When Wicked opened on Broadway 21 years ago, famed New York Times critic Ben Brantley provided the musical with one of his typically backhanded notices. While giving high marks for Kristin Chenoweths undeniable talent in creating Galinda, as well as specific elements of the production like Eugene Lees sets, the Times arbiter remained cool toward the musicals songs, book, and even its allegorical ambitions.As a parable of fascism and freedom, Wicked so overplays its hand that it seriously dilutes its power to disturb, Brantley wrote when comparing the shows vividly technicolor subtexts to the more opaque leanings of L. Frank Baums original Oz novels. Wicked [by comparison] wears its political heart as if it were a slogan button, Brantley ultimately sniffed. Elsewhere he likened the storys revisionist image of Elphaba, the so-called Wicked Witch of the West, to privileged student dissidents from the 1960s and 70s who traded beer blasts for Molotov cocktails.It is not impossible to understand where the theater critic was coming from back then. While Ive long respected Wickeds musicality, a number of Brantleys critiques for the show ring true. But lamenting a musical for being too obvious while crafting a metaphor about fascism was never one of them.There is no denying Wicked is heavy-handed in its allusions when Professor Dillamond (the talking goat voiced by Peter Dinklage in the movie) discovers menacing graffiti on his chalkboard which reads, Animals Should Be Seen, Not Heard. But even 20 years ago, I recognized the importance of reminding the next generation about the insidious way hatreds and bigotries can be manipulated like something out of 1930s Germany. Or closer to home.In truth, Wickeds allusions to European fascism, or for that matter segregationist Jim Crow laws throughout the American South, were part and parcel for 2000s era childrens stories. Just as Elphaba and Galindas Shiz University resembles Hogwarts in look and function, so too does its politics match the autocratic rise and institutional corruption of Voldemort in the Harry Potter novels. Suzanne Collins The Hunger Games, meanwhile, came a little later but still tapped into the same zeitgeist in a more direct way with its dystopian vision of North Americas future being ruled by a literal dictator who controls the population through fear and entertainment.Meanwhile on the geekier side of culture, the X-Men movies of that decade, like the comic books of the previous 20 years, were deeply rooted in drawing parallels between its fictional persecuted underclass of mutants and the still-living memory of the Holocaust, right down to making the films sympathetic antagonist a Holocaust survivor who remains wary of men in authority who wish to divide folks between us and them.In this pop culture landscape, Wickeds politics were as common as they were unremarkable. Of course the thing to fear remains a strongman who would scapegoat a literal goat. The idea of it actually occurring in your everyday life might seem so foreign as to snark about those 60s dissidents who overdid the good fightyou know, at least if you ignore how even back then the Republican administration in the White House was launching a successful reelection campaign built around stirring up fear of gay people marrying in swing states like Ohio.Which brings us to November 2024, and the strikingly more urgent context which Jon M. Chus Wicked movie finds itself opening in. When Universal Pictures dated its lavish adaptation of Broadways most popular musical for this Thanksgiving, we imagine executives were not thinking too hard about its proximity to the 2024 U.S. presidential election. However, for any viewer even vaguely aware of the news cycle these days, the parallels between Wickeds Oz and the tone and tenor of emerging American policy for the New Year are eerily linked.The shifty deviousness of the musicals Wizard of Oz was of course in the original 2003 production as well, just as the basic concept of the Wizard being a fraudulent conman from the heartland is rooted in The Wizard of Oz author L. Frank Baums satire of American populism. Yet in the original stage production of Wicked, Broadway royalty Joel Grey plays the Wizard as a huckster who got in over his head; he is something of a useful idiot who allows those around him, like the flamboyant Madame Morrible, to drag his vision to a more hateful place.Yet when the charismatic Jeff Goldblum plays the Wizard, there is a more pointed and knowing menace when he says these lines to Elphaba: When I first got here, there was discord and discontent. And where I come from, everyone knows the best way to bring folks together is to give them a real good enemy. Greys Wizard says the same horrifying thing, but back then he came off as an oblivious Harold Hill: a showtune grifter who never pauses to consider the implications of the lies he spreads.By contrast, the trailing whisper with which Goldblum emphasizes enemy far more disturbingly echoes 1930s fascism and the scapegoating of Jewish people and other minorities in Europe. It also betrays a knowing recognition of the ugly side of his life as an American expat from turn of the 20th century Kansas. The themes are more pointed and thorny in Chus Wicked movie, because how can they not be? Goldblums Wizard is saying this to an Elphaba played by a Black woman. Like Elphie, Cynthia Erivo knows all too well what its like to be prejudged and Othered due to the color of her skin.Much else in these political elements seem heightened in the Wicked movie too. This is not to say the film is a direct commentary on American politics today. There is, after all, no way the filmmakers could have predicted that the winning candidate would lie during his single fall debate about legal Haitian immigrants in Ohio eating cats and dogs. He was also, for the record, dismissed on the stage that night by the moderators for the naked blatantness of his lie, and laughed at by his opponent. And yet, a majority of the folks at home voted for the demonstrable liar who was only too happy to give folks a real good enemy.Wicked is not about Donald Trump. But it paints a picture of rising fascism and bigotries that remarkably resemble the vision of America Trump is selling. The film elevates the 1930s elements, with Michelle Yeohs far chillier Madame Morrible using a microphone that wouldnt look out of place in front of Joseph Goebbels. And this only occurs after a new sequence of her flying monkeys taking on the shape of the S.S. as they come eagerly after Elphaba. Meanwhile, during the Wizards most innocent musical moment in this film, Goldblums silhouette waltzes with a globe of the moon, not unlike Charlie Chaplins venomous caricature of Adolf Hitler in The Great Dictator (1940) dancing with a balloon replica of the world he wishes to rule.Chu and his collaborators are obviously tapping into the themes of fascism and fear-mongering that were already there and giving them added weight, gravitas, and cinematic reference. But they have inadvertently created a portrait of America today, 90 years after the historical nightmares they were drawing from. Rather than make Wicked like America circa 2024, America circa 2024 has made itself like Wicked.Read more The achievement is all the more disquieting when one remembers Wicked was originally dismissed for the sweeping generality of its metaphors. Yet what once seemed like a jejune theme in a decade rife with Never Again parables now hits like a ton of yellow bricks in an America that apparently never learned the lesson from all those warnings about where this road leads. And the choice of characters like Glinda (Ariana Grande) to go along to get along and stay safe, popular, and in power lands differently on the other side of Nov. 5.Wicked is playing in theaters now.

