Jan 21, 2025Ravie LakshmananBotnet / VulnerabilityCybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc_Botnet.The ongoing activity "demonstrates enhanced capabilities, exploiting vulnerabilities to compromise devices and establish expansive botnet networks," Qualys security researcher Shilpesh Trivedi said in an analysis.The campaign is known to be active since at least July 2024, with over 1,370 systems infected to date. A majority of the infections have been located in Malaysia, Mexico, Thailand, Indonesia, and Vietnam.Evidence shows that the botnet leverages known security flaws such as CVE-2017-17215 and CVE-2024-7029 to gain initial access to the Internet of Things (IoT) devices and download the next stage payload by means of a shell script.The script, for its part, fetches the botnet malware and executes it depending on the CPU architecture. The end goal of these attacks is to weaponize the botnet for carrying out distributed denial-of-service (DDoS) attacks.The development comes weeks after a Mirai botnet variant named gayfemboy was found exploiting a recently disclosed security flaw impacting Four-Faith industrial routers since early November 2024. Back in mid-2024, Akamai also revealed that CVE-2024-7029 was abused by malicious actors to enlist AVTECH devices into a botnet.Last week, details emerged about another large-scale DDoS attack campaign targeting major Japanese corporations and banks since the end of 2024 by making use of an IoT botnet formed by exploiting vulnerabilities and weak credentials. Some of the other targets are concentrated around the U.S., Bahrain, Poland, Spain, Israel, and Russia.The DDoS activity has been found to single out telecommunications, technology, hosting, cloud computing, banking, gaming, and financial services sectors. Over 55% of the compromised devices are located in India, followed by South Africa, Brazil, Bangladesh, and Kenya."The botnet comprises malware variants derived from Mirai and BASHLITE," Trend Micro said. "The botnet's commands include those that can incorporate various DDoS attack methods, update malware, and enable proxy services."The attacks involve infiltrating IoT devices to deploy a loader malware that fetches the actual payload, which then connects to a command-and-control (C2) server and awaits further instructions for DDoS attacks and other purposes.To safeguard against such attacks, it's advised to monitor suspicious processes, events, and network traffic spawned by the execution of any untrusted binary/scripts. It's also recommended to apply firmware updates and change the default username and password.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices.The activity "take[s] advantage of misconfigured DNS records to pass email protection techniques," Infoblox security researcher David Brunsdon said in a technical report published last week. "This botnet uses a global network of Mikrotik routers to send malicious emails that are designed to appear to come from legitimate domains."The DNS security company, which has codenamed the campaign Mikro Typo, said its analysis sprang forth from the discovery of a malspam campaign in late November 2024 that leveraged freight invoice-related lures to entice recipients into launching a ZIP archive payload.The ZIP file contains an obfuscated JavaScript file, which is then responsible for running a PowerShell script designed to initiate an outbound connection to a command-and-control (C2) server located at the IP address 62.133.60[.]137.The exact initial access vector used to infiltrate the routers is unknown, but various firmware versions have been affected, including those vulnerable to CVE-2023-30799, a critical privilege escalation issue that could be abused to achieve arbitrary code execution."Regardless of how they've been compromised, it seems as though the actor has been placing a script onto the [Mikrotik] devices that enables SOCKS (Secure Sockets), which allow the devices to operate as TCP redirectors," Brunsdon said."Enabling SOCKS effectively turns each device into a proxy, masking the true origin of malicious traffic and making it harder to trace back to the source."Elevating the concern is the lack of authentication required to use these proxies, thereby allowing other threat actors to weaponize specific devices or the entire botnet for malicious purposes, ranging from distributed denial-of-service (DDoS) attacks to phishing campaigns.The malspam campaign in question has been found to exploit a misconfiguration in the sender policy framework (SPF) TXT records of 20,000 domains, giving the attackers the ability to send emails on behalf of those domains and bypass various email security protections.Specifically, it has emerged that the SPF records are configured with the extremely permissive "+all" option, essentially defeating the purpose of having the safeguard in the first place. This also means that any device, such as the compromised MikroTik routers, can spoof the legitimate domain in email.MikroTik device owners are recommended to keep their routers up-to-date and change default account credentials to prevent any exploitation attempts."With so many compromised MikroTik devices, the botnet is capable of launching a wide range of malicious activities, from DDoS attacks to data theft and phishing campaigns," Brunsdon said. "The use of SOCKS4 proxies further complicates detection and mitigation efforts, highlighting the need for robust security measures."Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

