0 Σχόλια
·0 Μοιράστηκε
·121 Views
Κατάλογος
-
Marvel Rivals Players Are Risking Account Bans to Mod the Game Even After Season 1 Clampdownwww.ign.comMarvel Rivals players are risking having their accounts banned by continuing to use mods even after a clampdown with the release of Season 1.Ever since Marvel Rivals hugely successful December launch players have used mods to create custom skins despite concern over account bans. Popular mods include turning Iron Man into Vegeta from Dragon Ball and Mantis into a goth. Theres even a mod that turns Jeff the Land Shark into Pochita from Chainsaw Man.Last week, alongside the launch of the Fantastic Four and Season 1, Marvel Rivals added a secret mod restriction in the form of asset hash checking. At the time, developer NetEase told IGN that the games terms and conditions prohibit mods as well as cheats, bots, hacks, or any other unauthorized third-party software. NetEase had already warned Marvel Rivals players that using mods might cause problems, and reinforced that message in a statement to IGN: "It is not recommended to modify any game files, as doing so carries the risk of getting banned."However, it seems some are undeterred. A workaround was discovered and is now widely circulating online and, while it involves more steps than previously, is manageable for most PC players.Modder Prafit, who uploaded their workaround to Nexus Mods, issued a warning to players: Use at your own risk, Prafit said in the description of the mod.By using this you are actually circumventing a system that was created to stop us from modding on the Season 1 patch start. No-one knows if NetEase will ban you, but they have never issued permabans as far as we know.Now, new mods have sprung up that take advantage of the addition of Fantastic Four characters. For example, Ercuallo's mod turns Mister Fantastic into Luffy from the manga One Piece. According to stats from Nexus Mods, this Luffy mod has already been downloaded over 5,000 times in the two days since launch.The question Marvel Rivals modders and those who continue to use them is whether NetEase will actually ban players, as its threatened to. The community has yet to unearth an example of a player who has been banned for using mods, but workarounds may spark further action.Why would NetEase want to ban mods? Apart from the potential lost revenue associated with the sale of skins and potential intellectual property concern, mods may affect the balance of gameplay or even the performance of the game itself. Indeed, modder Prafit said that their temporary workaround should only be used by those with a beefy PC.In the meantime, check out the Marvel Rivals Season 1 patch notes, and official stats that reveal Marvel Rivals' pick and win rates in Quickplay and Competitive modes for Season 0. And keep an eye on the latest Marvel Rivals codes for free skins, and vote on the strongest Marvel Rivals characters in our community tier list.Image credit: @Ercuallo.Wesley is the UK News Editor for IGN. Find him on Twitter at @wyp100. You can reach Wesley at wesley_yinpoole@ign.com or confidentially at wyp100@proton.me.0 Σχόλια ·0 Μοιράστηκε ·99 Views
-
Benicio del Toros The Wolfman 2010 Deserves More Creditwww.denofgeek.comAny good werewolf yarn, and plenty of bad ones, will tell you the line between man and beast is thinner than we care to admit. The same holds true for greatness and greatly missed opportunities. So much of film history is littered with stories of happy accidents and serendipitous choices that proved the difference between obscurity and an eternity of critical adulation.Unfortunately, there are far more examples of movies where those fortuitous twists of fate didnt occur, or they perhaps went the other way. Worse still is when the press gets wind of gusts blowing in the wrong direction. Such was the fate of 2010s now all but forgotten The Wolfman remake starring Benicio del Toro and Anthony Hopkins. Before the film was releasedand before it was even shotword on the street was that a disaster was imminent. After all, director Joe Johnston (The Rocketeer, Jumanji) agreed to step in at the 11th hour of preproduction after the more prestigious One Hour Photo helmer, Mark Romanek, left the project under a cloud of acrimony.We will not speculate as to what Romaneks version of The Wolfman might have looked like, but it is clear the one we got in 2010 after a hefty delay was compromised by studio second-guessing and with the scent of blood in the water. Even if the production had gone swimmingly, and the reviews were good, a Gothic period film budgeted at $100 million would be a tough sell. With reshoots it had ballooned to $150 million, and the critical knives were out.To be clear, The Wolfman is not a misunderstood classic of its genre. There are significant issues with its pacing, heavy emphasis on tacky jump scares, and even casting choices that hold it back And yet, if you actually revisit it 15 years later, or just squint, plenty of it still works, especially whenever del Toro is under the influence of legendary makeup artist Rick Bakers furry handiwork. At times, this movie rips, complete with nearly all the sumptuous and dazzling craftsmanship of some of the greatest Gothic hits of the then-recent 1990s.If a few key choices had just guided The Wolfman slightly to the left, or just a little to the right, it very well might have stood side by side with some of its biggest influences, chiefly Francis Ford Coppolas DraculaSleepy Hollow (1999). As it stands, the film still has enough bite to be worthy of a rewatch for a certain breed of horror aficionado who likes their red meat served with exquisite presentationand a side of ham.A Visual FeastRick Baker was the first makeup artist to win an Oscar for Best Makeup and Hairstyling. Beforehand it had simply been a special award handed out to a few undeniable achievements in the craft (1964s 7 Faces of Dr. Lao and 1968s The Planet of the Apes). The Academy picked a good year to start letting artists compete annually for the prize since Baker won for the greatest werewolf transformation of all time in An American Werewolf in London (1981).All bestial features and quadrupedal shapes, Bakers first werewolf was intentionally as far removed as possible from the iconic Wolf Man design in the original 1941 movie. It was a conscious choice to escape The Wolf Mans shadow, but it didnt mean Baker or American Werewolfs director, John Landis, lacked affection for the Lon Chaney Jr. classic. In fact, they were huge fans. And the O.G. Wolf Man makeup artist, Jack Pierce, also masterminded the appearance of Boris Karloffs Frankenstein Monster, Mummy, and a myriad other iconic Universal Monsters. He was an idol to Baker.So it was again fitting that Baker won his seventh and final Oscar for The Wolfman (2010), a film that acted as Bakers homage and salute to those boyhood days of watching Jack Pierces work on a 1950s television set. Bakers Wolfman design on Benicio del Toros face remains a stunning tour de force. Mimicking Pierces now bemusing yak fur and fuzzy beard, Baker created a mask around del Toros countenance that was both old school and a departure from everywhere cinema has been headed since the 1990s. The Wolfman, indeed, opened two months after Avatars virtual wall-to-wall sea of CGI.The deliberately retro throwback nature of Bakers work was dinged in some reviews in 2010, but its aged like a cozy fur blanket. And not only because of the Oscar it won. Bakers Wolfman may very well go down as the most sophisticated and ferocious rendering of the werewolf ideal which defined nearly half a century of horror movies between The Wolf Man 41 and An American Werewolf in London.Whether it was Oliver Reed or Michael Landon, all the great werewolves of cinema yore were emulating what Pierce and Chaney achieved. But arguably Baker is the first to improve on it by rekindling the iconic Universal Monsters look while also heightening its Gothic menace. The claws are longer, the teeth sharper, the clothes tattered, but the eyes stay expressively, and painfully, human. That is courtesy of del Toros greatest asset as an actor being left unaltered by Baker.Its a triumph in horror design and one of the many impressive technical choices made on this picture, for The Wolfman 2010 remains a visual feast of viscera and craft. When you go below the line, its clear the filmmakers and artisans on the project sought to honor the past, and not just of Universal Pictures. Theres also a Hammer Studios-inspired level of fiendishness about the gore in the movie, albeit without fear of 1960s British censorship.Join our mailing listGet the best of Den of Geek delivered right to your inbox!The worldbuilding, meanwhile, seems to intentionally invite placement in the same Gothic setting conjured in Coppolas Dracula. The cinematography by Shelly Johnson bathes almost all of the night scenes in an impossibly bright moonlight. Eschewing the naturalism sought by most modern period piece films, The Wolfman exists in a horror Neverland where everything is cast in a pale light that at times almost renders its characters of marble and ivory that is before theyre drenching in red.Priscilla Johns costumes are similarly impressive, offering a little more historical influence to seep into Universal Monsters typical iconography, such as emphasizing the furs and pelts adorned by Anthony Hopkins big Sir John Talbot, who in this film is a former Victorian great white hunter gone to seed. Emily Blunt and del Toros mournfully British overcoats and hats are similarly exquisite. They all give the films production a stately grandeur that echoes old school monster movies, even as it replicates them with a style and budget far exceeding what were World War II cheapies by the time Chaneys original Wolf Man came along.The movie is simply fun to look at. Its also easy on the ears thanks to Danny Elfmans lushly romantic score.An (Almost) Oedipal TragedyThe technical merits of The Wolfman are undeniable, but they need to be in service to a story that grabs the viewer. This is where the 2010 movieThe Wolfman attempts to add psychological complexity to the 1941 classic while also mimicking Walkers success of turning Washington Irvings early American fairy tale, The Legend of Sleepy Hollow, into a murder mystery whodunit.Hence The Wolfman 2010 opening with the hunting accident only alluded to in the 41 film which caused an estranged and highly Americanized son named Lawrence Talbot to return home to a cold house on the moors. In the new movie, Lawrences older brother is clearly slaughtered by a werewolf in an opening prologue. And the beasts arrival on his fathers lands draws Lawrence back for a funeral and a hope to find the murderer. Of course one look at Anthony Hopkins sinister and delicious interpretation of Sir John robs the movie of any mystery about who the werewolf in town is (at least until the enigmatic beast bites and curses poor Larry too).At its heart, The Wolfman (2010) wishes to be an Oedipal tragedy as