In 2022, designer Beth Diana Smith met with a couple who had recently purchased a 100-year-old home in Montclair, New Jersey. They hit it off, and what had started out as a conversation about a kitchen renovation ended up as talks to design the entire house, a two-story, two-bedroom home with an enclosed porch.Smith, who will be honored with the Rising Star award from the New York School of Interior Design next spring, set out with the client to keep some of the old while adding some needed new. In the living room, that meant keeping the original brick fireplace and adding a marble mantel and cubed tile surround to give it a fresh modern edge. The room was then drenched in a moody, walnut brown paint by Benjamin Moore that contrasts against the bright light and softer colors from the neighboring dining room and kitchen. But the rooms true statement moment is a navy wallcovering from Divine Savages that features a playful print of red and gold roses. Kelly MarshallA floral wallcovering by Divine Savages blankets the original brick fireplace. I do not like floral, mainly because my mother traumatized me as a kid with this big brown floral sofa that she had when I was growing up, Smith says with a laugh. The addition, per her clients request, really went beautifully with the house to blanket that fireplace, she says.In the adjacent dining room, Smith removed an existing window and added double doors, with the intent to build an outside deck off of it in the future. A chandelier by Currey & Co. hangs above a wood dining table surrounded by the clients wood dining chairs. The light fixture adds a playful modern edge to the room, with its undulant circular shape that mimics the movement in the pattern of the ceiling wallpaper. "The living room ceiling reminds me of weeping willow trees," Smith says. Kelly MarshallThe kitchen cabinets are painted in Dockside Blue by Sherwin Williams and the kitchen island is painted in Labradorite by Sherwin Williams. Of course, that kitchen renovation was a key part of the project, which entailed removing the wall between the dining room and kitchen to create a line of sight from the front door. What was previously an empty wall with a refrigerator was transformed into a more functional space with shaker-style cabinets painted in Sherwood Williamss Dockside Blue, and a dark-blue butcher-block island. Smith added a window with roman shades in a Stroheim floral print fabric, and covered the floors in a black and white patterned tile from The Tile Shop. In the primary bedroom, the client picked out a mineral green bed that was the anchor in the room. Smith sourced nightstands from West Elm and lamps from Circa Lighting for the bedside. The curtain fabric by Stroheim and a gold wallcovering behind the bed were paired to go with the bed. The goal was to see something bold and beautiful, she says.In the upstairs library, Smith helped the clients plan for the future. The couple, now expecting a child early next year, wanted to make sure the room could eventually function as a nursery. Smith covered the walls in a grasscloth and a playful animal print was selected for the window fabric.Take A Look Inside This New Jersey HomeAs for Smiths favorite piece in the house? A mask that she sourced on a trip to Rome. Smith saved sharing it with her client until the end of the project because she had a hunch it would be perfect there. And sure enough, she was right.When she saw it, she was just like, Oh, my God, can I touch it? It's just so beautiful, Smith says. When I think about this house and project, I think about that moment, and it's always those finishing touches that have a sentimental value.

