Take-A-Look and Read this, PLEASE
Why can't all these lonely people talk to each other?
https://www.nytimes.com/2022/08/25/opinion/social-life-talk-strangers.html
Aug. 25, 2022
✓ DAVID BROOKS
Special offer:
Get unlimited access for $1 a week.
California startup Turion Space said Aug. 24 it has secured U.S. regulatory approval to sell space situational awareness services from its first satellite next year. SpaceX is slated to fly the venture’s Droid.001 satellite May 15 on a Falcon 9 rideshare mission, Turion Space CEO Ryan Westerdahl said in an interview.
Lithuania-based NanoAvionics built the bus for the satellite, which will provide imagery for Australian in-orbit inspection startup HEO Robotics, Turion Space’s first customer.
Droid.001’s primary mission, however, is to test imagery capabilities that Westerdahl declined to specify for an SSA business he sees as a stepping stone toward more direct in-orbit services.
After deploying three to four more SSA-focused Droids by around mid-2024, he said the startup plans to test a vision system for autonomous rendezvous operations with one of its spacecraft already in low Earth orbit.
“By 2025, we want to do our first docking and de-orbit demonstration,” he said.
Westerdahl ultimately envisions a constellation of Droids that can be tasked to provide services as needed. When that mission is over, they would return to their “home orbit” to track objects in space until they are called upon again.
“We’re an early-stage startup and we don’t necessarily know how big our constellation is going to be yet,” he said.
“All I can tell you with certainty for now is we’re going to build as many as we can, as fast as we can, without spending all our money and without going bankrupt.”
Turion Space has raised $7.5 million in venture capital, which he said covers its first two satellites.
The startup plans to deploy its second satellite in the fourth quarter of 2023, although it has not yet selected a launch provider.
Earlier this year, Turion Space secured four contracts worth a combined $1 million from the U.S. Space Force’s Orbital Prime program, which will support the development of its in-orbit logistics capabilities.
Orbital Prime launched last year to focus on emerging in-orbit servicing, assembly and manufacturing capabilities.
Westerdahl said the startup is using funds raised from government contracts for research and development on the logistics side of its business, as well as finding ways to expand its SSA capabilities.
Money raised from venture capital investors is supporting an SSA-focused commercial business, which would use early satellites that are not going to be focused on space logistics.
“Although we think in-space logistics is a market primed for takeoff, we are prioritizing moving fast and deploying revenue generating assets early to maximize learning and market traction,” he said
Turion Space, which employs 17 full time engineers, is one of a rising number of early-stage companies that are developing space-based solutions to improve SSA
✓
TAMPA, Fla. — The Federal Communications Commission denied Starlink nearly $900 million in rural broadband subsidies “without legal justification,” one of the regulator’s four commissioners said Aug. 24.
While the FCC was obligated to review subsidies provisionally awarded for SpaceX’s broadband service in December 2020, Commissioner Brendan Carr said the agency exceeded “the scope of that authority” when it rejected them nearly two years later.
SpaceX was in line for $885 million after successfully bidding in an auction for the FCC’s Rural Digital Opportunity Fund (RDOF).
However, the FCC said Aug. 10 SpaceX had failed to show it could meet requirements for releasing the subsidies, which covered broadband services spanning nearly 643,000 homes and businesses in 35 states.
These requirements included providing 100 megabits per second (Mbps) download speeds and 20 Mbps upload speeds.
“We cannot afford to subsidize ventures that are not delivering the promised speeds or are not likely to meet program requirements,” FCC chair Jessica Rosenworcel said in an Aug. 10 press release.
Carr said he was surprised to learn about the decision from a press release while he was on a work trip to Alaska, adding that it was made without a vote or authorization from the FCC’s Commissioners.
“As an initial matter, this a very curious outcome because the reasons the agency offers for backtracking on this infrastructure decision do not withstand even casual scrutiny,” he said.
The FCC’s skepticism is in “direct conflict” with the confidence expressed elsewhere in the federal government, he said, pointing to how the Air Force recently signed a $1.9 million deal to provide Starlink services to military bases.
While the FCC said it denied SpaceX subsidies partly to avoid rural broadband expansion delays, Carr warned of more delays because there is nothing to replace the commitments SpaceX had made to win a share of RDOF.
It would take “in the neighborhood of $3 billion” to extend high-speed fiber networks to the areas SpaceX had committed to connecting via its subsidies.
Carr also pointed to data showing a year-on-year increase in Starlink speeds as SpaceX expands its constellation in low Earth orbit.
