Assassins Creed Shadows saw over 1 million players on launch day, Ubisoft has announced.The game released on PC, PlayStation 5, and Xbox Series X and S on March 20, and just before 4pm in Canada, Ubisoft took to social media to say it had crossed the 1 million player mark.It's not even 4pm here in Canada and Assassin's Creed Shadows has already passed 1 million players! Ubisoft said.Thank YOU from the bottom of our hearts for joining this adventure in Feudal Japan. We are beyond excited to start this journey with you!PlayWhile 1 million players on launch day is an impressive achievement, its difficult to gauge success when Ubisoft itself hasnt offered a sales figure or indeed a sales target.What we do know is that Assassins Creed Shadows is the top-selling video game globally on Steam right now. Valves chart sorts products by revenue, so we can say Ubisofts game is currently bringing in more money than any other on the platform.We also have early days Steam concurrent figures. According to official stats from Valves platform, Assassins Creed Shadows hit a peak player concurrent figure of 41,412 on Steam on launch day. Assassins Creed Shadows released on a Thursday, so it is expected that that figure will grow as we head into the games first weekend on sale. Well have a better picture of its performance on Steam next week and in the weeks ahead. Neither Sony nor Microsoft make player numbers public.For some context, BioWares single-player RPG Dragon Age: The Veilguard launched on Steam on Thursday, October 31, 2024, and saw a peak of 70,414 players on Valves platform.The Complete Assassin's Creed TimelineThere is enormous pressure on Assassin's Creed Shadows to do well for Ubisoft globally after multiple delays and the sales failure of last years Star Wars Outlaws. Indeed, Ubisoft has suffered a number of high-profile flops, layoffs, studio closures, and game cancellations in the run up to Assassin's Creed Shadows' release. Things have got so bad at Ubisoft that its founding Guillemot family and largest shareholder have reportedly been exploring talks with Chinese mega-corp Tencent and other investors on a buyout deal that would let them preserve control.Assassin's Creed Shadows has also endured a number of controversies, not least in Japan. Yesterday, IGN confirmed that Ubisoft had quietly released a day-one patch for Assassins Creed Shadows that made a number of important changes seemingly in response to concern from some Japanese politicians about in-game temples and shrines.In a remarkable exchange this week, Japanese politician and member of the House of Councillors of Japan, Hiroyuki Kada, raised the issue of Assassins Creed Shadows in an official government meeting, and Shigeru Ishiba, the Prime Minister of Japan, responded.On Steam at least, Assassin's Creed Shadows is going down very well with players. It has a 'very positive' user review rating, with 82% of the near 4,000 user reviews marked as positive. IGNs Assassins Creed Shadows review returned an 8/10. We said: By sharpening the edges of its existing systems, Assassins Creed Shadows creates one of the best versions of the open-world style its been honing for the last decade.Adventuring across feudal Japan? Check out our comprehensive Assassin's Creed Shadows guide, including our Assassin's Creed Shadows walkthrough, our detailed Assassin's Creed Shadows Interactive Map, and our guide to all the crucial things Assassins Creed Shadows doesnt tell you.Wesley is the UK News Editor for IGN. Find him on Twitter at @wyp100. You can reach Wesley at wesley_yinpoole@ign.com or confidentially at wyp100@proton.me.

Today, the Entertainment Software Association (ESA) has announced the Accessible Games Initiative, a new "tag" system aiming to provide video game accessibility feature information to consumers.The initiative was announced at the Game Developers Conference today, and was conceived by a coalition from Electronic Arts, Google, Microsoft, Nintendo, Sony, and Ubisoft. Amazon, Riot Games, Square Enix, and WB Games have also since joined the initiative, which will be managed by the ESA.With this initiative, participating video game companies will label their games with relevant "tags" from an approved set of 24, with the information appearing near the game's project information on digital storefronts and product pages.The Accessible Games Initiative includes 24 tags that help describe the games we play.These tags will denote features such as "clear text," "large and clear subtitles," "narrated menus," "stick inversion," "save anytime," "difficulty levels," "playable without button holds," and others.Tens of millions of Americans have a disability and often face barriers to experiencing the joy and connection that comes with playing video games, said Stanley Pierre-Louis, ESA president and CEO. We are immensely proud to announce the Accessible Games Initiative in partnership with industry leaders. This initiative demonstrates how impactful we can be when we work together in our industry-wide pursuit of helping more people experience the power of play.The tags will be rolled out gradually on a company-by-company basis and are not mandatory. At launch, they will only be available in English. More tags, or adjustments to existing tags, may be developed over time.Accessible Games Initiative tags:Auditory FeaturesTagMultiple Volume ControlsDescriptionSeparate volume controls are available for different types of sounds. The volume can be changed separately for music, speech, sound effects, backgroundaudio, text-to-speech audio, accessibility audio cues, and voice chat. All game sounds can also be changed at once using one volume control.TagMono SoundDescriptionLets you play with mono audio. The same audio will be sent to all channels (e.g., both left and right headphones),effectively providing a single, combined audio channel.TagStereo SoundDescriptionLets you play with stereo audio. Sounds communicate how far to the left or right they are coming from. Sounds will not communicate whether they are coming from above,below, ahead, or behind you.TagSurround SoundDescriptionLets you play with surround sound. Sounds communicate where they are coming from, which may include any direction.TagNarrated MenusDescriptionLets you use screen readers or voice narration for menus and notifications. Screen readers can access all menus, or the game provides similar functionality. Interactions and context changes are controlled by you and announced throughnarration. You can move through menus one item at a time, rather than steering a cursor.TagChat Speech-to-Text & Text-to-Speech*DescriptionLets you use text-to-speech and speech-to-text for game chats with other players. Text chats can be narrated out loud in real-time. Voice chats can be read as a text transcript in real-time.