The mobile application market is projected at an annual compound growth rate (CAGR) of 14.3% betweennow and 2030, and businesses are capitalizing by developing mobile applications for customers, business partners, and internal use.In large part, the mobile app market is being driven by the explosive growth of mobile devices, which over60% of the worlds populationuse. Not all of this use is confined to social media, emails, phone calls, and texts. Accordingly, businesses have become involved with launching retail websites for mobile devices, as well as transactional engines for mobile payment processing, e-commerce, banking and booking systems for use in a variety of smart mobile devices.In the process, the key for IT has been the integration of these new mobile applications with enterprise systems. How do you ensure that a mobile app is tightly integrated into your existing business processes and your IT base, and how do you ensure that it will perform consistently well every time it is used? Is your security policy across mobile devices as robust as it is across other enterprise assets, such as mainframes, networks and servers? Does the user interface across all mobile devices navigate equally well and with a certain degree of consistency, no matter which device is used?Related:In most cases, IT departments (and users and customers) will say that totalmobile device integrationis still a work in progress.The Role of Mobile App IntegrationIn the past, the integration of mobile applications with other IT infrastructure was more or less confined to the IT assets that the mobile app minimally needed to perform its functions. If the app was there for placing an online order, access to the enterprise order entry, inventory and fulfillment systems was needed, but maybe nothing else for the first installation. If the app was designed for a warehouse worker to operate a series of robots to pick and place items in a warehouse, it was specifically developed just for that, and on first installment, it might not have been integrated into inventory and warehouse management systems. However, now that tech companies are placing theirR&D emphasison smart phones and devices, IT needs to formulate a more inclusive integration strategy for mobile applications that these apps more complete when they launch.The Elements of Mobile App IntegrationTo achieve total integration with the rest of the enterprise IT portfolio, and possibly with third-party services, a mobile app must do the following:Related:Attain seamless data exchange across all systems, along with having the ability to invoke and use system-level infrastructure components such as storage or system-level routines to do its work.Use application programming interfaces (APIs) so it can access other IT and/or vendor systems.Conform to the same security and governance standards that other IT assets are subject to.Provide users and customers with a simple and (as much as possible) uniform graphical user interface (GUI).Be right-fitted into existing business and system workflows.This isnt just good IT. It also makes major contributions to user productivity and customer satisfaction.Workflow IntegrationIn late 2024, a health insurance company unveiled an automated online process for new customer registration. Unfortunately, the new app didnt include all data elements needed for registration, and it actually froze in process. Users ended up calling the company and enduring long wait times until they could complete their registrations with a human agent.This was a case of workflow integration failure, because critical ingredients required for registration had been left out of the online mobile app. How did this happen?The project might have been rushed through to meet a deadline or signed off as a first (albeit incomplete) version of an app that would be later enhanced. Or, possibly, QA might have been skipped. But to an experienced IT eye, the app was clearly missing data, which suggested that integration with other enterprise systems, or data transfers via API with supporting vendor systems, had been missed.Related:The apps process flow also was a miss because if the project team had tested the mobile apps process flow against the business workflow, they would have seen (like customers did) that key data elements were missing, and that the workflow didnt work.The project team should also have verified that security and governance standards had been met, and that the mobile app user experience was consistent, whether the customer was using an iPhone or an Android.SummaryStatista says that the mobile application market will reach $756 billion by 2027. In the US,47% of mobile appsare being used for retail transactions, and another 19% are serving as portals, whether for customers, business partners or employees.There is virtually no business that isnt developing mobile apps today for its customers, business partners and/or employees, but whathaslagged is the same level of discipline over mobile app development that IT expects for traditional enterprise app development.Central to this is mobile application integration.Its no longer acceptable to let an app fly with just the basics, but with many functions and data elements still missing. Its time for top-to-bottom mobile app integration, whether that integration requires complete data, a uniform user experience across all devices, or something else.

