Irish comedy-drama Bad Sisters is back on Apple TV+. Season one, adapted from Belgian original Clan, was one of the finest shows of 2022 and season two picks up two years after its dramatic conclusion. Joining the Garvey sisters (Eva, Grace, Ursula, Bibi and Becka, played respectively by Sharon Horgan, Anne-Marie Duff, Eva Birthistle, Sarah Greene and Eve Hewson) this time around are a bunch of returning favourites as well as a few newcomers. Find out more about Fiona Shaws tricky Angelica, Thaddea Grahams fresh-faced detective Una and some more familiar faces below. And if you need a recap of what went on last time to jog your memory, we have you covered here.Fiona Shaw as Angelica CollinsThe sister of Roger Muldoon (Grace and JPs former neighbour), Angelicas introduced with the subtitle The Wagon. Irish readers wont need an explanation of that slang term, but for anybody who does, its a derogatory term for an extremely obnoxious, unlikeable and strong-willed woman, and seems to be a fitting one for Angelica.The new character is played by Irish stage and screen actor Fiona Shaw, wholl be known to a generation forever as Petunia Dursley in the Harry Potter film series, but who has a long career in the theatre and in film and television, including recent roles in Killing Eve, True Detective, Baptiste and many more, all the way back to a part in 1989 feature film My Left Foot.Thaddea Graham as Una HoolihanNewly qualified police detective DC Una Hoolihan is a new addition to Loftus investigatory team. Shes played by a Northern Irish actor whos previously had a lead role in Netflix Sherlock Holmes fantasy The Irregulars, as well as playing Bel in Doctor Who: Flux, Sarah in Sex Education and Vivian in BBC Threes Wreck.Owen McDonnell as Ian Reilly (L) & Peter Claffey as Joe Walsh (R)Killing Eve fans will recognise new character Ian for being played by Owen McDonnell, the same actor who played Niko, husband of Sandra Ohs Eve Polastri in the hit assassin thriller. McDonnell also recently played Joe Gargery in Steven Knights adaptation of Great Expectations, Raymond in three episodes of the last series of True Detective, and many more screen roles from Mount Pleasant to Silent Witness.New character Joe Walsh, whos involved with Becka Garvey, is played by Peter Claffey who, coincidentally, also appeared as a different supporting character named Callum in Bad Sisters season one. Claffey will soon be seen in the lead role of Dunk in Game of Thrones spinoff A Knight of the Seven Kingdoms: The Hedge Knight, and previous to this, has appeared in Harry Wild, Vikings: Valhalla, and played professional rugby.Lorcan Craitch as Det. Supt. HowlettLoftuss boss joins Detective Superintendent Howlett joins season two, and is played by Dublin-born actor Lorcan Craitch, who has a long and healthy screen career including the role of DS Jimmy Beck in Cracker, DCS Jackie Twomey in BBC crime drama Bloodlands, Sean in Ballykissangel, Erastes Fulman in HBOs Rome, and many, many more.RETURNING CASTBarry Ward as Fergal LoftusIrish actor Barry Ward is rarely off the screen, with a huge number of roles, recently including that of Thomas Cromwell in Anne Boleyn, Sawyer in Britannia, Barry in Save Me,White Lines and many more. As DI Loftus in Bad Sisters season two, Ward has an expanded role as the investigator looking into the discovery of a dead body that threatens to dig up the Garvey sisters secrets. Michael Smiley as Roger MuldoonGraces kindly, churchgoing neighbour Roger played a small but key role in season one (read our spoiler-filled recap here) as Graces confidante and ally. In season two, hes still suffering from his dealings with JP, and living with his difficult sister Angelica, played by Fiona Shaw. Northern Irish actor Michael Smiley is well-loved for a great many roles, including his unforgettable turn as Tyres in Channel 4 sitcom Spaced, but much more recently Luther, Dead Still, Temple and The Curse. Brian Gleeson & Daryl McCormack as Thomas and Matt ClaffinThe Claffin brothers were hoping to find the Garvey sisters guilty of murder to stop their family insurance firm from having to pay out on JPs hefty claim in season one, but then younger brother Matthew fell for Becka and things got complicated. They return in season two, still played by Brian Gleeson (The Lazarus Project, Frank of Ireland, Peaky Blinders) and Daryl McCormack (The Woman in the Wall, Good Luck to You, Leo Grande, also Peaky Blinders).ALSO RETURNINGAlongside the five Garvey sisters will be Saise Quinn as Graces teenage daughter Blnaid Williams, Yasmine Akrim as Bibis wife Nora Garvey, Jonjo ONeill as Ursulas husband Donal, and Aidan McCann, Kate Higgins and Connor ODonnell as Ursula and Donals kids David, Molly and Michael.Bad Sister season two streams weekly on Wednesdays on Apple TV+. Episode three will land on November 20.

