Nov 23, 2024Ravie LakshmananCloud Security / Threat IntelligenceGovernment agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077.The adversary, believed to be active since at least January 2024, has also conducted cyber attacks against the Defense Industrial Base (DIB), aviation, telecommunications, and financial and legal services across the world, Microsoft said.The activity cluster, the company added, overlaps with a threat group that Recorded Future's Insikt Group is tracking as TAG-100.Attack chains have involved targeting various internet-facing edge devices using publicly available exploits to gain initial access and drop Cobalt Strike as well as open-source malware such as Pantegana and Spark RAT, the cybersecurity company noted back in July."Over the past decade, following numerous government indictments and the public disclosure of threat actors' activities, tracking and attributing cyber operations originating from China has become increasingly challenging as the attackers adjust their tactics," Microsoft said.Storm-2077 is said to orchestrate intelligence-gathering missions using phishing emails to harvest valid credentials associated with eDiscovery applications for follow-on exfiltration of emails, which could contain sensitive information that could enable attackers to advance their operations."In other cases, Storm-2077 has been observed gaining access to cloud environments by harvesting credentials from compromised endpoints," Microsoft said. "Once administrative access was gained, Storm-2077 created their own application with mail read rights."The disclosure comes as Google's Threat Intelligence Group (TAG) shed light on a pro-China influence operation (IO) called GLASSBRIDGE that employs a network of inauthentic news sites and newswire services to amplify narratives that are aligned with the country's views and political agenda globally.The tech giant said it has blocked more than a thousand GLASSBRIDGE-operated websites from showing up in its Google News and Google Discover products since 2022."These inauthentic news sites are operated by a small number of stand-alone digital PR firms that offer newswire, syndication and marketing services," TAG researcher Vanessa Molter said. "They pose as independent outlets that republish articles from PRC state media, press releases, and other content likely commissioned by other PR agency clients."This includes companies known as Shanghai Haixun Technology (which includes the HaiEnergy cluster), Times Newswire/Shenzhen Haimai Yunxiang Media (aka the PAPERWALL campaign), Shenzhen Bowen Media, and DURINBRIDGE, the last of which is a commercial firm distributing content for Haixun and DRAGONBRIDGE.Shenzhen Bowen Media, a China-based marketing firm, is also said to operate World Newswire, the same press release service used by Haixun to place pro-Beijing content on the subdomains of legitimate news outlets, as revealed by Google's Mandiant in July 2023.Some of the subdomains identified were markets.post-gazette[.]com, markets.buffalonews[.]com, business.ricentral[.]com, business.thepilotnews[.]com, and finance.azcentral[.]com, among others."The inauthentic news sites operated by GLASSBRIDGE illustrate how information operations actors have embraced methods beyond social media in an attempt to spread their narratives," Molter said. "By posing as independent, and often local news outlets, IO actors are able to tailor their content to specific regional audiences and present their narratives as seemingly legitimate news and editorial content."Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

Nov 23, 2024Ravie LakshmananArtificial Intelligence / CryptocurrencyThe North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period.These findings come from Microsoft, which said that multiple threat activity clusters with ties to the country have been observed creating fake profiles on LinkedIn, posing as both recruiters and job seekers to generate illicit revenue for the sanction-hit nation.Sapphire Sleet, which is known to be active since at least 2020, overlaps with hacking groups tracked as APT38 and BlueNoroff. In November 2023, the tech giant revealed that the threat actor had established infrastructure that impersonated skills assessment portals to carry out its social engineering campaigns.One of the main methods adopted by the group for over a year is to pose as a venture capitalist, deceptively claiming an interest in a target user's company in order to set up an online meeting. Targets who fall for the bait and attempt to connect to the meeting are shown error messages that urge them to contact the room administrator or support team for assistance.Should the victim reach out to the threat actor, they are either sent an AppleScript (.scpt) file or a Visual Basic Script (.vbs) file depending on the operating system used to resolve the supposed connection issue.Under the hood, the script is used to download malware onto the compromised Mac or Windows machine, ultimately allowing the attackers to obtain credentials and cryptocurrency wallets for subsequent theft.Sapphire Sleet has been identified masquerading as a recruiters for financial firms like Goldman Sachs on LinkedIn to reach out to prospective targets and ask them to complete a skills assessment hosted on a website under their control."The threat actor sends the target user a sign-in account and password," Microsoft said. "In signing in to the website and downloading the code associated with the skills assessment, the target user downloads malware onto their device, allowing the attackers to gain access to the system."Redmond has also characterized North Korea's dispatching of thousands of IT workers abroad as a triple threat that makes money for the regime through "legitimate" work, allows them to abuse their access to get hold of intellectual property, and facilitates data theft in exchange for a ransom."Since it's difficult for a person in North Korea to sign up for things such as a bank account or phone number, the IT workers must utilize facilitators to help them acquire access to platforms where they can apply for remote jobs," it said. "These facilitators are used by the IT workers for tasks such as creating an account on a freelance job website."This includes creating bogus profiles and portfolios on developer platforms like GitHub and LinkedIn to communicate with recruiters and apply for jobs.In some instances, they have also been found using artificial intelligence (AI) tools like Faceswap to modify photos and documents stolen from victims or show them against the backdrop of professional-looking settings. These pictures are then utilized on resumes or profiles, sometimes for several personas, that are submitted for job applications."In addition to using AI to assist with creating images used with job applications, North Korean IT workers are experimenting with other AI technologies such as voice-changing software," Microsoft said."The North Korean IT workers appear to be very organized when it comes to tracking payments received. Overall, this group of North Korean IT workers appears to have made at least 370,000 US dollars through their efforts."Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

