Normal view

There are new articles available, click to refresh the page.
Today — 23 May 2024Main stream

Brendan O'Brien x Rick Beato

By: hippybear
23 May 2024 at 19:51
Brendan O'Brien Interview: The Unsung Hero Of Rock Music "In his first ever full length interview, producer/engineer/mixer (and multi-instrumentalist) Brendan O'Brien talks about his contributions to many of the most significant records of the past generation."

"Check this out: The Black Crows, Red Hot Chili Peppers, Stone Temple Pilots, Pearl Jam, Soundgarden, Rage Against The Machine, Kings X, Korn, Audioslave, Bruce Springsteen, AC/DC, Train, Incubus, Mastodon, Bob Dylan, Neil Young, The Killers, Paul Westerberg, The Offspring, Velvet Revolver etc. Brendan is one of the most important and elusive musical icons who I have been wanting to talk to for the past 30 years. Here's my interview."

US officials: A Russian rocket launch last week likely deployed a space weapon

23 May 2024 at 19:08
A Russian Soyuz rocket climbs away from the Plesetsk Cosmodrome on May 16.

Enlarge / A Russian Soyuz rocket climbs away from the Plesetsk Cosmodrome on May 16.

The launch of a classified Russian military satellite last week deployed a payload that US government officials say is likely a space weapon.

In a series of statements, US officials said the new military satellite, named Kosmos 2576, appears to be similar to two previous "inspector" spacecraft launched by Russia in 2019 and 2022.

"Just last week, on May 16, Russia launched a satellite into low-Earth orbit that the United States assesses is likely a counter-space weapon presumably capable of attacking other satellites in low-Earth orbit," said Robert Wood, the deputy US ambassador to the United Nations. "Russia deployed this new counter-space weapon into the same orbit as a US government satellite."

Read 16 remaining paragraphs | Comments

Crooks plant backdoor in software used by courtrooms around the world

23 May 2024 at 18:46
Crooks plant backdoor in software used by courtrooms around the world

Enlarge (credit: JAVS)

A software maker serving more than 10,000 courtrooms throughout the world hosted an application update containing a hidden backdoor that maintained persistent communication with a malicious website, researchers reported Thursday, in the latest episode of a supply-chain attack.

The software, known as the JAVS Viewer 8, is a component of the JAVS Suite 8, an application package courtrooms use to record, play back, and manage audio and video from proceedings. Its maker, Louisville, Kentucky-based Justice AV Solutions, says its products are used in more than 10,000 courtrooms throughout the US and 11 other countries. The company has been in business for 35 years.

JAVS Viewer users at high risk

Researchers from security firm Rapid7 reported that a version of the JAVS Viewer 8 available for download on javs.com contained a backdoor that gave an unknown threat actor persistent access to infected devices. The malicious download, planted inside an executable file that installs the JAVS Viewer version 8.3.7, was available no later than April 1, when a post on X (formerly Twitter) reported it. It’s unclear when the backdoored version was removed from the company’s download page. JAVS representatives didn’t immediately respond to questions sent by email.

Read 10 remaining paragraphs | Comments

Ad Protect: Mastering the Detection of Bot-Driven Ad Fraud

23 May 2024 at 17:35

DataDome's unparalleled bot detection solution powers our Ad Protect solution, protecting marketers from the negative impacts of bot-driven ad fraud and click fraud.

The post Ad Protect: Mastering the Detection of Bot-Driven Ad Fraud appeared first on Security Boulevard.

IRS Extends Free File Tax Program Through 2029

By: BeauHD
23 May 2024 at 21:25
The IRS has extended the Free File program through 2029, "continuing its partnership with a coalition of private tax software companies that allow most Americans to file federal taxes for free," reports CNBC. From the report: This season, Free File processed 2.9 million returns through May 11, a 7.3% increase compared to the same period last year, according to the IRS. "Free File has been an important partner with the IRS for more than two decades and helped tens of millions of taxpayers," Ken Corbin, chief of IRS taxpayer services, said in a statement Wednesday. "This extension will continue that relationship into the future." "This multi-year agreement will also provide certainty for private-sector partners to help with their future Free File planning," Corbin added. IRS Free File remains open through the Oct. 15 federal tax extension deadline. You can use Free File for 2023 returns with an adjusted gross income of $79,000 or less, which is up from $73,000 in 2022. Fillable Forms are also still available for all income levels.

Read more of this story at Slashdot.

Mark Zuckerberg Assembles Team of Tech Execs For AI Advisory Council

By: BeauHD
23 May 2024 at 20:45
An anonymous reader quotes a report from Quartz: Mark Zuckerberg has assembled some of his fellow tech chiefs into an advisory council to guide Meta on its artificial intelligence and product developments. The Meta Advisory Group will periodically meet with Meta's management team, Bloomberg reported. Its members include: Stripe CEO and co-founder Patrick Collison, former GitHub CEO Nat Friedman, Shopify CEO Tobi Lutke, and former Microsoft executive and investor Charlie Songhurst. "I've come to deeply respect this group of people and their achievements in their respective areas, and I'm grateful that they're willing to share their perspectives with Meta at such an important time as we take on new opportunities with AI and the metaverse," Zuckerberg wrote in an internal note to Meta employees, according to Bloomberg. The advisory council differs from Meta's 11-person board of directors because its members are not elected by shareholders, nor do they have fiduciary duty to Meta, a Meta spokesperson told Bloomberg. The spokesperson said that the men will not be paid for their roles on the advisory council. TechCrunch notes that the council features "only white men on it." This "differs from Meta's actual board of directors and its Oversight Board, which is more diverse in gender and racial representation," reports TechCrunch. "It's telling that the AI advisory council is composed entirely of businesspeople and entrepreneurs, not ethicists or anyone with an academic or deep research background. ... it's been proven time and time again that AI isn't like other products. It's a risky business, and the consequences of getting it wrong can be far-reaching, particularly for marginalized groups."

Read more of this story at Slashdot.

