The Architectural Review is seeking the most creative adaptive reuse projects from around the worldAs the need for sustainable alternatives to building anew becomes increasingly urgent, the AR New into Old awards celebrate the creative ways buildings are adapted and remodelled to welcome new contemporary uses. Launched in 2017, the awards recognise the imaginative appropriation of existing structures that offer buildings a new lease of life, from innovative insertions to ambitious adaptations.Enter nowEntry deadline: 7 March 2025For more information and to enter the awards click hereThe Farsh film studio by ZAV Architects won the 2021 edition of the awards.Credit:Behnam SedighiWinning the 2021 awards for the Farsh Film Studio in Tehran, Mohamadreza Ghodousi of ZAV Architects instructed architects to design the process, not the building. Ghodousi went on to judge the 2023 awards, commending winning project, Site Verrier by SO-IL and Freaks Architecture, as a joyful urban superimposition that invades the courtyard and revitalises the life of the buildings. Also on the judging panel, Lu Wenyu of Amateur Architecture Studio described the winner as having a visionary design approach that breathes new life into historical sites while preserving their authenticity.Highly commended in 2023 was Laguna Mxico in Mexico City, Mexico by ProductoraCredit:Camila CossioRegardless of programme, budget, site or scale, The Architectural Review is looking for projects completed in the last 5 years which have had their life extended by the insertion of new uses rather than demolition and replacement. All entries will be reviewed by an expert international judging panel, which will choose a shortlist of up to six commended buildings. The judges six chosen schemes will all be visited by an independent critic before the judges choose a winner.The AR New into Old awards are diverse and wide-ranging.Previous winners and finalists include SO-IL, ZAV Architects, David Kohn Architects, Ryan W Kennihan Architects, Davidson Rafailidis, Freaks Architecture, Flores & Prats, Rural Urban Framework, Witherford Watson Mann, Aulets Arquitectes, O-office, Wingrdhs, Zaha Hadid Architects, and Productora.To find out more about the AR New into Old awards and enter today, clickhere, or view examples of adaptive re-use projects previously published in the ARLead image: Site Verrier by SO-IL and Freaks Architecture in Meisenthal, France, won the 2023 New into Old awards. Photograph by Arthur Crestani2024-11-21AR EditorsShare

As Newton Centres new railroad station and following development boom transformed the once sleepy village into the main commercial center for the city, landowners capitalized on the opportunity by developing commercial blocks to serve the community and line their own pockets.Mellen Newton Bray (1856-1946) became a major landholder in Newton Centre and would develop the areas directly surrounding the new train station there. On a curving site, he built Brays Hall, this three-story commercial block renting out spaces to local banks and stores with a large assembly hall and bowling alley in the building as well. Initially, Bray planned for an eight-story structure, having contracted a solid foundation that could support such a structure, pending the success of the initial construction. That is mixed use before it was cool. The building was designed by the firm ofKendall & Stevens, likely led byHenry H. Kendall, who resided in Newton Centre. Kendall would also designthe apartment block across the streetfor Mr. Bray. The building is constructed of light Tuscan bricks and is notable for the bracketed cornice and dormers all in copper. The building was restored in the 1970s by owner David Zussman, and rebranded asPiccadilly Square, following his recent trip to London being impressed with by the atmosphere of Piccadilly Circus.

This unique brick houseis located on Devon Roadin Newton Centre, and was built in 1897 for Arthur Herbert Chester andElizabeth S. (Rich) Chester.Arthur H. Chester (1868-1898) worked in real estate, largely in the office ofJ. Montgomery Sears. He acquired a large house lot in Newton Centre, and had this unique Jacobean Revival residence built for his young family. Sadly, within a year of its completion, Arthur died of Malarial Fever at the age of just 30 years old in 1898. Elizabeth, his widow, would retain the house for a decade longer before it sold toHenry Esmond Rowleyand his wife, Josephine. While it looks like a brick house, this residence is actually wood-frame with a brick veneer, a cost-saving measure to still give a stately appearance. The house is notable for its twin rounded gable parapets at the faade and lack of ornate trimmings. The house was covered in white paint for years, but the owners recently removed all the paint from the brick.

