South Korean authorities believe North Korean hackers, working for the government, have targeted at least 892 foreign policy experts in the country. The efforts focused on members of think tanks and academics, dating back to April. The attacks began with spear phishing emails, often claiming to be from figures in South Koreas political system. These usually included either links to fake sites or viruses as attachments. The ploy, while not particularly sophisticated, was enough to fool at least a handful of victims.

The result was that several prominent experts had their personal data stolen, email lists compromised (exposing more people to the hackers), and 13 companies (primarily online retailers) were victims of ransomware. Although police believe only 49 recipients actually handed credentials over to the fakes sites and only two companies paid the 2.5 million won ($1,980) ransom, it's difficult to judge the full scale of the fallout.

It's unclear what non-financial resources the North Korean hackers may have gained from this latest campaign. But it's certain this will not be the last cyber attack on its souther neighbor. The county has previously targeted security researchers to discover unpatched vulnerabilities, and even used the tragedy on Halloween in Itaewon as a tool to target South Korean citizens. 

Cyber warfare has been a major focus of North Korea for years, even as it seeks to deter foreign militaries with more traditional methods, like building nuclear weapons. It has also been a major source of revenue for the country which is in perpetual financial crisis and largely cut off from the world's markets. It's estimated that North Korean hackers have stolen $1.72 billion worth of cryptocurrency since 2017. And it doesn't appear that it's letting the recent crypto crash scare it off, as the recent ransoms were also paid in BitCoin.

Though the hackers covered their tracks reasonably well, the targets, tactics and IP addresses have led police to believe this is the same group that hacked the Korea Hydro & Nuclear Power in 2014. They also believe that the hackers will not cease their activity just because their efforts have been discovered. Authorities have urged people, especially those who work in sensitive areas like technology and government, to step up their security measures and be extra vigilant against fishing and human engineering attacks.

US law enforcement isn't just interested in shutting down video pirates. The feds have charged two Russian nationals, Anton Napolsky and Valeriia Ermakova, for allegedly running the pirate e-book repository Z-Library. The site was billed as the "world's largest library" and held over 11 million titles, many of which were bootleg versions stripped of copyright protections.

The pair was arrested in Cordoba, Argentina at the US' request on November 3rd. The American government disabled and seized the public Z-Library site at the same time. Napolsky and Ermakova each face charges of copyright infringement, money laundering and wire fraud.

As TorrentFreakexplains, it's not clear how central Ermakova and Napolsky were to Z-Library. While the indictments only cover activity starting in January 2018, FBI Assistant Director-in-Charge Michael Driscoll said the two had been running a pirate site for "over a decade." Z-Library is still accessible on the dark web and responding to email.

The pirate bookshelf's social media presence contributed to its undoing. Ars Technicanotes The Authors Guild complained to the Office of the United States Trade Representative after a "#zlibrary" hashtag started trending on TikTok, with over 19 million views. Students and other users were touting Z-Library as a way to get textbooks and other course material for free.

As with many pirate site shutdowns, this isn't likely to be a permanent blow. The Authors Guild pointed to alternatives like Libgen when it filed its complaint, and Z-Library itself is carrying on in a limited form. It's a high-profile victory for the anti-piracy camp, however, and suggests that other digital book pirates could face similar legal action.

In the latest example of what seems like daily Big Tech job cuts, Roku announced plans today to lay off around 200 employees, nearly seven percent of its workforce. The streaming company wrote in an SEC filing that it plans to cut the jobs in the US due to “economic conditions.” The company estimates it will pay between $28 and $31 million for the reductions, primarily because of severance payments, notice pay (where applicable), employee benefits contributions and related costs.

Roku says most of the layoffs will happen in Q4, with the remaining cuts expected to be “substantially complete” by the end of Q1 2023. In a statement released today, Roku said, “Taking these actions now will allow us to focus our investments on key strategic priorities to drive future growth and enhance our leadership position.”

These layoffs follow a warning from Roku in its latest quarterly results that it anticipates a year-over-year revenue decline for Q4. The company’s shares dropped almost three percent today in trading before the bell.