*This tag contains both auditory and visual features.Gameplay FeaturesTagDifficulty LevelsDescriptionLets you select from multiple difficulty options, including at least one option that reduces theintensity of the challenges. Differences between difficulty levels are also described.TagSave AnytimeDescriptionLets you manually save your progress at any time.Exceptions: The game is saving or loading. When saving could result in game-breaking scenarios or blocked progress, such asduring death animations.Input FeaturesTagBasic Input RemappingDescriptionLets you rearrange the button controls. Button controls can be swapped or rearranged by some other method. The Full Input Remapping tag lets you remap all game controls, not just buttoncontrols, and remap them by choosing which action is performed by which input.TagFull Input RemappingDescriptionLets you choose which action in the game is assigned to which control. All game controls can be remapped for all directly supported input methods, e.g.keyboard, mouse, controllers, and virtual on-screen controllers. Controller stick functionality can be swapped. The Basic Input Remapping tag lets you remap only button controls, and remap bysimple methods like button swap.TagStick InversionDescriptionLets you change how direction inputs such as thumbsticks affect gamemovement in the up and down and left and right directions.Examples of these directional inputs include thumbsticks and flight sticks.TagPlayable without Button HoldsDescriptionLets you play without button holds. The game doesnt require digital inputs (like keys or buttons) to be held. Some analog inputs (like sticks and triggers) may still require holds.TagPlayable without Rapid Button PressesDescriptionLets you avoid repetitive button actions like button mashing and quick-time events.TagPlayable with Keyboard OnlyDescriptionLets you play using only your keyboard. The game can be played with a keyboard alone, without any other devices.TagPlayable with Mouse OnlyDescriptionLets you play using only your mouse. This also lets you play using adaptive tech that maps to mouse inputs.TagPlayable with Buttons OnlyDescriptionLets you play using only buttons where the amount of pressure doesntaffect the controls. The game and menus can be controlled using only digital inputs (like buttons or keys).TagPlayable with Touch OnlyDescriptionLets you play using only touch controls. Players are not required to use any type of non-touch controls, such as buttons oranalog sticks.TagPlayable Without Motion ControlsDescriptionLets you play without using motion controlsTagPlayable Without Touch ControlsDescriptionLets you play without using touchpads or touchscreens.Visual FeaturesTagChat Speech-to-Text & Text-to-Speech*DescriptionLets you use text-to-speech and speech-to-text for game chats with other players. Text chats can be narrated out loud in real-time. Voice chats can be read as a text transcript in real-time.*This tag contains both auditory and visual features.TagClear TextDescriptionText in menus, control panels, and settings is a reasonable size. You can adjust the contrast. Text is at a reasonable size relative to the devices screen resolution and typical viewingdistance. Font is less stylized or can be changed to a less stylized option (e.g., sans serif). Text has, or can be adjusted to, a reasonable contrast against all backgrounds.(See Large & Clear Subtitles tag for subtitle text options)TagLarge TextDescriptionLets you use a large font size for text in menus, control panels, and settings. Text can be in a large size relative to the devices screen resolution and typical viewingdistance.(See Large & Clear Subtitles tag for subtitle text options)TagLarge & Clear SubtitlesDescriptionSubtitles are available for all dialogue. Text is at a reasonable size relative to the devices screen resolution and typical viewingdistance. The subtitle background transparency can be adjusted. Subtitles dont overlap with important game elements. Font is less stylized or can be changed to a less stylized option (e.g., sans serif). This tag covers spoken game dialogue only and doesnt include text displayed for otheraudio such as speaker tone or environmental sounds that are typically included incaptions.TagColor AlternativesDescriptionColor is not used to communicate important information or can be adjusted. Shape, pattern, icons, or text is used to communicate information instead of color.TagCamera ComfortDescriptionThere are no camera effects that may cause discomfort or harm (e.g., nausea, headaches) orthose effects can be turned off or adjusted. Camera effects includes, but is not limited to: shaking, swaying, bobbing, motion blur,camera speed, and forced narrative-based movement.Rebekah Valentine is a senior reporter for IGN. You can find her posting on BlueSky @duckvalentine.bsky.social. Got a story tip? Send it to rvalentine@ign.com.Blogroll Image Credit: Emanuele Cremaschi/Getty Images

Producer Irwin Winkler has been trying to get The Alto Knights or a movie similar to it made since the 1970s. It might go back even furtherhe confides while reminiscing of his youth growing up in New York City. At the time, his idea of what a gangster looked like was defined by a certain image: James Cagney mostly, walking through a downpour of rain while glowering beneath his fedora. Yet that changed when the nightly news started reporting about guys like Frank Costellothe future protagonist of The Alto Knights and the real-life boss of bosses who retired from the life around the time words like Mafia and Cosa Nostra became household terms spoken at the American dinner table.For Winkler, discovering the existence of Costello in his custom-made suit and media-ready smile was revelatory. For the Mafia, it was deadly. And it took longtime collaborators and colleagues of Winklers, guys like Robert De Niro, director Barry Levinson, and the screenwriter of Goodfellas and Casino, Nicholas Pileggi, to open the movie up. They realized The Alto Knights is the story of a war between real-life mob bosses Costello and Vito Genovese (both played by De Niro); it is the story of the men whose conflict inspired The Godfather; and it is the story of why the mob, as those in the life previously understood it, ended forever.Barry came up with the idea of its a two-hander, Pileggi says of the central dynamic between De Niros two roles as Costello and Genovese. And it just dawned on me youre right because afterward its over! When Frank Costello perhaps sets up the Appalachia hearing, the Appalachia hearing ends it. Its over. No more Jimmy Cagney, no more organized crime. Its over because what comes out of the Appalachia hearing is the McClellan committee, charts and hearings, and Joe Valachi.What Pileggi refers to is the turning point that all of The Alto Knights builds toward. Despite being childhood friends, the real-life Frank Costello and Vito Genovese grew apart after the U.S. government (temporarily as it turned out) deported Genovese back to Italy in 1945. In his absence, Costello became the de facto boss of bosses and ran organized crime increasingly like a mid-century corporation until Genovese returned and demanded control of the so-called Luciano Family.In 1959 he got it after rivals were whacked, and Costello made an unorthodox play for retirement. The Luciano Family became the Genovese Family, and Costello also helped Vito organize a meeting of the mob families in a New York corner of Appalachia where almost everyone (but Costello) wound up arrested. This in turn paved the way for U.S. Senate hearings, Genovese soldier Joseph Valachi uttering the words Cosa Nostra on live television, and a certain Italian American author who knew nothing about the Mafia getting a bright idea.Joe Valachi gives Mario Puzo everything he needs for The Godfather, Pileggi laughs today. Thats the process, and its over. The Godfather ends the mystery.Yet ironically it is now one of the iconic actors in The Godfather Trilogy, young Vito Corleone performer Robert De Niro, who gets to play Costello and Genovese both when recounting the true events that would inspire Vitos heir in the first 