• WWW.HOUSEBEAUTIFUL.COM
    What Is Modern Architecture? Our Guide to the Iconic Design Movement
    Jump to:Architecture in the 20th century was defined by a single dominant style: modernism. This design movement transformed the built environment by moving away from ornate, historical styles and embracing simplicity and functionality. In fact, the entire movement can be summed up by the adage form follows function.Modern architecture has given rise to some of the world's most distinctiveand sometimes polarizinglandmarks, from iconic skyscrapers to intimate residences. With insights from industry professionals, let's take a closer look at the enduring influence and significance of modernism architecture.Related StoriesWhat Is Modern Architecture?Modern (or modernist) architecture is the preeminent design movement of the 20th century in the Western world. It demonstrates a radical shift from historical architectural styles in favor of functional minimalism, using materials like steel, glass, and concrete. Its popularity peaked between the 1930s and 1970s, between the design movements of Art Deco and postmodernism. However, the roots and influence of modern architecture extend well beyond these dates. Modernism also encompasses quite a few subgenres of architecture, among them Bauhaus, International Style, and Brutalism.Related StoryWhat Is the History of Modern Architecture?Though modern architecture is a 20th-century movement, its roots can be traced back to the late 19th century, specifically to American architect Louis Sullivan. In an 1896 essay about skyscrapers, he coined the phrase form follows function, which eventually became the rallying cry of modernist architects everywhere. Modern architecture is rooted in the principle that the design of a building should prioritize the experience of those inhabiting it, focusing on simplicity, practicality, and minimal ornament, says architect and interior designer Lisa Welch.The rise of modern architecture was heavily influenced by the Industrial Revolution, which introduced new materials and technologies that allowed for innovative construction methods. Previously, the Victorian period of architecture of the late 1800s and early 1900s was dark, compartmentalized, and heavily ornamented, says architect Diana Melichar. The modern style of architecture embraced technology and the capabilities of the Industrial Revolution to provide a simpler architecture, devoid of costly detailing, and provided lots of light and air.European architects Le Corbusier, Walter Gropius, and Ludwig Mies van der Rohe were among the pioneers of modernism; they brought the movement to the United States as they fled World War II. Additionally, American architects, including Philip Johnson and Frank Lloyd Wright, championed modern architecture at home.Related StoryWhat Are the Key Characteristics of Modern Architecture?Le Corbusier codified modern architecture in his manifesto Five Points of Architecture. Those five points encompass the following: Pilotis, or concrete pillars that lift a building off the ground to provide circulation beneath itFree design of the floor plan, or an open floor planFree design of the faade, or reduced structural constraints in exterior wallsHorizontal windowsRoof gardensWhile other architects took liberty with these points, they were largely influenced by them. In addition to those mentioned in Le Corbusier's design credo, modernist architecture generally includes the features listed below.Minimal Ornamentation In modern architecture, ornamentation is minimized or eliminated, as are any references to traditional styles of architecture. This is a new design movement that represents the new, industrial world.New MaterialsModern architecture prioritizes industrial materials like steel, concrete, and glass. While these materials provided advanced structural capabilities, they were also considered beautiful.Clean, Horizontal Lines and Open Floor PlansNew materials and engineering techniques allowed modernist architects to employ clean, horizontal lines throughout their open-plan spaces.Connection With NatureGlass exterior walls allow for a great connection between inside and outdoor spaces, says Melichar. Hence, this style became quite popular in California and other locations where homes were being built after World War II. Related StoryHow Is Modern Architecture Different From Contemporary Architecture? When discussing architectural movements, it's important to distinguish between modern and contemporary, as these terms are not interchangeable. Modern architecture refers specifically to the 20th-century design movement and isn't related to current trends. Meanwhile, the term contemporary describes what is currently happening in