North Korean hackers are using ransomware to attack healthcare providers, feds warn

State-sponsored North Korean hackers have been targeting healthcare providers since at least May 2021, according to the US government. The FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of the Treasury have issued a joint advisory warning healthcare organizations about the attackers' MO. Apparently, they've been using a ransomware called Maui to encrypt healthcare organizations' computers and then demanding payment from the victims to get their networks unlocked. The agencies' warning contains information about Maui, including its indicators of compromise and the techniques the bad actors use, which they got from a sample obtained by the FBI. 

The agencies said the attackers locked up healthcare providers' electronic health records services, diagnostics services, imaging services and intranet services, among others. In some cases, the attacks kept the providers out of their systems and disrupted the services they provide for prolonged periods. 

According to the agencies' advisory, the malware is manually executed by a remote actor once it's in the victim's network. They "highly discourage" paying ransom, since that doesn't ensure that the bad actors will give victims the keys to unlock their files. However, the agencies admit that the attackers will most likely continue targeting organizations in the healthcare sector. "The North Korean state-sponsored cyber actors likely assume healthcare organizations are willing to pay ransoms because these organizations provide services that are critical to human life and health," they said.

The agencies are now urging healthcare providers to employ mitigation techniques and to prepare for possible ransomware attacks by installing software updates, maintaining offline backups of data and concocting a basic cyber incident response plan. For those wondering what happens to the funds North Korea gets from operations like this: Earlier this year, a United Nations report revealed that the country has been using cryptocurrency stolen by state-sponsored hackers to fund its nuclear and ballistic missile programs. 

Healthcare providers have been a prime target for ransomware-using bad actors for quite a while now, especially since the pandemic started. In 2020, FBI and CISA issued a joint advisory warning hospitals and healthcare providers that they're in danger of being targeted by a ransomware attack. Russian-speaking criminal gang UNC1878 and other attackers targeted healthcare organizations in the height of the pandemic, giving some victims no choice but to comply with their demands as they struggled to save people's lives.

Rivian says it’s still on track to produce 25,000 vehicles despite production woes

Moreso than most automakers, Rivian has had a tough 2022. At the start of the year, the company, blaming inflation and component shortages, raised the base price of its quad-motor R1T pickup truck by a whopping $12,000. And while it went on to quickly backtrack, the decision led to a shareholder lawsuit

Despite those early woes, Rivian says it’s still on track to produce 25,000 vehicles in 2022. The company reiterated the prediction in a statement it shared on Wednesday. Rivian said it built 4,401 R1T trucks, R1S SUVs and Amazon delivery vans at its factory in Normal, Illinois and delivered 4,467 vehicles during fiscal Q2.

“Supply chain and production are ramping,” Rivian CEO RJ Scaringe tweeted after the announcement. “We just announced production of 4,401 vehicles for Q2 bringing our cumulative total since start of production to 7,969 — keeping us on track to reach our year-end goals.”

While 4,401 vehicles is a modest tally, it is an improvement for Rivian. In the first three months of the year, the startup built 2,553 cars. Just as noteworthy is that the company managed to scale production while facing many of the same issues that have slowed its competition. On Saturday, Tesla announced its first quarter-over-quarter production decline in two years. In Q2, the company saw a 15 percent drop in manufacturing volume due to ongoing parts shortages and multiple COVID-19 shutdowns at its critical Shanghai Gigafactory.

Increasing production capacity will be critical to Rivian’s survival. In addition to an approximately 71,000 vehicle preorder backlog, the company has a 100,000 van order it needs to fulfill for minority owner Amazon. Late last year, Rivian announced it would build a second factory in Georgia, but that facility won’t be operational until sometime 2024. Until then, the startup is dependent on its single factory in Normal, which it says will eventually produce 200,000 vehicles annually.

