radar-rss

Rethink cybersecurity: traditional methods fall short against advanced threats.

There is a widening gap between the sophistication of cyber attacks and the traditional methods employed by many organizations to detect and neutralize these threats. The industry is at a critical juncture, requiring a shift from outdated paradigms to innovative approaches that can effectively combat evolving threats. The opportunity lies in recognizing and addressing this gap in thinking.

The Industry’s Struggle with Detection

Currently, organizations are predominantly focused on three main strategies for threat detection: deploying firewalls, leveraging Endpoint Detection and Response (EDR) systems, and utilizing deterministic decision-making tools. Firewalls and EDRs are designed to identify and block malicious software by relying on known signatures and patterns of attack. Deterministic tools, on the other hand, aim to differentiate harmful activities from benign ones by analyzing data and making binary decisions about what constitutes a threat.

However, this traditional approach is proving increasingly inadequate in the face of sophisticated tactics like “living off the land” (LotL) attacks. LotL attacks are particularly challenging because they use legitimate tools and processes within a target’s environment to conduct malicious activities, thereby evading traditional detection mechanisms. There is no malware to flag, no signatures used to detect, and no obvious indicators of compromise for traditional tools to catch. This is where the crux of the problem lies: the existing tools are not equipped to handle such nuanced and covert threats.

The Gap in Industry Thinking

The main gap in the industry’s approach to cyber is the reliance on deterministic tools that are inherently limited in dealing with advanced persistent threats (APTs) and LotL techniques. Companies often believe that their current arsenal of cybersecurity tools is sufficient, failing to realize that these tools were not designed to counter the subtle and sophisticated methods used by modern attackers.

One significant oversight is the lack of temporal awareness in threat detection. Companies tend to think in terms of detecting threats based on current activities (using TTPs—tools, techniques, and procedures) but fail to consider the historical context of an attack. This short-sightedness is problematic because sophisticated attackers can dwell in a network for extended periods, waiting for the right moment to strike. Without the ability to look back in time and analyze past activities, organizations can misidentifying long-term intrusions that have already infiltrated their systems.

Embracing a New Approach

To bridge this gap, a new way forward involves three key shifts in thinking:

1. Adopting Retrospective Analysis: Organizations must incorporate solutions that enable retrospective analysis, allowing them to look back in time and investigate past activities for signs of an undetected intrusion. This approach requires retaining and analyzing historical data, huge amounts of data, which can reveal patterns and anomalies that are not apparent in real-time analysis.

2. Leveraging Behavioral Analytics: Instead of relying solely on deterministic tools, companies should adopt behavioral analytics that can detect deviations from normal behavior. This involves creating baseline profiles of typical activities and identifying outliers that could indicate a security breach. Behavioral analytics, such as for example a camera with an IP address that is exfiltrating files, are particularly effective in spotting LotL attacks, where traditional signature-based detection fails.

3. Learning from Elite Defenders: The practices of elite defenders such as top-tier financial institutions and government agencies provide valuable insights. These organizations do not rely on traditional methods alone but use advanced threat-hunting techniques and continuous monitoring to stay ahead of attackers. Companies should take cues from these progressive approaches and integrate them into their own cybersecurity strategies.

Moving ahead

In conversations with customers, the “aha” moment often comes when they realize the limitations of their current tools and understand the importance of historical data in detecting sophisticated threats. By illustrating real-world examples, such as the prolonged dwell times of attackers in high-profile breaches, cybersecurity professionals can underscore the necessity of adopting a more comprehensive and proactive approach.

Ultimately, bridging the cybersecurity gap requires acknowledging that the traditional tools and methods are no longer sufficient. Embracing retrospective analysis, behavioural analytics, and learning from elite defenders will equip organizations to detect and neutralize even the most sophisticated threats. By closing this gap in thinking, companies can enhance their security posture and better protect their critical assets in an increasingly complex threat landscape.

We’ve featured the best identity management software.

This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Read More 

Samsung debuts Gauss 2 AI model.

Samsung’s AI ambitions have taken a big step forward as the company introduced the Gauss 2 AI model at this year’s Samsung Developer Conference. Gauss 2 builds upon its predecessor by offering improved performance and efficiency, with applications spanning smartphones, tablets, laptops, and home appliances.