1972 movie.These are two real figures who are well-known mythological characters, underworld characters in New York and in the country, De Niro says about his dual roles. So there was a lot of information about them already, and I just went and looked for as much as I could: things where they were filmed and things where they were talking. The actor even reached out to anyone alive who still might have remembered them from the old days. Maybe speak to somebody who knew somebody who knew them and told another story about one of these two guys.De Niro is circumspect, but his work ethic of profiling the historical figures he portrays is legendary. Even Pileggi marvels at his ability to get wiseguys and other toughs to open up, which is saying something since before earning an Oscar nomination for co-writing Goodfellas, Pileggi was a crime journalist for AP and then New York magazine, which led to him writing Wiseguy, on which Goodfellas is based.When on the Casino thing, [De Niro] went down and spent months with Frank Lefty Rosenthal, Pileggi chuckles, who would not open up to me when I was trying to talk to him. He would say things like, Well I cant or I dont know. But the minute Bob got in there, Lefty Rosenthal was showing him his closet. Hes showing him his 300 pairs of pastel-colored trousers. I mean, its just what happens. He would have made a fabulous reporter.He also makes for an interesting double lead in The Alto Knights, which in some eyes might be a gimmick, but from the perspective of collaborators like Winklerwho also produced Goodfellas as well as other De Niro standards like Raging Bull and The Irishmanit was the only natural direction to take.Join our mailing listGet the best of Den of Geek delivered right to your inbox!When Bob was thinking of playing Costello, he asked me specifically who I thought could play Vito Genovese, Winkler remembers. And my instinct was that nobody could play it better than Bob. If he said he wanted to play Genovese, we would then look for another Costello.It was certainly a unique proposition, but one that the actor initially admits to having his share of doubts about.In the beginning there was a hesitancy because it was unexpected, De Niro says. I said, Well, easier said than done. Lets think about this for a minute. After taking a few days to consider the prospect of playing dual roles at this stage in his career, and speaking about it with director and friend Levinson, the star came back and said he was willing to go for it.Its something to try, De Niro muses. Ive not done it before and it also adds to the reason, the justification of my doing another gangster film, even though Im doing it with everybody I know so well and worked many times with, and Id probably do it the other way too. But this is even better.As it stands, he admits that Costello, the role De Niro originally was attracted to, is perhaps the savvier character. Hes certainly the diplomat. But all things being even, Genovese was more delicious for the star: With the Vito character, hes a hothead, hes more fun to play, hes more explosive, impulsive.That explosion gets back to The Godfather of it all.Puzo took the whole idea of the Godfather [character] saying to the other members of the mob that he wont have anything to do with drugs [from Costello], Winkler contends. The judges he was responsible for would go along with gambling and they couldnt care less about prostitution, but when it came to drugs, they drew the line.Pileggi agrees, adding, That battle about the mob being in drugs in reality took place between Frank Costello and Vito Genovese In The Godfather, you see it depicted between the Marlon Brando character and the rest of the mob.Admittedly, theres a vast tonal difference between the two films, which might be the point. Francis Ford Coppolas The Godfather is operatic and tragic. The aforementioned Appalachian meeting in The Alto Knights, by comparison, is purely businesslike and even comical as wiseguys skid their nice Italian shoes in mud and cow dung while running from the fuzz.I knew Mario when he was working on the novel, Pileggi says. Mario is a friend of mine. And he was working on that novel out of the McClellan committee hearings and out of the Valachi tapes. Thats where it all comes from. But Im basically a reporter rather than a novelist, so what I brought to whatever depiction of that period is, is mostly data and information and facts as a journalist.As for an actor involved in both visions, De Niro is coy as to whether he thinks the graceful and honorable Vito Corleone, don of a powerful crime family and defender of the little guy, is pure fiction or not.Whether it be then or now, people who have honor have honor and they dont change, De Niro considers.But its worth noting that The Alto Knights at least speculates on how classically American this type of business is. Costello even has a line in the movie about how by the time we got here, the Indians had all been killed, the gold all dug up, and the oil sucked from the ground. All that was left for immigrants to do to make a fortune was to go into the booming businesses of the early 20th century: corruption.The only reason Frank and Vito did anything at all was because the country created Prohibition, which was the key to institutionalizing corruption, Pileggi notes. I mean, Prohibition meant there were 45,000 speakeasies in the state of Illinois. The author points out that the 18th Amendment meant that for nearly a 20-year period, corruption was rewarded. A cop paid $20 to look the other way in 1920 might be a captain on the force or chief inspector by 1932; a lawyer who rented the apartments where the speakeasies were hidden could be on the city council two decades later.Thats how they began to control so much of the cities, New York, Chicago, St. Louis, New Orleans, Pileggi says. Which in some ways was not all terrible for the culture. The speakeasies certainly helped the feminist wave of the 1920s versus the bar halls of the 19th century where no women would be allowed.Theres a lot of bad with Cosa Nostra, Pileggi stresses, but it had a social element that the mob pictures usually forget Think of Jimmy Cagney with the gun shooting people and throwing somebody down the stairs, and then go to The Great Gatsby. Its the same person, but what happened over a 20-year period is he cleaned up his act. He said, Hey, I dont have to throw that person down the staircase. I can buy a house in Sands Point! I think that is what our movie The Alto Knights is trying to say.Its also a guy who still exists today. After all, the real Costello was one of the few mob figures who was never whacked nor died in prison. In fact, he even lived the high life in New York City hotels years after he was supposed to be deported.Even after he got out and even after Appalachia, when you are a part of the judicial system, when you are a part of the Department of Justice, and you have subpoenas and you have indictments and you have got them delayed in courtthats what Costello had to deal with after it was over, Pileggi says. He still had 10 years of dealing with court delays, and we see that today in all of the cases that Donald Trump had to deal with, all those delays. They went on for five, six years with Donald Trump, 10 years in some of Donald Trumps cases. And all of a sudden theyre gone. And thats what happened with Frank Costello.The business changes, people dont.The Alto Knights is in theaters now.