This is today's edition ofThe Download,our weekday newsletter that provides a daily dose of what's going on in the world of technology. Why its so hard to use AI to diagnose cancer Finding and diagnosing cancer is all about spotting patterns. Radiologists use x-rays and magnetic resonance imaging to illuminate tumors, and pathologists examine tissue from kidneys, livers, and other areas under microscopes. They look for patterns that show how severe a cancer is, whether particular treatments could work, and where the malignancy may spread. Visual analysis is something that AI has gotten quite good at since the first image recognition models began taking off nearly 15 years ago. Even though no model will be perfect, you can imagine a powerful algorithm someday catching something that a human pathologist missed, or at least speeding up the process of getting a diagnosis.Were starting to see lots of new efforts to build such a modelat least seven attempts in the last year alone. But they all remain experimental. What will it take to make them good enough to be used in the real world? Read the full story. James O'Donnell This story originally appeared in The Algorithm, our weekly newsletter on AI. To get stories like this in your inbox first, sign up here. Long-acting HIV prevention meds: 10 Breakthrough Technologies 2025 In June 2024, results from a trial of a new medicine to prevent HIV were announcedand they were jaw-dropping. Lenacapavir, a treatment injected once every six months, protected over 5,000 girls and women in Uganda and South Africa from getting HIV. And it was 100% effective. So far, the FDA has approved the drug only for people who already have HIV thats resistant to other treatments. But its producer Gilead has signed licensing agreements with manufacturers to produce generic versions for HIV prevention in 120 low-income countries. The United Nations has set a goal of ending AIDS by 2030. Its ambitious, to say the least: We still see over 1 million new HIV infections globally every year. But we now have the medicines to get us there. What we need is access. Read the full story. Jessica Hamzelou Long-acting HIV prevention meds is one of our 10 Breakthrough Technologies for 2025, MIT Technology Reviews annual list of tech to watch. Check out the rest of the list, and cast your vote for the honorary 11th breakthrough. The must-reads Ive combed the internet to find you todays most fun/important/scary/fascinating stories about technology. 1 Donald Trump signed an executive order delaying TikToks ban Parent company ByteDance has 75 days to reach a deal to stay live in the US. (WP $)+ China appears to be keen to keep the platform operating, too. (WSJ $)2 Neo-Nazis are celebrating Elon Musks salutes Theyre thrilled by the two Nazi-like salutes he gave at a post-inauguration rally. (Wired $)+ Whether the gestures were intentional or not, extremists have chosen to interpret them that way. (Rolling Stone $)+ MAGA is all about granting unchecked power to the already powerful. (Vox)+ How tech billionaires are hoping Trump will reward them for their support. (NY Mag $) 3 Trump is withdrawing the US from the World Health OrganizationHes accused the agency of mishandling the covid 19 pandemic. (Ars Technica)+ He first tried to leave the WHO in 2020, but failed to complete it before he left office. (Reuters) + Trump is also working on pulling the US out of the Paris climate agreement. (The Verge)4 Meta will keep using fact checkers outside the USfor now It wants to see how its crowdsourced fact verification system works in America before rolling it out further. (Bloomberg $)5 Startup Friend has delayed shipments of its AI necklace Customers are unlikely to receive their pre-orders before Q3. (TechCrunch)+ Introducing: The AI Hype Index. (MIT Technology Review)6 This sophisticated tool can pinpoint where a photo was taken in seconds Members of the public have been trying to use GeoSpy for nefarious means for months. (404 Media)7 Los Angeles is covered in ashAnd it could take years before it fully disappears. (The Atlantic $) 8 Singapore is turning to AI companions to care for its eldersRobots are filling the void left by an absence of human nurses. (Rest of World) + Inside Japans long experiment in automating elder care. (MIT