Amsterdam-headquartered Nebius, which builds full-stack AI infrastructure for tech firms, has secured $700mn in a private equity deal led by Nvidia, Accel, and asset manager Orbis.The funding comes in the form of a private placement when a company sells stocks directly to a private investor instead of on the public market. The deal will see Nebius issue 33.3 million Class A shares at $21 apiece.Nebius, which is the rebranded European arm of Russias Google, Yandex, is investing more than $1bn across Europe by mid-2025 as it seeks to cash in on booming demand for AI computing power. It also recently announced plans to build its first GPU cluster in the US. We have demonstrated the scale of our ambitions, initiating an AI infrastructure build-out across two continents, said Arkady Volozh, founder and CEO of Nebius. This strategic financing gives us additional firepower to do it faster and on a larger scale.Nebius expansion strategy includes constructing new custom data centres and expanding existing facilities, like its data centre in Finland which we visited in October. It will also deploy additional capacity through colocation.The of EU techThe latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!Volozh aims for Nebius to be a Phoenix rising from the ashes of what remained of Yandex following the companys divestment from Russia earlier this year. The $5.4bn deal constituted the largest corporate exit from the country since the start of Russias full-scale invasion of Ukraine over two years ago.Nebius core product is an AI-centric cloud platform for intense AI workloads. The company is also one of the launch partners for Nvidias fabled Blackwell GPUs, however, this investment does not guarantee that.The deal is not about the GPUs, Volozh told Bloomberg. But, of course, it shows our close relationship, which we hope will influence our pipeline.Investors are pouring huge sums of money into AI compute. The global AI infrastructure market size is projected to grow from $46.15bn in 2024 to $356.14bn by 2032, according to Fortune Business Insights. One competitor to Nebius, US firm CoreWeave, is preparing for an IPO that could put the company, founded in 2017, at a $35bn valuation. Story by Sin Geschwindt Sin is a climate and energy reporter at TNW. From nuclear fusion to escooters, he covers the length and breadth of Europe's clean tech ecos (show all) Sin is a climate and energy reporter at TNW. From nuclear fusion to escooters, he covers the length and breadth of Europe's clean tech ecosystem. He's happiest sourcing a scoop, investigating the impact of emerging technologies, and even putting them to the test. Sin has five years journalism experience and holds a dual degree in media and environmental science from the University of Cape Town, South Africa. Get the TNW newsletterGet the most important tech news in your inbox each week.Also tagged with

British startup SatVu has secured 20mn (24mn) to fuel the development of its hyper-accurate thermal imaging satellites that act like a thermometer for the whole planet.The cash injection includes 10mn (12mn) in equity from Spanish VC Adara Ventures and British tech-focused fund Molten Ventures. The remainder comes from an insurance payout, the startup said.The funding will propel the launch of two new satellites in its HotSat constellation, which are scheduled to liftoff next year. The probes HotSat-2 and HotSat-3 will replace HotSat-1, SatVus first satellite, launched in 2023. When HotSat-1 launched it was fitted with the worlds highest-resolution, commercial thermal sensor.The camera, developed in collaboration with the European Space Agency (ESA), could deliver thermal data at a 3.5-meter resolution. However, HotSat-1 suffered a major setback just six months into its mission when its sensor stopped functioning.I WANT THE BEST DEALThe satellite was working fantastically, the data was great and the customers were super-excited. To trip up now is deeply frustrating but weve proved the principle and that puts us in a really strong position for the future, Anthony Baker, SatVus founder and CEO, told BBC News at the time.With HotSat-2 and HotSat-3 and a fresh pot of funding SatVu looks to stage a comeback.Baker said the investment would help the startup accelerate its mission to deliver unparalleled thermal insights that empower industries and governments to take decisive climate action. The company eventually plans to deploy a constellation of at least eight thermal imaging probes.SatVus technology has been dubbed the worlds thermometer. It provides near real-time heat maps of the Earths surface. With applications spanning national security, infrastructure monitoring, and climate resilience, the startup claims its technology could guide more targeted climate action and policy decisions.Baker, a satellite expert, founded SatVu in 2016. Headquartered in London, the company mainly comprises a tight-knit team of Earth observation and aerospace specialists. SatVu has raised a total of 64mn (78mn) in funding to date.The latest investment is the first from Adara Ventures Energy Fund. The Madrid-based VC set up the fund this year to invest in cutting-edge technologies that accelerate the energy transition in Europe. The fund has a target size of 120mn. Story by Sin Geschwindt Sin is a climate and energy reporter at TNW. From nuclear fusion to escooters, he covers the length and breadth of Europe's clean tech ecos (show all) Sin is a climate and energy reporter at TNW. From nuclear fusion to escooters, he covers the length and breadth of Europe's clean tech ecosystem. He's happiest sourcing a scoop, investigating the impact of emerging technologies, and even putting them to the test. Sin has five years journalism experience and holds a dual degree in media and environmental science from the University of Cape Town, South Africa. Get the TNW newsletterGet the most important tech news in your inbox each week.Also tagged with

