When asked to predict the top interior design trends for 2025, many ELLE DECOR A-List designers cited similar themes, including wellness, relaxation, and comfort. And at the end of a contentious election year, these are fitting buzzwords. People are seeking spaces within their homes that let them recharge, interior designer Brigette Romanek puts it simply. Really, we all just want to live in spaces that help us feel good again.After analyzing millions of their real estate listings, Zillow came to the same conclusion: Mentions of the word cozy have increased by 35 percent compared to last year, while nostalgia appeared 14 percent more often. Homeowners and buyers today are looking to the past to create a sense of warmth, character, and comfort in even the most high-tech environments, explains Amanda Pendleton, Zillows home trends expert.Pendleton also noted that energy-efficient electric features are on the rise. Technology has enabled homeowners to live more sustainably and more affordably, which is a growing priority for prospective buyers, Pendleton says. Regarding sustainability, designers agree. According to 1stdibs annual trend survey, which reached 643 interior designers this year, 43 percent say their projects are expected to have some sustainability requirement in 2025. Consumers are becoming more discerning about how long products will last and how theyre made, says founder of Parisbased firm Uchronia, Julien Sebban. And as much as the next years designs will be focused on protecting the earth, they will also be inspired by its grounding qualities, with tones and materials taking a cue directly from the natural world. What does this mean for 2025? Read on to find out how the focus of the year to come will be on crafting homes that are nurturing, enduring, and a little bit unexpected.At-Home Wellness Spaces Joe SchmelzerIn this Malibu house, an exciting combination of lighting and paint turns the bathroom into Mediterranean grotto. One theme several designers agreed upon was a growing emphasis on physical and mental well-being at home. Clients continue to ask for wellness areasspas, gyms, says designer Nicole Hollis, who fields requests for water circuits, sauna steam rooms, and cold plunges.Romanek points out that the trend doesnt always require a sprawling footprint. I think well continue to see more requests for places that feel private and personal, like a quiet reading nook or a wellness room where you can just breathe and unwind. Sebban agrees, adding, even meditation alcoves can serve as sanctuaries within the home.Even More Clay and CeramicsMatthew WilliamsThe powder room in this happy Wisconsin hideaway, designed by Victoria Sass of Prospect Refuge Studio, features custom ceramic tiles by Clay Squared to Infinity arranged in a checked pattern.The use of ceramics and clay shows no signs of slowing down, as designers continue to embrace their organic appeal. Ceramic lighting, tables, fireplace surrounds, and mirrors will continue to be incorporated into interiors, says Hollis. Sebban echoes this enthusiasm, highlighting a broader embrace of natural materials. Clay-based products and natural plasters are being rediscovered for their tactile appeal and environmental benefits, he notes. Amped Up Earth TonesRich StapletonJust like 2024, brown will continue to have a major moment in 2025, offering endless versatility and a connection to nature that feels just right for the times. There are so many shades to play with, and it can act as a soft neutral or a rich moody tone, says Night Palm founder Tiffany Howell. Brown is timeless. Its always been a grounding color, Romanek shares. Im seeing clay-toned browns coming through, which bring a bit of natural warmth and feel very connected to the earth.In addition to brown hues, earth tones are set to dominate interiors in 2025. Shades like deep burgundy, navy blue, saturated greens, and terracotta will be prominent, adding depth and sophistication to spaces, says Hollis.Soft greens and muted blues are becoming very popular, as these colors are associated with wellness and a sense of calm, Sebban offers, predicting that darker earth tones, like chestnut brown and moss green, will crop up in both residential and commercial spaces.Rita Konig agrees. Im very drawn to a palette of sienna colorsochre yellow, warm orangethe colors of the earth, she says. And I think warm blues will be popular next year because they are