Leaked Contract Shows Samsung Forces Repair Shop To Snitch On Customers

By: msmash
23 May 2024 at 20:02
Speaking of Samsung, samleecole shares a report about the contract the South Korean firm requires repair shops to sign: In exchange for selling them repair parts, Samsung requires independent repair shops to give Samsung the name, contact information, phone identifier, and customer complaint details of everyone who gets their phone repaired at these shops, according to a contract obtained by 404 Media. Stunningly, it also requires these nominally independent shops to "immediately disassemble" any phones that customers have brought them that have been previously repaired with aftermarket or third-party parts and to "immediately notify" Samsung that the customer has used third-party parts. "Company shall immediately disassemble all products that are created or assembled out of, comprised of, or that contain any Service Parts not purchased from Samsung," a section of the agreement reads. "And shall immediately notify Samsung in writing of the details and circumstances of any unauthorized use or misappropriation of any Service Part for any purpose other than pursuant to this Agreement. Samsung may terminate this Agreement if these terms are violated."

Read more of this story at Slashdot.

Stark Industries Solutions: An Iron Hammer in the Cloud

23 May 2024 at 19:32

The homepage of Stark Industries Solutions.

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is being used as a global proxy network that conceals the true source of cyberattacks and disinformation campaigns against enemies of Russia.

At least a dozen patriotic Russian hacking groups have been launching DDoS attacks since the start of the war at a variety of targets seen as opposed to Moscow. But by all accounts, few attacks from those gangs have come close to the amount of firepower wielded by a pro-Russia group calling itself “NoName057(16).”

This graphic comes from a recent report from Arbor NETSCOUT about DDoS attacks from Russian hacktivist groups.

As detailed by researchers at Radware, NoName has effectively gamified DDoS attacks, recruiting hacktivists via its Telegram channel and offering to pay people who agree to install a piece of software called DDoSia. That program allows NoName to commandeer the host computers and their Internet connections in coordinated DDoS campaigns, and DDoSia users with the most attacks can win cash prizes.

The NoName DDoS group advertising on Telegram. Image: SentinelOne.com.

A report from the security firm Team Cymru found the DDoS attack infrastructure used in NoName campaigns is assigned to two interlinked hosting providers: MIRhosting and Stark Industries. MIRhosting is a hosting provider founded in The Netherlands in 2004. But Stark Industries Solutions Ltd was incorporated on February 10, 2022, just two weeks before the Russian invasion of Ukraine.

PROXY WARS

Security experts say that not long after the war started, Stark began hosting dozens of proxy services and free virtual private networking (VPN) services, which are designed to help users shield their Internet usage and location from prying eyes.

Proxy providers allow users to route their Internet and Web browsing traffic through someone else’s computer. From a website’s perspective, the traffic from a proxy network user appears to originate from the rented IP address, not from the proxy service customer.

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are also massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source.

What’s more, many proxy services do not disclose how they obtain access to the proxies they are renting out, and in many cases the access is obtained through the dissemination of malicious software that turns the infected system in a traffic relay — usually unbeknownst to the legitimate owner of the Internet connection. Other proxy services will allow users to make money by renting out their Internet connection to anyone.

Spur.us is a company that tracks VPNs and proxy services worldwide. Spur finds that Stark Industries (AS44477) currently is home to at least 74 VPN services, and 40 different proxy services. As we’ll see in the final section of this story, just one of those proxy networks has over a million Internet addresses worldwide available for rent worldwide.

Raymond Dijkxhoorn operates a hosting firm in The Netherlands called Prolocation. He also co-runs SURBL, an anti-abuse service that flags domains and Internet address ranges that are strongly associated with spam and cybercrime activity, including DDoS.

Dijkxhoorn said last year SURBL heard from multiple people who said they operated VPN services whose web resources were included in SURBL’s block lists.

“We had people doing delistings at SURBL for domain names that were suspended by the registrars,” Dijkhoorn told KrebsOnSecurity. “And at least two of them explained that Stark offered them free VPN services that they were reselling.”

Dijkxhoorn added that Stark Industries also sponsored activist groups from Ukraine.

“How valuable would it be for Russia to know the real IPs from Ukraine’s tech warriors?” he observed.

CLOUDY WITH A CHANCE OF BULLETS

Richard Hummel is threat intelligence lead at Arbor NETSCOUT. Hummel said when he considers the worst of all the hosting providers out there today, Stark Industries is consistently near or at the top of that list.

“The reason is we’ve had at least a dozen service providers come to us saying, ‘There’s this network out there inundating us with traffic,'” Hummel said. “And it wasn’t even DDoS attacks. [The systems] on Stark were just scanning these providers so fast it was crashing some of their services.”

Hummel said NoName will typically launch their attacks using a mix of resources from rented from major, legitimate cloud services, and those from so-called “bulletproof” hosting providers like Stark. Bulletproof providers are so named when they earn or cultivate a reputation for ignoring any abuse complaints or police reports about activity on their networks.

Combining bulletproof providers with legitimate cloud hosting, Hummel said, likely makes NoName’s DDoS campaigns more resilient because many network operators will hesitate to be too aggressive in blocking Internet addresses associated with the major cloud services.

“What we typically see here is a distribution of cloud hosting providers and bulletproof hosting providers in DDoS attacks,” he said. “They’re using public cloud hosting providers because a lot of times that’s your first layer of network defense, and because [many companies are wary of] over-blocking access to legitimate cloud resources.”

But even if the cloud provider detects abuse coming from the customer, the provider is probably not going to shut the customer down immediately, Hummel said.

“There is usually a grace period, and even if that’s only an hour or two, you can still launch a large number of attacks in that time,” he said. “And then they just keep coming back and opening new cloud accounts.”

MERCENARIES TEAM

Stark Industries is incorporated at a mail drop address in the United Kingdom. UK business records list an Ivan Vladimirovich Neculiti as the company’s secretary. Mr. Neculiti also is named as the CEO and founder of PQ Hosting Plus S.R.L. (aka Perfect Quality Hosting), a Moldovan company formed in 2019 that lists the same UK mail drop address as Stark Industries.

Ivan Neculiti, as pictured on LinkedIn.

Reached via LinkedIn, Mr. Neculiti said PQ Hosting established Stark Industries as a “white label” of its brand so that “resellers could distribute our services using our IP addresses and their clients would not have any affairs with PQ Hosting.”

“PQ Hosting is a company with over 1,000+ of [our] own physical servers in 38 countries and we have over 100,000 clients,” he said. “Though we are not as large as Hetzner, Amazon and OVH, nevertheless we are a fast growing company that provides services to tens of thousands of private customers and legal entities.”

Asked about the constant stream of DDoS attacks whose origins have traced back to Stark Industries over the past two years, Neculiti maintained Stark hasn’t received any official abuse reports about attacks coming from its networks.

