Everybody loves Jason Nesmith. At least, thats what Jason Nesmith thinks. As the star of the long canceled sci-fi show, Galaxy Quest, Jason regularly enters to cheers from crowds of admirers, even if theyre really cheering for his character, Commander Peter Quincy Taggart of the NSEA Protector. But behind the closed door of a mens room stall, Nesmith learns the truth. In a convention hall bathroom, Jason overhears two guys mock their fellow attendees, the Galaxy Quest cast, and especially Nesmith. Actor Tim Allen lets the sadness mix with the dawning on his face, the first of many realizations that occur throughout the cult 1999 comedy classic, Galaxy Quest.The bathroom conversation is also one of many moments in Galaxy Quest drawn from the actual lives of Star Trek cast members. According to a (possibly apocryphal) tale, the supremely confident William Shatner suffered a blow to the ego when he heard a couple of young men making fun of him and the cast of The Original Series at a convention. The scene in Galaxy Quest certainly plays on Shatners outsized sense of self-importance. But it works because it also has sympathy and admiration for Shatner, allowing Galaxy Quest to capture Trekkies complicated feelings about the man who made James T. Kirk the greatest captain in Federation history.Great Characters and Greater EgosNesmiths bathroom revelation shouldnt be that much of a shock, given the altercation that he has with co-star Alexander Dane. Portrayed by the great Alan Rickman, Dane resented his regal alien character Dr. Lazarus and had just finished ranting about his derailed dramatic career. Disgusted, Dane runs for the door, but Nesmith tries to stop him, calming his co-star by referring to themselves as old friends.Old friend? retorts Dane. You stole all my best lines, you cut me out of episode two entirely! Those charges also stem from actual Star Trek history. As Leonard Nimoys character rose in popularity during TOS original run, a jealous Shatner would rewrite scripts so that Kirk got lines originally intended for Spock.Shatners script hijacking is one of many examples of his clashes with co-stars. Even as recently as 2022, Sulus actor George Takei called Shatner a prima donna during the filming of the show, claiming that although the rest of the cast enjoyed a strong camaraderie, none of us got along with the man who played their captain. He was self-involved, Takei told The Guardian. He enjoyed being the center of attention. He wanted everyone to kowtow to him.Takei may be the most vocal of Shatners detractors but he was hardly alone. According to his book Boldly Go, Nichelle Nichols told Shatner that the others found him cold and arrogant. At the 2015 Steel City Con (via Hollywood in Toto), Walter Koenig claimed that the rest of the cast bonded mostly because of our mutually grumbling of Mr. Shatner. Shatner and Nimoy were and always shall be frenemies, but it got so bad during the filming of TOS that Gene Roddenberry had to order them to make peace. Shatner even famously turned his ire toward fans, as in a legendary Saturday Night Live sketch in which he orders Trekkies to get a life!Galaxy Quest reflects Shatners attitude in his treatment of his castmates and fans. He emerges into the movie declaring your captain is here! without even acknowledging that he made everyone wait for an hour. When he thinks that the alien Mathesar is just a fan who wants to hire him for an engagement, Jason talks down to the dignitary and even rudely pokes his finger in a condescending way.Furthermore, Jason is played by Tim Allen, an actor who also has a reputation for irritating others. Allen went from someone who was arrested for trafficking cocaine in 1978, when he was studying at Western Michigan University, to having the number one sitcom in Home Improvement, the number one movie with The Santa Clause, and the number one book with Dont Stand Too Close to a Naked Man. So great was his rise that Western Michigan University conferred upon him an honorary degree (much to the chagrin of this writer, who had to earn his BA from WMU the usual way).Home Improvement co-star Pamela Anderson claimed in her 2023 book Love, Pamela that Allen flashed her on set, and comedian Casey Wilson declared on the Bitch Sesh podcast that Allen was fucking rude while filming the Disney+ series The Santa Clauses. Never made eye contact, never said anything. It was so uncomfortable, she charged.Maybe those shared difficulties help explain why Galaxy Quest gets the Shatner appeal so well.Strongest At His WeakestAs recorded in the excellent behind the scenes documentary, Never Surrender, the Galaxy Quest script unlocked when writers Robert Gordon (who shares a screenplay credit with David Howard) and director Dean Parisot realize that Jason loves being the captain, even if its just pretend. Where the original story made him more of a bitter washout like Dane, the new version would make him glad to reprise his role at cons and, eventually, in outer space because it presents him at his best.Join our mailing listGet the best of Den of Geek delivered right to your inbox!Thus theres a vulnerability to Jason that makes him compelling, even when hes being an arrogant jerk. Jason is tragic because he needs the very people to whom he condescends. He may act like hes better than his co-stars Dane and Gwen DeMarco (Sigourney Weaver), or better than his biggest fan Mathesar (Enrico Colantoni), the Thermian who recruits Jason and the crew to fight real space battles against the warlord Sarris (Robin Sachs and some outstanding make-up effects from Bill George at ILM). But he needs them