Important AI – News of the last time22. June 2022
Important AI – News of the last time
The U.S. Food and Drug Administration will soon order Juul Labs to remove its e-cigarette products from the market. Juul had applied to the agency to continue selling its e-cigarettes in the U.S., but came under scrutiny from regulators. In their opinion, the marketing as well as the flavors would appeal to underage users.
In 2020, the FDA banned the sale of sweet- and fruit-flavored e-cigarettes. That year, it also initiated a two-year review of Juul’s U.S. vaping products.
While the agency has allowed two other vaping companies – NJOY Holdings and Reynolds American – to continue selling tobacco-flavored e-cigarettes, Juul is not expected to receive the same approval for its products.
It remains to be seen whether the company will appeal the FDA’s decision, challenge the order in court or submit a revised application for approval.
Juul was spun off from Pax Labs in 2017 and has seen its market share decline in recent years. The company reported a net loss of $259 million and an 11% decline in 2021 revenue.
Tencent Holdings, China’s most valuable technology company, has established an augmented reality (XR) division focused on the metaverse.
The social media and gaming giant will develop both software and hardware for XR, a term that encompasses technologies related to augmented reality (AR), mixed reality (MR) and virtual reality (VR).
Tencent established the division earlier this year, but has kept it secret. According to insiders, the department is part of Tencent’s Interactive Entertainment Business Group as well as Li Shen, the CTO of Tencent Games Global.
Paige Thompson is accused of committing one of the largest security breaches in U.S. history with a hack in March 2019. She also allegedly stole the Social Security numbers and other data of more than 100 million people.
On Friday, a jury in Seattle convicted Thompson on five counts of unauthorized access to a protected computer and damaging a protected computer.
According to the Justice Department, Thompson programmed software in 2019 to scan AWS for misconfigured accounts and then infiltrated Capital One’s cloud servers. She also planted software on servers and used it to mine cryptocurrencies that went into her own online wallet, the DOJ said.
Capital One later agreed to pay $190 million to settle a class action lawsuit related to the intrusion. The company was also fined $80 million for failing to properly secure user data.
Jurors found Thompson not guilty of aggravated identity theft and access device fraud. She faces up to 20 years in prison for fraud and up to five years for the other charges.
Telegram. Privacy-focused messaging app Telegram announced plans to offer a paid subscription tier with features such as 4 GB file uploads and faster downloads. In an interview, Telegram founder Pavel Durov said he believes the app and service is “first and foremost a service from the users, so it doesn’t need to be funded by advertisers. He stressed that all existing features of the app will remain free.
Russian hacking campaign. The U.S. Department of Justice has announced that it has neutralized a Russian hacking campaign that targeted millions of devices worldwide. The DOJ worked with authorities in Germany, the Netherlands, and the United Kingdom.
The hacking campaign ran through the RSOCKS website, which was seized by the FBI.
RSOCKS was a botnet that gained access to Internet of Things devices without the knowledge of their respective owners. As is common with botnets, the computers were used for illegal activities that served the hackers, who in this case are Russians.
The website allowed other people to use the IP addresses of the IoT devices for a fee. The hackers could then route their activities through these devices to disguise their true origins.
According to authorities, the investigation into the case began back in 2017 when an undercover investigator purchased proxies through the website. During the investigation, it was found that over 350,000 devices were hacked in 2017 alone. Threat actors used the proxies to infiltrate not only individuals but also multiple organizations, including hotels, universities, television studios, and electronics manufacturers.
This is not the first time the Justice Department has detained and arrested Russian-backed hackers. As recently as March, the DOJ arrested four hackers who attempted to hack certain energy infrastructure in the United States.
Google pointed to a patched-then-unpatched Apple flaw that could potentially be exploited. The flaw was patched for the second time in 2022 after it was active in Safari, the company’s browser, where it affected all Apple-powered operating systems.
The flaw could have allowed threat actors to execute arbitrary code and essentially gain control of a user’s device. Apple initially patched the flaw in 2013, but the vulnerability resurfaced in 2016 and could have affected many users for more than five years until the second patch in January 2022.
This issue is tracked as CVE-2022-22620 and has a CVSS score of 8.8. Code samples for both flaws are available.
The bug reappeared when Safari underwent a major overhaul in 2016.
Apple’s official patch update can be found here, as the company has not commented further on this vulnerability.