defined by Freud. Sir John and Lawrence are not only estranged from their years apart but also by a sense of primal rivalry. Hinted in the script to have been a strict disciplinarian (or toxically masculine in the modern parlance), Sir John is suggested to have verbally and perhaps physically abused Lawrence, the fragile one. We also later learn he sent Lawrence away to a mental institution as a child after the boy saw his father as a werewolf.Indeed, Sir John is revealed to have spent the last 30 years or so as a lupine who would lock himself away in the crypt of his wife, and Lawrences mother, during each full moon. But after his eldest son, who we never really meet, becomes engaged with Gwenlyth Conliffe (Blunt), a woman who looks exactly like the raven-haired Romani whom Sir John married, and whose portrait hangs over his fireplace, the id inside of Sir Johns subconscious gained the upper-hand. He let the beast run free one full moon and it killed his eldest son. The next full moon, we get a front row seat to it damning the boy to a life of werewolfery.The film culminates in Freudian nightmare after Lawrence, who has taken up a romantic connection with Gwen over the several months the movie is set, is forced to indulge his own id. The climax of the film isnt whether the Wolfman will kill the girl, though that sequence from the 41 flick is repeated with loving affection; its father and son letting their freak flags fly and demons out. When Lawrences werewolf finally slaughters his fathers lupine alter-ego, it is in the burning ruins of the family home and beneath a portrait of the dead mother/wife. Gwen is a surrogate for the woman they both jealously commit murder over.It is a thematically rich conceit, but one which in execution is muddled. Some of that is perhaps because Johnston lacked a firm hand on Hopkins, who eagerly chews the scenery of every talky scene (of which there are many). Hopkins indeed snarls, chuckles, and literally winks at the camera in one bit after he tells his actor-son that it is up to him to decide if he wants to be or not to be.Yet in something as naturally melodramatic and heightened as The Wolfman story, Hopkins hamminess is not unwelcome. It might even have fit well on a Victorian stage where Freudian interpretations of the id and super-ego really were getting the center spotlight via adaptations of Dr. Jekyll and Mr. Hyde and Frankenstein. It also fills a void left by del Toro.It hurts to come down too harshly on Benicio del Toro, who is one of the best actors of his generation and also such an admirer of the original Lon Chaney Jr. movie that he became the one to convince Universal to remake Wolf Man as a lavish, R-rated horror movie. However, his naturalistic instincts and tendency to dramatically underplay every line is anathema to a story as melodramatic and florid as Wolfman.Whereas every scene del Toros Lawrence has with Blunt or even Hugo Weaving as a Scotland Yard detective shows his co-stars finding the right keys for such earnestly overwrought material, del Toros introverted tendencies cause Lawrence to fade into the production design instead of anchoring it with tragedy. And opposite Hopkins twinkling malevolence, he all but disappears.The lack of a compelling tragic hero also makes the films other flaws more glaring, including that despite Johnston enjoying classical Hollywood instincts, as demonstrated in the wonderful The Rocketeer and the similarly nostalgic Captain America: The First Avenger, his understanding of horror-building is off. The film is far too reliant on jump scares saying boo in absence of establishing genuine dread. And when the directors cut runs at over two hours, this becomes a substantial problem.Read more But When It Rips, It RoarsThe Wolfman of 2010 is a flawed movie that never quite stands at the heights it comes so close to conquering. Nonetheless, there is still a highly entertaining spectacle for audience members of a specific disposition.Once again, the film is gorgeous to look at in nearly every moment. The drawing room scenes may not emotionally ensnare you, but the werewolf attacks are a different animal entirely. What the film lacks in terror it makes up for with pure schlocky adrenaline and spectacle in its best set pieces.Pretty much every post-transformation scene where del Toro is in the full makeup is powered by a giddy gruesomeness. Its playing to everyone who watched the old Universal and Hammer movies and cheered when the monster made its kills. Johnston shoots the first sequence where Baker and del Toros werewolf literally disembowels and eviscerates the local superstitious townsfolk with the glee of Superman taking flight.And the centerpiece of the moviewhere poor Lawrence is tied up in a straight jacket and taunted by men of science in a London asylum on the night of a full moonis a classic setup of anticipation followed by swift dopamine delivery. For about 10 minutes these psychologists and white coats have tortured and condescended to our protagonist, and they literally laugh in his face when he begs them to kill him before he transforms. Its as unsubtle as an old Vincent Price movie, but unlike those, we arent expected to shudder at the ensuing horror. Instead we revel in it as the werewolf literally eats his tormentors alive and then is unleashed on London in a cyclical homage to American Werewolfs own tribute to the first Wolf Man.Its a pure play to the most base, lurid appeal of so many horror stories. Rather than hoping to scare you, it courts the lizard (or wolf) brain within, admitting so many of these monster movies are at their most entertaining when the monster is unchained.It is not the stuff of classic cinema, and certainly not elevated horror. But in fleeting moments, it is wildly entertaining for the type of genre connoisseur who can appreciate old Johnny Talbots best bit of advice to his son: The beast will have its day. The beast will out.0 Σχόλια ·0 Μοιράστηκε ·116 Views
-
Dynasty Warriors: Origins Truly Reinvents a Decades-Long Seriesnews.xbox.comDynasty Warriors is comfort food for me Omega Forces long-running series tells the same kingdom-spanning tale in with each instalment, always aiming to deliver on its 1v1000 combat conceit with each new game. Discovering the series with Dynasty Warriors 2, Ive returned again and again over the last 25 years to see this huge cast of characters play their part in the same epic tale developing favorites (hello, Guan Yu) along the way by sheer weight of time spent with them.So it was with some curiosity that I started playing the 10th mainline instalment. The title tells you what you need to know Dynasty Warriors: Origins is going back to basics, a reinvention that goes beyond the incremental changes fans have been used to from most new versions of this series.For a start, Origins tells a deeper, more focused story in fact only telling the first half of the tale were used to, but with far more detail added along the way. Dynasty Warriors games series typically begin with players crushing the Yellow Turban Rebellion, a battle that sets the Romance of the Three Kingdoms the semi-fictionalized historical tale of ancient China the games are based on in motion. But Origins first chapter shows us the Yellow Turbans faction forming, becoming corrupted, and then being taken down. Its an origin story for, well, the series traditional origin story.As part of that, were also introduced to a brand new protagonist (who you can name); an amnesiac travelling warrior with a past thats slowly revealed as you play. Youll spend the majority of Dynasty Warriors: Origins playing as this character perhaps the biggest marker that this game is making a major change. Where Dynasty Warriors games have previously had players pick from dozens of officers from across the many factions in this tale, youre now leading this single character through a story that puts you on path to meet those familiar faces (some of whom will be playable along the way).Its a bold choice, worthy of a game looking to shake things up, and it certainly lends a different feeling to proceedings. While Origins drops the open world format of 2018s Dynasty Warriors 9, having a single main character allows the developers to craft a more mutable Story Mode. Rather than moving from battle to battle with cutscenes in between, youre now placed in an overworld between main levels, able to explore, find secrets, tinker with your loadout, meet and befriend officers, and take part in skirmishes to level up.All of this speaks to a renewed focus on how combat works in Dynasty Warriors. While fans will be pleased to know that the bones of its classic hack n slash action remain in place, theres far more nuance on show here. Blocks, parries, and evades are far more necessary when taking on enemy bosses, miniature puzzle elements have been introduced to certain battles, and customizable Battle Art special abilities let you tinker with your playstyle for every weapon type. This feels less like an experiment for an experiments sake, and more like a confident step forward Im still getting the familiar feeling of being, effectively, a 2nd-Century superhero, but the added level of thought required for each one-on-one fight along the way is meaningfully different.And its that balance between old and new that defines Origins approach this is recognizably Dynasty Warriors, but with new ideas slotted in place among that familiar framework. To put it another way its still my comfort food, but with new ingredients.DYNASTY WARRIORS: ORIGINSKOEI TECMO AMERICA$69.99Pre-orderPre-order bonus: Protagonist's costume "Nameless Warrior Garb"A "Wo Long: Fallen Dynasty" collaboration costume that can be worn in the game.Note: Please be aware that this bonus may become available for purchase or for free at a later date.Early purchase bonus: Early Works Soundtrack Collection (Digital Edition)A soundtrack featuring a total of 191 original music tracks from the series, including background music from titles spanning from "DYNASTY WARRIORS 2" to "DYNASTY WARRIORS 5 Empires," as well Omega Force's first title, "DYNASTY WARRIORS." The soundtrack can be played by accessing the main menu, Special Content, and then Music, and selecting "Early Works Soundtrack Collection."Note: The early purchase bonus will be available for those who pre-order or who purchase the game by January 30, 2025. The soundtrack includes content that is also available for purchase on music streaming sites. Please be aware that the bonus may become available for purchase or for free as add-on content for this title at a later date.Become immersed in exhilarating battles as a nameless hero in the Three Kingdoms. The most exhilarating action in the series' historyTension-filled battlefields where you clash against massive armies stretching as far as the eye can see. How will you handle the onslaught of enemies? Your military prowess will serve you well as you fight in tandem with your allies in tactical battles unique to the "DYNASTY WARRIORS" franchise and experience the most exhilarating action in the series' history. A new version of the Three Kingdoms from the perspective of an original protagonistThe story of the Three Kingdoms is set in the vast mainland of China where the convictions of different heroes intersect. Experience this magnificent and alluring world through the eyes of the original protagonist, a "nameless hero."Note: The product "DYNASTY WARRIORS: ORIGINS Digital Deluxe Edition" is also being sold. Please confirm that you have selected the correct product before making your purchase.Note: Images are taken from an in-development build. The final product may differ from the footage shown.Note: If an add-on finishes installing while the game is running, it will become available after you return to the title screen.0 Σχόλια ·0 Μοιράστηκε ·96 Views