FilmsNow Streaming: Married to Comics by John KinhartComic artists Justin Green and Carol Tyler profiled in this feature-length documentary.Better LettersNov 21, 2024 2 min readCarol Tyler's relationship with Justin Green forms part of her autobiographical comic books.Something I neglected to mention in my 'Signs of the Summer' post was the screening of Married to Comics that I attended/organised at the Rio Cinema in Dalston, London. The good news for those that have been unable to catch it on the big screen is that it's now streaming.Stream Married to ComicsThe film is a feature-length documentary about the life and work of two pioneers in the genre of autobiographic comics: Justin Green (RIP) and Carol Tyler. (You may recall Justin from his Sign Game strips and/or the Sign Painters film.) As the title suggests, they were married to each other, with their relationship and individual perspectives on it creating much of the film's intrigue. on Vimeo.Contributors to the film include luminaries such as Robert Crumb and Art Spiegelman, who discuss the profound influence that Green and Tyler's comics had on them. And, for sign painting folk, there's a lovely segment with Green discussing his Sign Game series for Signs of the Times magazine, which he describes as some of his favourite work.I recommend setting aside a couple of hours this weekend to take a trip into Green and Tyler's minds, and to learn about the remarkable lives and work that emerged from them.Married to Comics is available via different streaming services. If you are outside the USA then you may need to install a VPN to access it. (Independent productions like this always benefit from ratings and reviewsyes, for the algorithm!so be sure to leave one if you do watch it.) Thank you to John Kinhart and Carol Tyler for all of the work that has gone into the film, and for now making it available online after its time at the festivals.More FilmsMore People

Apokaluptein:16389067 (20102013), cotton sheets, ink, hair gel, graphite, and gouache, 15 x 40 feet. All images courtesy of Jesse Krimes, Jack Shainman Gallery, and The Met, shared with permissionThrough Monumental Installations of Soap and Stones, Jesse Krimes Interrogates the Prison SystemNovember 21, 2024ArtSocial IssuesGrace EbertAround 2009, Jesse Krimes was sent to solitary confinement while awaiting trial for a drug charge. He had recently graduated from Millersville University of Pennsylvania with an art degree and spent his first year inside Fairton Federal Correctional Institution making. The one thing they could not take away or control was my ability to create, he says.Like many incarcerated artists, Krimes had to forgo the luxuries of a pristine canvas and set of paints. Instead, he had to be resourceful and utilize the few materials available to him. He began transferring mugshots and small photos printed in The New York Times onto wet remnants of soap bars. He then tucked the blurred, inverse portraits into cut-out decks of playing cards glued together with toothpaste, which created a kind of protective casing that allowed him to smuggle the works out of the facility.Detail of Purgatory (2009), soap, ink, and playing cardsThe 292 works became Purgatory, which considers how we view criminality and references the unwinnable game of living in a carceral society. Having transferred both photos of people sentenced to prison and celebrities like Naomi Campbell and David Letterman, Krimes points to the ways popularized images can exacerbate power imbalances.Purgatory is currently on view at The Met in Jesse Krimes: Corrections, one of two New York exhibitions of the artists work.Exploring the role of photography in the criminal justice system, Corrections brings together several of Krimes large-scale works, including Apokaluptein: 16389067. The 40-foot patchwork mural similarly features imagery taken from newspapers that the artist transferred to 39 prison-issue bedsheets using hair gel. Inverted photographic renderings piece together advertisements, snapshots of global strife, and scenes of life from 2010 to 2013, all overlaid with Krimes own drawings.The root of apocalypse, apokaluptein is a Greek word translating to uncover and revelation. Paired with Krimes Bureau of Prisons ID number, the title references mass destruction and the mediated view of the world from inside the justice system.Detail of Apokaluptein:16389067 (20102013), cotton sheets, ink, hair gel, graphite, and gouache, 15 x 40 feetFollowing his release, Krimes co-founded the Center for Art and Advocacy, which supports artists directly impacted by the justice system, and continues to collaborate with people who are incarcerated, often seeking help in sourcing materials for his work.Naxos, for example, suspends 9,000 pebbles from prison yards in a vivid installation as a parallel to Apokaluptein: 16389067 