radar-rss

The Panasonic TOUGHBOOK 33mk4 is built for demanding environments and offers enhanced performance for mobile workers in tough conditions.

Toughbook 33mk4 features MIL-STD 810H military standard certification
Advanced 5G connectivity ensures seamless data transfer in the field
Extended 15 hours battery life promises long-life usage

Panasonic has announced the TOUGHBOOK 33mk4, a new rugged tablet promising 2-in-1 functionality and enhancements in performance, connectivity, and screen technology.

The device was designed to for the needs of mobile workers across various industries, meeting both the MIL-STD 810H military standard developed by the US Department of Defense as well as the IEC 60529 industry standard for electronic devices.

The TOUGHBOOK 33mk4 integrates Intel’s 13th-generation processors, advanced 5G connectivity, and a unique 12-inch Quad High Definition (QHD) display that boosts usability in field environments.

Toughbook 33mk4

The TOUGHBOOK 33mk4 comes with an Intel Core i5 processor from the 13th generation, featuring Intel vPro Technology, also known as “Raptor Lake.” This device also has an optional upgrade which uses the Intel Core i7 processor which offers greater computing power and is for users with more demanding tasks.

The 12-inch QHD screen of the TOUGHBOOK 33mk4 is not the largest around, but does come with a resolution of 2160 x 1440 pixels and an aspect ratio of 3:2, offering more vertical space compared to the traditional 16:9 seen in many larger 14-inch models.

This improvement in display design meets a shift in user preference, where larger and more detailed screens are necessary for increased productivity in the field. Panasonic believes that for professionals in industries such as utilities, automotive, and defense, this display means easier navigation and interpretation of complex visual information.

The TOUGHBOOK 33mk4 supports 5G connectivity out of the box, offering mobile workers faster data transfer speeds, ultra-low latency, and improved reliability in various environments. It also supports standalone (SA) 5G networks enabling users to securely transfer large amounts of data while in the field. Moreover, the device’s optional GPS and improved Bluetooth technology further increase its connectivity flexibility.

This notebook is also rated IP65 for dust and water resistance making it suitable for use in harsh conditions, and also boasts 15 hours of battery life, making it suitable for long work shifts where charging may not be immediately available.

With certification for Red Hat Enterprise Linux, the TOUGHBOOK 33mk4 is ideal for businesses that require secure, Linux-based solutions, expanding its appeal to more sectors where security and compatibility are paramount.

You might also like

These are the best Android tablets

Take a look at our guide to the best rugged laptops

Microsoft says Russia is hacking Ukrainian military tech by stealing points of entry from third-parties

Read More 

xAI gains 150MW power approval for its supercomputer, but locals fear impact on grid and future power availability.

Elon Musk’s xAI supercomputer gets power boost amid concerns
150MW approval raises questions about grid reliability in Tennessee
Local stakeholders voice concerns over growing data center demands

Elon Musk’s xAI supercomputer has taken a major step forward with approval for 150 megawatts of power from the Tennessee Valley Authority (TVA).

This approval significantly boosts the facility’s energy supply, enabling it to run all 100,000 of its GPUs concurrently, a feat previously limited by available power.

However, this massive energy demand has raised concerns among local stakeholders regarding the impact on the region’s power grid.

xAI expands power use

When xAI first launched its supercomputer in July 2024, it required significantly more energy than was available. Initially, only 8MW of power was available at the site, which was insufficient to meet the demands of the AI data center.

Musk’s team improvised by using portable power stations to fill the gap. Over the summer, Memphis Light, Gas & Water (MLGW), a local utility company, upgraded the existing substation to provide 50MW of power, still far short of the requirements to fully operate the facility.

The xAI supercomputer, nicknamed the “Gigafactory of Compute,” is designed to support Musk’s artificial intelligence company. To run all of its 100,000 GPUs simultaneously, the data center needs an estimated 155MW of power, meaning the new approval for 150MW is just enough to get close to full capacity.

With approval for an additional 150MW, MLGW and TVA have worked to assure local residents that the increased demand from xAI will not negatively impact power reliability in the Memphis area. According to MLGW’s CEO Doug McGowen, the additional power needed for xAI’s operations is still within the utility’s peak load forecast, and measures are in place to buy more energy from TVA if necessary.