to be the person he wants to be: Commander Taggart.Like most of his castmates, Shatner sometimes had a complicated relationship with Kirk, despite going on to successful projects such as T.J. Hooker and Boston Legal. But he still had clear pride in the captain, reprising the role for Star Trek: The Animated Series, the planned Star Trek: Phase II, and all the movies through 1994s Generations. Shatner also undid Kirks death in Generations for a wonderfully unhinged set of novels and, to this day, grouches that J.J. Abrams brought Nimoys Spock back, but not his Kirk, in the reboot films.That pride and natural bluster is evident onscreen in his every outing as Kirk. Sure, Shatners idiosyncratic line deliveries have long since become a punchline, but theyre effective nonetheless. Shatner believes so much in the truth of Kirk as a character that he gives every single word great weight. And more often than not, its fantastic. Every word of the risk is our business speech from the season two episode Return to Tomorrow deserves that weight. Our love for Spock justifies the long pause Kirk takes before finding the word human in the eulogy at the end of Star Trek II: The Wrath of Khan.Moreover, for all of his bluster, Shatner has no problem playing the comedy of his character and being the butt of the joke. Just look at the reaction he has when Decker challenges Kirk in The Motion Picture. After telling Decker to mind his place, the newly-busted-down XO reminds the captain that it is a first officers job to check his superior officer. Shatner gives the moment space before Kirk responds, taking his time before allowing a proud smile, letting the audience realize that Kirk is indeed wrong here. I stand corrected, confesses Kirk.In fact, all of the TOS movies are about how old and out of step Kirk is. Sure, Kirk begins Star Trek V, the one Shatner himself directed, free soloing El Capitan. But he still almost falls to his death after getting interrogated by a cool Spock in hoverboots. Whether or not he knows it about himself, Shatner knows that Kirk isnt perfect, which only makes us love him more.Read more The Captains ConfessionIn Galaxy Quest, Jason has a moment of truth. In a fantastic bit of acting from Allen, Jason admits to Mathesar that hes an actor and not the man he pretended to be. Seeing how his actions affect others changes Jason. He realizes he needs to be more like Taggart instead of Nesmith.Now in his 90s, its unlikely that Shatner will have a similar come-to-Sha Ka Ree moment. But even if he doesnt have a full turnaround, we still have his complex take on Captain Kirk, a man as open and vulnerable as he is stubborn and bloviating.

The gut renovation of photographer Donna Dotan's home in Montclair, New Jersey was well underway when Dotan and her husband discovered five layers of old flooring in the Dutch Colonials kitchen. They knew exactly what to do with that sudden trove of space underneath the room in their house that they planned to use the most.They removed all five layers to make way for a fresh, durable option and took the opportunity to banish cold feet for good. At that point, we decided to add heated flooring since we were going with tile, says Dotan, who specializes in interiors and architecture photography, of the luxurious feature more commonly used in bathrooms. The demolition took a lot longer than expected, but it was worth the wait!Built in 1901, the homes kitchen was outdated and mismatched. Working with interior designer Rob Stuart, they set out to make functional updates and create a cohesive lookall while maintaining the historic feel of the six-bedroom, five-and-a-half-bathroom property. A standout improvement is the two-tone, shaker-style cabinetry. The cabinet colors (warm wood and October Mist by Benjamin Moore) complement the homes natural surroundings, which are framed by wide windows.Donna DotanLight fixture: Visual Comfort. Stools: Serena & Lily. Counters: Rockaway Marble & Granite Inc. Art: Hannah Moon. Glass candle holders: Anthropologie.Meaningful moments are found in the details. Most nights, Dotans family enjoys tea following dinner. That teapot [on the island] was passed down from my Moroccan grandmother, who had a whole collection of them, she says, adding she keeps a few of them together with Moroccan glassware on display on the open shelving. We keep a garden of mint right outside the kitchen and will usually have hot water with mint leaves or add the leaves to our tea.The art on the walls is a commission by their good friend Hannah Moon. Rob found that incredible vintage frame on the streets of New York with a sign on it that said Take me! Dotan explains. Hannah created something that she felt would look perfect in that frame, and she was right.Donna DotanDonna DotanOther upgrades include a farm sink, which doubles as a bath for washing Dotans mini golden doodle, Remy, when he gets muddy from playing outside. Under the open shelving, the bread box was painted sage green to match the cabinets. The vintage-style range from Ilve adds to the room's overall charm. "We purchased an extra brass bar from Ilve to add to the Hoodsly hood above in order to tie it all together," Dotan says.Donna DotanWallpaper: Thibaut. Pendant, sconce, chairs, and throw pillows (square): Serena & Lily. Throw pillow (circle): HomeGoods. Mirror: Pottery Barn. Banquette fabrics: Kravet, upholstered by Oscar Fay & Son Upholstery.On the opposite end of the kitchen, a custom banquette area was built under a window that fills the room with natural light, a bright, cozy spot for breakfast. Follow House Beautiful on Instagram and TikTok.