at The Met. And at Jack Shainman Gallery, where Krimes is represented, the artists new body of work repurposes clothing gathered from currently and formerly incarcerated people into sweeping tapestries.Cells features three abstract works of transferred art historical imagery overlaid with sprawling, network-like embroideries. The webbed pattern is based on microscopic images of cancerous cells, which the artist excised to leave only the healthy tissue intact. By removing these malignancies, he creates an intricate metaphor for the ways the justice system extracts people from society while exploring new pathways toward care and redemption.Part of Krimes intent for his practice is to pay homage to those inside. It is an absolute honor to have works that were created in such an austere and traumatic environment on display, he said about Corrections. To show these works highlights much more than the work of an individual artist, namely the collective value, creativity, and dignity of the millions of people currently behind prison walls.Cells is on view through December 21 at Jack Shainman Gallery, while Jesse Krimes: Corrections runs through July 13, 2025, at The Met. Find more from Krimes on his website.Unicorn (2024), used clothing collected from currently and formerly incarcerated people, assorted textiles, embroidery, and image transfer, 109 x 105 x 2 3/4 inchesDetail of Unicorn (2024), used clothing collected from currently and formerly incarcerated people, assorted textiles, embroidery, and image transfer, 109 x 105 x 2 3/4 inchesDetail of Purgatory (2009), soap, ink, and playing cardsDetail of Purgatory (2009), soap, ink, and playing cardsDetail of Naxos, installation view of Jesse Krimes: CorrectionsDetail of Naxos, installation view of Jesse Krimes: CorrectionsStag (2024), used clothing collected from currently and formerly incarcerated people, assorted textiles, embroidery, image transfer, acrylic paint, 82 x 77 x 2 3/4 inchesNext article

Oscillation (2017). All images courtesy of Paul S. Briggs, shared with permissionFrom Single Balls of Clay, Paul S. Briggs Hand-Turns Leafy VesselsNovember 21, 2024ArtCraftKate MothesCurling leaves and pinched patterns cloak the bold vessels of artist Paul S. Briggs. Using a slab-building technique, he creates chunky sculptures that nod to nature, mindfulness, and the malleability of his chosen medium.Briggs approaches his process as a kind of meditation, pinch-forming each piece from a single ball of clay. When sharing his work on social media, he even uses the hashtag #noadditionorsubtraction to illustrate how the form emerges from the precise quantity he begins with. Calyx Krater (2021). Photo by Joe PainterIt is difficult to see from the finishedvessels how the pieces emerge from one piece of clay, Briggs tells Colossal. Im at a stage in the process where to call them pinch-pots doesnt quite capture the evolution of the form, and so Ive been using the terminology hand-turned.'The artist composes each piece through a kind of two-pronged method: the initial step of building with slabs helps him to think through ideas and philosophize concretely, while pinching quiets his mind.As a teacher at The New York State College of Ceramics at Alfred University, Briggs is interested in how a range of topicseducational theory and policy, art education, theology, and artcoalesce in both the studio process and the finished work. One of the main tools I ask students to bring to my workshops is patience, he says. You cannot rush these pieces; one must slow down. It is a very assertive but tender process, especially when handling six to 12 pounds of clay.Windflower Vase (2022)Being psychologically present in the process is central to Briggss approach, which is why I have talked about the work as being a mindful, meditative technique, he adds. Undulating leaf forms, intimate divots, and rippling edges repeat in infinite circles around each vessel, evocative of a mesmerizing, three-dimensional zoetrope.Very recently, Ive been making pieces with a balance of slow, intentional pinches and very loose, intuitive marks, Briggs says. These works are still emerging, and hes interested in the potential of combining different approaches in one form.Among several other group shows, Briggs will show a few vessels in an exhibition celebrating the 50th anniversary of The Art School at Old Church in Demarest, New Jersey, which runs December 6 to 8. Hes also preparing for his next solo exhibition at Lucy Lacoste Gallery in Concord, Massachusetts, slated for July. Until then, explore more on the artists website.Wildflower (2021). Photo by Joe PainterWhorl (2024)Calyx Bowl (2021). Photo by Joe PainterWindflower Vase (2022)Calyx Krater (2021)Previous articleNext article