The post Elder Scrolls Online Update 44 Brings Updated Battlegrounds, New Companions, and More appeared first on Xbox Wire.

As we continue our mission at Xbox to bring the joy and community of gaming to even more people, we remain committed to protecting players from disruptive online behavior, creating experiences that are safer and more inclusive, and continuing to be transparent about our efforts to keep the Xbox community safe.Our fifth Transparency Report highlights some of the ways were combining player-centric solutions with the responsible application of AI to continue amplifying our human expertise in the detection and prevention of unwanted behaviors on the platform, and ultimately, ensure we continue to balance and meet the needs of our growing gaming community.During the period from January 2024 to June 2024, we have focused our efforts on blocking disruptive messaging content from non-friends, and the detection of spam and advertising with the launch of two AI enabled tools that reflect our multifaceted approach to protecting players.Among the key takeaways from the report:Balancing safety and authenticity in messaging: We introduced a new approach to detect and intercept harmful messages between non-friends, contributing to a significant rise in disruptive content prevented. From January to June, a total of 19M pieces of Xbox Community Standards-violating content were prevented from reaching players across text, image, and video. This new approach balances two goals: safeguarding players from harmful content sent by non-friends, while still preserving the authentic online gaming experiences our community enjoys. We encourage players to use the New Xbox Friends and Followers Experience, which gives more control and flexibility when connecting with others.Safety boosted by player reports: Player reporting continues to be a critical component in our safety approach. During this period, players helped us identify an uptick in spam and advertising on the platform. We are constantly evolving our strategy to prevent creation of inauthentic accounts at the source, limiting their impact on both players and the moderation team. In April, we took action on a surge of inauthentic accounts (1.7M cases, up from 320k in January) that were affecting players in the form of spam and advertising. Players helped us identify this surge and pattern by providing reports in Looking for Group (LFG) messages. Player reports doubled to 2M for LFG messages and were up 8% to 30M across content types compared to the last transparency report period.Our dual AI approach: We released two new AI tools built to support our moderation teams. These innovations not only prevent the exposure of disruptive material to players but allow our human moderators to prioritize their efforts on more complex and nuanced issues. The first of these new solutions is Xbox AutoMod, a system that launched in February and assists with the moderation of reported content. So far, it has handled 1.2M cases and enabled the team to remove content affecting players 88% faster. The second AI solution we introduced launched in July and proactively works to prevent unwanted communications. We have directed these solutions to detect Spam and Advertising and will expand to prevent more harm types in the future. Underpinning all these new advancements is a safety system that relies on both players and the expertise of human moderators to ensure the consistent and fair application of our Community Standards, while improving our overall approach through a continuous feedback loop.At Microsoft Gaming, our efforts to drive innovation in safety and improve our players experience also extends beyond the Transparency Report:Prioritizing Player Safety with Minecraft: Mojang Studios believes every player can play their part in keeping Minecraft a safe and welcoming place for everyone. To help with that, Mojang has released a new feature in Minecraft: Bedrock Edition that sends players reminders about the games Community Standards when potentially inappropriate or harmful behavior is detected in text chat. This feature is intended to remind players on servers of the expected conduct and create an opportunity for them to reflect and change how they communicate with others before an account suspension or ban is required. Elsewhere, since the Official Minecraft Server List launched a year ago, Mojang, in partnership with GamerSafer, has helped hundreds of server owners improve their community management and safety measures. This has helped players, parents, and trusted adults find the Minecraft servers committed to the safety and security practices they care about.Upgrades to Call of Dutys Anti-Toxicity Tools: Call of Duty is committed to fighting toxicity and unfair play. In order to curb disruptive behavior that violates the franchises Code of Conduct, the team deploys advanced tech, including AI, to empower moderation teams and combat toxic behavior. These tools are purpose-built to help foster a more inclusive community