A report over the weekend suggested an Apple smart home doorbell with support for Face ID is in development. It follows an earlier report of an Apple smart home camera next year.While it could be argued that both are commodity products, and that Apples most important contribution is the HomeKit platform rather than the hardware, there seems little doubt about the opportunity here This is what Apple doesMany of us here have been using smart home tech for a great many years, so it can be easy for us to forget that this is still an early-adopter product category.Its very rare for me to visit the home of family or friends and find smart home tech there. For most people, its still the domain of gadget-lovers, with non-techy people seeing it as something mysterious and complicated.Taking things that are techy, and making them appealing to mass market consumers, is what Apple does.The iPhone is the obvious example. Prior to 2007, smartphones were geeky devices with keyboards and styli, and used only by the techiest among us. The iPhone turned it into a mass-market consumer product.But the company has long been doing this. The Macintosh. The iPod. The iPad. The Apple Watch. If anyone can make smart homes mainstream, its Apple.HomeKit helped, but wasnt transformativeApples first attempt at this was HomeKit. The idea was that that any smart home device could be controlled by a single iPhone app, as well as by Siri.That definitely helped. It did make smart home tech accessible to more people, and it also addressed some of the privacy and security concerns that were holding back the market. Additionally, those HomeKit demo displays in Apple stores exposed more people to the tech, and helped to show how useful and easy to use it could be.Apple also solved the biggest issue with smart home cameras, with HomeKit Secure Video. After countless security failings by even mainstream brands, Apple provided a means of ensuring that nobody else not even Apple could access footage.In an ideal world, all that would have been enough, and Apple could have left the hardware to other companies. In practice, however, HomeKit only advanced things somewhat: it hasnt succeeded in making smart homes mainstream.But Apple-branded devices would succeedThe average non-techy person has no idea about HomeKit security standards, but they do trust Apple. So if Apple starts selling smart home hardware especially the scarier stuff, like cameras and locks then way more people are going to be happy buying it.When last months report of an Apple-branded smart home camera surfaced, more than 80% of you said that you were likely to buy one. A smart doorbell of course falls within the general category of smart home cameras, so its possible that Kuo and Gurman are both referring to the same plans. However, if Apple does get into this field, then for me it wouldnt make sense to do so with a single device. I suspect were looking at potential plans for external security cameras, indoor cameras, and a smart doorbell.The latest report suggested that Apples doorbell would likely work with any existing HomeKit-compatible smart lock, but suggests its possible the company would partner with a single company to offer a complete system. Given that a smart lock and a smart doorbell offer the most obvious opportunities for integration as in the example of Face ID on the doorbell camera triggering the smart lock to open that approach makes a lot of sense.Apple famously says no to a thousand ideas for each one it develops, so it may be here that a branding partnership is as far as things need to go. Perhaps a co-branded smart lock, with both Apple and Yale branding, for example. But a co-branded smart doorbell seems less likely. Its not like any existing smart camera brands have covered themselves in glory here!For that reason alone, Id expect any camera Apple produces to carry only the companys own branding. But the likely inclusion of Apple Intelligence features seals the deal. Additionally, while there are existing smart locks with face-recognition, I wouldnt trust any of them to the degree I trust Face ID.This would be a win for all of usThe potential benefit for Apple and for non-techies is clear. But I think we all stand to gain here.The more mainstream smart homes become, and the more Apple draws attention to the security and privacy issues, the better the tech will become for all of us techies and newbies alike. Id love to see this happen.Image: Google NestAdd 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Dec 23, 2024Ravie LakshmananMachine Learning / Threat AnalysisCybersecurity researchers have found that it's possible to use large language models (LLMs) to generate new variants of malicious JavaScript code at scale in a manner that can better evade detection."Although LLMs struggle to create malware from scratch, criminals can easily use them to rewrite or obfuscate existing malware, making it harder to detect," Palo Alto Networks Unit 42 researchers said in a new analysis. "Criminals can prompt LLMs to perform transformations that are much more natural-looking, which makes detecting this malware more challenging."With enough transformations over time, the approach could have the advantage of degrading the performance of malware classification systems, tricking them into believing that a piece of nefarious code is actually benign.While LLM providers have increasingly enforced security guardrails to prevent them from going off the rails and producing unintended output, bad actors have advertised tools like WormGPT as a way to automate the process of crafting convincing phishing emails that are tailed to prospective targets and even create novel malware.Back in October 2024, OpenAI disclosed it blocked over 20 operations and deceptive networks that attempt to use its platform for reconnaissance, vulnerability research, scripting support, and debugging.Unit 42 said it harnessed the power of LLMs to iteratively rewrite existing malware samples with an aim to sidestep detection by machine learning (ML) models like Innocent Until Proven Guilty (IUPG) or PhishingJS, effectively paving the way for the creation of 10,000 novel JavaScript variants without altering the functionality.The adversarial machine learning technique is designed to transform the malware using various methods -- namely, variable renaming, string splitting, junk code insertion, removal of unnecessary whitespaces, and a complete reimplementation of the code -- every time it's fed into the system as input."The final output is a new variant of the malicious JavaScript that maintains the same behavior of the original script, while almost always having a much