-
THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]thehackernews.comThe cyber worlds been buzzing this week, and its all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect yourself. In this recap, well break down whats happening, why it matters, and what you can do to stay secure.Lets turn awareness into action and keep one step ahead of the threats. Threat of the WeekCritical Ivanti Flaw Comes Under Exploitation A newly discovered critical security vulnerability in Ivanti Connect Secure appliances has been exploited as a zero-day since mid-December 2024. The flaw (CVE-2025-0282, CVSS score: 9.0) is a stack-based buffer overflow bug that could lead to unauthenticated remote code execution. According to Google-owned Mandiant, the flaw has been exploited to deploy the SPAWN ecosystem of malware the SPAWNANT installer, SPAWNMOLE tunneler, and the SPAWNSNAIL SSH backdoor as well as two other previously undocumented malware families dubbed DRYHOOK and PHASEJAM. There is a possibility that multiple threat actor groups, including the China-linked UNC5337, are behind the exploitation. Top NewsMicrosoft Pursues Legal Action Against Hacking Group Microsoft said it's taking legal action against an unknown foreign-based threat-actor group for abusing stolen Azure API keys and customer Entra ID authentication information to breach its systems and gain unauthorized access to the Azure OpenAI Service with the goal of generating harmful content that bypasses safety guardrails, as well as monetizing that access by offering it to other customers. It accused three unnamed individuals of creating a "hacking-as-a-service" infrastructure for this purpose.Exploitation Attempts Recorded Against GFI KerioControl Firewalls Threat actors are actively attempting to exploit a recently disclosed security flaw impacting GFI KerioControl firewalls that, if successfully exploited, could allow malicious actors to achieve remote code execution (RCE). The vulnerability, CVE-2024-52875, is a carriage return line feed (CRLF) injection that could result in a cross-site scripting (XSS) attack. Attempts to exploit the vulnerability commenced around December 28, 2024.Updated EAGERBEE Malware Targets the Middle East Internet service providers (ISPs) and governmental entities in the Middle East have been targeted using an updated variant of the EAGERBEE (aka Thumtais) malware framework. The new variant is capable of deploying additional payloads, enumerating file systems, and executing command shells. It can also manage processes, maintain remote connections, manage system services, and list network connections.Southeast Asia Comes Under Mustang Panda Attacks Several entities in Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia have been targeted by the China-nexus Mustang Panda threat actor to deliver a customized version of the PlugX backdoor between July 2023 and December 2024. The attacks involve the use of Windows Shortcut (LNK), Windows Installer (MSI), and Microsoft Management Console (MSC) files, likely distributed via spear-phishing, as the first-stage component to trigger the infection chain, ultimately leading to the deployment of PlugX using DLL side-loading techniques.U.S. Government Formally Unveils Cyber Trust Mark The U.S. government announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for Internet-of-Things (IoT) consumer devices that details the support period as well as the steps users can take to change the default password and configure the device securely. Eligible products that come under the purview of the Cyber Trust Mark program include internet-connected home security cameras, voice-activated shopping devices, smart appliances, fitness trackers, garage door openers, and baby monitors. Trending CVEsYour favorite software might be hiding serious security cracksdont wait for trouble to find you. Update now and stay one step ahead of the threats!This weeks list includes CVE-2024-8474 (OpenVPN Connect), CVE-2024-46981 (Redis), CVE-2024-51919, CVE-2024-51818 (Fancy Product Designer plugin), CVE-2024-12877 (GiveWP Donation Plugin and Fundraising Platform), CVE-2024-12847 (NETGEAR DGN1000), CVE-2025-23016 (FastCGI fcgi2), CVE-2024-10215 (WPBookit plugin), CVE-2024-11350 (AdForest theme), CVE-2024-13239 (Drupal), CVE-2024-54676 (Apache OpenMeetings) CVE-2025-0103 (Palo Alto Networks Expedition), CVE-2024-53704 (SonicWall SonicOS), CVE-2024-50603 (Aviatrix Controller), CVE-2024-9138, and CVE-2024-9140 (Moxa). Around the Cyber WorldPastor Indicted for "Dream" Solano Fi Project Francier Obando Pinillo, a 51-year-old pastor at a Pasco, Washington, church, has been indicted on 26 counts of fraud for allegedly operating a cryptocurrency scam that defrauded investors of millions between November 2021 and October 2023. Pinillo is said to have used his position as pastor to induce members of his congregation and others to invest their money in a cryptocurrency investment business known as Solano Fi. He claimed the idea for the scheme had "come to him in a dream." According to the U.S. Department of Justice (DoJ), "rather than investing funds on victims' behalf as he had promised, Pinillo defrauded victims into making cryptocurrency transfers into accounts he designated, then converted the victims' funds to himself and his co-schemers." Pinillo has also been accused of convincing investors to recruit other investors in exchange for additional returns for each new investor they recruited. The fraud charges carry a maximum sentence of up to 20 years in prison. The defendant is estimated to have targeted at least 1,515 customers in the U.S., netting him $5.9 million in illicit profits. The development comes as a Delaware man, Mohamed Diarra, pleaded guilty to his participation in a widespread international sextortion and money laundering scheme from May 2020 and through December 2022. "Diarra conspired with co-conspirators in Cte d'Ivoire who sextorted victims and utilized a network of Delaware-based 'money mules,' including Diarra, to assist with laundering the victims' illegally obtained funds," the DoJ said. He faces a maximum penalty of 20 years in prison. In recent months, the DoJ has also prosecuted Robert Purbeck; Kiara Graham, Cortez Tarmar Crawford, and Trevon Demar Allen; and Charles O. Parks III in connection with extortion, SIM-swapping, and cryptojacking operations, respectively.Washington State Sues T-Mobile Over 2021 Data Breach The U.S. state of Washington has sued T-Mobile over allegations the phone giant failed to secure the personal data of more than 2 million state residents prior to an August 2021 data breach, which went on to affect more than 79 million customers across the country. The lawsuit asserted that "T-Mobile knew for years about certain cybersecurity vulnerabilities and did not do enough to address them" and that the company "misrepresented to consumers that the company prioritizes protecting the personal data it collects." The complaint noted that T-Mobile "used weak credentials" on accounts for accessing its internal systems and did not implement rate-limiting on login attempts, thus allowing the attackers to brute-force the credentials without locking the employee accounts in question. A year after the incident, T-Mobile agreed to pay $350 million to settle a class-action lawsuit. John Binns, an American citizen living in Turkey, took credit for the attack. He was subsequently arrested in May 2024 for his participation in the Snowflake extortion campaign.Telegram Complies With More User Data Requests Following CEO Arrest Telegram has been increasingly sharing user data at the request of law enforcement authorities following the arrest of its CEO Pavel Durov last year, according to information compiled from its periodic transparency reports. India, Germany, the U.S., France, Brazil, South Korea, Belgium, Spain, Poland, and Italy accounted for the top 10 countries with the most number of requests. Days after his arrest, Telegram promised to make significant improvements in an effort to tackle criticisms about the lack of oversight and the abuse of the platform for illicit activities. It also pledged to provide the IP addresses and phone numbers of users who violate rules in response to valid legal requests. Despite the policy changes, Telegram continues to be a major hub for cybercriminals to carry out their operations due to its "established" user base and functionality. "While Signal, Discord, and other alternative platforms are used by cybercriminals, it doesnt appear they will fully replace Telegram in the future, and rather serve as additional methods for threat actors to perform malicious activities," KELA said last month.MLOps Platforms Could Become a New Attack Target As companies rush to leverage artificial intelligence (AI) applications, MLOps platforms used to develop, train, deploy and monitor such applications could be targeted by attackers, allowing them to not only gain unauthorized access, but also impact the confidentiality, integrity and availability of the machine learning (ML) models and the data they provide. Such actions could permit an adversary to perform a model extraction attack, poison or access training data, and bypass AI-based classification systems. "The increased usage of MLOps platforms to create, manage and deploy ML models will cause attackers to view these platforms as attractive targets," IBM X-Force said. "As such, properly securing these MLOps platforms and understanding how an attacker could abuse them to conduct attacks such as data poisoning, data extraction and model extraction is critical."Popular Windows Applications Vulnerable to WorstFit Attack Several Windows-based applications such as curl.exe, excel.exe, openssl.exe, plink.exe, tar.exe, and wget.exe have been found susceptible to a brand-new attack surface called WorstFit, which exploits a character conversion feature built into Windows called Best-Fit. Taiwanese cybersecurity company DEVCORE said the Best-Fit conversion is designed to handle situations where the operating system needs to convert characters from UTF-16 to ANSI, but the equivalent character doesn't exist in the target code page. That said, this "unexpected character transformation" could