Your Samsung Galaxy S24 FE may not use it for its AI features, but the device you buy in a few years might use Gauss 2 to help you out, including the rumored automated adjustments that make the Settings menu obsolete.

Gauss 2 is multimodal, so the AI can simultaneously process images, text, and computer code. That makes it better at incorporating AI-driven features on devices. In fact, there are three versions of the new model, differing in size and ability: Compact, Balanced, and Supreme.

The Compact model is aimed at performing on a device without the internet. In contrast, the Balanced model sometimes needs online resources to process data but is still supposed to be fast and efficient. Lastly, the Supreme version of the model pulls in resources and algorithm variations as needed to offer the best performance.

Depending on the version, Samsung says that Gauss 2 can communicate in up to 14 languages and 1.5 to three times faster than its earlier iteration.

Gauss gassed

“Samsung Electronics is committed to developing cutting-edge software, including AI and data analytics, to enhance user experiences,” said President and CTO of Samsung’s Device eXperience (DX) Division and the head of Samsung Research Paul Kyungwhoon Cheun. “With three distinct models, Samsung Gauss2 is already boosting our internal productivity, and we plan to integrate it into products to deliver higher levels of convenience and personalization.”

Samsung said it has already deployed Gauss 2 internally. More than 60% of Samsung’s DX division developers use Gauss 2 to help them code or get it to help translate text, write emails, and summarize documents. The AI is also used in call centers to categorize and summarize customer interactions.

You might not see Gauss 2 doing anything spectacular immediately on your devices, even when it’s added to future models. But, it will be key to popular features like real-time translation, suggestions of music or movies that you might like, and ways to edit your photos.

You might also like…

Samsung’s AI chief predicts artificial intelligence in “every corner of life” Hands on: Samsung Galaxy S24 FE review: AI doesn’t come cheap … until nowThe Samsung Galaxy S24 FE and Galaxy Tab S10 series have landed, with high-end specs and a whole lot of AI

Read More 

AI music platform Suno debuts v4 with new features,

AI song creator Suno has opened the doors to a new virtual studio, releasing the Suno v4 platform for music creation. The much-teased upgrade lets users make better, longer, more creative songs and is looking to attract professional artists and producers interested in incorporating AI into music-making.

“When we launched v3 earlier this year, it opened up new possibilities for music creation. Post v3 launch, we’ve refined what worked and added more where it mattered most,” Suno wrote in a blog post. “The result is v4—a major update that takes music creation to the next level. v4 delivers cleaner audio, sharper lyrics, and more dynamic song structures.”

The change is obvious just by hearing how synthetic voices sound on Suno v4. The improved vocal clarity and tone are no longer stuck in the audio uncanny valley. They sound like real people. And, if you made a song with the older versions of the platform, you can use the new Remaster tool to enhance the track to match the new level of quality while keeping all of the elements you like.

Suno v4 also has new user tools that will likely encourage extended use. The Personas feature takes those new, improved voices and makes them part of your library. Essentially, you can apply an AI voice you like to any song you create. The consistent singing style across multiple tracks means you could theoretically create whole albums starring a single voice you like, as though the artificial voice were a singer you had under contract.

@sunomusic

Remaster your songs with v4 ✨ Thank you for all of your incredible excitement about v4 and our new Remaster feature, which enhances tracks you made with older models! A big thanks especially to our Pro & Premier subscribers for helping us shape our models with your feedback. Please continue to 👍 and 👎 songs – this helps improve your own music experience, and also helps us make the best v4 experience possible! ❤️ Team Suno

♬ original sound – Suno

See the Sound

Furthermore, you’ll have better lyrics for your virtual client to perform with the new lyric model called ReMi, which is available in the custom creation mode. ReMi gets a little quirkier than the usual lyrics, pushing creativity over adherence to more conventional songwriting. It definitely makes for more unpredictable songs, which may or may not be ideal for producing the song you want.