Listen to a recap of the top stories of the day from9to5Mac. 9to5Mac Daily is availableon iTunes and Apples Podcasts app,Stitcher,TuneIn,Google Play, or through ourdedicated RSS feedfor Overcast and other podcast players.Sponsored by CardPointers: The best way to maximize your credit card rewards. 9to5Mac Daily listeners can exclusively save 50%.New episodes of 9to5Mac Daily are recorded every weekday. Subscribe to our podcast in Apple Podcast or your favorite podcast player to guarantee new episodes are delivered as soon as theyre available.Stories discussed in this episode:Listen & Subscribe:Subscribe to support Chance directly with 9to5Mac Daily Plus and unlock:Ad-free versions of every episodeBonus contentCatch up on 9to5Mac Daily episodes!Dont miss out on our other daily podcasts:Share your thoughts!Drop us a line at happyhour@9to5mac.com. You can also rate us in Apple Podcasts or recommend us in Overcast to help more people discover the show.Add 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Apples Find My Friends (which is now integrated into the Find My app) lets you share your location in real time with other people. Soon, Instagram users will have access to a similar feature to share their location with friends and family right from the social network.Meta announced on Monday some new features coming to Instagram direct messages, and location sharing support is one of them. The company said in a blog post that the feature aims to make it easier for people to arrange hangouts directly from their Instagram conversations. Spend more time together, and less time coordinating, the post reads.For privacy reasons, the location can only be shared individually by DMs or in a group chat. The feature is turned off by default and real-time location is only shared for one hour after that, Instagram automatically ends sharing. The app will also display an indicator to show when the location is being shared. Of course, you should never share your location with people you dont know.Unlike Apples Find My, theres no option to always share your location with others on Instagram. Earlier this year, Meta confirmed that it was testing a feature similar to Snap Map to show the location of friends on a map. However, the feature has yet to be made available to users.In addition to location sharing, Instagram is also adding new sticker packs for DMs, as well as custom nicknames for people in group chats.The Instagram app for iPhone is available for free on the App Store. Make sure you have the latest version of the app installed on your device in order to get access to the latest features. Keep in mind that when it comes to the location sharing feature, Meta says its only available in selected countries.Add 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

So long.Once in a Blue MoonThe Earth has parted ways with a tiny "mini moon" that had orbited our planet for two months at least until it swings back around for another visit two months from now.The 33-foot space rock, dubbed 2024 PT5, was first spotted by astronomers in August. It only came by for a brief visit, circling the Earth for much of the late summer in a horseshoe-shaped path before the effects of the Earth's gravitational field gave way to the much stronger forces from the Sun, as the Associated Press reports.Intriguingly, scientists believe it's possible that 2024 PT5 was once part of the Moon itself but was chipped off by a different asteroid that hit it millions of years ago.The near-Earth object never posed a threat to Earth, orbiting the planet at a safe distance. And it was more than likely one of countless objects just like it hanging out in our close vicinity.In other words, it's a reminder that "theres a pretty busy highway around the Earth," as Harvard asteroid dynamics researcher Federica Spoto told the New York Times in September.Hello GoodbyeScientists believe the so-called "mini moon" was once part of the Arjuna asteroid belt, a group of asteroids following a similar orbit to the Earth.Despite its moniker, 2024 PT5 never completed its full orbit around the Earth."You may say that if a true satellite is like a customer buying goods inside a store, objects like 2024 PT5 are window shoppers," Universidad Complutense de Madrid professor Carlos de la Fuente Marcos, lead author of an article on the asteroid published in the journal Research Notes of the AAS, told Space.com in September."So far, science has only identified two objects subjected to long captures, 2006 RH120 and 2020 CD3," he added, referring to objects that become "temporarily bound to Earth."2024 PT5 never came close enough to be visible to amateur telescopes or binoculars. However, NASA is preparing to closely follow its upcoming and equally brief visit in JanuaryAP.After that, the space rock won't be coming by to say hello for another 30 years.More on the asteroid: Earth Gaining a Temporary New Moon, Scientists SayShare This Article

Oops!Anti-ColonialismLast year, researchers excitedly announced that they had found two organic compounds essential for living organisms in samples retrieved from adistant asteroid called Ryugu.The Japanese Space Agency's Hayabusa2 spacecraft obtained the samples from the space rock in 2019 and returned them to Earth in 2020.The discovery reignited an ongoing discussion. What were the conditions necessary for life to flourish on Earth billions of years ago? Did asteroids like Ryugu perhaps seed our planet with life?But now, a team of researchers led by Matthew Genge at Imperial College London has thrown cold water on the hypothesis. As detailed in a recent paper published in the journal Meteoritics & Planetary Science, researchers did find evidence of microbial life while examining the Ryugu samples except that it wasn't from a far-flung asteroid over 100 million miles away.Instead, the microorganisms originated from Earth, indicating that the samples somehow got contaminated by our own pesky microorganisms, underscoring just how hard it is to probe off-Earth samples for evidence of extraterrestrial life."The presence of terrestrial microorganism within a sample of Ryugu underlines that microorganisms are the world's greatest colonizers and adept at circumventing contamination controls," the paper reads. "The presence of microorganisms within space-returned samples, even those subject to stringent contamination controls is, therefore, not necessarily evidence of an extraterrestrial origin."No Place to HideThe microorganisms must've been extremely adept at getting around scientists' best efforts to avoid contamination of any kind.The samples were transported in a hermetically sealed