Technology

Reason number 5,386 to delete your Reddit account and encourage your friends & loved ones to do the same.

...Previously, a creative design engineer would develop a 3D model of a new car concept. This model would be sent to aerodynamics specialists, who would run physics simulations to determine the coefficient of drag of the proposed car—an important metric for energy efficiency of the vehicle. This simulation phase would take about two weeks, and the aerodynamics engineer would then report the drag coefficient back to the creative designer, possibly with suggested modifications.

Now, GM has trained an in-house large physics model on those simulation results. The AI takes in a 3D car model and outputs a coefficient of drag in a matter of minutes. “We have experts in the aerodynamics and the creative studio now who can sit together and iterate instantly to make decisions [about] our future products,” says Rene Strauss, director of virtual integration engineering at GM...

“What we’re seeing is that actually, these tools are empowering the engineers to be much more efficient,” Tschammer says. “Before, these engineers would spend a lot of time on low added value tasks, whereas now these manual tasks from the past can be automated using these AI models, and the engineers can focus on taking the design decisions at the end of the day. We still need engineers more than ever.”

He said that the tariff is $1 per barrel of oil, adding that empty tankers can pass freely. "Once the email arrives and Iran completes its assessment, vessels are given a few seconds to pay in Bitcoin, ensuring they can't be traced or confiscated due to sanctions," Hosseini added.

Access to open source visuals of the current Iran conflict, which has spread to many parts of the Middle East, continues to be sporadic. Videos and photos from within Iran trickle out on social media as the Iranian internet blackout hinders the flow of digital communication.

In past conflicts, satellite imagery has provided a vital overview of potential damage to both military and civilian infrastructure, especially when there are digital black spots or obstacles to on-the-ground reporting. But imagery from commercial providers is becoming increasingly restricted, leaving even those who have access to the most expensive imagery in the dark.

Shortly after the war in Gaza began in 2023, Bellingcat introduced a free tool authored by University College London lecturer and Bellingcat contributor, Ollie Ballinger, that was able to estimate the number of damaged buildings in a given area. This helped monitor and map the scale of destruction across the territory as Israel’s military operation progressed.

Bellingcat is now introducing an updated version of the open source tool — called the Iran Conflict Damage Proxy Map — focused on destruction in Iran and the wider Gulf region.

It can be accessed here.

Food delivery robots are struggling to steer clear of Chicago’s bus stop shelters. Within just 48 hours, two autonomous couriers from different companies veered off course and collided with shelters shattering glass and alarming nearby residents. These pair of dramatic incidents come amidst brewing tension among community members and lawmakers in Chicago who oppose the robots’ presence. The crashes also come just weeks after one of the manufacturers announced it was integrating a new mapping system trained on “Pokémon Go” data which is designed to improve navigation accuracy.

cross-posted from : https://lemmy.zip/post/62209262

The dataset, which allegedly contains more than 10 petabytes of sensitive information, is believed by experts to have been obtained from the National Supercomputing Center (NSCC) in Tianjin – a centralized hub that provides infrastructure services for more than 6,000 clients across China, including advanced science and defense agencies.

cross-posted from: https://lemmy.world/post/45350334

#Thousands of consumer routers hacked by Russia’s military

##End-of-life routers in homes and small offices hacked in 120 countries.

The Russian military is once again hacking home and small office routers in widespread operations that send unwitting users to sites that harvest passwords and credential tokens for use in espionage campaigns, researchers said Tuesday.

An estimated 18,000 to 40,000 consumer routers, mostly those made by MikroTik and TP-Link, located in 120 countries, were wrangled into infrastructure belonging to APT28, an advanced threat group that’s part of Russia’s military intelligence agency known as the GRU, researchers from Lumen Technologies’ Black Lotus Labs said. The threat group has operated for at least two decades and is behind dozens of high-profile hacks targeting governments worldwide. APT28 is also tracked under names including Pawn Storm, Sofacy Group, Sednit, Tsar Team, Forest Blizzard, and STRONTIUM.

###Technical sophistication, tried-and-true techniques

A small number of routers were used as proxies to connect to a much larger number of other routers belonging to foreign ministries, law enforcement, and government agencies that APT28 wanted to spy on. The group then used its control of routers to change DNS lookups for select websites, including, Microsoft said, domains for the company’s 365 service.

“Known for blending cutting-edge tools such as the large language model (LLM) ‘LAMEHUG’ with proven, longstanding techniques, Forest Blizzard consistently evolves its tactics to stay ahead of defenders,” Black Lotus researchers wrote. “Their previous and current campaigns highlight both their technological sophistication and their willingness to revisit classic attack methods even after public exposure, underscoring the ongoing risk posed by this actor to organizations worldwide.”

To hijack the routers, the attackers exploited older models that hadn’t been patched against known security vulnerabilities. They then changed DNS settings for select domains and used the Dynamic Host Configuration Protocol to propagate them to router-connected workstations. When connected devices visited the selected domains, their connections were proxied through malicious servers before reaching their intended destination.

These adversary-in-the-middle servers used self-signed certificates. When the end user clicked through browser warnings, the servers captured all traffic passing through them. Among other things, they collected OAuth tokens and other credentials set after users, unaware their connections were being tapped, completed multifactor authentication.

The operation began in May 2025 on a limited number of devices. Then, in August, Britain’s National Cyber Security Center released an alert that documented a malware campaign a threat group was using to “intercept and exfiltrate Microsoft Office account credentials and tokens.” The following day, the threat group rapidly stepped up the router hijacking, an activity it continued to ramp up in the coming months.

Over a four-week period starting on December 12, Black Lotus observed more than 290,000 distinct IP addresses sending at least one DNS request to the malicious APT28 DNS resolver. “This suggested that as one capability was disclosed, the actor immediately shifted to another to continue acquiring authentication material,” company researchers wrote.

Black Lotus described the methodology this way:

1. DNS changes were then propagated to the workstations on the adjacent LAN via Dynamic Host Configuration Protocol (DHCP).
2. The actor operated a DNS server to behave like a typical recursive resolver, but when a targeted Fully Qualified Domain Name (FQDN) was queried, it was configured to provide a record back containing its own IP address instead of the correct address. The only interventions were triggered by domains associated with authentication-related services. If any other domain was requested, traffic passed directly through.
3. The actor ran a proxy service as the AitM that the end user was directed to via DNS. The only sign of this attack would be a pop-up warning about connecting to an untrusted source because of the “break and inspect.”
4. If warnings were present and ignored or clicked through, the actor proxied requests to the legitimate services, collecting the data at the midpoint and collecting data associated with the targeted account by passing the valid OAuth token. This allowed the actor to break and inspect traffic and access authentication material such as Oauth tokens after completing the multifactor challenge.

APT28 has a history of hacking routers. In 2018, researchers discovered 500,000 of the devices, mostly located in the US, were infected with malware tracked as VPNFilter. In 2024, the US Justice Department caught the group doing it again.

The easiest way for people to know if their router has been compromised in the operation is to review the current DNS settings to see if they list unrecognized servers. Users should also check event logs for any unrecognized changes to DNS server settings. People should also strongly consider replacing end-of-life routers with ones that receive regular security updates. People should never click through browser alerts warning of untrusted TLS certificates.

– Dan Goodin Senior Security Editor