Big Tech job cuts have become an unfortunate trend in recent months. Roku’s layoffs follow downsizing from Meta, which laid off 11,000 employees last week; Twitter, which cut approximately 3,800 jobs earlier this month; plus Amazon and Microsoft. Although Apple has so far remained an exception, it imposed a hiring freeze expected to continue into late 2023. Likewise, Disney is reportedly freezing hiring and anticipating cuts, while Netflix laid off around 300 people back in June. Streaming-focused companies — Roku included — have faced the dual challenges of an uncertain economy and a revenue decline following a boom during the coronavirus pandemic.

Microsoft has laid off off employees across multiple divisions, according to Axios, making it the latest big player in the tech space to cut jobs in the face of an economic downturn. A spokesperson told the publication: "Like all companies, we evaluate our business priorities on a regular basis, and make structural adjustments accordingly. We will continue to invest in our business and hire in key growth areas in the year ahead." While the tech giant didn't say which divisions were affected and how many people had been let go, Axios said there were under 1,000 layoffs.

The Verge Senior Editor Tom Warren added that the job cuts included people in the Experiences and Devices, Xbox and legal groups. Some of them were apparently veteran workers in the company. As Axios notes, the job cuts occurred across levels and regions, which means workers outside the US had also ben been laid off.

Microsoft showed signs that it was looking to operate with a leaner workforce this year when it slowed down hiring for its Windows, Office and Teams groups, citing the need to realign staffing priorities. In July, it laid off less than one percent (around 1,800) of its 180,000 workforce and then removed open job listings for its Azure cloud and security groups. Other tech companies have made similar moves over the past few months. Google also slowed its hiring due to what CEO Sundar Pichai called an "uncertain global economic outlook." Meanwhile, Meta reportedly started cutting staff and reorganizing teams to cut costs after Mark Zuckerberg warned employees that the company was facing "serious times."

Months after reaching a deal, the White House has taken official steps to protect data transfers between the US and European Union. President Biden has signed an executive order directing the government's efforts to implement the EU-US Data Privacy Framework. The approach mainly requires that intelligence agencies "take into consideration" privacy and civil liberties before seeking data, and only conduct surveillance when there's a clearly defined need to address national security concerns.

Intelligence gatherers will also need to update their policies on elements like data handling, with reviews keeping them in line. There will also be a "multi-layer" review process for EU residents' privacy violation complaints. The Office of the Director of National Intelligence (DNI) will investigate possible lawbreaking through its civil liberties officer, while the Attorney General will use a new Data Protection Review Court to review the results of those investigations and make binding rulings.

The Data Privacy Framework is a response to the EU Court of Justice striking down the Privacy Shield agreement in 2020. The court found that the pact gave the US too much leeway to surveil EU data, and wasn't consistent with privacy requirements effectively equal to European law. The US balked at this rejection, arguing that it cast doubt on companies' ability to legally transfer data.

The European Commission will still need to examine the framework to determine if it offers enough protection. Between this and law enforcement-oriented agreements with countries like Australia and the UK, though, the US is quickly firming up its approach to international data sharing — albeit with concerns that spies might still have too much power.

Amazon isn't done updating its Eero router lineup this year, if not quite in the way you'd expect. The brand's new Echo Dot speakers now double as Eero WiFi extenders. Plug one in and you'll get as much as 1,000 square feet of additional coverage. That speaker on your nightstand could improve the internet connection in your office, in other words.

The base Echo Dot is available for pre-order today at $50, while the Echo Dot with Clock and colorful Echo Dot Kids will sell for $60.

Developing...

Follow all of the news from Amazon's event right here!

The Treasury Department is keenly aware that crypto scams and hacks remain serious problems, and it's pressuring the rest of the US government to respond. As The Washington Postnotes, the Treasury has issued a report calling on other federal regulators to further crack down on scams and other illegal crypto activity. Officials want agencies to "expand and increase" investigations and enforcement, issue clearer guidance and help crypto users understand both risks and the reporting tools at their disposal.

In all cases, the Treasury asked for more coordination between government divisions. The department also asked for greater transparency on illegal activity to help spot trends in scams and other crimes.