chamber and eventually opened in a nitrogen-purged clean room. Scientists used sterilized tools, themselves stored under nitrogen.Despite their best efforts, the team discovered "rods and filaments of organic matter, which are interpreted as filamentous microorganisms, on a space-returned sample from 162173 Ryugu recovered by the Hayabusa 2 mission," according to the paper.Worse yet, the abundance of these filaments changed over time, highlighting the microorganisms were hard at work colonizing the samples."The discovery emphasizes that terrestrial biota can rapidly colonize extraterrestrial specimens even given contamination control precautions," they concluded, arguing that samples like the ones returned by Hayabusa 2 can easily provide a breeding ground for Earth-based microorganisms.Where that leaves future asteroid return missions remains to be seen;in short, it's one more reason to be skeptical about future claims about the discovery of extraterrestrial life.More on Ryugu samples: Japanese Asteroid Samples Contain the Building Blocks Reveal the Building Blocks for LifeShare This Article

Dive into the evolution of phishing and malware evasion techniques and understand how attackers are using increasingly sophisticated methods to bypass security measures.The Evolution of Phishing Attacks"I really like the saying that 'This is out of scope' said no hacker ever. Whether it's tricks, techniques or technologies, hackers will do anything to evade detection and make sure their attack is successful," says Etay Maor, Chief Security Strategist at Cato Networks and member of Cato CTRL. Phishing attacks have transformed significantly over the years. 15-20 years ago, simple phishing sites were sufficient for capturing the crown jewels of the time - credit card details. Today, attacks and defense methods have become much more sophisticated, as we'll detail below."This is also the time where the "cat-and-mouse" attack-defense game began," says Tal Darsan, Security Manager and member of Cato CTRL. At the time, a major defense technique against credit card phishing sites involved flooding them with large volumes of numbers, in hopes of overwhelming them so they couldn't identify the real credit card details.But threat actors adapted by validating data using methods like the Luhn algorithm to verify real credit cards, checking issuer information via Bank Identification Numbers (BIN), and performing micro-donations to test if the card was active.Here's an example of how attackers validated credit card numbers inputted to phishing sites:Anti-Researcher TechniquesAs phishing grew more advanced, attackers added anti-research techniques to prevent security analysts from studying and shutting down their operations. Common strategies included IP blocking after one-time access to create a false pretense that the phishing site was shut down, and detecting proxy servers, as researchers often use proxies when investigating. The attacker code for one-time IP address access:The attacker code for proxy identification:Attackers have also been randomizing folder structures in their URLs during the past decades, deterring researchers from tracking phishing sites based on common directory names used in phishing kits. This can be seen in the image below:Evading Anti-VirusAnother way to evade security controls in the past was to modify malware signatures with crypting services. This made it undetectable by signature-based antivirus systems. Here's an example of such a service that was once very popular:Evading Device VerificationLet's move on to other modern evasion techniques. First, a phishing attack that targets victims by gathering detailed device informationsuch as Windows version, IP address, and antivirus softwareso attackers can better impersonate the victim's device.This data helps them bypass security checks, like device ID verification, which organizations, like banks, use to confirm legitimate logins. By replicating the victim's device environment (e.g., Windows version, media player details, hardware specs), attackers can avoid suspicion when logging in from different locations or devices.Some dark web services even provide pre-configured virtual machines that mirror the victim's device profile (see image below), adding an extra layer of anonymity for attackers and enabling safer access to compromised accounts. This demonstrates how data science and customization have become integral to criminal operations.Evading Anomaly DetectionAnother case is when defenders faced a gang using malware to exploit live bank sessions, waiting for victims to log in before swiftly performing unauthorized transactions. The challenge was that these actions appeared to come from the victim's own authenticated session, making detection difficult.This resulted in a cat-and-mouse game between attackers and defenders:Initially, defenders implemented a velocity check, flagging transactions completed too quickly as likely fraudulent.In response, attackers modified their code to simulate human typing speed by adding delays between keystrokes. This can be seen in the code below:When defenders adjusted for this by adding random timing checks, attackers countered with variable delays, blending further into legitimate behavior.This illustrates the complexity of detecting sophisticated, automated banking fraud amidst legitimate transactions.Evasive Phishing AttacksNow let's move on to more recent attacks. One of the most prominent attacks analyzed by Cato CTRL included a clever phishing attack designed to mimic Microsoft support. The incident began with a 403 error message that directed the user to a page claiming to be "Microsoft support", complete with prompts to "get the right help and support." The page presented options for "Home" or "Business" support, but regardless of which option was chosen, it redirected the user to a convincing Office 365 login page.This fake login page was crafted as part of a social engineering scheme to trick users into entering their Microsoft credentials. The attack leveraged psychological triggers, such as mimicking error messages and support prompts, to build credibility and exploit the user's trust in Microsoft's brand. This was a sophisticated phishing attempt, focusing on social engineering rather than relying solely on advanced evasion techniques.Deceptive Redirection ChainIn this next analysis, Cato CTRL investigated a phishing attack that employed complex redirection techniques to evade detection. The process began with a deceptive initial link, disguised as a popular search engine in China, which redirected through multiple URLs (using HTTP status codes like 402 