Feb 26, 2025Ravie LakshmananRansomware / Cyber ThreatMore than a year's worth of internal chat logs from a ransomware gang known as Black Basta have been published online in a leak that provides unprecedented visibility into their tactics and internal conflicts among its members.The Russian-language chats on the Matrix messaging platform between September 18, 2023, and September 28, 2024, were initially leaked on February 11, 2025, by an individual who goes by the handle ExploitWhispers, who claimed that they released the data because the group was targeting Russian banks. The identity of the leaker remains a mystery.Black Basta first came under the spotlight in April 2022, using the now-largely-defunct QakBot (aka QBot) as a delivery vehicle. According to an advisory published by the U.S. government in May 2024, the double extortion crew is estimated to have targeted more than 500 private industry and critical infrastructure entities in North America, Europe, and Australia.Per Elliptic and Corvus Insurance, the prolific ransomware group is estimated to have netted at least $107 million in Bitcoin ransom payments from more than 90 victims by the end of 2023.Swiss cybersecurity company PRODAFT said the financially motivated threat actor, also tracked as Vengeful Mantis, has been "mostly inactive since the start of the year" due to internal strife, with some of its operators scamming victims by collecting ransom payments without providing a working decryptor.What's more, key members of the Russia-linked cybercrime syndicate are said to have jumped ship to the CACTUS (aka Nurturing Mantis) and Akira ransomware operations."The internal conflict was driven by 'Tramp' (LARVA-18), a known threat actor who operates a spamming network responsible for distributing QBot," PRODAFT said in a post on X. "As a key figure within BLACKBASTA, his actions played a major role in the group's instability."Some of the salient aspects of the leak, which contains nearly 200,000 messages, are listed below -Lapa is one of the main administrators of Black Basta and involved in administrative tasksCortes is associated with the QakBot group, which has sought to distance itself in the wake of Black Basta's attacks against Russian banksYY is another administrator of Black Basta who is involved in support tasksTrump is one of the aliases for "the group's main boss" Oleg Nefedov, who goes by the names GG and AATrump and another individual, Bio, worked together in the now-dismantled Conti ransomware schemeOne of the Black Basta affiliates is believed to be a minor aged 17 yearsBlack Basta has begun to actively incorporate social engineering into their attacks following the success of Scattered SpiderAccording to Qualys, the Black Basta group leverages known vulnerabilities, misconfigurations, and insufficient security controls to obtain initial access to target networks. The discussions show that SMB misconfigurations, exposed RDP servers, and weak authentication mechanisms are routinely exploited, often relying on default VPN credentials or brute-forcing stolen credentials.Top 20 CVEs Actively Exploited by Black BastaAnother key attack vector entails the deployment of malware droppers to deliver the malicious payloads. In a further attempt to evade detection, the e-crime group has been found to use legitimate file-sharing platforms like transfer.sh, temp.sh, and send.vis.ee for hosting the payloads."Ransomware groups are no longer taking their time once they breach an organization's network," Saeed Abbasi, manager of product at Qualys Threat Research Unit (TRU), said. "Recently leaked data from Black Basta shows they're moving from initial access to network-wide compromise within hours sometimes even minutes."The disclosure comes as Check Point's Cyberint Research Team revealed that the Cl0p ransomware group has resumed targeting organizations, listing organizations that were breached on its data leak site following the exploitation of a recently disclosed security flaw (CVE-2024-50623) impacting the Cleo managed file transfer software."Cl0p is contacting these companies directly, providing secure chat links for negotiations and email addresses for victims to initiate contact," the company said in an update posted last week. "The group warned that if the companies continue to ignore them, their full names will be disclosed within 48 hours."The development also follows an advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) about a wave of data exfiltration and ransomware attacks orchestrated by the Ghost actors targeting organizations across more than 70 countries, including those in China.The group has been observed rotating its ransomware executable payloads, switching file extensions for encrypted files, and modifying ransom note text, leading the group called by other names such as Cring, Crypt3r, Phantom, Strike, Hello, Wickrme, HsHarada, and Rapture."Beginning early 2021, Ghost actors began attacking victims whose internet facing services ran outdated versions of software and firmware," the agency said. "Ghost actors, located in China, conduct these widespread attacks for financial gain. Affected victims include critical infrastructure, schools and universities, healthcare, government networks, religious institutions, technology and manufacturing companies, and numerous small- and medium-sized businesses."Ghost is known to use publicly available code to exploit internet-facing systems by employing various vulnerabilities in Adobe ColdFusion (CVE-2009-3960, CVE-2010-2861), Fortinet FortiOS appliances (CVE-2018-13379), and Microsoft Exchange Server (CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207, aka ProxyShell).A successful exploitation is followed by the deployment of a web shell, which is then utilized to download and execute the Cobalt Strike framework. The threat actors have also been observed using a wide range of tools like Mimikatz and BadPotato for credential harvesting and privilege escalation, respectively."Ghost actors used elevated access and Windows Management Instrumentation Command-Line (WMIC) to run PowerShell commands on additional systems on the victim network often for the purpose of initiating additional Cobalt Strike Beacon infections," CISA said. "In cases where lateral movement attempts are unsuccessful, Ghost actors have been observed abandoning an attack on a victim."Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