Josh Brolin says he will quit acting if Denis Villeneuve isn't nominated for an Oscar for Dune: Part Two.The actor starred in the first installment of the sci-fi film in 2021 as well as this years sequel playing Gurney Halleck, who mentors Timothee Chalamets character Paul Atreides, and hes adamant the director needs to be recognized at the upcoming Academy Awards.He told Variety: If he [Villeneuve] doesnt get nominated this year, Ill quit acting. It was a better movie than the first one ... when I watched it, it felt like my brain was broken open. Its masterful, and Denis is one of our master filmmakers. If the Academy Awards have any meaning whatsoever, theyll recognize him.DUNE 2Warner Bros.loading...It comes after the director recently revealed hes been hard at work preparing for the third movie in the series and insisted the first two films are two parts of the same story while number three, Dune: Messiah, takes place more than a decade after the events of the first two.He told Deadline: Lets say that I thought that after Part Two that I will take a break, that I will go back in the woods and stay in the woods for a while to recover. But the woods werent really suiting me, and I would go back behind the camera faster than I think. But thats all I can say... Im in the writing zone right now.He added of his plans for the third film: For me [the first two films are] like one entity. Its a movie made in two parts. Its finished, its done ... with Dune: Messiah, I think itll be a great idea to do something completely different. The story takes place like 12 years after where we left the characters at the end of Part Two.Their journey, their story is different this time, and thats why I always say that while its the same world its a new film with new circumstances."He added the next movie will finish the Paul Atreides arc.Get our free mobile appFuturistic Sci-Fi Movies That Are Now Set In The PastWhen these sci-fi movies came out, they offered predictions for the future of society years later, they're officially set in the past.Filed Under: Alexis Denisof, Denis Villeneuve, Dune, Dune: Part Two, Josh BrolinCategories: Movie News