Rivian says it’s still on track to produce 25,000 vehicles despite production woes

Moreso than most automakers, Rivian has had a tough 2022. At the start of the year, the company, blaming inflation and component shortages, raised the base price of its quad-motor R1T pickup truck by a whopping $12,000. And while it went on to quickly backtrack, the decision led to a shareholder lawsuit

Despite those early woes, Rivian says it’s still on track to produce 25,000 vehicles in 2022. The company reiterated the prediction in a statement it shared on Wednesday. Rivian said it built 4,401 R1T trucks, R1S SUVs and Amazon delivery vans at its factory in Normal, Illinois and delivered 4,467 vehicles during fiscal Q2.

“Supply chain and production are ramping,” Rivian CEO RJ Scaringe tweeted after the announcement. “We just announced production of 4,401 vehicles for Q2 bringing our cumulative total since start of production to 7,969 — keeping us on track to reach our year-end goals.”

While 4,401 vehicles is a modest tally, it is an improvement for Rivian. In the first three months of the year, the startup built 2,553 cars. Just as noteworthy is that the company managed to scale production while facing many of the same issues that have slowed its competition. On Saturday, Tesla announced its first quarter-over-quarter production decline in two years. In Q2, the company saw a 15 percent drop in manufacturing volume due to ongoing parts shortages and multiple COVID-19 shutdowns at its critical Shanghai Gigafactory.

Increasing production capacity will be critical to Rivian’s survival. In addition to an approximately 71,000 vehicle preorder backlog, the company has a 100,000 van order it needs to fulfill for minority owner Amazon. Late last year, Rivian announced it would build a second factory in Georgia, but that facility won’t be operational until sometime 2024. Until then, the startup is dependent on its single factory in Normal, which it says will eventually produce 200,000 vehicles annually.

Horizon Forbidden West’s latest PS5 update adds a ‘Balanced’ 40Hz graphics mode

Horizon Forbidden West was already one of the best-looking games on PlayStation 5, and now developer Guerrilla Games has found a way to make it look even better. With Forbidden West’s latest update, the studio has added a 40Hz “Balanced” rendering mode and support for both variable refresh rate (VRR) and high refresh rate (HFR).

VRR is a feature that’s relatively new to console gaming. It syncs your TV’s refresh rate to the frame rate of the game you’re playing, thereby helping to eliminate screen tearing whenever there’s a drop in performance. Meanwhile, the new Balanced setting promises to give you the best of Forbidden West’s existing Performance and Fidelity modes by offering a happy medium between the two.

If you’re curious about how you get “balanced” graphics from rendering a game at 40Hz, here’s how the math works. At 30Hz, it takes 33.33 milliseconds for your console to display a new frame. By contrast, at 40Hz and 60Hz, it renders a new frame every 25 and 16.66 milliseconds, respectively. So while it might seem counterintuitive, 40 fps is precisely halfway between 30 fps and 60 fps in terms of update speed. Ratchet & Clank: Rift Apart also offers a 40 fps mode, and when Insomniac first introduced the feature, Digital Foundry called it “a potential game-changer” for console gaming.

Outside of those improvements, patch 1.17 includes the usual assortment of bug fixes, with some designed to address glitches that could stop you from finishing the game. You can read the entire changelog on Reddit.

Horizon Forbidden West’s latest PS5 update adds a ‘Balanced’ 40Hz graphics mode

Horizon Forbidden West was already one of the best-looking games on PlayStation 5, and now developer Guerrilla Games has found a way to make it look even better. With Forbidden West’s latest update, the studio has added a 40Hz “Balanced” rendering mode and support for both variable refresh rate (VRR) and high refresh rate (HFR).

VRR is a feature that’s relatively new to console gaming. It syncs your TV’s refresh rate to the frame rate of the game you’re playing, thereby helping to eliminate screen tearing whenever there’s a drop in performance. Meanwhile, the new Balanced setting promises to give you the best of Forbidden West’s existing Performance and Fidelity modes by offering a happy medium between the two.