“It was probably some kind of clever attack that we did not see, I do not rule out this fact, because we have a very large number of clients and our Internet channels are quite large,” he said. “But, in this situation, unfortunately, no one contacted us to report that there was an attack from our addresses; if someone had contacted us, we would have definitely blocked the network data.”

DomainTools.com finds Ivan V. Neculiti was the owner of war[.]md, a website launched in 2008 that chronicled the history of a 1990 armed conflict in Moldova known as the Transnistria War and the Moldo-Russian war.

An ad for war.md, circa 2009.

Transnistria is a breakaway pro-Russian region that declared itself a state in 1990, although it is not internationally recognized. The copyright on that website credits the “MercenarieS TeaM,” which was at one time a Moldovan IT firm. Mr. Neculiti confirmed personally registering this domain.

DON CHICHO & DFYZ

The data breach tracking service Constella Intelligence reports that an Ivan V. Neculiti registered multiple online accounts under the email address dfyz_bk@bk.ru. Cyber intelligence firm Intel 471 shows this email address is tied to the username “dfyz” on more than a half-dozen Russian language cybercrime forums since 2008. The user dfyz on Searchengines[.]ru in 2008 asked other forum members to review war.md, and said they were part of the MercenarieS TeaM.

Back then, dfyz was selling “bulletproof servers for any purpose,” meaning the hosting company would willfully ignore abuse complaints or police inquiries about the activity of its customers.

DomainTools reports there are at least 33 domain names registered to dfyz_bk@bk.ru. Several of these domains have Ivan Neculiti in their registration records, including tracker-free.cn, which was registered to an Ivan Neculiti at dfyz_bk@bk.ru and referenced the MercenarieS TeaM in its original registration records.

Dfyz also used the nickname DonChicho, who likewise sold bulletproof hosting services and access to hacked Internet servers. In 2014, a prominent member of the Russian language cybercrime community Antichat filed a complaint against DonChicho, saying this user scammed them and had used the email address dfyz_bk@bk.ru.

The complaint said DonChicho registered on Antichat from the Transnistria Internet address 84.234.55[.]29. Searching this address in Constella reveals it has been used to register just five accounts online that have been created over the years, including one at ask.ru, where the user registered with the email address neculitzy1@yandex.ru. Constella also returns for that email address a user by the name “Ivan” at memoraleak.com and 000webhost.com.

Constella finds that the password most frequently used by the email address dfyz_bk@bk.ru was “filecast,” and that there are more than 90 email addresses associated with this password. Among them are roughly two dozen addresses with the name “Neculiti” in them, as well as the address support@donservers[.]ru.

Intel 471 says DonChicho posted to several Russian cybercrime forums that support@donservers[.]ru was his address, and that he logged into cybercrime forums almost exclusively from Internet addresses in Tiraspol, the capital of Transnistria. A review of DonChicho’s posts shows this person was banned from several forums in 2014 for scamming other users.

Cached copies of DonChicho’s vanity domain (donchicho[.]ru) show that in 2009 he was a spammer who peddled knockoff prescription drugs via Rx-Promotion, once one of the largest pharmacy spam moneymaking programs for Russian-speaking affiliates.

Mr. Neculiti told KrebsOnSecurity he has never used the nickname DonChicho.

“I may assure you that I have no relation to DonChicho nor to his bulletproof servers,” he said.

Below is a mind map that shows the connections between the accounts mentioned above.

A mind map tracing the history of the user Dfyz. Click to enlarge.

Earlier this year, NoName began massively hitting government and industry websites in Moldova. A new report from Arbor Networks says the attacks began around March 6, when NoName alleged the government of Moldova was “craving for Russophobia.”

“Since early March, more than 50 websites have been targeted, according to posted ‘proof’ by the groups involved in attacking the country,” Arbor’s ASERT Team wrote. “While NoName seemingly initiated the ramp of attacks, a host of other DDoS hacktivists have joined the fray in claiming credit for attacks across more than 15 industries.”

CORRECTIV ACTION

The German independent news outlet Correctiv.org last week published a scathing investigative report on Stark Industries and MIRhosting, which notes that Ivan Neculiti operates his hosting companies with the help of his brother, Yuri.

Image credit: correctiv.org.

The report points out that Stark Industries continues to host a Russian disinformation news outlet called “Recent Reliable News” (RRN) that was sanctioned by the European Union in 2023 for spreading links to propaganda blogs and fake European media and government websites.

“The website was not running on computers in Moscow or St. Petersburg until recently, but in the middle of the EU, in the Netherlands, on the computers of the Neculiti brothers,” Correctiv reporters wrote.

“After a request from this editorial team, a well-known service was installed that hides the actual web host,” the report continues. “Ivan Neculiti announced that he had blocked the associated access and server following internal investigations. “We very much regret that we are only now finding out that one of our customers is a sanctioned portal,” said the company boss. However, RRN is still accessible via its servers.”

Correctiv also points to a January 2023 report from the Ukrainian government, which found servers from Stark Industries Solutions were used as part of a cyber attack on the Ukrainian news agency “Ukrinform”. Correctiv notes the notorious hacker group Sandworm — an advanced persistent threat (APT) group operated by a cyberwarfare unit of Russia’s military intelligence service — was identified by Ukrainian government authorities as responsible for that attack.

PEACE HOSTING?

Public records indicate MIRhosting is based in The Netherlands and is operated by 37-year old Andrey Nesterenko, whose personal website says he is an accomplished concert pianist who began performing publicly at a young age.

DomainTools says mirhosting[.]com is registered to Mr. Nesterenko and to Innovation IT Solutions Corp, which lists addresses in London and in Nesterenko’s stated hometown of Nizhny Novgorod, Russia.

This is interesting because according to the book Inside Cyber Warfare by Jeffrey Carr, Innovation IT Solutions Corp. was responsible for hosting StopGeorgia[.]ru, a hacktivist website for organizing cyberattacks against Georgia that appeared at the same time Russian forces invaded the former Soviet nation in 2008. That conflict was thought to be the first war ever fought in which a notable cyberattack and an actual military engagement happened simultaneously.

Responding to questions from KrebsOnSecurity, Mr. Nesterenko said he couldn’t say whether his network had ever hosted the StopGeorgia website back in 2008 because his company didn’t keep records going back that far. But he said Stark Industries Solutions is indeed one of MIRhsoting’s colocation customers.