Ookla speed tests showed median download speeds for Starlink improved 38% to 90.55 Mbps in the first quarter of 2022, compared with the corresponding quarter last year.
However, Ookla also said upload speeds fell from 16.29 Mbps to 9.33 Mbps.
In any case, Carr said broadband speed benchmarks under RDOF do not kick in for another three years.
“Particularly given the speeds Starlink is already offering and the pace with which it is continuing to launch satellites, the FCC’s decision offers no reasoned basis for determining that Starlink was incapable of meeting its regulatory obligations,” he said.
“In fact, Starlink is already exceeding those benchmark speeds in other countries where their services are online.”
Carr also took aim at how Starlink’s price point contributed to the FCC’s decision, which highlighted how its users must purchase a $600 dish on top of a monthly subscription.
The FCC is currently subsidizing slower internet services that cost consumers more, according to Carr.
He also said the FCC is not authorized to deny winning RDOF bids based on the price of equipment, “let alone based on an arbitrary one selectively applied to one winner.”
Notably, some Starlink subscribers worldwide are reporting getting their monthly fees reduced, in some cases by up to 50%, although it is unclear what is prompting the price cuts.
Carr’s statement did not mention terrestrial telco LTD Broadband, which was denied $1.3 billion in provisionally awarded subsidies at the same time as SpaceX.
Carr, the senior Republican on the FCC, added that the decision to deny SpaceX rural broadband subsidies “reflects many of the same missteps that the Administration has been making as it implements federal broadband infrastructure programs.”
He has been a vocal critic of an apparent lack of oversight over funds that Congress has been appropriating to tackle the digital divide, and has called for a national strategy to coordinate a technology-neutral approach.
Rosenworcel, who was confirmed as the head of the FCC in December, has also been critical about how the RDOF program was set up in 2020 during the previous administration.
Meanwhile, SpaceX is due to announce a partnership with U.S. mobile operator T-Mobile at 8 p.m. Eastern from its Starbase test site in Texas.
The announcement will be about increasing connectivity, SpaceX said, triggering speculation that the companies will work together in some way to combine their communications networks across the United States
This is the first time an entire fleet of locomotives has been switched for cleaner alternatives.
✓ You wait decades for a hydrogen-powered train to come, and then 14 all at once. At least, that’s how commuters in the German region of Lower Saxony might feel after the world’s first fleet of hydrogen trains launched in the state.
3 reports
DoorDash is the most popular food delivery app in the United States.
.png)
The company claims a 57% market share in the US and operates in three international markets: Australia, Canada, and Japan.
Today, the food delivery platform has more than 20 million active consumers and processed $9.9 billion in gross order value in Q1 2021.
Continue reading to find the latest stats on DoorDash in 2022:
.png)
1✓
Food delivery giant DoorDash has confirmed a data breach that exposed customers’ personal information.
In a blog post shared with TechCrunch ahead of its publication at market close, DoorDash said malicious hackers stole credentials from employees of a third-party vendor that were then used to gain access to some of DoorDash’s internal tools.
DoorDash said the attackers accessed names, email addresses, delivery addresses and phone numbers of DoorDash customers. For a “smaller subset” of users, hackers accessed partial payment card information, including card type and the last four digits of the card number.
For DoorDash delivery drivers, or Dashers, hackers accessed data that “primarily included name and phone number or email address.” Users of Wolt, the Helsinki-based online ordering and delivery company acquired by DoorDash last year, are unaffected.
DoorDash says that a “small percentage” of users were affected by the incident but declined to say how many users it currently has or provide an accurate number of affected users.
The company said it cut off the third-party vendor’s access to its systems after discovering “unusual and suspicious” activity.
DoorDash did not name the third-party vendor, which “provides services that require limited access to some internal tools,” according to DoorDash spokesperson Justin Crowley, but confirmed to TechCrunch that the vendor breach is linked to the phishing campaign that compromised SMS and messaging giant Twilio on August 4. Researchers linked these attacks to a wider phishing campaign by the same hacking group, dubbed “0ktapus,” which has stolen close to 10,000 employee credentials from at least 130 organizations, including Twilio, Signal, internet companies and outsourced customer service providers, since March.
DoorDash would not say when it discovered it was compromised, but its spokesperson said that the company took time to “fully investigate what happened, which users were impacted and how they were impacted” before disclosing the data breach.