be harnessed to achieve path traversal and remote code execution via techniques such as filename smuggling, argument splitting, and environment variable confusion. "As for how to mitigate such attacks, unfortunately, since this is an operating system-level problem, similar issues will continue to reappear until Microsoft chooses to enable UTF-8 by default in all of their Windows editions," researchers Orange Tsai and Splitline Huang said. In the meantime, developers are recommended to phase out ANSI and switch to the Wide Character API. Expert WebinarFuture-Ready Trust: Manage Certificates Like Never Before Managing digital trust shouldnt feel impossible. Join us to discover how DigiCert ONE transforms certificate managementstreamlining trust operations, ensuring compliance, and future-proofing your digital strategy. Dont let outdated systems hold you back. Reserve your spot today and see the future of trust management in action!..AI in CybersecurityGame-Changer or Hype? Is AI the future of cybersecurity or just another buzzword? Find out as 200 industry experts share real-world insights on AI-driven vulnerability management and how it can strengthen your defenses. Cut through the noise and gain strategies you can use right now. Secure your spot today. Cybersecurity ToolsMLOKit Its a MLOps attack toolkit that leverages REST API vulnerabilities to simulate real-world attacks on MLOps platforms. From reconnaissance to data and model extraction, this modular toolkit is built for adaptabilityempowering security pros to stay ahead.HackSynth It's an AI-powered agent designed for autonomous penetration testing. With its Planner and Summarizer modules, HackSynth generates commands, processes feedback, and iterates efficiently. Tested on 200 diverse challenges from PicoCTF and OverTheWire. Tip of the WeekKnow Your Browser Extensions Your browser is the heart of your online activityand a prime target for cyber threats. Malicious extensions can steal sensitive data, while sneaky DOM manipulations exploit vulnerabilities to run harmful code in the background. These threats often go unnoticed until its too late. So, how do you stay protected? Tools like CRXaminer and DOMspy make it simple. CRXaminer scans Chrome extensions to uncover risky permissions or dangerous code before you install them. DOMspy helps you spot hidden threats by monitoring your browsers behavior in real-time, and flagging suspicious activities like DOM clobbering or prototype pollution. Stay safe by reviewing your extensions regularly, only granting permissions when absolutely necessary, and keeping your browser and tools up to date.ConclusionEvery click, download, and login contributes to your digital footprint, shaping how secure or vulnerable you are online. While the risks may feel overwhelming, staying informed and taking proactive steps are your best defenses.As you finish this newsletter, take a moment to assess your online habits. A few simple actions today can save you from significant trouble tomorrow. Stay ahead, stay secure.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.0 Σχόλια ·0 Μοιράστηκε ·106 Views
-
Ransomware on ESXi: The mechanization of virtualized attacksthehackernews.comJan 13, 2025The Hacker NewsThreat Detection / Network SecurityIn 2024, ransomware attacks targeting VMware ESXi servers reached alarming levels, with the average ransom demand skyrocketing to $5 million. With approximately 8,000 ESXi hosts exposed directly to the internet (according to Shodan), the operational and business impact of these attacks is profound.Most of the Ransomware strands that are attacking ESXi servers nowadays, are variants of the infamous Babuk ransomware, adapted to avoid detection of security tools. Moreover, accessibility is becoming more widespread, as attackers monetize their entry points by selling Initial Access to other threat actors, including ransomware groups. As organizations are dealing with compounded threats on an ever-expanding front: new vulnerabilities, new entry points, monetized cyber-crime networks, and more, there is ever-growing urgency for enhanced security measures and vigilance.The architecture of ESXiUnderstanding how an attacker can gain control of the ESXi host begins with understanding the architecture of virtualized environments and their components. This will help identify potential vulnerabilities and points of entry.Building on this, attackers targeting ESXi servers might look for the central node that manages multiple ESXi hosts. This will allow them to maximize their impact.This brings us to the vCenter, which is the central administration for VMware infrastructure and is designed to manage several ESXi hosts. The vCenter server orchestrates ESXi host management with the default "vpxuser" account. Holding root permissions, the "vpxuser" account is responsible for administrative actions on the virtual machines residing on the ESXi hosts. For example, transferring VMs between hosts and modifying configurations of active VMs.Encrypted passwords for each connected ESXi host are stored in a table within the vCenter server. A secret key stored on the vCenter server facilitates password decryption, and, consequently, total control over each and every one of the ESXi hosts. Once decrypted, the "vpxuser" account can be used for root permissions operations, including altering configurations, changing passwords of other accounts, SSH login, and executing ransomware.Encryption on ESXiRansomware campaigns are intended to make recovery exceedingly difficult, coercing the organization toward paying the ransom. With ESXi attacks, this is achieved by targeting four file types that are essential for operational continuity:VMDK Files: A virtual disk file that stores the contents of a virtual machine's hard drive. Encrypting these files renders the virtual machine completely inoperable.VMEM Files: The paging file of each virtual machine. Encrypting or deleting VMEM files can result in significant data loss and complications when attempting to resume suspended VMs.VSWP Files: Swap files, which store some of the VM's memory beyond what the physical memory of the host can provide. Encrypting these swap files can cause crashes in VMs.VMSN Files: Snapshots for backing up VMs. Targeting these files complicates disaster recovery processes.Since the files involved in ransomware attacks on ESXi servers are large, attackers typically employ a hybrid encryption approach. They combine the rapidity of symmetric encryption with the security of asymmetric encryption.Symmetric encryption - These methods, such as AES or Chacha20, allow speed and efficiency in encrypting large volumes of data. Attackers can quickly encrypt files, reducing the window of opportunity for detection and mitigation by security systems.Asymmetric encryption - Asymmetric methods, such as RSA, are slower since they involve a public key and a private key and require complex mathematical operations.Therefore, in ransomware, asymmetric encryption is primarily used for securing the keys used in symmetric encryption, rather than the data itself. This ensures that the encrypted symmetric keys can only be decrypted by someone possessing the corresponding private key, i.e the attacker. Doing so prevents easy decryption, adding an extra layer of security for the attacker.4 Key Strategies for Risk MitigationOnce we've acknowledged that vCenter security is at risk, the next step is to strengthen defenses by putting obstacles in the path of potential attackers. Here are some strategies:Regular VCSA Updates: Always use the latest version of the VMware vCenter Server Appliance (VCSA) and keep it updated. Transitioning from a Windows-based vCenter to the VCSA can improve security, as it's designed specifically for managing vSphere.Implement MFA and Remove Default Users: Don't just change default passwordsset up strong Multi-Factor Authentication (MFA) for sensitive accounts to add an extra layer of protection.Deploy Effective Detection Tools: Use detection and prevention tools directly on your vCenter. Solutions like EDRs, XDRs or third-party tools can help with monitoring and alerts, making it harder for attackers to succeed. For example, setting up monitoring policies that specifically track unusual access attempts to the vpxuser account or alerts for encrypted file activity within the vCenter environment.Network Segmentation: Segment your network to control traffic flow and reduce the risk of lateral movement by attackers. Keeping the vCenter management network separate from other segments helps contain potential breaches.Continuous Testing: Strengthening Your ESXi SecurityProtecting your vCenter from ESXi ransomware attacks is vital. The risks tied to a compromised vCenter can affect your entire organization, impacting everyone who relies on critical data.Regular testing and assessments can help identify and address security gaps before they become serious issues. Work with security experts who can help you implement a Continuous Threat Exposure Management (CTEM) strategy tailored to your organization.Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE0 Σχόλια ·0 Μοιράστηκε ·105 Views
-
Addressing the Security Risks of AI in the Cloudwww.informationweek.comCarrie Pallardy, Contributing ReporterJanuary 13, 20257 Min ReadKittipong Jirasukhanont via Alamy Stock PhotoThe majority of organizations --89% of them, according to the 2024 State of the Cloud Report from Flexera --have adopted a multicloud strategy. Now they are riding the wave of the next big technology: AI. The opportunities seem boundless: chatbots, AI-assisted development, cognitive cloud computing, and the list goes on. But the power of AI in the cloud is not without risk.While enterprises are eager to put AI to use, many of them still grapple with data governance as they accumulate more and more information. AI has the potential to amplify existing enterprise risks and introduce entirely new ones. How can enterprise leaders define these risks, both internal and external, and safeguard their organizations while capturing the benefits of cloud and AI?Defining the RisksData is the lifeblood of cloud computing and AI. And where there is data, there is security risk and privacy risk. Misconfigurations, insider threats, external threat actors, compliance requirements, and third parties are among the pressing concerns enterprise leaders must addressRisk assessment is not a new concept for enterprise leadership teams. Many of the same strategies apply when evaluating the risks associated with AI. You do threat modeling and your planning phase and risk assessment. You do security requirement definitions [and] policy enforcement, says Rick Clark, global head of cloud advisory at UST, a digital transformations solutions company.Related:As AI tools flood the market and various business functions clamor to adopt them, the risk of exposing sensitive data and the attack surface expands.For many enterprises, it makes sense to consolidate data to take advantage of internal AI, but that