To meet these growing energy needs, many tech companies, including Amazon, Google, Microsoft, and Oracle, are investing in alternative energy sources, particularly nuclear power. However, it will take at least five years before nuclear energy solutions are ready for widespread deployment.

Until then, companies like xAI must rely on existing infrastructure to power their data centers, raising concerns about grid stability and the ability to keep up with increasing demands.

“We are alarmed that the TVA Board rubberstamped xAI’s request for power without studying the impact it will have on local communities,” says Southern Environmental Law Center senior attorney Amanda Garcia.

“Board members expressed concern about the impact large industrial energy users have on power bills across the Tennessee Valley. TVA should be prioritizing families over data centers like xAI,” Garcia notes.

You might also like

Microsoft goes nuclear for its energy-hungry data centers as it bets on infamous Three Mile Island station power for its AI ambitions
Meta’s plan for nuclear datacenter reportedly undone by bees
These are the best cloud computing services

Read More 

Synthesia offers custom video messages from Santa.

Want to send a special message straight from the North Pole this year? AI video developer Synthesia has you covered with festive greetings with a dash of AI magic. You can get a digital Santa Claus speaking right to you or whoever you wish using Synthesia’s AI-powered video platform,

The personalized video messages stars a lifelike AI-generated Santa and even less tech-savvy well-wishers can use it easily. You can pick from an array of templates showing cozy living rooms adorned with Christmas trees and a comfy chair with Santa sitting and sharing your message. Synthesia’s virtual elves work their magic and your message is sent. Your heartfelt greeting is processed with Synthesia’s platform of advanced AI-powered text-to-speech and video generation technology. Santa is the latest of Synthesia’s more than 230 pre-designed AI avatars, including custom creations.

Synthesia has the most comprehensive AI Santa message, but it’s not alone. OpenAI debuted Santa Mode for ChatGPT last week, giving the AI chatbot a simulated version of Santa’s voice for Advanced Voice Mode, which is described as “merry and bright.”

Santa delivers a dose of Christmas spirit with striking realism and can speak 140 different languages. To maintain its family-friendly charm, Synthesia screens all user-submitted scripts to prevent any untoward or non-jolly messages. You can see my example below.

How to send a message from Santa

If you want to send a video from Santa, go to this website then:

1. Choose a Template: Visit Synthesia’s Santa video generator page and select from festive templates.

2. Craft Your Message: Write a personalized message for your recipient. If you’re unsure what to say, consider using an AI writing assistant for inspiration.

3. Submit and Generate: After finalizing your message, submit it through the platform. In just a few minutes, Synthesia’s AI processes the text, generating a lifelike video featuring Santa delivering your message.

4. Share the Joy: Once the video is ready, it will be emailed directly to you. You can then share it with your loved ones, bringing a personalized touch to your holiday greetings.

You might also like

ChatGPT’s new Santa Mode puts some holiday spirit in AI
Coca-Cola’s iconic ‘Holidays Are Coming’ ad is now a soulless and creepy dystopian nightmare made by AI
AI is rubbish at Christmas. I beat Chat GPT in a Christmas carol writing contest

Read More 

Who decides which streamer gets what, and when?

Movies and shows are licensed rather than sold outright
Pay-TV and video on demand are usually licensed before streaming
Rights are increasingly being licensed to multiple platforms

If like me you enjoy nothing more than watching a great new movie on great home cinema kit, you’ve probably asked this question more than once about an exciting new release: when’s it coming to one of the best streaming services – and which streamer is it coming to? And the answer is: it’s complicated.

In a simpler world every movie would come to every streaming service. But of course we live in a world that’s much messier, which is why we write separate guides to cover the best movies coming to Netflix, to Disney Plus, to Max, to Prime Video, to Paramount Plus and to Apple TV Plus.

So how do certain movies end up on certain streamers, and who decides who gets what and when? Let’s find out.

How movies aren’t sold

Some streamers are also in the movie business: Netflix’s Beverly Hills Cop: Axel F was a Netflix Original. (Image credit: Netflix )

It’s important to clarify what it means when we talk about films being released. Films aren’t sold outright; in most cases, the companies that paid for them own them and like to keep it that way. What studios and their distributors do is sell licenses to show, sell or stream movies in a particular way, in a particular place, for a particular period of time.