Technology Review)9 The lost art of using a pen Typing and swiping are replacing good old fashioned paper and ink. (The Guardian)10 LinkedIn is getting humorous Posts are getting more personal, with a decidedly comedic bent. (FT $) Quote of the day Its been really beautiful to watch how two communities that would be considered polar opposites have come together. Khalil Bowens, a content creator based in Los Angeles, reflects on the influx of Americans joining Chinese social media app Xiaohongshu to the Wall Street Journal. The big story Inside the messy ethics of making war with machines August 2023 In recent years, intelligent autonomous weaponsweapons that can select and fire upon targets without any human inputhave become a matter of serious concern. Giving an AI system the power to decide matters of life and death would radically change warfare forever. Intelligent autonomous weapons that fully displace human decision-making have (likely) yet to see real-world use. However, these systems have become sophisticated enough to raise novel questionsones that are surprisingly tricky to answer. What does it mean when a decision is only part human and part machine? And when, if ever, is it ethical for that decision to be a decision to kill? Read the full story. Arthur Holland Michel We can still have nice things A place for comfort, fun and distraction to brighten up your day. (Got any ideas? Drop me a line or skeet 'em at me.) + Baby octopuses arent just cutethey can change color from the moment theyre born + Nintendo artist Takaya Imamura played a key role in making the company the gaming juggernaut it is today.+ David Lynch wasnt just a master of imagery, the way he deployed music to creep us out was second to none.+ Only got a bag of rice in the cupboard? No problem.

Watkin Jones requests public inquiry into 762-bed Nine Elms development close to Battersea Power StationCGI showing the three proposed buildings on the Battersea Park Road site1/4show captionWandsworth council has nominally refused planning permission for a three-tower student accommodation scheme designed by Howells three weeks after it went to appeal.The Battersea Park Road scheme was given five vote votes for refusal, one for approval and three abstentions at a committee meeting last week despite a recommendation from planning officers to approve the application.However, the vote was symbolic as the schemes developer, Watkin Jones, lodged an appeal against the applications non-determination on 23 December last year, eight months after a revised proposal was submitted for planning.The development will now head to a public inquiry expected to last around four days.Located in Nine Elms close to Battersea Power Station, the scheme consists of three buildings ranging from 12 to 22 storeys, containing 762 student bedrooms and 55 affordable homes.First submitted in May 2022, it has undergone several design revisions including the addition of second staircases, the reduction in height of one building by two storeys, with the same building having its footprint reduced and rotation altered.The number of student rooms across the scheme has also been cut from 779 to 762 and its homes reduced from 81 to 55.The original application itself replaced a former Assael Architecture-designed scheme submitted by DTZ Investors in 2015 consisting of 307 homes and office space in buildings up to 18 storeys, which was approved in 2019.This scheme, which included 25% affordable housing, has been technically implemented with the demolition of a BMW service centre building on the site.Councillors who refused the Howells scheme last week did so on the basis that its height was excessive compared to the Assael scheme and would have an overbearing impact on adjacent properties, including a neighbouring Peabody scheme.Concerns were also raised that the change to a student accommodation-led development as opposed to entirely residential would be the wrong balance for the site given the demand for housing and affordable housing in the borough.Firms working on the Howells scheme include landscape architect Planit IE, planning consultant Montagu Evans, MEP engineer Atelier Ten and civil and structural engineer Apex.Watkin Jones, Howells and Wandsworth council have been contacted for comment.

The government has published a new timetable to deliver the New Hospital Programme, with some projects now pushed back beyond 2037 (see full list below).Health secretary Wes Streeting yesterday described the new timetable as honest, realistic [and] deliverable in contrast to Boris Johnsons original pledge to build 40 hospitals by 2030 which Streeting said was built on the shaky foundation of false hope.Under the plan, which will see 46 hospitals built or refurbished, projects will be delivered and funded in five-year waves, with 15bn allocated for each wave. Five schemes now may not start construction until 2039, nine years after the original deadline set out by Johnson in 2020.Source: Flickr/Number 10Health secretary Wes Streeting said the new hospitals would be built in five year waves meaning several will not complete until some time in the 2040sA total of 21 schemes have already been approved. Of these, 14 are either open to patients, in construction or have had their main build full business case approved, while a further seven will replace RAAC hospitals, which are deemed more urgent due to safety risks.Of the 25 remaining, seven schemes are due to start construction in the upcoming wave of construction (2025 to 2030).> Also read:New hospitals programme and HS2 are unachievable, says IPAA total of nine wave two schemes will start between 2030 and 2035 and a further nine wave three schemes between 2035 and 2039, with five of these not expected to start until 2037 at the earliest.Streeting said: The New Hospital Programme we inherited was unfunded and undeliverable. Not a single new hospital was built in the past five years, and there was no credible funding plan to build forty in the next five years.He added: Working closely with colleagues in HM Treasury,we have secured five-year waves of investment, ensuring that there is always a balanced portfolio of hospital schemes at different development stages being delivered now and into the future.Source: Flickr/Number 10Prime minister Keir Starmer visiting Coventry hospital last October. The new government has said previous plans to build or refurbish 40 hospitals by the end of this decade were unrealisticThis is the most efficient and cost-effective way of giving our NHS the buildings it needs, giving the construction sector the certainty it needs to deliver.The hospitals are being delivered using a standardised design, known as Hospital 2.0. The government said: A hospital built through Hospital 2.0 principles will use sustainable and modern methods of construction designed for manufacturing assembly to accelerate the building process.Revised NHP TimetableTable 1: wave 0 schemes (already under construction)SchemeCost estimateAlumhurst Road Childrens Mental Health Unit, Dorset500m or lessRoyal Bournemouth Hospital, Dorset500m or lessSt Anns Hospital, Dorset500m or lessDorset County Hospital, Dorchester500m or lessCEDAR ProgrammeCost estimate not givenOriel Eye HospitalCost estimate not givenNational Rehabilitation CentreCost estimate not givenTable 2: wave 1 schemes (to start construction between 2025 and 2030)SchemeExpected construction start date (post-NHP review)Cost estimatePoole Hospital, Dorset2025 to 2026500m or lessDerriford Emergency Care Hospital, Plymouth2025 to 2026500m or lessCambridge Cancer Research Hospital2025 to 2026500m or lessShotley Bridge Community Hospital, Durham2026 to 2027500m or lessMilton Keynes Hospital2027 to 2028500m or lessWomen and Childrens Hospital, Cornwall2027 to 2028500m or lessHillingdon Hospital, north-west London2027 to 20281bn to 1.5bnNorth Manchester General Hospital2027 to 20281bn to 1.5bnWest Suffolk Hospital, Bury St Edmunds (RAAC)2027 to 20281bn to 1.5bnHinchingbrooke Hospital (RAAC)2027 to 2028501m to 1bnJames Paget Hospital, Great Yarmouth (RAAC)2027 to 20281bn to 1.5bnQueen Elizabeth Hospital, Kings Lynn (RAAC)2027 to 20281bn to 1.5bnLeighton Hospital (RAAC)2027 to 20281bn to 1.5bnAiredale General Hospital (RAAC)2027 to 20281bn to 1.5bnFrimley Park Hospital (RAAC)2028 to 20291.5bn to 2bnBrighton 3Ts Hospital2026 to 2027Cost estimate not givenTable 3: wave 2 schemes (to start construction between 2030 and 2035)SchemeExpected construction start date (post-NHP review)Cost estimateLeeds General Infirmary2032 to 20341.5bn to 2bnSpecialist Emergency Care Hospital, Sutton2032 to 20341.5bn to 2bnWhipps Cross University Hospital, north-east London2032 to 20341bn to 1.5bnPrincess Alexandra Hospital, Harlow2032 to 20341.5bn to 2bnWatford General Hospital2032 to 20341.5bn to 2bnLeicester General Hospital Royal Infirmary2032 to 20341bn to 1.5bnKettering General Hospital2032 to 20341bn to 1.5bnMusgrove Park Hospital, Taunton2032 to 2034501m to 1bnTorbay Hospital2032 to 2034501m to 1bnTable 4: wave 3 schemes (to start construction between 2035 and 2039)SchemeExpected construction start date (post-NHP review)Cost estimateCharing Cross Hospital and Hammersmith Hospital, London2035 to 20381.5bn to 2bnNorth Devon District Hospital, Barnstaple2035 to 20381bn to 1.5bnRoyal Lancaster Infirmary2035 to 20381bn to 1.5bnSt Marys Hospital, north-west London2035 to 20382bn or moreRoyal Preston Hospital2037 to 20392bn or moreQueens Medical Centre and Nottingham City Hospital2037 to 20392bn or moreRoyal Berkshire Hospital, Reading2037 to 20392bn or moreHampshire Hospitals2037 to 20392bn or moreEastbourne District General, Conquest Hospital and Bexhill Community Hospital2037 to 20391.5bn to 2bn