where players are treated with respect and are competing with integrity. Since November 2023, over 45 million text-based messages were blocked across 20 languages and exposure to voice toxicity dropped by 43%. With the launch of Call of Duty: Black Ops 6, the team rolled out support for voice moderation in French and German, in addition to existing support for English, Spanish, and Portuguese. As part of this ongoing work, the team also conducts research on prosocial behavior in gaming.As the industry evolves, we continue to build a gaming community of passionate, like-minded and thoughtful players who come to our platform to enjoy immersive experiences, have fun, and connect with others. We remain committed to platform safety and to creating responsible AI by design, guided by Microsofts Responsible AI Standard and through our collaboration and partnership with organizations like the Tech Coalition. Thank you, as always, for contributing to our vibrant community and for being present with us on our journey.Some additional resources: Share feedback via theXbox Insiders programor on theXbox Support websiteRead ourXbox Community StandardsLearn about the Xbox Family Settings app anddownload the appwhen youre readyKeep up to speed onPrivacy and Online SafetyRemain informed onHow to Report a PlayerandHow to Submit a Case ReviewDiscover Minecraft Educations immersive learning worlds:Privacy ProdigyCyberSafe: Home Sweet HmmGood GameNeed help?Request a Call, Chat Online, and More

New data from LinkedIn on the most in-demand jobs on the platform in the third quarter of this year reveals that software engineering is in second place. Just pipped to the post by sales roles, it is clear that software engineering and development pros are in high demand.Additionally, full stack engineers and application developers feature in the top ten in-demand roles at places eight and ten respectively.Software roles are in such high prominence because software powers pretty much everything. According to McKinsey, these days, Every company is a software company.Traditional bricks and mortar businesses are now increasingly digital-first. Think of your bank or your supermarket, for example. The way we use these businesses has radically changed, with services increasingly offered online.5 jobs to discover this weekThe of EU techThe latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!Media are software companies now too. Hundreds of workers at The New York Times Tech Guild went on strike the day before the US election. They include data analysts, project managers, and software developers, and make up around 600 of the publications tech employees.These workers create and maintain the back-end systems that power the New York Timesyes, including Wordle. The fact that they not only represent about 10% of the papers total workforce, but are so essential to its operations, is yet another sign of our reliance on software solutions and the people who provide them.McKinsey has established three main reasons why this is the case. Firstly, there is the accelerated adoption of digital products, observed particularly during the pandemic when we did more online than ever before.Secondly, these days, more of the value in products and services is derived from software. Thirdly, the growth of cloud computing, PaaS, low- and no-code tools, and AI-based programming platforms are growing the sector exponentially.Languages to learnIn such a dynamic sector, its no surprise that new programming languages are emerging all the time. Consider Mojo, a language designed to combine the simplicity of Python, with the efficiency of C++ or Rust.Or how about Finch, a new language from MIT thats designed to support both flexible control flow and diverse data structures.Additionally, older languages are having a resurgence, such as Go, and thats because its good for security and AI; both hot-button topics right now.Stack Overflows 2024 Developer Survey highlighted JavaScript, HTML/CSS, and Python as the top three languages respondents had used for extensive development work over the past year.Additionally, the US White House Office of the National Cyber Director (ONCD) issued a recent report advising that programmers should move to memory-safe languages.Given all that, it is understandable if as a developer, youre really not sure what languages you should be using, what you should learn, and what you can think about dropping.Broad v specificDoes this mean you should be aiming to become proficient in up to ten languages? A recent Reddit thread discussed just that, with one user arguing, There is absolutely no point of learning 10 languages; just pick two, pick a specific field, and become the best at it.Others agreed, with one contributor saying, people are fixated on finding the hottest new language, the hottest new tech stack, or the latest trends, but this is not gonna help you.Another user pointed out that Specialisation is good but you should have a general understanding of the type of languages and how they work, then