On's platform used a chatbot to aid with customer service, often for sports teams.gettyFederal prosecutors in San Francisco said Thursday that the founder of a venture-backed AI chat startup allegedly used over $4 million of investor funds to purchase a home, fund private schools, buy luxury cars, and even pay for his wedding venue. Authorities called the founders fraud brazen and wide-ranging, where he vastly overstated the companys revenue and other financials, per the indictment.Alex Beckman, the founder and former CEO, and his wife Valerie Lau Beckman, were charged with wire fraud, conspiracy to commit wire fraud, securities fraud, among other charges. Lau Beckman is an attorney that worked as general counsel for Industry Ventures, a startup fund, and worked closely with On, which was formerly known as GameOn Technology.Since Beckman founded it in 2014, On raised over $125 million in investment from venture capital firms B3 Capital and Quest Venture Partners, along with numerous celebrities, including the retired NFL legend Joe Montana, and the retired NBA star Andr Iguodala, according to Pitchbook. Prosecutors said that in most years, GameOns annual revenue was materially less than $500,000.Beckman, Lau Beckman and On, as well as Ons investors, did not immediately respond to comment requests.On, which was valued at over $260 million, according to Pitchbook, claims to be a customer service-focused AI-based chat system that works with numerous sports teams including the New York Yankees, the Sacramento Kings, and the Oakland Roots, a soccer club. None of those teams responded to Forbes request for comment.In July 2024, Beckman resigned as CEO after being pushed out by the board, which had discovered an elaborate deception, Venture Beat reported. According to a letter sent to shareholders at the time, a company account that should have had $11 million in it, only contained $0.37.Prosecutors also say that in June 2024, Lau delivered a falsified financial statement to a bank that purported to show that the company had over $13 million in its account, when in fact, it had just $25.93.Hans Swildens, the CEO and founder of Industry Ventures confirmed that Lau Beckman left the company on December 31, after four months of maternity leave. Swildens declined to comment further.The couple were arrested on Thursday and made their initial appearance in a San Francisco courtroom.The Bay Area is home to incredible innovation and hard-working entrepreneurs, but innovation cannot grow through fraud, Patrick D. Robbins, a federal prosecutor, said in a statement. Schemes like the ones that defendants are charged with threaten our financial markets and cheat investors.MORE FROM FORBES

The new Ari app is a "wing girl" for men who are trying to find a dateAriA dating service is launching an AI wing girl to help men land matches on dating sites. Called Ari, the AI provides personalized real-time advice for men to help them navigate the difficult world of dating, a representative told me.The problem with digital dating? Its literally digital Darwinism in action.Just 10% of the men get 90% of the matches, says VIDA, the company behind the Ari AI dating app. It gets worse: the bottom 50% of men receive just 1% of matches, which is why, the company says, 63% of men under 30 are single and one in three young men report zero intimacy in the past few years.Men who are overwhelmed by isolation and lack meaningful connections are facing increasing levels of depression and anxiety every day," Scott Valdez, co-founder and CEO of Ari and VIDA, said in a statement. Ari is here to help level the playing field.Ari will help you build your bio, write better opening messages to potential dates, and give you real-time expert dating advice for any dating scenario, the company says.The AI-powered Ari app is a "wing girl" for men in today's complex digital dating scene.John KoetsierAccording to the company, men using the app report a 300% increase in dates within the first month of trying Ari. The AI powering the app builds on millions of messages from tens of thousands of dates, the company says.MORE FOR YOUWhen I downloaded the app and tried it, Ari gave me three suggestions in response to a fictional dates message: Why should I go out with you?Why rush to conclusions when finding out could be so much more fun?Thats a pretty big question for someone I havent even had coffee with yetI dont do auditions. Lets just see if we click Overall: not bad, especially considering I didnt actually give Ari any context, or screenshots of the chat, or any details about my fictional date. Like most AI-generated responses, even if they dont exactly work verbatim, they can be good starting points.Also, Ari gave good insight on a response to a fictional query about where we were going to go on the date. Rather than just spout a couple obvious options like a restaurant, movie theater, bar, or coffee shop, Ari suggested that I ask my potential date what kinds of places she would actually enjoy going on a first date.Smart: that continues the conversation, signals that I care about my dates feelings and desires, and allows me to choose from some of the places she mentions.Ari says shell give me a magnetic profile in minutes just by asking me 9 questions,All this insight doesnt come cheap: Ari starts out at $25/month in Canada, where I live, or $20/month in the U.S. But she is available to answer any dating questions I might have, like what I should wear on a first date.(Little hint: no sweatpants.)Importantly, Ari doesnt take away the real human element - she empowers it, says Valdez. The real problem isn't too much AI in dating - its that we dont have enough. Our goal is to empower people to form genuine connections.Ari isnt only available as a copilot for dating apps, apparently. You can also use her insights and messages when sliding into DMs or, the company says, when navigating real-world encounters ... which might be a little awkward if you have to furiously type on your phones keyboard every time a cute potential date says something.The app is available now for both iPhone and Android.