close Holiday shopping fraud expected to increase due to AI The busy holiday shopping season is just around the corner and most of us will be targeted by an AI scam. As the holiday season approaches, the excitement of gift-giving can quickly turn into anxiety over package theft. With porch pirates on the prowl, your carefully delivered gifts can vanish right from your doorstep. In 2023 alone, a staggering119 million packages were reported stolen, meaning one in every 180 deliveries disappeared into thin air.Cities like Seattle, Memphis and San Diego have become hot spots for these unfortunate heists.If youve ever found yourself racing home to rescue a package, asking neighbors to keep an eye out or, worst of all, falling victim to these sneaky thieves, youre not alone. But dont worry! Weve got some tips that could save you from the holiday headache of package theft. Lets dive in. Alleged porch pirate taking packages from property (Kurt "CyberGuy" Knutsson)Tip 1: Get security camerasFirst things first, consider installing security cameras around your home. Having a good camera system can really make a difference when it comes to deterring those sneaky thieves. Depending upon how well your police department responds to porch pirate package theft, position yourvideo doorbell to capture the face of the pirate and your package deliveries. A Video Doorbell can push notifications to get a phone alert whenever anyone or anything approaches your door, even if they don't ring the doorbell.Also, you might want to consider adding a couple of nearly invisiblewireless cameras on tree limbs near the street at your house. We did it in hopes of being able to record a license plate if ever needed for police. I can set them to send a notification when the camera detects a person or car.When youre shopping for cameras, look for high-resolution video so you can see everything clearly, even at night, with night vision capabilities. Motion detection is a must. Itll alert you if someone gets too close to your front door. Plus, two-way audio lets you talk to anyone at your door, whether its a delivery person or someone who shouldnt be there. And dont forget about cloud storage. This way, you can easily access footage whenever you need it. Check out my top picks for thesix best outdoor security cameras.Pro tip: If your camera has the feature, set your video camera to notify you when it identifies packages within view.GET MORE OF MY TOP PICKS TO AMP UP YOUR HOME SECURITY Image of a doorbell camera (Kurt "CyberGuy" Knutsson)Tip 2: Use tracking appsNext up, make sure you're using tracking apps for your deliveries. Most shipping companies offer tracking services that let you follow your package from the moment it leaves the warehouse until it arrives at your home.WHAT IS ARTIFICIAL INTELLIGENCE (AI)?If you sign up forUSPS Informed Delivery, youll get digital previews of whats coming to your mailbox, which is super handy. You can set up email or text alerts for delivery updates so youre always in the loop about when your packages are arriving. Some retailers even send you photos once your package has been delivered, giving you extra reassurance that it made it safely. A woman using a tracking app on her iPhone (Kurt "CyberGuy" Knutsson)Tip 3: Make sure someone is homeNow, lets talk about timing. Its important to have someone around to receive packages as soon as they arrive. This can be tricky since many deliveries happen during work hours. If you can swing it, try working from home on days when important packages are expected. If thats not possible, coordinate with friends, family members or roommates so someone is always there to grabthe delivery right away.GET FOX BUSINESS ON THE GO BY CLICKING HERE A woman receiving packages at home (Kurt "CyberGuy" Knutsson)Tip 4: Coordinate with your neighborsDont underestimate the power of community. Teaming up with your neighbors can be a game-changer in preventing package theft. Sign up for neighborhood porch pirate alerts from popular local networks likeNeighbors andNextdoor apps. This is where people often post when they've had a package stolen and sometimes upload videos or images of the suspected porch pirates. Plus, making an agreement with trusted neighbors to watch each others packages can really enhance security; there's strength in numbers. A person picking up packages for their neighbor (Kurt "CyberGuy" Knutsson)Tip 5: Have the package delivered somewhere elseIf home delivery feels too risky, consider alternative delivery options that offer more security. Many people choose to have their packages sent to their workplace if allowed; this way, theyre less likely to be stolen than sitting on a porch all day. Retailers often provide secure pickup points where you can collect your packages at your convenience. Renting a P.O. Box or using services that hold packages for pickup at local shipping facilities are also great options for those valuable items. A woman receiving packages