and 301) before eventually landing on a phishing page hosted on a decentralized web (IPFS) link. This multi-step redirection sequence complicates tracking and logging, making it harder for cybersecurity researchers to trace the true origin of the phishing page.As the investigation continued, the Cato CTRL researcher encountered multiple evasion techniques embedded within the phishing site's code. For example, the phishing page included Base64-encoded JavaScript that blocked keyboard interactions, effectively disabling the researcher's ability to access or analyze the code directly. Additional obfuscation tactics included breakpoints in the developer tools, which forced redirection to the legitimate Microsoft homepage to hinder further inspection.By disabling these breakpoints in Chrome's developer tools, the researcher eventually bypassed these barriers, allowing full access to the phishing site's source code. This tactic highlights the sophisticated, layered defenses attackers implement to thwart analysis and delay detection, leveraging anti-sandboxing, JavaScript obfuscation and redirection chains.Phishing Resources-based DetectionAttackers are constantly adapting their own defense techniques to avoid detection. Researchers have relied on static elements, such as image resources and icons, to identify phishing pages. For instance, phishing sites targeting Microsoft 365 often replicate official logos and icons without altering names or metadata, making them easier to spot. Initially, this consistency gave defenders a reliable detection method.However, threat actors have adapted by randomizing almost every element of their phishing pages.To evade detection, attackers now:Randomize Resource Names - Image and icon filenames, previously static, are heavily randomized on each page load.Randomize Page Titles and URLs - The titles, subdomains and URL paths constantly change, creating new randomized strings each time the page is accessed, making it more challenging to track.Implement Cloudflare Challenges - They use these challenges to verify that a human (not an automated scanner) is accessing the page, which makes automated detection by security tools harder.Despite these techniques, defenders have found new ways to bypass these evasions, although it's an ongoing game of adaptation between attackers and researchers.The masterclass reveals many more malware and phishing attacks and how they evade traditional measures, including:Malware droppers for payload distribution.HTML files in phishing emails to initiate a multi-step malware download involving password-protected zip files.File smuggling and magic byte manipulation.SVG smuggling and B64 encoding.Leveraging trusted cloud applications (e.g., Trello, Google Drive) for command and control to avoid detection by standard security systems.Prompt injections within malware to mislead AI-based malware analysis tools.Repurposing the TDSS Killer rootkit removal tool to disable EDR services, specifically targeting Microsoft Defender.Telegram bots as a means of receiving stolen credentials, allowing attackers to quickly create new drop zones as needed.Generative AI used by attackers to streamline the creation and distribution of attacks.Network-based threat hunting without endpoint agents.What's Next for Defenders?How can defenders gain the upper hand in this ongoing cat-and-mouse game? Here are a few strategies:Phishing Training & Security Awareness - While not foolproof, awareness training raises the likelihood of recognizing and mitigating cyber threats.Credential Monitoring - Leveraging tools that analyze connection patterns can preemptively block potentially malicious activities.Machine Learning & Threat Detection - Advanced tools to identify sophisticated threats. Unified Threat Hunting Platform - A single, converged platform approach (rather than multiple point solutions) for expanded threat hunting. This includes network-based threat hunting without endpoint agents and using network traffic analysis to detect IoCs.Attack Surface Reduction - Proactively reducing attack surfaces by auditing firewalls, tuning configurations and reviewing security settings regularly. Addressing misconfigurations and following vendor advisories can help secure the organization's defenses against new threats.Avoiding Platform Bloat - Multiple attack chokepoints along the threat kill chain are essential, "but this does not mean adding many point solutions," emphasizes Maor. "A converged platform with one interface that actually can look at everything: the network, the data, through a single pass engine running through each packet and understanding whether it's malicious or not."Watch the entire masterclass here.Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter and LinkedIn to read more exclusive content we post.

We hear terms like "state-sponsored attacks" and "critical vulnerabilities" all the time, but what's really going on behind those words? This week's cybersecurity news isn't just about hackers and headlinesit's about how digital risks shape our lives in ways we might not even realize.For instance, telecom networks being breached isn't just about stolen datait's about power. Hackers are positioning themselves to control the networks we rely on for everything, from making calls to running businesses. And those techy-sounding CVEs? They're not just random numbers; they're like ticking time bombs in the software you use every day, from your phone to your work tools.These stories aren't just for the expertsthey're for all of us. They show how easily the digital world we trust can be turned against us. But they also show us the power of staying informed and prepared. Dive into this week's recap, and let's uncover the risks, the solutions, and the small steps we can all take to stay ahead in a world that's moving faster than ever. You don't need to be a cybersecurity pro to carejust someone who wants to understand the bigger picture. Let's explore it together! Threat of the WeekNew Liminal Panda Group Goes After the Telecom Sector: A previously undocumented China-nexus cyber espionage group, Liminal Panda, has orchestrated a series of targeted cyber attacks on telecom entities in South Asia and Africa since 2020. Using sophisticated tools like SIGTRANslator and CordScan, the group exploits weak passwords and telecom protocols to harvest mobile subscriber data, call metadata, and SMS messages. This development coincides with U.S. telecom providers, including AT&T, Verizon, T-Mobile, and Lumen Technologies, becoming targets of another China-linked hacking group, Salt Typhoon. The U.S. Cyber Command has stated that these