is not without risk. Whether it's for security or development or anything, [youre] going to have to start consolidating data, and once you start consolidating data you create a single attack point, Clark points out.And those are just the risks security leaders can more easily identify. The abundance of cheap and even free GenAI tools available to employees adds another layer of complexity.It's [like] how we used to have the shadow IT. Its repeating again with this, says Amrit Jassal, CTO at Egnyte, an enterprise content management company.AI comes with novel risks as well.Poisoning of the LLMs, that I think is one of my biggest concerns right now, Clark shares with InformationWeek. Enterprises aren't watching them carefully as they're starting to build these language models.Related:How can enterprises ensure the data feeding the LLMs they use hasnt been manipulated?This early on in the AI game, enterprise teams are faced with the challenges of a managing the behavior and testing systems and tools that they may not yet fully understand.What's new and difficult and challenging in some ways for our industry is that the systems have a kind of nondeterministic behavior, Mark Ryland, director of the Office of the CISO for cloud computing services company Amazon Web Services (AWS), explains. You cant comprehensively test a system because it's designed in part to be critical, creative, meaning that the very same input doesn't result in the same output.The risks of AI and cloud can multiply with the complexity of an enterprises tech stack. With a multi-cloud strategy and often growing supply chain, security teams have to think about a sprawling attack surface and myriad points of risk.As an example, we have had to take a close look at least privilege things, not just for our customers but for our own employees as well. And, then that has to be extended not to just one provider but to multiple providers, says Jassal. It definitely becomes much more complex.AI Against the CloudWidely available AI tools will be leveraged not only by enterprises but also the attackers that target them. At this point, the threat of AI-fueled attacks on cloud environments is moderately low, according to IBMs X-Force Cloud Threat Landscape Report 2024. But the escalation of that threat is easy to imagine.Related:AI could exponentially increase threat actors capabilities via coding-assistance, increasingly sophisticated campaigns, and automated attacks.We're going to start seeing that AI can gather information to start making personalized phishing attacks, says Clark. There's going to be adversarial AI attacks, where they exploit weaknesses in your AI models even by feeding data to bypass security systems.AI model developers will, naturally, attempt to curtail this activity, but potential victims cannot assume this risk goes away. The providers of GenAI systems obviously have capabilities in place to try to detect abusive use of their systems, and I'm sure those controls are reasonably effective but not perfect, says Ryland.Even if enterprises opt to eschew AI for now, threat actors are going to use that technology against them. AI is going to be used in attacks against you. You're going to need AI to combat it, but you need to secure your AI. It's a bit of a vicious circle, says Clark.The Role of Cloud ProvidersEnterprises still have responsibility for their data in the cloud, while cloud providers play their part by securing the infrastructure of the cloud.The shared responsibility still stays, says Jassal. Ultimately if something happens, a breach etcetera, in Egnytes systems Egnyte is responsible for it whether it was due to a Google problem or Amazon problem. The customer doesn't really care.While that fundamental shared responsibility model remains, does AI change that conversation at all?Model providers are now part of the equation. Model providers have a distinct set of responsibilities, says Ryland. Those entities [take] on some responsibility to ensure that the models are behaving according to the commitments that are made around responsible AI.While different parties -- users, cloud providers, and model providers -- have different responsibilities, AI is giving them new ways to meet those responsibilities.AI-driven security, for example, is going to be essential for enterprises to protect their data in the cloud, for cloud providers to protect their infrastructure, and for AI companies to protect their models.Clark sees cloud providers playing a pivotal role here. The hyperscalers are the only ones that are going to have enough GPUs to actually automate processing threat models and the attacks. I think that they're going to have to provide services for their clients to use, he says. They're not going to give you these things for free. So, these are other services they're going to sell you.AWS, Microsoft, and Google each offer a host of tools designed to help customers secure GenAI applications. And more of those tools are likely to come.We're definitely interested in increasing the capabilities that we provide for customers for risk management, risk mitigation, things like more powerful automated testing tools, Ryland shares.Managing RiskWhile the risks of AI and cloud are complex, enterprises are not without resources to manage them.Security best practices that existed before the explosion of GenAI are still relevant today. Building an operation of an IT system with the right kinds of access controls, least privilege making sure that the data's carefully guarded and all these things that we would have done traditionally, we can now apply to a GenAI system, says Ryland.Governance policies and controls that ensure those policies are followed will also be an important strategy for managing risk, particularly as it relates to employee use of this technology.The smart CISOs [dont] try to completely block that activity but rather quickly create the right policies around that, says Ryland. Make sure employees are informed and can use the systems when appropriate, but also get proper warnings and guardrails around using external systems.And experts are developing tools specific to the use of AI.There're a lot of good frameworks in the industry, things like the OWASP top 10 risks for LLMs, that have significant adoption, Ryland adds. Security and governance teams now have some good industry practices codified with input from a lot of experts, which help them to have a set of concepts and a set of practices that help them to define and manage the risks that arise from a new technology.The AI industry is maturing, but it is still relatively nascent and quickly evolving. There is going to be a learning curve for enterprises using cloud and AI technology. I don't see how it can be avoided. There will be data leakages, says Jassal.Enterprise teams will have to work through this learning curve, and its accompanying growing pains, with continuous risk assessment and management and new tools built to help them.About the AuthorCarrie PallardyContributing ReporterCarrie Pallardy is a freelance writer and editor living in Chicago. She writes and edits in a variety of industries including cybersecurity, healthcare, and personal finance.See more from Carrie PallardyNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also LikeWebinarsMore WebinarsReportsMore Reports0 Σχόλια ·0 Μοιράστηκε ·101 Views
-
Ensure Your Organizations Cloud Is Ready for AI Innovationwww.informationweek.comSekhar Koduri, Senior Director, Enterprise Offerings, DMIJanuary 13, 20255 Min ReadAleksia via Alamy StockGlobal spending on public cloud services will reach $805 billion this year and double by 2028. This exponential growth is being driven, in part, by a growing interdependence between artificial intelligence innovation and cloud infrastructure.AI systems demand tons of computational power and data. Generating this data in an on-premises data center is extremely expensive and impractical for most organizations. Conversely, the cloud provides a scalable and adaptable environment for AI to thrive.For instance, cloud platforms provide on-demand, fixed, and ephemeral compute resources for advanced AI processing. These resources are crucial for rapid prototyping and experimentation in AI innovation.However, unexpected costs, security, and regulatory concerns prevent cloud investments from reaching their full potential. Without a solid, sustainable cloud infrastructure, strong data foundation, and enterprise governance, organizations will not be able to reap the many benefits that AI has to offer.Fortunately, many prevalent challenges surrounding data management, cybersecurity, enterprise governance, cost containment, and change management are solvable.Strong Data Foundation Drives Business OutcomesAI applications demand vast amounts of data for training, testing, and validation, necessitating robust data storage solutions. As such, organizations must strengthen their data governance, integration, preparation, scalability, and financial policies to prepare a cloud environment for AI innovation.Related:Cloud platforms provide scalable computing power for AI workloads, eliminating the need for physical servers. With cloud-native object storage and distributed frameworks, organizations can efficiently process and store large datasets to ensure scalability and optimize performance. Also, modern semantic databases can provide the data foundation for ever-growing generative AI workloads.Organizations can use the pay-as-you-go model to eliminate upfront costs and dynamically scale resources based on demand. Additionally, multi-tier storage options optimize costs by storing data based on access patterns, and serverless platforms can provide cost-effective solutions for storing and analyzing petabytes of data.A robust data foundation not only supports scalability and cost-efficiency but also ensures ethical alignment and operational excellence.Security at the CoreFor organizations looking to incorporate AI-powered tools into their cloud environments, it's imperative to ensure the environment is secure beforehand.Related:Concerningly, 80% of data breaches in 2023 involved data stored in the cloud. In dynamic environments like the cloud, a zero-trust philosophy is a necessity.Several key components of zero-trust can fortify an organization's cloud security. For instance, asset discovery and misconfiguration monitoring can ensure organizations maintain visibility into their cloud environment. Further, cloud identity and entitlement management can ensure users can only access the minimum resources and permissions necessary to perform their tasks.No cyber efforts are foolproof -- even with these strategies in place, threat detection and incident response tools remain critical in case a malicious actor does breach the network. These should include continuous monitoring, vulnerability scanning, and guided remediation across cloud assets, workloads, and identities. Once security is assured, organizations can focus on other pressing challenges.Robust Enterprise