According to a spokesperson for the United States Marshals Service (USMS), the agency was hit with a ransomware attack last week that compromises sensitive information. NBC News reports: In a statement Monday, U.S. Marshals Service spokesperson Drew Wade acknowledged the breach, telling NBC News: “The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees.”

Wade said the incident occurred Feb. 17, when the Marshals Service “discovered a ransomware and data exfiltration event affecting a stand-alone USMS system.” The system was disconnected from the network, and the Justice Department began a forensic investigation, Wade said. He added that on Wednesday, after the agency briefed senior department officials, “those officials determined that it constitutes a major incident.” The investigation is ongoing, Wade said.

A senior law enforcement official familiar with the incident said the breach did not involve the database involving the Witness Security Program, commonly known as the witness protection program. The official said no one in the witness protection program is in danger because of the breach. Nevertheless, the official said, the incident is significant, affecting law enforcement sensitive information pertaining to the subjects of Marshals Service investigations. The official said the agency has been able to develop a workaround so it is able to continue operations and efforts to track down fugitives.

Read more of this story at Slashdot.

Source: Slashdot – US Marshals Service Suffers ‘Major’ Security Breach That Compromises Sensitive Information

wiredmikey shares a report from SecurityWeek: Password management software firm LastPass says one of its DevOps engineers had a personal home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud storage resources. LastPass on Monday fessed up a “second attack” where an unnamed threat actor combined data stolen from an August breach with information available from a third-party data breach, and a vulnerability in a third-party media software package to launch a coordinated attack. […]

LastPass worked with incident response experts at Mandiant to perform forensics and found that a DevOps engineer’s home computer was targeted to get around security mitigations. The attackers exploited a remote code execution vulnerability in a third-party media software package and planted keylogger malware on the employee’s personal computer. “The threat actor was able to capture the employee’s master password as it was entered, after the employee authenticated with MFA, and gain access to the DevOps engineer’s LastPass corporate vault,” the company said. “The threat actor then exported the native corporate vault entries and content of shared folders, which contained encrypted secure notes with access and decryption keys needed to access the AWS S3 LastPass production backups, other cloud-based storage resources, and some related critical database backups,” LastPass confirmed. LastPass originally disclosed the breach in August 2022 and warned that “some source code and technical information were stolen.”

SecurityWeek adds: “In January 2023, the company said the breach was far worse than originally reported and included the theft of account usernames, salted and hashed passwords, a portion of Multi-Factor Authentication (MFA) settings, as well as some product settings and licensing information.”

Read more of this story at Slashdot.

Source: Slashdot – LastPass Says Home Computer of DevOps Engineer Was Hacked

At Mobile World Congress in Barcelona, Lenovo demoed a laptop and smartphone with rollable screens that “can gradually expand to offer more screen real-estate, rather than needing to be completely unfolded like books,” writes Jon Porter from The Verge. These are early proof of concept devices that don’t have any public release dates as of yet. From the report: Before we get into the concept laptop’s signature feature, it’s worth pointing out just how unassuming the device looks before its screen unrolls. Lenovo had the device sitting alongside its other laptops in a conference suite, and not a single one of the dozen-or-so journalists in attendance clocked that it was anything other than a standard ThinkPad. In its unextended form, it’s got a regular looking 12.7-inch display with a 4:3 aspect ratio. That all changes with a flip of a small switch on the right of the chassis, at which point you can hear some motors whirring and the screen extends upwards. That switch causes a couple of motors in the laptop to spring into action, pulling the screen out from underneath the laptop’s keyboard to hoist it up more or less vertically in front of you. It’s an admittedly slow process on this concept device (from our footage it seems to take a little over ten seconds to fully extend) but eventually you’re left with an almost square 15.3-inch display with an 8:9 aspect ratio. The device brings to mind LG’s fancy (and eye-wateringly expensive) rollable TV that’s designed to roll away when you’re not using it. Only in Lenovo’s case the screen is rolling down into the laptop’s keyboard rather than a small box, and it also can’t roll away entirely. Once fully extended, Lenovo’s laptop screen has a small crease where its screen originally bent underneath the keyboard. But again — it’s a prototype.

Lenovo’s other rollable device it’s demoing at MWC is a Motorola smartphone. We’ve seen numerous companies including Samsung Display, Oppo, TCL, and even LG (RIP) show off rollable concept devices in various stages of development over the years, but we’re yet to see the technology break through in a consumer device. Like a foldable, the idea is that a rollable smartphone can be small when you need it to be portable, and big when you need more screen to get the job at hand done. Lenovo’s phone — which it’s calling the Motorola rollable smartphone concept — is all about taking a small square of a display and making it longer. It’s almost like a foldable flip phone, but without a secondary cover display because it’s the same screen the entire time. When all neatly rolled up, Lenovo’s Motorola rollable offers a 5-inch display with a 15:9 aspect ratio. Then, with a small double tap of a side button, the screen unfurls to give you a remarkably tall 6.5-inch display with a 22:9 aspect ratio. […] “In 2019, it seemed like foldable phones were about to become the next big thing in the world of smartphones,” writes Porter, in closing. “But four years later, it feels like we’re still waiting for this future to become a mainstream reality. Lenovo would be the first to admit that its rollable concept devices are far from ready for prime time, but they offer a compelling argument for an alternative, rollable future.”