Apple has been slowly bringing its Vision Pro headset to more countries, with a recent expansion to South Korea and the United Arab Emirates. Now the company has just confirmed that Apple Vision Pro will soon be available in Taiwan in time for the holidays.Apple Vision Pro coming to TaiwanIn a press release on Apple Taiwans website, the company announced the launch of the Apple Vision Pro in the country on December 17 two weeks from now. Pre-orders will begin on Thursday, December 5, exclusively on Apples website. Apples homepage in Taiwan has just been updated to promote Vision Pro.Apple announced today that Apple Vision Pro will be launched in Taiwan, with reservations starting at 9 a.m. on December 5 (Thursday) and available on December 17 (Tuesday). Apple Vision Pro seamlessly integrates digital content and the physical world, providing a powerful spatial experience, and changing the way people work, cooperate, connect, revisit memories, enjoy entertainment and other activities, the company says.In Taiwan, Vision Pro starts at NT$119,900, which is around $3,670. In the US, the headset starts at $3,499 for the 256GB version. There are options with 512GB and 1TB storage as well. Just like in other countries, customers in Taiwan can buy optical inserts from ZEISS to use with Vision Pro.Similar to HomePod, the global rollout of Apple Vision Pro has been quite slow. In June, Apple launched the device in China, Japan, and Singapore. In July, Vision Pro arrived in Australia, Canada, France, Germany, and the UK.Apple Vision Pro has been considered a niche product. In a recent interview, Apple CEO Tim Cook acknowledged thatthe device is not a mass-market product. Areport fromThe Informationrevealed that Apple has enough inventory to meet the demand for Vision Pro for the foreseeable future. Analysts believe that Apple will have produced 600,000 units of the headset by the end of 2024.Add 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

WhatsApp, the popular instant messaging app from Meta, has been working on a lot of new features recently. However, at the same time, the platform has been gearing up to release an update that will drop support for some older iPhone models.WhatsApp to stop working on older iPhonesAs noted by WABetaInfo, the latest beta version of WhatsApp for iPhone introduces a message alert for some older iPhone models. More specifically, an update to be released in May 2025 will drop support for operating system versions prior to iOS 15.1. Currently, WhatsApp works with iOS 12 and later.Update to the latest version of iOS to continue using WhatsApp. WhatsApp will stop supporting this version of iOS after 5 May 2025. Please go to Settings > General, then tap Software Update to get the latest iOS version, the message reads.In other words, this means that WhatsApp will stop working on the following iPhones:iPhone 5siPhone 6iPhone 6 PlusWhatsApp still doesnt have an official iPad app, except for a beta version that is available to a few users on TestFlight. In this case, next years update will drop support for the first generation iPad Air, as well as the iPad mini 2 and 3. The current beta for iPad also requires iPadOS 12 or later.Developers usually drop support for older versions of iOS so that they can focus on supporting the latest versions with new and improved technologies. Furthermore, according to Apple, only 9% of all iPhones are still running a version prior to iOS 16.If you have a newer iPhone or iPad that for some reason still runs old software, make sure you update its software to keep using WhatsApp. However, if you have one of the devices listed above, youll probably have to buy a new phone.WhatsApp is available for free on the App Store.Add 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Ads inside ChatGPT may be on the horizon.Ad AgeThey're not copping to much yet, but recent hiring activity and wishy-washy statements make it seem an awful lot like OpenAI is planning to introduce ads into its suite of products like ChatGPT.As theFinancial Times reports, the company is hiring ad talent away from its big tech rivals like Google and Meta. And ad-oriented job listings at the company that the FT spotted on LinkedIn offer a similar sense.So far, even the free versions of OpenAI's products have remained ad-free. Of course, the company is currently swimming in money in the two years since its flagship chatbot dropped, OpenAI's valuation skyrocketed to $157 billion but amid reports of shrinking trafficand the extremely expensive nature of AI infrastructure, it may well be starting to feel the squeeze.If itdid start to put ads into