ArduinoMania

Ransomware group LockBit leaked data allegedly belonging to Boeing on Friday, about a week after the aerospace giant confirmed it had fallen victim to a cyberattack. The leak includes more than 43GB of backup files that LockBit says it stole from Boeing, according to Bleeping Computer. 

As of Monday afternoon, the Boeing services website remained out of order. A notice posted to the site acknowledged a cyber incident affecting Boeing's parts and distribution business, but reiterated that it did not impact the safety of its aircrafts. "In connection with this incident, a criminal ransomware actor has released information it alleges to have taken from our systems," a Boeing spokesperson told Engadget. "We continue to investigate the incident and will remain in contact with law enforcement, regulatory authorities, and potentially impacted parties, as appropriate.”

Boeing

The saga started on October 27 when LockBit listed Boeing as a victim on its website, saying that the company had until November 2 to negotiate a payment. While LockBit briefly removed Boeing from its list of victims on its website, the ransomware gang returned on November 7 stating that Boeing had ignored its attempts to negotiate. LockBit initially threatened to release 4GB of sample data before it decided to leak all of the data it had stolen on November 10. 

The Boeing backup data released by LockBit includes configuration data for IT management software, auditing and monitoring logs and some Citrix information believed to be connected to a previous exploit. 

LockBit has grown into a notorious ransomware gang since its first appearance on Russian cybercrime forums in January 2020. There have been about 1,700 attacks in the US linked to LockBit, with companies paying about $91 million in ransoms to the gang, according to the FBI. Victims include the Chinese bank ICBC, chip giant Taiwan Semiconductor Manufacturing Company and Canadian book seller Indigo Books and Music, among others. 

Remedy's latest title, Alan Wake II, is garnering rave reviews and is a surefire game of the year contender. The studio will be hoping to build on that success with the several other games it has in the works, including a Control sequel and co-op spinoff. However, Remedy is going back to the drawing board with another game it has been piecing together.

It emerged in 2021 that the studio was working on a free-to-play co-op shooter with Tencent. Given the uncertainty of the market for free-to-play multiplayer games, though, the two sides have decided to go in a different direction. They're rebooting Project Vanguard as Project Kestrel, which will be a "premium game with a strong, cooperative multiplayer component."

The game is going back to a concept stage with core leadership and some members of the team remaining on Kestrel. Other folks who were working on Vanguard are being reassigned to other Remedy teams. The studio says Kestrel will "lean more into Remedy’s core strengths." It plans to repurpose many of Vanguard's assets, features and themes for Kestrel.

“We have made some great strides in free-to-play and multiplayer development in Vanguard," Remedy CEO Tero Virtala said in a statement. "After a lot of careful consideration, we believe that taking on a new direction where the game will be built more around Remedy’s core competences is the right way to go. We are creating another distinct Remedy game with Tencent’s continued support in making a great cooperative multiplayer experience."

Changing tack feels like a smart move. The free-to-play multiplayer shooter market is saturated with high-profile competition such as Apex Legends, Fortnite, Call of Duty: Warzone and Overwatch 2. As a result, a number of notable live service shooters have been shut down or canceled this year. One of those was CrossfireX, a free-to-play shooter that Remedy worked on, so the studio may be forgiven for feeling wary about re-entering that fray anytime soon.

Meta now lets Threads users avoid automatically sharing their posts with its other apps. When activated, the opt-out feature prevents Meta’s Twitter clone from sharing posts to Instagram and Facebook without user consent. Software engineer Alessandro Paluzzi spotted early signs of the privacy toggle earlier this month.

Threads users can turn off automatic cross-platform content sharing by heading to their profile page, selecting the menu at the top right, then Privacy > Suggesting posts on other apps, and toggling off Instagram and Facebook individually. Note that changing this feature only prevents your posts from being used in cross-promotions; you’ll still see other people’s Threads posts on Instagram and Facebook, irrespective of your privacy settings.

Some Threads users were upset about Meta automatically sharing their content from the nascent X competitor, mainly because people often use the apps to connect with different crowds (for example, Threads for news and politics with strangers, Facebook for extended family and old friends). TechCrunch highlighted several comments from people describing Threads posts automatically posted on other platforms as odd clickbait seemingly “designed to get comments” by stripping bold statements of context. In October, the company said it was “listening to feedback” in response to a Threads user’s complaint about automatic sharing to Meta’s more established platforms.