Read more of this story at Slashdot.

Source: Slashdot – Lenovo’s Rollable Laptop and Smartphone Are a Compelling, Unfinished Pitch For the Future

An anonymous reader quotes a report from The Drive: Ford applied for a patent to make the repossession process go smoother. For the bank, that is. The patent document was submitted to the United States Patent Office in August 2021 but it was formally published Feb. 23. It’s titled “Systems and Methods to Repossess a Vehicle.” It describes several ways to make the life of somebody who has missed several car payments harder.

It explicitly says the system, which could be installed on any future vehicle in the automaker’s lineup with a data connection would be capable of “[disabling] a functionality of one or more components of the vehicle.” Everything from the engine to the air conditioning. For vehicles with autonomous or semi-autonomous driving capability, the system could “move the vehicle from a first spot to a second spot that is more convenient for a tow truck to tow the vehicle… move the vehicle from the premises of the owner to a location such as, for example, the premises of the repossession agency,” or, if the lending institution considers the “financial viability of executing a repossession procedure” to be unjustifiable, the vehicle could drive itself to the junkyard.

No other automakers have recently attempted to patent a similar system, and indeed the Ford patent doesn’t reference any other legal document for the sake of clarifying its idea. All of this being said, patent documents, especially applications like this one, do not necessarily represent an automaker’s intent to introduce the described feature, process, or technology to its vehicles. Ford might just be attempting to protect this idea for the sake of doing so. The document does go into a lot of detail as to how such a system might work, though.

Read more of this story at Slashdot.

Source: Slashdot – Future Fords Could Repossess Themselves, Drive Away If You Miss Payments

MojoKid writes: At CES 2023, AMD unveiled an array of Ryzen 7000 series Zen 4 processors, including new gaming-targeted X3D models that featured integrated 3D V-Cache, similar to the Ryzen 7 5800X3D. The processors go on sale tomorrow, but review embargos for AMD’s latest socket AM5 flagship, the Ryzen 9 7950X3D, lifted today. As its name implies, the new Ryzen 9 7950X3D has a similar core configuration to the existing Ryzen 9 7950X (16-cores/32-threads), but this specialized CPU also packs an additional 64MB of 3D V-Cache, fused to one of its 8-core compute core dies (CCD). The CCD without 3D V-Cache operates like a standard AMD Ryzen 9 7950X, while the 3D V-Cache enabled CCD will have a more conservative voltage and frequency curve. Gaming performance received a massive boost with this new CPU, while multi-threaded content creation tests are roughly in-line with the standard 7950X. Power efficiency also shows a large, measurable improvement due to the chip relying less often on system memory.

Read more of this story at Slashdot.

Source: Slashdot – AMD Ryzen 7000X3D CPUs Launched: Ryzen 9 7950X3D Offers Big Gains and Efficiency

A CBS News review found that at least half a dozen states, to varying degrees, are considering legislation to make four-day workweeks more common. From the report: Among those states is Maryland, where lawmakers recently introduced a bill proposing a pilot program “for the purpose of promoting, incentivizing, and supporting the experimentation and study of the use of a 4-day workweek by private and public employers.” It would allow some employers that participate to claim a tax credit. Del. Vaughn Stewart, who represents Maryland’s 19th district and is one of the bill’s sponsors, said if workers can get more rest, they will be able to function better. “We’re expecting that workers can be at least as productive in a 32-hour week as they are in a 40-hour week,” he said.

John Byrne, CEO of the Baltimore software company Tricerat, said he saw the productivity of his 37 employees and the company’s profits increase after making the switch to a 32-hour workweek. “We’ve asked the employees to ruthlessly look at their work, get rid of extraneous meetings, extraneous phone calls, paperwork, things of this nature, and reduce down the amount of wasted work,” Byrne said. Byrne said his company is now drawing younger employees. […] But advocates like Boston College professor Juliet Schor said the idea might require prodding from the government. “Historically, time reduction has always involved government,” Schor said.

New legislation in New York, California and in the U.S. Congress would require companies that work employees more than 32 hours a week to pay overtime. Similar proposals have failed in the past and some critics have argued that a four-day workweek is not suited for all employers. Even supporters of the concept acknowledge it’s not for everyone. “We don’t think this is something that every single industry and every single business can do, but that’s what we want to study,” Stewart said.

Read more of this story at Slashdot.

Source: Slashdot – Some States Consider Legislation Making 4-Day Workweeks More Common