“Our relationship is purely provider-customer,” Nesterenko said. “They also utilize multiple providers and data centers globally, so connecting them directly to MIRhosting overlooks their broader network.”

“We take any report of malicious activity seriously and are always open to information that can help us identify and prevent misuse of our infrastructure, whether involving Stark Industries or any other customer,” Nesterenko continued. “In cases where our services are exploited for malicious purposes, we collaborate fully with Dutch cyber police and other relevant authorities to investigate and take appropriate measures. However, we have yet to receive any actionable information beyond the article itself, which has not provided us with sufficient detail to identify or block malicious actors.”

In December 2022, security firm Recorded Future profiled the phishing and credential harvesting infrastructure used for Russia-aligned espionage operations by a group dubbed Blue Charlie (aka TAG-53), which has targeted email accounts of nongovernmental organizations and think tanks, journalists, and government and defense officials.

Recorded Future found that virtually all the Blue Charlie domains existed in just ten different ISPs, with a significant concentration located in two networks, one of which was MIRhosting. Both Microsoft and the UK government assess that Blue Charlie is linked to the Russian threat activity groups variously known as Callisto Group, COLDRIVER, and SEABORGIUM.

Mr. Nesterenko took exception to Recorded Future’s report.

“We’ve discussed its contents with our customer, Stark Industries,” he said. “We understand that they have initiated legal proceedings against the website in question, as they firmly believe that the claims made are inaccurate.”

Recorded Future said they updated their story with comments from Mr. Nesterenko, but that they stand by their reporting.

Mr. Nesterenko’s LinkedIn profile says he was previously the foreign region sales manager at Serverius-as, a hosting company in The Netherlands that remains in the same data center as MIRhosting.

In February, the Dutch police took 13 servers offline that were used by the infamous LockBit ransomware group, which had originally bragged on its darknet website that its home base was in The Netherlands. Sources tell KrebsOnSecurity the servers seized by the Dutch police were located in Serverius’ data center in Dronten, which is also shared by MIRhosting.

Serverius-as did not respond to requests for comment. Nesterenko said MIRhosting does use one of Serverius’s data centers for its operations in the Netherlands, alongside two other data centers, but that the recent incident involving the seizure of servers has no connection to MIRhosting.

“We are legally prohibited by Dutch law and police regulations from sharing information with third parties regarding any communications we may have had,” he said.

A February 2024 report from security firm ESET found Serverius-as systems were involved in a series of targeted phishing attacks by Russia-aligned groups against Ukrainian entities throughout 2023. ESET observed that after the spearphishing domains were no longer active, they were converted to promoting rogue Internet pharmacy websites.

PEERING INTO THE VOID

A review of the Internet address ranges recently added to the network operated by Stark Industries Solutions offers some insight into its customer base, usage, and maybe even true origins. Here is a snapshot (PDF) of all Internet address ranges announced by Stark Industries so far in the month of May 2024 (this information was graciously collated by the network observability platform Kentik.com).

Those records indicate that the largest portion of the IP space used by Stark is in The Netherlands, followed by Germany and the United States. Stark says it is connected to roughly 4,600 Internet addresses that currently list their ownership as Comcast Cable Communications.

A review of those address ranges at spur.us shows all of them are connected to an entity called Proxyline, which is a sprawling proxy service based in Russia that currently says it has more than 1.6 million proxies globally that are available for rent.

Proxyline dot net.

Reached for comment, Comcast said the Internet address ranges never did belong to Comcast, so it is likely that Stark has been fudging the real location of its routing announcements in some cases.

Stark reports that it has more than 67,000 Internet addresses at Santa Clara, Calif.-based EGIhosting. Spur says the Stark addresses involving EGIhosting all map to Proxyline as well. EGIhosting did not respond to requests for comment.

EGIhosting manages Internet addresses for the Cyprus-based hosting firm ITHOSTLINE LTD (aka HOSTLINE-LTD), which is represented throughout Stark’s announced Internet ranges. Stark says it has more than 21,000 Internet addresses with HOSTLINE. Spur.us finds Proxyline addresses are especially concentrated in the Stark ranges labeled ITHOSTLINE LTD, HOSTLINE-LTD, and Proline IT.

Stark’s network list includes approximately 21,000 Internet addresses at Hockessin, De. based DediPath, which abruptly ceased operations without warning in August 2023. According to a phishing report released last year by Interisle Consulting, DediPath was the fourth most common source of phishing attacks in the year ending Oct. 2022. Spur.us likewise finds that virtually all of the Stark address ranges marked “DediPath LLC” are tied to Proxyline.

Image: Interisle Consulting.

A large number of the Internet address ranges announced by Stark in May originate in India, and the names that are self-assigned to many of these networks indicate they were previously used to send large volumes of spam for herbal medicinal products, with names like HerbalFarm, AdsChrome, Nutravo, Herbzoot and Herbalve.

The anti-spam organization SpamHaus reports that many of the Indian IP address ranges are associated with known “snowshoe spam,” a form of abuse that involves mass email campaigns spread across several domains and IP addresses to weaken reputation metrics and avoid spam filters.

It’s not clear how much of Stark’s network address space traces its origins to Russia, but big chunks of it recently belonged to some of the oldest entities on the Russian Internet (a.k.a. “Runet”).

For example, many Stark address ranges were most recently assigned to a Russian government entity whose full name is the “Federal State Autonomous Educational Establishment of Additional Professional Education Center of Realization of State Educational Policy and Informational Technologies.”

A review of Internet address ranges adjacent to this entity reveals a long list of Russian government organizations that are part of the Federal Guard Service of the Russian Federation. Wikipedia says the Federal Guard Service is a Russian federal government agency concerned with tasks related to protection of several high-ranking state officials, including the President of Russia, as well as certain federal properties. The agency traces its origins to the USSR’s Ninth Directorate of the KGB, and later the presidential security service.

Stark recently announced the address range 213.159.64.0/20 from April 27 to May 1, and this range was previously assigned to an ancient ISP in St. Petersburg, RU called the Computer Technologies Institute Ltd.

According to a post on the Russian language webmaster forum searchengines[.]ru, the domain for Computer Technologies Institute — ctinet[.]ruis the seventh-oldest domain in the entire history of the Runet.

Curiously, Stark also lists large tracts of Internet addresses (close to 48,000 in total) assigned to a small ISP in Kharkiv, Ukraine called NetAssist. Reached via email, the CEO of NetAssist Max Tulyev confirmed his company provides a number of services to PQ Hosting.

