Infosec.Pub

The Self-Generation Incentive Program (SGIP) is a State of California initiative that provides funding for income qualified residential customers to install solar and battery storage systems on residential property. Solar panel systems provide residents with the ability to generate their own electricity, while battery storage systems can store electricity for use during peak rate periods or in the evenings when solar production decreases.

Every SGIP project will help enhance grid reliability, reduce greenhouse gas emissions, and promote clean energy. It also supports LADWP’s goal to ensure equitable access to clean energy.

cross-posted from: https://lemmy.sdf.org/post/43277000

Here is the technical analyses by Unit42-Paloaltonetworks: Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite

The group’s primary objective is cyberespionage, with a focus on stealing sensitive, non-public information from high-value targets. Over the past two and a half years, Unit 42 has observed Phantom Taurus focusing its efforts on ministries of foreign affairs, embassies, and military operations, often timing its activities to coincide with geopolitical events in those regions.

[...]

Unit42 writes:

Phantom Taurus is a previously undocumented nation-state actor whose espionage operations align with People’s Republic of China (PRC) state interests. Over the past two and a half years, Unit 42 researchers have observed Phantom Taurus targeting government and telecommunications organizations across Africa, the Middle East, and Asia.

[The] observations show that Phantom Taurus’ main focus areas include ministries of foreign affairs, embassies, geopolitical events and military operations. The group’s primary objective is espionage. Its attacks demonstrate stealth, persistence and an ability to quickly adapt their tactics, techniques and procedures (TTPs).

[...]

Threat actors claiming to represent the Medusa ransomware gang tempted a BBC correspondent to become an insider threat by offering a significant amount of money. [...]

Yet another big brand suffers operational disruption following apparent hacking attack

Retailer Harrods has revealed that a number of customers whose data was stolen in a cyber attack have been contacted by the perpetrators

Investigators linked 1,463 victims to the scams, and said their losses amounted to around $2.8 million.

Hackers are actively exploiting a critical vulnerability (CVE-2025-32463) in the sudo package that enables the execution of commands with root-level privileges on Linux operating systems. [...]

Broadcom has patched a high-severity privilege escalation vulnerability in its VMware Aria Operations and VMware Tools software, which has been exploited in zero-day attacks since October 2024. [...]

Researchers have found that many low-cost Android devices come with pre-installed apps that have high-level access to the system. Unlike apps from the Google Play Store, many of these are not subject to thorough checks and can serve as vectors for malware or privacy-invasive features. Researchers studying the African mobile device market focused on three brands selling Android devices under $100, all running Android Go Edition. To investigate, the team developed PiPLAnD, an automated framework … More → The post Your budget Android phone might be spying on you appeared first on Help Net Security.