When your local megaplex shows Wicked, it hasn’t bought the movie; the theater chain has bought a licence to screen it in certain territories for a few weeks or months. Similarly, when Prime Video, Max or Paramount Plus offers a movie as part of your membership, the streamer has bought a licence that gives it the right to stream it – again, in certain territories for a certain period of time.

In addition to being licensed to different companies in different parts of the world, movie licenses are also sold in several stages. A studio movie will typically be shown in theaters first, made available digitally as pay-per-view or buy-to-own, and then made available on streaming.

Things are slightly different with TV shows, because of course there’s not a theatrical release. But unless a show is made in-house by a streamer, it’ll be licensed in much the same way that movies are.

Windows on the world

Apple TV Plus released Wolfs in theaters, but only for one week. (Image credit: Sony Pictures / Apple)

The movie business uses the term “release windows” to describe the different stages of a movie release campaign. So you have the theatrical release window, the pay-per-view window, the first streaming release window and so on.

The first release window is the original theatrical release. That used to be very long, typically three to six months or more, and then COVID came along. With theaters shut the studios either massively reduced the theatrical release window or abandoned it completely, turning to pay per view and streaming deals instead. And while COVID closures are thankfully a thing of the past, the much shorter theatrical windows remain.

Theatrical licences are traditionally exclusive: you won’t usually be able to rent or buy a movie anywhere while it’s still having its initial theatrical run. But the time between a movie hitting theaters and being available to rent, buy or stream is much shorter than it used to be.

Everything’s accelerating

Five Nights at Freddy’s took an unusual approach with a simultaneous theatrical and streaming release. (Image credit: Blumhouse/Universal)

According to Indiewire, the average theatrical window across all the big studio movies in 2023 was just 37 days. There were outliers such as Oppenheimer, which spent 122 days as a theater-only release. But that one was really unusual. The same studio’s Super Mario Bros Movie was more typical (and more profitable), ending its theatrical run after 41 days.

Indiewire’s analysis shows that Taylor Swift’s Eras Tour movie ran for 60 days while Disney movies averaged 62 days, A24 movies 48 days, Paramount 42 days and Sony 35 days. The shortest theatrical window? Five Nights At Freddy’s, which didn’t have one: it was available on Peacock from day one.

FNAF was the third-biggest horror movie opening in cinema history but its release isn’t likely to be widely copied. The consensus is that simultaneous releases are more likely to cannibalize box office sales – especially in genres such as horror, which teens like to see together in theaters – and by missing out on the word of mouth that can turn modest successes into big ones.

When the run is done

Barbie followed a typical schedule: theaters first, then buy to own, then streaming (Image credit: Warner Bros. Pictures)

Once the theatrical run is done, it’s time for the release window that matters to streamers. That’s called the Pay One Window, and it’s when movies move from theaters to home viewing.

During the Pay One Window, the rights to show a movie are sold to two different markets: the PVOD/TVOD market (paid/transactional video on demand, aka pay-to-rent and buy-to-own) and the SVOD market, which is short for streaming video on demand.

SVOD means streamers such as Max, Prime, Netflix and Hulu; TVOD means rental and purchases on the likes of Apple TV (but not Apple TV+), Google Play, the Microsoft Store, Amazon (but not Included With Prime) and other digital storefronts.

It’s always clearest if we use a real example, so let’s take Barbie. Barbie’s theatrical run started in July 2023 and stayed exclusive to theaters until September 2023, when it became available through TVOD platforms as a pay-to-rent and buy-to-own digital release. It then became available for Max subscribers to stream in December 2023.

When the Pay One Window expires, it’s time to sell more licences. This next release window is known as the Pay Two Window, and it’s when older movies are licensed, often to other streaming services than during the Pay One period. For example, Sony has a Pay One deal in place with Netflix but a Pay Two deal with all the Disney platforms.

Of the two windows, the Pay One Window is the more desirable: pent-up demand for big-name movies drives sales of new streaming subscriptions in a way that older movies don’t. But Pay Two Window licences tend to be cheaper, and that means they enable streamers to expand their catalogs relatively cheaply.

