Slashdot

News for nerds, stuff that matters

US Government Warns That Russia State Hackers Are Coming After Your Router

CISA and allied governments are warning users to secure their routers as Russian state-backed hackers continue compromising the devices and turning them into proxy nodes to disguise attacks against critical infrastructure. The advisory urges users to disable outdated SNMP versions, use strong passwords, update firmware, and turn off unnecessary router services to reduce the risk of being swept into these botnets. Ars Technica reports: "Russian Federal Security Service (FSB) Center 16 cyber actors continue to exploit poorly configured and vulnerable networking devices worldwide, opportunistically compromising multiple critical infrastructure sector networks," the Cybersecurity and Infrastructure Security Agency said Monday. The hacking groups are tracked under various names, including Berserk Bear, Energetic Bear, Crouching Yeti, Dragonfly, Ghost Blizzard, and Static Tundra. The advisory was co-issued by governments from around the world, including Australia, Denmark, New Zealand, and the UK.

The primary means of compromise the agency warned about was hackers scanning IP ranges with active Simple Network Management Protocol (SNMP) agents that accept common or default authentication credentials. These scans are run by the very sorts of router botnets the actors are trying to enroll the targeted device in. By sending malicious traffic from spoofed addresses, the hackers can use the SNMP agent on poorly configured routers to run malware. SNMP allows users to collect and organize information about managed networking devices or to modify that information to change device behavior.

With control of a device, the hackers then use it as an exit node when probing or attacking targets in the communications, defense, energy, financial services, and government sectors. By funneling the malicious traffic through a benign-appearing device on a trustworthy IP address, the attackers are able to lower the chances of getting blocked by firewalls and other security defenses. Monday's advisory made no mention of identical operations carried out in recent years by China. So-called residential proxies are also a go-to tool used by financially motivated criminal hackers to obscure their true IP address. In many cases, these sorts of proxies are made up of millions of streaming devices that are sold with preloaded malware.

Read more of this story at Slashdot.

German Firm Files For Insolvency After Cybercriminals Shut Down Production For 6 Weeks

German textile firm ZEGO has filed for insolvency and is blaming a March cyberattack that shut down production for nearly six weeks. "ZEGO's filing adds another name to the short but growing list of companies that say a digital break-in was commercially fatal to their business," reports The Register. From the report: In a notice to customers and suppliers, the organization said it had exhausted every available option before seeking insolvency protection. Managing director Johannes Zenglein described the filing as "one of the most difficult steps in our company's 37-year history." "The cyberattack of March 29, 2026, however, impacted our company to an extent that we could not fully compensate for despite our best efforts," Zenglein wrote. "The consequences resulted in a production outage of nearly six weeks and significant financial strain. These effects ultimately impacted our financial situation so severely that filing for insolvency became necessary."

ZEGO did not disclose what kind of attack it suffered, whether ransomware was involved, who was behind it, or whether customer or employee data was compromised. What it has made clear is that the operational disruption alone was enough to push the business beyond the point of recovery. ZEGO said insolvency proceedings have now been initiated, but insisted the filing does not necessarily spell the end of the business. It said it plans to keep production running while administrators attempt to restructure the business, preserve jobs, and keep customers and suppliers on board.

Read more of this story at Slashdot.

Catch of the Day

Greg Adams Photography posted a photo:

Catch of the Day

Peggy's Cove

Snow Day

Greg Adams Photography posted a photo:

Snow Day

The footprints fascinated me

Surfing

bpanneman has added a photo to the pool:

Surfing

Beam

ntomlin124 has added a photo to the pool:

Beam

So bright contrasted against a dull background.

15104 DSC_0018 The first white japonica

iain.davidson100 has added a photo to the pool:

15104 DSC_0018 The first white japonica

One of my favourite poems has the line "The japonica glistens like coral. And today we have naming of parts."

15102 DSC_0010 There are still some roses

iain.davidson100 has added a photo to the pool:

15102 DSC_0010 There are still some roses

15103 DSC_0015 I think there must have been a kid on this path

iain.davidson100 has added a photo to the pool:

15103 DSC_0015 I think there must have been a kid on this path

It looks a bit surreal, but zoom in to see that it is quite a simple collection. And it must be made by a human, and I would guess that it is a product of the school holidays.

Woordzoeker


Cijferblok


Koprol


Aan Zet


Vorto


SOFIE

Tijdens een boswandeling komt een vader met een dochtertje van drie à vier jaar oud en een hondje mij tegemoet.

sudoku

Je krijgt een paar cijfers cadeau, maar het grid van 9x9 moet foutloos ingevuld worden.


precies vier

Een Precies Vier bestaat uit 16 woorden, begrippen of namen, die moeten worden verdeeld in precies vier groepen van vier. Er is telkens maar één oplossing mogelijk. Welke woorden vormen een connectie?


cinco

Als je wel zin hebt om te sudokuen, maar het liever bij een gridje van 5x5 houdt.


crux

Een kruiswoordpuzzel, maar dan heel klein (en snel).