“We colocate their equipment in Warsaw, Madrid, Sofia and Thessaloniki, provide them IP transit and IPv4 addresses,” Tulyev said. “For their size, we receive relatively low number of complains to their networks. I never seen anything about their pro-Russian activity or support of Russian hackers. It is very interesting for me to see proofs of your accusations.”

Spur.us mapped the entire infrastructure of Proxyline, and found more than one million proxies across multiple providers, but by far the biggest concentration was at Stark Industries Solutions. The full list of Proxyline address ranges (.CSV) shows two other ISPs appear repeatedly throughout the list. One is Kharkiv, Ukraine based ITL LLC, also known as Information Technology Laboratories Group, and Integrated Technologies Laboratory.

The second is a related hosting company in Miami, called Green Floid LLC. Green Floid featured in a 2017 scoop by CNN, which profiled the company’s owner and quizzed him about Russian troll farms using proxy networks on Green Floid and its parent firm ITL to mask disinformation efforts tied to the Kremlin’s Internet Research Agency (IRA). At the time, the IRA was using Facebook and other social media networks to spread videos showing police brutality against African Americans in an effort to encourage protests across the United States.

YouTube Rolling Out Its Widely Hated New Web Redesign

By: BeauHD
23 May 2024 at 19:20
Ben Schoon reports via 9to5Google: After first appearing earlier this year, YouTube once again appears to be rolling out a new redesign for its website that everyone hates. In mid-April, Google started testing a redesign to YouTube's website, which moved the title of the video, its description, and the comments to the side of the screen. In their place, video recommendations were moved directly underneath the video being watched with much larger thumbnails and titles. The change was widely hated by almost everyone who got it, but it didn't show up for all users. In the weeks to follow, YouTube reverted the redesign. Now, the YouTube redesign is back. As spotted by many users, YouTube has started rolling out this redesign yet again. The new look has been appearing over the past few days, though it doesn't seem like it's a wide rollout. Rather, it appears to still be a test more than anything else. What does this second attempt mean? It's still unclear if YouTube intends to make this new look the default experience, but a second round of testing certainly implies more data is being gathered.

Read more of this story at Slashdot.

Spotify Is Going To Break Every 'Car Thing' Gadget It Ever Sold

By: BeauHD
23 May 2024 at 18:40
Spotify is about to render its Car Thing dashboard accessory inoperable on December 9th. Not only is the company refusing to open-source the device, it won't offer owners any subscription credit or automatic refund. "Rather, it's just canning the project and telling people to (responsibly) dispose of Car Thing," reports The Verge. From the report: "We're discontinuing Car Thing as part of our ongoing efforts to streamline our product offerings," Spotify wrote in an FAQ on its website. "We understand it may be disappointing, but this decision allows us to focus on developing new features and enhancements that will ultimately provide a better experience to all Spotify users." The company is recommending that customers do a factory reset on the product and find some way of responsibly recycling the hardware. Spotify is also being direct and confirming that there's little reason to ever expect a sequel. "As of now, there are no plans to release a replacement or new version of Car Thing," the FAQ reads. Car Thing went on sale to the public in early 2022 for $90. Spotify halted production several months later "based on several factors, including product demand and supply chain issues." At the time, the company said: "Existing devices will perform as intended."

Read more of this story at Slashdot.

Ascension Cyberattack Continues To Disrupt Care At Hospitals

By: BeauHD
23 May 2024 at 18:02
An anonymous reader quotes a report from NPR: Hospital staff are forced to write notes by hand and deliver orders for tests and prescriptions in person in the ongoing fallout from a recent ransomware attack at the national health system Ascension. Ascension is one of the largest health systems in the United States, with some 140 hospitals located across 19 states and D.C. A spokesperson said in a statement that "unusual activity" was first detected on multiple technology network systems Ascension uses on Wednesday, May 8. Later, representatives confirmed that some of Ascension's electronic health records systems had been affected, along with systems used "to order certain tests, procedures and medications." Some phone capabilities have also been offline, and patients have been unable to access portals used to view medical records and get in touch with their doctors. Due to these interruptions, hospital staff had to shift to "manual and paper based" processes. "Our care teams are trained for these kinds of disruptions and have initiated procedures to ensure patient care delivery continues to be safe and as minimally impacted as possible," an Ascension spokesperson said in a May 8 statement. Kris Fuentes, who works in the neonatal intensive care unit at Ascension Seton Medical Center in Austin, said she remembers when paper charting was the norm. But after so many years of relying on digital systems, she said her hospital wasn't ready to make such an abrupt shift. "It's kind of like we went back 20 years, but not even with the tools we had then," Fuentes said. "Our workflow has just been really unorganized, chaotic and at times, scary." Fuentes said orders for medication, labs and imaging are being handwritten and then distributed by hand to various departments, whereas typically these requests are quickly accessed via computer. A lack of safety checks with these backup methods has introduced errors, she said, and every task is taking longer to complete. "Medications are taking longer to get to patients, lab results are taking longer to get back," she said. "Doctors need the lab results, often, to decide the next treatment plan, but if there's a delay in access to the labs, there's a delay in access to the care that they order." As of Tuesday, Ascension still had no timeline for when the issues might be resolved, and reported that it continued to work with "industry-leading cybersecurity experts" to investigate the ransomware attack and restore affected systems. The FBI and Cybersecurity and Infrastructure Security Agency are also involved in the investigation. "While Ascension facilities remain open, a health system representative said on May 9 that in some cases, emergency patients were being triaged to different hospitals, and some non-emergent appointments and procedures were postponed," reports NPR. "Certain Ascension pharmacies are not operational, and patients are being asked to bring in prescription bottles or numbers." "Individuals who are enrolled in Ascension health insurance plans are being directed to mail in monthly payments while the electronic payment system is down."

Read more of this story at Slashdot.

Ether Cryptocurrency ETFs Are Approved by the SEC

23 May 2024 at 21:40
The Securities and Exchange Commission gave its blessing to a fund that tracks the price of the most valuable cryptocurrency after Bitcoin.

© Brendan McDermid/Reuters

BlackRock is among the major financial firms that want to issue exchange-traded funds tied to the price of the cryptocurrency Ether.

'Diddy' facies lawsuit by another woman who says the hip-hop mogul drugged and sexually assaulted her

A woman filed a lawsuit Thursday accusing music mogul Sean “Diddy” Combs of drugging and sexually assaulting her after she met him more than 20 years ago while she was a fashion student in New York City.