The upgrade also takes the Covers feature out of beta. Covers is a tool that reinterprets your songs in new genres. So, if you generated a fun pop song but wanted to hear it performed like an old Scottish folk song or maybe sung to a dubstep beat, you can hear how that sounds.

Suno v4’s appeal to both casual music lovers and professional musicians makes sense. This kind of technical wizardry may be crucial as Suno faces many rivals, including Tad.AI, Udio, and Boomy. Suno’s mobile app and features like Scenes, which writes songs based on uploaded visuals instead of written prompts, will be necessary to stand out.

You can try Suno v4 now, though whether it will survive the ongoing lawsuits Suno and other AI music platforms face from major music labels for copyright infringement is still unclear.

You might also like…

How to give your favorite pictures and videos an AI-written soundtrackThis AI can remake a song in any genre you likeSuno takes a ‘What, me worry?’ approach to legal troubles and rolls out AI music-generating mobile app

Read More 

Looking for Quordle clues? We can help. Plus get the answers to Quordle today and past solutions.

Quordle was one of the original Wordle alternatives and is still going strong now more than 1,000 games later. It offers a genuine challenge, though, so read on if you need some Quordle hints today – or scroll down further for the answers.

Enjoy playing word games? You can also check out my Wordle today, NYT Connections today and NYT Strands today pages for hints and answers for those puzzles.

SPOILER WARNING: Information about Quordle today is below, so don’t read on if you don’t want to know the answers.

Quordle today (game #1033) – hint #1 – Vowels

How many different vowels are in Quordle today?

• The number of different vowels in Quordle today is 5*.

* Note that by vowel we mean the five standard vowels (A, E, I, O, U), not Y (which is sometimes counted as a vowel too).

Quordle today (game #1033) – hint #2 – repeated letters

Do any of today’s Quordle answers contain repeated letters?

• The number of Quordle answers containing a repeated letter today is 2.

Quordle today (game #1033) – hint #3 – uncommon letters

Do the letters Q, Z, X or J appear in Quordle today?

• No. None of Q, Z, X or J appear among today’s Quordle answers.

Quordle today (game #1033) – hint #4 – starting letters (1)

Do any of today’s Quordle puzzles start with the same letter?

• The number of today’s Quordle answers starting with the same letter is 0.

If you just want to know the answers at this stage, simply scroll down. If you’re not ready yet then here’s one more clue to make things a lot easier:

Quordle today (game #1033) – hint #5 – starting letters (2)

What letters do today’s Quordle answers start with?

• C

• A

• E

• S

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON’T WANT TO SEE THEM.

Quordle today (game #1033) – the answers

(Image credit: Merriam-Webster)

The answers to today’s Quordle, game #1033, are…

CUTIEALOOFETUDESILLY

ETUDE is one of those words I don’t think I’ve ever seen other than in Quordle. Every time it appears – which has been at least three now, I think, maybe more – I look up the definition then forget it. (It’s something to do with musical notation, I think). But I do remember how to spell it, and that it’s a word to be aware of.

If you’re not familiar with it then it will most likely be the most difficult of today’s quarters, although I’ll also give a shout out to ALOOF, which has an F in an uncommon location and a repeated O to deal with. SALLY has a repeated L too, of course, and is one of several words that can fit the -ALLY format, along with TALLY, RALLY, PALLY and WALLY. So in summary: today’s Quordle was a tricky one for sure!

How did you do today? Send me an email and let me know.

Daily Sequence today (game #1033) – the answers

(Image credit: Merriam-Webster)