lower malicious score," the company said, adding the greedy algorithm flipped its own malware classifier model's verdict from malicious to benign 88% of the time.To make matters worse, such rewritten JavaScript artifacts also evade detection by other malware analyzers when uploaded to the VirusTotal platform.Another crucial advantage that LLM-based obfuscation offers is that its lot of rewrites look a lot more natural than those achieved by libraries like obfuscator.io, the latter of which are easier to reliably detect and fingerprint owing to the manner they introduce changes to the source code."The scale of new malicious code variants could increase with the help of generative AI," Unit 42 said. "However, we can use the same tactics to rewrite malicious code to help generate training data that can improve the robustness of ML models."The disclosure comes as a group of academics from North Carolina State University devised a side-channel attack dubbed TPUXtract to conduct model stealing attacks on Google Edge Tensor Processing Units (TPUs) with 99.91% accuracy. This could then be exploited to facilitate intellectual property theft or follow-on cyber attacks."Specifically, we show a hyperparameter stealing attack that can extract all layer configurations including the layer type, number of nodes, kernel/filter sizes, number of filters, strides, padding, and activation function," the researchers said. "Most notably, our attack is the first comprehensive attack that can extract previously unseen models."The black box attack, at its core, captures electromagnetic signals emanated by the TPU when neural network inferences are underway a consequence of the computational intensity associated with running offline ML models and exploits them to infer model hyperparameters. However, it hinges on the adversary having physical access to a target device, not to mention possessing expensive equipment to probe and obtain the traces."Because we stole the architecture and layer details, we were able to recreate the high-level features of the AI," Aydin Aysu, one of the authors of the study, said. "We then used that information to recreate the functional AI model, or a very close surrogate of that model."Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

The online world never takes a break, and this week shows why. From ransomware creators being caught to hackers backed by governments trying new tricks, the message is clear: cybercriminals are always changing how they attack, and we need to keep up.Hackers are using everyday tools in harmful ways, hiding spyware in trusted apps, and finding new ways to take advantage of old security gaps. These events aren't randomthey show just how clever and flexible cyber threats can be.In this edition, we'll look at the most important cyber events from the past week and share key takeaways to help you stay safe and prepared. Let's get started. Threat of the WeekLockBit Developer Rostislav Panev Charged in the U.S. Rostislav Panev, a 51-year-old dual Russian and Israeli national, has been charged in the U.S. for allegedly acting as the developer of the now-disrupted LockBit ransomware-as-a-service (RaaS) operation, netting about $230,000 between June 2022 and February 2024. Panev was arrested in Israel in August 2024 and is currently pending extradition. With the latest development, a total of seven LockBit members have been charged in the U.S. That said, the group appears to be readying a new version, LockBit 4.0, that's scheduled for release in February 2025. Top NewsLazarus Group Continues to Evolve Tactics The North Korea-linked Lazarus Group has been observed targeting nuclear engineers with a new modular malware called CookiePlus as part of a long-running cyber espionage campaign dubbed Operation Dream Job. CookiePlus is only the latest manifestation of what security researchers have described as the growing sophistication that threat actors have begun incorporating into their malware and tactics. The variety of TTPs used highlights the versatility and diversity of the hacking group.APT29 Uses Open-Source Tool to Set Up Proxies in RDP Attacks The Russian state-sponsored group tracked as APT29 has repurposed a legitimate red teaming attack methodology that involves the use of an open-source proxy tool dubbed PyRDP to set up intermediate servers that are responsible for connecting victim machines to rogue RDP servers, deploy additional payloads, and even exfiltrate data. The development illustrates how it's possible for bad actors to accomplish their goals without having to design highly customized tools.Serbian Journalist Targeted by Cellebrite and NoviSpy An independent Serbian journalist, Slavia Milanov, had his phone first unlocked by Cellebrite's forensic tool and subsequently compromised by a previously undocumented spyware codenamed NoviSpy, which comes with capabilities to capture personal data from a target's phone and remotely turn on the phone's microphone or camera. The spyware attacks, detailed by Amnesty International, are the first time two different invasive technologies have been used against civil society members to facilitate the covert gathering of data. Serbia's police characterized the report as "absolutely incorrect."The Mask Makes a Comeback A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022. The group, first documented by Kaspersky back in early 2014, infected the company with malware such as FakeHMP, Careto2, and Goreto that are designed to harvest files, keystrokes, and screenshots; run shell commands; and deploy more malware. The origins of the threat actor are presently not known.Multiple npm Packages Fall Victim to Supply Chain Attacks Unknown threat actors managed to compromise three different npm packages, @rspack/core, @rspack/cli, and vant, and push malicious versions to the repository containing code to deploy a cryptocurrency miner on infected systems. Following discovery, respective project maintainers stepped in to remove the rogue versions. Trending CVEsHeads up! Some popular software has serious security flaws, so make sure to update now to stay safe. The list includes CVE-2024-12727, CVE-2024-12728, CVE-2024-12729 (Sophos Firewall), CVE-2023-48788 (Fortinet FortiClient EMS), CVE-2023-34990, (Fortinet FortiWLM), CVE-2024-12356 (BeyondTrust Privileged Remote Access and Remote Support), CVE-2024-6386 (WPML plugin), CVE-2024-49576, CVE-2024-47810 (Foxit Software), CVE-2024-49775 (Siemens Opcenter Execution Foundation), CVE-2024-12371, CVE-2024-12372, CVE-2024-12373 (Rockwell Automation PowerMonitor 1000), CVE-2024-52875 (GFI KerioControl), CVE-2024-56145 (Craft CMS), CVE-2024-56050, CVE-2024-56052, CVE-2024-56054, CVE-2024-56057 (VibeThemes WPLMS), CVE-2024-12626 (AutomatorWP plugin), CVE-2024-11349 (AdForest theme), CVE-2024-51466 (IBM Cognos Analytics), CVE-2024-10244 (ISDO Software Web Software), CVE-2024-4995 (Wapro ERP Desktop), CVE-2024-10205 (Hitachi Ops Center Analyzer), and CVE-2024-46873 (Sharp router) Around the Cyber WorldRecorded Future Gets Labeled "Undesirable" in Russia Russian authorities have tagged U.S. threat intelligence firm Recorded Future as an "undesirable" organization, accusing it of participating in propaganda campaigns and cyberattacks against Moscow. Russia's Office of Prosecutor General also said the company is "actively cooperating" with U.S. and foreign intelligence services to help search, gather, and analyze data on Russian military activities, as well as Ukraine with "unrestricted access" to programs used in offensive information operations against Russia. "Some things in life are rare compliments. This being one," Recorded Future's chief executive, Christopher Ahlberg, wrote on X.China Accuses the U.S. of Conducting Cyber Attacks The National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT) accused the U.S. government of launching cyber attacks against two Chinese technology companies in a bid to steal trade secrets. CNCERT said one of the attacks, detected in August 2024, singled out an advanced material design and research unit by exploiting a vulnerability in an electronic document security management system to break into the upgrade management server and deliver trojan to over 270 hosts and siphon "a large amount of trade secret information and intellectual property." The second attack, on the other hand, targeted an unnamed high-tech enterprise of smart energy and digital information since May 2023 by weaponizing flaws in Microsoft Exchange Server to plant backdoors with an aim to harvest mail data. "At the same time, the attacker used the mail server as a springboard to attack and control more than 30 devices of the company and its subordinate enterprises, stealing a large amount of trade secret information from the company," CNCERT said. The allegations come in the midst of the U.S. accusing Chinese threat actors like Salt Typhoon of breaching its telecommunication infrastructure.New Android Spyware Distributed via Amazon Appstore Cybersecurity researchers uncovered a new Android malware that was available for download from the Amazon Appstore. Masquerading as a body mass index (BMI) calculator, the app ("BMI CalculationVsn" or com.zeeee.recordingappz) came with features to stealthily record the screen, as well as collect the list of installed apps and incoming SMS messages. "On the surface, this app appears to be a basic tool, providing a single page where users can input their weight and height to calculate their BMI," McAfee Labs said. "However, behind this innocent appearance lies a range of malicious activities." The app has been taken down following responsible disclosure.HeartCrypt Packer-as-a-Service Operation Exposed A new packer-as-a-service (PaaS) called HeartCrypt has been advertised for sale on Telegram and underground forums since February 2024 to protect malware such as Remcos RAT, XWorm, Lumma Stealer, and Rhadamanthys. Said to be in development since July 2023, its operators charge $20 per file to pack, supporting both Windows x86 and .NET payloads. "In HeartCrypt's PaaS model, customers submit their malware via Telegram or other private messaging services, where the operator then packs and returns it as a new binary," Palo Alto Networks Unit 42 said, adding it identified over 300 distinct legitimate binaries that were used to inject the malicious payload. It's suspected that the service allows clients to select a specific binary for injection so as to tailor them based on the intended target. At its core, the packer works by inserting the main payload into the binary's .text section and hijacking its control flow in order to enable the execution of the malware. The packer also takes steps to add several resources that are designed to evade detection and analysis, while simultaneously offering an optional method to establish persistence using Windows Registry modifications. "During HeartCrypt's eight months of operation, it has been used to pack over 2,000 malicious payloads, involving roughly 45 different malware families," Unit 42 said.Chinese and Vietnamese-speaking Users Target of CleverSoar Installer A highly evasive malware installer called CleverSoar is being used to target Chinese and Vietnamese-speaking victims with the Winos 4.0 framework and the Nidhogg rootkit. The malware distribution starts with MSI installer packages that likely impersonate fake software or gaming-related applications, which extract the files and subsequently execute the CleverSoar installer. "These tools enable capabilities such as keystroke logging, data exfiltration, security bypasses, and covert system control, suggesting that the campaign is part of a potentially prolonged espionage effort," Rapid7 said, describing it as an advanced and targeted threat. "The campaign's selective targeting of Chinese and Vietnamese-speaking users, along with its layered anti-detection measures, points to a persistent espionage effort by a capable threat actor." It's suspected that the threat actor is also responsible for other campaigns distributing Winos 4.0 and ValleyRAT.Thousands of SonicWall Devices Vulnerable to Critical Flaws As many as 119,503 publicly accessible SonicWall SSL-VPN devices are susceptible to serious security flaws (25,485 of critical severity and 94,018 of high severity), with over 20,000 using a SonicOS/OSX firmware version that's no longer supported by the vendor. "The majority of series 7 devices exposed online are impacted by at least one vulnerability of high or critical severity," cybersecurity company Bishop Fox said. A total of 430,363 unique SonicOS/OSX instances have been found exposed on the internet.Industrial Systems Targeted in New Malware Attacks Siemens engineering workstations (EWS) have been targeted by a malware called Chaya_003 that's capable of terminating the Siemens TIA portal process, alongside those related to Microsoft Office applications, Google Chrome, and Mozilla Firefox. The malware, once installed, establishes connections with a Discord webhook to fetch instructions for carrying out system reconnaissance and process disruption. Forescout said it also identified two incidents in which Mitsubishi EWSs were infected with the Ramnit worm. It's currently not clear if the attackers directly targeted the operational technology (OT) systems or if it was propagated via some other