timeless. I painted my own hall a really warm blue thats the color of a good skyits a color that makes me happy.A Return to Classic FurnitureGiulio GhirardiIn a Paris apartment designed by Pierre Yovanovitch, the living rooms sofa and ball cushions are by Pierre Yovanovitch Mobilier.Im predicting a return to the classics when it comes to furnitureless curved sofas, more structure. Less boucle, more patterns, says Jeremiah Brent. Modern minimalism will take more of a backseat across the board.Meanwhile, some designers are reimagining minimalism through a classic, historical lens. More minimal Art Deco rooms, minimal Colonial American rooms, and minimal formal, French rooms, explain Adam Charlap Hyman and Andre Herrero, founders of Charlap Hyman & Herrero.Artful LightingAdrian GautIn a Manhattan residence designed by Nannette Brown, the living room features varying lighting sources at differing levels. Clients are increasingly drawn to pieces that are more than just functionalthey want statement pieces that shape the entire room, says Romanek. For me, lighting brings everything together and can set the tone in a way few other elements can.Dynamic designs are redefining lightings role. Were seeing minimalist fixtures with sculptural formsthink lighting that doubles as art, notes Sebban. Howell agrees, noticing a shift toward unconventional approaches. I think we are going to see people using the lighting in their home in less traditional ways and more as playful art pieces.Nods to Nature Richard FoulserHere, Nate Berkus and Jeremiah Brents beach house features a holly olive tree in an old Indonesian limestone planter, alongside rocks from the surrounding area. Natural materials bring warmth and texture, says Romanek. Clients are gravitating toward stones, woods, and natural fibers. I love the feel of raw, untreated materials that age beautifully, giving spaces a sense of history and grounding.Designers are also embracing natural finishes in creative ways. Verdigris everything! In furniture and accessories; indoors and out, Brent emphasizes.Sebban highlights the importance of bringing the outdoors in. Integrating nature into the built environment is more important than ever, especially in urban settings, he offers. This could mean larger indoor plants, living walls, or even natural materials like stone, wood, and clay. I love to use lava stone or marble stucco.A Focus on ComfortKaryn MilletIn the dining nook of this sunny Los Angeles home, playful wallpaper, plush blue upholstery, and animal-print cushions make for the coziest spot for a cuppa joe.Comfort may be a bit of a dirty word in the design trade, but A-Listers are embracing it, whether through spaces designed to add ease to daily rituals or through silhouettes that are more laidback. Breakfast nooks have become a constant requesta space that feels more casual than a dining room but more intentional than barstools at a countertop, says Brent. I always incorporate performance fabrics and a banquette to create an elevated but easy feel.This balance of elegance and ease is also reflected in living rooms. Were seeing shapes that invite comfort and a softer, more relaxed environment, Sebban reflects. While Howell adds that shes seeing more soft, comfortable materials gaining traction.Individualistic InteriorsAdrian GautIn this Toronto home designed by Kelly Wearstler, a small room is transformed into a library, fitted with bookshelves and a custom table. Overwhelmingly, designers are prioritizing personal expression. More than ever before, I am seeing clients lean into individualistic interiorsa style that fits their lifestyle over trends, says Howell. We are revisiting eclecticism in a less bohemian, maximalistic way.This shift toward personalized design also draws inspiration from groundbreaking movements of the past. At Uchronia, we are deeply inspired by the Memphis Group and the Italian Radical Design movement, which challenged conventions and created spaces and objects that were full of color, humor, and experimentation, explains Sebban. They resonate with us because they emphasize freedom of expression, breaking norms, and embracing the unexpected.Individuality will always set your space apart, adds Kelly Wearstler. How do your interiors, music, fragrance, fashion, and art collections connect? That is the question everyone should be asking of themselves going into 2025. This is where you will find your style.