Feb 26, 2025The Hacker NewsIdentity Protection / Password SecurityPasswords are rarely appreciated until a security breach occurs; suffice to say, the importance of a strong password becomes clear only when faced with the consequences of a weak one. However, most end users are unaware of just how vulnerable their passwords are to the most common password-cracking methods. The following are the three common techniques for cracking passwords and how to defend against them.Brute force attackBrute force attacks are straightforward yet highly effective techniques for cracking passwords. These attacks involve malicious actors using automated tools to systematically try every possible password combination through repeated login attempts. While such tools have existed for years, the advent of affordable computing power and storage has made them even more efficient today, especially when weak passwords are used.How it worksWhen it comes to brute force attacks, malicious actors employ a range of tacticsfrom simple brute force attacks that test every possible password combination to more nuanced approaches like hybrid and reverse brute force attacks. Each method has a distinct strategy behind it, but the motives behind brute force attacks are the same: to gain unauthorized access to protected data or resources.Some popular automated tools for carrying out brute force attacks include:John the Ripper: a multiplatform password cracker with support for 15 different operating systems and hundreds of hashes and cipher typesL0phtCrack: a tool that uses rainbow tables, dictionaries, and multiprocessor algorithms to crack Windows passwordsHashcat: a cracking/password recovery utility that supports five unique modes of attack for over 300 highly-optimized hashing algorithmsExamplesBack in August 2021, U.S. mobile operator T-Mobile fell victim to a data breach that started with a brute force attack. The security compromise resulted in the exposure of over 37 million customer records containing sensitive data like social security numbers, driver's license information, and other personally identifiable data.Defense measuresUsers should choose strong, complex passwords and multi-factor authentication (MFA) to protect against brute force attacks. Administrators should implement account lockout policies and continuously audit their Windows environments for weak and breached passwords. Tools like Specops Password Auditor can automate these processes across expansive IT environments.Dictionary attackIn a password dictionary attack, cyber attackers try to gain access by using a list of common passwords or words from a dictionary. This predefined word list typically includes the most often used words, phrases, and simple combinations (i.e., "admin123"). Password dictionary attacks underscore the importance of complex, unique passwords, as these attack types are especially effective against weak or easily guessable passwords.How it worksThe process starts with compiling a list of potential passwords from data breaches, common password lists, or publicly available resources. Using an automated tool, malicious actors perform a dictionary attack, systematically testing each password against a target account or system. If a match is found, the hacker can gain access and carry out subsequent attacks or movements.ExamplesMalicious actors used password dictionaries to crack hashed passwords in several high-profile security incidents, such as the 2013 Yahoo data breach and the 2012 LinkedIn data breach. This allowed them to steal the account information of billions of users.Defense measuresWhen creating or resetting passwords, users should use a combination of letters, numbers, and special characters, and avoid using common words or easily guessable phrases. Administrators can implement password complexity requirements in their policies to enforce these mandates across the organization. Rainbow table attacksA rainbow table attack uses a special table (i.e., a "Rainbow Table) made up of precomputed strings or commonly used passwords and corresponding hashes to crack the password hashes in a database.How it worksRainbow table attacks work by exploiting chains of hashing and reduction operations to efficiently crack hashed passwords. Potential passwords are first hashed and stored alongside their plaintext counterparts in the rainbow table, then processed with a reduction function that maps them to new values, resulting in a chain of hashes. This process is repeated multiple times to build the rainbow table. When hackers obtain a hash list, they can reverse lookup each hash value in the rainbow tableonce a match is identified, the corresponding plaintext password is exposed.ExamplesWhile salting (a method of adding random characters to passwords before hashing) has reduced the effectiveness of rainbow table attacks, many hashes remain unsalted; additionally, advances in GPUs and affordable hardware have eliminated the storage limitations once associated with rainbow tables. As a result, these attacks continue to be a likely tactic in current and future high-profile cyber-attacks.Defense measuresAs mentioned previously, salted hashes have significantly reduced the effectiveness of precomputed tables; organizations should therefore implement strong hashing algorithms (e.g., bcrypt, scrypt) in their password processes. Administrators should also regularly update and rotate passwords to reduce the likelihood of rainbow table dictionary matches/hits.In short, passwords aren't perfect, but complex and sufficiently long passphrases remain a vital first line of defense against advanced password-cracking techniques. Tools like Specops Policy provide an extra layer of protection by continuously scanning Active Directory against a database of over 4 billion breached passwords. Contact us for a free demo today.Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