you can learn new languages and tech stack easily.For many developers, good foundational knowledge is more important (and more valuable to their long-term career) than having a laundry list of programming languages on their CV that they may only be semi-proficient in.Learning a stack on YouTube and building toy projects is easy, pointed out another thread contributor. Building specialisation takes a lot more effort and many years of real life experience.If you do decide to specialise in a couple of languages, that should be, at least in part, influenced by what you enjoy doing most.Do what you think is good for you, says a thread contributor. Once you become really good, youll automatically stand out from the crowd by being better than 90% of the mediocre developers. Wise advice.Ready to find your next programming role? Check out The Next Web Job Board Story by Kirstie McDermott Get the TNW newsletterGet the most important tech news in your inbox each week.Content provided by Amply and TNWAlso tagged with

As expected, Apple today took the wraps off the next big version of Final Cut Pro, and it comes with a whole host of new features that will surely make video editors happy. Included in Final Cut Pro 11 is support for spatial video editing, transcribe to captions, magnetic mask, and more. Its noteworthy that Final Cut Pro 11 is the first release that isnt a 10.x release since Apple dropped the X from its name back in 2020. Apple also released an update to Final Cut Pro for iPad, version 2.1, and an update for Final Cut Camera. These updates come hot on the heels of Logic Pro 11.1, which also released today, and features several significant enhancements for pro creatives.Spatial video editingOne of the most noteworthy enhancements found in Final Cut Pro 11 is a feature that was previewed during WWDC this past summer. Apple is finally bringing spatial import, edit, and delivery support to Final Cut Pro users, allowing them to import spatial video shot on iPhones to the Mac, edit, and then deliver to view in Apple Vision Pro.Spatial videos can be taken with Apple Vision Pro, iPhone 15 Pro and iPhone 15 Pro Max, or any iPhone 16-era device. Theres also Canons new RF-S7.8mm F4 STM DUAL lens, an APS-C lens that pairs nicely with the Canon R7.Once captured, its just a matter of dropping the spatial video in a Final Cut Pro project timeline, editing, and then delivering. Editing spatial videos works largely the same way as editing regular 2D videos, but there are new export controls to help facilitate final delivery.Spatial video clips can be captured directly with Apple Vision Pro, or on iPhone 15 Pro, iPhone 16, iPhone 16 Pro, and Canons new RF-S7.8mm F4 STM DUAL lens paired with Canon R7.Users can export spatial content directly to their Photos App Library, view them immediately on the Vision Pro, or share with others via the recently launched Vimeo app for Apple Vision Pro.Recently Blackmagic Design, creator of Final Cut Pro competitor, DaVinci Resolve, released an update to its NLE to include both spatial video encoding and spatial photo decoding support. I found the process there to be simple and straightforward as well.Transcribe to CaptionsTeased during its Mac mini video presentation, Apple has natively integrated AI-assisted transcription directly within Final Cut Pro. The new feature will benefit from the companys new M4-era hardware, with speech to text processing up to 13x faster than Intel Macs.The new Transcribe to Captions option can be found within the color correction and audio enhancements options, which looks like a little magic wand directly beneath the viewer. Users simply select the audio source from which to derive the captions, click Transcribe to Captions, and Final Cut Pro will handle the rest. Apple notes that an Apple-trained large language model is used to transcribe spoken audio.Needless to say, this new feature will be a boon to creators, especially those invested in short-form content. As I mentioned in a previous post, caption transcription is far from a new feature, and several companies, such as MotionVFX, offer excellent transcription solutions that work extremely well. The big difference here, of course, is that Apples transcription feature is natively built inside of Final Cut Pro, and is free to existing users via the version 11 update.Magnetic MaskMagnetic Mask was another AI-feature revealed during Apples Mac mini event, and its the one we knew the least about going into todays release. Apple didnt actually mention the Magnetic Mask during the event, but the option was shown during the Final Cut Pro portion of the video. At the time, we presumed that the Magnetic Mask would make deploying masks much easier with the help of snapping to high contrast areas. In its press release today, Apple notes that Magnetic Mask will make it so that editors can easily isolate people and objects in a clips without needing a green screen or utilizing more time-consuming rotoscoping. Magnetic Mask can be combined with other color correction