means, such as phishing or compromised USB drives. OT networks have also been increasingly the target of ransomware attacks, with 552 incidents reported in Q3 2024, up from 312 in Q2 2024, per Dragos. No less than 23 new ransomware groups have targeted industrial organizations during the time period. Some of the most impacted verticals included manufacturing, industrial control systems (ICS) equipment and engineering, transportation, communications, oil and gas, electric, and government.Cracked Version of Acunetix Scanner Linked to Turkish IT Firm Threat actors are selling thousands of credential sets stolen using Araneida, a cracked version of the Acunetix web app vulnerability scanner. According to Krebs on Security and Silent Push, Araneida is believed to be sold as a cloud-based attack tool to other criminal actors. Further analysis of the digital trail left by the threat actors has traced them to an Ankara-based software developer named Altu ara, who has worked for a Turkish IT company called Bilitro Yazilim. Expert WebinarPreparing for the Next Wave of Ransomware in 2025 Ransomware is getting smarter, using encryption to hide and strike when you least expect it. Are you prepared for what's coming next? Join Emily Laufer and Zscaler ThreatLabz to explore the latest ransomware trends, how attackers use encrypted channels to stay hidden, and smart strategies to stop them. Learn how to protect your organization before it's too latesecure your spot today!The Enterprise Guide to Certificate Automation and Beyond Join our live demo to see how DigiCert ONE simplifies trust across users, devices, and software. Discover how to centralize certificate management, automate operations, and meet compliance demands while reducing complexity and risk. Whether for IT, IoT, or DevOps, learn how to future-proof your digital trust strategy. Don't miss outregister now! Cybersecurity ToolsAttackGen It is an open-source tool that helps organizations prepare for cyber threats. It uses advanced AI models and the MITRE ATT&CK framework to create incident response scenarios tailored to your organization's size, industry, and selected threat actors. With features like quick templates for common attacks and a built-in assistant for refining scenarios, AttackGen makes planning for cyber incidents easy and effective. It supports both enterprise and industrial systems, helping teams stay ready for real-world threats.Brainstorm It is a tool that makes web fuzzing more effective by using local AI models alongside ffuf. It analyzes links from a target website and generates smart guesses for hidden files, directories, and API endpoints. By learning from each discovery, it reduces the number of requests needed while finding more endpoints compared to traditional wordlists. This tool is perfect for optimizing fuzzing tasks, saving time, and avoiding detection. It's easy to set up, works with local LLMs like Ollama, and adapts to your target. GPOHunter - This tool helps identify and fix security flaws in Active Directory Group Policy Objects (GPOs). It detects issues like clear text passwords, weak authentication settings, and vulnerable GPP passwords, providing detailed reports in multiple formats. Easy to use and highly effective, GPOHunter simplifies securing your GPOs and strengthening your environment. Tip of the WeekDon't Let Hackers Peek into Your Cloud Cloud storage makes life easier, but it can also expose your data if not secured properly. Many people don't realize that misconfigured settings, like public folders or weak permissions, can let anyone access their files. This is how major data leaks happenand it's preventable.Start by auditing your cloud. Tools like ScoutSuite can scan for vulnerabilities, such as files open to the public or missing encryption. Next, control access by only allowing those who need it. A tool like Cloud Custodian can automate these policies to block unauthorized access.Finally, always encrypt your data before uploading it. Tools like rclone make it simple to lock your files with a key only you can access. With these steps, your cloud will stay safe, and your data will remain yours.ConclusionThe holidays are a time for celebration, but they're also peak season for cyber risks. Cybercriminals are more active than ever, targeting online shoppers, gift exchanges, and even festive email greetings. Here's how you can enjoy a secure and worry-free holiday: Wrap Your Digital Gifts with Security: If you're gifting smart gadgets, set them up with strong passwords and enable updates before wrapping them. This ensures your loved ones start safe from day one. Track Packages, Not Scammers: Be wary of fake delivery notifications. Use official apps or tracking links from trusted retailers to follow your shipments. Make Your Accounts Jolly Secure: Use a password manager to update weak passwords across your accounts. A few minutes now can save hours of frustration later. Game On, Safely: If new gaming consoles or subscriptions are on your list, make sure to activate parental controls and use unique account details. Gaming scams spike during the holidays.As we head into the New Year, let's make cybersecurity a priority for ourselves and our families. After all, staying safe online is the gift that keeps on giving.Happy Holidays, and here's to a secure and joyful season! Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Do retailers still face high levels of cyber risk in a world fraught with ransomware attacks year-round?

This is today's edition ofThe Download,our weekday newsletter that provides a daily dose of what's going on in the world of technology. Will we ever trust robots? The world might seem to be on the brink of a humanoid-robot heyday. New breakthroughs in artificial intelligence promise the type of capable, general-purpose robots previously seen only in science fictionrobots that can do things like assemble cars, care for patients, or tidy our homes, all without being given specialized instructions. Its an idea that has attracted an enormous amount of attention, capital, and optimism. Yet recent progress has arguably been more about style than substance. Advancements in AI have undoubtedly made robots easier to train, but they have yet to enable them to truly sense their surroundings, think of what to do next, and carry out those decisions in the way some viral videos might imply.But on the road to helping humanoid robots win our trust, one question looms larger than any other: How much will they be able to do on his own? And how much will they still rely on humans? Read the full story.James ODonnell This story is from the forthcoming magazine edition of MIT Technology Review, set to go live on January 6its all about the exciting breakthroughs happening in the world right now. If you dont already, subscribe to receive future copies. If youre interested in the future of robots, why not check out: + A skeptics guide to humanoid-robot videos. The right video can land a startup millions in investment and a devoted public following. But what do these videos really show? + Is robotics about to have its own ChatGPT moment? Read the full story.