architecture and design, reflecting present-day innovations and styles.Related StoryFamous Modern Buildings Around the WorldBauhaus Dessau, Dessau, GermanyVanni Archive//Getty ImagesMany of the leading modernist architects lectured at the Bauhaus school, housed in this building designed by Walter Gropius.Villa Savoye, Poissy, FranceThierry PERRIN//Getty ImagesVilla Savoye is widely regarded as a pure manifestation of Le Corbusiers vision for modernist architecture; all five points from his manifesto are exemplified here. The Glass House, New Canaan, Connecticutpicture alliance//Getty ImagesPhilip Johnsons Glass House is a striking example of minimalism, with expansive glass walls that bring nature directly into the living space. Melichar calls it a favorite, citing its humble simplicity and connection to nature.The Seagram Building, New York City, New YorkBarry Winiker//Getty ImagesThis iconic building, designed by Ludwig Mies van der Rohe and Philip Johnson, is an example of the International Style, used frequently in skyscraper design. Interestingly, the architects didn't only use steel in its constructionthey used bronze on its faade.Maison de Verre, Paris, FranceRaphael GAILLARDE//Getty ImagesThe Maison de Verre by Pierre Chareau showcases an innovative use of glass blocks and open, flexible spaces. As Welch notes, the residence highlights the dynamic relationship between architecture and natural light.Fallingwater, Mill Run, PennsylvaniaArchive Photos//Getty ImagesPerhaps Frank Lloyd Wright's most famous work, Fallingwater is an ode to modernism, between its clean, horizontal lines and deep connection to nature. It's built directly above a waterfall.Eames House, Los Angeles, CaliforniaMark Boster//Getty ImagesThe Eames House by Charles and Ray Eames, also known as Case Study House No. 8, comprises two glass-and-steel structures: one is a residence and the other is a studio. Follow House Beautiful on Instagram and TikTok.
    0 Kommentare 0 Anteile 35 Ansichten
  • THENEXTWEB.COM
    Tokamak Energy secures $125M to commercialise fusion power
    British scaleup Tokamak Energy has secured $125mn as it looks to harness fusion the same clean, virtually limitless energy source that powers the Sun and stars.Tokamak spun out from the UKs Atomic Energy Authority in 2009. As its name suggests, the company is building a tokamak reactor, the most common kind of fusion design, first pioneered in the 1960s. Tokamaks use giant magnets to keep plasma moving in a loop while running an electrical current through it.The funding brings the companys total raised to $335 million, comprising $280m from private investors and $60m from the UK and US governments. This makes it Europes most well-funded private fusion energy venture.Tokamak Energy said the fresh capital will help bolster its commercialisation plans. The company aims to have its first fusion power plant up and running somewhere in the 2030s.Register NowHowever, the funds will also go toward growing Tokamaks side hustle, TE Magnetics. The subsidiary develops superconducting magnets using rare earth barium copper oxide (REBCO) tape, enabling stronger magnetic fields to confine the plasma. Superconducting magnets are in demand not just in the fusion industry but in science, mobility, and renewable energy.East X Ventures and Lingotto Investment Management led the funding round with participation from new investors including British Patient Capital, Furukawa Electric Company, global maritime company BW Group and US-based Sabanci Climate Ventures.Our mission is to make fusion energy a reality, and we believe the only way to achieve that is through strong, global partnerships, said Tokamak Energy CEO Warrick Matthews, adding that the raise comes at a critical and exciting time for fusion development. To fulfil its ambitious timeline, Tokamak is hastily developing, testing, and validating its approach using its pilot reactor the ST40 housed at its headquarters in Oxford. The ST40 is a spherical tokamak, which is more compact than traditional donut-shaped reactors like the ITER fusion plant under construction in France. According to the company, this shape allows better confinement of the super-hot plasma where fusion occurs, making the reactor smaller, cheaper, and easier to build. In 2022, the ST40 became the first privately owned fusion reactor to reach 100 million C six times as hot as the core of our closest star. This is generally regarded as the temperature threshold whereby fusion reactions can become self-sustaining.Despite huge progress, fusion energy has always seemed to be that 20-years-away technology. But the tides might be changing. According to a poll at the International Atomic Energy Agencys (IAEA) forum in London earlier this