 2. Before, Alex had to use a mouth-operated controller, called a QuadStick, to play the first-person shooter. But even then, the controller limited him to only moving or aiming his weapon at a single time, never simultaneously like a normal Counter-Strike player. In other words, Alex had to essentially switch back and forth between the mouse and keyboard functions while playing the game. But thanks to Neuralink, he can now aim with the implant, and simultaneously move while using the QuadStick. [...] In the blog post, Neuralink also addressed a problem the company faced when placing the chip in Arbaugh, the first patient. Despite a successful surgery, about 85% of the thread-based electrodes attached to his brain later became displaced, undermining the full potential of the chip to read neural signals. Although Arbaugh can still use his implant effectively, Neuralink wanted to avoid a repeat with Alex. In response, the company developed several "mitigations," which include reducing the chance of an air pocket forming during surgery and placing the implant deeper into the brain tissue. "Promisingly, we have observed no thread retraction in our second participant," the company said of Alex. Whether Alex's implant outperforms the brain chip in Arbaugh was left unclear. In the meantime, Neuralink says it's working on ways to enhance the controls on the technology "to deliver full mouse and video game controller functionality." "Additionally, we plan to enable the Link [brain chip] to interact with the physical world, allowing users to feed themselves and move more independently by controlling a robotic arm or their wheelchair," the company said. You can watch Alex playing Counter-Strike 2 on YouTube.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: U.S. oilfield services firm Halliburton on Wednesday was hit by a cyberattack, according to a person familiar with the matter. Halliburton said it was aware of an issue affecting certain systems at the company and was working to determine the cause and impact of the problem. The company was also working with "leading external experts" to fix the issue, a spokesperson said in an emailed statement. The attack appeared to impact business operations at the company's north Houston campus, as well as some global connectivity networks, the person said, who declined to be identified because they were not authorized to speak on the record. The company has asked some staff not to connect to internal networks, the person said. Houston, Texas-based Halliburton is one of the largest oilfield services firms in the world, providing drilling services and equipment to major energy producers around the globe. It had nearly 48,000 employees and operated in more than 70 countries at the end of last year.

Read more of this story at Slashdot.

A sophisticated extortion campaign has targeted 110,000 domains by exploiting misconfigured AWS environment files, security firm Cyble reports. The attackers scanned for exposed .env files containing cloud access keys and other sensitive data. Organizations that failed to secure their AWS environments found their S3-stored data replaced with ransom notes. The attackers used a series of API calls to verify data, enumerate IAM users, and locate S3 buckets. Though initial access lacked admin privileges, they created new IAM roles to escalate permissions. Cyble researchers noted the attackers' use of AWS Lambda functions for automated scanning operations.

Read more of this story at Slashdot.

The old Sonos app won't be making a return to replace the buggy new version. According to Sonos CEO Patrick Spence, rereleasing the old app would make things worse now that updated software has already been sent out to the company's speakers and cloud infrastructure. The Verge reports: In a Reddit AMA response posted Tuesday, Sonos CEO Spence says that he was hopeful "until very recently" that the company could rerelease the app, confirming a report from The Verge that the company was considering doing so. [...] Since the new app was released on May 7th, Spence has issued a formal apology and announced in August that the company would be delaying the launch of two products "until our app experience meets the level of quality that we, our customers, and our partners expect from Sonos." "The trick of course is that Sonos is not just the mobile app, but software that runs on your speakers and in the cloud too," writes Spence in the Reddit AMA. "In the months since the new mobile app launched we've been updating the software that runs on our speakers and in the cloud to the point where today S2 is less reliable & less stable then what you remember. After doing extensive testing we've reluctantly concluded that re-releasing S2 would make the problems worse, not better. I'm sure this is disappointing. It was disappointing to me."

Read more of this story at Slashdot.

According to Bloomberg's Mark Gurman (paywalled), App Store vice president Matt Fischer is departing the company in October as Apple prepares for organizational changes in response to regulatory pressure. MacRumors reports: Apple plans to split its App Store group into two teams, one that handles the App Store and a second team that oversees alternative app distribution. As of earlier this year, Apple has supported iOS app downloads from alternative app stores and from websites in the European Union, a change that the company had to make to comply with the Digital Markets Act. To handle ongoing compliance with EU regulations for app distribution and alternative payment methods, App Store chief Phil Schiller is changing the App Store's hierarchy. Fischer joined Apple in 2003 to oversee iTunes marketing, but he has served as the vice president of the App Store since 2010. In an email to Apple employees today, Fischer said that he had been thinking about leaving Apple for some time, and the reorganization provided the right opportunity. With Fischer leaving, App Store senior director Carson Oliver will oversee the App Store, and Ann Thai, a director who oversees App Store features, will head up the team that handles alternative app distribution.