© Supreme Court of the State of New York County of New York

Sean Combs with April Lampros, right, and a friend, according to the lawsuit.

© Supreme Court of the State of New York County of New York

A card from Sean Combs to April Lampros, according to the lawsuit.

How the Internet of Things (IoT) became a dark web target – and what to do about it – Source: www.cybertalk.org

how-the-internet-of-things-(iot)-became-a-dark-web-target-–-and-what-to-do-about-it-–-source:-wwwcybertalk.org

Source: www.cybertalk.org – Author: slandau By Antoinette Hodes, Office of the CTO, Check Point Software Technologies. The dark web has evolved into a clandestine marketplace where illicit activities flourish under the cloak of anonymity. Due to its restricted accessibility, the dark web exhibits a decentralized structure with minimal enforcement of security controls, making it a […]

La entrada How the Internet of Things (IoT) became a dark web target – and what to do about it – Source: www.cybertalk.org se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

RSAC Fireside Chat: Qwiet AI leverages graph-database technology to reduce AppSec noise – Source: www.lastwatchdog.com

rsac-fireside-chat:-qwiet-ai-leverages-graph-database-technology-to-reduce-appsec-noise-–-source:-wwwlastwatchdog.com

Source: www.lastwatchdog.com – Author: bacohido By Byron V. Acohido AppSec has never been more challenging. By the same token, AppSec technology is advancing apace to help companies meet this challenge. Related: AppSec market trajectory At RSAC 2024, I sat down with Bruce Snell, cybersecurity strategist at Qwiet.ai, to hear a break down about how Qwiet […]

La entrada RSAC Fireside Chat: Qwiet AI leverages graph-database technology to reduce AppSec noise – Source: www.lastwatchdog.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

NCAA votes to approve settlement that could change college sports

23 May 2024 at 20:56
The NCAA board of governors voted to approve terms for the anti-trust settlement. The settlement is expected to include about $2.7 billion in back-pay damages owed to former Division I athletes. Sport legal reporter Michael McCann talks to NBC News' Ellison Barber about the vote and what this could mean for college athletes. 

💾

The NCAA board of governors voted to approve terms for the anti-trust settlement. The settlement is expected to include about $2.7 billion in back-pay damages owed to former Division I athletes. Sport legal reporter Michael McCann talks to NBC News' Ellison Barber about the vote and what this could mean for college athletes. 

Inside the fringe worldview of RFK Jr.’s VP pick

Nicole Shanahan’s politics changed drastically amid the pandemic and her daughter’s autism diagnosis. Now she’s Robert F. Kennedy Jr.’s vice president pick in his long-shot independent run.

© Leila Register

Nicole Shanahan has spoken out against vaccines. 

© Marshall Tidrick for NBC News

Kennedy and Shanahan both target women with appeals on health and the planet.

© Marshall Tidrick for NBC News

Hundreds of supporters packed the event hall for the Austin, Texas, rally.

© Marshall Tidrick for NBC News

“I want to talk about soil,” Shanahan began her first stump speech.

© Marshall Tidrick for NBC News

Campaign communications director and anti-vaccine activist Del Bigtree said Kennedy chose Shanahan because of her tech background.

© Marshall Tidrick for NBC News

Kennedy's Austin rally drew supporters of all ages.

© Taylor Hill

Nicole Shanahan married Google co-founder Sergey Brin in 2018 while she was pregnant with their daughter, Echo. They divorced in 2023.

© Marshall Tidrick for NBC News

From Super Bowl commercials to swag, the campaign has leaned into the fame and nostalgia of the Kennedy name.

© Courtesy Dr. Jack Kruse

Wellness guru Dr. Jack Kruse said he advised Shanahan on her autism research investments.

© Marshall Tidrick for NBC News

Kennedy has qualified for the ballot in six states. The campaign and his affiliated super PAC say he has enough signatures to qualify in 11 more.

© Marshall Tidrick for NBC News

A mix of moneyed supporters, anti-vaccine activists, libertarians, hippies and health and wellness devotees wait for doors to open at a Kennedy rally in Austin.

© David Paul Morris

Since the Kennedy campaign announced Nicole Shanahan as his vice presidential pick in March, she has avoided the mainstream media.

© Marshall Tidrick for NBC News

Shanahan shook hands and hugged hundreds of supporters for selfies after the Austin rally.

Tech titan Mike Lynch testifies at fraud trial that Autonomy was ‘not perfect’

By: Kari Paul
23 May 2024 at 20:17

UK founder, accused of inflating sales and misleading regulators, takes stand and says he wasn’t fully responsible for firm’s decisions

The British entrepreneur Mike Lynch took the stand on Thursday in a San Francisco federal courthouse as a key witness in his own criminal fraud trial, defending his role at Autonomy, the tech firm he co-founded and then sold.

The trial continued as planned Thursday despite the defense team moving for a mistrial over alleged improper questioning of a witness by the prosecution. Lynch’s defense team called the questioning, which indirectly referenced the tech titan’s extradition, “egregious” and ‘’highly improper” in a filing.

Continue reading...

💾

© Photograph: Michael Liedtke/AP

💾

© Photograph: Michael Liedtke/AP

Short measuring costs average UK drinker £115 a year, study finds

Trading standards officers find 70% of test purchases of beer and wine have less of the drink than they should

More than two-thirds of beer and wine sold in pubs and bars is short-measured, costing the average consumer about £115 a year, according to research.

Trading standards officers visited 77 venues across the UK, finding 96 short measures out of 137 test purchases, meaning approximately 70% had less of the drink than had been declared or paid for.

Continue reading...

💾

© Photograph: BK/Alamy

💾

© Photograph: BK/Alamy

George Harrison’s childhood home in Liverpool gets blue plaque

Tribute to be unveiled at No 12 Arnold Grove in Wavertree, where the Beatle lived until he was nearly seven

No 12 Arnold Grove looks like an ordinary red-brick terrace house in the Liverpool suburb of Wavertree, recognisable only to those with a deep appreciation for the city’s most famous sons.

But now a blue plaque will mark the house as the former home of the “quiet” Beatle, George Harrison.

Continue reading...

