EventsSettle In for Your Seasonal Viewing from BLAGSix hours of talks, interviews, studio visits, and demonstrations from contributors to BLAG 05.Better LettersDec 19, 2024 4 min readThe nine recordings from the BLAG Meet event on 9 November 2024.BLAG Meet is a free online event that gives you the opportunity to meet and hear from contributors to each issue of the magazine.Below you can catch up with the recordings from BLAG Meet: Inside Issue 05, which took place on Saturday, 9 November 2024. Thank you to all the contributors and attendees that took part across the day.Visit bl.ag/meet for details of the next BLAG Meet on Saturday, 26 April, and to access to recordings from other events in this series.Inside BLAG 05These videos go a bit deeper into a selection of the articles and features in BLAG 05, and there's even more in the issue's digital companion, with bonus videos, documents, and additional images.The SessionsThe recordings from the following sessions can be viewed below in order of appearance.Alice Mazzilli challenging the idea of 'bad' handwriting, and framing this within her Interowriting concept.Henrik and Pontus from Sthlm Signs walking through their recent large-scale sign and scenery work for Lolo Co.'s office, giving insights into the process from inspiration to execution.Derek McDonald talking about his return to full-time work at Golden West Sign Arts following his extended adventures in sign painting at Disneyland.Jess Marsh Wissemann of Hired Hand Signs sharing a selection of projects where she has thought outside the box and taken her sign designs in new directions by getting creative with shapes, dimensions, and the use of novel materials.Noel B. Weber sharing work and stories from his 50-year career in signs, which has run in parallel with the Letterheads movement.Roger Warsop at Retroline Signs on growing up with signwriting, and his experience of learning the craft in Australia, defying the advance of printing technology, hosting the recent Letterheads meet, and his thoughts on the future of hand-painted signs.Stephen Coles at Letterform Archive introducing the prolific and diverse output of Michael Doret, with a focus on his process and what makes him an interesting lettering artist. Includes a look at the new book, Growing Up in Alphabet City.Gustavo Ferrari expanding on his how-to for painting the horses of Fileteado Porteo.BLAG editor Sam Roberts sharing the simple technology of RSS as an alternative way to follow eachother outside of mainstream social media, with reference to the Dapper Signs blog.The RecordingsThis article is for subscribers only.Sign up for a free membership to unlock sign painting resources and the latest news.Subscribe nowAlready have an account? Sign in

Detail of Le Prsage, Metz, France (2023). All images courtesy of MonkeyBird, shared with permissionMonkeyBirds Majestic Murals Bend Time Through Elaborately Stenciled CompositionsDecember 19, 2024ArtGrace EbertFor more than a decade, French artists Louis Boidron and douard Egea have been collaborating as MonkeyBird (previously). The pair are known for their large-scale stenciled murals rich with symbolism, architectural structures, and elaborate motifs, many of which reach for timeless themes related to human emotion, experience, and the inevitability of change.The Arch of Peace is one of their most recent pieces and transforms the facade of an Aarhus building into a monumental homage to peace and justice. Commissioned for the 17 Walls Project, the mural draws on one of the United Nations Sustainable Development Goals to create a more inclusive and resilient future.The Arch Of Peace, Aarhus, Denmark (2024)The Universal Declaration of Human Rights, whose origins lie in France, served as our central inspiration, the artists shared. We reinterpreted the ornamental framework of the original engraving: angels, arches, and colonnades symbolize the moral pillars essential for stability in a constantly changing world.As is typical in a MonkeyBird mural, two anthropomorphized creatures donning robes stand at the center of the composition, guarding a library based on that of Trinity College Dublin. Their attributes of power and intellect take on true meaning only when guided by reason and ethics, the artists add.Similarly mythic and majestic figures appear in a pair of murals in Fontainebleau and Metz, France, the latter of which features an avian creature holding an hourglass high in the air. Titled Le Prsage, or The Omen, the piece directly points to the artists interest in the passage of time and collapsing the boundaries between past, present, and future.In February, the pair will join the Montgomery Art Project in Alabama to create a mural and immersive installation of their papercuts. If youre local, keep an eye out for opportunities to participate in one of MonkeyBirds workshops, which will engage the community in cutting their stencils and creating public paste-ups. Until then, pick up a print in their shop, and follow their latest projects on Instagram.Le Prsage, Metz, France (2023)Detail of The Arch Of Peace, Aarhus, Denmark (2024)Fontainebleau, France (2023)Aubervilliers, France (2022)Fontainebleau, France (2023)Fontainebleau, France (2023)Fontainebleau, France (2023)Next article