Read more of this story at Slashdot.

Google has reached a groundbreaking deal with California lawmakers to contribute millions to local newsrooms, aiming to support journalism amid its decline as readers migrate online and advertising dollars evaporate. The agreement also includes a controversial provision for artificial intelligence funding. Politico reports: California emulated a strategy that other countries like Canada have used to try and reverse the journalism industry's decline as readership migrated online and advertising dollars evaporated. [...] Under the deal, the details of which were first reported by POLITICO on Monday, Google and the state of California would jointly contribute a minimum of $125 million over five years to support local newsrooms through a nonprofit public charity housed at UC Berkeley's journalism school. Google would contribute at least $55 million, and state officials would kick in at least $70 million. The search giant would also commit $50 million over five years to unspecified "existing journalism programs." The deal would also steer millions in tax-exempt private dollars toward an artificial intelligence initiative that people familiar with the negotiations described as an effort to cultivate tech industry buy-in. Funding for artificial intelligence was not included in the bill at the core of negotiations, authored by Assemblymember Buffy Wicks. The agreement has drawn criticism from a journalists' union that had so far championed Wicks' effort. Media Guild of the West President Matt Pearce in an email to union members Sunday evening said such a deal would entrench "Google's monopoly power over our newsrooms." "This public-private partnership builds on our long history of working with journalism and the local news ecosystem in our home state, while developing a national center of excellence on AI policy," said Kent Walker, chief legal officer for Alphabet, the parent company of Google. Media Guild of the West President Matt Pearce wasn't so chipper. He criticized the plan in emails with union members, calling it a "total rout of the state's attempts to check Google's stranglehold over our newsrooms."

Read more of this story at Slashdot.

In a tragic update to Monday's story, authorities have recovered the bodies of former Autonomy CEO Mike Lynch and his teenage daughter Hannah. The Register reports: Italian divers are said to have found the billionaire father and his daughter, 18, inside one of the sunken vessel's cabins, according to The Telegraph. The capsized ship presently rests 49 meters below the surface, about half a mile from the coast. [...] Angela Bacares, Lynch's wife, was rescued at sea and is recovering. Canadian Broadcasting Company News has reported that the body of Recaldo Thomas, a Canadian-born man who resided in Antigua and served as the ship's cook, has been recovered. Other missing individuals have been identified by The Independent as: Christopher Morvillo, a lawyer who had represented Lynch and wife Neda Morvillo; Jonathan Bloomer, chairman of investment bank Morgan Stanley International and wife Judy Bloomer. The Register has published an obituary for Mike Lynch.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Dark Reading: Researchers have exploited a vulnerability in Microsoft's Copilot Studio tool allowing them to make external HTTP requests that can access sensitive information regarding internal services within a cloud environment -- with potential impact across multiple tenants. Tenable researchers discovered the server-side request forgery (SSRF) flaw in the chatbot creation tool, which they exploited to access Microsoft's internal infrastructure, including the Instance Metadata Service (IMDS) and internal Cosmos DB instances, they revealed in a blog post this week. Tracked by Microsoft as CVE-2024-38206, the flaw allows an authenticated attacker to bypass SSRF protection in Microsoft Copilot Studio to leak sensitive cloud-based information over a network, according to a security advisory associated with the vulnerability. The flaw exists when combining an HTTP request that can be created using the tool with an SSRF protection bypass, according to Tenable. "An SSRF vulnerability occurs when an attacker is able to influence the application into making server-side HTTP requests to unexpected targets or in an unexpected way," Tenable security researcher Evan Grant explained in the post. The researchers tested their exploit to create HTTP requests to access cloud data and services from multiple tenants. They discovered that "while no cross-tenant information appeared immediately accessible, the infrastructure used for this Copilot Studio service was shared among tenants," Grant wrote. Any impact on that infrastructure, then, could affect multiple customers, he explained. "While we don't know the extent of the impact that having read/write access to this infrastructure could have, it's clear that because it's shared among tenants, the risk is magnified," Grant wrote. The researchers also found that they could use their exploit to access other internal hosts unrestricted on the local subnet to which their instance belonged. Microsoft responded quickly to Tenable's notification of the flaw, and it has since been fully mitigated, with no action required on the part of Copilot Studio users, the company said in its security advisory. Further reading: Slack AI Can Be Tricked Into Leaking Data From Private Channels

Read more of this story at Slashdot.