at her workplace (Kurt "CyberGuy" Knutsson)Tip 6: Request a signature confirmationAnother way to prevent package theft is to request a signature confirmation for your deliveries. This means that the delivery person will not leave the package at your door unless someone signs for it. You can request a signature confirmation from most delivery services, such as FedEx, UPS, USPS and DHL. This option may cost extra, but it can give you peace of mind that your package will not be stolen.Tip 7: Send to remote pick-up locationsDid you know that most delivery services now offer remote pick-up locations? These can be secure lockers, post offices or retail counters. Amazon has hundreds of Amazon Lockers and pick-up counters across the country, which are free for Prime members.See howfar away the nearest Amazon Locker is located from your home.When you're checking out, just click onChange next to your shipping address, then selectFind a pickup location near you to see your options. Once your package is delivered, you'll get a notification or email with a code to retrieve it from the locker or pick-up point. Some items can even be returned at these locations. A person picking up a package from a locker (Kurt "CyberGuy" Knutsson)Tip 8: Amazon Key In-Garage DeliveryWe added a strong deadbolt to the door leading into the house from the garage before signing up. Now, when we are not home, an Amazon delivery can be placed securely inside our garage using the free service called Amazon Key In-Garage Delivery. The addition of asmart garage controller is the first step. Once you've signed up for Amazon Key In-Garage Delivery, pick Key Delivery when checking out on Amazon to have your packages securely put in the garage. I really like that you can block access to your garage any time you want. The driver never needs your garage code, and access only works for their one-time delivery. A delivery being made using Amazon Key-In-Garage Delivery (Kurt "CyberGuy" Knutsson)Tip 9: Provide a delivery boxAnother great option is to invest in adelivery box that allows packages to be securely dropped off and stored discreetly. Just remember that you'll need to inform delivery personnel about using the box and how it works. Package being placed in a delivery box (Kurt "CyberGuy" Knutsson)Tip 10: Sign up for delivery notificationsYou can get an alert each time a package arrives at your doorstep.Both FedEx and UPS will send a text when you've just received a delivery.Amazon will also send you a shipment text letting you know a package has just been delivered.To set upAmazon delivery notifications, follow these quick steps.Log on to theAmazon siteGo toYour Account sectionScroll down to theCommunication and Content sectionTapShipment Updates via TextFollow the on-screen instructions, tapSubscribeKurt's key takeawaysRemember, simple actions like installing security cameras, using tracking apps and coordinating with neighbors can go a long way in protecting your packages. So, as you prepare for the holiday season, take these tips to heart and enjoy a worry-free gift-giving experience. Let's keep those porch pirates at bay and ensure that every package arrives safely at your doorstep.CLICK HERE TO GET THE FOX NEWS APPHave you ever had a package stolen? If so, how did you handle the situation, and what lessons did you learn?Let us know by writing us at Cyberguy.com/Contact.For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.Follow Kurt on his social channels:Answers to the most asked CyberGuy questions:New from Kurt:Unbeatable Best Black Friday dealsBest gifts forMen |Women |Kids |Teens |Pet loversBest deals:Laptops |DesktopsCopyright 2024 CyberGuy.com.All rights reserved. Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurts free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Published November 21, 2024 6:00am EST close AI-powered dog robot sniffs out invasive fire ants Robot uses artificial intelligence to locate nests with precision. Imagine walking through a park on a sunny day, only to feel the sharp sting of fire ants attacking your ankles.These tiny invaders are not just a nuisance; they pose significant threats to our ecosystems and economies. Fortunately, scientists have developed an innovative solution to combat these pests: robot dogs.These high-tech canines are being trained to sniff out invasive fire ants, using artificial intelligence to identify their nests with remarkable precision. This breakthrough could change the way we manage invasive species and protect our environment. CyberDog designed to locate fire ant nests (Dr Hualong Qiu, Guangdong Academy of Forestry)A high-tech ant hunterResearchers from China and Brazil have created a robotic dog known as CyberDog, specifically designed to locate fire ant nests. This high-tech robot has been trained to identify red imported fire ants, which are wreaking