John Edwards, Technology Journalist & AuthorFebruary 26, 20255 Min ReadAndriy Popov via Alamy Stock PhotoTransforming a lackluster IT development team into a top performer isn't particularly difficult. It does, however, require a commitment to excellence that's achieved by practicing several essential traits.A focus on results is a key differentiator in high-performing IT teams that continue to be successful over the long term, says Shriram Natarajan, a director with technology research and advisory firm ISG. "For traditional IT teams, a customer focus would be sufficient, but development teams are one step removed from customer feedback," he observes in an email interview. "The team should be focused on the results they have set for themselves as measured by metrics, such as velocity, predictability, quality and acceptance."A high-performing development team consistently focuses on eliminating toil, says Matthew Sharp, CISO at Xactly, a provider of enterprise cloud-based sales performance management solutions. "This involves reducing or removing repetitive, manual, and tedious processes by building automated pipelines, tackling technical debt, and streamlining workflows," he explains in an online interview. "By minimizing unnecessary overhead, teams can focus their energy on impactful, innovative work, rather than on routine maintenance."Related:Achieving Full ProductivityEliminating toil not only enhances productivity, but also directly contributes to a better developer experience, Sharp says. "When teams feel empowered to focus on meaningful, creative tasks rather than repetitive ones, they tend to be happier, more engaged, and better equipped to deliver high-quality results."The most crucial habit of any high-performing IT development team is consistent, transparent communication coupled with systematic knowledge sharing, observes Harmeet Bhatia, a technical account manager at Amazon Web Services. "This habit goes beyond routine stand-ups or documentation -- it encompasses a culture where information flows freely and deliberately across all team members."In an email interview, Bhatia notes that open communication can be "extraordinarily effective," since it simultaneously addresses multiple critical development aspects. "When teams maintain open communication channels and actively share knowledge, they reduce bottlenecks, eliminate single points of failure, accelerate the onboarding of new members, and foster innovative problem-solving." A team member struggling with a complex bug, for instance, can benefit from a colleague's past experience with similar issues, potentially saving hours or days of troubleshooting.Related:High-performing teams need cooldown periods to stay at their best, observes Ludovic Dehon, CTO of Kestra, which offers an open-source orchestration and applications scheduling platform. "No one can keep up high-intensity work all of the time without burning out," he states via email. "We move through different seasons -- times of intense productivity that bring results, followed by rest seasons where we can take a breather, work on creative projects, or tackle lighter tasks."Knowledge SharingSuccessful teams treat knowledge sharing as a core part of their development process, not an optional add-on, Bhatia says. "They recognize that the time invested in communication and documentation pays dividends through improved code quality, faster problem resolution, and more resilient team structures," he explains. "This approach creates a positive feedback loop in which better communication leads to better outcomes, which in turn motivates more sharing." The key, Bhatia notes, is finding the sweet spot where communication enhances rather than impedes development work.Leaders should foster a culture of commitment, Natarajan recommends. Development work involves experimentation. "Leaders should focus on overall learning and progress rather than metrics like immediate velocity," he says. "This enables the development team to be creative in their approach and find power boosts -- like AI tools -- along the way."Related:Sharp suggests accepting a high tolerance for experimentation and learning from failures. "By accepting mistakes as part of the journey, teams can develop creative solutions and innovate more freely." He also recommends ensuring that every team member understands the "why" behind the project's goals. "When the whole team buys into the mission, they're more likely to take ownership of the processes that drive success."As a release deadline approaches, work grows increasingly intense as teams and their leaders race toward the finish line. "After we wrap-up the release, we get a breather -- two weeks to slow down, address technical debt, and think creatively about solving some of our toughest problems" Dehon says. "This natural cycle has helped our team bring fresh, creative ideas to some of our most challenging issues."Final ThoughtsSharp stresses the importance of aligning technical improvements with strategic business goals. "When IT and security teams understand the business impact of their work, they're motivated to innovate and reduce toil, knowing it benefits not only their efficiency but also the organizations overall success.""We all look forward to celebrating each release, knowing that once it's done, no one expects us to dive headfirst into the next cycle," Dehon says. "Instead, we get time to pause, appreciate what we've accomplished, and think deeply about what we want to tackle next."About the AuthorJohn EdwardsTechnology Journalist & AuthorJohn Edwards is a veteran business technology journalist. His work has appeared in The New York Times, The Washington Post, and numerous business and technology publications, including Computerworld, CFO Magazine, IBM Data Management Magazine, RFID Journal, and Electronic Design. He has also written columns for The Economist's Business Intelligence Unit and PricewaterhouseCoopers' Communications Direct. John has authored several books on business technology topics. His work began appearing online as early as 1983. Throughout the 1980s and 90s, he wrote daily news and feature articles for both the CompuServe and Prodigy online services. His "Behind the Screens" commentaries made him the world's first known professional blogger.See more from John EdwardsNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also LikeWebinarsMore WebinarsReportsMore Reports

Pam Baker, Contributing WriterFebruary 26, 202513 Min ReadMode Images via Alamy StockOne could be forgiven for finding comfort in the numbers. Job openings, hires, quits, layoffs and discharges, and total separations rates showed little or no change in the month of November 2024, according to the latest Job Openings and Labor Turnover Survey program of the Bureau of Labor Statistics. The lull isnt likely to last this first quarter of 2025. At the end of last year, disruption was already boiling underneath.AI immediately comes to mind as a major disruptor this year, but it isnt the only one to rise on the job front. By most accounts, AI is expected to shift some hiring trends and eliminate some jobs altogether. But there are dissenters who think that AI is mostly a convenient scapegoat.In developed countries, the vast majority of layoffs blamed on AI this year will be false, says Kjell Carlsson, head of AI strategy at Domino Data Lab. They are just a convenient excuse for cost-cutting measures that are meant to allay customer fears and justify their actions to their remaining