efforts aim to establish footholds in critical U.S. infrastructure IT networks, potentially preparing for a major clash with the U.S. Top NewsPalo Alto Networks Flaws Exploited to Compromise About 2,000 Devices: The newly disclosed security flaws impacting Palo Alto Networks firewalls CVE-2024-0012 (CVSS score: 9.3) and CVE-2024-9474 (CVSS score: 6.9) have been exploited to breach roughly 2,000 devices across the world. These vulnerabilities could allow an attacker to bypass authentication and escalate their privileges to perform various malicious actions, including executing arbitrary code. The network security vendor told The Hacker News that the number "represents less than half of one percent of all Palo Alto Networks firewalls deployed globally that remain potentially unpatched." The company also said it had been proactively sharing information since November 8, 2024, urging customers to secure their device management interfaces and mitigate potential threats. The guidance, it added, has been effective in mitigating threat activity to a great extent.5 Alleged Scattered Spider Members Charged: The U.S. unsealed charges against five members of the infamous Scattered Spider cybercrime crew, including a U.K. national, for their role in orchestrating social engineering attacks between September 2021 to April 2023 to steal credentials and siphon funds from cryptocurrency wallets. If convicted, each of the U.S.-based defendants face up to 27 years in prison for all the charges.Ngioweb Botnet Malware Fuels NSOCKS Proxy Service: The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as other services such as VN5Socks and Shopsocks5. The attacks primarily target vulnerable IoT devices from various vendors like NETGEAR, Uniview, Reolink, Zyxel, Comtrend, SmartRG, Linear Emerge, Hikvision, and NUUO, using automated scripts in order to deploy the Ngioweb malware.Russian Threat Actors Unleash Attacks Against Central Asia: A Russian threat activity cluster dubbed TAG-110 has primarily targeted entities in Central Asia, and to a lesser extent East Asia and Europe, as part of a broad campaign that deploys malware known as HATVIBE and CHERRYSPY for information gathering and exfiltration purposes. TAG-110 is assessed to be affiliated with a Russian state-sponsored hacking group called APT28.North Korea's IT Worker Scheme's Chinese Links Uncovered: A new analysis has revealed that the fake IT consulting firms set up North Korean threat actors to secure jobs at companies in the U.S. and abroad are part of a broader, active network of front companies originating from China. In these schemes, the IT workers who land employment under forged identities have been observed funneling their income back to North Korea through the use of online payment services and Chinese bank accounts.Cybercriminals Use Ghost Tap Method for Cash-Out: A legitimate near-field communication (NFC) research tool called NFCGate is being abused by cybercriminals to cash out funds from victim's bank accounts via point-of-sale (PoS) terminals. One crucial caveat here is that the attack hinges on the threat actors previously compromising a device and installing some sort of a banking malware that can capture credentials and two-factor authentication (2FA) codes. Trending CVEsRecent cybersecurity developments have highlighted several critical vulnerabilities, including: CVE-2024-44308, CVE-2024-44309 (Apple), CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-11003, CVE-2024-10224 (needrestart), CVE-2024-51092 (LibreNMS), CVE-2024-10217, CVE-2024-10218 (TIBCO), CVE-2024-50306 (Apache Traffic Server), CVE-2024-10524 (wget), CVE-2024-34719 (Android), CVE-2024-9942 (WPGYM), CVE-2024-52034 (mySCADA myPRO), and CVE-2024-0138 (NVIDIA). These security flaws are serious and could put both companies and regular people at risk. Around the Cyber WorldA New Way to outsmart Fortinet's Logging Mechanism: Thanks to a quirk in Fortinet VPN server's logging mechanism, which only captures failed login events during authentication attempts against the server, a malicious attacker could conceal the successful verification of credentials during a brute-force attack without tipping off incident response (IR) teams of compromised logins. While a log entry for the successful login is created during the authorization phase, the attacker could devise a method that stops at the authentication step, and confirm if the credentials are legitimate. "This discovery was surprising, as it indicated that IR teams monitoring Fortinet VPN usage, cannot differentiate between a failed and a successful brute-force attempt," Pentera said. "This means that if an attacker were to use the technique we discovered, the successful login could go undetected, potentially leaving their network compromised."Cross-Site Scripting (XSS) Flaw Uncovered in Bing: A newly disclosed XSS flaw in Microsoft Bing could have been abused to execute arbitrary code in the context of the website by taking advantage of an API endpoint in Bing Maps Dev Center Portal. This could allow an attacker to render a specially-crafted map within the www.bing[.]com context and trigger code execution by bypassing a Keyhole Markup Language (KML) HTML/XSS blocklist. Following responsible disclosure on August 26, 2024, the issue was addressed by Microsoft as of September 30.CWE Top 25 Most Dangerous Software Weaknesses for 2024 Released: Speaking of XSS flaws, the vulnerability class has topped the list of top 25 Dangerous Software Weaknesses compiled by MITRE based on an analysis of 31,770 Common Vulnerabilities and Exposures (CVE) records from the 2024 dataset. Out-of-bounds writes, SQL injections, Cross-Site Request Forgery (CSRF) flaws, and path traversal bugs round up the remaining four spots. "Uncovering the root causes of these vulnerabilities serves as a powerful guide for investments, policies, and practices to prevent these vulnerabilities from occurring in the first place benefiting both industry and government stakeholders," MITRE said.Millions of Data Records Exposed Due to Power Pages Misconfigurations: Missing or misconfigured access controls in websites built with Microsoft Power Pages are exposing private organizations and government entities' sensitive data to outside parties, including full names, email addresses, phone numbers, and home addresses, leading to potential breaches. "These data exposures are occurring due to a misunderstanding of access controls within Power Pages, and insecure custom code implementations," AppOmni said. "By granting unauthenticated users excessive permissions, anyone may have the ability to extract records from the database using