+ To be more useful, robots need to become lazier. Smarter data processing could make machines more helpful and energy-efficient in the real world. A good way to test this principle is robot soccer.The must-reads Ive combed the internet to find you todays most fun/important/scary/fascinating stories about technology. 1 Anduril is in talks to join forces with OpenAI and SpaceX The proposed consortium will bid for US government defense contracts in an attempt to disrupt the stranglehold of traditional suppliers. (FT $)+ Elon Musks DOGE project could encourage similar partnerships. (Reuters)+ We saw a demo of the new AI system powering Andurils vision for war. (MIT Technology Review)2 Robotaxi passengers are targets of a new kind of harassment Riders feeling unsafe are left without a human driver to intervene. (WP $)+ Whats next for robotaxis. (MIT Technology Review)3 This covid season is the most unpredictable yetDeaths are down. But that doesnt mean we should fully relax. (The Atlantic $)4 WhatsApp has won its legal case against NSO Group The messaging app claims its spyware exploited a bug to surveil users. (Reuters)+ The case has been five years in the making. (WP $)+ NSO Group argued it wasnt liable as its software was used to investigate crimes. (The Verge)5 Why Elon Musk is turning his attention to right-wing UK politics Hes looking beyond the White House to the more extreme end of British mainstream political parties. (The Guardian)+ How seriously should we take Elon Musk? (New Yorker $)+ Donald Trump reminded activists that hes President-elect, not Musk. (NBC News)+ But how useful Musk will continue to be for Trump remains to be seen. (The Atlantic $)6 YouTube is finally cracking down on egregious clickbaitThe platform has long rewarded the creators behind misleading videos. (NY Mag $) + Hated that video? YouTubes algorithm might push you another just like it. (MIT Technology Review)7 What happens when AI collides with crypto In the wake of the NFT boom, something even scammier is stirring. (The Information $)+ What happens to bitcoin now that skeptics have become believers? (The Atlantic $)+ Its still not clear how AI will affect the economy. (Bloomberg $)+ How to fine-tune AI for prosperity. (MIT Technology Review)8 Beware of AI scams over the holidaysFrom fraudulent text messages to sneakily targeted ads. (WSJ $) + Five ways criminals are using AI. (MIT Technology Review)9 The highs and lows of 2024s viral moments I wont be holding space for them. (The Guardian) 10 NASAs fastest probe is heading for the suns atmosphere Itll endure temperatures of over 2,500 degrees Fahrenheit on Christmas Eve. (Wired $)+ Itll be the closest any probe has ever come to the sun. (Engadget)Quote of the day "I don't hate these people. I just hate being in their stupid group." Jess, a participant in a group chat for aspiring musicians, tells Insider why leaving the group before the new year is a top priority. The big story How Indian health-care workers use WhatsApp to save pregnant women February 2023 Across India, an all-women cadre of 1 million community health-care workers are responsible for making public health care accessible to people from remote areas and marginalized communities. These workers counsel pregnant women and ensure they receive proper science-backed health care. Many are turning to WhatsApp as a means to combat the medical misinformation that is rampant across the country and to navigate sensitive medical situations, particularly regarding pregnancy. Their approach has surprisingly good results. Read the full story. Sanket Jain We can still have nice things A place for comfort, fun and distraction to brighten up your day. (Got any ideas? Drop me a line or tweet 'em at me.) + Back in 2009, Rage Against the Machine reached Christmas number one in the UK music charts. Heres what happened when they were asked to censor their lyrics live on the BBC.+ Ever wished more films were like Home Alone? Youre in luck.+ How to make the perfect latke.+ No one has ever seen a flying reindeer. But that doesnt mean its a theoretical impossibility.

A multidisciplinary team, including McGregor Coxall, Haworth Tompkins, Studio Egret West, dRMM, Buro Happold, and Metropolitan Workshop, is working on plans to transform the former GSK headquarters in Brentford into a mixed-use neighbourhoodSource: Google Street ViewThe former GSK site in BrentfordA high-profile team of architects, landscape designers, and consultants has been appointed to progress a masterplan for the redevelopment of the former GSK headquarters at 980 Great West Road, Brentford.Led by client, Hadley Property Group, the project team includes landscape architects McGregor Coxall, whose work will focus on climate-resilient public spaces, and plot architects Haworth Tompkins, Studio Egret West, dRMM, and Metropolitan Workshop. Buro Happold and other consultants are contributing to the schemes engineering and planning strategies.This follows Hadleys recent completion of the purchase of the 13-acre site, which GSK vacated earlier this year to relocate to central London. The pharmaceutical company had marketed the site after over 20 years of occupation.The redevelopment seeks to establish a mixed-use neighbourhood including residential, alongside commercial, community, educational, and third-sector spaces.The plans aim to improve connections between Brentford town centre and areas north of the Great West Road, introducing pedestrian- and cycle-friendly routes and enhancing access to the nearby park and river.Initial co-design sessions with the local community have taken place, and public consultations are now underway. A planning application is expected to be submitted in 2025.Andy Portlock, CEO of Hadley Property Group, said: For many years, the site has been a key marker for those travelling in and out of West London, yet it hasnt connected with the local community. Reimagining it is a responsibility we take very seriously. We are committed to delivering on our sustainability pledges and our vision to deliver genuine community-led regeneration across London.The acquisition of the site was funded by Peterson Group and BGO, with advisory from Pennyhill Capital.