ChatGPT, the formerly nonprofit OpenAI would be crossing a Rubicon of sleaziness; the obvious integration would be to jump on users asking things like "best air fryer" and then pointing them toward companies paying OpenAI for publicity, undermining the entire premise of an intelligent and objective AI-powered assistant.DraperGPTIn an interview with the FT, chief financial officer Sarah Friar candidly said the company had been weighing an ads model, though she declined to say when or where such ads would be released besides saying the company would be "thoughtful about when and where we implement them."A former mover and shaker for the likes of Nextdoor and Salesforce, Friar went on to point out that she and OpenAI chief product officer Kevin Weil who previously helmed ad-supported projects at Instagram and Twitter have a ton of ad experience."The good news with Kevin Weil at the wheel with product is that he came from Instagram," she told the outlet. "He knows how this works."Following the interview, however, Friar backtracked with an unconvincing reversal."Our current business is experiencing rapid growth and we see significant opportunities within our existing business model," she toldthe FT. "While were open to exploring other revenue streams in the future, we have no active plans to pursue advertising."As of now, of course, there's no confirmation of anything except internal talks about introducing ads into OpenAI products.Reading between the lines, however, it seems like the firm doing a bit more than brainstorming and that after-interview reversal makes the whole thing seem all the more likely to happen.More on OpenAI's interiority: OpenAI Implores Judge Not to Expose Communications by Its Top ResearchersShare This Article

A review by Columbia's Tow Center for Digital Journalism found that OpenAI's ChatGPT search a newer version of OpenAI's flagship chatbot designed to paraphrase web queries and provide links to proper sources is routinely mangling reporting from news outlets, including OpenAI "news partners" that have signed content licensing deals with the AI industry leader.According to the Columbia Journalism Review, the Tow Center's findings analyzed "two hundred quotes from twenty publications and asked ChatGPT to identify the sources of each quote." The chatbot's accuracy was mixed, with some responses providing entirely accurate attributions, others providing entirely incorrect attribution details, and others offering a blend of fact and fiction.ChatGPT's search function operates via web crawlers, which return information from around the web as bottled into AI-paraphrased outputs. Some publications, for example The New York Times which last year sued OpenAI and Microsoft for copyright violations have blocked OpenAI's web crawlers from rooting around their websites entirely by way of their robots.txt pages. Others, including OpenAI news partners that have signed licensing deals to give the AI company access to their valuable troves of journalistic material in exchange for cash, allow OpenAI's web crawlers to dig through their sites.Per the CJR, the Tow Center found that in cases where ChatGPT couldn't locate the correct source for a quote due to robots.txt restrictions, it would frequently resort to fabricating source material as opposed to informing the chatbot user that it couldn't find the quote or that it was blocked from retrieving it. More than a third of all ChatGPT replies returned during the review reportedly contained this type of error.But no one was spared not even publications that allow ChatGPT's web crawlers to sift through their sites. According to the review, ChatGPT frequently returned either fully incorrect or partially incorrect attributions for stories penned by journalists at OpenAI-partnered institutions. The same was true for publications not subject to OpenAI licensing deals, but that don't block the AI's crawlers.It's a terrible look for the AI-powered search feature, which OpenAI billed in a blog post last month as a tool that provides "fast, timely answers with links to relevant web sources," and has received praise from prominent media leaders for its purported potential to benefit journalists and news consumers."As AI reshapes the media landscape, Axel Springer's partnership with OpenAI opens up tremendous opportunities for innovative advancements," Mathias Sanchez, an executive at the OpenAI-partnered publisher Axel Springer, said in an October statement. "Together, we're driving new business models that ensure journalism remains both trustworthy and profitable." (According to the Tow Center's review, ChatGPT search frequently returned entirely inaccurate answers when asked to find direct quotes from the Axel Springer-owned publication Politico.)According to the CJR, the investigators also found that ChatGPT sometimes returned plagiarized news content in cases where the bot's crawlers were blocked by a publisher. We reported on the same phenomenon back in August, when we found that ChatGPT was frequently citing plagiarized versions of original NYT reporting published by DNyuz, a notorious Armenian content mill.The review further showed that ChatGPT search's ability to provide correct attributions for the same query is wildly unpredictable, with the bot often returning