When I said Id bought an M1 MacBook Air in 2025, I must confess I was rather expecting comments along the lines of what were you thinking? Instead, the prevailing view appeared to be that there really isnt any reason to favor the latest and greatest model for my type of use.Having had the chance to try out the new machine in an Apple Store, Im not 100% sure Id favor an upgrade even if it were the same price From backup device to mobile MacI explained last time that the primary reason for having a MacBook Air at all was simply as a backup machine. I cant work without a Mac (even if a couple of my colleagues somehow manage to do so on an iPad ), so for many years Ive held onto an 11-inch MBA as a backup machine that mostly lived in a drawer right up until it died.For travel, I consider my 16-inch MacBook Pro sufficiently portable to be worth taking with me, even on weekends away if I want to do things like photo editing. But its a bit chunky to carry more casually around London, so my 12.9-inch iPad Pro with Magic Keyboard served as the device I took with me when I wanted to write in a coffee shop for an hour or two.Back in the Intel days, the primary benefit of the iPad as a mobile laptop was battery-life, but the Apple Silicon MacBook Air models started delivering the same 9-10 hours of real-life use. Using my iPhone as a mobile hotspot covered the few occasions I didnt have access to Wi-Fi, so there was no longer any reason to make the compromises involved in using an iPad rather than a Mac as a mobile device.For that reason and the fact that its even lighter its the M1 MacBook Air Ive been using as my coffee-shop machine. Since it was now seeing more active use, that did make me wonder whether I should just bite the bullet, sell the M1 machine for the same price I paid (just over half the price of the M4), and splash out on a shiny new M4 model.But it doesnt offer any real benefit to meI have to say that using this one made me fall in love with the MacBook Air all over again and part of that was the iconic wedge design which survived into the first generation of Apple Silicon models. I do absolutely adore that look.In fact, when I visited an Apple Store to compare the M1 and M4 models side-by-side, the only thing I preferred about the look of the latest model is the smaller bezels. These arent noticeable at the bottom, and theres not a dramatic difference at the sides, so its really just the top bezel that makes its presence known.Size wise, it really doesnt feel like theres anything in it at all. The M4 model is slightly slimmer at the back, but the M1 is much slimmer at the front. (Technically, the M1 is very slightly smaller, but thats only a 21.24cm depth versus 21.5cm.)The brighter screen and Spatial Audio are both irrelevant to me. MagSafe is nice in principle, but this is a machine I exclusively use on battery power, so not relevant in practice. Same with fast charging I just dont need it for a mobile device. Better camera and mic, sure, but not a big deal for a machine primarily used for writing.So as hard as I tried to talk myself into it, I just couldnt succeed. Im sticking with the M1 model I have.Ive sometimes joked about the packaging test: I know Im really sure about a purchase when I dispose of the packaging Id need to return it. Its now in the recycling.Should others follow my example?It depends.If youre buying a MacBook as your only Mac, and youll do more demanding tasks like coding or video editing, then your sensible choices are between a MacBook Pro and the latest MacBook Air specced-up as far as budget permits.But if like me your usage will be a mix of writing, other light tasks like email and web, and perhaps a bit of photo editing, then any Apple Silicon MacBook Air is good enough. At that point, you have to figure out whether any of the M4 features are worth the price difference to you. For example, the camera and mic differences are significant so if video calls are a key part of your usage, then the 12MP Center Stage camera and mics with voice isolation could well be deciding factors. Similarly, if you intend to use the machine outdoors, that 25% boost in maximum brightness could be crucial.What I would say, having checked out UK prices at least, is it probably doesnt make sense to buy an M2 or M3 model today. Yes, youre getting the newer design (if you prefer that), but theres much less of a financial saving with those. You might as well wait a little while for discounting to kick in on the M4.So, thats my decision made please share your own thoughts in the comments.Highlighted accessoriesAdd 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Apple TV+ has officially renewed its hit sci-fi drama series Severance for a third season, on the heels of the second season finale dropping today. Writing on scripts for season three has already been underway for some time. Executive producer and director Ben Stiller has promised fans that there wont be a three year wait this time between seasons, although filming on season three has not yet commenced. Apple announced the renewal news today with a Twitter collaboration between Ben Stiller and CEO Tim Cook, who tweeted that Season 3 of Severance is available upon request.Season 3 will further peel away the mysteries of Lumon Industries, and follow on from the shocking consequences of the season two finale.The popularity of Severance with general audiences has exploded over the course of season twos release, with Apple claiming it is now it is its most popular series, besting Ted Lasso. Severance season two has also been warmly received by critics, and is firmly in the awards conversation for the upcoming Emmys season. Season one premiered in February 2022, ending on a huge cliffhanger finale. Apple renewed the show for season two immediately. However, due to a variety of factors, including the 2023 actors and writers strikes, production on season two was prolonged significantly and that saw season two release date pushed to January 2025, almost three years later. The wait shouldnt be as long for season three, but Apple is mum on exactly when you should expect the show to return. Big prestige dramas take a long time to make, so our best guess right now would be late 2026 at the earliest, likely slipping into 2027.Apple TV+ shows and movies: Everything to watch on Apple TV PlusAdd 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

The China-linked advanced persistent threat (APT) group. known as Aquatic Panda has been linked to a "global espionage campaign" that took place in 2022 targeting seven organizations.These entities include governments, catholic charities, non-governmental organizations (NGOs), and think tanks across Taiwan, Hungary, Turkey, Thailand, France, and the United States. The activity, which took place over a period of 10 months between January and October 2022, has been codenamed Operation FishMedley by ESET."Operators used implants such as ShadowPad, SodaMaster, and Spyder that are common or exclusive to China-aligned threat actors," security researcher Matthieu Faou said in an analysis.Aquatic Panda, also called Bronze University, Charcoal Typhoon, Earth Lusca, and RedHotel, is a cyber espionage group from China that's known to be active since at least 2019. The Slovakian cybersecurity company is tracking the hacking crew under the name FishMonger.Said to be operating under the Winnti Group umbrella (aka APT41, Barium, or Bronze Atlas), the threat actor is also overseen by the Chinese contractor i-Soon, some of whose employees were charged by the U.S. Department of Justice (DoJ) earlier this month for their alleged involvement in multiple espionage campaigns from 2016 to 2023.The adversarial collective has also been retroactively attributed to a late 2019 campaign targeting universities in Hong Kong using ShadowPad and Winnti malware, an intrusion set that was then tied to the Winnti Group.The 2022 attacks are characterized by the use of five different malware families: A loader named ScatterBee that's used to drop ShadowPad, Spyder, SodaMaster, and RPipeCommander. The exact initial access vector used in the campaign is not known at this stage."APT10 was the first group known to have access to [SodaMaster] but Operation FishMedley indicates that it may now be shared among multiple China-aligned APT groups," ESET said.RPipeCommander is the name given to a previously undocumented C++ implant deployed against an unspecified governmental organization in Thailand. It functions as a reverse shell that's capable of running commands using cmd.exe and gathering the outputs."The group is not shy about reusing well-known implants, such as ShadowPad or SodaMaster, even long after they have been publicly described," Faou said.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