tools and effects for custom and precise stylization of footage. Final Cut Pro is quickly becoming a centerpiece of Apples AI efforts on the Mac. The new Transcribe to Captions and Magnetic Mask features join other AI-assisted tools like Smart Conform, Enhance Light and Color, Smooth Slo-Mo, and Voice Isolation. Final Cut Pro 11 release notesExpand your creative freedom with the revolutionary AI-powered Magnetic Mask, and isolate people, objects and shapes in any footage without a green screen or time-consuming manual rotoscoping. Use Transcribe to Captions to automatically create captions from spoken audio in the timeline with a powerful AI language model built for speed and accuracy. (Requires a Mac with Apple silicon and macOS Sequoia or later.) Import and edit spatial video clips from Apple Vision Pro or iPhone 15 Pro or later; add titles, color correction, and effects; and share captivating spatial projects that can be viewed on Apple Vision Pro. (Requires a Mac with Apple silicon.) Reduce clutter in the browser by automatically hiding original clips when creating synced clips or multicam clips. Use Vertical Zoom to Fit to scale clip heights to fit in the timeline. Speed up your creative flow with new Picture in Picture and Callout effects. Create amazing visual reveals with new Modular transitions. Increase efficiency with new keyboard shortcuts for common tasks in the browser and timeline. Install third-party Media Extensions to support playback and editing of more video formats. (Requires macOS Sequoia or later.)Final Cut for iPad 2.1Not to be forgotten, Apple also released the next version of Final Cut Pro for iPad, version 2.1. It includes several additions geared towards streamlining the editing experience on iPad, including:Enhance Light and Color.Haptic feedback for Apple Pencil Pro and Magic Keyboard.New vertical pinch gesture that can expand or minimize clip height in the timeline.Dynamically adjust the size and position of the viewer in Picture in Picture mode.Timeline support for recordings at 90 fps, 100 fps, and 120 fps on iPhone 16 Pro.New inks for Live Drawing: watercolor, crayon, fountain pen, and monoline pen.New modular transitions, color-grading presets, and dynamic soundtracks.Easily highlight and overlay visuals with Picture in Picture and Callout effects.New keyboard shortcuts!Final Cut Camera also received a major update, bringing the ability to capture Log-encoded HEVC video in standalone of Live Multicam sessions a huge workflow improvement! Theres also the ability to enable a LUT preview while recording Log footage and support for 4K120fps recording with iPhone 16 Pro.9to5Macs TakeFinal Cut Pro 11 brings several key new features to the table, with one such feature, Transcribe to Captions, among one of the most-wanted new features. Needless to say this is a pretty massive update across the board, and most certainly worth its 11 badge. Its available as a free update to existing users, while new users can purchase it for $299, or download a free 90-day trial to test drive it.What do you think about Final Cut Pro 11? Sound off in the comments below with your thoughts.Add 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Apple on Wednesday released a major update to Logic Pro, its professional audio workstation software. Both Mac and iPad versions of Logic Pro are getting multiple new features, including a Quantec Room Simulator and improvements to Sound Browser on iPadOS. Read on as we detail everything thats new with the latest Logic Pro update.Whats new with the latest Logic Pro update: Quantec Simulator and moreBoth Logic Pro for Mac and iPad now have a Quantec Room Simulator, which is available as a plug-in built using the original schematics and algorithms of Wolfgang Buchleitner, founder and inventor of Quantec. Users can:Access the only authentic hardware recreation available as a plug-in, built using the original schematics, algorithms and code from the Quantec founder and inventor, Wolfgang Buchleitner.Add the legendary sound of the Quantec QRS and Quantec Yardstick hardware reverb, the most acoustically accurate room simulation ever created.Select the vintage Quantec QRS to add naturalistic acoustic space to your music while preserving its sonic character.Choose the Quantec Yardstick with enhanced room simulation algorithms for more accurate modelling of acoustic spaces with improved clarity and detail.When it comes to the Mac version, Apple has made improvements to the plug-in search:Find and add any plug-in directly from the plug-in menu.Use the Search and Add Plug-in key command to quickly find and add plug-ins without ever clicking a channel strip insert.Easily search by categories, company name or even part of a plug-in name.The iPad app update brings improvements to the Sound Browser and Sound Library:Access your personal collection of samples directly from Logics built-in sound BrowserAdd Sample Folders from your iPad, external storage, and iCloud DriveUse multiple folders to provide an organized view of your favorite