💾

© Photograph: BWP Media/Getty Images

💾

© Photograph: BWP Media/Getty Images

Romeo & Juliet review – Tom Holland enters to whoops as Francesca Amewudah-Rivers shows a steely cool

23 May 2024 at 18:59

Duke of York’s theatre, London
The Spider-Man star and his spikily charismatic Juliet, giving a heroic performance after all the abuse she faced, are perfectly cast in Jamie Lloyd’s turbo-stylised production

It is not often that a celluloid superhero transforms into a tragic hero before our eyes. Tom Holland navigates the transition from Marvel’s Spider-Man to Shakespeare’s Romeo smoothly, his wan, sinewy lover instantly at home on stage (in spite of the distracting audience whoop when he gets there).

Francesca Amewudah-Rivers brings her own spiky charisma as Juliet, all the more heroic given the backdrop of social media racial abuse she has received. Holland and Amewudah-Rivers are perfectly cast, wired with an awkwardly cool teen energy, she a mix of innocence and streetwise steel, he jittering with sweaty-palmed earnestness.

Continue reading...

💾

© Photograph: Marc Brenner

💾

© Photograph: Marc Brenner

Luke Littler blasts Luke Humphries away to win Premier League Darts title

  • Littler overwhelms the world champion 11-7
  • Seventeen-year-old hits nine-darter in 11th leg

We are now through the ­looking glass. We’re over the frontier. We’re not in Kansas any more, Toto. For a 17-year-old kid is now a major darts champion, and it feels totally ­inevitable, and it still makes ­absolutely no sense. Whatever Luke Littler goes on to achieve in this sport, somehow ­nothing will ever quite match the sheer tidal wave of shock and wonder he has inspired in his first six months as a ­professional, an ­explosion of ­talent and coolness and colour and attitude and ­showmanship that is, quite frankly, beyond comprehension.

Littler beat Luke Humphries 11-7 to claim the Premier League title, clinching victory courtesy of a ­stunning and irresistible surge after the interval that left the world champion and world No 1 gasping. Along the way Littler hit a nine-dart finish – 180, 180, 141 – that brought a crowd of 14,000 to the very brink of rapture. For a player of his tender years, he already instinctively grasps the first rule of big-time darts: give the people what they want.

Continue reading...

💾

© Photograph: Tom Jenkins/The Guardian

💾

© Photograph: Tom Jenkins/The Guardian

Wayne Rooney is Plymouth’s top target for vacant manager’s job

23 May 2024 at 18:49
  • Rooney has been out of work since being sacked by Birmingham
  • Plymouth also spoke to Paul Heckingbottom about vacancy

Wayne Rooney is the leading candidate to take charge of Plymouth Argyle, with the Championship club keen on offering the former England captain a return to management.

Rooney has been out of work since being sacked by Birmingham in January, 83 days into a three-and-half-year contract.

Continue reading...

💾

© Photograph: Kieran Cleeves/PA

💾

© Photograph: Kieran Cleeves/PA

House Republicans assail university head for negotiated end to Gaza protest

23 May 2024 at 18:43

Northwestern president becomes lightning rod in Republican-led committee hearing also featuring chiefs of Rutgers and UCLA

Members of a Republican-led congressional committee confronted another set of university heads on Thursday over their approach to pro-Palestinian protests in the latest hearings on Capitol Hill on a reported increase of campus antisemitism.

Republicans on the House of Representatives’ education and workforce committee repeatedly clashed fiercely with Michael Schill, president of Northwestern University in Illinois, over his decision to negotiate an end to a tented protest community rather than call in police, as has happened on other campuses.

Continue reading...

💾

© Photograph: Amanda Andrade-Rhoades/Reuters

💾

© Photograph: Amanda Andrade-Rhoades/Reuters

Building collapses at Mallorca beach killing at least four and injuring 21

23 May 2024 at 18:40

Ceiling of Medusa Beach Club on the seafront at Palma de Mallorca gave way, according to reports

At least four people have been killed and about 21 people injured after a building collapsed on a beachfront in Mallorca on Thursday, emergency services said.

The two-storey building, the Medusa Beach Club, collapsed in Palma de Mallorca.

Continue reading...

💾

© Photograph: Europa Press News/Europa Press/Getty Images

💾

© Photograph: Europa Press News/Europa Press/Getty Images

Huge number of deaths linked to superbugs can be avoided, say experts

Models suggest deaths in poorer countries could be cut by 18% – or about 750,000 a year – with preventive measures

Every year 750,000 deaths linked to drug-resistant superbugs could be prevented through better access to clean water and sanitation, infection control and childhood vaccinations, research suggests.

Antimicrobial resistance, or AMR, is a huge global challenge, with the evolution of drug-resistant superbugs, driven by factors including inappropriate and excessive antibiotic use, raising the prospect of a future where modern medicine fails.

Continue reading...

💾

© Photograph: nobeastsofierce Science/Alamy

💾

© Photograph: nobeastsofierce Science/Alamy

Gavin Newsom signs bill to help people in Arizona get abortions in California

Under new law, doctors licensed to perform the procedure in Arizona can provide abortion care for their patients in California

California’s governor, Gavin Newsom, has signed a bill that aims to make it easier for people seeking abortions in Arizona to get care in the Golden state in response to restrictions imposed on the procedure in the south-western state.

Under the new law, doctors licensed to perform abortions in Arizona could provide abortion care for their patients in California. The legislation offers medical providers an expedited path to getting their credentials in California.

Continue reading...

💾

© Photograph: Rich Pedroncelli/AP

💾

© Photograph: Rich Pedroncelli/AP

Swim, Aunty, Swim! review – powerful tale of women healed by water in an empty pool

By: Anya Ryan
23 May 2024 at 18:00

Belgrade theatre, Coventry
Siana Bangura’s play follows three west African women in Coventry who are cajoled into the water – and find themselves surfacing from grief

They say water has the power to heal. So, in Siana Bangura’s new play, three west African women dealing with grief and change turn up to their local pool in Coventry for weekly swimming classes. Ama has convinced her two friends from church, Blessing and Fatu, to “think about what’s good” for their bodies and give lessons a go. What she hasn’t told them is that she’s signed them up to take part in a group open-water relay race.

This production, directed by Madeleine Kludje, follows the women through their learning process, but it runs at the pace of a slowly flowing stream. Scene changes are swollen out, unnecessarily; there are segments that could be deleted en masse. The swimming instructor Danny is affectionately played by Sam Baker-Jones with a thick Brummie accent, but he feels like half a character, his story unfinished.