After conducting over 10,000 automated internal network penetration tests last year, vPenTest has uncovered a troubling reality that many businesses still have critical security gaps that attackers can easily exploit.Organizations often assume that firewalls, endpoint protection, and SIEMs are enough to keep them secure. But how effective are these defenses when put to the test? That's where vPenTest, Vonahi Security's automated network pentesting platform, comes in. Designed to simulate real-world attack scenarios, vPenTest helps organizations find exploitable vulnerabilities before cybercriminals can.These aren't complex, zero-day exploits. They're misconfigurations, weak passwords, and unpatched vulnerabilities that attackers routinely exploit to gain access, move laterally, and escalate privileges within networks. Here's how these risks break down:50% stem from misconfigurations Default settings, weak access controls, and overlooked security policies.30% are due to missing patches Unpatched systems that leave the door open for known exploits.20% involve weak passwords Services running without proper authentication, making it easy for attackers to get in.In this article, we'll cover the ten most critical internal network security risks, breaking down what they are, why they're dangerous, and how to fix them before they turn into real problems. We'll start with the least common and work our way up to the number one issue we've seen across thousands of assessments with vPenTest. If these weaknesses exist in your environment, attackers will find themit's just a matter of time.10. Password Deficiencies - Redis ServiceCVSS3: 9.9% of occurrence: 1.3%What is it: Redis is an in-memory key-value data store commonly used for caching, message brokering, and real-time analytics. By default, Redis does not enforce authentication, allowing clients to connect without credentials.Security Impact: If an adversary gains access to the Redis service, they may obtain sensitive data stored within the databases hosted on the server and possibly escalate privileges to gain system-level access, depending on the capabilities of the Redis service and the permissions associated with the compromised user account. This could lead to unauthorized data manipulation, data exfiltration, or further exploitation of the system.Recommendation:It is imperative to configure the Redis service to require a strong password that meets the organization's password policy. A robust password should encompass the following criteria:Minimum of 12 characters Not easily guessable, e.g., not found in a dictionary Combination of upper-case letters, lower case letters, numerical digits, and/or special characters Verifiable against known compromised password databases (e.g., www.haveibeenpwned.com)Additionally, utilizing a password manager can enhance security by generating complex passwords that are difficult to retrieve, even in the event that the password hash is obtained through a breach.9. Firebird Servers Accept Default CredentialsCVSS3: 9.0% of occurrence: 1.4%What is it: Default credentials are often hard-coded usernames and passwords intended for initial setup and should be changed promptly to maintain security. This issue arises when systems are deployed without reconfiguration or when default settings are overlooked during the setup process.Security Impact: The reliance on default credentials for Firebird servers can lead to unauthorized access, allowing attackers to authenticate and conduct reconnaissance on the affected systems. They could enumerate files or alter system configurations, thereby opening pathways to further exploitation. If the attacker identifies the location of Firebird database files, they may gain the ability to read or modify sensitive database information. Furthermore, certain versions of Firebird can be manipulated to execute system commands, thereby extending an attacker's control over the remote host.Recommendation:To mitigate this vulnerability, it is essential to utilize the GSEC tool to change the default credentials associated with Firebird servers. Additionally, implementing a policy for regular credential audits and ensuring that all default settings are modified before deployment can further enhance security. Continuously monitoring server access logs for unauthorized attempts and enabling alerts for suspicious activities will aid in detecting potential exploitations early.8. Microsoft Windows RCE (BlueKeep)CVSS3: 9.8% of occurrence: 4.4%What is it: BlueKeep is a remote code execution vulnerability in Microsoft's Remote Desktop Protocol (RDP), identified as CVE-2019-0708. Security Impact: Exploitation of the BlueKeep vulnerability allows an attacker to assume complete control over the affected system(s). This level of access may facilitate further attacks within the organization's infrastructure, including the potential extraction of sensitive data such as passwords and password hashes. Additionally, the attacker could navigate laterally within the network, compromising additional systems and services. The exploit's nature means that no special privileges or authenticated access are required to execute the attack, thus simplifying the process for the attacker and amplifying the potential impact on the organization.Recommendation:It is critical to promptly apply all relevant security updates to the affected system(s) to mitigate the BlueKeep vulnerability. Organizations should conduct a thorough review of their patch management processes to identify factors contributing to the absence of timely updates. Given the exploitability of this vulnerability and its ability to severely compromise systems, an immediate response is essential to safeguarding the organization's digital environment.7. Microsoft Windows RCE (EternalBlue)CVSS3: 9.8% of occurrence: 4.5%What is it: EternalBlue is a remote code execution vulnerability in the Microsoft Server Message Block (SMBv1) protocol. It allows an attacker to send specially crafted packets to a vulnerable system, enabling unauthorized access and execution of arbitrary code with system-level privileges.Security Impact: Exploitation of the EternalBlue vulnerability allows an attacker to gain full administrative access to the affected system(s). This access can facilitate further malicious actions within the organization's network, including the extraction of cleartext passwords and password hashes, as well as lateral movement to other systems. Importantly, this vulnerability does not require the attacker to escalate privileges on the compromised system, meaning they can initiate reconnaissance and further attacks without any additional effort.Recommendation:To mitigate the risk associated with the EternalBlue vulnerability, it is imperative to promptly apply the relevant security patches to all affected system(s). Additionally, a thorough review of the organization's patch management program should be conducted to identify any deficiencies that led to the unpatched status of these systems. Given the high risk and prevalence of exploitation of this vulnerability, immediate remediation efforts are crucial.6. IPMI Authentication BypassCVSS3: 10.0% of occurrence: 15.7%What is it: The Intelligent Platform Management Interface (IPMI) is a critical hardware solution utilized by network administrators for centralized management of server(s). During the configuration of server(s) equipped with IPMI, certain vulnerabilities may exist that allow attackers to bypass the authentication mechanism remotely. This results in the extraction of password hashes, and in instances where default or weak hashing algorithms are employed, attackers could potentially recover the cleartext passwords.Security Impact: The ability to extract cleartext passwords presents a significant security risk, as an attacker could leverage this information to gain unauthorized remote access to sensitive services, including Secure Shell (SSH), Telnet, or web-based interfaces. Such unauthorized access could enable configurations manipulation, negatively impacting the availability and integrity of services provided by the compromised server(s).Recommendation:Given the absence of a patch for this vulnerability, it is essential to implement one or more of the following mitigation strategies:Limit IPMI access strictly to authorized system(s) that require administrative functionalities.Disable IPMI service on server(s) that do not need it for business operations.Change default administrator password(s) to strong, complex alternatives to enhance security.Employ secure communication protocols, such as HTTPS and SSH, to mitigate