TL;DR: Parents, students, and educators across North America are reeling after what is shaping up to be the largest data breach of the new year. Hackers infiltrated a cloud-based software provider used by K-12 schools, compromising the sensitive information of millions of students and school personnel. Based in Folsom, California, PowerSchool serves 16,000 schools globally and manages data for over 60 million students. On January 7, the company confirmed that attackers had accessed and exfiltrated personal data stored in its Student Information System.The stolen data includes Social Security numbers, medical records, and home addresses. A report by Bleeping Computer revealed an extortion note from the attackers claiming they had stolen the records of 62.4 million students and 9.5 million teachers.Among the hardest hit is the Toronto District School Board in Canada, which disclosed Monday that information on all students enrolled between 1985 and 2024 was exposed, equating to 1.4 million students and over 90,000 teachers. The data included names, dates of birth, health card numbers, home addresses, disciplinary notes, and even residency status. The district noted that the scope of the breach varied depending on the enrollment period but affected every student within that timeframe.District NameStudents ImpactedTeachers ImpactedToronto District School Board1,484,73390,023Peel District School Board943,08239,693Dallas Independent School District787,21279,718Calgary Board of Education593,518133,677Memphis-Shelby County School485,08754,501San Diego Unified472,278Possibly not stolenCharlotte-Mecklenburg Schools467,97457,486Wake County Public School461,00592,783California's Menlo Park City School District also reported significant fallout. All current students, staff, and anyone enrolled or employed since the 2009 2010 school year were impacted. This breach includes nearly 10,700 students and many former staff members.PowerSchool stated it had communicated with the hackers, who allegedly said they would not release the data, supported by a video of its purported deletion. However, experts warn that such claims are impossible to verify and that the threat actors could still post the stolen information on the dark web. Several school districts have included these assurances in their breach notifications despite the dubious deletion claims from the attackers. // Related StoriesPowerSchool has not confirmed the number of affected individuals or whether it paid a ransom. However, it has begun offering those impacted a free two-year credit monitoring package. The breach illustrates the vulnerabilities of online education systems. It's not just banks, large corporations, and social media platforms that hackers target.

Dell is home to some of the best monitor deals. Thats especially true today, as Dell has discounted a 27-inch curved gaming monitor to just $130, reduced from $230. This is a clearance deal, so stock will be strictly limited once the allocation runs out, youve missed out. That means youll need to be quick with the buy button so you dont miss out on the $100 saving. Have a quick read of what we have to say about it below, then get straight to buying if you want a more immersive experience for less.Dell is a great option for monitors, whether youre seeking out the best monitors for your home office or the best gaming monitors for your downtime. When it comes to gaming, you want a high refresh rate, high resolution, and some great adaptive sync features all of which the Dell 27-inch curved gaming monitor offers.The 27-inch screen has deep blacks and a high contrast ratio. Its a curved display with a 1500R curvature that draws you into the action more than a standard screen. It offers a full HD resolution of 1920 x 1080, which makes sense at this price. Youd need to pay more for the joys of a 1440p, but full HD will suit most needs. It also has a high refresh rate of 144Hz, so smooth gaming is fine here, with that further enhanced by Nvidia G-Sync and AMD FreeSync Premium compatibility. It also has a response time of 4ms gray-to-gray with 1ms MPRT.RelatedThis isnt top of the range stuff to match with the absolute best gaming PCs, but its a reliable option at a fantastic price. It includes key ports like a DisplayPort 1.2 along with two HDMI 1.4 ports for connecting either PC or games console.Essentially, this Dell display is a solid curved gaming monitor at a truly fantastic price. Normally $230, its down to $130 for a limited time at Dell. Its a clearance deal so it wont be around for long, but its worth strongly considering and quickly. Check it out through the button below.Editors Recommendations