samplesFlatten complex nested folders of samples into a single, easy to navigate listPreview samples and then drag and drop to build drum kits, sampler instruments or add directly to a trackThere are also some other improvements, including:Download the new Modular Melodies sound pack and discover hundreds of loops crafted from patchable hardware synths and a collection of meticulously designed Alchemy synth patchesDrag channel strips to organise your mixer layout.Send your mix directly to Voice Memos and preview on iPhone, iPad or Apple Watch.Click any plug-in slot while holding the Command key to quickly remove plug-ins.Quickly set input, output, side chain source or bus routings using in-menu search.Use key commands to move Marquee selections in all directions to speed up editing.Logic Pro for iPadis available for $4.99/month or $49/year after a one-month free trial. It requires withiPad Air or iPad Pro with M1 or higher. Logic Pro for Mac is available for a one-time purchase of $199.99 after a90-day free trial.Add 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

NASA's plagued Space Launch System rocket, which is being developed to deliver the first astronauts to the Moon in over half a century, is on thin ice.According to Ars Technica senior space reporter Eric Berger's insider sources, there's an "at least 50-50" chance that the rocket "will be canceled.""Not Block 1B. Not Block 2," he added, referring to the variant that was used during NASA's uncrewed Artemis I test flight in 2022 and a more powerful design with a much higher translunar injection payload capacity, respectively. "All of it."To be clear, as Berger himself points out, we're still far "from anything being settled." Nonetheless, the reporter's sources have historically been highly reliable, suggesting the space agency may indeed be getting cold feet about continuing to pour billions of dollars into the non-reusable rocket.The SLS has already seen its fair share of budget overruns and many years of delays. In a 2022 interview, former NASA deputy administrator Lori Garver told Futurism that the project is simply "not sustainable."The rocket platform has become a political football, going well past $6 billion over budget and over half a decade behind schedule."I will be direct," former NASA administrator Michael Griffin told the House Space and Aeronautics Subcommittee during a January hearing on the space agency's Artemis program, as quoted byArs Technica. "In my judgment, the Artemis Program is excessively complex, unrealistically priced, compromises crew safety, poses very high mission risk of completion, and is highly unlikely to be completed in a timely manner even if successful."So far, the rocket has been launched only once, as part of NASA's inaugural Artemis mission in 2022, but damage sustained by the agency's Orion spacecraft has given officials pause about its ability to safely send astronauts to the Moon in the coming years.According to an August report by NASA's Office of Inspector General (OIG), even just the price of the tower designed to launch rockets starting with Artemis IV, which is tentatively scheduled for 2028, has ballooned to a whopping $1.8 billion.Plagued aerospace giant Boeing has also encountered plenty of headwinds with its contributions to the launch platform. In a separate September report by the OIG, the SLS' Block 1B configuration, which is being built by Boeing, was found to be woefully behind and way over budget."We found an array of issues that could hinder SLS Block 1B's readiness for Artemis IV including Boeings inadequate quality management system, escalating costs and schedules, and inadequate visibility into the Block 1Bs projected costs," the report reads.To reiterate, the SLS is a non-reusable rocket, which means that NASA will have to build entirely new rocket stages for each upcoming Artemis mission. That's in stark contrast to SpaceX's fully reusable Starship, which the space agency is still hoping to tap for Artemis III, the first crewed trip to the Moon's surface.If NASA does indeed give up on the SLS, Berger suggests that the agency may have to get creative by "launching Orion on one rocket" such as SpaceX's Falcon Heavy, and then "docking with a (separately launched) [United Launch Alliance] Centaur V and boosting it to the Moon."Whether such a Plan B is even on the table,though,is unclear at best."Honestly the people who will ultimately make this decision aren't even in place yet," Berger wrote in a followup tweet, likely referring to the incoming Trump administration. "But there is a big desire for big changes."More on the SLS: NASA Keeping Issue With Moon Rocket a SecretShare This Article