havoc in various ecosystems around the globe. Impressively, the CyberDog is capable of finding three times more nests than human inspectors, all while showing off greater accuracy. CyberDog designed to locate fire ant nests (Dr Hualong Qiu, Guangdong Academy of Forestry)Why fire ants are such a big dealRed imported fire ants may be small, but their impact is anything but trivial. Native to central South America, these aggressive ants have spread across the United States, Australia and parts of Asia, causing extensive environmental and economic damage. In the U.S. alone, they are responsible for an estimated $6 billion in losses each year due to reduced crop yields and damage to farm equipment.WHAT IS ARTIFICIAL INTELLIGENCE (AI)? CyberDog designed to locate fire ant nests (Dr Hualong Qiu, Guangdong Academy of Forestry)How the CyberDog works its magicPublished in theSCI journal Pest Management Science, the study showcases how the CyberDog robot, equipped with an AI model, can efficiently automate the identification and control of red imported fire ants, a notoriously destructive global pest. The research team trained the CyberDog using a comprehensive dataset of over 1,100 images of fire ant nests, resulting in an impressive detection accuracy rate of over 90%.The robot is programmed to poke suspected nests with its paw; when it does so, active nests release their workers in a defensive frenzy, confirming the presence of fire ants. This unique method allows researchers to distinguish between active mounds and those that may be abandoned or occupied by other species. CyberDog designed to locate fire ant nests (Dr Hualong Qiu, Guangdong Academy of Forestry)More than just ant controlBeyond its practical applications in pest management, the CyberDog also serves an educational purpose. Zheng Yan, one of the researchers involved in the project, emphasizes that sightings of robots tracking fire ant nests can captivate public interest and raise awareness about the dangers posed by invasive species. By engaging communities in this way, scientists hope to foster greater understanding and proactive measures against these ecological threats.GET FOX BUSINESS ON THE GO BY CLICKING HERE CyberDog designed to locate fire ant nests (Dr Hualong Qiu, Guangdong Academy of Forestry)Challenges and future prospectsDespite its impressive capabilities, the CyberDog is not without challenges. Its battery life currently lasts about 30 minutes, which limits its operational time in the field. Additionally, acquiring more advanced models can be costly. However, as technology continues to evolve and production costs decrease, it's likely that robotic solutions like this will become more accessible for widespread use in pest control. CyberDog designed to locate fire ant nests (Dr Hualong Qiu, Guangdong Academy of Forestry)Kurts key takeawaysThe development of the CyberDog shows us how technology can be harnessed to tackle ecological challenges in innovative ways that benefit both nature and society. As we confront increasing threats from invasive species worldwide, AI-powered robots could become our new allies in protecting ecosystems.Would you welcome robot dogs patrolling your local park for fire ants? Or does the idea of AI-powered pest control make you feel uneasy? Let us know by writing us at Cyberguy.com/Contact.For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.Follow Kurt on his social channels:Answers to the most asked CyberGuy questions:New from Kurt:Unbeatable Best Black Friday dealsBest gifts forMen |Women |Kids |Teens |Pet loversBest deals:Laptops |DesktopsCopyright 2024 CyberGuy.com. All rights reserved. Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurts free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

The Australian Cyber Security Centre (ACSC) and the United States Cyber Security and Infrastructure Security Agency (CISA), have published updated intelligence on the activities of the dangerous BianLian ransomware operation, after observing a rapid evolution in the gangs tactics, techniques and procedures (TTPs).One of a number of gangs that first came to prominence alongside LockBit in 2022 during a shift in the cyber criminal landscape following the demise of the Conti crew, BianLian is almost certainly based in Russia despite the Chinese name probably an attempt at obfuscation.Over the past couple of years it has established a name for itself by targeting critical national infrastructure (CNI) operators in both Australia and the US, with victims also claimed in the UK.Having gained access to its victims environments, usually by stealing valid Remote Desktop Protocol (RDP) credentials, and exfiltrating their data, BianLian historically employed the standard double extortion model, encrypting the victims systems and then threatening to leak their data if they werent paid off.However, said