Apple launched the LaserWriter printer in March 1985, nearly 40 years ago. Combined with a Macintosh computer, Adobe Postscript technology, and Aldus PageMaker software, it made desktop publishing a reality.Apples earlier printer, the ImageWriter was a dot-matrix printer with limited speed and resolution. Adding the option of a laser printer was game-changing. Suddenly, professional print layout and printing were possible with a personal computer system you could fit on a desk.Recommended VideosMore importantly, the synergy of this advanced technology allowed Apple to implement a WYSIWYG design. Otherwise known as What You See Is What You Get, this soon became the standard for desktop publishing. Today, we expect this from every document we print. A document looks the same on the screen as it does on paper. That wasnt always the case.A classic Apple Macintosh shows a friendly hello on-screen. AppleTo be fair, a revolutionary system like this was first imagined by Xerox researchers at PARC (Palo Alto Research Center). The Xerox Star was an enterprise solution that was quite similar to Apples Lisa and Macintosh computers with an easy-to-use graphical user interface controlled by a mouse. The days of typing cryptic code words to operate computer software would soon be relegated to programmers. While the LaserWriter was quite expensive compared to the best printers available in 2025, it was much more affordable and manageable than competing solutions. For about $7,000, businesses could have an in-house, high-quality laser printer that could print eight pages per minute at 300 dpi. At that resolution, text and graphics become crisp enough to smooth rough edges and make fine print readable.To achieve this feat, Apple gave the LaserWriter a powerful processor, the same Motorola 68000 chip used in the Macintosh. It could run Adobe Postscript software to maximize quality while minimizing data transfer times, making printing fast, reliable, and efficient.Todays best color laser printers roll out crisp, vivid documents at up to 1,200 dpi with blazing speeds of 35 pages per minute. Even a budget-priced inkjet printer greatly surpasses the LaserWriters speed and print quality.Still, Apple earned a place in desktop publishing history with the remarkable LaserWriter printer.Editors Recommendations

Qualcomm CEO Cristiano Amons total compensation in 2024 was increased by about $2.4 million from 2023.

Biotechnology venture capital is recovering from its slide and investors are expressing optimism about 2025, even as they confront uncertainties weighing on their industry.

The actor directs a painfully stiff thriller starring Mark Wahlberg as a sinister pilot in the Alaskan wilderness.

What happens in a secular world where ancient taboos about forbidden knowledge have been dismantled and individuals must cope alone?