Governance Framework Is Essential In response to the rapidly evolving field of AI, including generative AI, organizations should establish a multidisciplinary team dedicated to integrating AI within rigid regulatory frameworks, like the NIST AI Risk Management Framework.Related:Organizations should adhere to best practices like scalability, data management, and automation to create a secure, ethical, and efficient environment for AI deployment. Luckily, cloud providers offer cloud-native capabilities to navigate compliance requirements. For instance, some providers offer model bias, explainability features, and generative AI safeguards.Overcoming governance challenges through structured frameworks ensures that AI systems align with organizational goals and societal values, paving the way for responsible AI innovation.FinOps Keeps Ballooning Cloud Costs Under ControlOne of the most prevalent cloud migration and management concerns is cost. According to a McKinsey report, the average company spends 14% more than they intend to on cloud migration each year, and 75% of organizations exceed their planned budget. Cloud financial operations, or FinOps, provide a technological and organizational solution.The technological aspect enables cost observability through dashboards, regular reporting and alerts for cost overruns. These tools provide visibility into current and future costs and enable proactive management, so organizations aren't surprised by cloud invoices. Additional FinOps procedures and policies include approval processes for resource changes that impact costs and ongoing cloud cost forecasts.Implementing FinOps solutions and procedures drives financial accountability, efficiency, and overall cost control in cloud environments. As a result, organizations can optimize resources and investments.OCM Unites People, Processes & TechnologyAny technology or procedure is only as effective as the people using it. Organizations tend to underestimate the role of their workforce in ensuring a successful and sustainable cloud deployment.Leadership must focus on the employee perspective and experience to prevent delays and ensure successful cloud deployments. Organizational change management, or OCM, is a fundamental part of the transformational journey to the cloud.Leadership can ensure a smooth transition to the cloud with effective change communication, stakeholder collaboration, transparency, and thorough education. Organizations must account for the triumvirate of people, processes and technology throughout cloud migration, deployment and management.When the three work in harmony, organizations can significantly improve their operations, maximize the value of their cloud infrastructure, and capitalize on the boundless potential of AI.About the AuthorSekhar KoduriSenior Director, Enterprise Offerings, DMISekhar Koduri, DMIs lead for the data and analytics practice under the DMI CTO/EO office, spearheads transformative initiatives by leveraging the power of advanced analytics, data science, and AI for DMIs customers. He designs and implements robust data-driven strategies and AI workloads, enhancing operational efficiency and service delivery across sectors while ensuring AI safety and transparency. He is currently engaged in initiatives that explore the practical applications of Generative AI and large language models in the rapidly evolving AI landscape. He unlocks business utility and transformative capabilities by integrating these GenAI capabilities into customers operations.See more from Sekhar KoduriNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also LikeWebinarsMore WebinarsReportsMore Reports0 Σχόλια ·0 Μοιράστηκε ·107 Views
-
Intellisync: Product Ownerweworkremotely.comTime zones: UTC -4, UTC -4:30, UTC -3, UTC -2, SBT (UTC +11), GMT (UTC +0), CET (UTC +1), EET (UTC +2), MSK (UTC +3), AST (UTC -4), FKST (UTC -3), NST (UTC -3:30), CEST (UTC +2), BST (UTC +1), IRDT (UTC +4:30), CVT (UTC -1), WAT (UTC +1), SAST (UTC +2), EAT (UTC +3)At Intellisync, we offer more than just a job we provide the opportunity to make a meaningful impact. If youre passionate about turning ideas into impactful realities, we want you to lead the charge as our first Product Owner.What Youll DoDefine and articulate the product vision, ensuring alignment with company goals and the needs of clients in government, defense, and tech.Collaborate with developers, product designers, engineering managers and stakeholders to prioritize features and drive the successful delivery of high-value products.Create and maintain product backlogs, making data-informed decisions to ensure every feature adds maximum value for end-users.Act as the primary point of contact for stakeholders, keeping them informed, engaged, and inspired by the product's progress and future.Use data, feedback, and insights to continuously improve our products, ensuring they stay ahead of the curve.About YouWere looking for a leader with a blend of strategic thinking, practical execution, and a passion for innovation:Youve successfully taken products from concept to launch and have a strong foundation in product management.Your communication skills are exceptional, enabling you to inspire teams and manage stakeholders effectively.You have a deep understanding of user needs and a drive to solve real-world problems through impactful products.You rely on evidence and insights to guide priorities and actions.Background in government, defense, or tech is a plus.You can overlap with CET/CEST time zones by at least 4 hours to collaborate effectively with our distributed teams. Applicant from European time zones are preferred.Why Join IntelliSync?Work on products that serve critical industries, from government and defense to cutting-edge technology.Collaborate with brilliant, motivated developers who thrive in a supportive environment.Enjoy Euro-level salaries, over 30 days of vacation, sick pay, and additional perks.This is a permanent, full-time role. We believe investing in people leads to extraordinary outcomes.We celebrate and support diversity in the workplace. Applications are encouraged from all backgrounds, regardless of race, ethnicity, gender, orientation, age, or religion. If youre excited about this opportunity but dont meet every requirement, we still encourage you to apply wed love to hear from you. Related Jobs See more Product jobs0 Σχόλια ·0 Μοιράστηκε ·99 Views
-
Inside the strange limbo facing millions of IVF embryoswww.technologyreview.comLisa Holligan already had two children when she decided to try for another baby. Her first two pregnancies had come easily. But for some unknown reason, the third didnt. Holligan and her husband experienced miscarriage after miscarriage after miscarriage. Like many other people struggling to conceive, Holligan turned to in vitro fertilization, or IVF. The technology allows embryologists to take sperm and eggs and fuse them outside the body, creating embryos that can then be transferred into a persons uterus. The fertility clinic treating Holligan was able to create six embryos using her eggs and her husbands sperm. Genetic tests revealed that only three of these were genetically normal. After the first was transferred, Holligan got pregnant. Then she experienced yet another miscarriage. I felt numb, she recalls. But the second transfer, which took place several months later, stuck. And little Quinn, who turns four in February, was the eventual happy result. She is the light in our lives, says Holligan. Holligan, who lives in the UK, opted to donate her genetically abnormal embryos for scientific research. But she still has one healthy embryo frozen in storage. And she doesnt know what to do with it. Should she and her husband donate it to another family? Destroy it? Its almost four years down the line, and we still havent done anything with [the embryo], she says. The clinic hasnt been helpfulHolligan doesnt remember talking about what to do with leftover embryos at the time, and no one there has been in touch with her for years, she says. Holligans embryo is far from the only one in this peculiar limbo. Millionsor potentially tens of millionsof embryos created through IVF sit frozen in time, stored in cryopreservation tanks around the world. The number is only growing thanks to advances in technology, the rising popularity of IVF, and improvements in its success rates. At a basic level, an embryo is simply a tiny ball of a hundred or so cells. But unlike other types of body tissue, it holds the potential for life. Many argue that this endows embryos with a special moral status, one that requires special protections. The problem is that no one can really agree on what that status is. To some, theyre human cells and nothing else. To others, theyre morally equivalent to children. Many feel they exist somewhere between those two extremes. There are debates, too, over how we should classify embryos in law. Are they property? Do they have a legal status? These questions are important: There have been multiple legal disputes over who gets to use embryos, who is responsible if they are damaged, and who gets the final say over their fate. And the answers will depend not only on scientific factors, but also on ethical, cultural, and religious ones. The options currently available to people with leftover IVF embryos mirror this confusion. As a UK resident, Holligan can choose to discard her embryos, make them available to other prospective parents, or donate them for research. People in the US can also opt for adoption, placing their embryos with families they get to choose. In Germany, people are not typically allowed to freeze embryos at all. And in Italy, embryos that are not used by the intended parents cannot be discarded or donated. They must remain frozen, ostensibly forever. While these embryos persist in suspended animation, patients, clinicians, embryologists, and legislators must grapple with the essential question of what we should do with them. What do these embryos mean to us? Who should be responsible for them? Meanwhile, many of these same people are trying to find ways to bring down the total number of embryos in storage. Maintenance costs are high. Some clinics are running out of space. And with a greater number of embryos in storage, there are more opportunities for human error. They are grappling with how to get a handle on the growing number of embryos stuck in storage with nowhere to go. The embryo boom There are a few reasons why this has become such a conundrum. And they largely come down to an increasing demand for IVF and improvements in the way it is practiced. Its a problem of our own creation, says Pietro Bortoletto, a reproductive endocrinologist at Boston IVF in Massachusetts. IVF has only become as successful as it is today by generating lots of excess eggs and embryos along the way, he says. To have the best chance of creating healthy embryos that will attach to the uterus and grow in a successful pregnancy, clinics will try to collect multiple eggs. People who