employees. In prior decades, companies would blame international competition, activist investors, or the current economic climate. In 2025, they will falsely be blamed on AI.While embarking on an AI transformation does require investment, the amounts are relatively modest and plenty of the companies conducting layoffs have more than sufficient access to cash. And, while AI can help all companies become dramatically more efficient, few organizations have sufficient AI capabilities to implement enough AI use cases for the resulting productivity gains to dramatically affect their need for humans, Carlsson explains.Related:Indeed, AI is likely driving employment trends upward as companies seek and compete for AI talent to run the AI ship, and AI skilled labor to power it out from the dock and on to profitable seas. Unsurprisingly, researchers are finding this to be the case.According to a recent OReilly Technology Trends for 2025 report, interest in AI related skills surged dramatically, with the most pronounced usage increases seen in topics like prompt engineering (456% increase), AI principles (386% increase), and generative AI (289% increase). Use of content about GitHub Copilot soared by an impressive 471%, reflecting developers enthusiasm for tools that enhance productivity.The OReilly researchers found some unexpected nuggets in the research data, too. Among top AI topics, there was a marked decline in interest for GPT, which saw a 13% drop in usage and a similar downward trend in searches, indicating that developers are prioritizing foundational AI knowledge over platform-specific skills to effectively navigate across various AI models such as Claude, Googles Gemini, and Llama.Related:In the short- to mid-terms, most industry watchers expect AI to drive rather than diminish hiring trends.There will be new and existing AI roles in high demand this year. AI engineers and equivalent data scientist, ML engineering, developer, product, managerial roles who have the skills to design, develop, operationalize, and govern AI projects will be highly sought after -- as well as IT roles involved in implementing and administering AI platforms and infrastructure. Expect to see job descriptions asking for agentic AI and AI agent experience, but with little detail on what this means. Translation: it means experience in creating and/or operationalizing LLM-driven pipelines, Carlsson says.The uptick in hiring AI skills extends to non-AI related jobs as well.There will also be a significant uptick in roles related to upskilling organizations on how to use GenAI tools. These roles will be particularly helpful since so many non-tech roles will also be requiring skills and experience using GenAI. Of these, perhaps no role needs AI skills more desperately than recruiters, Carlsson says.Related:Therein lies some of the hottest job opportunities for 2025: those found at the intersections of domain and AI expertise.I think thats one general statement Id make about technology jobs in 2025. Increasingly, the most in-demand professionals are those who dont just bring tech expertise but also interdisciplinary knowledge, who understand the specific ways technology is leveraged in various fields like construction or manufacturing and is able to adapt or develop tools and systems from this perspective, says David Case, president of Advastar Group, a staffing firm focused primarily on construction recruitment.Where the Hot Jobs AreCompanies are now facing historic headwinds in everything from growing inflation, labor shortages from immigration crackdowns, global uncertainties, and supply chain disruptions from unexpected trade wars sparking around the globe. AI and other technologies are the likely means of mitigating disruptions and risks, thereby increasing the demand for both the tech and the creative, critical thinkers who can use the tech to solve problems on the fly. But that also calls for precision and close alignment of talent and tech with rapid fire changes in business needs.The challenge for organizations isnt just building AI -- its ensuring AI is aligned with business objectives, driving measurable impact, mitigating data and AI risk, and justifying investments, says Arjun Pillai, co-founder and CEO of DocketAI, which is billed as the worlds first AI sales engineer.So where are these hot jobs that require a combination of AI and tech skills, domain expertise, and critical thinking skills? Here are a few hot jobs and industries that have job openings now or soon, in the words of the experts who see these developments up close. Most industry watchers say even more hot jobs will emerge over the year, too.Hot Jobs1. Chief AI officerSomeone has to be in charge of the AI train before it runs away and derails!The role of chief AI officer (CAIO) is becoming more common as enterprises navigate the two key aspects of AI adoption. First, organizations need to leverage AI to improve their own productivity. The second aspect of successful AI adoption is having an AI strategy for their own product, service or offerings. Regardless of industry, a CAIO will become a critical part of the C-suite moving forward. They should own the experimental budget and lead an AI committee composed of cross functional team members from different parts of the organization, says Pillai.2. CybersecurityThis year, the cybersecurity job market will witness a huge hiring spike in three highly in-demand roles critical to strengthening security operations in an AI-first world, says Aimei Wei, chief technology officer and co-founder of Stellar Cyber.What are those three roles?Senior security analyst. While many companies are successfully introducing AI to their security products and platforms, we still need human intuition and decision-making capabilities to make the final call. Senior Security Analysts will be critical human anchors in this process for many organizations, says Wei.Junior SOC analyst. Junior analysts, particularly those in security operations, are a highly valuable tech hire because of their ability to quickly learn and adapt using new technologies like AI. Working with AI-assisted tools that explain and add context to its findings is critical for junior analysts to quickly uplevel their knowledge, says Wei.AI researcher. A new role, the AI researcher, will become one of the hottest cybersecurity hires in 2025 because of their ability to study the use of AI by malicious actors in hacking campaigns, analyze AI effectiveness within the tech stack, and develop internal policies on AI usage, says Wei.3. Security architectSecurity architect is not a CISO