alternately inaccurate and accurate sourcing when given the same prompt multiple times.A spokesperson for OpenAI admonished the Tow Center's "atypical" testing method, adding that "we support publishers and creators by helping 250M weekly ChatGPT users discover quality content through summaries, quotes, clear links, and attribution.""We've collaborated with partners to improve in-line citation accuracy and respect publisher preferences, including enabling how they appear in search by managing OAI-SearchBot in their robots.txt," the spokesperson added. "We'll keep enhancing search results."The media industry is still largely powered by click-based ad revenue, meaning that the Tow Center's findings could be concerning on a business level. If ChatGPT continues to get things wrong, are licensing deals and subscriptions lucrative enough to make up for the loss in traffic? And zooming out, there's the issue of what machine-mangled inaccuracy does to the complicated, much-untrusted news and information landscape: should generative AI become internet users' primary method of finding and metabolizing news, can the public rely on web-surfing tools like ChatGPT search not to muddy the information landscape at large?That remains to be seen. But in the meantime, a word to the wise: if you're using ChatGPT search, you might want to triple-check that you know where its information is coming from.More on ChatGPT attributions: Amid New York Times Lawsuit, ChatGPT Is Citing Plagiarized Versions of NYT Articles on an Armenian Content MillShare This Article

Dec 03, 2024Ravie LakshmananMalware / Phishing AttackA newly discovered malware campaign has been found to target private users, retailers, and service businesses mainly located in Russia to deliver NetSupport RAT and BurnsRAT.The campaign, dubbed Horns&Hooves by Kaspersky, has hit more than 1,000 victims since it began around March 2023. The end goal of these attacks is to leverage the access afforded by these trojans to install stealer malware such as Rhadamanthys and Meduza."Recent months have seen a surge in mailings with lookalike email attachments in the form of a ZIP archive containing JScript scripts," security researcher Artem Ushkov said in a Monday analysis. "The script files [are] disguised as requests and bids from potential customers or partners."The threat actors behind the operations have demonstrated their active development of the JavaScript payload, making significant changes during the course of the campaign.In some instances, the ZIP archive has been found to contain other documents related to the organization or individual being impersonated so as to increase the likelihood of success of the phishing attack and dupe recipients into opening the malware-laced file.One of the earliest samples identified as part of the campaign is an HTML Application (HTA) file that, when run, downloads a decoy PNG image from a remote server using the curl utility for Windows, while also stealthily retrieving and running another script ("bat_install.bat") from a different server using the BITSAdmin command-line tool.The newly downloaded script then proceeds to fetch using BITSAdmin several other files, including the NetSupport RAT malware, which establishes contact with a command-and-control (C2) server set up by the attackers.A subsequent iteration of the campaign observed in mid-May 2023 involved the intermediate JavaScript mimicking legitimate JavaScript libraries like Next.js to activate the NetSupport RAT infection chain.Kaspersky said it also found another variant of the JavaScript file that dropped an NSIS installer that's then responsible for deploying BurnsRAT on the compromised host."Although the backdoor supports commands for remotely downloading and running files, as well as various methods of executing commands via the Windows command line, the main task of this component is to start the Remote Manipulator System (RMS) as a service and send the RMS session ID to the attackers' server," Ushkov explained."RMS is an application that allows users to interact with remote systems over a network. It provides the ability to manage the desktop, execute commands, transfer files and exchange data between devices located in different geographic locations."In a sign that the threat actors continued to tweak their modus operandi, two other attack sequences spotted in late May and June 2023 came with a completely reworked BAT file for installing NetSupport RAT and incorporated the malware directly within the JavaScript code, respectively.There are indications that the campaign is the work of a threat actor known as TA569 (aka Gold Prelude, Mustard Tempest, and Purple Vallhund), which is known for operating the SocGholish (aka FakeUpdates) malware. This connection stems from overlaps in the NetSupport RAT license and configuration files used in respective activities.It's worth mentioning that TA569 has also been known to act as an initial access broker for follow-on ransomware attacks such as WastedLocker."Depending on whose hands this access falls into, the consequences for victim companies can range from data theft to encryption and damage to systems," Ushkov said. "We also observed attempts to install stealers on some infected machines."Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