The Register

Biting the hand that feeds IT — Enterprise Technology News and Analysis

Zuck's AI ambitions put Meta on course to become America's next big cloud provider

Meta seems to be having a bit of an identity crisis. On Monday, the social networking singularity said it would spend $50 billion to expand its Hyperion datacenter project in Richland Parish, Louisiana, from 2.2 to 5 gigawatts. The news comes less than a week after a report broke claiming that Meta was actively exploring options to offload its excess compute capacity to other AI labs. So, which is it, Zuck? Did you invest too much or too little in AI? The easy answer is that Meta overcommitted. Inspired by the early success of Llama, it made a huge bet on the AI gold rush. Offloading spare compute to the highest bidder is just a hedge in case its Superintelligence team turns out to be another pipe dream, like the Reality Labs Metaverse that utterly failed to spark enthusiasm for immersive environments accessible through Meta's Quest cybergoggles. The more pragmatic read is that Zuckerberg has woken up to the fact he’ll never be as cool as OpenAI boss Altman or Anthropic's Amodei, and renting out spare compute is just the natural progression for any sufficiently large hyperscaler. Dawn of the Meta cloud? Meta's business model is closer to Google's than those operated by OpenAI and Anthropic. Both Meta and Google offer various services which generate revenues by connecting users with advertisers. For Google it’s a search and entertainment empire. For Meta it's enabling an endless feed of content generated by friends, family, influencers, and yes, bots. Both are immensely profitable, earning $132.2 billion and $60.5 billion in profits last year, respectively. That's profit, not revenue. But both are now plowing over $100 billion a year into AI infrastructure to power large language and image and video generation models. As we learned from Meta’s recent earnings calls, the most commercially potent of those models get the right ads in front of the right eyeballs. The open secret is Meta was already one of the most successful AI companies long before ChatGPT debuted. Except, it's not large language models (LLMs) that make Meta money, at least not in the conventional sense. Instead, Meta’s most profitable AI models are the recommender systems that mine profiles for context and use it to infer your needs. Meta's devs evolved those models considerably over the past few years, and their architectures now look a lot more like an LLM than the now-pedestrian neural networks on which Zuckerberg built his empire. Google is in a similar situation. It’s investing heavily in AI to feed its fast-growing and profitable cloud business, even as advertising still pays most of the bills. But unlike Google, Meta hasn’t yet made the leap from hyperscaler to cloud provider. Amazon, Google, Microsoft, even Oracle got there eventually, and it seems AI may be the catalyst that turns Meta into a cloud, too. Recent reports suggest that Zuckerberg is warming to the idea. “I think that’s certainly a thing that we could do and that I think would make sense to consider,” he said in an interview with Bloomberg last week. “As a backstop, even if for whatever reason we don’t need all the compute ourselves or for any number of reasons, there’s a very large amount of demand that I think you could sell it long-term like AWS or Azure or Google Compute.” But while the demand may be there, Zuckerberg emphasized the compute capacity is not readily available. But as Ben Thompson of Stratechery put it, cashing in on this compute may be more than a backup plan. In a post channeling an imaginary Zuckerberg, Thompson suggested that becoming a neocloud would force Meta to stop chasing pipe dreams and pet projects. His logic is that if Meta can't make money with infrastructure it buys for AI ventures, the social networking giant can lease the orphaned hardware to the highest bidder. The takeaway for investors — should Meta follow its fellow hyperscalers-turned-cloud-providers down this road — is that the profitability of its hardware investments would no longer be tied to its ability to commercialize them. Seizing the means of production If history tells us anything, scale matters. Building a cloud like Amazon Web Services (AWS) is next to impossible unless you've already figured out how to profit from those same resources. Meta's scale puts it in a position to acquire compute in volumes impossible for smaller players. Its ability to capitalize on infrastructure demand relies entirely on having something others want but can’t get anywhere else. For what it’s worth, Zuckerberg wouldn’t be the first to come to this conclusion. Earlier this year Musk-owned xAI surprised many when it announced plans to rent out its Colossus supercluster in Memphis to rival model dev Anthropic. The calculus here is the same. Making a profit off LLMs, like Grok, isn't easy — just ask OpenAI — but selling the means of AI production to those that haven’t yet figured that out is enormously lucrative. The logic appears to have gotten Zuck's attention. “The SpaceX model I think is quite interesting in terms of just making these short-term deals that are at a big premium,” Zuckerberg told Bloomberg. “So we get offers for all kinds of stuff like this and we’ll evaluate them and see what makes sense.” Reports suggest Meta is seriously considering two strategies for commoditizing its compute assets. The first would be a usage-based compute platform similar to Amazon Web Services' Bedrock. The service would allow customers to run models and serve them through APIs — interfaces that abstract operational complexity. To be clear, Meta already offers API access to its homegrown models, at least the ones it didn’t pull after realizing the way they’d been implemented could be abused. So, from what we gather the difference would be allowing customers to run third party models as well. The second scheme reportedly being explored would involve selling raw compute resources available to end customers — similar to CoreWeave or Lambda. All the right ingredients Meta’s silicon strategy may help as well. One thing all the major cloud providers have in common is a growing catalogue of custom cloud silicon. Once they've identified a core use case, Amazon, Google, and Microsoft all rolled their own silicon to maximize their margins. AWS Trainium, Microsoft Maia, and Google TPUs are all examples of AI accelerators originally built for internal workloads but later made available to the broader public. Meta has been building its own AI chips for years. The first few Meta Training and Inference Accelerators (MTIA) were designed to speed up its recommender models. But new designs, developed in collaboration with Broadcom, are far better suited to running LLMs like Llama and Muse Spark, and whatever else its customers are willing to pay for access to. More importantly, this mix of compute means that Meta can take advantage of the fact GPUs are extremely flexible to bring new products to market quickly. Then once they’ve proven performers, Meta could transition those workloads to its custom chips and offload spare GPU compute to its cloud customers. Meta has all the ingredients, compute, scale, and capital necessary to become a major cloud provider. ®