If you’re curious about how you get “balanced” graphics from rendering a game at 40Hz, here’s how the math works. At 30Hz, it takes 33.33 milliseconds for your console to display a new frame. By contrast, at 40Hz and 60Hz, it renders a new frame every 25 and 16.66 milliseconds, respectively. So while it might seem counterintuitive, 40 fps is precisely halfway between 30 fps and 60 fps in terms of update speed. Ratchet & Clank: Rift Apart also offers a 40 fps mode, and when Insomniac first introduced the feature, Digital Foundry called it “a potential game-changer” for console gaming.

Outside of those improvements, patch 1.17 includes the usual assortment of bug fixes, with some designed to address glitches that could stop you from finishing the game. You can read the entire changelog on Reddit.

Extreme sports Apple Watch could feature an expansive 2-inch display

Apple’s long-rumored extreme sports Series 8 Watch could ship with the company’s largest smartwatch display to date. According to Bloomberg’s Mark Gurman, the forthcoming wearable features a screen that measures almost 2 inches diagonally and has a 410 by 502 resolution. Compared to the display on the 45mm Series 7, the largest smartwatch Apple sells at the moment, the new model would offer about seven percent more screen real estate. Gurman says the company could use the extra space to show additional fitness metrics or more information on watch faces at one time.

Corroborating Bloomberg’s reporting is a recent tweet from display analyst Ross Young who said the Series 8 lineup would include a model with a 1.99-inch display. Outside of a larger screen, Gurman says the new variant will feature a more shatter-resistant screen, a higher capacity battery and a studier case made from metal more robust than aluminum. It will also include the fever detection feature he previously reported was coming to the entire Series 8 family, as well as better tracking capabilities for activities like hiking and swimming. What it won’t include is a faster processor: Apple’s upcoming S8 chipset reportedly features the same capabilities as its S7 and S6 predecessors.

If Apple follows its usual release cadence, the tech giant will likely announce the wearable at its iPhone event in the fall. Gurman previously said the company was working on a “deluge” of products it plans to announce over the next year, including a successor to the original HomePod.

Extreme sports Apple Watch could feature an expansive 2-inch display

Apple’s long-rumored extreme sports Series 8 Watch could ship with the company’s largest smartwatch display to date. According to Bloomberg’s Mark Gurman, the forthcoming wearable features a screen that measures almost 2 inches diagonally and has a 410 by 502 resolution. Compared to the display on the 45mm Series 7, the largest smartwatch Apple sells at the moment, the new model would offer about seven percent more screen real estate. Gurman says the company could use the extra space to show additional fitness metrics or more information on watch faces at one time.

Corroborating Bloomberg’s reporting is a recent tweet from display analyst Ross Young who said the Series 8 lineup would include a model with a 1.99-inch display. Outside of a larger screen, Gurman says the new variant will feature a more shatter-resistant screen, a higher capacity battery and a studier case made from metal more robust than aluminum. It will also include the fever detection feature he previously reported was coming to the entire Series 8 family, as well as better tracking capabilities for activities like hiking and swimming. What it won’t include is a faster processor: Apple’s upcoming S8 chipset reportedly features the same capabilities as its S7 and S6 predecessors.

If Apple follows its usual release cadence, the tech giant will likely announce the wearable at its iPhone event in the fall. Gurman previously said the company was working on a “deluge” of products it plans to announce over the next year, including a successor to the original HomePod.

Elaborate hack of ‘Axie Infinity’ tied to fake LinkedIn job offer

Axie Infinity was the prime example of crypto gaming last year, when its play-to-earn formula helped it reach up to 2.7 million daily active users last November. But that all came crashing down in March, when hackers stole $625 million from the Ethereum-linked Ronin sidechain powering the game. Now, it turns out, the source of that hack came from an unlikely source: A fake job offer from LinkedIn. 