The answers to today’s Quordle Daily Sequence, game #1033, are…

SMELTWHERESALLYDIRTY

Quordle answers: The past 20

Quordle #1032, Thursday 21 November: RABBI, EAGER, COUGH, BRASHQuordle #1031, Wednesday 20 November: MINTY, TOPAZ, BRUSH, LAPELQuordle #1030, Tuesday 19 November: NINJA, PENCE, PAINT, FOIST Quordle #1029, Monday 18 November: ASCOT, BRINK, WEIRD, HOMERQuordle #1028, Sunday 17 November: STATE, BRAWN, SWORE, URBANQuordle #1027, Saturday 16 November: NOTCH, BENCH, BUSED, FOUNDQuordle #1026, Friday 15 November: PURER, TRUSS, TORCH, FORUMQuordle #1025, Thursday 14 November: EXALT, TASTE, CRONY, CLOUTQuordle #1024, Wednesday 13 November: YEARN, ELBOW, SURGE, PINEYQuordle #1023, Tuesday 12 November: CHORD, ATTIC, OLIVE, EIGHTQuordle #1022, Monday 11 November: COPSE, REGAL, GRUNT, GOODYQuordle #1021, Sunday 10 November: GROIN, FAULT, FERRY, SUITEQuordle #1020, Saturday 9 November: FLUME, THERE, ATOLL, SANERQuordle #1019, Friday 8 November: DELAY, NAVAL, MOLAR, SWARMQuordle #1018, Thursday 7 November: REPAY, SYNOD, LOATH, PITHYQuordle #1017, Wednesday 6 November: SASSY, DRUID, THREW, SLOSHQuordle #1016, Tuesday 5 November: BEGET, AMUSE, STONY, LOUSYQuordle #1015, Monday 4 November: CHILL, TACKY, GRAPH, PLAZAQuordle #1014, Sunday 3 November: QUIRK, HEART, ELBOW, KNOWNQuordle #1013, Saturday 2 November: SWUNG, FLOOR, PARER, CRUST

Read More 

Looking for NYT Strands answers and hints? Here’s all you need to know to solve today’s game, including the spangram.

Strands is the NYT’s latest word game after the likes of Wordle, Spelling Bee and Connections – and it’s great fun. It can be difficult, though, so read on for my Strands hints.

Want more word-based fun? Then check out my Wordle today, NYT Connections today and Quordle today pages for hints and answers for those games.

SPOILER WARNING: Information about NYT Strands today is below, so don’t read on if you don’t want to know the answers.

NYT Strands today (game #264) – hint #1 – today’s theme

What is the theme of today’s NYT Strands?

• Today’s NYT Strands theme is… This is the place!

NYT Strands today (game #264) – hint #2 – clue words

Play any of these words to unlock the in-game hints system.

VINETRIMTIMEMICEBONEPHONE

NYT Strands today (game #264) – hint #3 – spangram

What is a hint for today’s spangram?

• Just look at a map

NYT Strands today (game #264) – hint #4 – spangram position

What are two sides of the board that today’s spangram touches?

First: left, 5th row

Last: right, 4th row

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON’T WANT TO SEE THEM.

NYT Strands today (game #264) – the answers

(Image credit: New York Times)

The answers to today’s Strands, game #264, are…

BENDMOBILEBUFFALORIVERSIDEPHOENIXBOULDERSPANGRAM: CITYNAME

My rating: StupidMy score: 2 hints

There are approximately 10,000 cities in the world. There are at least a few hundred in the US alone, depending on how you define a city. And the task the NYT gave us today for Strands? Name six of them. That’s all. No theme or connection between them. Nothing clever, like they’re all names that are also animals (like BUFFALO and to an extent PHOENIX) or names that are also TV shows (RIVERSIDE) or names that are geological features (BOULDER) or whatever. Just six CITYNAMEs, all of them in the US.

I suppose the only thing that does link them is that they are all something other than just proper nouns; by that measure New York or Miami or Chicago would not work. But all the same, it’s stretching things a bit to call CITYNAME a unifying theme.

That lack of a real concept behind it made it difficult to solve. I got BEND and then MOBILE first, and neither particularly screamed ‘You need to list US city names’ to me, even when taking into account the theme clue of ‘This is the place!’. Yes, I know that both are cities, and it even occured to me as a possible connection, but I dismissed it as silly. Little did I know…

How did you do today? Send me an email and let me know.

Yesterday’s NYT Strands answers (Thursday, 21 November, game #263)

POKERCHIMNEYBROOMFLUEHEARTHSCREENMANTELSPANGRAM: FIREPLACE

What is NYT Strands?

Strands is the NYT’s new word game, following Wordle and Connections. It’s now out of beta so is a fully fledged member of the NYT’s games stable and can be played on the NYT Games site on desktop or mobile.