Healing Blossom (2023). Photos by Pearl Sijmons, courtesy of the artist, shared with permissionCoiled Fishing Rope Sculptures by Joana Schneider Twist Organic Shapes into Otherworldly FormsDecember 19, 2024ArtGrace EbertWhen Joana Schneider moved to The Hague, she began to visit the beach regularly. Having spent her childhood in Munich, the sea was a novel and a fruitful source of inspiration. Soon, the fishermen working in the harbor caught her eye.There was something so intriguing about their world, which seemed to straddle this line between rugged labor and delicate artistry, Schneider tells Colossal. They were using knotting techniques, traditionally seen as feminine and delicate, but on a much larger scale, with heavy-duty ropes.Shine On You Crazy Diamond (2024)The artist quickly connected what the anglers created with the traditions of textile art and began to source their leftover rope. Now based on KNSM Island in Amsterdam, Schneider continues to utilize the mariner material in her large-scale sculptures. I spend days untangling the nets before I can start working with them. Then, I dry the ropes in the sun, which gives them this oceanic scent, she adds.Once desiccated, the materials often become the structure for thin, colorful yarn the artist wraps around the strands. The finished works are sometimes abstract and others boldly figurative, portraying exaggerated facial features in coiled, hand-stitched patchwork.The process is labor-intensive, but the slow, methodical movements are part of what Schneider is drawn to. Each turn of the yarn around the rope is a quiet, focused act. There is something very grounding about it. The rhythm of wrapping, the gentle tension of the yarn, and the soft texture of the fibers create a peaceful space where the world outside seems to fade away, she says. The resulting works retain evidence of this meticulous process as coils large and small swell outward in perfectly concentric circles.Currently, Schneider is working toward a solo exhibition titled Otherworldly that will open in April at the Groniger Museum in The Netherlands. Blurring the line between the real and the fantastic, the project draws on the artists fascination with hybridity and includes a performative element, a harbinger of where her practice is headed. She shares:When I think of the natural world, I often think of the Renaissance tradition of grotesque art. It fascinates me how, in that period, artists mixed human, animal, and plant forms in intricate waysThe result is a hybrid environment that is at once familiar and alien. That is something I try to achieve in my work, a sense of wonder and a bit of disorientation as if stepping into a place where the boundaries of the natural world are deliberately blurred.Schneiders sculptures are currently on view at the FITE Textile Biennial in Clermont-Ferrand, France, and will be included in a 2025 group exhibition at Knig Galerie in Munich. Until then, find more of her work on her website and Instagram.Sugarfly (2024)Detail of Sugarfly (2024)Freckles (2022)Detail of Shine On You Crazy Diamond (2024)Light Child (2023)Detail of Light Child (2023)The Good Farmer (2023)Red and Blue Iris Wave series (2022). Photo by Pim TopPrevious articleNext article

By Kim Komando The Kim Komando Show Published December 19, 2024 7:21pm EST close Would you want to chat with this creepy-looking Lego head powered by AI Dave is the world's most advanced AI Lego robotic head. This is a heartbreaking story out of Florida. Megan Garcia thought her 14-year-old son was spending all his time playing video games. She had no idea he was having abusive, in-depth and sexual conversations with a chatbot powered by the app Character AI.Sewell Setzer III stopped sleeping and his grades tanked. He ultimately committed suicide. Just seconds before his death, Megan says in a lawsuit, the bot told him, "Please come home to me as soon as possible, my love." The boy asked, "What if I told you I could come home right now?" His Character AI bot answered, "Please do, my sweet king."DONT SCAM YOURSELF WITH THE TRICKS HACKERS DONT WANT ME TO SHARE Im giving away a $500 Amazon gift card.Enter here, no purchase necessary.You have to be smartAI bots are owned by tech companies known for exploiting our trusting human nature, and theyre designed using algorithms that drive their profits. There are no guardrails or laws governing what they can and cannot do with the information they gather. A photo illustration of an AI chatbot. (iStock)When youre using a chatbot, its going to know a lot about you when you fire up the app or site. From your IP address, it gathers information about where you live, plus it tracks things youve searched for online and accesses any other permissions youve granted when you signed the chatbots terms and conditions.The best way to protect yourself is to be careful about what info you offer up.Be careful: ChatGPT likes it when you get personalTHIS CRIME SHOT UP 400% HOW TO PROTECT YOURSELF10 things not to say to AIPasswords or login credentials: A major privacy mistake. If someone gets access, they can take over your accounts in seconds.Your name, address or phone number: Chatbots arent designed to handle personally identifiable info. Once shared, you cant control where it ends up or who sees it. Plug in a fake name if you want!Sensitive financial information: Never include bank account numbers, credit card details or other money matters in docs or text you upload. AI tools arent secure vaults treat them like a crowded room.Medical or health data:AI isnt HIPAA-compliant, so redact your name and other identifying info if you ask AI for health advice. Your privacy is worth more than quick answers.Asking for illegal advice: Thats against every bots terms of service. Youll probably get flagged. Plus, you might end up with more trouble than you bargained for.Hate speech or harmful content:This, too, can get you banned. No chatbot is a free pass to spread negativity or harm others.Confidential work or business info: Proprietary data, client details and trade secrets are all no-nos.Security question answers: Sharing them is like opening the front door to all your accounts at once.Explicit content:Keep it PG. Most chatbots filter this stuff, so anything inappropriate could get you banned, too.Other peoples personal info:Uploading this isnt only a breach of trust; its a breach of data protection laws, too. Sharing private info without permission could land you in legal hot water. A person is seen using ChatGPT. (Frank Rumpenhorst/picture alliance via Getty Images)Still relying on Google?Never search for these termsReclaim a (tiny) bit of privacyMost chatbots require