readily-available Power Page APIs." What's more, some sites have been found to grant even anonymous users "global access" to read data from database tables and fail to implement masking for sensitive data.Meta Fined $25.4 million in India Over 2021 WhatsApp Privacy Policy: India's competition watchdog, the Competition Commission of India (CCI), slapped Meta with a five-year ban on sharing information collected from WhatsApp with sister platforms Facebook and Instagram for advertising purposes. It also levied a fine of 213.14 crore (about $25.3 million) for antitrust violations stemming from the controversial 2021 privacy policy update, stating the updated privacy policy is an abuse of dominant position by the social media giant. The policy update, as revealed by The Hacker News in early January 2021, sought users' agreement to broader data collection and sharing with no option to refuse the changes. "The policy update, which compelled users to accept expanded data collection and sharing within the Meta group on a 'take-it-or-leave-it' basis, violated user autonomy by offering no opt-out option," the Internet Freedom Foundation (IFF) said. "The ruling reinforces the need for greater accountability from tech giants, ensuring that users' rights are protected, and the principles of fair competition are upheld in digital markets." Meta said it disagrees with the ruling, and that it intends to challenge CCI's decision.Alleged Russian Phobos ransomware administrator extradited to U.S.: A 42-year-old Russian national, Evgenii Ptitsyn (aka derxan and zimmermanx), has been extradited from South Korea to the U.S. to face charges related to the sale, distribution, and operation of Phobos ransomware since at least November 2020. Ptitsyn, who is alleged to be an administrator, has been charged in a 13-count indictment with wire fraud conspiracy, wire fraud, conspiracy to commit computer fraud and abuse, four counts of causing intentional damage to protected computers, and four counts of extortion in relation to hacking. More than 1,000 public and private entities in the U.S. and around the world are estimated to have been victimized by the ransomware group, earning them more than $16 million dollars in extorted ransom payments. Ptitsyn and his co-conspirators have been accused of advertising the Phobos ransomware for free through posts on cybercrime forums, and charging their affiliates around $300 to receive the decryption key to access the data. Describing it as a "lower-profile but highly impactful threat," Trellix said, "Phobos' approach focused on volume rather than high-profile targets, allowing it to maintain a steady stream of victims while remaining relatively under the radar." It also helped that the ransomware operation lacked a dedicated data leak site, enabling it to avoid drawing the attention of law enforcement and cybersecurity researchers.Jailbreaking LLM-Controlled Robots: New research from a group of academics from the University of Pennsylvania has found that it's possible to jailbreak large language models (LLMs) used in robotics, causing them to ignore their safeguards and elicit harmful physical damage in the real world. The attacks, dubbed RoboPAIR, have been successfully demonstrated against "a self-driving LLM, a wheeled academic robot, and, most concerningly, the Unitree Go2 robot dog, which is actively deployed in war zones and by law enforcement," security researcher Alex Robey said. "Although defenses have shown promise against attacks on chatbots, these algorithms may not generalize to robotic settings, in which tasks are context-dependent and failure constitutes physical harm." Expert Webinar Building Secure AI AppsNo More Guesswork AI is taking the world by storm, but are your apps ready for the risks? Whether it's guarding against data leaks or preventing costly operational chaos, we've got you covered. In this webinar, we'll show you how to bake security right into your AI apps, protect your data, and dodge common pitfalls. You'll walk away with practical tips and tools to keep your AI projects safe and sound. Ready to future-proof your development game? Save your spot today! Protect What Matters Most: Master Privileged Access Security Privileged accounts are prime targets for cyberattacks, and traditional PAM solutions often leave critical gaps. Join our webinar to uncover blind spots, gain full visibility, enforce least privilege and Just-in-Time policies, and secure your organization against evolving threats. Strengthen your defensesregister now! Master Certificate Replacement Without the Headache Is replacing revoked certificates a total nightmare for your team? It doesn't have to be! Join our free webinar and learn how to swap out certificates like a profast, efficient, and stress-free. We'll reveal how to cut downtime to almost zero, automate the entire process, stay ahead with crypto agility, and lock in best practices that'll keep your systems rock-solid. Don't let certificates slow you downget the know-how to speed things up! Cybersecurity ToolsHalberd: Multi-Cloud Security Testing Tool Halberd is an open-source tool for easy, proactive cloud security testing across Entra ID, M365, Azure, and AWS. With a sleek web interface, it lets you simulate real-world attacks, validate defenses, and generate actionable insightsall at lightning speed. From attack playbooks to detailed reports and smart dashboards, Halberd makes tackling cloud misconfigurations a breeze.BlindBrute: Your Go-To Tool for Blind SQL Injection BlindBrute is a powerful and flexible Python tool designed to simplify blind SQL injection attacks. It detects vulnerabilities using status codes, content length, keywords, or time-based methods and adapts to various scenarios with customizable payloads. With features like database and column detection, data length discovery, and multiple extraction methods (character-by-character, binary search, or dictionary attack), BlindBrute ensures efficient data retrieval. Plus, it supports multithreading, customizable HTTP requests, and all major HTTP methods, making it a versatile solution for tackling complex SQL injection tasks with ease. Tip of the WeekNeutralize Threats with DNS Sinkholing Ever wish you could cut off malware and phishing attacks before they even reach your systems? That's exactly what DNS sinkholing doesand it's simpler than you think. By redirecting traffic headed to known malicious domains (used by botnets, phishing, or malware) to a "sinkhole" IP, this technique blocks threats right at the source. All you need is a DNS server, a feed of real-time threat data from sources like Spamhaus or OpenPhish, and