The tougher stance is necessary given the dangers, according to the report. While proponents argue crypto can democratize financial services by making them more affordable and accessible, the Treasury found that there wasn't much evidence to support the claim. If anything, the department found that low-income households were particularly vulnerable to ripoffs — 29 percent of crypto investors had an annual income below $50,000, according to Federal Reserve Board data.

It's not clear that the findings will lead to decisive action. The Treasury didn't outline a concrete strategy for battling crypto scams and security breaches, and regulators have their own sometimes-conflicting views of how to govern digital assets. The Securities Exchange Commission sees most crypto tokens as securities it can monitor, while the Commodity Futures Trading Commission unsurprisingly wants to treat tokens as commodities. Although the bureaus might not be fighting, this report doesn't do much to establish common ground.

On Thursday morning, Moscow’s busy Fili district became the site of a traffic jam unlike any before it. Motherboard (via The Verge) reports hackers used Russia’s Yandex Taxi ride-hailing app to order dozens of drivers to coverage on Kutuzovsky Prospekt, one of the city’s main thoroughfares. The act caused traffic on part of the already congested street to come to a standstill for about 40 minutes while Yandex worked to address the situation.

“On the morning of September 1st, Yandex Taxi encountered an attempt by attackers to disrupt the service — several dozen drivers received bulk orders to the Fili district of Moscow,” a Yandex spokesperson told Motherboard. In a separate statement shared with Russia’s state-owned TASS news agency, Yandex said it reworked its routing algorithm following the attack to prevent similar incidents from occurring in the future. The event is one of the first known instances of hackers exploiting a ride-hailing app to create a traffic jam.

Several Twitter accounts claiming affiliation with Anonymous say the hacktivist collective is behind the incident. On Friday, one Anonymous account said the group worked with the IT Army of Ukraine, a volunteer organization formed at the start of the war, to carry out the attack.

Anonymous previously claimed responsibility for a cyberattack that took down multiple Russian government websites, including those belonging to the Kremlin and the Ministry of Defence. “Faced with this series of attacks that Ukraine has been suffering from the Russian dictator Vladimir Putin, we could not help but support the Ukrainian people,” the group said at the time.

Canada is banning companies from producing and importing a handful of single-use plastics by the end of the year, Reuters reports. Among the items the country won’t allow the production of include plastic shopping bags, takeout containers and six-pack rings for holding cans and bottles together.

The federal government will subsequently prohibit the sale of those same items in 2023, with an export ban to follow in 2025. The one-year gap between the initial ban and the one that follows is designed to give businesses in Canada enough time to transition their stock of the listed items. Over the next ten years, the federal government estimates the new regulation will eliminate approximately 1.3 tonnes of plastic waste, Prime Minister Justin Trudeau said on Twitter.

Not targeted by Canada’s new regulations are plastic fishing nets and lines, which can be far more problematic than single-use plastics like straws and shopping bags. Discarded fishing gear leads to ghost fishing, a phenomenon where those tools continue to trap and kill marine life. With more than 640,000 tons worth of fishing nets discarded every year, it’s a problem that’s only getting worse and one Canada’s plastics ban doesn’t address.

"It's a drop in the bucket," Sarah King, the head of Greenpeace Canada's oceans and plastics campaign, told the CBC. "Until the government gets serious about overall reductions of plastic production, we're not going to see the impact we need to see in the environment or in our waste streams."

The ban follows a similar one enacted by France last year and is part of a broader move by governments across the world to curb the production of single-use plastics. In March, the United Nations agreed to begin work on a first-ever global plastic pollution treaty. While the agreement won’t be complete until 2024 at the earliest, it could be among the most significant efforts to curb climate change since the Paris agreement in 2015.

DJI has significantly expanded its gimbal lineup with the RS3 and RS3 Pro models designed for mirrorless and cinema cameras. It also launched some other interesting cinema products derived from the innovative Ronin 4D camera gimbal, including a LiDAR focusing system and "DJI Transmission" for remote monitoring and control of compatible gimbals. Finally, it announced that it has joined Panasonic and Leica's full-frame L-Mount alliance and unveiled a compensation for removing ProRes RAW from the Ronin 4D. 