Login or SUBSCRIBE to view this storyExisting subscriber? LOGINA subscription to Building Design will provide:Unlimited architecture news from around the UKReviews of the latest buildings from all corners of the worldFull access to all our online archivesPLUS you will receive a digital copy of WA100 worth over 45.Subscribe now for unlimited access.Subscribe todayAlternatively REGISTER for free access on selected stories and sign up for email alerts

After back-to-back delays, the IRS will move forward with a new tax-reporting rule for freelancers who are paid through third-party apps. If you made $5,000 or more throughPayPal, Venmo, Cash App or a similar platform, the IRS will now require these companies to issuetax form 1099-Kdetailing your earnings.This isn't a new tax rule; it's a taxreportingchange. If youearn freelance or self-employment income, you should already be reporting and paying taxes on your total earnings, even if you don't receive a 1099. The IRS is simply switching the reporting requirement to payment apps so it can keep tabs on transactions that might otherwise go unreported. This story is part of Taxes 2025, CNET's coverage of the best tax software, tax tips and everything else you need to file your return and track your refund. "The taxation and tax treatment requirements for taxpayers has not changed," said Mark Steber, chief tax information officer for Jackson Hewitt. "This taxable income has always been considered by the IRS to be taxable and should be reported on a tax return." CNETThe IRS will only require third-party apps to report income earned the tax agency isn't interested in the money you've sent to your family or friends to pay rent or split a dinner bill.If you earned $5,000 or more through third-party payment apps this year, you should receive a 1099-K to use to report your income when youfile your tax returnin 2025. Here's everything you need to know about this reporting change.What is a 1099-K?A 1099-K is a tax form that reports income received via a third-party payment platform from a non-permanent job, such as a side hustle, freelance agreement or contractor position where taxes are not withheld.The IRS currently requires anythird-party payment apps like Cash App and Venmo to send a 1099-K to the IRS and individuals if they earned more than $20,000 in commercial payments across more than 200 transactions. If you regularly make over $20,000 in freelance income, are paid through Venmo, and receive more than 200 transactions in payments, you may have received a 1099-K tax form before.What is the IRS's new 1099-K rule?Under new reporting requirements first announced in the American Rescue Plan, third-party payment apps will eventually be required to report earnings over $600 to the IRS."Prior to 2024, the earnings threshold was $20,000 and 200 transactions to receive a 1099-K tax document," said Steber.For your 2024 taxes (which you'll file in 2025), the IRS is planning a phased rollout, requiring payment apps to report freelancer and business ownerearnings over $5,000 instead of $600. The hope is that raising the threshold will reduce the risk of inaccuracies while also giving the agency and payment apps more time to work toward the eventual $600 minimum.Why was the third-party payment app tax rule delayed?Originally set to kick off at the beginning of 2022, the IRS planned to implement a new reporting rule that would require third-party payment apps, likePayPal, Venmo or Cash App to report income of over $600 or more per yearto the tax agency. The IRS has delayed this new reporting requirement in 2022 and again in 2023.Why? Distinguishing between taxable and nontaxable transactions through third-party apps isn't always easy. For example, money your roommate sends you through Venmo for dinner is not taxable, but money received for a graphic design project might be. The delayed rollout gave payment platforms more time to prepare."We spent many months gathering feedback from third-party groups and others, and it became increasingly clear we need additional time to effectively implement the new reporting requirements," said IRS Commissioner Danny Werfel in aNovember 2023 statement.Which payment apps are required to send 1099-Ks?All third-partypayment apps where freelancers and business owners receive income are required to begin reporting transactions involving you to the IRS in 2024. Some popular payment apps include PayPal, Venmo and Cash App. Other platforms freelancers may use, such as Fivver or Upwork, are also on the hook to begin reporting payments that freelancers receive throughout the year.If you earn income through payment apps, it's a good idea to set up separate PayPal, Cash App or Venmo accounts for your professional transactions. This could prevent nontaxable charges -- money sent from family or friends -- from being included on your 1099-K in error.Zelle users will not receive a 1099-KThere's one popular payment app that's exempt from the 1099-K rule. Payment transfer service Zelle will not be issuing 1099-Ks, regardless of whether you receive business funds through the service or not. That's because Zelle doesn't hold your funds in an account, like PayPal, Venmo or Cash App do, and instead is used as a way to transfer money between bank accounts. If you are paid for your freelance or small business services through Zelle, it's your responsibility to report all income on Schedule C of your tax return.Is the IRS taxing money you send to family or friends?No. Rumors have circulated that the IRS was cracking down on money sent to family and friends through third-party payment apps, but that isn't true. Personal transactions involving gifts, favors or reimbursements are not considered taxable. Some examples of nontaxable transactions include:Money received from a family member as a holiday or birthday giftMoney received from a friend covering their portion of a restaurant billMoney received from your roommate or partner for their share of the rent and utilitiesPayments that will be reported on a 1099-K must be flagged as payments for goods or services from the vendor. When you select "sending money to family or friends," it won't appear on your tax form. In other words, that money from your roommate for her half of the restaurant bill is safe."This is only for self-employment income," said Steber. "You should not receive a 1099-K for personal transactions but be aware that some platforms could accidentally include personal transactions in the 1099-K and that will need to be corrected on the users tax return."Will you owe taxes if you sell items on Facebook Marketplace or Poshmark?If you sell personal items for less than you paid for them and collect the money via third-party payment apps, these changes won't affect you. For example, if you buy a couch for your home for $500 and later sell it on Facebook Marketplace for $200, you won't owe taxes on the sale because it's a personal item you've sold at a loss. You may be required to show documentation of the original purchase to prove that you sold the item at a loss.If you have a side hustle where you buy items and resell them for a profit via PayPal oranother digital payment app, then earnings over $5,000 will be considered taxable and reported to the IRS in 2024.Make sure to keep a good record of your purchases and online transactions to avoid paying taxes on any nontaxable income -- and when in doubt, contact a tax professional for help.What should you do to prepare for this reporting change?Any payment apps you use may ask you to confirm your tax information, such as your employer identification number, individual tax identification number or Social Security number. If you own a business, you most likely have an EIN, but if you're a sole proprietor, individual freelancer or gig worker, you'll provide an ITIN or SSN.In some cases,receiving a 1099-K may take some of the manual work out of filing your self-employment taxes.Once this rule takes effect, you may still receive individual 1099-NEC forms if you were paid through direct deposit, check or cash. If you have multiple clients who pay you through PayPal, Venmo, Upwork or other third-party payment appsand you earn more than $5,000, you'll receive one 1099-K instead of multiple 1099-NECs.To avoid any reporting confusion, make sure you're tracking your earnings manually or with accounting software such as Quickbooks.More money advice