Ever wonder what happens in the digital world every time you blink? Here's something wild - hackers launch about 2,200 attacks every single day, which means someone's trying to break into a system somewhere every 39 seconds.And get this - while we're all worried about regular hackers, there are now AI systems out there that can craft phishing emails so convincingly, that even cybersecurity experts have trouble spotting them. What's even crazier? Some of the latest malware is like a digital chameleon - it literally watches how you try to catch it and changes its behavior to slip right past your defenses.Pretty mind-bending stuff, right? This week's roundup is packed with eye-opening developments that'll make you see your laptop in a whole new light. Threat of the WeekT-Mobile Spots Hackers Trying to Break In: U.S. telecom service provider T-Mobile caught some suspicious activity on their network recently - basically, someone was trying to sneak into their systems. The good news? They spotted it early and no customer data was stolen. While T-Mobile isn't pointing fingers directly, cybersecurity experts think they know who's behind it - a hacking group nicknamed 'Salt Typhoon,' which apparently has ties to China. What makes this really interesting is that these hackers have a brand new trick up their sleeve: they're using a previously unknown backdoor tool called GHOSTSPIDER. Think of it as a skeleton key that no one knew existed until now. They've been using this same tool to target telecom companies across Southeast Asia. Top NewsPrototype UEFI Bootkit Targeting Linux Detected: Bootkits refer to a type of malware that is designed to infect a computer's boot loader or boot process. In doing so, the idea is to execute malicious code before even initializing the operating system and bypass security measures, effectively granting the attackers absolute control over the system. While bootkits discovered to date have only targeted Windows machines, the discovery of Bootkitty indicates that it's no longer the case. That said, it's assessed to be a proof-of-concept (PoC) and there is no evidence that it has been put to use in real-world attacks.Avast Anti-Rootkit Driver Used to Disarm Security Software: A new malware campaign is leveraging a technique called Bring Your Own Vulnerable Driver (BYOVD) to obtain elevated privileges and terminate security-related processes by making use of the legitimate Avast Anti-Rootkit driver (aswArPot.sys). The exact initial access vector used to drop the malware is currently not clear. It's also not known what the end goal of these attacks are, who are the targets, or how widespread they are.RomCom Exploits Mozilla Fire and Windows 0-Days: The Russia-aligned threat actor known as RomCom chained two zero-day security flaws in Mozilla Firefox (CVE-2024-9680, CVSS score: 9.8) and Microsoft Windows (CVE-2024-49039, CVSS score: 8.8) as part of attacks designed to deliver the eponymous backdoor on victim systems without requiring any user interaction. The vulnerabilities were fixed by Mozilla and Microsoft in October and November 2024, respectively.LockBit and Hive Ransomware Operator Arrested in Russia: Mikhail Pavlovich Matveev, a Russian national who is wanted in the U.S. in connection with LockBit and Hive ransomware operations, has been arrested and charged in the country for developing malicious programs that can encrypt files and for seeking ransom payments in exchange for a decryption key. While he is unlikely to be extradited to the U.S., the development comes a little over a month after four members of the now-defunct REvil ransomware operation were sentenced to several years in prison in Russia.New Botnet Linked to DDoS Campaign: A script kiddie likely of Russian origin has been using publicly available malware tools from GitHub and exploits targeting weak credentials, configurations, and known security flaws to assemble a distributed denial-of-service (DDoS) botnet capable of disruption on a global scale. The threat actor has established a store of sorts on Telegram, where customers can buy different DDoS plans and services in exchange for a cryptocurrency payment. Trending CVEsWe've spotted some big security issues in popular software this week. Whether you're running a business or just managing a personal site, these could affect you. The fix? Keep your software updated. Most of these problems are solved with the latest security patches from the vendors.The list includes:: CVE-2024-11680 (ProjectSend), CVE-2023-28461 (Array Networks AG and vxAG), CVE-2024-10542, CVE-2024-10781 (Spam protection, Anti-Spam, and FireWall plugin), CVE-2024-49035 (Microsoft Partner Center), CVE-2024-49806, CVE-2024-49803, CVE-2024-49805 (IBM Security Verify Access Appliance), CVE-2024-50357 (FutureNet NXR routers), CVE-2024-52338 (Apache Arrow R package), CVE-2024-52490 (Pathomation), CVE-2024-8672 (Widget Options The #1 WordPress Widget & Block Control plugin), CVE-2024-11103 (Contest Gallery plugin), CVE-2024-42327 (Zabbix), and CVE-2024-53676 (Hewlett Packard Enterprise Insight Remote Support). Around the Cyber WorldFive Unpatched NTLM Flaws Detailed: While Microsoft may have confirmed its plans to deprecate NTLM in favor of Kerberos, the technology continues to harbor security