Relationship status: it’s complicated

Joker Folie à Deux was released on Max two-months after its theatrical run. (Image credit: Warner Bros. Pictures)

Traditionally, Pay One Window deals were for up to 18 months and were exclusive – so if a movie was going to Peacock then it wouldn’t also go to Amazon Prime for at least a year and a bit. But modern movie markets are much messier, and as Variety reports, most studios now licence to multiple streamers either simultaneously or slightly staggered.

As if that wasn’t complicated enough, some of the movie studios also own streamers and some of the streamers make movies. So for example Apple TV+ and Netflix make movies that hit theaters first but which were made with streaming in mind; Disney the company owns Disney the studio and Disney Plus the streamer, so Disney movies will move to Disney Plus after their theatrical run finishes. But Disney also owns 20th Century Fox and Searchlight, and those movies don’t just end up with Disney+ or the Disney-owned Hulu; they are usually licensed to HBO and Max too.

Here’s how Variety describes it. “Netflix gets major studio fare from Sony Pictures and additional prestige films from Sony Pictures Classics, while Prime Video offers rotating selections of Universal and Paramount titles, alongside Amazon’s MGM films after they’re done on MGM+. Disney’s streamers eventually get Sony titles, too, and Hulu is also where art-house distributor Neon’s films stream after their theatrical runs.”

As we said, it’s complicated – and it’ll only get more so.

You might also like

The best streaming services
The best streaming deals to save you money
Enjoy movies and shows on one of the best TVs

Read More 

$100bn tech company is teaming up with the world’s biggest memory manufacturers to produce supercharged HBM.

HBM is fundamental to the AI revolution as it allows ultra fast data transfer close to the GPU
Scaling HBM performance is difficult if it sticks to JEDEC protocols
Marvell and others wants to develop a custom HBM architecture to accelerate its development

Marvell Technology has unveiled a custom HBM compute architecture designed to increase the efficiency and performance of XPUs, a key component in the rapidly evolving cloud infrastructure landscape.

The new architecture, developed in collaboration with memory giants Micron, Samsung, and SK Hynix, aims to address limitations in traditional memory integration by offering tailored solutions for next-generation data center needs.

The architecture focuses on improving how XPUs – used in advanced AI and cloud computing systems – handle memory. By optimizing the interfaces between AI compute silicon dies and High Bandwidth Memory stacks, Marvell claims the technology reduces power consumption by up to 70% compared to standard HBM implementations.

Moving away from JEDEC

Additionally, its redesign reportedly decreases silicon real estate requirements by as much as 25%, allowing cloud operators to expand compute capacity or include more memory. This could potentially allow XPUs to support up to 33% more HBM stacks, massively boosting memory density.

“The leading cloud data center operators have scaled with custom infrastructure. Enhancing XPUs by tailoring HBM for specific performance, power, and total cost of ownership is the latest step in a new paradigm in the way AI accelerators are designed and delivered,” Will Chu, Senior Vice President and General Manager of the Custom, Compute and Storage Group at Marvell said.

“We’re very grateful to work with leading memory designers to accelerate this revolution and, help cloud data center operators continue to scale their XPUs and infrastructure for the AI era.”

HBM plays a central role in XPUs, which use advanced packaging technology to integrate memory and processing power. Traditional architectures, however, limit scalability and energy efficiency.

Marvell’s new approach modifies the HBM stack itself and its integration, aiming to deliver better performance for less power and lower costs – key considerations for hyperscalers who are continually seeking to manage rising energy demands in data centers.

ServeTheHome’s Patrick Kennedy, who reported the news live from Marvell Analyst Day 2024, noted the cHBM (custom HBM) is not a JEDEC solution and so will not be standard off the shelf HBM.

“Moving memory away from JEDEC standards and into customization for hyperscalers is a monumental move in the industry,” he writes. “This shows Marvell has some big hyperscale XPU wins since this type of customization in the memory space does not happen for small orders.”

The collaboration with leading memory makers reflects a broader trend in the industry toward highly customized hardware.

“Increased memory capacity and bandwidth will help cloud operators efficiently scale their infrastructure for the AI era,” said Raj Narasimhan, senior vice president and general manager of Micron’s Compute and Networking Business Unit.

“Strategic collaborations focused on power efficiency, such as the one we have with Marvell, will build on Micron’s industry-leading HBM power specs, and provide hyperscalers with a robust platform to deliver the capabilities and optimal performance required to scale AI.”