Swim, Aunty, Swim! is at Belgrade theatre, Coventry, to 1 June

Continue reading...

💾

© Photograph: Nicola Young

💾

© Photograph: Nicola Young

NETMundial+10 Multistakeholder Statement Pushes for Greater Inclusiveness in Internet Governance Processes

23 May 2024 at 17:55

A new statement about strengthening internet governance processes emerged from the NETMundial +10 meeting in Brazil last month, strongly reaffirming the value of and need for a multistakeholder approach involving full and balanced participation of all parties affected by the internet—from users, governments, and private companies to civil society, technologists, and academics.

But the statement did more than reiterate commitments to more inclusive and fair governance processes. It offered recommendations and guidelines that, if implemented, can strengthen multistakeholder principles as the basis for global consensus-building and democratic governance, including in existing multilateral internet policymaking efforts.


The event and statement, to which EFF contributed with dialogue and recommendations, is a follow-up to the 2014 NETMundial meeting, which ambitiously sought to consolidate multistakeholder processes to internet governance and recommended
10 process principles. It’s fair to say that over the last decade, it’s been an uphill battle turning words into action.

Achieving truly fair and inclusive multistakeholder processes for internet governance and digital policy continues to face many hurdles.  Governments, intergovernmental organizations, international standards bodies, and large companies have continued to wield their resources and power. Civil society
  organizations, user groups, and vulnerable communities are too often sidelined or permitted only token participation.

Governments often tout multistakeholder participation, but in practice, it is a complex task to achieve. The current Ad Hoc Committee negotiations of the proposed
UN Cybercrime Treaty highlight the complexity and controversy of multistakeholder efforts. Although the treaty negotiation process was open to civil society and other nongovernmental organizations (NGOs), with positive steps like tracking changes to amendments, most real negotiations occur informally, excluding NGOs, behind closed doors.

This reality presents a stark contrast and practical challenge for truly inclusive multistakeholder participation, as the most important decisions are made without full transparency and broad input. This demonstrates that, despite the appearance of inclusivity, substantive negotiations are not open to all stakeholders.

Consensus building is another important multistakeholder goal but faces significant practical challenges because of the human rights divide among states in multilateral processes. For example, in the context of the Ad Hoc Committee, achieving consensus has remained largely unattainable because of stark differences in human rights standards among member States. Mechanisms for resolving conflicts and enabling decision-making should consider human rights laws to indicate redlines. In the UN Cybercrime Treaty negotiations, reaching consensus could potentially lead to a race to the bottom in human rights and privacy protections.

To be sure, seats at the policymaking table must be open to all to ensure fair representation. Multi-stakeholder participation in multilateral processes allows, for example, civil society to advocate for more human rights-compliant outcomes. But while inclusivity and legitimacy are essential, they alone do not validate the outcomes. An open policy process should always be assessed against the specific issue it addresses, as not all issues require global regulation or can be properly addressed in a specific policy or governance venue.

The
NETmundial+10 Multistakeholder Statement, released April 30 following a two-day gathering in São Paulo of 400 registered participants from 60 countries, addresses issues that have prevented stakeholders, especially the less powerful, from meaningful participation, and puts forth guidelines aimed at making internet governance processes more inclusive and accessible to diverse organizations and participants from diverse regions.

For example, the 18-page statement contains recommendations on how to strengthen inclusive and diverse participation in multilateral processes, which includes State-level policy making and international treaty negotiations. Such guidelines can benefit civil society participation in, for example, the UN Cybercrime Treaty negotiations. EFF’s work with international allies in the UN negotiating process is outlined here.

The NETmundial statement takes asymmetries of power head on, recommending that governance processes provide stakeholders with information and resources and offer capacity-building to make these processes more accessible to those from developing countries and underrepresented communities. It sets more concrete guidelines and process steps for multistakeholder collaboration, consensus-building, and decision-making, which can serve as a roadmap in the internet governance sphere.

The statement also recommends strengthening the UN-convened Internet Governance Forum (IGF), a predominant venue for the frank exchange of ideas and multistakeholder discussions about internet policy issues. The multitude of initiatives and pacts around the world dealing with internet policy can cause duplication, conflicting outcomes, and incompatible guidelines, making it hard for stakeholders, especially those from the Global South, to find their place. 


The IGF could strengthen its coordination and information sharing role and serve as a venue for follow up of multilateral digital policy agreements. The statement also recommended improvements in the dialogue and coordination between global, regional, and national IGFs to establish continuity between them and bring global attention to local perspectives.

We were encouraged to see the statement recommend that IGF’s process for selecting its host country be transparent and inclusive and take into account human rights practices to create equitable conditions for attendance.

EFF and 45 digital and human rights organizations last year called on the UN Secretary-General and other decision-makers to reverse their decision to grant host status for the 2024 IGF to Saudi Arabia, which has a long history of human rights violations, including the persecution of human and women’s rights defenders, journalists, and online activists. Saudi Arabia’s draconian cybercrime laws are a threat to the safety of civil society members who might consider attending an event there.  

All We Imagine As Light review – dreamlike and gentle modern Mumbai tale is a triumph

23 May 2024 at 17:54

Cannes film festival
Payal Kapadia’s glorious Cannes competition selection is an absorbing story of three nurses that is full of humanity

There is a freshness and emotional clarity in Payal Kapadia’s Cannes competition selection, an enriching humanity and gentleness which coexist with fervent, languorous eroticism and finally something epiphanic in the later scenes and mysterious final moments. Kapadia’s storytelling has something of Satyajit Ray’s The Big City and Days and Nights of the Forest; it is so fluent and absorbing.

All We Imagine As Light is the story of three nurses in modern-day Mumbai: Prabha (Kani Kusruti), Anu (Divya Prabha) and Parvaty (Chhaya Kadam). Each has come to the big city from smaller home towns. Prabha and the younger, flightier Anu are roommates and Anu (having only just moved in) is already asking the more sober and sensible Prabha to cover her share of the rent. She is also causing some scandal among the more gossipy elements of the hospital on account of her Muslim boyfriend, Shiaz (Hridu Haroon). Meanwhile, the older Parvaty, a widow, is being threatened with eviction because a property developer has bought her apartment building and her late husband did not leave her the documentation that would prove her resident’s right to remain, or at least to get compensation.

Continue reading...

💾

© Photograph: petit chaos

💾

© Photograph: petit chaos

❌
❌