the risk of man-in-the-middle attacks that could expose sensitive credentials.5. Outdated Microsoft Windows SystemsCVSS3: 9.8% of occurrence: 24.9%What is it: Outdated Microsoft Windows system(s) present significant security risks, as they are no longer receiving critical updates from Microsoft. These system(s) may lack essential security patches addressing known vulnerabilities, effectively rendering them more susceptible to exploitation by attackers. Additionally, the absence of updates can result in compatibility issues with modern security tools and software, further diminishing the system(s)' defenses. Vulnerabilities on outdated systems can often be exploited in attacks, such as malware distribution, data exfiltration, and unauthorized access.Security Impact: If exploited, an outdated Microsoft Windows system could allow an attacker to gain unauthorized access to the affected system(s), exposing sensitive data and resources. Furthermore, due to the potential similarity in configurations among system(s) within the same network, an attacker may utilize the compromised system(s) as a launching point to move laterally, compromising additional system(s) and increasing the overall footprint of the breach.Recommendation:It is strongly recommended to replace outdated versions of Microsoft Windows with current operating system(s) that are still supported by the manufacturer. This should include conducting a thorough inventory of all system(s) to identify and prioritize outdated versions, followed by implementing a phased upgrade strategy. Regularly verify that all system(s) are receiving the latest updates and patches to maintain security integrity.4. IPv6 DNS SpoofingCVSS3: 10.0% of occurrence: 49.9%What is it: The risk of IPv6 DNS spoofing arises from the possible introduction of a rogue DHCPv6 server within the internal network infrastructure. Due to the preference of Microsoft Windows systems for IPv6 over IPv4, IPv6-capable clients are inclined to obtain their IP address configurations from any available DHCPv6 server.Security Impact: The deployment of a rogue DHCPv6 server allows an attacker to manipulate DNS requests by redirecting IPv6-enabled clients to utilize the attacker's system as their DNS server. This capability can lead to serious consequences, such as the unauthorized capture of sensitive data, including user credentials. When all DNS queries resolve to the attacker's server, the victim's system may inadvertently communicate with malicious services operating on the attacker's infrastructure, encompassing platforms such as SMB, HTTP, RDP, and MSSQL.Recommendation:To mitigate the risks associated with IPv6 DNS spoofing, the following strategies are recommended, with emphasis on aligning each approach with organizational operations and thorough testing prior to implementation:Manage Rogue DHCP at the Network Layer: Implement features such as Rogue DHCP detection, DHCP snooping, and DHCP authentication on network switches and firewalls to control unauthorized DHCP servers and lessen the likelihood of DNS spoofing attacks.Prefer IPv4 over IPv6: Utilize Group Policy Objects (GPOs) or Group Policy Preferences (GPPs) to deploy registry modifications that configure Windows systems to favor IPv4 over IPv6. It is important to note that this approach will not prevent attacks from affecting non-Windows devices.Disable IPv6: While not generally advisable for Microsoft Windows systems, disabling IPv6 may be considered as a last resort precaution, provided thorough testing ensures there are no significant disruptions to business operations.3. Link-Local Multicast Name Resolution (LLMNR) SpoofingCVSS3: 9.8% of occurrence: 65.5%What is it: Link-Local Multicast Name Resolution (LLMNR) is a protocol designed for name resolution within internal network environments when traditional Domain Name System (DNS) services are either unavailable or ineffective. LLMNR acts as a fallback mechanism, facilitating the resolution of DNS names through multicast queries. The resolution process unfolds as follows:The system first queries its local host file to find a corresponding IP address for the specified DNS name.If no local entry exists, the system initiates a DNS query directed at its configured DNS server(s) to resolve the name.Should the DNS server(s) fail to provide a resolution, the system broadcasts an LLMNR query across the local network, seeking responses from other hosts.This reliance on multicast broadcasts introduces vulnerabilities, as any active system can respond to the queries, potentially misleading the requesting system.Security Impact: The broadcasting nature of LLMNR queries allows any system on the local network to respond with its own IP address in answer to a resolution request. Malicious actors can exploit this by sending crafted responses containing the attacker's system's address. This capability opens avenues for significant security breaches, particularly if the query is tied to sensitive services such as SMB, MSSQL, or HTTP. Successful redirection can facilitate the capture of sensitive information including plaintext and hashed account credentials. It is pertinent to note that hashed credentials can be subjected to modern brute-force attacks, thereby compromising account security.Recommendation:To mitigate the risks associated with LLMNR spoofing, it is critical to disable LLMNR functionality across affected systems. This can be accomplished through the following methods:Group Policy Configuration: Navigate to Computer Configuration\Administrative Templates\Network\DNS Client and set 'Turn off Multicast Name Resolution' to Enabled. For administering configurations on a Windows Server 2003 domain controller, utilize the Remote Server Administration Tools for Windows 7 available at this link. Registry Modification for Windows Vista/7/10 Home Edition: Access the registry at HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient and modify the 'EnableMulticast' key to 0 or remove it to disable the feature.2. NetBIOS Name Service (NBNS) SpoofingCVSS3: 9.8% of occurrence: 73.3%What it is: The NetBIOS Name Service (NBNS) is a protocol utilized by workstations within an internal network to resolve domain names when a DNS server is unavailable or unresponsive. When a system attempts to resolve a DNS name, it follows these steps:The system first checks its local host file for an entry mapping the DNS name to an IP address.If no local mapping exists, the system sends a DNS query to its configured DNS server(s) in an attempt to retrieve the corresponding IP address.If the DNS server(s) cannot resolve the name, the system broadcasts an NBNS query across the local network, soliciting responses from other systems.This dependency on broadcasts makes the NBNS vulnerable to spoofing attacks, wherein an attacker can respond with a false IP address.Security Impact: The broadcasting nature of NBNS queries means that any system on the local network can respond. This vulnerability can be exploited by malicious actors who may answer these queries with the IP address of the attacker's system, redirecting traffic intended for legitimate services. For instance, services such as SMB, MSSQL, or HTTP could inadvertently send sensitive data, including cleartext or hashed account credentials, to the attacker's system. Moreover, modern computational capabilities can facilitate the cracking of hashed credentials, potentially allowing unauthorized access to user accounts.Recommendation:To mitigate the risk of NBNS spoofing, it is advisable to disable the NetBIOS service across all hosts within the internal network. This can be accomplished through a variety of methods including configuration of DHCP options, adjustments to network adapter settings, or modifications to the system registry. Implementing these changes will significantly reduce the potential attack surface associated with NBNS.1. Multicast DNS (mDNS) SpoofingCVSS3: 9.8% of occurrence: 78.2%What it is:Multicast DNS (mDNS) serves as a name resolution protocol for local networks, facilitating the resolution of domain names when a dedicated DNS server is unavailable. The resolution process occurs in stages:The system first consults its local host file for any appropriate DNS name/IP address mappings.In the absence of a configured DNS server, the system resorts to mDNS, broadcasting an IP multicast query requesting identification from the host corresponding to the DNS name. This protocol behavior exposes a potential vulnerability that malicious actors can exploit, enabling them to impersonate legitimate systems by responding to these queries.Security Impact: mDNS queries, which are transmitted across the local subnet, can be answered by any