I’ve got a full guide to how to play NYT Strands, complete with tips for solving it, so check that out if you’re struggling to beat it each day.

Read More 

Looking for NYT Connections answers and hints? Here’s all you need to know to solve today’s game, plus my commentary on the puzzles.

Good morning! Let’s play Connections, the NYT’s clever word game that challenges you to group answers in various categories. It can be tough, so read on if you need clues.

What should you do once you’ve finished? Why, play some more word games of course. I’ve also got daily Wordle hints and answers, Strands hints and answers and Quordle hints and answers articles if you need help for those too.

SPOILER WARNING: Information about NYT Connections today is below, so don’t read on if you don’t want to know the answers.

NYT Connections today (game #530) – today’s words

(Image credit: New York Times)

Today’s NYT Connections words are…

FANTASYTEAMSLOVEATTENTIONLENSEXPOSUREPOSITIONMEETZOOMSHUTTERPRESSANGLETREASURECOVERAGEPERSPECTIVESLACK

NYT Connections today (game #530) – hint #1 – group hints

What are some clues for today’s NYT Connections groups?

Yellow: Celebrities want thisGreen: How you look at thingsBlue: Is my camera on?Purple: Blank [body surrounded by water]

Need more clues?

We’re firmly in spoiler territory now, but read on if you want to know what the four theme answers are for today’s NYT Connections puzzles…

NYT Connections today (game #530) – hint #2 – group answers

What are the answers for today’s NYT Connections groups?

YELLOW: PUBLICITYGREEN: POINT OF VIEWBLUE: WORK COMMUNICATION PLATFORMSPURPLE: “___ ISLAND”

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON’T WANT TO SEE THEM.

NYT Connections today (game #530) – the answers

(Image credit: New York Times)

The answers to today’s Connections, game #530, are…

YELLOW: PUBLICITY ATTENTION, COVERAGE, EXPOSURE, PRESSGREEN: POINT OF VIEW ANGLE, LENS, PERSPECTIVE, POSITIONBLUE: WORK COMMUNICATION PLATFORMS MEET, SLACK, TEAMS, ZOOMPURPLE: “___ ISLAND” FANTASY, LOVE, SHUTTER, TREASURE

My rating: EasyMy score: Perfect

I came so close to scoring a reverse rainbow today, where you solve the puzzles from hard to easy, but sadly got blue before purple. However, the fact that I was so near reflects that even the supposedly tough groups today were rather simple.

That said, blue may not be such a cinch if you haven’t been an office worker of some kind in the past few years. To those of us who have, MEET, SLACK, TEAMS and ZOOM are as familiar as our own names – hence why I solved it so quickly.

Purple was a piece of cake too. This was a ‘blank’ type, as they so often are, and the missing word on this occasion was ISLAND. With TREASURE, FANTASY, LOVE and SHUTTER as the solutions, there was nothing particularly difficult about it, certainly compared to yesterday’s effort (which I failed). SHUTTER is probably the least obvious of them, but is my favorite of the quartet; it’s a 2010 Martin Scorsese film.

Anyway, with the two supposedly tough ones done, it was even easier to complete green (POINT OF VIEW) and yellow (PUBLICITY) and get my streak going again.

How did you do today? Send me an email and let me know.

Yesterday’s NYT Connections answers (Thursday, 21 November, game #529)

YELLOW: KINDS OF SHIRTS FLANNEL, OXFORD, POLO, TEEGREEN: SPHERES IN MILK TEA BOBA, BUBBLE, PEARL, TAPIOCABLUE: MARINE INVERTEBRATES, FAMILIARLY CORAL, JELLY, SPONGE, STARPURPLE: STARTS OF PASTA NAMES FETT, PENN, TORTE, ZIT

What is NYT Connections?

NYT Connections is one of several increasingly popular word games made by the New York Times. It challenges you to find groups of four items that share something in common, and each group has a different difficulty level: green is easy, yellow a little harder, blue often quite tough and purple usually very difficult.

On the plus side, you don’t technically need to solve the final one, as you’ll be able to answer that one by a process of elimination. What’s more, you can make up to four mistakes, which gives you a little bit of breathing room.