Meta is no stranger to using its existing stockpile of social apps to turbocharge its newest ones. It used easy onboarding and promotion via Instagram to vault Threads to the fastest app to reach 150 million downloads. Although growth appeared to slow after that, CEO Mark Zuckerberg recently said Threads had tallied nearly 100 million users. The Facebook founder said he sees a path for the Twitter clone to reach the one-billion user milestone.

As part of a Black Friday deal, you can get two MasterClass annual memberships — one for yourself and one to give away as a gift — for the price of one. Memberships start at $120 per year, which lets you watch on one device at a time, $180 grants access to two devices simultaneously and allows for downloads, and a Family membership covers six devices. The free membership for gifting will be at the same level you buy for yourself. The deal is available now and ends at midnight on Black Friday.  

If you're looking for something that's not a "thing" to gift this year, MasterClass makes a nice option. A membership includes access to 180 different big name instructors teaching on topics they know a lot about. Classes on offer sound like an A-list roll call: Martin Scorsese and Jodie Foster teach lessons on filmmaking, Samuel L. Jackson and Helen Mirren cover acting, Questlove shows you how to DJ, and Margaret Atwood gives a seminar on writing. 

Classes range from around two to six hours and are broken up into shorter lessens, usually between 10 and 20 minutes. There are even exercises and community forums to get you actually doing the things the teachers teach. Recently, MasterClass added series as part of its lineup, such as GOAT, which are 20 minute episodes covering a single topic (such as making a grilled cheese or playing pickleball) that feel more like a mini documentary than a lesson. The mobile app also offers series of short, swipeable videos, for a highly polished TikTok feel. 

When I tried out MasterClass, it struck me that the learning platform was more like a streaming service than anything else — a really smart streaming service, where you get to watch masters talk about how they go about their craft. Even if you don't see yourself becoming a comedian, watching Steve Martin tell you how it's done is riveting nonetheless.  

Your Black Friday Shopping Guide: See all of Yahoo’s Black Friday coverage, here. Follow Engadget for Black Friday tech deals. Learn about Black Friday trends on In The Know. Hear from Autoblog’s experts on the best Black Friday deals for your car, garage, and home, and find Black Friday sales to shop on AOL, handpicked just for you.

Volvo has unveiled its first fully electric minivan, which is geared toward comfort. So much so, the brand describes the EM90 as a "living room on the move." While it might be comfy enough to travel in while wearing PJs, Volvo is pitching the EV as an option for those who want a space where they can get work done too.

The EM90 is infused with sound isolation and road noise cancellation tech, while Volvo claims that dual chamber air suspension and silent tires will offer the driver and passengers a smooth ride. If that works as promised, you'll be able to get the most out of an audio system that has 21 Bowers & Wilkins speakers.

Along with a 15.4-inch infotainment screen for the driver, there's a roof-mounted 15.6-inch HD display to which you can cast shows and movies from your phone. Attach a compatible camera, and the screen can be used for video calls. 5G connectivity will come in handy for business-minded users too.

Many of the EM90's functions can be controlled with your voice, including the audio and interior lighting. With a voice command or by flicking a switch, the car's screens, seats, windows, air conditioner and lighting can be adjusted for theater or meeting room use — or even a bedroom setup for the rear seats, Volvo says.

If the EM90 looks familiar, that's because it's based on the 009 from Zeekr, Volvo's sibling brand, as Electrek points out. It has a 200 kW electric motor that can take it from 0 to 100 kmph (62.1 mph) in 8.3 seconds. The EV has a 116 kWh battery (with bi-directional charging support) that Volvo claims can charge from 10 to 80 percent in under 30 minutes.

On top of all of that, the EM90 has an impressive range, at least on paper. Volvo says it has a range of up to 738 km (459 miles) based on China's CLTC testing cycle. The vehicle will only be available in China at first and it starts at around $114,000. It's unclear if or when the EV will arrive elsewhere.

[Build Some Stuff] created an unusual spiral clock that’s almost entirely made from laser-cut wood, even the curved and bendy parts.

The clock works by using a stepper motor and gear to rotate the clock’s face, which consists of a large dial with a spiral structure. Upon this spiral ramp rolls a ball, whose position relative to the printed numbers indicates the time. Each number is an hour, so if the ball is halfway between six and seven, it’s 6:30. At the center of the spiral is a hole, which drops the ball back down to the twelve at the beginning of the spiral so the cycle can repeat.