a controlled sinkhole server to stop bad actors in their tracks.But here's the kicker: DNS sinkholing doesn't just block threatsit's a detective, too. When infected devices try to reach sinkholed domains, their activity gets logged, giving you a clear view of which endpoints are compromised. This means you can pinpoint the issue, isolate the infected devices, and fix the problem before it spirals out of control. Want to take it a step further? You can even set it up to alert users when threats are blocked, raising awareness and curbing risky behavior.The best part? Pair DNS sinkholing with automated tools like SIEM systems, and you'll get instant alerts, detailed threat reports, and a real-time look at your network security. It's low-cost, high-impact, and incredibly effectivea modern, proactive way to turn your DNS into your first line of defense. Ready to level up your threat management game? DNS sinkholing is the tool you didn't know you needed.ConclusionThis week's news shows us one thing loud and clear: the digital world is a battleground, and everything we useour phones, apps, and networksis in the crossfire. But don't worry, you don't need to be a cybersecurity expert to make a difference.Staying sharp about threats, questioning how secure your tools really are, and doing simple things like keeping software updated and using strong passwords can go a long way.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

The Disney live-action remake train rolls on withLilo & Stitch, one of the final 2D animated movies from the studio and now a live-action remake fromDean Fleischer Camp (Marcel the Shell With Shoes On). The new version features a live-action cast, plus Stitch, who is still an animated creation, obviously, but now done in more realistic 3D digital animation instead of the hand-drawn kind.You can get your first look at the live-action Stitch in the films first teaser below. I would assume if youre planning on seeingMoana 2 in theaters this weekend, youll almost certainly see it on the big screen there as well.READ MORE: The Worst Disney Live-Action Remakes EverThe originalLilo & Stitch premiered in the summer of 2002 and became a major hit for Disney. It told the story of a Hawaiian orphan named Lilo who strikes up a friendship with a furry alientroublemaker who winds up on Earth. After grossing nearly $300 million in theaters, Lilo & Stitchspawnedseveral direct-to-video sequels, numerous animated series, a bunch of video games and now this remake.Here is thenewLilo & Stitchsofficial synopsis:A live-action reimagining of Disneys 2002 animated classic, Lilo & Stitch is the wildly funny and touching story of a lonely Hawaiian girl and the fugitive alien who helps to mend her broken family. Directed by Dean Fleischer Camp, the Oscar-nominated filmmaker behind the animated feature film Marcel the Shell with Shoes On, the film stars Sydney Elizebeth Agudong, Billy Magnussen, Tia Carrere, Hannah Waddingham, Chris Sanders, with Courtney B. Vance, and Zach Galifianakis, introducing Maia Kealoha.Lilo & Stitch(in live-action) is scheduled to open in theaters on May 23, 2025.Get our free mobile app15 Once-Beloved Movies That Have Faded AwayThese movies were massive blockbusters on their initial release. As the years have gone by, theyve havent become generational classics.Filed Under: Disney, Lilo and StitchCategories: Movie News, Trailers

Are you passionate about connecting with talented people and helping them find their perfect fit? Do you thrive in a remote work environment and excel in recruiting for IT positions? If so, wed love to hear from you!At OTGS, were looking for a dedicated and results-driven Recruiter to help us grow our global team. Youll play a crucial role in finding, attracting, and hiring top talents while ensuring a seamless and positive hiring experience for both candidates and hiring teams.Must-Have+5 years experience as a recruiter, and at least 3 years in a remote-work with a focus on hiring for remote IT positions,Hands-on experience with various selection processes (resume screening, video interviewing, reference checking, etc),Hands-on experience with job boards and recruiting software,Excellent verbal and written English communication skills, with the ability to engage candidates and internal team members effectively,Strong decision-making skills,Creative problem-solving and adaptability in challenging hiring situations,Reliability and resourcefulness,Enthusiasm for staying up-to-date with recruitment trends, tools, and best practices,Flexibility and readiness to help with other HR-related responsibilities when needed,Genuine care for candidate experience, ensuring every applicant has a positive interaction with OTGS.Nice-to-HaveExpertise in Excel/Google Sheets,Experience with using AI for recruitment needs,Ability to speak other languages.Key QualitiesPassionate about People: you are enthusiastic about connecting with people, understanding their strengths, and aligning them with the right opportunities.Result-Oriented and Self-Motivated: you have a proven track record of meeting hiring targets and achieving recruitment KPIs.Detail-Oriented and Organized: you are experienced in managing multiple roles simultaneously with efficiency, ensuring timely follow-ups and clear communication.Data-Driven Mindset: you useWhat Youll DoCollaborate with our HR, development, and marketing teams to understand their needs and requirements,Come up with an advertising strategy and choose the best places to advertise for candidates,Write great job descriptions,Post jobs and do the initial candidate screening,Manage the entire interview process,Provide honest, constructive, and caring feedback to all candidates at all stages of the process,Assess applicants relevant knowledge, hard skills, soft skills, experience, aptitudes, and whether they will be a positive addition to our culture.Take care of the referral check processProvide analytical and well-documented recruiting reports to the rest of the team.Help with other HR-related tasks and activities if needed.What We Offer100% remote position,Body And Mind Movement (BAMM) program to support your physical activities and other hobbies,A computer budget to make your workplace better,A Kindle device with an access to our company Amazon account,We respect national holidays in each country and want you to have a rest these days,Being part of a team of smart, self-driven individuals,Great opportunity to progress and advance,Collaborating with team members across the globe.Were excited to hear from you and see what we can achieve together at OTGS! Related Jobs See more All Other Remote jobs