.jpg)
DoorDash says that since discovering the compromise the company hired an unnamed cybersecurity expert to help with its ongoing investigation and is taking action to “further enhance DoorDash’s already robust security systems.”
This isn’t the first time that hackers have stolen customer data from DoorDash’s systems. In 2019, the company reported a data breach affecting 4.9 million customers, delivery workers and merchants who had their information stolen by hackers. It also blamed the breach on an unnamed third-party service provider.
Read more:
From the archives:
2✓
Hackers responsible for a string of recent cyberattacks, including those on Twilio, MailChimp, and Klaviyo, compromised over 130 organizations in the same phishing campaign.
This phishing campaign utilized a phishing kit codenamed '0ktapus' to steal 9,931 login credentials that the hackers then used to gain access to corporate networks and systems through VPNs and other remote access devices.
According to a Group-IB report, the 0ktapus campaign has been underway since at least March 2022, aiming to steal Okta identity credentials and 2FA codes and use them to carry out subsequent supply chain attacks.
These attacks were very successful, leading to a series of reported data breaches at Twilio, MailChimp, and Klaviyo, and an attempted attack against Cloudflare that was thwarted.
Based on the phishing domains created in this campaign, the threat actors targeted companies in multiple industries, including cryptocurrency, technology, finance, and recruiting.
Some of the targeted companies include T-Mobile, MetroPCS, Verizon Wireless, AT&T, Slack, Twitter, Binance, KuCoin, CoinBase, Microsoft, Epic Games, Riot Games, Evernote, AT&T, HubSpot, TTEC, and Best Buy.
.png)
The attack begins with an SMS message and a link to a phishing page impersonating an Okta login page where victims are prompted to enter their account credentials and the 2FA codes.
Okta is an identity-as-a-service (IDaaS) platform enabling employees to use a single login to access all software assets in their company.
Researchers discovered 169 unique phishing domains supporting the 0ktapus campaign, using the keywords "OKTA," "HELP," "VPN," and "SSO," such as the examples below.
t-mobile-okta[.]org
att-citrix[.]com
vzwcorp[.]co
mailchimp-help[.]com
slack-mailchimp[.]com
kucoin-sso[.]comThese sites feature the specific theming of the target companies, so they appear exactly like the genuine portals the employees are used to seeing in their daily login procedure.
When victims enter their credentials and 2FA codes, the sites transmit them to a private Telegram channel where the threat actors can retrieve them.
The hackers then used these login credentials to gain access to corporate VPNs, networks, and internal customer support systems to steal customer data. This customer data was then used to perform further supply-chain attacks, as we saw with DigitalOcean and Signal.
Based on the disclosures of past victims, the threat actors commonly targeted data belonging to companies in the cryptocurrency industry.
Group-IB says that the threat actors managed to steal 9,931 user credentials from 136 companies, 3,129 records with emails, and 5,441 records with MFA codes, with the majority of the compromised organizations located in the U.S.
.jpg)
Of those, almost half belong to the software and telecom sector, while finance, business services, education, and retail also had significant shares.
Group-IB's investigators leveraged the little info "hiding" in the phishing kit to find the admin account of the Telegram channel used for account data exfiltration.
Tracing back the user's activity, the threat intelligence firm found that in 2019, the user named "X," posted something pointing to their Twitter account.
From there, the analysts found a GitHub account linked to the hacker, who used the nickname "Subject X" at the time. Group-IB says this account had a location of North Carolina, United States, associated with it.
Group-IB claims to have more information about the alleged identity of the threat actor, but it reserved further details for law enforcement agencies.
✓ ONE MORE
A Doordash delivery bag is seen in Brooklyn, New York City, U.S., May 9, 2022. REUTERS/Andrew Kelly/File Photo
.jpg)
Aug 25 (Reuters) - DoorDash Inc (DASH.N) on Thursday said personal details of some customers and drivers had been accessed by an "unauthorized party" in a phishing attack on a third-party vendor.
The U.S. food delivery firm said details accessed included order and partial payment card information, email, delivery address and phone number of some customers.
The unauthorized party, which used stolen credentials of the vendor's employees to gain access to some internal tools, also got hold of names, phone numbers or email addresses of some drivers, DoorDash added. (https://bit.ly/3ctgYGa)
The company said it quickly disabled the vendor's access to its system after detecting unusual and suspicious activity from the vendor's computer network.
"We have no reason to believe that affected personal information has been misused for fraud or identity theft," DoorDash said.
Reporting by Praveen Paramasivam in Bengaluru; Editing by Vinay Dwivedi