It’s a little more involved than something like Wordle, however, and there are plenty of opportunities for the game to trip you up with tricks. For instance, watch out for homophones and other word games that could disguise the answers.

It’s playable for free via the NYT Games site on desktop or mobile.

Read More 

Python NodeStealer now targets more than Facebook Business accounts.

Security researchers from Netskope found an upgraded version of Python NodeStealerThis dangerous infostealer can also now target Facebook Ads Manager accountsIt can steal credit card information, data stored in browsers, and more

Python NodeStealer, an infamous infostealer that targeted Facebook Business accounts, has been upgraded with new and dangerous features to make it capable of targeting Facebook Ads Manager accounts as well, steal more data, and thus open the gateway to more destructive malware campaigns.

Cybersecurity researchers Netskope Threat Labs have published a new, in-depth analysis of NodeStealer, noting it can now pilfer credit card information, in addition to stealing credentials stored in the browser.

The process is done by copying the “Web Data” of all targeted browsers, they explained. Web Data is a SQLite database storing sensitive data such as autofill information and saved payment methods.

Abusing Windows Restart Manager

“With these, the infostealer can now collect the victim’s credit card information which includes the cardholder’s name, card expiration date, and card number,” the researchers noted.

It uses Python’s SQLite3 library to run a query on the stolen database, looking for specific strings (credit card information).

Furthermore, Python NodeStealer now uses Windows Restart Manager to unlock database files. This library cuts down on the number of reboots needed after software updates, by simply restarting the processes that lock updated files, but in this instance, it is being abused in data theft.

First, the infostealer extracts the information by copying browser database files into a temp folder. But since the files are usually locked by another operation, they cannot be used, which is where Windows Restart Manager is used. Finally, the files are exfiltrated via a Telegram bot.

Python NodeStealer is most likely being developed by a threat actor located in Vietnam. Their main goal is to compromise Facebook Business and now – Facebook Ads Manager accounts, which they can later abuse in malvertising campaigns.

Facebook is usually rigorous when it comes to purchasing ads on its platform, and only vetted, verified accounts are allowed to do so. Crooks rarely make it past the platform’s scanners, and resort to stealing verified accounts to run their campaigns, instead.

Via The Hacker News

You might also like

Windows PCs targeted by new malware hitting a vulnerable driverHere’s a list of the best firewalls todayThese are the best endpoint protection tools right now

Read More 

Among the bugs was a flaw in OpenSSL that could leave users vulnerable.

Google’s OSS-Fuzz finds more than two dozen vulnerabilities in different open-source projectsAmong them is a vulnerability in OpenSSL that could result in RCEGoogle sees this as a major milestone in automated bug discovery

Google has found 26 vulnerabilities in different open source code repositories, including a medium-severity flaw in “the critical OpenSSL library that underpins much of internet infrastructure.”

This wouldn’t be much of a news (Google helped find thousands of bugs throughout the years), if the method by which the flaws were discovered wasn’t “artificial”, as the bugs were revealed using its AI-powered fuzzing tool, OSS-Fuzz.

“These particular vulnerabilities represent a milestone for automated vulnerability finding: each was found with AI, using AI-generated and enhanced fuzz targets,” Google explained in a blog post.

Major improvements with LLMs

Among these 26 flaws is an OpenSSL bug tracked as CVE-2024-9143. It has a severity score of 4.3 and is described as an out-of-bounds memory write bug that can crash an app, or allow crooks to mount remote code execution (RCE) malware attacks. OpenSSL has since been upgraded to versions 3.3.3, 3.2.4, 3.1.8, 3.0.16, 1.1.1zb, and 1.0.2zl, to address the flaw.

To make matters even more interesting, Google said the vulnerability was most likely present for two decades, “and wouldn’t have been discoverable with existing fuzz targets written by humans.”

The bug discovery came as a result of two major improvements, the company further explained. The first one is the ability to automatically generate more relevant context in the prompts, which makes the LLM “less likely to hallucinate the missing details in its response.” The second one revolves around the LLM’s ability to emulate a typical developer’s entire workflow, including writing, testing, and iterating on the fuzz target, as well as triaging the crashes found.