Musk is "behaving as if hes a co-president."White House DownSpaceX and Tesla CEO Elon Musk and president-elect Donald Trumpbecame inseparable toward the end of the election but as the bromance deepens, Trump's team is reportedly growing wary.Musk is "behaving as if hes a co-president and making sure everyone knows it," one person familiar with the matter .Just last night, Trump announced that Musk and former Republican presidential candidate Vivek Ramaswamy would helm the new Department of Government Efficiency or, um, "DOGE" for short. The mortifying acronym represents "'The Manhattan Project' of our time," Trump's statement purports,underscoring Musk's apparent sway in the upcoming administration.Love at First FightWhether the mind-meld between Trump and Musk will last is up for debate. Tech guru Kara Swisher predicted this week that the duo are likely to have a falling out, "because they're both really strong personalities who like to be the center of attention."If Trump does eventually ditch Musk, it wouldn't be without precedent; he flamed out with an epic proportion of his own cabinet during his first term, and even publicly battled Musk before making up during the most recent election.In some ways, the two have a lot in common. Both Trump and Musk are fond of spreading conspiracy theoriesonline, and are engaged in many of the same far-right culture wars around immigration, gender identity and the economy. In other domains, though, their allyship seems more tenuous: Musk remains the CEO of Tesla, for instance, while Trump is a longtime foe of electric vehicles.Any potential rift between the two is likely to be more emotional than factual, though. If there's one thing neither man can stand, it's other people getting credit for what they consider to be their own accomplishments."Hes sure taking lots of credit for the presidents victory," NBC's source continued, speaking of Musk. "Bragging about America PAC and X to anyone who will listen. Hes trying to make President Trump feel indebted to him. And the president is indebted to no one."More on Elon Musk: Elon Musk's Grok AI Blasts Elon Musk as Huge Spreader of MisinformationShare This Article

Nov 14, 2024Ravie LakshmananMalware / VulnerabilityA newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine.The vulnerability in question, CVE-2024-43451 (CVSS score: 6.5), refers to an NTLM hash disclosure spoofing vulnerability that could be exploited to steal a user's NTLMv2 hash. It was patched by Microsoft earlier this week."Minimal interaction with a malicious file by a user such as selecting (single-click), inspecting (right-click), or performing an action other than opening or executing could trigger this vulnerability," Microsoft revealed in its advisory.Israeli cybersecurity company ClearSky, which discovered the zero-day exploitation of the flaw in June 2024, said it's been abused as part of an attack chain that delivers the open-source Spark RAT malware."The vulnerability activates URL files, leading to malicious activity," the company said, adding the malicious files were hosted on an official Ukrainian government site that allows users to download academic certificates.The attack chain involves sending phishing emails from a compromised Ukrainian government server ("doc.osvita-kp.gov[.]ua") that prompts recipients to renew their academic certificates by clicking on a booby-trapped URL embedded in the message.This leads to the download of a ZIP archive containing a malicious internet shortcut (.URL) file. The vulnerability is triggered when the victim interacts with the URL file by right-clicking, deleting, or dragging it to another folder.The URL file is designed to establish connections with a remote server ("92.42.96[.]30") to download additional payloads, including Spark RAT."In addition, a sandbox execution raised an alert about an attempt to pass the NTLM (NT LAN Manager) Hash through the SMB (Server Message Block) protocol," ClearSky said. "After receiving the NTLM Hash, an attacker can carry out a Pass-the-Hash attack to identify as the user associated with the captured hash without needing the corresponding password."The Computer Emergency Response Team of Ukraine (CERT-UA) has linked the activity to a likely Russian threat actor it tracks as UAC-0194.In recent weeks, the agency has also warned that phishing emails bearing tax-related lures are being used to propagate a legitimate remote desktop software named LiteManager, describing the attack campaign as financially motivated and undertaken by a threat actor named UAC-0050."Accountants of enterprises whose computers work with remote banking systems are in a special risk zone," CERT-UA warned. "In some cases, as evidenced by the results of computer forensic investigations, it may take no more than an hour from the moment of the initial attack to the moment of theft of funds."Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