Whether you need a new essential or like to treat yourself, shopping the top deals is a great way to avoid paying full price. That's why we at CNET comb through the internet for the best deals worth the buzz. We know you don't want to miss out on savings on Apple products (such as the iPad Mini and the MacBook Pro), smart home gadgetsor Amazon deals under $100. If you love good deals, you might enjoy an amazing tool (at least we think so) that can help cut through the cluttered sales pages and deliver the most irresistible deals straight to your phone, helping you score the items you need or want most at a massive discount.Our daily CNET Deals text includes ourDeal of the Day, a product our expert Deals team has carefully selected and vetted. So you can trust that the sale is a good one and that the marked discount offers real value. For big events during the year, we send two texts each day, highlighting the discounts that stand out and helping connect you with products we think you'll love that are also kind to your budget.Our goal is to put savings directly into your messages so you never miss a chance to jump on a genuinely good deal. Signing up is super easy (it'll take less than a minute), safe and trusted, and you can opt-out at any time.Tell me more about deals text curationWith daily deals texting, we apply the same level of deep research and confirmation that these discounts are legitimate and useful as we do across all of CNET, just in a bite-sized format. There's no AI here pulling the strings -- we're a passionate, dedicated team of actual people finding actual deals.If we uncover something interesting for an affordable price -- usually under $50 at a significant discount -- you'll hear about it from us. We find a cool thing on sale and we share it, truly as simple as that.Can I request a deal?Yes. If you aren't seeing the deals you want to see, all you need to do is ask, and we'll do the best we can.This text platform is a two-way street powered by the CNET Deals team, which means every message is sent by a person and we see every reply. If you're ever looking for a notification when a specific thing is on sale, all you need to do is ask, and we'll do our best to help you out.

A few months ago, LaQueshia Clemons and her husband were looking for ways to earn the most points on their credit cards. After poking around, they decided to give the Bilt Mastercard* a go.The Bilt Mastercard is a unique housing credit card, designed to help you earn rewards for paying rent. Later this year, according to aletter to memberson its website, Bilt will also offer points on mortgage payments. Another housing credit card, the recently launched Mesa Homeowners Visa Signature Preferred Credit Card*, also allows homeowners to earn credit card points for mortgage payments, though its terms and conditions are a bit murkier.Clemons, a 35-year-old financial therapist at Freedom Life Therapy based in Connecticut, now uses the Bilt card to pay for monthly rent, electricity, cell phone, car insurance premiums and streaming subscriptions. She and her husband put about $2,500 a month on the Bilt card, collecting a bounty of reward points in the process. Since housing is the largest expenditure for most US families, it could make sense to use a credit card for big-ticket, ongoing spending like rent or mortgagepayments. But is using a housing credit card worth the risk? Let's take a closer look.Is it a good idea to pay for housing with a credit card?Paying for anything with a credit card, including housing, could be worthwhile, but it always depends on your budget and spending patterns. If you're financially strapped due to a recent job loss or have outstanding medical bills, you don't want your housing expenses to accrue interest and put you further in the red.However, if you feel confident that you can use the card conscientiously -- meaning you can immediately cover the balance when it's due each month -- using a credit card can be a good way to rack up points. Clemons, for example, pays off her balance weekly. A portion of each weekly paycheck goes straight toward credit card payments, and she never accrues interest. Because her cards are paid in full each month, she can earn points without getting hit with heavy interest charges or fees."I can build up enough points to take the money off my rent payment," she said. Though that may be just a few extra dollars each month, the extra money could be put toward something, like coffee on the way to work.Beau Wirick, a 38-year-old wealth adviser atMorton Wealth based in California, has been using the Bilt card to pay for his rent for the last few years."Getting points for rent is a game changer, so I recommend the Bilt card for that purpose," said Wirick. Wirick gets the best redemption value by transferring points and redeeming them through Bilt's travel