undergo IVF will typically take a course of hormone injections to stimulate their ovaries. Instead of releasing a single egg that month, they can expect to produce somewhere between seven and 20 eggs. These eggs can be collected via a needle that passes through the vagina and into the ovaries. The eggs are then taken to a lab, where they are introduced to sperm. Around 70% to 80% of IVF eggs are successfully fertilized to create embryos. The embryos are then grown in the lab. After around five to seven days an embryo reaches a stage of development at which it is called a blastocyst, and it is ready to be transferred to a uterus. Not all IVF embryos reach this stage, howeveronly around 30% to 50% of them make it to day five. This process might leave a person with no viable embryos. It could also result in more than 10, only one of which is typically transferred in each pregnancy attempt. In a typical IVF cycle, one embryo might be transferred to the persons uterus fresh, while any others that were created are frozen and stored. IVF success rates have increased over time, in large part thanks to improvements in this storage technology. A little over a decade ago, embryologists tended to use a slow freeze technique, says Bortoletto, and many embryos didnt survive the process. Embryos are now vitrified instead, using liquid nitrogen to rapidly cool them from room temperature to -196 C in less than two seconds. Vitrification essentially turns all the water in the embryos into a glasslike state, avoiding the formation of damaging ice crystals. Now, clinics increasingly take a freeze all approach, in which they cryopreserve all the viable embryos and dont start transferring them until later. In some cases, this is so that the clinic has a chance to perform genetic tests on the embryo they plan to transfer. An assortment of sperm and embryos, preserved in liquid nitrogen.ALAMY Once a lab-grown embryo is around seven days old, embryologists can remove a few cells for preimplantation genetic testing (PGT), which screens for genetic factors that might make healthy development less likely or predispose any resulting children to genetic diseases. PGT is increasingly popular in the USin 2014, it was used in 13% of IVF cycles, but by 2016, that figure had increased to 27%. Embryos that undergo PGT have to be frozen while the tests are run, which typically takes a week or two, says Bortoletto: You cant continue to grow them until you get those results back. And there doesnt seem to be a limit to how long an embryo can stay in storage. In 2022, a couple in Oregon had twins who developed from embryos that had been frozen for 30 years. Put this all together, and its easy to see how the number of embryos in storage is rocketing. Were making and storing more embryos than ever before. When you combine that with the growing demand for IVF, which is increasing in use by the year, perhaps its not surprising that the number of embryos sitting in storage tanks is estimated to be in the millions. I say estimated, because no one really knows how many there are. In 2003, the results of a survey of fertility clinics in the US suggested that there were around 400,000 in storage. Ten years later, in 2013, another pair of researchers estimated that, in total, around 1.4 million embryos had been cryopreserved in the US. But Alana Cattapan, now a political scientist at the University of Waterloo in Ontario, Canada, and her colleagues found flaws in the study and wrote in 2015 that the number could be closer to 4 million. That was a decade ago. When I asked embryologists what they thought the number might be in the US today, I got responses between 1 million and 10 million. Bortoletto puts it somewhere around 5 million. Globally, the figure is much higher. There could be tens of millions of embryos, invisible to the naked eye, kept in a form of suspended animation. Some for months, years, or decades. Others indefinitely. Stuck in limbo In theory, people who have embryos left over from IVF have a few options for what to do with them. They could donate the embryos for someone else to use. Often this can be done anonymously (although genetic tests might later reveal the biological parents of any children that result). They could also donate the embryos for research purposes. Or they could choose to discard them. One way to do this is to expose the embryos to air, causing the cells to die. Studies suggest that around 40% of people with cryopreserved embryos struggle to make this decision, and that many put it off for five years or more. For some people, none of the options are appealing. In practice, too, the available options vary greatly depending on where you are. And many of them lead to limbo. Take Spain, for example, which is a European fertility hub, partly because IVF there is a lot cheaper than in other Western European countries, says Giuliana Baccino, managing director of New Life Bank, a storage facility for eggs and sperm in Buenos Aires, Argentina, and vice chair of the European Fertility Society. Operating costs are low, and theres healthy competitionthere are around 330 IVF clinics operating in Spain. (For comparison, there are around 500 IVF clinics in the US, which has a population almost seven times greater.) Baccino, who is based in Madrid, says she often hears of foreign patients in their late 40s who create eight or nine embryos for IVF in Spain but end up using only one or two of them. They go back to their home countries to have their babies, and the embryos stay in Spain, she says. These individuals often dont come back for their remaining embryos, either because they have completed their families or because they age out of IVF eligibility (Spanish clinics tend not to offer the treatment to people over 50). An embryo sample is removed from cryogenic storage.GETTY IMAGES In 2023, the Spanish Fertility Society estimated that there were 668,082 embryos in storage in Spain, and that around 60,000 of them were in a situation of abandonment. In these cases the clinics might not be able to reach the intended parents, or might not have a clear directive from them, and might not want to destroy any embryos in case the patients ask for them later. But Spanish clinics are wary of discarding embryos even when they have permission to do so, says Baccino. We always try to avoid trouble, she says. And we end up with embryos in this black hole. This happens to embryos in the US, too. Clinics can lose touch with their patients, who may move away or forget about their remaining embryos once they have completed their families. Other people may put off making decisions about those embryos and stop communicating with the clinic. In cases like these, clinics tend to hold onto the embryos, covering the storage fees themselves. Nowadays clinics ask their patients to sign contracts that cover long-term storage of embryosand the conditions of their disposal. But even with those in hand, it can be easier for clinics to leave the embryos in place indefinitely. Clinics are wary of disposing of them without explicit consent, because of potential liability, says Cattapan, who has researched the issue. People put so much time, energy, money into creating these embryos. What if they come back? Bortolettos clinic has been in business for 35 years, and the handful of sites it operates in the US have a total of over 47,000 embryos in storage, he says. Our oldest embryo in storage was frozen in 1989, he adds. Some people may not even know where their embryos are. Sam Everingham, who founded and directs Growing Families, an organization offering advice on surrogacy and cross-border donations, traveled with his partner from their home in Melbourne, Australia, to India to find an egg donor and surrogate back in 2009. It was a Wild West back then, he recalls. Everingham and his partner used donor eggs to create eight embryos with their sperm. Everingham found the experience of trying to bring those embryos to birth traumatic. Baby Zac was stillborn. Baby Ben died at seven weeks. We picked ourselves up and went again, he recalls. Two embryo transfers were successful, and the pair have two daughters today. But the fate of the rest of their embryos is unclear. Indias government decided to ban commercial surrogacy for foreigners in 2015, and Everingham lost track of where they are. He says hes okay with that. As far as hes concerned, those embryos are just cells. He knows not everyone feels the same way. A few days before we spoke, Everingham had hosted a couple for dinner. They had embryos in storage and couldnt agree on what to do with them. The mother wanted them donated to somebody, says Everingham. Her husband was very uncomfortable with the idea. [They have] paid storage fees for 14 years for those embryos because neither can agree on what to do with them, says Everingham. And this is a very typical scenario. Lisa Holligans experience is similar. Holligan thought shed like to donate her last embryo to another personsomeone else who might have been struggling to conceive. But my husband and I had very different views on it, she recalls. He saw the embryo as their child and said he wouldnt feel comfortable with giving it up to another family. I started having these thoughts about a child coming to me when theyre older, saying theyve had a terrible life, and [asking] Why didnt you have me? she says. After all, her daughter Quinn began as an embryo that was in storage for months. She was frozen in time. She could have been frozen for five years like [the leftover] embryo and still be her, she says. I know it sounds a bit strange, but this embryo could be a child in 20 years time. The science is just mind-blowing, and I think I just block it out. Its far too much to think about. No choice at all Choosing the fate of your embryos can be difficult. But some people have no options at all. This is the case in Italy, where the laws surrounding assisted reproductive technology have grown increasingly restrictive. Since 2004, IVF has been accessible only to heterosexual couples who are either married or cohabiting. Surrogacy has also been prohibited in the country for the last 20 years, and in 2024, it was made a universal crime. The move means Italians can be prosecuted for engaging in surrogacy anywhere in the world, a position Italy has also taken on the crimes of genocide and torture, says Sara Dalla Costa, a lawyer specializing in assisted reproduction and an IVF clinic manager at Instituto Bernabeu on the outskirts of Venice. The law surrounding leftover embryos is similarly inflexible. Dalla Costa says there are around 900,000 embryos in storage in Italy, basing the estimate on figures published in 2021 and the number of IVF cycles performed since then. By law, these embryos cannot be discarded. They cannot be donated to other people, and they cannot be used for research. Even when genetic tests show that the embryo has genetic features making it incompatible with life, it must remain in storage, forever, says Dalla Costa. There