weaknesses that could enable attackers to obtain NTLM hashes and stage pass-the-hash attacks that allow them to authenticate themselves as a victim user. Cybersecurity firm Morphisec said it identified five significant NTLM vulnerabilities that could be exploited to leak the credentials via Malicious RTF Document Auto Link in Microsoft Word, Remote Image Tag in Microsoft Outlook, Remote Table Refresh in Microsoft Access, Legacy Player Files in Microsoft Media Player, and Remote Recipient List in Microsoft Publisher. Microsoft has acknowledged these flaws but noted that they are either by design or do not meet the bar for immediate servicing. It's recommended to restrict NTLM usage, enable SMB signing and encryption, block outbound SMB connections to untrusted networks, and switch to Kerberos-only authentication.Raspberry Robin's Anti-Analysis Methods Revealed: Cybersecurity researchers have detailed the several binary-obfuscation and techniques Raspberry Robin, a malware downloader also known as Roshtyak, has incorporated to fly under the radar. "When Raspberry Robin detects an analysis environment, it responds by deploying a decoy payload to mislead researchers and security tools," Zscaler ThreatLabz said. "Raspberry Robin is protected and unwrapped by several code layers. All code layers use a set of obfuscation techniques, such as control flow flattening and Mixed Boolean-Arithmetic (MBA) obfuscation." Obfuscation and encryption have also been hallmarks of another malware family tracked as XWorm, highlighting the threat actor's ability to adapt and bypass detection effects. The disclosure comes as Rapid7 detailed the technical similarities and differences between AsyncRAT and Venom RAT, two open-source trojans that have been widely adopted by several threat actors over the years. "While they indeed belong to the Quasar RAT family, they are still different RATs," it noted. "Venom RAT presents more advanced evasion techniques, making it a more sophisticated threat."BianLian Ransomware Shifts to Pure Extortion: U.S. and Australian cybersecurity agencies have revealed that the developers of the BianLian ransomware are likely based in Russia and that they "shifted primarily to exfiltration-based extortion around January 2023 and shifted to exclusively exfiltration-based extortion around January 2024." The change follows the release of a free BianLian decryptor in early 2023. Besides using PowerShell scripts to conduct reconnaissance, the attacks are notable for printing ransom notes on printers connected to the compromised network and placing threatening calls to employees of the victim companies to apply pressure. According to data collected by Corvus, RansomHub, Play, LockBit 3.0, MEOW, and Hunters International have accounted for 40% of all attacks observed in Q3 2024. A total of 1,257 victims were posted on data leak sites, up from 1,248 in Q2 2024. "The number of active ransomware groups increased to 59, continuing the trend of new groups entering the landscape, with activity overall becoming more distributed across numerous smaller groups," the company said.VietCredCare and Ducktail Campaigns Compared: Both VietCredCare and Ducktail are information stealers that are specifically designed to target Facebook Business accounts. They are believed to be operated by threat actors within Vietnam. A law enforcement exercise undertaken by Vietnamese law enforcement agencies in May 2024 led to the arrest of more than 20 individuals likely involved in these activities, resulting in a substantial reduction in campaigns distributing VietCredCare. However, Ducktail-related campaigns appear to be ongoing. "While both target Facebook business accounts, they differ significantly in their code structures," Group-IB said. "Threat actors use different methods of malware proliferation and approaches to monetizing stolen credentials. This makes us think that the operators behind both campaigns are not related to each other." Despite these differences, it has been discovered that the threat actors behind the different malware families share the same Vietnamese-speaking communities to sell the stolen credentials for follow-on malvertising campaigns.CyberVolk, a Pro-Russian Hacktivist Collective Originating from India: The threat actors behind CyberVolk (aka GLORIAMIST) have been observed launching ransomware and DDoS attacks against public and government entities that it perceives as opposed to Russian interests. It's allegedly led by a threat actor, who goes by the online alias Hacker-K. But it's unclear where the group is currently based or who its other members are. Since at least May 2024, the group has been found to quickly embrace and modify existing ransomware builders such as AzzaSec, Diamond, Doubleface (aka Invisible), LockBit, Chaos, and Babuk to launch its attacks. It's worth noting that the source code of AzzaSec and Doubleface have suffered leaks of their own in recent months. "Additionally, CyberVolk has promoted other ransomware families like HexaLocker and Parano," SentinelOne said, while distributing info stealer malware and webshells. "These groups and the tools they leverage are all closely intertwined." As of early November 2024, CyberVolk has had its Telegram channel banned, prompting it to shift to X. Expert