the Australians, in 2023 BianLian started to shift to encryption-based extortion, in which systems are left intact and victims are warned of financial, business and legal consequences if payment is not made. Among cyber criminals, this technique may be considered a somewhat easier method of extorting a victim as it requires less technical work. BianLian certainly seems to think so, because since January 2024, they have exclusively used this method.FBI, CISA, and ACSC encourage critical infrastructure organisations and small- and medium-sized organisations to implement the recommendations in the mitigations section of the advisory to reduce the likelihood and impact of BianLian and other ransomware and data extortion incidents, said the ACSC.The most significant change observed is the abandonment of a traditional ransomware locker for encryption and the updating of its standard ransomware note to reflect this samples of which are provided in the advisory.It has also adopted more high-pressure techniques in an attempt to pressure its victims into paying. It now sends copies of the ransom note to office printers and employees of affected companies have been on the receiving end of threatening telephone calls.However, in the run-up to its attacks the gang is also using a number of other updated techniques that defenders should be alert to. A full run-down is available from the ACSC, but among some of the changes some of those observed by the authorities are the targeting of public-facing applications of both Microsoft Windows and VMware ESXi infrastructure, exploiting the vintage ProxyShell exploit chain for initial access, in addition to RDP.Once inside its target, BianLian also now implants a custom, Go-coded backdoor specific to the victim and from there installs remote management and access software, it favours popular products including AnyDesk and TeamViewer, to establish persistence and command-and-control (C2) purposes. It now also appears to be using the Ngrok reverse proxy tool and possibly a modified version of the open source Rsocks utility to establish tunnels from victim networks and cover up where the C2 traffic is heading.To escalate its privileges within the victim environment, it has recently taken to exploiting CVE-2022-37969. This zero-day, among 64 bugs that Microsoft attempted to quash in its September 2022 Patch Tuesday update, is a privilege elevation vulnerability in the Windows Common Log File System Driver and successfully exploited, grants admin-level rights.Historically, BianLian has leveraged Power Shell and Windows Command Shell to disable antivirus tools such as Windows Defender and Anti-Malware Scan Interface (AMSI). It has now been observed renaming binaries and scheduled tasks after genuine Windows services and security products and appears to be trying to pack executables using UPX to conceal their code in an attempt to bypass detection tools.When it comes to establishing persistence and facilitating further lateral movement, the gang has been observed using PsExec and RDP with valid accounts, but has also been spotted using the Server Message Block (SMB) protocol, installing webshells on Exchange servers, and creating Azure Active Directory (AD) accounts.Andrew Costis, engineering manager of the Adversary Research Team and AttackIQ, which specialises in MITRE ATT&CK-based cyber attack simulations, said it was vital for defenders to understand and test against the often highly-specific TTPs used by gangs like BianLian.The shift to exfiltration-based extortion is interesting, particularly as its believed that theBianLianoperators are likely based in Russia or have ties to Russia based on some of the tools they have been observed using, he observed.With the current geopolitical situation unfolding between Russia, Ukraine, and the West, this could be a strategic move to strike their victims faster and ultimately target more victims. This de-prioritisation of double extortion could potentially be a time-saving strategy, as double extortion negotiations take time and resources on both sides, Costis told Computer Weekly in emailed comments.From a value perspective, the intention of this change in tactic suggests that they dont currently value encryption or double extortion. It will certainly be interesting to see if other ransomware groups follow suit.Read more about ransomwareWe look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation, AI anomaly detection and supplier warranties.Anomaly detection and immutable copies can be frontline tools against ransomware we look at the role storage can play against the latest techniques employed by ransomware gangs.Threat intel specialists at Recorded Future have shared details of newly developed techniques they are using to disrupt Rhysida ransomware attacks before the gang even has a chance to execute them.