role renamed. CISOs these days are seeking Security Architects largely because of their unique combination of business acumen, tech skills, and soft skills.I expect demand to rise for security architects, who focus on the big picture of how an organization safeguards itself. As automation and AI lead to more complex threats, these experienced workers are needed to enhance existing systems and practices, says Seth Geftic, vice president of product marketing at Huntress, a cybersecurity company.Refined technical expertise is essential, but this role also demands excellent soft skills. Security architects work closely with business leaders and stakeholders to align strategic goals and account for everyones needs. Plus, security architects are expected to remain up to date on the latest threats. In a changing environment, a talented security architect is invaluable to an organizations success, Geftic adds.4. Specialized developersWhen it comes to developer jobs, AI giveth and AI taketh away. One place it giveth plenty is in AI autonomous agent development.As AI becomes increasingly central to business operations across industries, the spotlight is on professionals who can develop and customize AI agents for specific business needs. These roles require expertise in programming, machine learning, and workflow integration. The demand spans industries like finance, banking, pharma, sales, and marketing where AI-powered tools are being used to streamline processes and improve decision-making to stay competitive in a very dynamic market, says Larry (Lakshmi) Kodali, CEO/founder at OptimHire.But sometimes AI is just one more tool to master in your specialized toolset.According to the 2025 Reveal Software Development Challenge Survey, nearly half (48%) of tech leaders surveyed said that recruiting qualified developers with the right skills will be one the biggest challenges in 2025. There is a strong demand for skilled AI engineers (28%), IT security (16%) and cybersecurity engineers (13%). Tech leaders says that their companies most require AI (63%) and cybersecurity (58%) expertise, highlighting the critical need for talent in these areas to support ongoing technological advancements, says JJ McGuigan, product marketing manager at Infragistics.The trick is to be really, really good at programming or merely so-so. Dont get squeezed out from the middle.The tech hiring landscape is bifurcating. Companies are increasingly seeking either very senior developers who bring strategic expertise or junior developers who can be trained at lower costs. Startups and established firms alike want cost efficiency for routine tasks and top-tier talent for strategic initiatives, which results in declining demand for mid-level developers, says Kodali.5. FinOps engineersYou might ask, what the heck is a FinOps engineer? Basically, its someone who specializes in managing cloud costs.Fascinating is the emergence of professions like FinOps engineers, where finance meets DevOps -- a logical progression as cloud prices skyrocket. At ABC Finance, we have dedicated comparable hybrid positions combining commercial acumen with technology, says Gary Hemming, owner and finance director at ABC Finance in the UK.Here in this market, flexibility rules. The key to succeed in the digital economy of 2025 is skills that close gaps between technology and human intelligence, Hemming adds.6. Network engineersThe demand for network engineers is huge, although the days of gaining a certificate and walking into an entry-level position are mostly over, says Geftic.Many of the older roles are still in demand but many newer roles are appearing on the scene as well.Next-generation telecommunications networks such as 5G and others will open up tremendous opportunities for 5G infrastructure engineers, IoT developers, telecom network planners and AR/VR content creators, says Prashant Ram, CTO of Smoothstack, an IT workforce development company. Key knowledge areas for these roles include telecommunications and networking, IoT development, edge computing and AR/VR development.This growth in networks is fueling growth in other areas too.Many organizations are also coming to terms with the growing threat of sophisticated cyber-attacks aimed at their networks, with skilled network engineers needed to implement and maintain robust security measures. To land the perfect role: learn fundamentals, develop troubleshooting skills, and then level up with automation and scripting, says Geftic.Hot Industries1. In biosecurity and biosafetyA recent survey by ABSA International, the association for biosafety and biosecurity professionals, reveals that 90% of ABSA members describe the biosafety and security market as strong, with 54% stating that career opportunities are better than most fields or the skys the limit.Biosafety and biosecurity professionals ensure compliance in labs and research facilities, maintain safety in high-risk environments, and protect laboratory personnel, the public, and the environment from potential biological hazards. Starting salaries begin in the $46,000 range, accelerate quickly to $200,000 or more, says Rebecca Moritz, professor and biosafety director and director of the office of research collaboration and compliance at Colorado State University and a recent past president of ABSA International.As global health challenges and biological research complexities increase, biosafety and biosecurity professions are experiencing significant growth, offering promising opportunities for college students seeking rewarding, well-paying careers with multiple job paths and those looking for a mid-career change. The need for these jobs is driven by diseases and advances in biotechnology worldwide, global health challenges, and biological research complexities, Moritz adds.2. In process industriesThe process industries category consists of manufacturing sectors that involve the continuous or batch production of goods, such as is seen in the production of chemicals, food, pharmaceuticals, and fuels.According to Jo Braun, president of ABB Process Industries, many of the process industries have long-suffered workforce and skills gaps as older workers retire but arent replaced, and repeated failures in recruiting younger workers for other job openings. The process industries find themselves in an untenable situation as these companies transform into highly autonomous, digital-first, and more sustainable operations. New technology helps to address many of these issues, including attracting a broader range of potential workers. Layoffs and employment shifts in traditional tech