“Thanks to this, it was possible to further automate more parts of the fuzzing workflow. This additional iterative feedback in turn also resulted in higher quality and greater number of correct fuzz targets.”

Via The Hacker News

You might also like

One of Google’s “big AI” projects uncovered some serious security threats seemingly all on its ownHere’s a list of the best firewalls todayThese are the best endpoint protection tools right now

Read More 

Though, you’re likely better off looking at Amazon

Like clockwork, Apple’s confirmed it’s Black Friday Shopping eventStarting November 29, you can score a gift card up to $200 with select purchasesYou’ll find actual cash discounts on Amazon, BestBuy, and Walmart

While countless retailers like Amazon, Walmart, and BestBuy have been serving up early Black Friday deals for what feels like weeks on all sorts of the latest kit – including Apple gadgets – the Cupertino-based giant has, like clockwork, unveiled its official 2024 Black Friday savings event.

Now, as we’ve come to expect, don’t expect a cash discount off the price, but when things kick off on November 29, 2024, you’ll be able to score a gift card with select purchases. So if you’ve been eyeing the latest iPhone, iPad, Mac, Apple Watch, or AirPods and want to buy from Apple directly, waiting and scoring a gift card might make sense.

Of course, many, if not all, of the devices Apple will offer this for, and others are already seeing significant savings from other retailers. In many cases, those are the best deals. But if you go with the official Apple route, consider stacking in a device trade-in alongside the gift card offer, as it can sweeten the deal.

(Image credit: Apple)

Ahead, we’re sharing what you can expect and the devices eligible for this gift card promotion. It’ll kick off on November 29, 2024, and run through December 2, 2024, in the United States, the UK, Australia, and many other countries. Plus, you can shop it online or in-store.

Like in 2023, Apple’s using a tiered system where you can unlock a $25 / £20 / AU$40, $50 / £40 / AU$80, $75 / £60 / AU$120, $100 / £80 / AU$160, or $200 / £160 / AU$320 Gift Card – and as you might suspect, you’ll need to spend more to get a bigger gift card.

While Apple hasn’t yet confirmed the full values for every eligible device, we have a general idea of your score based on category.

(Image credit: Apple)

iPhone

If you get an iPhone SE, iPhone 14, or iPhone 15, you can score up to a $75 / £60 / AU$120 Apple Gift Card. The iPhone SE and iPhone 14 might likely mean a gift card of lesser value.

iPad

While not every iPad is expected to be eligible – namely the recently launched iPad mini A17 Pro, though it is discounted elsewhere – Apple promises up to $100 / £80 / AU$160 gift card by purchasing an iPad 10th Generation, iPad Air, or iPad Pro.

Mac

Similar to the iPad mini, the latest Macs will likely not be eligible for the gift card promotion. However, if you’re considering the M2 or M3 MacBook Air, with the recently upgraded now standard 16GB of RAM, you’ll get up to a $200 / £160 / AU$320 Gift Card. And yes, both the 13-inch M2 and M3 and the 15-inch M3 are listed as eligible.

Apple Watch

While you won’t find savings directly at the Apple Store for the Apple Watch Series 10 or Apple Watch Ultra 2, you’ll get a $50 / £40 / AU$80 gift card by purchasing an Apple Watch SE second-generation.

AirPods

Whether you get AirPods 4, AirPods 4 with Active Noise Cancellation, AirPods Pro 2, or AirPods Max, you’ll get up to a $50 / £40 / AU$80 gift card.

(Image credit: Apple)

TV & Home

While there is no gift card eligibility for the HomePod mini, Apple will offer up to a $75 / £60 / AU$120 gift with the Apple TV 4K or HomePod.

Beats

Nearly the entire Beats lineup is eligible to score up to a $50 / £40 / AU$80 gift card with Beats Pill, Beats Flex, Beats Fit Pro, Beats Studio Buds Plus, Beats Solo Buds, Beats Solo 4, and Beats Studio Pro on the list.

Accessories

No, you won’t find savings on iPhone 16 cases, but Apple will offer up to $25 / £20 / AU$40 with some accessories. The Apple Pencil Pro, Apple Pencil second-generation, Magic Keyboard, and Smart Folio for iPad Air, iPad Pro, and iPad tenth-generation cut.