partners, which can be used on flights, car rentals, hotels and activities.What are the pitfalls of paying for housing with a credit card?The downside to paying for housing with a credit card is accumulating more debt if you don't have the money to cover your balance each month. It's often safer to pay for housing the traditional way, that is, by transferring funds via ACH from your bank account, writing a check or via a money order.It's also important to check with your landlord or property manager about fees. While the Bilt and Mesa cards don't have annual fees (and the Bilt card doesn't have transaction fees for rent payments), your landlord might impose a processing fee if you pay with a credit card.One way to avoid this with Bilt is to opt for BiltProtect, which allows you to pay rent and earn points without tapping into your credit line. With this feature, the funds are pulled directly from your linked bank account. If you choose not to use this feature, your rent will be charged directly to your Bilt Mastercard just like any other charge on your credit card.Do housing credit cards have requirements?Credit cards that specialize in paying for your housing don't have unique requirements. To be eligible for the Bilt Mastercard, you must be at least 18 years of age and a resident of the US or its territories. There's technically no minimum credit score to get approved, but a good to excellent score (670 to 850) is recommended.To earn points on the Bilt card, you'll need to make at least five transactions each billing cycle. To ensure you never miss that threshold, try setting your Bilt card as the default method for ongoing expenses.For the Mesa card, anyone with an eligible device (iPhone only) can join the waitlist directly, according to a company representative. Once you're invited to apply, you'll be required to provide additional information to make a credit decision on your application, similar to other unsecured consumer credit cards.What can you earn with a housing-specific credit card?Bilt MastercardBilt offers 1x points per dollar on rent, up to 100,000 points a year. To earn points, you'll need to use the card at least five times each monthly statement period. You can earn higher points when you spend on travel and restaurants. As a Bilt cardholder, you can scoop up special perks at partnering restaurants, fitness studios and rideshare apps.You can transfer points through Bilt's travel portal and rack up additional points when you book travel through the portal.Besides improving your credit score if you make on-time monthly payments, Bilt has an added feature that allows you to opt into reporting your rent payments to the three credit bureaus, which can also boost your score.Mesa Homeowners Visa Signature Preferred Credit CardCurrently, you'll need to get on a waitlist to sign up for the Mesa Visa card, which is only available on the Apple Store.The Mesa credit card has different rewards rates depending on your purchase: 1x points per dollar on your monthly mortgage payments; 2x points on everyday essentials (e.g., grocery, gas); 3x points on home-related transactions, like utilities, maintenance, decor, and home improvement projects; and 1x points on everything else.You can also take advantage of other perks, such as memberships to Sam's Club and credits with Mesa's branded partners, such as Thumbtack and Wag! Points earned can be redeemed toward a statement credit, gift cards, travel and mortgage payments.What protections are there with Bilt or Mesa?Sharing sensitive information with another party can always introduce risks, so it's important to keep your account information secure.The Bilt and Mesa credit cards come with standard zero liability protection to help ensure the safety of your sensitive personal and financial data from fraudulent activity. Because Bilt is a co-branded Mastercard with Wells Fargo, it comes with 24/7 ID theft protection."You'll want to make sure they have safeguards in place for transmitting your payment information to your landlord, property manager or mortgage company," said Jovan Johnson, a CFP and co-founder of Piece of Wealth Planning. "Look for other card features like fraud alerts or virtual card numbers, which can add an extra layer of protection."Are housing credit cards worth the hype? Every credit card has specific perks and bonuses, so it's a good idea to research the pros and cons before you apply. Bilt is more established and should be expanding its reach soon. Mesa is still fairly limited in its reach, so it's worth doing more research on the terms and conditions.Financial experts say that you should only use a credit card when you can afford to pay off your statement in full and avoid carrying a balance. Otherwise, it's easy to fall into debt from high interest charges."Credit card programs are designed to incentivize you to spend more money, period," Wirick said. "As long as you can keep yourself from falling into bad habits, go for it."*All information about the Bilt Mastercard and Mesa Homeowners Visa Signature Preferred Credit Card has been collected independently by CNET and has not been reviewed by the issuer.