roles may help feed the need for such talent in these industries, too.I believe that people working in technology and IT will more than ever reappraise the process industries this year. Automation and digitalization are transforming the likes of mining, pulp and paper, metals and cement into high-tech, purpose-driven fields that are attracting a broader, more diverse workforce who want to achieve real impact with their work, says Braun.Braun points to the following as examples where hot jobs are emerging in process industries:Automation and remote monitoring technology is helping mining operations in places like Chile and Australia be operated from thousands of miles away.AR and VR technologies are having a similar impact, promoting collaboration between on-site and off-site experts who can be on other sides of the world.AI too, while early in its adoption by essential materials-producing industries, offers opportunities for those at the forefront of it. An example is likely to be coding. Many traditional coding jobs in industry will not exist in 10 years, so there will be a workforce shift as industry harnesses the power of AI to transform.3. In renewable energy industriesWhile there is undeniable upheaval in the renewal energy sector spurred by the new US administration, the field is still going strong in other countries. Further, many economists and industry watchers predict that AIs insatiable demand for energy will accelerate progress and spread in renewable energy.One category of tech jobs that remain in very high demand are those related to renewable energy. There are positions in this area that relate to just about every area of the technology sector. For instance, weve seen increasing demand for data scientists with energy expertise who can analyze and optimize the performance, efficiency, and maintenance of renewable energy systems, says Jon Hill, chairman and CEO at The Energists.There is also high demand for developers who can build platforms and software to monitor and manage renewable energy systems, especially those with the skills to integrate AI into these systems for predictive modeling and optimized efficiency. Other roles in high demand include solar photovoltaic (PV) engineers, energy storage system engineers, green hydrogen engineers, smart grid specialists, and wind turbine specialists, Hill adds.Hills advice for tech professionals looking to land jobs in these areas is to gain expertise in renewable energy and its related systems.4. In construction sectorsThe demand for tech pros appears almost insatiable in the construction industry.This is a sector a lot of people overlook when they talk about technology -- they think of construction as mostly manual labor and the skilled trades, but the truth is that is just one aspect of the industry, and technology talent is in very high demand across this sector, says David Case, president of Advastar Group, a staffing firm focused primarily on construction recruitment.The specific jobs that we are seeing the most demand for currently are those related to emerging technologies impacting the construction sector. This includes roles like building information modeling specialists, VR/AR developers, digital twin specialists, IoT engineers, and ConTech (construction technology) engineers with expertise in technology like robotics, drones, and autonomous equipment. There is also ongoing demand for professionals who have expertise in data analysis and AI development/integration, especially those who also have a background or training in the construction sector, Case adds.About the AuthorPam BakerContributing WriterA prolific writer and analyst, Pam Baker's published work appears in many leading publications. She's also the author of several books, the most recent of which are "Decision Intelligence for Dummies" and "ChatGPT For Dummies." Baker is also a popular speaker at technology conferences and a member of the National Press Club, Society of Professional Journalists, and the Internet Press Guild.See more from Pam BakerNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also LikeWebinarsMore WebinarsReportsMore Reports

This is today's edition ofThe Download,our weekday newsletter that provides a daily dose of what's going on in the world of technology. Introducing: the Relationships issue Relationships are the stories of people and systems working together. Sometimes by choice. Sometimes for practicality. Sometimes by force. Too often, for purely transactional reasons. Thats why were exploring relationships in this issue. Relationships connect us to one another, but also to the machines, platforms, technologies, and systems that mediate modern life. Theyre behind the partnerships that make breakthroughs possible, the networks that help ideas spread, and the bonds that build trustor at least access. In this issue, youll find stories about the relationships we forge with each other, with our past, with our children, and with technology itself.Heres just a taste of what you can expect: + People are forming relationships with AI chatbots. Some of these are purely professional, others more complicated. This kind of relationship may be novel now, but its something we will all take for granted in just a few years. + Adventures in the genetic time machine. Ancient DNA is telling us more and more about humans and environments long past. Could it also help rescue the future? + Frozen embryos are filling storage banks around the world. It's a struggle to know what to do with them. Read the full story.+ Our relationships with our employers are often mediated through monitoring systems. And while its increasing the power imbalance between companies and workers, protections are lagging far behind. Read the full story.MIT Technology Review Narrated: The messy quest to replace drugs with electricity Electroceuticals promised the post-pharma future for medicine. But their exclusive focus on the nervous system is seeming less and less warranted. This is our latest story to be turned into a MIT Technology Review Narrated podcast, which were publishing each week on Spotify and Apple Podcasts. Just navigate to MIT Technology Review Narrated on either platform, and follow us to get all our new content as its released.The must-reads Ive combed the internet to find you todays most fun/important/scary/fascinating stories about technology. 1 DOGE is working on software to automate firing workers It builds on an existing program previously used by the US Department of Defense. (Wired $)+ DOGE workers are already resigning from the department. (Fast Company $)+ Can AI help DOGE slash government budgets? Its complex. (MIT Technology Review)2 American workers are generally pessimistic about AIWhereas Silicon Valley cant get enough of it.