year, 65% of insiders think fusion will generate electricity for the grid at a viable cost by 2035, and 90% by 2040.Once up and running, Tokamak intends for each of its reactors to produce around 500MW of clean electricity enough to power approximately 85,000 homes. Story by Sin Geschwindt Sin is a climate and energy reporter at TNW. From nuclear fusion to escooters, he covers the length and breadth of Europe's clean tech ecos (show all) Sin is a climate and energy reporter at TNW. From nuclear fusion to escooters, he covers the length and breadth of Europe's clean tech ecosystem. He's happiest sourcing a scoop, investigating the impact of emerging technologies, and even putting them to the test. Sin has five years journalism experience and holds a dual degree in media and environmental science from the University of Cape Town, South Africa. Get the TNW newsletterGet the most important tech news in your inbox each week.Also tagged with
    0 Kommentare 0 Anteile 6 Ansichten
  • THENEXTWEB.COM
    Nanoprinter turns Metas AI predictions into potentially game-changing materials
    For the past few months, Meta has been sending recipes to a Dutch scaleup called VSParticle (VSP). These are not food recipes theyre AI-generatedinstructions for how to make new nanoporous materials that could potentially supercharge the green transition.VSP has so far taken 525 of these recipes and synthesised them into nanomaterials called electrocatalysts. Metas algorithms predicted these electrocatalysts would be ideal for breaking down CO2 into useful products like methane or ethanol. VSP brought the machines predictions to life using a nanoprinter, a machine which vaporises materials and then deposits them as thin nanoporous films.Electrocatalysts speed up chemical reactions that involve electricity, such as splitting water into hydrogen and oxygen, converting CO2 into fuels, or generating power in fuel cells. They make these processes more efficient, reducing the energy required and enabling clean energy technologies like hydrogen production and advanced batteries.The problem is that it typically takes scientists up to 15 years just to create one new nanomaterial until now.Weve synthesised, tested, and validated hundreds of nanomaterials at a scale and speed never seen before, Aaike van Vugt, co-founder and CEO of VSP, told TNW. This rapid prototyping gives researchers a quick way to validate AI predictions and discover low-cost electrocatalysts that might have taken years or even decades to find using traditional methods.The of EU techThe latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!VSP put each batch of the new materials in an envelope and shipped it to a lab at the University of Toronto for testing. The findings were then integrated into an open-source experimental database, which can now be used to train AI models to become more better at predicting new material combinations.Larry Zitnick, Research Director at Meta AI, said the research is breaking new ground in material discovery. It marks a significant leap in our ability to predict and validate materials that are critical for clean energy solutions, he said.The Alphafold of nanomaterial discovery?But to really crack the code for material discovery, AI models need to be trained on much larger datasets. Not hundreds but tens or even hundreds of thousands of tested materials.Van Vugt said that VSPs machine is the only technology available today that could synthesize such a large number of thin-film nanoporous materials in a reasonable time frame about two to three years, said the founder. This could create an AI that is the equivalent of Google Deepminds Alphafold, but for nanoporous materials, said Van Vugt. Hes referring, of course, to the breakthrough algorithm that cracked a puzzle in protein biology that had confounded scientists for centuries. If thats true, then it puts the company in a pretty sweet position. The worlds tech giants think Google, Microsoft, Meta are all racing to build bigger, better forms of artificial intelligence in a bid to find solutions to some of the worlds greatest challenges, including climate change. Ironically, these models could also think up solutions for their endless appetite for energy. For companies like Meta, investing in material discovery using AI is a win-win.VSP is working with many other organisations to build out its dataset and mature its technology. These include the Sorbonne University Abu Dhabi, the San Francisco-based Lawrence Livermore National Laboratory, the Materials Discovery Research Institute (MDRI) in the Chicago area, and the Dutch Institute for Fundamental Energy Research (DIFFER).The Dutch firm is also fine-tuning its nanoprinters to be faster and more efficient. The