Microsofts Digital Crimes Unit (DCU) has scored a major win against the cyber criminal underworld after leading an operation to seize 240 fraudulent websites used by an Egyptian national named today as Abanoub Nady who sold do-it-yourself phishing kits under the brand name ONNX to less adept crooks.Nady, who used the handle MRxD0DER, both developed and sold the phishing-as-a-service kits, which were used in multiple campaigns against Microsoft customers in various sectors, although it is understood that the financial services industry was the most heavily targeted.The DCU believes that emails originating from the ONNX family of products made up a significant portion of the tens to hundreds of millions of phishes caught in Microsofts nets every month it was likely among the top five such ops globally.Redmond said that in targeting ONNX, it was disrupting the illicit cyber criminal supply chain and protecting customers from downstream threats such as fraud, data theft, and ransomware.This action builds on the DCUs strategy of disrupting the broader cyber criminal ecosystem and targeting the tools cyber criminals use to launch their attacks, Microsoft DCU assistant general counsel Stephen Masada explained.Our goal in all cases is to protect customers by severing bad actors from the infrastructure required to operate and to deter future cyber criminal behaviour by significantly raising the barriers of entry and the cost of doing business.We are joined by co-plaintiff LF (Linux Foundation) Projects, LLC, the trademark owner of the actual registered ONNX name and logo.ONNX or Open Neural Network Exchange is an open standard format and open source runtime for representing machine learning models, enabling interoperability between different hardware, frameworks, and tools for easier deployment and scalability, he said.Together, we are taking affirmative action to protect online users globally rather than standing idly by while malicious actors illegally use our names and logos to enhance the perceived legitimacy of their attacks.Masada said that the DCU had unilaterally opted to name Nady to serve as a further deterrent to others.A spokesperson for the Linux Foundation said: At the Linux Foundation, we advocate collaboration as a powerful tool for tackling complex challenges. Today, we celebrate our recent collaboration with Microsoft to defend millions of individuals and organisations from a global phishing-as-a-service criminal operation. We encourage organisations who find themselves in a position to fight one element of a cyber crime problem to identify ways to collaborate and build a stronger collective response.Recent months have seen a significant upswing in sophisticated adversary-in-the-middle (AitM) phishing attacks such as those orchestrated through ONNX in recent months, notably a spike in so-called quishing phishing using malicious QR codes.However, Microsoft's action against ONNX is in fact the result of a lengthy investigation dating back to 2017. Over the years, said Microsoft, it has tracked various of Nadys enterprises including other phishing operations known as Caffeine and FUHRER.All of his kits were designed to send emails at scale in coordinated campaigns, and ONNX was sold on a subscription-based model with various tiers of access and support, even a VIP tier for the most discerning criminals, who benefited from round-the-clock tech support offering step-by-step guidance.ONNX was mostly promoted, sold and configured via the Telegram messaging platform, alongside demonstration videos. Once bought, customers were able to orchestrate attacks using the provided templates and the fraudulent ONNX technical infrastructure, where they were allowed to connect malicious domains obtained from elsewhere.Under a civil court order, unsealed today in the Eastern District of Virginia, Microsoft has now taken over this technical infrastructure, putting it beyond use for future attacks.Unfortunately, observed Masada, while the DCUs action will substantially disrupt ONNX, it is a certainty that other threat actors will fill the void, with adapted techniques.However, taking action sends a strong message to those who choose to replicate our services to harm users online: we will proactively pursue remedies to protect our services and our customers and are continuously improving our technical and legal strategies to have greater impact, he said.Furthermore, as cyber criminals continue to evolve their methods, it is crucial for organisations and individuals to stay informed and vigilant. By understanding the tactics employed by cybercriminals and implementing robust security measures, we can collectively work towards a safer digital environment. Continued collaboration, like the partnership with LF Projects, remains essential if we want to meaningfully dent the cyber threat landscape.Read more about phishingThe Metropolitan Police working with international police forces have shut down LabHost, a phishing-as-a-service website that has claimed 70,000 victims in the UK.Phishing techniques are evolving away from malicious email attachments, according to a Mimecast report.A healthy dose of judicious skepticism is crucial to preventing phishing attacks, said David Fine, supervisory special agent at the FBI, during a presentation at a HIMSS event.