Time zones: EST (UTC -5), CST (UTC -6), MST (UTC -7), PST (UTC -8), AKST (UTC -9), HST (UTC -10), ART (UTC -3), UTC -4, UTC -4:30, UTC -3, UTC -2, SBT (UTC +11), GMT (UTC +0), CET (UTC +1), EET (UTC +2), MSK (UTC +3)About UsQuickMail operates in a fast-paced outreach industry where we constantly innovate and pivot quickly to serve our clients.We're a small team of highly skilled individuals working directly with the founder, focused on delivering real impact and embracing challenges head-on.The RoleWe're seeking a high-energy Outbound Sales Development Representative to generate leads, conduct product demonstrations, and drive our sales process forward.This role requires someone who thrives in a fast-paced environment and is highly motivated by solving problems independently.Core ResponsibilitiesGenerate and qualify leads from business databases.Cold call leads to confirm appointments to reduce no-shows.Conduct product demos that convert to prospective clients.Track all sales activities and maintain an accurate pipeline in CRM (Pipedrive).Follow up promising leads by LinkedIn/Email/Phone.Work closely with customer success to make sure leads close.Adapt quickly to new market conditions and product updates.Required Skills & AttributesProven track record in B2B SaaS salesComfortable with cold calling leads, youll need to call to make sure people wont be no-shows, and follow up when ghosted.Exceptional communication and presentation skills (build rapport, ask relevant questions, and drive urgency)Self-motivated with strong problem-solving abilities.Comfortable working autonomously with minimal supervision.Ability to learn technical concepts quickly and explain them simply.Experience with CRM systems and sales tools.Resilient and adaptable to rapid changes.Comfortable receiving and giving direct feedback publicly.Cultural Fit - You ShouldLove working and see it as fulfilling rather than just a job.Thrive in a merit-based environment without defined career paths.Be comfortable with changes and fast-paced environments.Welcome direct feedback and accountability.Have Koalas as your favorite animals to fill out the candidate application form.Be proactive in problem-solving without waiting for direction.Be ready to work directly with the founder and be 200% accountable for your work.Interview ProcessInitial 30-45 minute Zoom interview to assess sales capabilities.24-hour practical assessment simulating actual sales work (cold calls, follow-up emails).2-week paid trial period with specific performance benchmarks to be metClear metrics will be set for success (e.g., number of leads generated, demos conducted, and people closed)Performance will be evaluated based on actual results, not just activity.What We OfferOpportunity to directly impact a growing company and be one of the first salespersons to pioneer the sales department.Merit-based growth potential. A place that rewards proactivity and problem-solving.Direct access to leadership and quick decision-makingA very open and entrepreneurial environment; ideal if you want to learn the ropes for starting your business in the future.A chance to work with cutting-edge technology.NoteThis is not a typical 9-5 role. We're looking for someone who genuinely enjoys work and wants to grow with us.If you prefer well-established structures or clearly defined paths, this position might not be for you.QuickMail values giving and receiving feedback, and we prioritize performance over social harmony. We're looking for individuals who are comfortable with direct communication and ready to contribute to our fast-paced, results-driven environment. Related Jobs See more Sales and Marketing jobs

About Us:Were a small, scrappy team that loves smart solutions and fast results.No egos, no dramajust clever ideas and a drive to build cool stuff.Our focus? AI and VR.We research and create apps about topics like AI girlfriends, deepfake tools, FaceSwap, and AI video generators.We use smart SEO and content generation as one of our top marketing channels.Who We're Looking For:A tech-savvy problem solver who's more hacker than hardcore developer.You're humble, resourceful. Dare i say lazy? (you dont like manual work and you look for wise solutions).You embrace AI, utilize prebuilt tools, and aren't afraid to dive into web scraping and automation.Expected Salary:Must-Haves:Scraping Skills: Experience with web scraping tools and techniques.Coding Chops: Proficient in at least one programming language (Python, JavaScript, etc.).AI Enthusiasm: Comfortable using AI tools to boost productivity.Humble Attitude: Low ego, high openness to feedback, and eager to learn.Problem-Solving Mindset: You see challenges as opportunities.Clear Communicator: You keep the team in the loop with timely updates.Bonus Points For:SEO Know-How: Familiarity with SEO, keyword research, and tools like Ahrefs.Programmatic SEO Experience: If you've automated SEO tasks before, we want to hear about itWhat You WON'T Be:An Elitist or Diva: No room for big egos or rigid mindsets.Drama Magnet: We value a hassle-free, collaborative environment.What You'll Do:Tackle web scraping projects to gather essential data.Develop automations to streamline workflows.Collaborate on implementing programmatic SEO strategies.Leverage AI tools to enhance efficiency.Communicate regularly with the team, sharing insights and updates.Why Join Us:Results-Driven Focus: We measure success by results, not hours logged. Be effective, work wisely, and take ownership of your time.Ego-Free Environment: We're committed to results, clarity, and factsno ego, no fluff, just meaningful work.Flexible Remote Work: Work during the hours when you're most productiveyour time, your schedule.Accelerate Your Growth: Achieve exceptional progress and accomplish more at a faster pace than you ever imagined.How to Apply:You'll need to fill a simple Google form (5-10mins max) that will check your attention to detail and give us a glimpse on how your hacker mind works. Related Jobs See more Full-Stack Programming jobs

Comment marche Face ID ?

The truth is...