current machines are powered by 300 sparks per second, but the team is working on a new printer that would increase this output time to 20,000 sparks per second. This could supercharge material discovery even further. Story by Sin Geschwindt Sin is a climate and energy reporter at TNW. From nuclear fusion to escooters, he covers the length and breadth of Europe's clean tech ecos (show all) Sin is a climate and energy reporter at TNW. From nuclear fusion to escooters, he covers the length and breadth of Europe's clean tech ecosystem. He's happiest sourcing a scoop, investigating the impact of emerging technologies, and even putting them to the test. Sin has five years journalism experience and holds a dual degree in media and environmental science from the University of Cape Town, South Africa. Get the TNW newsletterGet the most important tech news in your inbox each week.Also tagged with
    0 Kommentare 0 Anteile 6 Ansichten
  • 9TO5MAC.COM
    Developers behind F1 app Lapz for Vision Pro forced to remove it from TestFlight
    Compared to the iPhone and iPad, Apple Vision Pro has a limited number of apps available in the App Store. Even so, developers have been exploring the devices capabilities with different projects, one of which is the Formula 1 app Lapz. Unfortunately, the app may not even make it to the App Store.Developers create F1 app for Vision Pro, butFor those unfamiliar, Lapz is an app that lets Apple Vision Pro users watch F1 races on a virtual big screen while also being able to see the position of the drivers on a floating 3D model. The app was based on a concept video made by VFX artist John LePore to show what Vision Pro is capable of.Lapz has been distributed via TestFlight, as the developers still want to improve the app before making it available to everyone. Even so, the app has gotten a lot of attention since the beta version was released. However, as reported by UploadVR, the dream seems to be over or at least put on hold.Thats because the developers have been asked to pull the app from TestFlight. Not by Apple, but by Formula One Group. The most likely reason is the unlicensed use of F1 content and branding even though the app uses web views to let users log in to the official F1TV stream.The team behind Lapz say theyre working on securing a digital license to get the app working again. But for now, Lapz has been removed from TestFlight and current users will no longer have access to the app after February 8 when the current build will expire. The developers say they plan to license the app to other motorsport groups if they dont reach a deal with Formula One Group.Although Formula One Group has the right to ask for the app to be removed, its unfortunate that Vision Pro owners will lose another option for streaming content on the headset. Last month, the popular YouTube client Juno for Vision Pro was removed from the App Store after a request from Google.Its worth noting that neither F1 nor YouTube have official apps for visionOS.Add 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel
    0 Kommentare 0 Anteile 37 Ansichten
  • 9TO5MAC.COM
    pCloud offers lifetime cloud storage, client-side encryption, more in big Black Friday special
    pCloud is a Switzerland-based cloud storage company with a security specialty. It offers lifetime options for its storage plans, and in an early Black Friday special its bundling cloud storage with client-side encryption and a truly encrypted password manager at a heavy discount.Features of the security-focused pCloud file storage, encryption, and password managerAmong cloud storage providers, pCloud has built a base of more than 20 million users with its high focus on security and ease of use.Every cloud storage plan includes 256-bit AES encryption for all files, plus TLS/SSL channel protection. pCloud runs two data centers, one in the US and the other in Luxembourg.Fortunately, you dont have to sacrifice convenience for the sake of security with pCloud. pCloud includes key features with its file storage service like:dedicated desktop apps for Mac, Windows, and Linuxmobile apps for iOS and Android with automatic upload featuresweb accessautomatic backupsrobust collaboration and file sharing optionsinstant sync across all platformsFor users who want an extra layer of protection, the add-on pCloud Encryption offers client-side encryption that locks your files right on your device. That means even pCloud itself cant access them.To test its client-side encryption software, pCloud held a hacking challenge with a $100,000 prize. The challenge ran six months, involved nearly 3,000 participants, and resulted in zero hacks.pClouds expertise in security also lends itself well to pCloud Pass, the companys dedicated