you to create an account. If you make one, dont use login options like "Login with Google" or "Connect with Facebook." Use your email address instead to create a truly unique login.TECH TIP: SAVE YOUR MEMORIES BEFORE ITS TOO LATEFYI, with a free ChatGPT or Perplexity account, you can turn off memory features in the app settings that remember everything you type in. For Google Gemini, you need a paid account to do this.Best AI tools for search, productivity, fun and work Google is pictured here. (AP Photo/Don Ryan)No matter what, follow this ruleDont tell a chatbot anything you wouldnt want made public. Trust me, I know its hard.Even I find myself talking to ChatGPT like its a person. I say things like, "You can do better with that answer" or "Thanks for the help!" Its easy to think your bot is a trusted ally, but its definitely not. Its a data-collecting tool like any other.Get tech-smarter on your scheduleAward-winning host Kim Komando is your secret weapon for navigating tech.National radio:Airing on 500+ stations across the US -Find yours orget the free podcast.Daily newsletter:Join 579,000 people who read the Current (free!)Watch: OnKims YouTube channelPodcast: "Kim Komando Today" - Listen wherever you get podcastsCopyright 2025, WestStar Multimedia Entertainment. All rights reserved.

Tech Massive data breach at federal credit union exposes 240,000 members Find out what information has been compromised and how to stay safe Published December 19, 2024 10:00am EST close 'CyberGuy': This years most devastating data breaches Kurt Knutsson: Data breaches in 2024 exposed info of millions, stressing the need for better cybersecurity. SRP Federal Credit Union, a South Carolina-based financial institution, had a major data breach impacting more than 240,000 people.The credit union handles highly sensitive information of hundreds of thousands of Americans, which is now in the hands of cybercriminals.SRP revealed in a notice that the data breach was part of a two-month attack by hackers, raising concerns about how it took the company so long to detect unauthorized entry into its systems. I discuss the details of the data breach, its impact on people and what you need to do to stay safe. Illustration of a hacker at work (Kurt "CyberGuy" Knutsson)What you need to knowSRP Federal Credit Union has reported a data breach that exposed the personal information of more than 240,000 individuals, according to documents filed Friday with regulators inMaine andTexas.The company said it discovered suspicious activity on its network and notified law enforcement. An investigation determined that hackers accessed the credit unions systems between Sept. 5 and Nov. 4, potentially acquiring sensitive files. The investigation concluded on Nov. 22, the company said.SRP did not specify the exact details exposed in its notice to Maine regulators, saying only that names and government-issued identification were affected in the cyberattack.However, in a filing with Texas regulators, the company said names, Social Security numbers, drivers license numbers, dates of birth and financial information, including account numbers and credit or debit card numbers, were compromised. SRP said the breach did not affect its online banking or core processing systems. Illustration of a hacker at work (Kurt "CyberGuy" Knutsson)Whos responsible for the breachSRP has not disclosed who was behind the attack or the attackers' motives. However, the ransomware group Nitrogen claimed responsibility last week, alleging it had stolen 650 GB of customer data, according toThe Record. Ransomware attacks use malicious software to block access to a victims files, systems or networks and demand payment to restore access.The credit union could face legal challenges following the data breach, as Oklahoma City-based Murphy Law Firm isinvestigating claims on behalf of individuals whose personal information was exposed. The firm is also encouraging affected individuals to join a potential class-action lawsuit.SRP will provide impacted individuals with free-of-charge identity theft protection services, so take advantage of it to safeguard your information.We reached out to SRP for comment but did not hear back by our deadline.WHAT IS ARTIFICIAL INTELLIGENCE (AI)? A person working on their laptop (Kurt "CyberGuy" Knutsson)7 ways you can protect yourself from SRP data breachIf you have received a notice from SRP Federal Credit Union about the data breach, consider taking the following steps to protect yourself.1. Monitor your accounts: Regularly check your bank accounts, credit card statements and other financial accounts for any unauthorized transactions or suspicious activity. Contact one of the three major credit bureaus (Equifax, Experian or TransUnion) to place a fraud alert on your credit report, making it harder for identity thieves to open accounts in your name.2. Freeze your credit: Consider freezing your credit to prevent new accounts from being opened without your consent. This service is free and can be lifted at any time.GET FOX BUSINESS ON THE GO BY CLICKING HERE3. Use identity theft protection services: Consider enrolling in identity theft protection services that monitor your personal information and alert you to potential threats. These services can help you detect and respond to identity theft more quickly. Some identity theft protection services also offer insurance and assistance with recovering from identity theft, providing additional peace of mind.See my tips and best picks on how to protect yourself from identity theft.4. Change your passwords: Update passwords for your online accounts, especially those related to banking and email. Use strong, unique passwords and consider using apassword manager to generate and store complex passwords. Also,enable two-factor authentication for added security.5. Beware of phishing scams: Be cautious of emails, texts or calls claiming to be from SRP or related organizations. Avoid clicking on links or providing personal information unless you verify the sender.The best way to safeguard yourself from malicious links is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.6. Keep your device's operating system updated:Make sure your cellphone and other devices automatically receive timely operating system updates. These updates often include important security patches that protect against new vulnerabilities exploited by hackers. For reference, see my guide onhow to keep all your devices updated.7. Invest in personal data removal services: Consider services that scrub your personal information from public databases. This reduces the chances of your data being exploited in phishing or other cyberattacks after a breach.Check out my top picks for data removal services here.Kurts key takeawayThe SRP Federal Credit Union data breach is a harsh reminder of how vulnerable our sensitive information can be. Over 240,000 individuals had their personal data compromised, including Social Security numbers, drivers licenses and financial details. Even more alarming is the two-month window hackers had to exploit the credit union's systems before being detected. This highlights significant gaps in cybersecurity protocols. If youre an SRP customer, monitor your accounts closely, enable fraud alerts and consider identity theft protection services to stay ahead of potential threats.CLICK HERE TO GET THE FOX NEWS APPDo you think financial institutions should be held more accountable for data breaches like this one? Let us know by writing us at Cyberguy.com/Contact.For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.Follow Kurt on his social channels:Answers to the most asked CyberGuy questions:New from Kurt:Copyright 2024 CyberGuy.com.All rights reserved. Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurts free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Published December 19, 2024 6:00am EST close How 1 man got scammed in seconds using Google Scammers have become skilled at creating convincing fake websites. Online financial scams have become increasingly sophisticated, targeting unsuspecting individuals through various deceptive techniques. Cybercriminals exploit trust and create convincing scenarios to steal personal and financial information, often using well-known platforms like PayPal as their hunting ground.Take Paul from Massachusetts, for example. He recently wrote to us about his disturbing experience. It serves as a cautionary tale about the dangers of online financial transactions. Here's his account in his own words."I wanted to sign up for PayPal and used Google to get the website. After the 'website' popped up, it asked me for the usual name, address, etc. and my credit card number with the expiration and 3-digit code. Almost immediately, I received a flash message from my credit card company asking if I made a purchase at a company in OKLA. I live in MA and had the card in my lap. The information was stolen, and a purchase was made almost immediately."The credit card company tried to contact where the purchase was made but the telephone number was a fake. The thieves tried a second purchase which was declined as the credit card company closed my account. This all happened in a 10-minute span."Paul, we're sorry to hear that this happened to you. Unfortunately, your experience is not uncommon, but by sharing your story, youre helping others learn how to avoid similar scams. An X over the Google search for PayPal (Kurt "CyberGuy" Knutsson)WHAT IS ARTIFICIAL INTELLIGENCE (AI)?Key takeaways from Paul's experiencePaul's unfortunate encounter with online fraud offers several important lessons. First, scammers have become adept at creating highly convincing fake websites that can easily fool unsuspecting users. These sites often mimic legitimate platforms down to the smallest details, making it crucial to verify the authenticity of any site requesting personal information.Second, fraudulent transactions can occur with alarming speed once scammers obtain sensitive data. In Paul's case, the thieves attempted to make purchases within minutes of acquiring his credit card information.Third, credit card companies have developed sophisticated systems to detect suspicious activity rapidly, which can help mitigate potential losses. Paul's credit card company quickly alerted him to the unauthorized transaction and took swift action to prevent further fraud.Lastly, this incident underscores the critical importance of digital vigilance and careful online navigation. Always take the time to verify the authenticity of websites before entering any personal or financial information, especially when dealing with financial services or online payments. A man typing on his laptop (Kurt "CyberGuy" Knutsson)How to protect yourself from online financial scamsProtecting your financial information online is crucial. Here are some important steps you can take to safeguard yourself against cyber threats:Verify the website's authenticity: Before entering any personal information online, always double-check the URL of the website you're visiting. Look for "https://" at the beginning of the address and a padlock icon in the address bar, which indicates a secure connection. To ensure you're on the correct site, type the web address directly into your browser instead of relying on search engine results or clicking on links from emails.Be wary of unsolicited communications:Legitimate companies will never send unsolicited emails asking for sensitive information. Avoid clicking on links in emails claiming to be from financial institutions, as these could be phishing attempts. Hover over the links to see the actual URL before clicking, as this can help you identify suspicious or misleading addresses. If you're unsure about a communication, log in to your account directly through the official website or app to check for any notifications or requests.GET FOX BUSINESS ON THE GO BY CLICKING HEREThe best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.Use strong authentication methods:Enabletwo-factor authentication on all your financial accounts to add an extra layer of security. Create unique, complex passwords for each of your accounts, avoiding the temptation to reuse passwords across multiple sites. Consider using a reputablepassword manager to help you generate and store strong passwords securely.Monitor your accounts regularly:Make it a habit to check your financial accounts frequently for any unauthorized activities or suspicious transactions. Set up alerts for transactions on your credit cards and online payment accounts so you can be immediately notified of any activity on your accounts.Be cautious with personal information: Never share your passwords or answers to security questions with anyone, no matter how trustworthy they may seem. Be skeptical of any requests for personal information, especially those that create a sense of urgency. Legitimate organizations will not pressure you to provide sensitive data immediately.Use secure payment methods: When making purchases from unknown sellers, use protected payment options that offer buyer protection. Consider using credit cards for online purchases, as they often provide better fraud protection than debit cards. If a website offers multiple payment options, choose the most secure method available.Use caution with public Wi-Fi: Avoid usingpublic Wi-Fi networks for financial transactions, as these can be easily compromised. If you must access financial accounts while away from home, use a secure VPN connection to protect against being tracked and to identify your potential location on websites that you visit.Many sites can read your IP address and, depending on their privacy settings, may display the city from which you are corresponding. A VPN will disguise your IP address to show an alternate location. A man typing on his laptop (Kurt "CyberGuy" Knutsson)What to do if you suspect a scam1. Act quickly: If you suspect your information has been compromised, change your passwords immediately.2. Contact the company: Report any suspicious activity to the security team of the affected platform.3. Alert your bank: Notify your bank or credit card company about potential fraudulent activities.4. Use an identity theft protection service:Identity theft companies can monitor personal information like your Social Security number, phone number and email address and alert you if it is being sold on the dark web or being used to open an account.They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.One of the best partsof my No. 1 pick is that they have identity theft insurance ofup to $1 million to cover losses and legal fees and a white-glove fraud resolution team where aU.S.-based case manager helps you recover any losses.See my tips and best picks on how to protect yourself from identity theft.5. Report the incident: Forward suspicious emails to the appropriate authorities and delete them from your inbox.6. Monitor your credit: Keep a close eye on your credit reports for any unauthorized activities.Kurt's key takeawaysProtecting your financial information online is more crucial than ever. Paul's experience serves as a stark reminder of how quickly things can go wrong when we let our guard down. By following the guidelines outlined above and remaining vigilant, you can significantly reduce the risk of falling victim to online financial scams. Remember, when it comes to your financial information, it's always better to err on the side of caution. Take the extra time to verify websites, and be skeptical of unsolicited requests for information. Your financial security is worth the effort.CLICK HERE TO GET THE FOX NEWS APPHow do you think the responsibility for online security should be shared between individuals, companies and governments? Let us know by writing us at Cyberguy.com/Contact.For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.Follow Kurt on his social channels:Answers to the most asked CyberGuy questions:New from Kurt:Copyright 2024 CyberGuy.com.All rights reserved. Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurts free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Despite being taken down and humiliated by the National Crime Agency (NCA) coordinated Operation Cronos in February 2024, an unknown individual(s) associated with, or claiming to represent, the LockBit ransomware gang has broken cover to announce the impending release of a new locker malware, LockBit 4.0.In screengrabs taken from the dark web that have been widely circulated on social media in the past day, the supposed cyber criminal invited interested parties to sign up and start your pentester billionaire journey in 5 minutes with us, promising them access to supercars and women. At the time of writing, none of the links in the post direct anywhere, while a countdown timer points to a launch date of 3 February 2025.Robert Fitzsimons, lead threat intelligence engineer at Searchlight Cyber, said it was hard to say at this stage what LockBit 4.0 entailed whether the gang was launching a new leak site, its old one having been seized, or whether it has made changes to its ransomware.It is worth noting that LockBit has already been through many iterations, its current branding is LockBit 3.0. It's therefore not surprising that LockBit is updating once again and given the brand damage inflicted by the law enforcement action Operation Cronos earlier this year there there is clearly a motivation for LockBit to shake things up and re-establish its credentials, keeping in mind that the LockBit 3.0 site was hijacked and defaced by law enforcement, said Fitzsimons.There has been a decrease in LockBit's victim output since Operation Cronos but this post shows that it is still trying to attract affiliates and continue its operations.The gangs sudden announcement comes just days after it emerged that the United States government is seeking the extradition from Israel of an alleged LockBit operative named as Rotislav Panev to face trial for wire fraud and cyber crime.Panev was arrested in Haifa in Israel in August according to Israeli news site Ynet, which was first to report the extradition request, news of his arrest has been restricted up to now in order to avoid tipping off other LockBit associates who may be located outside Russia and giving them a chance to escape to the relative safety afforded them there.Panev is accused of working as a software developer for LockBit and may have created the mechanism by which the gang was able to print ransom notes on printers connected to the compromised systems. Panevs lawyer told Ynet that he was a computer technician and was never aware of nor involved in any fraud, extortion or money laundering.Computer Weekly understands an extradition hearing in this case is scheduled for January 2025.Since Operation Cronos unfolded in early 2024, the NCA and other agencies that participated in the takedown have been drip feeding more information about the infamous cyber criminal operation.In May, the NCA unmasked its leader, LockBitSupp, naming him as Russian national Dmitry Khoroshev and targeting him with asset freezes and travel bans, concurrent with an indictment in the US that has seen him charged with a total of 26 counts of fraud, damage to protected computers and extortion. Khoroshev remains at large despite a multimillion dollar reward, and LockBitSupp has denied that this is their true identity.Later in the year the NCA named-and-shamed a high-profile LockBit affiliate, Aleksandr Ryzhenkov, aka Beverley, who was also a key player in the Evil Corp operation and served as a henchman to its leader Maksim Yakubets.Despite the apparent success of Operation Cronos, recent history has shown that even when law enforcement operations can be effective at disrupting their activities, cyber criminals are remarkably resilient and often able to stand up their operations again with relative ease.Although it is not currently possible to ascertain what the person behind LockBits announcement is actually planning, defenders should be alert to the possibility of attack in the coming weeks, and take appropriate anti-ransomware measures wherever possible.Read more about LockBitThe US authorities say they now have more than 7,000 LockBit decryption keys in their possession and are urging victims of the prolific ransomware gang to come forward.Coalition is the latest company to confirm LockBit activity against vulnerable ScreenConnect instances. But the insurer found significant differences between previous LockBit attacks.Reaction to the takedown of the LockBit ransomware gang is enthusiastic, but tempered with the knowledge that cyber criminals are often remarkably resilient.

Androm - stock.adobe.comOpinionChallenging the cloud giants: Is a new era of competition on the horizon?With the dominant hold that Amazon and Microsoft has on the global cloud market under scrutiny by regulators across the world, could 2025 usher in a new era of cloud competition?ByNicky StewartPublished: 19 Dec 2024 The UKs Competition and Markets Authority (CMA) sent shockwaves through the tech industry in October 2023 when it announced its investigation into potential anti-competitive practices in the UK cloud infrastructure services market.The CMA is not ploughing a lonely furrow: regulators across the world from Spain and Denmark to South Africa and (if reports are to be believed) the United States are examining various aspects of cloud computing and its impact on competition.This scrutiny is long overdue, and it marks a significant step forward. For too long, regulators have looked the other way as the Western worlds cloud market quietly amalgamated around just two cloud providers.While these tech giants have undoubtedly played their part in a global digital industrial revolution, their dominance is often accepted as an inevitable and unchangeable reality even if it may have been achieved by anti-competitive practices.This implicit acceptance of the status quo is a false narrative because there are alternatives. Challenger cloud providers stand ready to compete, asking for nothing more than a level playing field.For inquiries like the CMAs to succeed, it is crucial that decision-makers do not allow the dominant cloud providers to monopolise the conversation and they need to give equal weight to the voices of those challengers.At the beginning of next year, we will learn about the CMAs provisional opinion on the four theories of harm under investigation.These range from concerns about exploitative pricing practices to barriers that restrict customers from switching providers.During the summer, the CMA proposed numerous remedies to combat these. While we cant second guess the exact conclusions, one thing is clear: challenger cloud providers hold strong and united views, based on decades of cumulative experience.These challengers offer a vital dose of reality to what can often become dry, legalistic debates.While the industry may be guilty of using jargon like data egress fees and anti-competitive licensing practices, these terms have real-world consequences.Ask a challenger provider to explain what these practices mean for their business, and youll hear stories of dominant players charging exorbitant fees to customers who try to leave their platforms or dramatically increasing the cost of widely-used software when its run on a competitors cloud. These practices have profound implications for competition.If the CMA can create a framework that enables competition, the benefits will ripple through the market. Challenger cloud providers, with their agility and innovation, will drive down prices, expand consumer choice and spur further technological advances. They will also help to address critical concerns like cloud concentration risk and digital resilience, which become ever more pressing as our dependence on cloud services grows.The stakes couldnt be higher. This isnt just about todays challengers and consumers; its about future-proofing the entire cloud ecosystem. Emerging markets such as AI and quantum computing both heavily reliant on cloud infrastructure must not fall victim to a winner takes all scenario.Such an outcome would stifle innovation and concentrate power in ways that could threaten global digital resilience and even national security.The CMA, alongside its international counterparts, has a unique and urgent opportunity to reset the dial. This is a moment to usher in a new era of openness, competition, and fairness in the cloud market.Challenger cloud providers will be watching closely to see how the CMAs provisional decision translates into meaningful solutions that benefit not only the industry but also consumers, the wider economy, and the future of digital innovation.While the last twelve months may have fired the starting gun on investigating the cloud market, the next twelve could be when we see real change begin.In The Current Issue:What do the home secretarys policing reforms mean for the future of the Police Digital Service?What are the security risks of bring your own AI?Download Current IssueMicrosoft Copilot: A Year of Learning Write side up - by Freeform DynamicsPrint Industry Trends, 2025 Quocirca InsightsView All Blogs

Two amendments to the Data (Access and Use) Bill that would have established a statutory legal defence for security professionals and ethical hackers to protect them from prosecution under the 1990 Computer Misuse Act (CMA) have failed to make it beyond a House of Lords committee hearing after being withdrawn.The 34-year-old CMA broadly defines the offence of unauthorised access to a computer that is frequently relied upon in the UK when prosecuting cyber criminals, but given it became law when Margaret Thatcher was prime minister, it has not been updated to reflect the emergence, and practices, of the legitimate cyber security profession.Campaigners say this is putting the UK at a competitive disadvantage because security pros fear they may be prosecuted simply for doing their jobs for example, by accessing a system during the course of an incident investigation while their employers lose out to companies located in more permissive jurisdictions.Introduced by Lord Chris Holmes and Lord Tim Clement-Jones, the changes would have introduced two amendments into the Data Bill to amend the CMA such that security professionals could prove their actions were necessary for the detection or prevention of crime or justified as being in the public interest.Speaking in support of the amendment on 18 December 2024, Holmes spoke about how the CMA was introduced to defend telephony exchanges in an era when 0.5% of the population was online, and if that was the acts sole purpose, that alone would indicate it needs updating given the profound advances in technology made in the past three-and-a-half decades.The Computer Misuse Act 1990 is not only out of date but inadvertently criminalising the cyber security professionals we charge with the job of keeping us all safe. They oftentimes work, understandably, under the radar, behind not just closed but locked doors, doing such important work. Yet, for want of these amendments, they are doing that work, all too often, with at least one hand tied behind their back, said Holmes. The Computer Misuse Act 1990 is not only out of date but inadvertently criminalising the cyber security professionals we charge with the job of keeping us all safe Lord Chris HolmesLet us take just two examples: vulnerability research and threat intelligence assessment and analysis. Both could find that cyber security professional falling foul of the provisions of the CMA 1990. Do not take my word for it: look to the 2024 annual report of the National Cyber Security Centre, which rightly and understandably highlights the increasing gap between the threats we face and its ability, and the ability of the cyber security professionals community, to meet those threats.These amendments, in essence, perform one simple but critical task: to afford a legal defence for legitimate cyber security activities, he said. That is all, but it would have such a profound impact for those whom we have asked to keep us safe and for the safety they can thus deliver to every citizen in our society.Its not time, its well over time that these amendments become part of our law. If not now, then when? If not these amendments, what amendment? And if not these amendments, what will the government say to all those people who will continue to be put in harms way for want of these protective provisions? added Holmes.During the hearing in Westminster, other parliamentarians, including the amendments co-sponsor Lord Clement-Jones and Lord James Arbuthnot, better known for his campaigning work in the Post Office Horizon scandal, spoke in favour of reform, but to no avail.Lord Timothy Kirkhope said: This just demonstrates, yet again, that unless we pull ourselves together, with better smart legislation that moves faster, we will never ever catch up with developments in technology and AI [artificial intelligence]. This has been demonstrated dramatically by these amendments. I express concerns that the government move at a pace that government always moves at, but in this particular field it is not going to work.Responding to the meeting, under-secretary of state at the Department for Science, Innovation and Technology (DSIT) Baroness Margaret Jones said the government agreed the UK needed a revised legislative framework to enable the authorities to tackle the harms posed by cyber criminals, and that it was committed to ensuring the CMA remains up to date and is effective in this regard.However, said Jones, reform is a complex and ongoing issue that is being considered as part of a Home Office review of the CMA itself.We are considering improved defences by engaging extensively with the cyber security industry, law enforcement agencies, prosecutors and system owners. However, engagement to date has not produced a consensus on the issue, even within the industry, and that is holding us back at this moment but we are absolutely determined to move forward with this and to reach a consensus on the way forward, she said.The specific amendments are premature, because we need a stronger consensus on the way forward, notwithstanding all the good reasons given for why it is important that we have updated legislation. With these concerns and reasons in mind, I hope that the noble Lord [Holmes] will feel able to withdraw his amendment, said Jones.Katharina Sommer, group head of government affairs at cyber firm NCC Group, said she was thrilled to see such passionate calls for reform, and that the session had rightly highlighted the outdated nature of the CMA and how it holds back cyber security professionals.We need a statutory defence, like that proposed by Lord Holmes welcome amendment, to allow this vital work to proceed unimpeded, at a time where the cyber threat is rising unabatedly. Reforming the CMA would unlock huge opportunities, strengthen our defences, and help the UK compete on the world stage, she said.It is heartening to see the minister recognise the need to provide legal protections for legitimate cyber security activities, and hear about her determination to reach consensus on the way forward, particularly as this follows her colleague the security ministers recent commitment to reviewing the CMA, said Sommer.We do hope sincerely that all those involved in keeping the UK safe in cyberspace are prepared to work together, and find compromise rather than risk deadlock. We look forward to working with the government and all partners to ensure the UKs cyber laws reflect 21st century threats.Timeline: Computer Misuse Act reformJanuary 2020: A group of campaigners says the Computer Misuse Act 1990 risks criminalising cyber security professionals and needs reforming.June 2020: The CyberUp coalition writes to Boris Johnson to urge him to reformthe UKs 30-year-old cyber crime laws.November 2020: CyberUp, a group of campaigners who want to reform the Computer Misuse Act, finds 80% of security professionals are concerned that they may be prosecutedjust for doing their jobs.May 2021: Home secretary Priti Patel announces plans to explore reforming the Computer Misuse Act as calls mount for the 31-year-old law to be updatedto reflect the changed online world.June 2022: A cross-party group in the House of Lords has proposed an amendment to the Product Security and Telecommunications Infrastructure Bill that would address concerns about security researchers or ethical hackers being prosecutedin the course of their work.August 2022: A study produced by the CyberUp Campaign reveals broad alignment among security professionals on questions around the Computer Misuse Act, which it hopes will give confidence to policymakersas they explore its reform.September 2022: The CyberUp coalition, a campaign to reform the Computer Misuse Act, has called on Liz Truss to push ahead with needed changes to protect cyber professionalsfrom potential prosecution.January 2023: Cyber accreditation association Crest International lends its support to the CyberUp Campaign forreform to the Computer Misuse Act 1990.February 2023: Westminster opens a new consultation on proposed reforms to the Computer Misuse Act 1990, but campaigners who want the law changed to protect cyber professionals have been left disappointed.March 2023: The deadline for submissions to the governments consultation on reform of the Computer Misuse Act is fast approaching, and cyber professionals need to make their voices heard,say Bugcrowds ethical hackers.November 2023: A group of activists who want to reform the UKs computer misuse laws to protect bona fide cyber professionals from prosecution have been left frustrated by a lack of legislative progress.July 2024: In the Cyber Security and Resilience Bill introduced in the Kings Speech, the UKs new government pledges to give regulators more teeth to ensure compliance with security best practiceand to mandate incident reporting.July 2024: The CyberUp Campaign for reform of the 1990 Computer Misuse Act launches an industry survey inviting cyber experts to share their views on how the outdated lawhinders legitimate work.December 2024: An amendment to the proposed Data (Access and Use) Bill that will right a 35-year-old wrong and protect security professionals from criminalisation is to be debated at Westminster.Andrew Jones, strategy director at The Cyber Scheme, a supporter of the CyberUp Campaign for legal reform, said: Whilst we are slightly disappointed by the governments decision not to seize this opportunity to bring the Computer Misuse Act into the 21st century, we are encouraged by their recent comments suggesting a review of the act is being considered. Until then, the CMA will remain an outdated piece of legislation, preventing our cyber security professionals from defending organisations effectively and leaving us lagging behind peer nations, as the US and EU move to safeguard ethical cyber security work as a cornerstone of national resilience.With the CEO of the National Cyber Security Centre recently acknowledging that hostile activity in UK cyberspace has increased in frequency, sophistication and intensity, it is vital that the UK takes measures to upgrade its cyber resilience.He added: The statutory defence we propose drafted in consultation with industry and legal experts would protect legitimate cyber security professionals, strengthen UK cyber defences, and reinforce its place as a cyber security leader. We are fully prepared to work with the government to help implement this necessary change in the future, as soon as it is ready to act.

Overshadowed by the shiny AI features, the latest iPhone update brought multiple QOL improvements, such as the new Home Screen controls.