More of today’s Black Friday sales in the US

Amazon: TVs, smart home & air fryers from $12.99Apple: AirPods, iPads, MacBooks from $89.99Best Buy: $1,000 off 4K TVs, laptops & headphonesCheap TVs: smart TVs at Best Buy from $69.99Christmas trees: top-rated trees from $54.99Dell: best-selling Inspiron & XPS laptops from $279.99Dreamcloud: mattress deals from $349 + free shippingHoliday: decor, lights, Christmas trees & PJs from $10.99Home Depot: 40% off tools, appliances & furnitureLowe’s: holiday decor, appliances & tools from $17.31Nectar: up to 50% off all mattressesNordstrom: 46% off boots, coats, jeans & jewelrySamsung: $1,500+ off TVs, phones, watches & appliancesTarget: save on furniture, tech & clothingWalmart: cheap TVs, robot vacs, furniture & appliances

More of today’s Black Friday sales in the UK

Amazon: up to 68% off toothbrushes and TVsAO: savings on games consoles and appliancesArgos: up to 50% off toys, Lego, TVs and giftsBoots: up to 50% off Dyson, Oral-B and PhilipsCurrys: early deals on TVs, appliances, laptopsDell: laptops, desktops, monitors from £299Dyson: up to £150 offEbay: up to 50% off refurbished techEE: up to £600 off Samsung and AppleJohn Lewis: up to £300 off appliances and TVsLG: £1,000 or more off TVs and appliancesSamsung: up to £600 off TVs, phones and tabletsVery: up to 30% off phones, appliances & clothing

Read More 

GPD Duo double foldable convertible laptop finally goes on sale, priced around $2000

Dual 13.3-inch OLED screens create an 18-inch equivalent displayAvailable for $2,000 through Links International, releasing mid-DecemberPowered by Ryzen AI 9 HX 370 CPU with 64GB RAM

We’ve covered the GPD Duo laptop several times this year – first when GPD, best known for its compact gaming laptops and handheld consoles, initially teased it, and later when the company officially unveiled its full specifications – and now we finally have all the information, and as expected it’s not cheap.

The GPD Duo was made available to back on Indiegogo earlier this month, where it pulled in $337,057 in pledges from 190 backers, well above the $2,571 flexible goal the creators were seeking. There, the laptop was offered for $1,860. If you missed your chance to back it then, you can now buy it through Links International, priced at approximately $2,000.

Set to be released in mid-December 2024, it features two 13.3-inch OLED displays with a 2.8K resolution and a high refresh rate of 60Hz. The displays are versatile, with options to mirror, extend, or use as a standalone screen. When used together, the screens offer an expansive viewing area equivalent to an 18-inch monitor, making it ideal for multitasking, content creation, and even gaming.

OCuLink support

Under the hood, the GPD Duo is powered by AMD’s Ryzen AI 9 HX 370 processor. With 12 cores, 24 threads, and a boost clock of up to 5.1 GHz, this CPU is optimized for performance across various demanding applications. Paired with 64GB of LPDDR5X memory and a 2TB M.2 SSD, the GPD Duo should be more than capable of handling pretty intensive tasks.

The laptop’s connectivity options include USB4, HDMI 2.1, SD/microSD slots, and an OCuLink port which allows users to connect an external GPU.

OCuLink compatibility is a rare feature in laptops, so this is a very welcome inclusion allowing the GPD Duo to handle a range of graphics-heavy workloads. The GPD Duo features an 80Wh battery that provides up to 14 hours of usage and supports 100W USB PD fast charging, reaching 50% capacity in about 30 minutes.

Weighing around 2.3 kg, the laptop has an integrated fingerprint sensor compatible with Windows Hello, a 5-megapixel camera, dual microphones, and wireless connectivity via Wi-Fi 6E and Bluetooth 5.3.

You might also like

These are the best business laptops you can buy right nowAnd these are the lightest laptops on the marketGPD’s double-foldable laptop comes with AMD’s fastest mobile CPU

Read More