Webinar Building Secure AI AppsNo More Guesswork AI is taking the world by storm, but are your apps ready for the risks? Whether it's guarding against data leaks or preventing costly operational chaos, we've got you covered. In this webinar, we'll show you how to bake security right into your AI apps, protect your data, and dodge common pitfalls. You'll walk away with practical tips and tools to keep your AI projects safe and sound. Ready to future-proof your development game? Save your spot today! Protect What Matters Most: Master Privileged Access Security Privileged accounts are prime targets for cyberattacks, and traditional PAM solutions often leave critical gaps. Join our webinar to uncover blind spots, gain full visibility, enforce least privilege and Just-in-Time policies, and secure your organization against evolving threats. Strengthen your defensesregister now! Cybersecurity ToolsSigma Rule Converter An open-source tool that simplifies translating Sigma rules into query formats compatible with various SIEM systems like Splunk and Elastic. Ideal for threat hunting, incident response, and security operations, it streamlines integration, ensures rapid deployment of updated detection rules, and supports multiple backends via pySigma. With its user-friendly interface and regular updates, it enables security teams to adapt quickly to evolving threats.CodeQL Vulnerability Detection Tool: CodeQL is a powerful tool that helps developers and security researchers find bugs in codebases like Chrome. It works by creating a database with detailed information about the code, allowing you to run advanced searches to spot vulnerabilities. Pre-built Chromium CodeQL databases make it easy to dive into Chrome's massive codebase of over 85 million lines. With its ability to track data flow, explore code structures, and detect similar bugs, CodeQL is perfect for improving security. Google's collaboration with the CodeQL team ensures continuous updates for better performance. Tip of the WeekYour Screenshots Are Secretly Talking Behind Your Back Every screenshot you share could reveal your device info, location, OS version, username, and even internal system paths without your knowledge. Last month, a tech company accidentally leaked their project codenames through screenshot metadata! Here's your 30-second fix: On Windows, right-click Properties Details Remove Properties before sharing. Mac users can use Preview's export feature (uncheck "More Options"), while mobile users should use built-in editing tools before sharing. For automation, grab ImageOptim (free) - it strips metadata with a simple drag-and-drop. Quick verification: Upload any screenshot to exif.app and prepare to be surprised at how much hidden data you've been sharing. Pro tip: Create a designated 'sanitized screenshots' folder with automated metadata stripping for your sensitive work-related captures. Remember, in 2023, screenshot metadata became a primary reconnaissance tool for targeted attacks - don't let your images do the attackers' work for them.ConclusionSo here's the thing that keeps security folks up at night - some of today's smartest malware can actually hide inside your computer's memory without ever touching the hard drive (spooky, right?). It's like a ghost in your machine.But don't worry, it's not all doom and gloom. The good guys are cooking up some seriously cool defenses too. Think AI systems that can predict attacks before they happen (kind of like Minority Report, but for cyber crimes), and new ways to encrypt data that even quantum computers can't crack. Wild stuff!Before you head back to your digital life, remember this fun fact: your smartphone today has more computing power than all of NASA had when they first put humans on the moon - and yes, that means both the good guys and the bad guys have that same power at their fingertips. Stay safe out there, keep your updates running, and we'll see you next week with more fascinating tales from the cyber frontier.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

I just dont getStar Wars anymore.Sure, I understand the stories, the mythos, the lore. But the overall direction of this franchise increasingly baffles me. The latest head-scratcher isSkeleton Crew, a newDisney+ streaming series series co-created by Jon Watts. His involvement, at least, I get. Watts directed the three hugely successful Tom Holland Spider-Man films, and he seems to have a very good handle oncraftingbroadly popular entertainments.He alsoelicitedvery strong performances out of an ensemble of relatively young actors. That was also true of Watts pre-Spider-Man film,Cop Car, which shares a little DNA withSkeleton Crewas well including its co-creator, Christopher Ford, who co-wrote Cop Car with Watts. TheirStar Wars show is a sort of Amblinesque Goonies In Space concept. A group of four rambunctious kidsinadvertently wind up on a spaceship lightyears from their peaceful planet with no way to figure out how to get back home. Their only hope is a man named Jod Na Nawood (Jude Law), who appears to know the Force and might be a Jedi ... or could be a con manexploiting these naive children for his own gain.SKELETON CREWLucasfilmloading...READ MORE: 25 Movies With Very Surprising Letterboxd ScoresStar Warshas always resonated