device capable of receiving them. This vulnerability allows an attacker to respond with their system's IP address, potentially misleading the querying system. Such exploitation may lead to interception of sensitive information, including unencrypted and hashed credentials, depending on the specific service the victim is trying to access (e.g., SMB, MSSQL, HTTP). It should be noted that hashed credentials can often be compromised within a relatively short timeframe using contemporary computing resources and brute-force attack methodologies.Recommendation: To mitigate the risk of mDNS spoofing, the primary recommendation is to completely disable mDNS if it is not in use. On Windows systems, this can often be done by implementing the 'Disable Multicast Name Resolution' group policy. As many applications have the potential to reintroduce mDNS functionality, an alternative strategy is to block UDP port 5353 via the Windows firewall. For non-Windows systems, disabling services such as Apple Bonjour or avahi-daemon can provide similar protection.It is important to note that disabling mDNS may disrupt functionalities such as screen casting and certain conference room technologies. Should complete disabling not be feasible, consider isolating affected systems within a controlled network segment and mandating the use of strong, complex passwords for any accounts that access these systems.What Pentesting Reveals About Security GapsAfter analyzing tens of thousands of network assessments, one thing is clearmany security gaps aren't the result of advanced hacking techniques but simple, avoidable mistakes. Weak passwords, forgotten misconfigurations, and unpatched systems create easy opportunities for attackers. These aren't once-in-a-lifetime vulnerabilities. They're recurring problems that show up in networks of all sizes, year after year.Pentesting is like stress-testing your security before a real attacker does. It reveals how someone could break in, move around, and escalate privileges using the same tactics real-world attackers rely on. Time and again, assessments prove that even companies with strong defenses often have hidden weaknesses waiting to be exploited.The problem? Most organizations still rely on annual pentests for compliance, leaving months of blind spots in between. That's where vPenTest from Vonahi Security comes in. It delivers automated, on-demand network pentesting, so instead of waiting for an audit to tell you what went wrong, you can find and fix exploitable vulnerabilities year-round.Cyber threats aren't slowing down, so security testing shouldn't either. Whether done manually or through automation, regular network pentesting is the key to staying ahead of attackersnot just checking a box for compliance. Want to explore vPenTest and see the power of automated network pentesting for yourself? Schedule a free demo of vPenTest!Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter and LinkedIn to read more exclusive content we post.

John Edwards, Technology Journalist & AuthorMarch 21, 20256 Min Readtanit boonruen via Alamy Stock PhotoJust about everybody agrees that AI is an essential business tool. This means that it's now time to give the technology the status it deserves by creating a business unit that's completely dedicated to deploying innovative AI applications across the enterprise.An AI innovation unit serves as an organizational hub for designing and deploying AI solutions, as a catalyst for adopting and integrating of AI, and as a focal point for AI business exploration and experimentation, says Paul McDonagh-Smith, a senior lecturer in information technology and executive education at the MIT Sloan School of Management. "By spinning-up an AI innovation unit, your company can accelerate its digital transformation, sustain competitiveness, and create a culture of innovation," he explains in an online interview.McDonagh-Smith believes that an AI innovation unit can help convert the AI's potential into enhanced product offerings and customer experiences, unlocking new revenue streams and creating a competitive advantage. "Your AI innovation unit will also provide a space and a place to combine AI research and responsible application of AI to help you minimize risks while maximizing benefits."Mission GoalsAn AI innovation unit's mission should be to coordinate, plan, and prioritize efforts across the enterprise, says Steven Hall, chief AI officer at technology research and advisory firm ISG. "This can include ensuring the right data assets are used to train models and that proper guardrails are established to manage risks," he recommends in an email interview. Hall adds that unit leaders should also work toward keeping relevant individuals in the loop while prioritizing use cases and experiments.Related:An AI innovation unit should always support sustainable and strategic organizational growth through the ethical and impactful application and integration of AI, McDonagh-Smith says. "Achieving this mission involves identifying and deploying AI technologies to solve complex and simple business problems, improving efficiency, cultivating innovation, and creating measurable new organizational value."A successful unit, McDonagh-Smith states, prioritizes aligning AI initiatives with the enterprise's long-term vision, ensuring transparency, fairness, and accountability in its AI applications. "An effective AI innovation unit also increases the flow of AI-enhanced policies, processes, and products through existing and emerging organizational networks."Carolyn Nash, chief operations officer for open-source software products provider Red Hat, says her firm recently established an AI innovation unit when enterprise leaders recognized that AI had become a top IT strategy priority. "This newly-formed team is now focusing on putting the appropriate infrastructure foundations in place for AI to be developed at scale, and in a cost-efficient manner," she explains in an online interview. Part of that work, Nash notes, includes identifying and creating productivity use cases.Related:Leadership RequirementsAn AI innovation unit leader is foremost a business leader and visionary, responsible for helping the enterprise embrace and effectively use AI in an ethical and responsible manner, Hall says. "The leader needs to understand the risk and concerns, but also AI governance and frameworks." He adds that the leader should also be realistic and inspiring, with an understanding of the hype curve and the technology's potential.The unit should be led by a chief AI officer (CAIO), or an equivalent senior executive with expertise in both AI technology and strategic business management, McDonagh-Smith advises. "While this leader possesses a strong understanding of data science, machine learning, and innovation strategy. alongside finely-tuned leadership skills, this individual also needs to be adept at bridging technical and non-technical teams to ensure AI that initiatives are practical, scalable, and personalized to business goals."Related:Team BuildingMcDonagh-Smith recommends staffing the AI unit with a multidisciplinary team that combines the capabilities of data scientists, machine learning engineers, and software engineers, as well as AI ethicists, HR experts, UX /UI designers, and change management specialists. "This will provide the diversity of perspective and expertise necessary to fuel and drive your AI innovation unit forward."Nash observes that there will also be times when it becomes necessary to seek advice and support from other enterprise stakeholders, particularly when collaborating on projects with elements that lie beyond the main team's skills and knowledge. She adds that the unit should focus on addressing existing business issues, not seeking new problems to solve. "Proactively capturing requirements from strategic leaders across the business -- HR, marketing, finance, products, legal, sales -- is critical to ensuring the AI unit is correctly focused."ReportingMcDonagh-Smith recommends that the AI innovation unit's leader should report directly to the enterprise C-suite, ideally to the CEO or chief digital officer (CDO). "This reporting structure ensures that AI initiatives remain a visible strategic priority and are seamlessly integrated with broader business goals," he says. "It also allows for clear communication between the unit and top-level leadership, helping to secure the necessary support for scaling successful AI-forward projects across the organization."A Collaborative CultureAn AI innovation unit requires a collaborative culture that bridges silos within the organization and commits to continuous reflection and learning, McDonagh-Smith says. "The unit needs