password manager. pCloud Pass comes with autofill, browser extensions, a military-grade encryption algorithm, and easy access across all devices and platforms.Limited time Black Friday deals on lifetime plansBlack Friday is coming up, and from November 13-30 pCloud is running an extended offer on its services lifetime plans.The best offer is a 3-in-1 bundle of pClouds 5TB storage plan plus pCloud Encryption and pCloud Pass. You can get a lifetime package of all three for just $599, a massive 60% off.Alternately, these lifetime pCloud storage plans are also on sale:1TB: $199 (-54%)2TB: $279 (-53%)10TB: $799 (-58%)You can learn more about pClouds products and access these special offers via the companys website.Add 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel
    0 Kommentare 0 Anteile 36 Ansichten
  • FUTURISM.COM
    Elon Musk Throws Support Behind Man Accused of Sex With Underage Girl
    "Our Hammer of Justice." He Said, She SaidFreshly-minted politico Elon Musk is throwing his weight behind Donald Trump's attorney general nominee amid damning allegations related to his sexual conduct.In a post on the social network he purchased and subsequently tanked, the billionaire referenced but did not namethe accusations against former Florida congressman Matt Gaetz: that he paid for sex from two young women on multiple occasions, and that one of them was 17 at the time of the first encounter (Gaetz has vehemently denied reports of his sexual misconduct for years.)"As for these accusations against him, I consider them worth less than nothing," Musk tweeted. "Under our laws, a man is considered innocent until proven guilty."That's true, of course but it seems reasonable to fully investigate the allegations before putting Gaetz, or anyone else, in charge of the Justice Department.Open and ShutMusk went on to reference, again without spelling it out, that Gaetz has been under investigation for years regarding these allegations."If AG [Eric] Garland (an unprincipled douchebag) could have secured a conviction against Gaetz, he would have, but he knew he could not," the multi-hyphenate business owner tweeted. "Case closed."That bit does seem partially true. Last February, the Department of Justice under Garland reportedly told Gaetz's attorneys that he would not be charged with any crimes related to its investigation into sex trafficking claims against him.To refer to that case as "closed," however, is likely inaccurate given that the DOJ hasn't announced any such closure.It also ignores theother investigation into Gaetz by the House Ethics Committee, which saw the two women at the heart of these allegations testifying behind closed doors earlier this year. That investigation is also, per the lack of any announcement of closure, seemingly still open as well.With an attorney for the two Gaetz accusers agitating for the House Ethics Committee to release its report on Gaetz to the public amid news that a hacker had obtained copies of the allegedly damning testimonies, no less all of Musk's attempts to sway the court of public opinion may soon be nil.Nevertheless, he insists that the Florida Republican is the right guy for the job."Gaetz will be," Musk enthused, "our Hammer of Justice."Share This Article
    0 Kommentare 0 Anteile 31 Ansichten
  • FUTURISM.COM
    Nvidia's New AI Chips Are Reportedly Overheating in Server Farms
    Customers are pissed.Graphic Pushback UnitNvidia's unreleased AI chips are reportedly overheating, with customers worrying that their already-delayed shipment may be pushed back yet again.As The Information reports,the company's uber-powerful Blackwell graphics processing units (GPUs) are overheating when connected in server racks that can hold up to 72 of them.According to Nvidia employees who've been working on releasing the chips, as well as customers and vendors with knowledge of the issue, the firm has repeatedly asked its suppliers to redesign the racks to head off the overheating problem.The issue is so problematic that the company informed Microsoft this week that shipment will be delayed at least another three months the latest development in a series of pushbacks that have haunted the company since the Blackwell chips were first unveiled back in March.And that doesn't bode well, considering the astronomical resources AI companies are allocating to building out server farms, nagging growing pains that could hold back their efforts to train and roll out the next AI product.Design and DemandNvidia claims its next-generation GPUs are extremely powerful and30 times as fast as preceding models when it comes to AI applications. As CEO Jensen Huang toldCNBC last month, demand for Blackwell chips has been "insane" as people rush to pre-order the chips that