Looking for stocking stuffers or getting a head start on goals for 2025? If youre an iPhone and Apple Watch user, these budget-friendly fitness accessories are sure to enhance anyones experience without breaking the bank. more

iOS 18.2 is set to be released to everyone as soon as this week. The update comes with big changes for iPhone users, including new Apple Intelligence features, upgrades to the Find My app, and changes to the Photos app. After you update to iOS 18.2, youll see an entirely new app on your iPhones Home Screen: Image Playground. Heres what it isWhat is Image Playground? Image Playground is one of the new Apple Intelligence features included with iOS 18.2. The app allows you to generate fun, playful images based on text descriptions, people in your Photos library, and more. The photos are generated right on your iPhone or iPad, unlike other platforms where images are generated in the cloud. Apple explains: With Image Playground, users can create fun images in seconds, choosing from three styles: Animation, Illustration, or Sketch. Image Playground is easy to use and built right into apps including Messages. Its also available in a dedicated app, perfect for experimenting with different concepts and styles. All images are created on device, giving users the freedom to experiment with as many images as they want.In the Image Playground app, you can choose an image from your Photos library as a starting point. You can create pictures based on yourself or other people in your library. You can customize that image by using text descriptions, letting you create infinite combinations of custom images. You can choose from various themes, places, costumes, and accessories as you create your image. These suggestions are curated by Apple editors and are meant to inspire your custom images. The pictures generated by Image Playground are not photorealistic. Instead, you can choose from two different styles: animation and illustration. When you generate an image, you can swipe through multiple previews and pick the one you like best. In addition to being available as a standalone app, Image Playground is integrated into multiple other places on your iPhone. For instance, you can find it in the Messages app for easy access. It will also be built into apps like Keynote, Pages, and Freeform. Theres also an API available to let third-party developers integrate Image Playground into their apps. iOS 18.2 devicesiOS 18.2 is supported on all devices capable of running iOS 18. However, Apple Intelligence features, including the new Image Playground app, are only available on the iPhone 15 Pro, iPhone 15 Pro Max, iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max. Wrap up iOS 18.2 is expected to be released to everyone this week. In the meantime, are you planning to use the new Apple Intelligence features when theyre released? Will the Image Playground app remain on your iPhones Home Screen? Let us know in the comments. My favorite iPhone accessories: Add 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

"It had to be done."Impact StatementThe suspected killer of UnitedHealthCare CEO Brian Thompson was reportedly carrying a several-page document when he was arrested and though its contents are just starting to trickle out, they hold the promise of fleshing out the worldview that drove him to murder a healthcare CEO in broad daylight.A police official who'd viewed the document found with suspect Luigi Mangione told CNN that it was two pages long and included the phrase "these parasites had it coming.""I do apologize for any strife and trauma," the missive reportedly reads, "but it had to be done."As theDaily Beast noted based on CNN's on-air reporting about the pages found on Mangione, the document also claimed that protest was ineffective and that violence was the only answer a claim echoed in his four-star Goodreads review of the Unabomber manifesto."Peaceful protest is outright ignored, economic protest isn't possible in the current system," the suspect wrote in the January review, "so how long until we recognize that violence against those who lead us to such destruction is justified as self-defense[?]"Manifesto of InterestDescribed to the New York Times as a handwritten "manifesto" against the healthcare industry, the document is said to speak to the mindset of the 26-year-old suspect. Police also told the NYT that Mangione is now considered a "strong person of interest" in light of the new evidence.Mangione, a prep school valedictorian and Ivy League graduate, was captured by police in Altoona, Pennsylvania earlier on Monday. His arrest followed a days-long manhunt for Thompson's suspected assassin that included the deployment of drones, scuba divers, and K-9 units.As digital sleuths discovered soon after Mangione's name was released, the young man's social media accounts contain a wealth of information about his worldview, which seems to have morphed from disgruntled academic to angry manarchist over the course of this year before dropping off completely months before the killing.This entire debacle has been incredibly dramatic and as we learn more about law enforcement's primary suspect, we're likely in for a few more shocks.More on the murder of Brian Thompson: Bill Burr: Murdered Insurance CEO Was a "Gangster"Share This Article

We now know who police have in custody for the murder of UnitedHealthCare CEO Brian Thompson and digital sleuths have already found his Goodreads account.Indeed, a perusal of 26-year-old suspect Luigi Mangione's apparent Goodreads page shows that his favorite books include Aldous Huxley's "Brave New World," Ashlee Vance's 2017 biography of Elon Musk, and incredibly "The Lorax" by Theodor Seuss Geisel,better known as Dr. Seuss.Along with that strange trifecta, the thirst-inspiring person of interestalso listed books about artificial intelligence and Big Data as some of his faves, rounded out with self-help drek about forming better habits and attaining "the ultimate male body."Outside of his favorites page, the onetime high school valedictorian and Ivy League graduate also gave a four-star review to Unabomber Ted Kaczynski's manifesto, "Industrial Society and Its Future.""He was a violent individual rightfully imprisoned who maimed innocent people," the young suspect wrote in his review of the infamous document. "While these actions tend to be characterized as those of a crazy luddite, however, they are more accurately seen as those of an extreme political revolutionary.""When all other forms of communication fail, violence is necessary to survive," Mangione continued. "You may not like his methods, but to see things from his perspective, it's not terrorism, it's war and revolution."Among his favorite quotes, which the Amazon-owned social network allows users to select and show on their profiles, is another telling missive from Yuval Noah Harari, the author of "Sapiens: A Brief History of Humankind.""How many young college graduates have taken demanding jobs in high-powered firms, vowing that they will work hard to earn money that will enable them to retire and pursue their real interests when they are thirty-five?" the Harari quote reads. "But by the time they reach that age, they have large mortgages, children to school, houses in the suburbs that necessitate at least two cars per family, and a sense that life is not worth living without really good wine and expensive holidays abroad."Paired with close reads of his other social media accounts and excerpts from his own manifesto, Mangione seems very much like a lot of young men his age: intelligent but disaffected, struggling to figure out his place in the world, and interested in what it means to be a man in a changing world.Put together, those positions may have radicalized him but just hours ago, we'd never have anticipated that the then-anonymous killer was a fan of Elon Musk and Richard Dawkins.More on the Thompson murder: Health Insurance Companies Pull Down Information About Executives After Assassination of CEOShare This Article

Dec 09, 2024Ravie LakshmananThreat Intelligence / MalwareThe threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as Zbot and DarkGate since early October 2024."Users within the target environment will be email bombed by the threat actor, which is often achieved by signing up the user's email to numerous mailing lists simultaneously," Rapid7 said. "After the email bomb, the threat actor will reach out to the impacted users."As observed back in August, the attackers make initial contact with prospective targets on Microsoft Teams, pretending to be support personnel or IT staff of the organization. In some instances, they have also been observed impersonating IT staff members within the targeted organization.Users who end up interacting with the threat actors are urged to install legitimate remote access software such as AnyDesk, ScreenConnect, TeamViewer, and Microsoft's Quick Assist. The Windows maker is tracking the cybercriminal group behind the abuse of Quick Assist for Black Basta deployment under the name Storm-1811.Rapid7 said it also detected attempts made by the ransomware crew to leverage the OpenSSH client to establish a reverse shell, as well as send a malicious QR code to the victim user via the chats to likely steal their credentials under the pretext of adding a trusted mobile device.However, cybersecurity company ReliaQuest, which also reported on the same campaign, theorized the QR codes are being used to direct users to further malicious infrastructure.The remote access facilitated by the installation of AnyDesk (or its equivalent) is then used to deliver additional payloads to the compromised host, including a custom credential harvesting program followed by the execution of Zbot (aka ZLoader) or DarkGate, which can serve as a gateway for follow-on attacks."The overall goal following initial access appears to be the same: to quickly enumerate the environment and dump the user's credentials," Rapid7 security researcher Tyler McGraw said."When possible, operators will also still attempt to steal any available VPN configuration files. With the user's credentials, organization VPN information, and potential MFA bypass, it may be possible for them to authenticate directly to the target environment."Black Basta emerged as an autonomous group from the ashes of Conti in the wake of the latter's shutdown in 2022, initially leaning on QakBot to infiltrate targets, before diversifying into social engineering techniques. The threat actor, which is also referred to as UNC4393, has since put to use various bespoke malware families to carry out its objectives -KNOTWRAP, a memory-only dropper written in C/C++ that can execute an additional payload in memoryKNOTROCK, a .NET-based utility that's used to execute the ransomwareDAWNCRY, a memory-only dropper that decrypts an embedded resource into memory with a hard-coded keyPORTYARD, a tunneler that establishes a connection to a hard-coded command-and-control (C2) server using a custom binary protocol over TCPCOGSCAN, a .NET reconnaissance assembly used to gather a list of hosts available on the network"Black Basta's evolution in malware dissemination shows a peculiar shift from a purely botnet-reliant approach to a hybrid model that integrates social engineering," RedSense's Yelisey Bohuslavskiy said.The disclosure comes as Check Point detailed its analysis of an updated Rust variant of the Akira ransomware, highlighting the malware authors' reliance on ready-made boilerplate code associated with third-party libraries and crates like indicatif, rust-crypto, and seahorse.Ransomware attacks have also employed a variant of the Mimic ransomware called Elpaco, with Rhysida infections also employing CleanUpLoader to aid in data exfiltration and persistence. The malware is often disguised as installers for popular software, such as Microsoft Teams and Google Chrome."By creating typosquatted domains resembling popular software download sites, Rhysida tricks users into downloading infected files," Recorded Future said. "This technique is particularly effective when coupled with SEO poisoning, in which these domains are ranked higher in search engine results, making them appear as legitimate download sources."Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

This week's cyber world is like a big spy movie. Hackers are breaking into other hackers' setups, sneaky malware is hiding in popular software, and AI-powered scams are tricking even the smartest of us. On the other side, the good guys are busting secret online markets and kicking out shady chat rooms, while big companies rush to fix new security holes before attackers can jump in.Want to know who's hacking who, how they're doing it, and what's being done to fight back? Stick aroundthis recap has the scoop. Threat of the WeekTurla Hackers Hijack Pakistan Hackers' Infrastructure Imagine one hacker group sneaking into another hacker group's secret hideout and using their stuff to carry out their own missions. That's basically what the Russia-linked Turla group has been doing since December 2022. They broke into the servers of a Pakistani hacking team called Storm-0156 and used those servers to spy on government and military targets in Afghanistan and India. By doing this, Turla not only got easy access to important information but also made it way harder for anyone to figure out who was actually running the show. This is a classic move for Turlathey often hijack other hackers' operations to hide their tracks and make it super confusing to tell who's really behind these attacks. Top NewsUltralytics and @solana/web3.js Libraries Targeted by Supply Chain Attacks In two separate incidents, unknown threat actors managed to push malicious versions of the popular Ultralytics library for Python and @solana/web3.js package for npm that contained code to drop a cryptocurrency miner and a drainer, respectively. The maintainers have since released updated versions to address the issue. New Android Malware DroidBot Targets Over 70 Financial Institutions Dozens of banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan (RAT) called DroidBot. The malware is capable of gathering a wide range of information from compromised devices. A majority of the campaigns distributing the malware have targeted users in Austria, Belgium, France, Italy, Portugal, Spain, Turkey, and the United Kingdom. DroidBot has been observed operating under a malware-as-a-service (MaaS) model for a monthly fee of $3,000.A Busy Week of Law Enforcement Actions Europol last week announced the disruption of a clearnet marketplace called Manson Market that facilitated online fraud on a large scale by acting as a hub for stolen financial information. A 27-year-old and a 37-year-old have been arrested in Germany and Austria, respectively, in connection with the operation. They are currently in pretrial detention. Separately, the law enforcement agency said it also dismantled an invite-only encrypted messaging service called MATRIX that's created by criminals for criminal purposes, including drug trafficking, arms trafficking, and money laundering.Tibetans and Uyghurs Become the Target of Earth Minotaur A newly christened threat activity cluster dubbed Earth Minotaur has been found leveraging the MOONSHINE exploit kit to deliver a new backdoor called DarkNimbus as part of long-term surveillance operations targeting Tibetans and Uyghurs. In the attack chains documented by Trend Micro, the attackers leveraged WeChat as a conduit to deploy the backdoor. The use of MOONSHINE has been previously linked to other groups like POISON CARP and UNC5221, suggesting some kind of tool sharing.Salt Typhoon Guidance Issued Australia, Canada, New Zealand, and the U.S. issued a joint guidance for organizations to safeguard their networks against threats posed by Salt Typhoon, which has been recently linked to a spate of cyber attacks directed against telecommunication companies in the U.S., including AT&T, T-Mobile, and Verizon. As many as eight telecom companies in the U.S., with dozens of other nations, are estimated to be affected as a result of the campaign.Malware Campaign Leverages Corrupt Word and ZIP Files New phishing campaigns ongoing since at least August 2024 have been taking advantage of corrupted Microsoft Office documents and ZIP archives as a way to bypass email defenses. "By manipulating specific components like the CDFH and EOCD, attackers can create corrupted files that are successfully repaired by applications but remain undetected by security software," ANY.RUN said. Trending CVEsHeads up! Some popular software has serious security flaws, so make sure to update now to stay safe. The list includes CVE-2024-41713 (Mitel MiCollab), CVE-2024-51378 (CyberPanel), CVE-2023-45727 (Proself), CVE-2024-11680 (ProjectSend), CVE-2024-11667 (Zyxel), CVE-2024-42448 (Veeam), CVE-2024-10905 (SailPoint IdentityIQ), CVE-2024-5921 (Palo Alto Networks GlobalProtect), CVE-2024-29014 (SonicWall), CVE-2014-2120 (Cisco Adaptive Security Appliance), CVE-2024-20397 (Cisco NX-OS), CVE-2024-52338 (Apache Arrow), CVE-2024-52316 (Apache Tomcat), CVE-2024-49803, CVE-2024-49805 (IBM Security Verify Access Appliance), CVE-2024-12053 (Google Chrome), CVE-2024-38193 (Microsoft Windows), and CVE-2024-12209 (WP Umbrella: Update Backup Restore & Monitoring plugin). Around the Cyber WorldResearchers Debut New VaktBLE Framework A group of academics from the ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and Design has unveiled a novel jamming technique called VaktBLE that can be used to defend against low-level Bluetooth Low Energy (BLE) attacks. "VaktBLE presents a novel, efficient, and (almost) deterministic technique to silently hijack the connection between a potentially malicious BLE central and the target peripheral to be protected," the researchers explained. "This creates a benevolent man-in-the-middle (MiTM) bridge that allows us to validate each packet sent by the BLE central." (Please embed this video - https://www.youtube.com/watch?v=RhDDp_HExsk)FBI Warns of AI-Enabled Financial Fraud The U.S. Federal Bureau of Investigation (FBI) is warning that cybercriminals are exploiting generative artificial intelligence (AI) to generate synthetic content and commit fraud at scale. This comprises the use of AI tools to produce realistic images, audio, and video clips of people, celebrities, and topical events; generate fraudulent identification documents; create fictitious social media profiles; craft convincing messages; assist with language translation; generate content for counterfeit websites; and even embed chatbots that aim to trick victims into clicking on malicious links. "Criminals use AI-generated text to appear believable to a reader in furtherance of social engineering, spear-phishing, and financial fraud schemes such as romance, investment, and other confidence schemes or to overcome common indicators of fraud schemes," the FBI said.Lateral Movement Techniques on macOS Cybersecurity researchers have highlighted the different ways threat actors are exploiting SSH, Apple Remote Desktop, and Remote Apple Events (RAE) to facilitate lateral movement on Apple macOS systems. "Lateral movement refers to the techniques cyber attackers use to navigate through a network after compromising an initial system," Palo Alto Networks Unit 42 said. "This phase is crucial for attackers to achieve their ultimate objectives, which might include data exfiltration, persistence or further system compromise." The disclosure comes as new research has revealed how the legitimate Windows Event Logs utility wevtutil.exe could be exploited to carry out malicious activities and slip past security controls unnoticed, a technique known as living-off-the-land. "Using wevtutil.exe as part of a chain of LOLBAS utilities can further obfuscate actions," Denwp Research's Tonmoy Jitu said. "For instance, an attacker could export logs using wevtutil.exe, compress the exported file with makecab.exe, [and] use certutil.exe to upload the file to a remote location."Another Scattered Spider Hacker Arrested in the U.S. U.S. authorities have arrested a 19-year-old teenager named Remington Goy Ogletree (aka remi) for his role in the Scattered Spider cybercrime syndicate and breaching a U.S. financial institution and two unnamed telecommunications firms. "From at least October 2023 through at least May 2024, Ogletree perpetuated a scheme to defraud in which he called and sent phishing messages to U.S.- and foreign-based company employees to gain unauthorized access to the companies' computer networks," per a complaint filed in late October 2024. "Once Ogletree had access to the victim companies' networks, Ogletree accessed and stole confidential data, including data that was later posted for sale on the dark web, and, at times, used the companies' services to facilitate the theft of cryptocurrency from unwitting victims. As a result of Ogletree's scheme, victims have suffered over $4 million in losses." The charges come weeks after the U.S. government indicted five other members of the infamous hacking crew. Scattered Spider is believed to be part of a broader loose-knit cybercrime group called The Com. According to a new report published by CyberScoop, The Com and a child sextortion sub-cluster known as 764 are engaging in financially motivated cybercrime tactics such as SIM swapping, IP grabbing, ATM skimming, and social engineering to commit violent crimes.FTC Takes Action Against 2 Data Brokers The U.S. Federal Trade Commission (FTC) has banned Virginia-based Gravy Analytics and its subsidiary Venntel from tracking and selling sensitive location data from users, including selling data about consumers' visits to health-related locations and places of worship, without their consent. It has also been ordered to establish a sensitive data location program. It's alleged that the two companies "obtained consumer location information from other data suppliers and claimed to collect, process, and curate more than 17 billion signals from around a billion mobile devices daily." The data was gathered from ordinary mobile apps, and then sold to other businesses or government agencies. Venntel's data is reportedly used by controversial surveillance company Babel Street to power its product Locate X, which can be used to precisely monitor a user's whereabouts without a warrant. The FTC also accused Mobilewalla, a Georgia-based data broker, of purposefully tracking users by collecting massive amounts of sensitive consumer data, like visits to health clinics and places of worship, from real-time bidding exchanges and third-party aggregators. "Mobilewalla exploited vulnerabilities in digital ad markets to harvest this data at a stunning scale," the FTC said. In a related move, the Consumer Financial Protection Bureau (CFPB) proposed new rules to curb the sale of sensitive personal and financial information, such as Social Security numbers and banking details, to other parties without a legitimate reason. The development also comes as FTC announced an enforcement action against facial recognition firm IntelliVision Technologies for deceptively marketing its software as being accurate and that it "performs with zero gender or racial bias" without providing any evidence to back up its claims. Expert WebinarLearn How Experts Secure Privileged Accounts In this expert-led webinar, learn proven techniques for managing privileged access and stopping cyber threats before they escalate. We'll show you how to discover hidden accounts, gain full visibility into user activities, enforce least privilege policies, and create a stronger security posture that protects your organization's critical assets.Understanding Blind Spots in Advanced Security Systems Discover why even well-prepared companies still experience breaches, and learn how to strengthen your defenses in this webinar with Silverfort's CISO, John Paul Cunningham. Explore common vulnerabilities, modern threats, tactics to spot hidden risks, and strategies to align security efforts with business goals. Gain actionable insights to protect your organization. Cybersecurity ToolsVanir Security Patch Validation Tool Vanir is an open-source tool from Google that helps developers quickly find and fix missing security patches in their Android code. Instead of relying on version numbers or build info, Vanir compares source code to known vulnerabilities, ensuring better accuracy and coverage. By connecting with the Open Source Vulnerabilities database, Vanir always stays up-to-date. With a 97% accuracy rate, it reduces manual work, speeds up patch adoption, and helps ensure that devices receive critical security updates more quickly.garak LLM Vulnerability Scanner garak is a free tool that scans large language models (LLMs) for weaknesses. Think of it like nmap, but for LLMs. It tries to break models by testing them with many different probes, looking for failures like hallucinations, data leaks, misinformation, or prompt injections. Each time it finds a flaw, garak logs the exact prompt, response, and reason, so you know what to fix. With dozens of plugins and thousands of tests, garak adapts over time as the community adds new, tougher challenges. Tip of the WeekTurn Your PC into a Malware 'No-Go' Zone Malware often avoids running if it suspects it's in a research lab or test environment. By placing fake clueslike virtual machine-related registry keys, empty folders named after analysis tools, or dummy driverson your PC, you can trick malware into thinking it's being watched. Tools like Malcrow (open-source) and Scarecrow (free) create fake indicatorsvirtual machine keys, dummy processes, or tool-like entriesto fool it into retreating. This might make certain threats back off before causing harm. Although this trick isn't perfect, it can add a subtle extra layer of security, alongside your antivirus and other defenses. Just remember to test changes carefully and keep things believable. It won't stop every attacker, but it might deter less sophisticated malware from targeting your system.ConclusionAs you think about this week's threats, consider some less common tactics. For example, plant fake "decoy" files on your networkif someone opens them, you'll know there's a problem. Keep a clear record of every piece of code you use, so if something strange shows up, you can spot it right away. Also, try controlling who can talk to whom on your network, making it harder for attackers to move around. These simple steps can help you stay one step ahead in a world where cyber risks are always changing.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

How can a CISO know if a cybersecurity incident is "material," and is that even the CISO's job? Forrester principal analyst Jeff Pollard explains this and other lessons learned after one year of living with the Securities and Exchange Commission's Cybersecurity Rule.

This Christmas Day, the place to watch NFL football is Netflix.The streaming giantwill host a pair of football games on the big holiday, both live. The Kansas City Chiefs play the Pittsburgh Steelers at 1PM ET, then the Baltimore Ravens play the Houston Texans at 4:30PM ET.Netflix will also air a live preshow starting at 11AM ET, featuring anchor Kay Adams, along with analysts Drew Brees, Robert Griffin III, Mina Kimes, and Manti Teo.TheChiefs/Steelers gamewill be announced by Ian Eagle, Nate Burleson, and JJ Watt. The Ravens/Texans game will be called by Noah Eagle and Greg Olsen.The games will also be streamedinternationally on Netflix, with translations into French, Spanish, Portuguese, and German. The Texans game also includes a halftime performance by Beyonce.NetflixNetflixloading...READ MORE: The Best Box Office Flops of 2024These NFL games are available to all Netflix subscribers, regardless of what level of subscription you pay for. Take note though: According to Netflixs website, live events like this one may contain commercial breaks across all our plans even if you pay for the version of Netflix without commercial interruptions. (Although they do add that following the end of a live event, commercial breaks will be removed on ad-free experiences.)Although the NFL on Netflix is a one-off for now, the streaming giant is doing more and more live programming generally, and live sports in particular. The company recently streamed a boxing match between Mike Tyson and Jake Paul, and in early 2025 it will begin weekly live airings of WWEs flagship wrestling show,Monday Night Raw, which had previously aired in America exclusively on cable television, dating all the way back to the early 1990s.Get our free mobile appNetflixs Holiday 2024 LineupHeres all the films, shows, and specials coming to Netflix in the 2024 holiday season.Filed Under: Beyonce, Netflix, NFLCategories: TV News

For most of us, cheese is practically its own food group. Its a passion, a gastronomical tour of deliciousness with such diverse flavors.Whetherits a Kraft American cheese slice on saltines to enjoy with chicken noodle soup or a creamy brie,baby Swiss slices on a sandwich or earthy goat, or even cheddar cheese in a jar for nachos, we have a love affair with cheese and cheese products.Along with sweet, sour, bitter, and salty, our tastebuds love savory as the fifth taste, and that's where cheesehits home. From crumbled blue cheese to string cheese to Mac and Cheese in a box, we love it all, even if its not real cheese.READ ON:Latest, Surprising Fast Food Popularity RankingsAccording to the Mashed website,processed, cheese-like products made up of less than 51% real cheese arent considered real cheese per the FDA.Theseproducts are often ultra-meltable and tend to keep longer than real cheese, they have become an irresistible ingredient for use in many fast food restaurants. While many of our favorite franchises continue to use slices, chunks, shreds, and squares of the real thing, there are those opting for cheesy fakes.McDonaldsMcDonaldsloading...Here are the fast food chains that use real cheese and those that don't.DOPanera, Starbucks, Taco Bell, Chipotle, Wendy's, Chick-fil-A, and Jack-in-the-Box.DON'TMcDonald's, Bojangles, Burger King, Sonic, Dairy Queen, and Tim Hortons.Fast and junk foodGetty Imagesloading...Now, if you're wondering about popular fast-food pizza chains where cheese is literally the purpose and lifeblood, I Googled Domino's, Pizza Hut, Papa John's, and Little Caesars. All say they use 100% real cheese and cheese mixes.According to Wikipedia, only about 30% of pizza places around the country use actual Mozzarella, so if it's crucial to you, then make sure you ask or abide by the old saying, "You get what you pay for."The Craziest Fast Food Menu Items EverREAD MORE: AMuch-RequestedMcDonalds Menu Item Is Coming BackGet our free mobile appOnce-Beloved Fast Food Items That No Longer ExistThese defunct fast food items have gone down in history. Wouldnt you love to eat them again?Filed Under: Fast Food, NostalgiaCategories: TV News