to establish practical partnerships with academic institutions, tech startups, and AI thought leadership groups to create flows of innovation, intelligence, and business insights."McDonagh-Smith believes that the unit should be complemented by a strong governance framework that will allow it to manage AI risks, uphold ethical standards, and ensure AI deployments that align with enterprise values and societal responsibilities. "By introducing regular impact assessments and transparent reporting on AI initiatives, you'll build trust both internally and externally ... and establish your team as a leader in evolving business practices."About the AuthorJohn EdwardsTechnology Journalist & AuthorJohn Edwards is a veteran business technology journalist. His work has appeared in The New York Times, The Washington Post, and numerous business and technology publications, including Computerworld, CFO Magazine, IBM Data Management Magazine, RFID Journal, and Electronic Design. He has also written columns for The Economist's Business Intelligence Unit and PricewaterhouseCoopers' Communications Direct. John has authored several books on business technology topics. His work began appearing online as early as 1983. Throughout the 1980s and 90s, he wrote daily news and feature articles for both the CompuServe and Prodigy online services. His "Behind the Screens" commentaries made him the world's first known professional blogger.See more from John EdwardsReportsMore ReportsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also Like

The boom in AI has virtually eclipsed technologies like augmented reality (AR) and virtual reality (VR). Nevertheless, there are still good reasons to keep AR and VR on the IT strategic roadmap.AR is so named because it can embellish the physical world with digital artifacts. VR goes one step further by immersing participants in an alternate world of virtual experience.There are a number of AR/VR use cases that are working in business.The retail and real estate industries use AR and VR technologies to give customers a preview of how a household item would look in their home. It also can give would-be buyers a virtual walkthrough of a vacation home that they are considering purchasing that is thousands of miles away.Building engineers and inspectors use AR with the help of special glasses that display blueprints of electrical wiring that they can superimpose upon a finished wall in a structure; the military uses VR to simulate battlefield scenes for trainees; and baseball players use AR/VR to improve the mechanics of their swings.The CIOs Position on AR/VR TodayFor CIOs, AR/VR is taking a backseat to artificial intelligence, which Statista sees as exceeding $1.8 trillion in business investment by 2030. Consequently, there is little left in most IT budgets for anything else.Related:CIOs also know that most AR/VR investments cant be done on the cheap. AR/ VR implementations often require significant customization to achieve the right fit for specific business cases, and they can require expensive investments in headgear, workstations and other hardware.Finally, its not always easy to justify an AR/VR investment. While an AR/VR investment might be close to mandatory when the military is training personnel to disarm bombs on a battlefield, its not that easy to justify AR/VR simulations for more mundane use cases.Collectively, these circumstances have put AR/VR on the IT back burner, but it doesnt mean that they dont deserve a spot on IT's strategic roadmap.Where AR and VR Could Play in a BusinessAdecco, a corporate recruiter, reported in 2023 that 92% of executives think that American workers aren't as skilled as they need to be. And the World Economic Forum expects that 39% of skills will be outdated by 2030. At the same time, younger employees entering the workforce are less likely to learn by reading manuals, and more likely to further their learning through AR, VR and other visual technologies.This makes workforce education a prime area for AR/VR utilization. In addition, many of the skills that must be learned by employees across a wide swath of industries are somewhat generic (for example, the basics of lending for a financial institution, or the fundamentals of waste management and collection for sanitation workers). So, it is possible that more generic and cost-effective AR/VR offerings can be used without much need for company-specific customization.Related:Schools are already integrating AR/VRinto their curricula, and there is no reason that companies cant do the same to help address their employee skills shortages.Another AR/VR use case that has been used successfully is in retail sales where AR/VR can simulate product experiences in a virtual environment. With AR/VR, a prospect can experience what a trip to Belize would be like or do a visual walkthrough of a beach home in Miami. A customer can try on a sweater virtually, or they can see how a new dining room table looks like in their home.All these examples are already in play and generating revenue in e-commerce markets, where it is important for customers to experience what it would be like to own or experience something that they cant physically see or touch. The value proposition for using AR/VR in retail is further sweetened because companies dont have to invest in special hardware. Instead, customers can use the AR/VR on regular home computers and mobile devices.Related:New product development is one more area where companies are adopting AR/VR. Constructing physical prototypes of new products that may not work is expensive and time-consuming. If new product designs and simulations can be generated with 3D modeling and AR/VR, the technology investment may be worth it.AR/VR TrendsLooking forward, it is reasonable to expect that AR/VR use will expand in the areas where it is already gaining a footing: education/training, retail sales and product development.Also, there are three AR/VR trends that CIOs should note:Cloud-based AR/VR. A user can put on a wireless headset and use AR/VR from the cloud if the computing requirements for the app arent overly intensive. Education and training AR/VR in most cases would work in this scenario, although there might be a need to invest in more bandwidth.Better ergonomic experiences for users. AR/VR headgear is clunky and uncomfortable. Vendors know this and are at work at creating more wearable and tetherless headsets that deliver a better ergonomic experience to users. That lighter, more agile hardware could also lead to lower costs.A focus on security and governance. AR/VR vendors havent paid much attention to security and governance in the past, but they will in the future because enterprise customers will demand it, and the enterprise market is too big to ignore.Wrap-UpWhile AR/VR technology isnt front-and-center in technology discussions today, it could emerge in the future as a way for companies to streamline education and training, improve new product development and times to market, grow retail revenues, and even simulate scenarios. For example, it could be used for a disaster recovery operational failover in a simulated scenario.AR/VR are not todays hot technologies, but they should nonetheless be listed in IT strategic plans, because they are logical extensions of more corporate virtualization. Plus, they can address several of the persistent pain points that companies continue to grapple with.

Were a small, fully remote team of 7 building creative, web-based projects in the telecommunications space. We have two talented developers ready to buildbut we need you to lead the way.Were looking for a part-time Project Lead (4 hours/day, MondayFriday) to take charge of defining, reviewing, and shaping our software projects.What Youll Do:Define and lead development of creative telecom web servicesTranslate ideas into clear specs for our 2 programmersReview progress daily and give feedbackTest features, spot bugs, and adjust prioritiesCollaborate directly with the company foundersWhat You Bring:Experience managing digital/software projectsStrong understanding of web development workflowsExcellent communication and organizational skillsDetail-oriented when testing and reviewing softwareBonus: experience with telecom, Linux, Asterisk, kamailio, VoIP, SIP, DIDs, call termination & origination, Origin-Based Rating (OBR)Details: Part-time: 4 hours/day (MondayFriday) 1,000/month 100% remote High ownership, lots of creative freedomHow to Apply:Send us a short intro about yourself, what youve worked on, and why this role excites you. Portfolios, product stories, or anything that shows your style are welcome.Please note the fixed salary of 1000 EUR / month.-> [emailprotected]