Month: April 2022

Enlarge / Apple CEO Tim Cook speaks at the IAPP 2022 conference. (credit: Apple)

Apple CEO Tim Cook took to the stage at the annual International Association of Privacy Professionals (IAPP) conference on Tuesday to talk about privacy, security, ad tracking, and sideloading.

Calling privacy "one of the most essential battles of our time," Cook lambasted companies that moneteize large user data collection operations, comparing them to real-world stalkers.

By contrast, he claimed that Apple maintains "a commitment to protecting people from a data industrial complex built on a foundation of surveillance." To vigorous applause from the audience of privacy professionals, he voiced his support for US privacy regulations akin to those passed in Europe in recent years.

Enlarge / A scanning electron micrograph of Neisseria gonorrhoeae. (credit: NIH)

An existing vaccine that prevents meningococcal disease may also be up to 40 percent effective at preventing gonorrhea infections, which are becoming increasingly resistant to antibiotics, with some strains completely incurable. This discovery is according to a series of studies and commentaries published Tuesday in The Lancet Infectious Diseases.

Though the estimated effectiveness is modest, shots of the vaccine—4CMenB aka Bexsero—could still prevent many infections, researchers reported. The vaccine could prevent more than 100,000 gonorrhea infections over 10 years in the UK, saving an estimated $10.4 million. In the meantime, the vaccine's effectiveness could provide significant clues for vaccine developers to make a more effective gonorrhea-specific shot.

The need for such a vaccine is clear. Not only is gonorrhea quickly becoming more drug-resistant, but it also is on the rise in the US and other countries. The World Health Organization estimates there were more than 82 million gonorrhea cases worldwide in 2020. The US Centers for Disease Control and Prevention estimates there were nearly 680,000 cases in the US in 2020, up 10 percent from 2019 and up 45 percent from 2016.

Enlarge (credit: Getty Images | Sundry Photography)

More than half a decade has passed since the notorious Russian hackers known as Sandworm targeted an electrical transmission station north of Kyiv a week before Christmas in 2016, using a unique, automated piece of code to interact directly with the station's circuit breakers and turn off the lights to a fraction of Ukraine's capital. That unprecedented specimen of industrial control system malware has never been seen again—until now: In the midst of Russia's brutal invasion of Ukraine, Sandworm appears to be pulling out its old tricks.

On Tuesday, the Ukrainian Computer Emergency Response Team (CERT-UA) and the Slovakian cybersecurity firm ESET issued advisories that the Sandworm hacker group, confirmed to be Unit 74455 of Russia's GRU military intelligence agency, had targeted high-voltage electrical substations in Ukraine using a variation on a piece of malware known as Industroyer or Crash Override. The new malware, dubbed Industroyer2, can interact directly with equipment in electrical utilities to send commands to substation devices that control the flow of power, just like that earlier sample. It signals that Russia's most aggressive cyberattack team attempted a third blackout in Ukraine, years after its historic cyberattacks on the Ukrainian power grid in 2015 and 2016, still the only confirmed blackouts known to have been caused by hackers.

ESET and CERT-UA say the malware was planted on target systems within a regional Ukrainian energy firm on Friday. CERT-UA says that the attack was successfully detected in progress and stopped before any actual blackout could be triggered. But an earlier, private advisory from CERT-UA last week, first reported by MIT Technology Review Tuesday, stated that power had been temporarily switched off to nine electrical substations.