As The Block reports (via The Verge) based on two sources, the hackers infiltrated Axie Infinity owner Sky Mavin's network by sending a spyware-filled PDF to one employee. That person thought they were accepting a high-paying job from another firm, but it turns out that company never existed. According to the US government, North Korean hacker group Lazarus was behind the attack. 

“Employees are under constant advanced spear-phishing attacks on various social channels and one employee was compromised," Sky Mavis noted in a post-mortem blog post following the hack. "This employee no longer works at Sky Mavis. The attacker managed to leverage that access to penetrate Sky Mavis IT infrastructure and gain access to the validator nodes.”

Axie Infinityspun back up last week, and it's still relying on the Ronin sidechain, albeit with stricter security measures. The company raised its validator nodes to 11 in April, up from 9 previously, which makes it more difficult for attackers to gain control of the network. (Lazarus gained access to 5 nodes to achieve its hack, including one from the Axie DAO [Decentralized Autonomous Organization].) And it's also implementing a "circuit-breaker" system to flag large withdrawals. 

While this hack was clearly meticulously planned and required a significant amount of technical skill, it ultimately hung on a classic vulnerability: social engineering. 

Elaborate hack of ‘Axie Infinity’ tied to fake LinkedIn job offer

Axie Infinity was the prime example of crypto gaming last year, when its play-to-earn formula helped it reach up to 2.7 million daily active users last November. But that all came crashing down in March, when hackers stole $625 million from the Ethereum-linked Ronin sidechain powering the game. Now, it turns out, the source of that hack came from an unlikely source: A fake job offer from LinkedIn. 

As The Block reports (via The Verge) based on two sources, the hackers infiltrated Axie Infinity owner Sky Mavin's network by sending a spyware-filled PDF to one employee. That person thought they were accepting a high-paying job from another firm, but it turns out that company never existed. According to the US government, North Korean hacker group Lazarus was behind the attack. 

“Employees are under constant advanced spear-phishing attacks on various social channels and one employee was compromised," Sky Mavis noted in a post-mortem blog post following the hack. "This employee no longer works at Sky Mavis. The attacker managed to leverage that access to penetrate Sky Mavis IT infrastructure and gain access to the validator nodes.”

Axie Infinityspun back up last week, and it's still relying on the Ronin sidechain, albeit with stricter security measures. The company raised its validator nodes to 11 in April, up from 9 previously, which makes it more difficult for attackers to gain control of the network. (Lazarus gained access to 5 nodes to achieve its hack, including one from the Axie DAO [Decentralized Autonomous Organization].) And it's also implementing a "circuit-breaker" system to flag large withdrawals. 

While this hack was clearly meticulously planned and required a significant amount of technical skill, it ultimately hung on a classic vulnerability: social engineering. 

Grab ‘The Matrix Awakens’ Unreal demo before it’s delisted on July 9th

Time is running out to download Epic Games’ The Matrix Awakens. The free open-world interactive demo made with Unreal Engine 5 will be removed from the PlayStation and Xbox stores on July 9th. Luckily, players can still access the game an unlimited amount of times once it’s downloaded. The tie-in experience to The Matrix Resurrections debuted last year, and was one of the first examples of what Epic’s next generation game engine can do. UE5 has since been released to the wider developer community.

While The Matrix Awakens isn’t a full game, it’s still a memorable introduction to UE5’s immersive visuals and natural lighting. Players are essentially given free rein to roam through the titular Matrix and soak in the visual effects. The game was written by Lana Wachowski, the co-writer and director of The Matrix trilogy films, and features performances by both Carrie-Anne Moss and Keanu Reeves.

If you’ve already dipped your toe into the world of The Matrix Awakens and are interested in experiencing more games using UE5, a number of new titles have been announced, including a new Tomb Raider game, ARK 2, the upcoming Witcher game and Black Myth: Wukong. You can check out gameplay footage from The Matrix Awakens (available on PlayStation 5 or Xbox Series X/S console) below.