Nov 13, 2024The Hacker NewsBrowser Security / SaaS SecurityThe rise of SaaS and cloud-based work environments has fundamentally altered the cyber risk landscape. With more than 90% of organizational network traffic flowing through browsers and web applications, companies are facing new and serious cybersecurity threats. These include phishing attacks, data leakage, and malicious extensions. As a result, the browser also becomes a vulnerability that needs to be protected.LayerX has released a comprehensive guide titled "Kickstarting Your Browser Security Program" This in-depth guide serves as a roadmap for CISOs and security teams looking to secure browser activities within their organization; including step-by-step instructions, frameworks, and use cases. Below, we bring its main highlights.Prioritizing Browser SecurityBrowsers now serve as the primary interface for SaaS applications, creating new malicious opportunities for cyber adversaries. The risks include:Data leakage - Browsers can expose sensitive data by allowing employees to unintentionally upload or download it outside of organizational controls. For example, pasting source code and business plans into GenAI tools.Credential theft - Attackers can exploit the browser to steal credentials using methods like phishing, malicious extensions, and reused passwords.Malicious access to SaaS resources - Adversaries can use the stolen credentials to perform account takeover and access SaaS applications from wherever they are, no need to infiltrate the network.Third-party risks - Attackers can exploit third-party vendors, who access internal environments using unmanaged devices with weaker security postures.Traditional network and endpoint security measures are not sufficient for protecting modern organizations from such browser-borne threats. Instead, a browser security program is required.How to Kickstart Your Browser Security ProgramThe guide emphasizes a strategic, phased approach to implementing browser security. Key steps include:Step 1: Mapping and PlanningTo kickstart your browser security program, the first step is mapping your threat landscape and understanding your organization's specific security needs. This begins with assessing the short-term exposure to browser-borne risks, such as data leakage, credential compromise, and account takeovers. You should also factor in regulatory and compliance requirements. A detailed assessment will help identify immediate vulnerabilities and gaps, allowing you to prioritize addressing these issues for faster results.Once the short-term risks are understood, set the long-term goal for your browser security. This involves considering how browser security integrates with your existing security stack, such as SIEM, SOAR, and IdPs, and determining whether browser security becomes a primary security pillar in your stack. This strategic analysis allows you to evaluate how browser security can replace or enhance other security measures in your organization, helping you future-proof your defenses.Step 2: ExecutionThe execution phase starts by bringing together key stakeholders from various teams like SecOps, IAM, data protection, and IT, who will be impacted by browser security. Using a framework like RACI (Responsible, Accountable, Consulted, Informed) can help define each team's role in the rollout. This ensures all stakeholders are involved, creating alignment and clear responsibilities across the teams. Collaboration will ensure smooth execution and to avoid siloed approaches to browser security implementation.Next, a short-term and long-term rollout plan should be defined.Start by prioritizing the most critical risks and users based on your initial assessment.Find and implement a browser security solution.The rollout should include a pilot phase where the solution is tested on select users and apps, monitoring user experience, false positives, and security improvements.Define clear KPIs and milestones for each phase to measure progress and ensure the solution is being fine-tuned as it is implemented across the organization.Enhance your program gradually by prioritizing specific applications, security domains, or addressing high-severity gaps. For example, you may choose to focus on specific SaaS apps for protection or focus on broad categories like data leakage or threat protection.As the program matures, address unmanaged devices and third-party access. This step requires ensuring that policies like least-privileged access are enforced, and that unmanaged devices are closely monitored.Lastly, assess your browser security program's overall success in detecting and preventing browser-borne risks. This step involves reviewing how effective your security measures have been in stopping threats like phishing, credential theft, and data leakage. A successful browser security solution should demonstrate tangible improvements in risk mitigation, false positives, and overall security posture, providing a clear return on investment for the organization.Future-Proofing Enterprise SecurityThe success of your security program depends on robust short-term and long-term planning. Your organization should regularly review your security strategy to ensure it is up-to-date and able to adapt to changing threats. Today, this means investing in browser security strategies and tools. To learn more about this approach and get practices and frameworks you can follow, read the complete guide.Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE