MacworldWant to learn a new language? Babbel is making it easier than ever to learn a new language with a lifetime subscription marked down to $129.99 (reg. $599).Babbel is a full-fledged language education tool developed by a team of over 100 expert linguists and backed by research from institutions like Yale University and Michigan State. Duolingo wishes.With over 10,000 hours of lessons spanning 14 languages, youre covered whether youre interested in Spanish, German, Indonesian, Turkish, and beyond.Babbels lessons are intentionally designed to be digestible yet functional, with each one lasting about 10 to 15 minutes. This lets you fit language learning seamlessly into your day, from a quick practice session over coffee to a full lesson in the evening.Speech recognition technology helps you nail pronunciation while interactive, real-life topics like shopping and dining prepare you for real conversations. And with offline access, you can keep learning on the go, even without Wi-Fi.You only have until February 2 at 11:59 p.m. PT to get a Babbel Lifetime Subscription on sale for $129.99.Babbel Language Learning: Lifetime Subscription (All Languages) $129.99See DealStackSocial prices subject to change.

Jan 27, 2025Ravie LakshmananMalware / SEO PoisoningThreat hunters have detailed an ongoing campaign that leverages a malware loader called MintsLoader to distribute secondary payloads such as the StealC information stealer and a legitimate open-source network computing platform called BOINC."MintsLoader is a PowerShell based malware loader that has been seen delivered via spam emails with a link to Kongtuke/ClickFix pages or a JScript file," cybersecurity firm eSentire said in an analysis.The campaign has targeted electricity, oil and gas, and the legal services sectors in the United States and Europe, per the company, which detected the activity in early January 2025.The development comes amid a spike in malicious campaigns that are abusing fake CAPTCHA verification prompts to trick users into copying and executing PowerShell scripts to get around the checks, a technique that has come to be known ClickFix and KongTuke."KongTuke involves an injected script that currently causes associated websites to display fake 'verify you are human' pages," Palo Alto Networks Unit 42 said in a report detailing a similar campaign distributing BOINC."These fake verification pages load a potential victim's Windows copy/paste buffer with malicious PowerShell script. The page also gives detailed instructions asking potential victims to paste and execute the script in a Run window."The attack chain documented by eSentire starts when users click on a link in a spam email, leading to the download of an obfuscated JavaScript file. The script is responsible for running a PowerShell command to download MintsLoader via curl and execute it, after which it deletes itself from the host to avoid leaving traces.Alternate sequences redirect the message recipients to ClickFix-style pages that lead to the delivery of MintsLoader by means of the Windows Run prompt.The loader malware, in turn, contacts a command-and-control (C2) server to fetch interim PowerShell payloads that performs various checks to evade sandboxes and resist analysis efforts. It also features a Domain Generation Algorithm (DGA) with a seed value based on the addition of the current day of the month to create the C2 domain name.The attack culminates with the deployment of StealC, an information stealer sold under the malware-as-a-service (MaaS) model since early 2023. It's assessed to be re-engineered from another stealer malware known as Arkei. One of the notable features of the malware is its ability to avoid infecting machines located in Russia, Ukraine, Belarus, Kazakhstan, or Uzbekistan.News of the MintsLoader campaign also follows the emergence of an updated version of the JinxLoader dubbed Astolfo Loader (aka Jinx V3) that has been rewritten in C++ likely for performance reasons after its source code was sold off by the malware author Rendnza to two separate buyers Delfin and AstolfoLoader."While @Delfin claims to be selling JinxLoaderV2 unchanged, @AstolfoLoader opted to rebrand the malware and modify the stub to C++ (Jinx V3), instead of using the original Go-compiled binary," BlackBerry noted late last year."Services like JinxLoader and its successor, Astolfo Loader (Jinx V3), exemplify how such tools can proliferate quickly and affordably and can be purchased via popular public hacking forums that are accessible to virtually anyone with an Internet connection."Cybersecurity researchers have also shed light on the inner workings of the GootLoader malware campaigns, which are known to weaponize search engine optimization (SEO) poisoning to redirect victims searching for agreements and contracts to compromised WordPress sites that host a realistic-looking message board to download a file that contains what they are purportedly looking for.The malware operators have been found to make changes to the WordPress sites that cause those sites to dynamically load the fake forum page content from another server, referred to as the "mothership" by Sophos.GootLoader campaigns, besides geofencing IP address ranges and allowing requests to originate from specific countries of interest, go further by permitting the potential victim to visit the infected site only once in 24 hours by adding the IP to a block list."Every aspect of this process is obfuscated to such a degree that even the owners of the compromised WordPress pages often cannot identify the modifications in their own site or trigger the GootLoader code to run when they visit their own pages," security researcher Gabor Szappanos said.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

submitted by /u/marketrent [link] [comments]

cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Halliday AI glassesBen sinThe idea of the smart glasses -- a pair of eyewear that can do smartphone-like things directly on our face -- has been around for a few years, but 2025 seems to be the year the product category really pick up steam. At this month's CES (Consumer Electronics Show) trade show in Las Vegas, smart glasses were the star of the show, with brands both established and new showing off their vision of smart eyewear.Most of these smart glasses use what is called a waveguide technology to project visuals in front of the wearer's face. I've tested a few products with this tech before, and while the tech has an undeniably futuristic feeling, the reality is the waveguide tech requires a prism built into the lens that distorts a section of my visuals. On top of that, even when the display is not on, the prism is visible to myself and others (see the image below of RayNeo's smart glasses).Notice the prism on the lens in the RayNeo smart glasses can be seen at all times.TCLAnd so a brand named Halliday has decided try another route with its pair: the Halliday AI glasses still project visuals in front of the user's face, but the display is mounted on the inside of the frame (the side facing the wearer's face), above the right eye. This means to see the screen, the wearer would have to glance up slightly, and the projected visuals will be over the glasses' black frame instead of "on the real world" like other waveguide glasses, but Halliday believes this is a more practical approach.Halliday AI smart glassesBen SinFor one, the display becomes much more discreet -- others won't be able to see the screen at all, unless they do the very unusual move of hovering over your head looking your face from inches away. The fact the display isn't embedded onto the lens also frees up the field of view from any prism distortion; and it makes the lens far easier and cheaper to replace if they were to get damaged.The tiny module on top of the Halliday glasses's frameBen SinText displayed by the glasses' moduleBen SinI've been trying a prototype version of the Halliday glasses for the past week, and I really like this idea. I actually like that I need to glance up to see the screen, so it's not constantly in my face as a distraction. I also like that this alternative screen tech allows the Halliday glasses to be lighter and thinner (35g) than most other smartglasses, which can appear bulky due to the waveguide technology requiring space inside the frame.I still think the Halliday AI glasses are slightly larger than a regular pair of glasses, but it's not so much that it would attract attention. I have worn these in public and the glasses have not attracted questions from acquaintances (friends would obviously ask, because I don't normally wear glasses).It took skilled engineering for Halliday to build the display so discreet: it's a tiny module measuring just 3.5mm. But despite how small the display is, the visuals projected is very, very bright (even outdoors, I didn't need brightness to go above 10%), and the visuals projected to my eye approximates a 3.5-inch screen.The optical module measures just 3.5mmBen SinThe display appears roughly like a circula 3.5-inch screenBen SinThe glasses do need to pair to a smartphone to work, and Halliday has a well-designed app for iPhones and Android devices. Once paired, the glasses will use your smartphone's data. You control the glasses via a touch sensitive panel on the right arm of the glasses, or a controller ring that Halliday is including with the package.But the digital AI assistant you use will be Halliday's own, not Apple's Siri or Google's Assistant. Halliday's AI agent runs large language multimodal AI and has been optimized by the company to run on the glasses. It can do basic digital assistant things like answering questions and live interpretation, but it can also apparently be much smarter -- as proactive AI agent that can chime in during your daily interactions. To be honest, I don't want an AI to always be listening in, so I turned the proactive feature off (plus, it's not fully ready for real testing anyway). But the reactive AI works very well. I can ask the glasses to convert currency, and I'd see the results on the display within one to two seconds, which is much faster than other AI glasses I've tested.The smart ringBen SinThe interpretation works mostly well: I had a friend speak Spanish, and the glasses were able to pick up the audio and then project English text in front of my eyes. There is about a 1-2 second delay, so the speaker will need to occasionally pause or speak slightly slower than usual. I don't think this can be used to interpret entire meetings or dinner conversations, but it's enough to help me order food or direct a taxi driver in a foreign land.Halliday glassesBen SinHonestly, I don't really need a pair of smartglasses to go so above and beyond being able to answer questions and show me notifications. I do not need it to chime in offering me suggestions, I do not need to wear the glasses to watch a foreign movie without subtitles. I just want to be able to ask the glasses to direct me to an address, or tell me how much 5,000 yen is in U.S. dollars, or tell me I have an urgent email that just came through little things that free me up from needing to pull out my phone every two minutes. And to that, the Halliday AI glasses deliver.Unfortunately, the product isn't immediately on sale yet, but is going the Kickstarter route. But the glasses, which start at $399 on the site, are more than fully backed, having generated over 1.3 million already. Halliday is promising the glasses will ship in April.