DJI's flagship mainstream gimbal is now the DJI RS3. The key new feature over the RSC 2 is an automatic locking system that releases and unfolds the gimbal when it's turned on, then folds and locks it when turned off. That avoids the usual dance of steadying the camera by hand when turning off the gimbal, then manually locking three separate axes. 

DJI

Tapping the power button sends it into sleep mode, "which makes powering on the device, stowing it away and relocating much faster," DJI notes. It also uses quick-release plates for "position memory" so in theory, you only have to balance your camera once. 

It weighs in at just under 2.8 pounds but can handle a payload of 6.6 pounds, enough to support most mainstream mirrorless cameras. The 3rd-generation stabilization algorithm offers a 20 percent improvement over the RSC 2, so it's easier to shoot low angles, running or filming from a moving vehicle. For longer lenses up to 100mm, SuperSmooth provides further electronic stabilization. 

DJI

It has a Bluetooth shutter button that supports automatic connection without the need for a camera control cable, along with a 1.8-inch full-color OLED display with 80 percent more surface area than the RSC 2. That screen allows a full gimbal setup in most scenarios without connecting the mobile app, while the redesigned UI and control layout makes it easier to operate. Part of that is a new physical gimbal mode switch that lets you select pan follow, pan and tilt follow and FPV modes instantly. 

Finally, a new battery grip provides up to 12 hours of battery life and can be easily changed out via a quick release system. It supports PD fast charging at 18 watts and can be charged independently or during use for non-stop operation. The DJI RS3 gimbal is now available from authorized retailers and at DJI's store priced at $550 for the standalone gimbal and $720 for the DJI RS3 Combo that adds a briefcase handle, focus motor, second control cable and a carrying case. 

DJI

Next up is the RS3 Pro, another technological tour de force from DJI. It's built from carbon fiber so it weighs just 3.3 pounds, but can handle up to 10 pounds of payload — enough for pro cinema cameras like the Sony FX6, Canon C70 and RED Komodo. Like the RS3, it also has the new automated axis lock system, Bluetooth shutter button, 1.8-inch OLED touchscreen and gimbal mode switch. 

The RS3 Pro borrows a key feature from the Ronin 4D, the optional DJI LiDAR Range Finder. It projects 43,200 ranging points within a 46 foot indoor area, and powers a next-generation focus motor with extra torque and one-step mounting. That allows for "autofocus on manual lenses with no need for repetitive calibration," according to DJI. 

DJI

The LiDAR Range Finder has the same chip as the one on the Ronin 4D and a built-in 30mm camera, giving similar ActiveTrack Pro focus and gimbal tracking capabilities. That will allow pro cameras to maintain steady, clear shots in "even more dynamic scenarios," DJI says. The RS3 Pro is now available starting at $870 or $1,100 in a combo with an extended quick release plate, phone holder, focus motor and kit, Ronin Image Transmitter and more. The LiDAR Range Finder will be sold separately priced at $660. 

DJI has also announced that it's selling the DJI Transmission remote control/monitor seen with the Ronin 4D as a separate device. It uses DJI's O3 tech used on drones like the Mavic 3, transmitting video in 1080p/60fps at a ground range of up to 20,000 feet with end-to-end ultra-low latency. Monitoring is done via the 7-inch, 1,500-nit High-Bright Remote Monitor. 

DJI

With compatible devices like the RS3 Pro, you can not only monitor and record video output but also control the gimbal, camera recording and more, using the DJI Master Wheel and Force Pro. It also adds a DFS band that allows for up to 23 channels, letting large crews work simultaneously with ten or more transmitters. The DJI Transmission arrives this September for $2,500 or you can purchase the High-Bright Monitor separately for $1,700. 

Finally, DJI announced that it's now a member of the L-Mount Alliance and has partnered with Leica on the Zenmuse X9 L-Mount unit that's compatible with Leica, Panasonic and Sigma L-Mount lenses. And for any Ronin 4D buyers disappointed with the removal of Apple ProRes RAW support, DJI announced that it will support Apple ProRes 4444 XQ, the highest-quality ProRes codec short of ProRes RAW.