Python Functions: Timeit Function

This article is from The Spark, MIT Technology Reviews weekly climate newsletter. To receive it in your inbox every Wednesday, sign up here. Well, what about China? This is a comment I get all the time on the topic of climate change, both in conversations and on whatever social media site is currently en vogue. Usually, it comes in response to some statement about how the US and Europe are addressing the issue (or how they need to be). Sometimes I think people ask this in bad faith. Its a rhetorical way to throw up your hands, imply that the US and Europe arent the real problem, and essentially say: if they arent taking responsibility, why should we? However, amid the playground-esque finger-pointing there are some undeniable facts: China emits more greenhouse gases than any other country, by far. Its one of the worlds most populous countries and a climate-tech powerhouse, and its economy is still developing. With many complicated factors at play, how should we think about the countrys role in addressing climate change? Chinas emissions are the highest in the world, topping 12 billion tons of carbon dioxide in 2023, according to the International Energy Agency. Theres context missing if we just look at that one number, as I wrote in my latest story that digs into recent global climate data. Since carbon dioxide hangs around in the atmosphere for centuries, we should arguably consider not just a countrys current emissions, but everything its produced over time. If we do that, the US still takes the crown for the worlds biggest climate polluter. However, China is now in second place, according to a new analysis from Carbon Brief released this week. In 2023, the country exceeded the EUs 27 member states in historical emissions for the first time. This reflects a wider trend that were seeing around the world: Developing nations are starting to account for a larger fraction of emissions than they used to. In 1992, when countries agreed to the UN climate convention, industrialized countries (a category called Annex I) made up about one-fifth of the worlds population but were responsible for a whopping 61% of historical emissions. By the end of 2024, though, those countries share of global historical emissions will fall to 52%, and it is expected to keep ticking down. China, like all nations, will need to slash its emissions for the world to meet global climate goals. One crucial point here is that while its emissions are still huge, there are signs that the nation is making some progress. Chinas carbon dioxides emissions are set to fall in 2024 because of record growth in low-carbon energy sources. That decline is projected to continue under the countrys current policy settings, according to an October report from the IEA. Chinas oil demand could soon peak and start to fall, largely because its seeing such a huge uptake of electric vehicles. One growing question: With all this progress and a quickly growing economy, should we be expecting China to do more than just make progress on its own emissions? As I wrote in the newsletter last week, the current talks at COP29 (the UN climate conference) are focused on setting a new, more aggressive global climate finance goal to help developing nations address climate change. China isnt part of the group of countries that are required to pay into this pot of money, but some are calling for that to change given that it is the worlds biggest polluter. One interesting point hereChina already contributes billions of dollars in climate financing each year to developing countries, according to research published earlier this month by the World Resources Institute. The countrys leadership has said it will only make voluntary contributions, and that developed nations should still be the ones responsible for mandatory payments under the new finance goals. Talks at COP29 arent going very well. The COP29 president called for faster action, but progress toward a finance deal has stalled amid infighting over how much money should be on the table and who should pay up. Chinas complex role in emissions and climate action is far from the only holdup at the talks. Leaders from major nations including Germany and France canceled plans to attend, and the looming threat that the US could pull out of the Paris climate agreement is coloring the negotiations. But disagreement over how to think about Chinas role in all this is a good example of how difficult it is to assign responsibility when it comes to climate change, and how much is at play in global climate negotiations. One thing I do know for sure is that pointing fingers doesnt cut emissions. Now read the rest of The Spark Related reading Dig into the data with me in my latest story, which includes three visualizations to help capture the complexity of global emissions. Read more about why global climate finance is at the center of this years UN climate talks in last weeks edition of the newsletter. Keeping up with climate Fusion energy has been a dream for decades, and a handful of startups say were closer than ever to making it a reality. This deep dive looks at a few of the companies looking to be the first to deploy fusion power. (New York Times) I recently visited one of the startups, Commonwealth Fusion Systems. (MIT Technology Review)President-elect Donald Trump has tapped Chris Wright to lead the Department of Energy. Wright is head of the fracking company Liberty Energy. (Washington Post) In the wake of Trumps election, it might be time for climate tech to get a rebrand. Companies and investors might increasingly avoid using the term, opting instead for phrases like energy independence or frontier tech, to name a few. (Heatmap) Rooftop solar has saved customers in California about $2.3 billion on utility bills this year, according to a new analysis. This result is counter to a report from a state agency, which found that rooftop panels impose over $8 billion in extra costs on consumers of the states three major utilities. (Canary Media) Low-carbon energy needs much less material than it used to. Rising efficiency in making technology like solar panels bodes well for hopes of cutting mining needs. (Sustainability by Numbers) New York governor Kathy Hochul has revived a plan to implement congestion pricing, which would charge drivers to enter the busiest parts of Manhattan. It would be the first such program in the US. (The City) Enhanced geothermal technology could be close to breaking through into commercial success. Companies that aim to harness Earths heat for power are making progress toward deploying facilities. (Nature) Fervo Energy found that its wells can be used like a giant underground battery. (MIT Technology Review)