The video (embedded below) demonstrates the design elements and construction of the clock in greater detail, and of particular interest is how the curved wall of the spiral structure consists of a big living hinge, a way to allow mostly rigid materials to flex far beyond what they are used to. Laser cutting is well-suited to creating living hinges, but it’s a technique applicable to 3D printing, as well.

Thanks to [Kelton] for the tip!

The hype surrounding emerging technologies like generative AI creates a wild west, of sorts, for bad actors seeking to capitalize on consumer confusion. To that end, Google is suing some scammers who allegedly tricked people into downloading an “unpublished” version of its Bard AI software. Instead of a helpful chatbot, this Bard was reportedly stuffed with malware.

The lawsuit was filed today in California and it alleges that individuals based in Vietnam have been setting up social media pages and running ads encouraging users to download a version of Bard, but this version doesn’t deliver helpful answers on how to cook risotto or whatever. This Bard, once downloaded by some rube, worms its way into the system and steals passwords and social media credentials. The lawsuit notes that these scammers have specifically used Facebook as their preferred distribution method.

Google’s official blog post on the matter notes that it sent over 300 takedown requests before opting for the lawsuit. The suit doesn’t seek financial compensation, but rather an order to stop the alleged fraudsters from setting up similar domains, particularly with US-based domain registrars. The company says that this outcome will “serve as a deterrent and provide a clear mechanism for preventing similar scams in the future.”

The lawsuit goes on to highlight how emerging technologies are ripe for this kind of anti-consumer weaponization. In this case, the alleged scammers said that Bard is a paid service that required a download. In reality, it’s a free web service.

Michigan-based healthcare nonprofit McLaren Health Care notified more than 2 million people about a data breach exposing personal information on Thursday, according to a data breach notification report. Unauthorized access to McLaren systems began on July 28 and lasted through August, but the individual impact varies from person to person. 

According to a notice on the McLaren website, the company learned of the breach on August 31. An investigation into the impacted files concluded on October 10, and if you'll take a look at today's date, it took an additional month for the company to let the public know about the incident.

"Potentially affected current and former patients of McLaren are encouraged to remain vigilant against incidents of identity theft by reviewing account statements and explanations of benefits for unusual activity and to report any suspicious activity promptly to your insurance company, health care provider, or financial institution," the nonprofit said in a statement.

While McLaren hasn't released any details about the attack, such as who is behind it or possible motivations, the ALPHV/BlackCat ransomware group claimed responsibility for the attack, according to Bleeping Computer. Ransomware groups are known to do this for publicity, but the actor behind an attack usually can't be confirmed until a third-party security researcher independently verifies it.

McLaren encompasses 13 hospitals and employs 490 physicians across Michigan and Indiana, with an annual revenue of $6.6 billion. Its offering identity protection services to affected people that enroll by February 9. There's currently no evidence that data leaked in the breach has been misused, according to McLaren. 

It's widely believed that Nintendo will unveil the Switch's successor in 2024, but you can still expect a steady stream of games to hit the current console for the foreseeable future. To that end, the company has announced its latest Indie World showcase, which will start at noon ET on November 14. You can watch it below.

The stream will feature around 20 minutes of announcements and updates related to indie games on the Switch. Typically when an Indie World or Nintendo Direct takes place, a few games that are featured hit the Switch eShop on the same day. So, you'll likely have something unexpected and new to play on Tuesday (that is, if you don't already have an obscene backlog of games to dive into).

As for what games Nintendo will show off, that remains a mystery for now. I know we mention this every single time there's a Nintendo showcase, but there's always the possibility that Hollow Knight: Silksong makes an appearance and we finally learn its release date. Fans can but hope.

In its 119-year history, the NYC subway system's straphangers went from tickets, to tokens, to mastering the swipe. In 1997 the MetroCard debuted, and 1999 saw the introduction of the MetroCard vending machine. Together they became a beloved, iconic part of New York’s visual identity. They were also the first public-facing project by Antenna Design, whose founders Masamichi Udagawa and Sigi Moeslinger have since left their distinct, thoughtful design all over New York City with projects like LinkNYC.

It's now 2023, and the MetroCard is being phased out in favor of the MTA's next-generation fare system, OMNY. Having made its debut in late 2019, OMNY trades magnetic swipes for the tap-and-go infrastructure now common across public transportation systems worldwide.

As the city prepares to say goodbye to a vending machine that has served millions, we wanted to know: How did something designed in the 1990s withstand the test of time — and New York? Watch the video below for the full story.