(WP $) + How to fine-tune AI for prosperity. (MIT Technology Review)3 iPhones are autocorrecting the term racist to TrumpThe company is blaming what it calls a phonetic overlap. (NYT $)+ Its promised to fix the bug as soon as possible. (FT $)4 Amy Gleason is the head of DOGE, apparently The former Digital Service senior advisor is the acting administrator. (NY Mag $)+ But Elon Musk is still ultimately in charge. (NBC News) 5 Groks new unhinged mode can simulate phone sex If thats what youre into. (Ars Technica)6 More data centers dont necessarily mean more jobsThe massive facilities dont actually need many humans to run them. (WSJ $) + Not that thats putting Meta off building a gigantic data center campus. (The Information $)7 China is keen for tech companies to monetize their data But not everyone is buying in. (Rest of World)8 The slow death of the combustion enginePistons are out, and electrons are in. (IEEE Spectrum) + Why EVs are (mostly) set for solid growth in 2025. (MIT Technology Review)9 The US is in love with cheap clothing And established brands are the ones paying the price. (Insider $)10 What frozen mummies can tell us about the ancient world From wolf pups to mammoths. (New Scientist $)Quote of the day I felt nothing but utter disgust. I no longer enjoyed sitting in my Tesla. Mike Schwede, an entrepreneur living in Switzerland, tells the Guardian hes turned his back on the electric car company after Elon Musks Nazi-linked salutes during Trumps inauguration. The big story Think that your plastic is being recycled? Think again. October 2023 The problem of plastic waste hides in plain sight, a ubiquitous part of our lives we rarely question. But a closer examination of the situation is shocking. To date, humans have created around 11 billion metric tons of plastic. 72% of the plastic we make ends up in landfills or the environment. Only 9% of the plastic ever produced has been recycled. To make matters worse, plastic production is growing dramatically; in fact, half of all plastics in existence have been produced in just the last two decades. Production is projected to continue growing, at about 5% annually. So what do we do? Sadly, solutions such as recycling and reuse aren't equal to the scale of the task. The only answer is drastic cuts in production in the first place. Read the full story. Douglas Main We can still have nice things A place for comfort, fun and distraction to brighten up your day. (Got any ideas? Drop me a line or skeet 'em at me.) + Look up to the sky over the next few nights: seven planets will be aligned, and wont do so again until 2040.+ Jeremy Strong probably wont win an Oscar next week, but he definitely deserves to.+ Why English is such a strange language.+ 1985 produced some truly anthemic songsand some absolute bilge.

Studies have indicated that psychedelic drugs, such as psilocybin and MDMA, have swift-acting and enduring antidepressant effects. Though the US Food and Drug Administration denied the first application for medical treatments involving psychedelics (an MDMA-based therapy) last August, these drugs appear to be on the road to mainstream medicine. Research into psilocybin led by the biotech company Compass Pathways has been slowed in part by the complexity of the trials, but the data already shows promise for the psychedelic compound within so-called magic mushrooms. Eventually, the FDA will decide whether to approve it to treat depression. If and when it doesa move that would open up a vast legal medical marketwho will grow the mushrooms? Scott Marshall already is. The head of mycology at the drug manufacturer Optimi Health in British Columbia, Canada, he is one of a very small number of licensed psilocybin mushroom cultivators in North America. Growers and manufacturers would need to do plenty of groundwork to be able to produce pharmaceutical psilocybin on an industrial, FDA-approved scale. Thats why Optimi is keen to get a head start. A nascent industry Marshall is at the cutting edge of the nascent psychedelics industry. Psilocybin mushroom production was not legally permitted in Canada until 2022, when the country established its limited compassionate-access program. Our work is pioneering large-scale, legal cultivation of psilocybin mushrooms, ensuring the highest standards of safety, quality, and consistency, he says. Backed by more than $22 million in investment, Optimi received a drug establishment license in 2024 from Canadian regulators to export pharmaceutical-grade psilocybin to psychiatrists abroad in the limited number of places that have legal avenues for its use. Oregon has legalized supervised mushroom journeys, Australia has approved psilocybin therapy for PTSD and depression, and an increasing number of governmentsnational, state, and localare considering removing legal barriers to psychedelic mushrooms on a medical basis as the amount of research supporting their use grows. There are also suggestions that the Trump administration may be more likely to support federal reform in the US. But the legal market, medical or otherwise, remains tiny. So for now, almost all of Marshalls mushroomshe has grown more than 500 pounds since joining Optimi in 2022stay in the companys vault. By setting the bar for production and [compliance with] regulation, he says, were helping to expand scientific understanding and accessibility of psychedelics for therapeutic use. Learning the craft Before Marshall, 40, began cultivating mushrooms, he was working in property management. But that changed in 2014, when a friend who was an experienced grower gave him a copy of the book Mushroom Cultivator: A Practical Guide to Growing Mushrooms at Home (1983). That friend also gave him a spore print, effectively the seeds of a mushroom, from which Marshall grew three Psilocybin cubensis mushrooms from the golden teacher variety, his first foray into the field. I kept growing and growing and growingfor my own health and well-beingand then got to a point where I wanted to help other people, he says. In 2018, he established his own company, Ra Mushrooms, selling cultivation kits for several varieties, including illegal psilocybin, and he was regularly posting photos on Instagram of mushrooms he had grown. In 2022, he was hired by Optimi, marking his journey from underground grower to legal market cultivatoran unbelievable dream of mine. Mattha Busby is a journalist specializing in drug policy and psychedelic culture.