Kengo Kuma, Weiss Manfredi Architecture, Studio Gang and Why Architecture also reach second stage of Nelson-Atkins Museum of Art competitionRenzo Piano and Sainsbury Wing revamp designer Selldorf are among six practices which have been shortlisted in an international competition to expand a museum in Missouri.Kengo Kuma, Weiss Manfredi Architecture, Studio Gang and Why Architecture have also made it to the second round for the job at the Nelson-Atkins Museum of Art.The USD $170m expansion aims to transform the museum, in Kansas City, with new gallery and visitor spaces in order to attract more visitors.The free-to-enter museum currently consists of two main buildings set within a 22-acre sculpture park.It is known for its collection of over 42,000 art objects including Asian art, European and American paintings, photography, modern sculpture, and galleries dedicated to Native American, African, and Egyptian works.A first round of the competition launched last month saw entries from 182 teams hailing from 30 countries across six continents.The museum is set within a 22-acre sculpture parkCompetition director Malcolm Reading said the expanded second stage shortlist, which was originally intended to include five teams, represented outstanding credentials combined with creative leadership and forward-thinking.Nelson-Atkins museum director and chief executive Julin Zugazagoitia added: The invitation to envision our future was a call-out to creativity. Were at an invigorating moment for the museum. Though this is a complex project requiring deep analysis and rigour around the budget, all options are on the table. We want the finalist teams to make bold design moves and challenge the brief, while also respecting the existing museum spaces.Each finalist team will now be handed a USD $75,000 fee for their design work when the competition concludes with the selection of a winner in spring next year.The planned expansion encompasses approximately 61,000 square feet of new space and will include a part-renovation of the original Nelson-Atkins building. The project will integrate the museums Beaux Arts building, the 2007 Steven Holl-designed Bloch Building, and the Donald J. Hall Sculpture Park into a cohesive visitor experience.Key elements of the new additions will include a primary entrance, a photography centre, new exhibition galleries, learning spaces, a black box theatre for digital and immersive art, and a restaurant for indoor and outdoor dining.PostscriptRenzo Piano and Sainsbury Wing revamp designer Selldorf are among six practices which have been shortlisted in an international competition to expand a museum in Missouri.Kengo Kuma, Weiss Manfredi Architecture, Studio Gang and Why Architecture have also made it to the second round for the job at the Nelson-Atkins Museum of Art.The USD $170m expansion aims to transform the museum, in Kansas City, with new gallery and visitor spaces in order to attract more visitors.The free-to-enter museum currently consists of two main buildings set within a 22-acre sculpture park.It is known for its collection of over 42,000 art objects including Asian art, European and American paintings, photography, modern sculpture, and galleries dedicated to Native American, African, and Egyptian works.A first round of the competition launched last month saw entries from 182 teams hailing from 30 countries across six continents.Competition director Malcolm Reading said the expanded second stage shortlist, which was originally intended to include five teams, represented outstanding credentials combined with creative leadership and forward-thinking.Nelson-Atkins museum director and chief executive Julin Zugazagoitia added: The invitation to envision our future was a call-out to creativity. Were at an invigorating moment for the museum. Though this is a complex project requiring deep analysis and rigour around the budget, all options are on the table. We want the finalist teams to make bold design moves and challenge the brief, while also respecting the existing museum spaces.Each finalist team will now be handed a USD $75,000 fee for their design work when the competition concludes with the selection of a winner in spring next year.The planned expansion encompasses approximately 61,000 square feet of new space and will include a part-renovation of the original Nelson-Atkins building. The project will integrate the museums Beaux Arts building, the 2007 Steven Holl-designed Bloch Building, and the Donald J. Hall Sculpture Park into a cohesive visitor experience.Key elements of the new additions will include a primary entrance, a photography centre, new exhibition galleries, learning spaces, a black box theatre for digital and immersive art, and a restaurant for indoor and outdoor dining.