are a lot of patients that want to destroy embryos, she says. For that, they must transfer their embryos to Spain or other countries where it is allowed. Even people who want to use their embryos may age out of using them. Dalla Costa gives the example of a 48-year-old woman who undergoes IVF and creates five embryos. If the first embryo transfer happens to result in a successful pregnancy, the other four will end up in storage. Once she turns 50, this woman wont be eligible for IVF in Italy. Her remaining embryos become stuck in limbo. They will be stored in our biobanks forever, says Dalla Costa. Dalla Costa says she has a lot of examples of couples who separate after creating embryos together. For many of them, the stored embryos become a psychological burden. With no way of discarding them, these couples are forever connected through their cryopreserved cells. A lot of our patients are stressed for this reason, she says. Earlier this year, one of Dalla Costas clients passed away, leaving behind the embryos shed created with her husband. He asked the clinic to destroy them. In cases like these, Dalla Costa will contact the Italian Ministry of Health. She has never been granted permission to discard an embryo, but she hopes that highlighting cases like these might at least raise awareness about the dilemmas the countrys policies are creating for some people. Snowflakes and embabies In Italy, embryos have a legal status. They have protected rights and are viewed almost as children. This sentiment isnt specific to Italy. It is shared by plenty of individuals who have been through IVF. Some people call them embabies or freezer babies, says Cattapan. It is also shared by embryo adoption agencies in the US. Beth Button is executive director of one such program, called Snowflakesa division of Nightlight Christian Adoptions agency, which considers cryopreserved embryos to be children, frozen in time, waiting to be born. Snowflakes matches embryo donors, or placing families, with recipients, termed adopting families. Both parties share their information and essentially get to choose who they donate to or receive from. By the end of 2024, 1,316 babies had been born through the Snowflakes embryo adoption program, says Button. Button thinks that far too many embryos are being created in IVF labs around the US. Around 10 years ago, her agency received a donation from a couple that had around 38 leftover embryos to donate. We really encourage [people with leftover embryos in storage] to make a decision [about their fate], even though its an emotional, difficult decision, she says. Obviously, we just try to keep [that discussion] focused on the child, she says. Is it better for these children to be sitting in a freezer, even though that might be easier for you, or is it better for them to have a chance to be born into a loving family? That kind of pushes them to the point where theyre ready to make that decision. Button and her colleagues feel especially strongly about embryos that have been in storage for a long time. These embryos are usually difficult to place, because they are thought to be of poorer quality, or less likely to successfully thaw and result in a healthy birth. The agency runs a program called Open Hearts specifically to place them, along with others that are harder to match for various reasons. People who accept one but fail to conceive are given a shot with another embryo, free of charge. These nitrogen tanks at New Hope Fertility Center in New York hold tens of thousands of frozen embryos and eggs.GETTY IMAGES We have seen perfectly healthy children born from very old embryos, [as well as] embryos that were considered such poor quality that doctors didnt even want to transfer them, says Button. Right now, we have a couple who is pregnant with [an embryo] that was frozen for 30 and a half years. If that pregnancy is successful, that will be a record for us, and I think it will be a worldwide record as well. Many embryologists bristle at the idea of calling an embryo a child, though. Embryos are property. They are not unborn children, says Bortoletto. In the best case, embryos create pregnancies around 65% of the time, he says. They are not unborn children, he repeats. Person or property? In 2020, an unauthorized person allegedly entered an IVF clinic in Alabama and pulled frozen embryos from storage, destroying them. Three sets of intended parents filed suit over their wrongful death. A trial court dismissed the claims, but the Alabama Supreme Court disagreed, essentially determining that those embryos were people. The ruling shocked many and was expected to have a chilling effect on IVF in the state, although within a few weeks, the state legislature granted criminal and civil immunity to IVF clinics. But the Alabama decision is the exception. While there are active efforts in some states to endow embryos with the same legal rights as people, a move that could potentially limit access to abortion, most of the [legal] rulings in this area have made it very clear that embryos are not people, says Rich Vaughn, an attorney specializing in fertility law and the founder of the US-based International Fertility Law Group. At the same time, embryos are not just property. Theyre something in between, says Vaughn. Theyre sort of a special type of property. UK law takes a similar approach: The language surrounding embryos and IVF was drafted with the idea that the embryo has some kind of special status, although it was never made entirely clear exactly what that special status is, says James Lawford Davies, a solicitor and partner at LDMH Partners, a law firm based in York, England, that specializes in life sciences. Over the years, the language has been tweaked to encompass embryos that might arise from IVF, cloning, or other means; it is a bit of a fudge, says Lawford Davies. Today, the officialif somewhat circularlegal definition in the Human Fertilisation and Embryology Act reads: embryo means a live human embryo. And while people who use their eggs or sperm to create embryos might view these embryos as theirs, according to UK law, embryos are more like a stateless bundle of cells, says Lawford Davies. Theyre not quite propertypeople dont own embryos. They just have control over how they are used. Many legal disputes revolve around who has control. This was the experience of Natallie Evans, who created embryos with her then partner Howard Johnston in the UK in 2001. The couple separated in 2002. Johnston wrote to the clinic to ask that their embryos be destroyed. But Evans, who had been diagnosed with ovarian cancer in 2001,argued that Johnston had already consented to their creation, storage, and use and should not be allowed to change his mind. The case eventually made it to the European Court of Human Rights, and Evans lost. The case set a precedent that consent was key and could be withdrawn at any time. In Italy, on the other hand, withdrawing consent isnt always possible. In 2021, a case like Natallie Evanss unfolded in the Italian courts: A woman who wanted to proceed with implantation after separating from her partner went to court for authorization. She said that it was her last chance to be a mother, says Dalla Costa. The judge ruled in her favor. Dalla Costas clinics in Italy are now changing their policies to align with this decision. Male partners must sign a form acknowledging that they cannot prevent embryos from being used once theyve been created. The US situation is even more complicated, because each state has its own approach to fertility regulation. When I looked through a series of published legal disputes over embryos, I found little consistencysometimes courts ruled to allow a woman to use an embryo without the consent of her former partner, and sometimes they didnt. Some states have comprehensive legislation; some do not, says Vaughn. Some have piecemeal legislation, some have only case law, some have all of the above, some have none of the above. The meaning of an embryo So how should we define an embryo? Its the million-dollar question, says Heidi Mertes, a bioethicist at Ghent University in Belgium. Some bioethicists and legal scholars, including Vaughn, think wed all stand to benefit from clear legal definitions. Risa Cromer, a cultural anthropologist at Purdue University in Indiana, who has spent years researching the field, is less convinced. Embryos exist in a murky, in-between state, she argues. You can (usually) discard them, or transfer them, but you cant sell them. You can make claims against damages to them, but an embryo is never viewed in the same way as a car, for example. It doesnt fit really neatly into that property category, says Cromer. But, very clearly, it doesnt fit neatly into the personhood category either. And there are benefits to keeping the definition vague, she adds: There is, I think, a human need for there to be a wide range of interpretive space for what IVF embryos are or could be. Thats because we dont have a fixed moral definition of what an embryo is. Embryos hold special value even for people who dont view them as children. They hold potential as human life. They can come to represent a fertility journeyone that might have been expensive, exhausting, and traumatizing. Even for people who feel like theyre just cells, it still cost a lot of time, money, [and effort] to get those [cells], says Cattapan. I think its an illusion that we might all agree on what the moral status of an embryo is, Mertes says. In the meantime, a growing number of embryologists, ethicists, and researchers are working to persuade fertility clinics and their patients not to create or freeze so many embryos in the first place. Early signs arent promising, says Baccino. The patients she has encountered arent particularly receptive to the idea. They think, If I will pay this amount for a cycle, I want to optimize my chances, so in my case, no, she says. She expects the number of embryos in storage to continue to grow. Holligans embryo has been in storage for almost five years. And she still doesnt know what to do with it. She tears up as she talks through her options. Would discarding the embryo feel like a miscarriage? Would it be a sad thing? If she donated the embryo, would she spend the rest of her life wondering what had become of her biological child, and whether it was having a good life? Should she hold on to the embryo for another decade in case her own daughter needs to use it at some point? The question [of what to do with the embryo] does pop into my head, but I quickly try to move past it and just say Oh, thats something Ill deal with at a later time, says Holligan. Im sure [my husband] does the same. The accumulation of frozen embryos is going to continue this way for some time until we come up with something that fully addresses everyones concerns, says Vaughn. But will we ever be able to do that? Im an optimist, so Im gonna say yes, he says with a hopeful smile. But I dont know at the moment.0 Σχόλια ·0 Μοιράστηκε ·87 Views