with younger audiences, so making a series aimed at kids makes sense. And based on his resume, Watts makes sense as one of its primary creative forces. (Cop Car even had a very similar concept toSkeleton Crew, with a couple of troublemaking kids taking a police cruiser for a joyride, only to be chased by the cars amoral owner.)Ive got two kids at home who Ive Star Wars.On paper,Skeleton Crew seemed like the right show to do that.But then first episode opens with a very intense space battle. Ships are invaded, aliens get their eyeballszapped out, space pirates get blasted into oblivion. Okay ... so Skeleton Crew is a show about kids, but not necessarily for kids?Not quite. After the surprisingly violent opening, the show settles down into more familiar childrens entertainment territory. The scares vanish, at least for the first few episodes. Young Wim (Ravi Cabot-Conyers) lives with his overworked single dad (Tunde Adebimpe)on a boring planet that looks likeStar Warsmeets thesuburbs; endless streets of identical houses and manicured lawns,plus the occasional friendly domestic droid. Wim craves adventure and one day when hes late to school he finds one: Something buried in the forest near his home.SKELETON CREWLucasfilmloading...He convinces hiselephantine alien buddy Neel (Robert Timothy Smith) to investigate further, buttwo more rule-flouting kids Fern (Ryan Kiera Armstrong) and KB (Kyriana Kratter) start sniffing around too, and they want their own cut of thepotential buried treasure. Reluctantly, the two pairs agree to explore their mysterious discovery together.Ill let yousee for yourself how the foursome winds up in space and then how they encounter Laws character, who is far and away the most interesting presence in the series. Jod Na Nawood dresses a little like Lando Calrissian, swaggers a little like the young Han Solo, and I genuinely cant tell whether his Force powers are legit or a total put-on. Thats a good thing; the character keeps the viewer guessing and keeps you curious enough about his backstory to keep tuning in to future episodes.But here isanother inexplicable thing I cannot explain. Aside from a brief appearance in the violent prologue, Laws character basically doesnt show uponscreen until the third of the seasons eight episodes. Leaving your most compelling hero (or villain???) off-camera for a quarter of your series ... kind of an odd choice.STAR WARS: SKELETON CREWLucasfilmloading...Without Law, those first two episodes can be a slog, with hokey subplotsabout how tests and teachers are boring, and parents just dont understand, even in a galaxy far, far away. And theSkeleton Crew kids (and Wim especially, the nominal series lead) come across as less brave than willfully bullheaded. They dont just stumble into an adventure; they make a series of decisions they are actively toldnotto take, and then when they go badly, they insistthe consequences are not their fault.Maybe the shows younger audience wont mind that provided they make it through that intense opening sequence. The showdoesget better when Jude Law shows up. Otherwise, Skeleton Crewdoes little to erase the memory of the disappointingThe Acolyte, which Lucasfilm has reportedly already canceled after just one season (and several massive unresolved cliffhangers). And The AcolytefollowedAhsoka, whichfelt like a shownarrowcasted to fans ofClone Wars andRebelsto the exclusion of everyone else.Now heresSkeleton Crew, a show with moments that are too dark for kids and too infantile for adults. I really enjoyedThe Force AwakensandThe Last Jedi, and the first couple of seasons ofThe Mandalorian hold up really well. Lately, though, whenever I watchStar Wars, Im just confused.Like the kids ofSkeleton Crew, thisfranchise seems to have no idea where its going.The first two episodes of Skeleton Crew premiere on Disney+ on December 3. New episodes follow weekly.Get our free mobile appActors Who Were Wasted in Star Wars RolesThese wonderful stars have appeared in Star Wars movies and shows, but only in parts so small they left us disappointed.

Time zones: EST (UTC -5), CST (UTC -6), MST (UTC -7), ART (UTC -3), UTC -4, UTC -4:30, UTC -3, UTC -2About Us:At Loop Support, we specialize in connecting businesses with exceptional customer support specialists. We believe in smart, kind-hearted professionals who love to learn and grow. If you have a passion for helping others and enjoy solving problems, we want to hear from you!Responsibilities:Respond to customer inquiries and complaints via phone, email, and chat.Provide detailed information about products and services.Troubleshoot and resolve product issues and concerns promptly.Maintain a positive and professional attitude with all customer interactions.Document customer interactions and solutions accurately.Qualifications:Excellent written and verbal communication skills in English and Spanish. (Required)Stable internet connection and a reliable computer setup. (Required)Based in LATAM (Required)Ability to work independently in a distraction-free home office.A positive and professional attitude with a customer-first mindset.Previous experience in customer support is a plus, but not required.Strong problem-solving skills and ability to think on your feet. Related Jobs See more Customer Support jobs