ITV has a smash-hit Hell's Kitchen game with 20m players, but it's on RobloxLive and let fry.Image credit: Metavision Studios News by Victoria Kennedy News Reporter Published on Jan. 21, 2025 Competitive ITV show Hell's Kitchen is now blowing up as an experience in Roblox, with a cartoony version of Gordon Ramsay at the fore.Since its debut last month, ITV's first-ever Roblox experience has had over 20m visits from aspiring chefs, and boasts 450k daily active users happy to have the show's celebrity chef express disdain at their dishes.As with Hell's Kitchen on telly, those who participate in the official Roblox experience will be popped onto either the Red or the Blue team. And, while I haven't seen word that Ramsay will call users an "Idiot Sandwich", his Roblox counterpart still shares his disappointment if food isn't up to snuff.Hell's Kitchen Roblox | Official Trailer | Starring Chef Ramsay. Watch on YouTube"By blending the unique essence of Hells Kitchen with the immersive possibilities of Roblox, we're offering players a fresh way to engage with the brand and create their own culinary adventures," claimed Ashley Lewis, boss of the experience's developer Metavision."We've got an exciting 2025 roadmap for the experience and can't wait to show the community what we have in store next."If you fancy taking to the kitchen yourself, you can check out the Hell's Kitchen Roblox experience here. Image credit: Metavision StudiosTowards the end of last year, Roblox announced further tools designed to improve the safety of its young audience. These tools included the ability for parents to remotely manage their child's account, view their child's friends list and limit the amount of time made available to play.This move followed frequent criticism that the platform was not doing enough to ensure the safety of its audience, which is predominantly children. In July of last year, it was revealed that Roblox itself had reported 13,316 instances of child exploitation in 2023, and that more than two dozen people had been arrested for abusing minors following contact in-game.

Looks like Horizon's unannounced MMO has been quietly cancelledAloy vera.Image credit: Guerrilla News by Victoria Kennedy News Reporter Published on Jan. 21, 2025 An MMO based on Sony's Horizon IP has reportedly been cancelled.We first got wind of a Horizon MMO in 2022, when a report stated the project was in the works at Guild Wars' NCSoft. At this time, a source familiar with both Sony and NCsoft said the two companies had "tentatively agreed to pursue a business partnership in which [NCsoft] will create new games using Sony's promising game IP".A year later in 2023, Sony and NCsoft publicly announced a strategic partnership, designed to "expand beyond console and broaden PlayStation's reach to a wider audience". While neither company referenced Horizon as part of the announcement, it was widely believed the series was a key part of the collaboration.To see this content please enable targeting cookies. The Death of Console Exclusives Is Inevitable and I Don't Know How I Feel About It. Watch on YouTubeSince then we've heard little more, other than job listings shared in 2023 which appeared to confirm the Horizon MMO was in development with the codename Project Skyline (with the initial codename being Project H). And now, it appears the MMO has been cancelled before it was even officially announced.A report by Korean publication MTN (via ResetEra) states work on Project H and a number of other projects has ceased following a "feasibility review" at NCSoft. "Among them, 'H' and 'J' have already disappeared from the company's organisational chart," reads a translation of the report.The Horizon MMO was reportedly set for a release on PC and mobile. Eurogamer has reached out to NCSoft and Sony with regards to today's report. Image credit: Guerrilla/EurogamerToday's news follows a report earlier in the month that Sony had cancelled two more of its proposed live service games, one from Days Gone developer Bend and one from Bluepoint. Bluepoint was reportedly developing a live service game within the God of War series.In the time since, Bend Studio has said it "still plans on creating cool shit" following the cancellation of its game.