A Tree Bent from the Force of the WindgettyWhen people talk about cybersecurity, they often focus on the latest tools or fancy technologies. But in my experience, leading global teams through tough situations, leadership is the real foundation of cyber resilience.Cybersecurity isnt just about technical fixes; its about protecting the business. It requires clear thinking, teamwork, and a culture where everyone plays their part. Leaders who get this can move their organisations from reacting to problems to staying ahead of them.Leaderships Role in Cyber ResilienceGood leadership is essential for any organisation that wants to be resilient. CEOs, board members, and senior leaders need to realise that cybersecurity isnt just the IT departments job. Its a priority for the whole business.Heres how leadership can drive resilience:Clear Vision: Leaders should define what cybersecurity success looks like, identify risks, and lay out a plan to address them.Building a Strong Culture: A resilient organisation makes security part of everyday work. Leaders need to encourage open communication, reward employees for spotting risks, and provide regular training.Providing Resources: Leaders must ensure teams have the budget, tools, and people they need to keep the organisation secure.A Real-Life Lesson in ResilienceAt one point, while working in a cybersecurity start-up, we found a critical problem in our product that needed fixing immediately. With leadership stepping up, we brought together a team from different parts of the company and rolled out a solution in less than 24 hours. It wasnt just about fixing the issue; it showed our clients that they could trust us to handle challenges quickly and effectively. On top of that, we were operating in the Waterfall days of development so making emergency changes wasnt as normal a practice as it is today with Agile development methodologies.Practical Steps for LeadersSet Up Clear Roles: Make sure everyone knows who is responsible for what in a cybersecurity event. This clarity speeds up decisions when it matters most.Adopt Zero Trust Principles: Work on the idea of never trust, always verify. Use tools like multi-factor authentication and monitor systems in real time.Encourage Collaboration: Cybersecurity isnt just ITs problem. Get teams from legal, HR, and other departments working together.Track the Right Metrics: Focus on meaningful numbers like how quickly threats are detected, employee training participation, and the security of vendors.MORE FOR YOUFrom Reaction to ResilienceCyber incidents are going to happen. The key is how well and how quickly you respond. Leaders need to make sure their organisations are ready, with incident response plans that are practised and updated regularly. Relationships with outside experts can also be a lifesaver when things go wrong.As threats grow more complex, good leadership in cybersecurity matters more than ever. By building a culture of resilience, aligning security with business goals, and providing the right resources, leaders can turn cybersecurity from a challenge into an advantage.Cyber resilience isnt something you check off a list. Its an ongoing effort. But with the right leadership, its an effort that pays off. Lets take the lead and build organisations that arent just safe but ready for whatever comes next.

If you use the popular messaging app WhatsApp on an iPhone, there may be times when you wish you had the ability to add more than one account. The good news is that a recent update for WhatsApp, released via Apples TestFlight beta program, includes the feature, suggesting that it could be rolled out soon for everyone using WhatsApp on an iPhone.Android users will be scoffing at this news, as the feature has been available for WhatsApp on that platform since 2023. But hey, better late than never.Recommended VideosSetting up additional WhatsApp accounts on a single device can be done in a few steps, though youll need to have another phone number or a phone that supports more than one SIM card, or eSim.Please enable Javascript to view this contentWABetaInfo, which first reported the incoming feature, confirmed that the recent update eliminated the need for multiple devices or parallel apps to manage different WhatsApp accounts, simplifying account management and enhancing convenience for users.iPhone users will be able to add a new account to WhatsApp using two different methods. The first involves setting up the device as a primary account, while the second lets you scan a QR code to link the new account as a companion.While users will be able to keep all of their conversations organized within a single app, elements such as notifications, chats, backups, and settings will remain distinct for the different accounts, as each one will operate independently within the app, WABetaInfo said.Up to now, a workaround has seen users upload the WhatsApp Business app and using another number for that account, but the new feature will let you use the main app to manage both numbers at the same time, meaning youll no longer have to jump between apps.There are lots of reasons why someone might want to have multiple WhatsApp accounts on one phone. Keeping a separation between work and personal communications is an obvious one, and if you operate multiple businesses then separating these will help you to manage things like customer interactions and branding for each operation. Additionally, some folks may wish to create different personas or profiles for various social circles or interests.Coming late to WhatsApp? Digital Trends has everything you need to know.Editors Recommendations