Government to launch investigations into companies as part of response to last years report into disasterSeven organisations censured by the Grenfell Inquiry report for their part in the tragedy could find themselves on a debarment list for public sector contracts, the government has said.As part of its official response to the report today, the government announced it will use new powers under the Procurement Act to investigate immediately several firms criticised in the report.The seven firms include product manufacturers Kingspan, Arconic and former Celotex owner Saint Gobain,while the others are: fire engineer Exova, Harley Facades, Rydon Maintenance, the firm which was the main contractor on the Grenfell refurbishment, and Studio E, the architect for the work.Source: ShutterstockSeven firms involved in the Grenfell Tower refurbishment face being barred from government contractsAnnouncing the plan to parliament this afternoon, deputy prime minister Angela Rayner said:To my disgust and their shame, some [companies] have shown little remorse and have refused to even help fix the building safety crisis which they did so much to create.Plans to bar Grenfell firms from taxpayer-funded work had already been mooted in the prime ministers initial response to the phase two report in September.At the time, Keir Starmer said he would write to the companies named and shamed in the report and promised they would not be handed government work in the future. But he was vague about which organisations, or even how many, would be affected.Today, the government announced that debarment investigations would soon be launched and that if certain grounds are met, the names of the identified firms would be added to a published list, which must be taken into account by contracting authorities when awarding new contracts.A written statement to parliament from Georgia Gould, parliamentary secretary to the Cabinet Office, explained the proposals further.She said the seven organisations would be notified when an investigation is launched under the new act and added that investigations into other organisations may be launched in due course and affected organisations will be notified accordingly.The laws governing public procurement in the UK were replaced earlier this week (24 February) after the Procurement Act 2023 came into force.We will make early use of the new powers in this Act that enable us to take stronger and broader action in relation to supplier misconduct which we will, where appropriate, utilise to effectively hold organisations to account, said Gould.The new Act allows us to investigate suppliers and, if certain grounds are met, to add their names to a published and centrally managed debarment list, which must be taken into account by contracting authorities in awarding new contracts and undertaking new procurements.We want to act swiftly and decisively, and are committed, where appropriate, to pursuing meaningful action in respect of failings related to the Grenfell tragedy. Todays announcement marks an important step towards that.

Chief construction advisor also to be appointed in raft of new reforms responding to Grenfell Inquirys final reportThe government will introduce a single super-regulator for the entire construction industry but not before 2028, Angela Rayner has pledged.The deputy prime minister said the current regulatory regime would be consolidated into a single strengthened body reporting to a single secretary of state as she set out the governments full response to the Grenfell Inquirys final report.In a statement to the House of Commons this afternoon, Rayner said the government would take forward all 58 recommendations in the 1,700-page report, published last September, which looked into the causes of the tower block fire which killed 72 people in June 2017.Angela Rayner delivering the governments response to the Grenfell Inquirys final report todayA chief construction advisor will also be appointed to provide ministers with expert advice on construction matters.The Ministry of Housing, Communities and Local Government (MHCLG) said the response marks the start of a new relationship between government and industry that is based on transparency, clarity, collective responsibility and external scrutiny.We will hold actors in the system to account, effectively enforce standards, steward the highest standards of culture and behaviour and facilitate transparent conversations, the department said, adding that it expects industry to take responsibility to instil this change.Changes will include subjecting organisations responsible for testing and certifying, manufacturing and using construction products to tougher oversight with serious consequences for those who break the rules, Rayner said.Seven organisations criticised in the inquirys report,including Kingspan, Arconic and former Celotex owner Saint Gobain,will be investigated using new powers included in the Procurement Act, which came into force this week.If certain grounds are met, these organisations will be added to a published debarment list which must be taken into account by contracting authorities when awarding new contracts.A new Hillsborough Law will also compel public authorities to disclose the truth in order to ensure transparency in major incidents while holding those responsible for failures to account.The reforms will be delivered in phases over the course of this parliament, with the first phase running from 2025 to 2026 focussing on effectively delivering the governments current programme of regulatory reform and change.A second phase from 2026 to 2028 will consist of developing proposals to deliver the inquirys recommendations and wider reform, including through legislation, with implementation of the reforms starting in 2028.The government will publish its progress on implementing the inquirys recommendations every quarter from the middle of this year and provide an annual update to parliament to ensure wider scrutiny of the pace and direction of work.Rayner said the inquirys final report must be the catalyst for long lasting systemic change.The Grenfell Tower tragedy claimed 72 innocent lives in a disaster that should never have happened. The final report exposed in stark and devastating detail the shocking industry behaviour and wider failures that led to the fire and the deep injustices endured by the bereaved, survivors, and residents, she said.She described the governments response to the inquiry report as reflecting the tough action we are taking to drive change and reform the system to ensure no community will ever have to face a tragedy like Grenfell ever again.That means greater accountability, stronger regulation, and putting residents at the heart of decision-making. We must deliver the fundamental change required. We owe that to the Grenfell community, to the country, and to the memory of those who lost their lives, she said.Building safety minister Alex Norris added: Our response today to the Inquirys findings sets out a comprehensive plan to reform the construction sector, strengthen oversight and make sure that residents are the priority when deciding on building safety issues.We will continue working closely with industry, local authorities and the Grenfell community to make sure these reforms deliver real, lasting change and rebuild trust.Other measures announced today include stopping unqualified individuals from making critical fire safety decisions by legally requiring fire risk assessors to have their competence certified.Ministers will also consult on a new College of Fire and Rescue later this year to improve training and professionalism of firefighters.

The Architects JournalEight things for the next generation of architects to focus onThe Trump administrations attack on EDI initiatives underscores why the UK architecture profession should redouble its efforts to attract the very best up-and-coming creative talent, argues Dennis AustinThe post Eight things for the next generation of architects to focus on appeared first on The Architects JournalWill Hurst

Although it can't match the speeds of fiber or cable, satellite internet is an essential lifeline for rural communities.