A "COMPLETELY INVISIBLE" BACKDOOR Backdoor infecting VPNs used magic packets for stealth and security J-Magic backdoor infected organizations in a wide array of industries. Dan Goodin Jan 23, 2025 6:42 pm | 5 Credit: Getty Images Credit: Getty Images Story textSizeSmallStandardLargeWidth *StandardWideLinksStandardOrange* Subscribers only Learn moreWhen threat actors use backdoor malware to gain access to a network, they want to make sure all their hard work cant be leveraged by competing groups or detected by defenders. One countermeasure is to equip the backdoor with a passive agent that remains dormant until it receives whats known in the business as a magic packet. On Thursday, researchers revealed that a never-before-seen backdoor that quietly took hold of dozens of enterprise VPNs running Juniper Networks Junos OS has been doing just that.J-Magic, the tracking name for the backdoor, goes one step further to prevent unauthorized access. After receiving a magic packet hidden in the normal flow of TCP traffic, it relays a challenge to the device that sent it. The challenge comes in the form of a string of text thats encrypted using the public portion of an RSA key. The initiating party must then respond with the corresponding plaintext, proving it has access to the secret key.Open sesameThe lightweight backdoor is also notable because it resided only in memory, a trait that makes detection harder for defenders. The combination prompted researchers at Lumin Technologys Black Lotus Lab to sit up and take notice.While this is not the first discovery of magic packet malware, there have only been a handful of campaigns in recent years, the researchers wrote. The combination of targeting Junos OS routers that serve as a VPN gateway and deploying a passive listening in-memory only agent, makes this an interesting confluence of tradecraft worthy of further observation.The researchers found J-Magic on VirusTotal and determined that it had run inside the networks of 36 organizations. They still dont know how the backdoor got installed. Heres how the magic packet worked:The passive agent is deployed to quietly observe all TCP traffic sent to the device. It discreetly analyzes the incoming packets and watches for one of five specific sets of data contained in them. The conditions are obscure enough to blend in with the normal flow of traffic that network defense products wont detect a threat. At the same time, theyre unusual enough that theyre not likely to be found in normal traffic.Those conditions are:Condition 1:at offset 0x02 from the start of the TCP options shows the following two-byte sequence: 1366the TCP options must be at least 4 bytes in sizethe attacker IP address will be in the Sequence Number field of the TCP headerthe destination port number equals 443Condition 2:the source port of the TCP header must contain the following two-byte sequence 36429the attacker IP address will be in the Sequence Number field of the TCP headerthe destination port number equals 443Condition 3:the payload data following the IP and TCP headers starts with the four-byte string: Z4vEthe attacker IP address will immediately follow the four-byte string: 0x04the attacker port number will immediately follow the IP address at offset 0x08Condition 4:at offset 0x08 within the TCP header, the option field starts the following two-byte sequence 59020at offset 0xA within the TCP options starts the attacker IP addressthe destination port number equals 443Condition 5:offset 0x08 within the TCP options starts the following two-byte sequence 59022offset 0xA within the TCP options starts the attacker IP addressthe attacker port number will follow the attacker IP at offset 0x0E from the start of the TCP optionBlack Lotus Labs wrote:If any of the remote IP addresses match on one of the five predefined conditions above, it moves to spawn a reverse shell. The reverse_shell function forks, creating a child process and renames it to [nfsiod 1]. Next it enters a loop that will connect back to the IP and port retrieved from the packet filter, using SSL. It creates a random alphanumeric string that is five characters long. This random string is encrypted using a hardcoded public RSA key.It sends the encrypted five-character string as a challenge to the supplied IP/port combo. The response from the IP is compared to the previously created random string. If they are not equal, the connection is closed. If the strings are equal, then a shell is created with the command prompt >> until it receives the exit command. This would allow them to run arbitrary commands on the impacted device.The reason for the RSA challenge in J-Magic is likely to prevent other attackers from spraying magic packets all over the Internet to enumerate infected networks and then using the backdoor for their own competing purposes. Black Lotus Labs said a backdoor used in 2014 by Russian-state threat group Turla also used such a challenge.Completely invisibleMagic packets give backdoors more stealth because the malware doesn't need to open a specific port to listen for incoming connections. Defenders routinely scan their networks for such ports. If they spot an open port they dont recognize, its likely the infection will be detected. Backdoors like J-Magic listen to all incoming data and search for tiny specks of it that meet certain conditions.The J-Magic agent is a variant of cd00r, a PoC first released in 2000 and updated in 2014. It was designed to, as the developer explained it, test the idea of a completely invisible (read: not listening) backdoor server. The same year cd00r was updated, security researchers found Turla implementing cd00r agent into its own custom backdoor.Magic packets have been in use for years. Threat actors working on behalf of the Chinese government and other nation-states have been caught doing the same thing, as have the developers of a proof-of-concept rootkit for infecting GPUs.Black Lotus Labs also said that the campaign using J-Magic overlaps with one from 2023 that used a backdoor, tracked as SeaSpy, that infected Barracuda mail servers. Both borrow heavily from cd00r, and both are developed to run on FreeBSD, the operating system used in both Barracuda and Juniper devices.Black Lotus has determined that J-Magic was active from mid-2023 until at least mid-2024. Targets came from a wide array of industries, including semiconductor, energy, manufacturing, and IT verticals.Dan GoodinSenior Security EditorDan GoodinSenior Security Editor Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords. In his spare time, he enjoys gardening, cooking, and following the independent music scene. Dan is based in San Francisco. Follow him at here on Mastodon and here on Bluesky. Contact him on Signal at DanArs.82. 5 Comments