cost tens of thousands of dollars apiece.Amid all that hype, however, rumors of design flaws have plagued the release of the Blackwell chips for months. Eventually, Huang admittedin part that some of the hearsay was true."We had a design flaw in Blackwell, it was functional, but the design flaw caused the yield to be low," the CEO said during an October 23 press conference, per Reuters. "It was 100 percent Nvidia's fault."While that admission seems to have been related to another production issue, it nevertheless seems to have caused yet another unnecessary delay in the shipment process.In the meantime, a Nivida spokesperson claimed that the latest overheating issue was nothing to worry about and that "the engineering iterations are normal and expected."The massive rack of 72 GPUs weighs a whopping 3,000 pounds and needs to be cooled using water, a departure from the air-cooling many AI data centers have come to rely upon. According to The Information, Nvidia was struggling with even a much smaller 36-GPU rack overheating.As the immense hype surrounding the release of new AI products continues to grow, the pressure is rising considerably for Nvidia.Customers have already been hit withdelays of the new Blackwell chips the latest development likely won't sit well with him either.More on AI computing power: AI Expert Warns Crash Is Imminent As AI Improvements Hit Brick WallShare This Article
    0 Kommentare 0 Anteile 32 Ansichten
  • THEHACKERNEWS.COM
    Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package
    Nov 20, 2024Ravie LakshmananLinux / VulnerabilityMultiple decade-old security vulnerabilities have been disclosed in the needrestart package installed by default in Ubuntu Server (since version 21.04) that could allow a local attacker to gain root privileges without requiring user interaction.The Qualys Threat Research Unit (TRU), which identified and reported the flaws early last month, said they are trivial to exploit, necessitating that users move quickly to apply the fixes. The vulnerabilities are believed to have existed since the introduction of interpreter support in needrestart 0.8, which was released on April 27, 2014."These needrestart exploits allow Local Privilege Escalation (LPE) which means that a local attacker is able to gain root privileges," Ubuntu said in an advisory, noting they have been addressed in version 3.8. "The vulnerabilities affect Debian, Ubuntu, and other Linux distributions."Needrestart is a utility that scans a system to determine the services that need to be restarted after applying shared library updates in a manner that avoids a complete system reboot.The five flaws are listed below -CVE-2024-48990 (CVSS score: 7.8) - A vulnerability that allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variableCVE-2024-48991 (CVSS score: 7.8) - A vulnerability that allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreterCVE-2024-48992 (CVSS score: 7.8) - A vulnerability that allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variableCVE-2024-11003 (CVSS score: 7.8) and CVE-2024-10224 (CVSS score: 5.3) - Two vulnerabilities that allows a local attacker to execute arbitrary shell commands as root by taking advantage of an issue in the libmodule-scandeps-perl package (before version 1.36)Successful exploitation of the aforementioned shortcomings could allow a local attacker to set specially crafted environment variables for PYTHONPATH or RUBYLIB that could result in the execution of arbitrary code pointing to the threat actor's environment when needrestart is run."In CVE-2024-10224, [...] attacker-controlled input could cause the Module::ScanDeps Perl module to run arbitrary shell commands by open()ing a 'pesky pipe' (such as by passing 'commands|' as a filename) or by passing arbitrary strings to eval()," Ubuntu noted."On its own, this is not enough for local privilege escalation. However, in CVE-2024-11003 needrestart passes attacker-controlled input (filenames) to Module::ScanDeps and triggers CVE-2024-10224 with root privilege. The fix for CVE-2024-11003 removes needrestart's dependency on Module::ScanDeps."While it's highly advised to download the latest patches, Ubuntu said users can disable interpreter scanners in needrestart the configuration file as a temporary mitigation and ensure that the changes are reverted after the updates are applied."These vulnerabilities in the needrestart utility allow local users to escalate their privileges by executing arbitrary code during package installations or upgrades, where needrestart is often run as the root user," Saeed Abbasi, product manager of TRU at Qualys, said."An attacker exploiting these vulnerabilities could gain root access, compromising system integrity and security."Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE
    0 Kommentare 0 Anteile 32 Ansichten
  • THEHACKERNEWS.COM
    China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks
    Nov 20, 2024Ravie LakshmananCyber Espionage / Telecom SecurityA new China-linked cyber espionage group has been attributed as behind a series of targeted cyber attacks targeting telecommunications entities in South Asia and Africa since at least 2020 with the goal of enabling intelligence collection.Cybersecurity company CrowdStrike is tracking the adversary under the name Liminal Panda, describing it as possessing deep knowledge about telecommunications networks, the protocols that undergird telecommunications, and the various interconnections between providers.The threat actor's malware portfolio includes bespoke tools that facilitate clandestine access, command-and-control (C2), and data exfiltration."Liminal Panda has used compromised telecom servers to initiate intrusions into further providers in other geographic regions," the company's Counter Adversary Operations team said in a Tuesday analysis."The adversary conducts elements of their intrusion activity using protocols that support mobile telecommunications, such as emulating global system for mobile communications (GSM) protocols to enable C2, and developing tooling to retrieve mobile subscriber information, call metadata, and text messages (SMS)."It's worth noting that some aspects of the intrusion activity were documented by the cybersecurity company back in October 2021, attributing it then to a different threat cluster dubbed LightBasin (aka UNC1945), which also has a track record of targeting telecom entities since at least 2016.CrowdStrike noted that its extensive review of the campaign revealed the presence of an entirely new threat actor, and that the misattribution three years ago was the result of multiple hacking crews conducting their malicious activities on what it said was a "highly contested compromised network."Some of the custom tools in its arsenal are SIGTRANslator, CordScan, and PingPong, which come with the following capabilities -SIGTRANslator, a Linux ELF binary designed to send and receive data using SIGTRAN protocolsCordScan, a network-scanning and packet-capture utility containing built-in logic to fingerprint and retrieve data relating to common telecommunication protocols from infrastructure such as the Serving GPRS Support Node (SGSN)PingPong, a backdoor that listens for incoming magic ICMP echo requests and sets up a TCP reverse shell connection to an IP address and port specified within the packetLiminal Panda attacks have been observed infiltrating external DNS (eDNS) servers using password spraying extremely weak and third-party-focused passwords, with the hacking crew using TinyShell in conjunction with a publicly available SGSN emulator called sgsnemu for C2 communications."TinyShell is an open-source Unix backdoor used by multiple adversaries," CrowdStrike said. "SGSNs are essentially GPRS network access points, and the emulation software allows the adversary to tunnel traffic via this telecommunications network."The end goal of these attacks is to collect network telemetry and subscriber information or to breach other telecommunications entities by taking advantage of the industry's interoperation connection requirements."Liminal Panda's known intrusion activity has typically abused trust relationships between telecommunications providers and gaps in security policies, allowing the adversary to access core infrastructure from external hosts," the company said.The disclosure comes as U.S. telecom providers like AT&T, Verizon, T-Mobile, and Lumen Technologies have become the target of another China-nexus hacking group dubbed Salt Typhoon. If anything, these incidents serve to highlight how telecommunications and other critical infrastructure providers are vulnerable to compromise by state-sponsored attackers.French cybersecurity company Sekoia has characterized the Chinese offensive cyber ecosystem as a joint enterprise that includes government-backed units such as the Ministry of State Security (MSS) and the Ministry of Public Security (MPS), civilian actors, and private entities to whom the work of vulnerability research and toolset development is outsourced."China-nexus APTs are likely to be a mix of private and state actors cooperating to conduct operations, rather than strictly being associated with single units," it said, pointing out the challenges in attribution."It ranges from the conduct of operations, the sale of stolen information or initial access to compromised devices to providing services and tools to launch attacks. The relationships between these military, institutional and civilian players are complementary and strengthened by the proximity of the individuals part of these different players and the CCP's policy."Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE
    0 Kommentare 0 Anteile 32 Ansichten
  • WEWORKREMOTELY.COM
    Toggl: Senior Product Marketing Manager Toggl Work
    Time zones: SBT (UTC +11), GMT (UTC +0), CET (UTC +1), EET (UTC +2), MSK (UTC +3)Were looking for a highly motivated Senior Product Marketing Manager to join the Toggl Work team, our newest product aimed at revolutionising People Operations. This is your chance to shape the future of a product designed to save our users time, money, and sanity.The ideal candidate will have experience crafting and executing user acquisition strategies in a SaaS environment, with a strong emphasis on customer onboarding, user engagement, experimentation, data-driven decision-making, and process creation. If youre someone who thrives in building from scratch and can take ownership of growth strategy while navigating the challenges of a new product launch, this could be the perfect role for you.The salary for this position is 60,000 annually.You can work from anywhere in Europe.About the TeamWe are a global team of 130+ awesome people working from over 40 countries around the globe. We hire globally, you work locallyin the heart of London, a beach outside of Ro de Janeiro, or a quiet village near Florence, the choice is yours. Every few months we travel to meet up somewhere in the world and spend some quality time together. We place a huge amount of trust in our people, and we measure the outcomes rather than the work itself. Our values fuel our results.The RoleToggl Work is our latest addition to the Toggl suite of products, focusing on expense management, invoicing, budgeting, reporting, and workforce operations.As our Senior Product Marketing Manager, youll play a critical role in defining and executing our Go-to-Market (GTM) strategies, focussed on acquisition, onboarding, engagement, and retention.You will play a pivotal role in identifying target audiences, crafting compelling messaging, and executing strategic initiatives that position Toggl Work as the go-to solution.This role will have you owning key KPIs, collaborating cross-functionally, and continuously optimizing the customer journey to ensure measurable success. Experience with people operations tools is a strong plus.Your main responsibilities will be:Drive Go-to-Market strategies, owning KPI for acquisition, and co-owning the KPIs of onboarding, retention, and engagement with the Product Manager.Identify, target, and onboard high-value audiences to maximize user growth and engagement.Develop and refine onboarding processes and customer journeys to ensure seamless experiences.Collaborate with cross-functional teams (Product, Marketing, Sales) to co-own user retention and engagement metrics.Conduct market research, competitive analysis, and experimentation to optimize growth strategies.About YouWed love to hear from you if:You are a self-starter with the ability to take ownership of complex projects and drive them to completion.You have experience in customer success or user acquisition roles, particularly in a SaaS environment.You have experience in the people operations software industry or familiarity with people operations tools, which is a huge plus.You have a proven track record of creating and implementing successful GTM strategies that emphasize customer acquisition and retention.You are data-driven and comfortable creating and analysing KPIs to inform decision-making.You thrive in an environment where you can build processes from scratch and iterate on them quickly.You are excited about the challenge of launching a new product and have a strong understanding of the SaaS landscape.You are a generalist who can adapt to the evolving needs of an early-stage startup and do whatever it takes to reach the goal.BenefitsFreedom to choose when and how much you work - we only measure results24 days of paid time off a year, plus your local holidaysIn-person meetups for team-building (expenses covered)4-6 weeks paid sabbatical (depending on the tenure)Laptop budget up to 2,500 and it renews every 3 years2,000 budget to set up your home office, and additional 300 every year after 3 years of tenure3000 per year for co-working space membership and/or internet service at home4,000 per year contribution to use for training, workshops, and conferences2,000 per year contribution for any equipment or services to improve and/or maintain your physical and mental healthSupport for buying tools you need for doing your best work (even eyeglasses if you need a new pair) Related Jobs See more All Other Remote jobs
    0 Kommentare 0 Anteile 27 Ansichten