More from TechRadar Pro

SK Hynix teams up with TSMC to advance HBM development
Samsung rival unveils “world’s largest capacity” 16-Layer HBM3e chips
Samsung confirms next generation HBM4 memory is in fact Snowbolt

Read More 

High-ranking US officials have been urged by CISA to enable advanced security features.

CISA has released an advisory for US government communications
Government officials are encouraged to lock down their devices
This follows the discovery foreign actors have breached US telecoms networks

CISA has urged ‘highly targeted’ individuals in the US Government or in senior political positions to immediately review and implement strict security measures with their mobile devices.

This comes after multiple major US telecoms firms were hit by security breaches earlier in 2024, most likely originating from state-sponsored Chinese hackers.

Recent reports also confirmed that the group behind the attack, Salt Typhoon, had not yet been fully eradicated, and still lurks inside US telecoms networks.

Lockdown mode

As part of its advisory, CISA also released a best practice guide for mobile communications, which includes instructions on using end-to-end encryption, password managers, Fast Identity Online (a phishing resistance authentication), and advice on how to migrate away from SMS based multi factor authentication.

CISA recommends iPhone users turn on ‘Lockdown mode’, which strictly limits certain apps and makes many features unavailable in order to reduce the attack surface that attackers could potentially exploit.

The scale of this attack makes it a serious concern for any high-ranking officials, with major networks like Verizon, AT&T, and Lumen Technologies found to have threat actors with access inside their systems.

“Highly targeted individuals should assume that all communications between mobile devices — including government and personal devices — and internet services are at risk of interception or manipulation,” CISA said.

Communications remain an attractive target for foreign actors, as breaches can result in significant disruptions and sensitive data loss.

US communications in particular have come under attack this year, especially against government and political targets in the run up to the US election last month. A ‘hack and leak’ campaign hit president-elect Donald Trump on the campaign trail in an attempt to compromise the campaign, which resulted in two indictments for the suspected individuals.

Via The Record

You might also like

Take a look at our pick of the best firewalls around
Volt Typhoon is actually a CIA asset, China claims
Check out our choices for best malware removal software

Read More 

Sophos patched three flaws it found in its firewall, including two critical issues.

Sophos says it found, and patched, three flaws in its firewall product
The flaws allowed for RCE and privilege escalation
Those unable to apply the patch can use a workaround

Sophos has recently discovered, and patched, three bugs in its Firewall product, and given the severity, has urged users to apply the fixes as soon as possible. Those that cannot do that are advised to at least apply the suggested mitigation workarounds.

A security advisory from the company notes the three vulnerabilities can be abused for remote code execution, privileged system access, and more. Two of the flaws were given a critical severity score (9.8), with the third one being high-severity (8.8).

Multiple versions of the Sophos Firewall were said to be affected, although different versions seem to be susceptible to different flaws. Still, the company urges all users to bring their endpoints to the latest version and avoid getting targeted.

Workaround possible

Patching also differs, depending on the vulnerability in question. For CVE-2024-12727 users should launch Device Management, navigate to Advanced Shell from the Sophos Firewall console, and run the command “cat /conf/nest_hotfix_status”.

For the remaining two flaws, users should launch Device Console from the Sophos Firewall console, and run the command “system diagnostic show version-info”.

Users that cannot apply the patch should at least apply the suggested workaround, which includes restricting SSH access to only the dedicated HA link that is physically separate. Furthermore, users should reconfigure HA using a sufficiently long and random custom passphrase.

Finally, they can disable WAN access via SSH, and make sure that the User Portal and Webadmin are not exposed to WAN.

Further details about the bugs, including the CVEs, can be found on this link.

Firewalls are major targets in cyberattacks because they act as the primary gatekeepers between internal networks and external threats, making them critical points of defense for sensitive data and systems.

Compromising a firewall can grant attackers privileged access to a network, bypassing security controls and exposing the entire system to further exploitation. Additionally, firewalls often hold valuable configuration data and access credentials, which attackers can leverage to escalate their attacks or maintain persistent access.

Via The Hacker News

You might also like

Sophos Firewall found a serious security issue
Here’s a list of the best antivirus tools on offer
These are the best endpoint protection tools right now

Read More 

Fresh speculation on the performance of the claimed RX 9070 XT might disappoint PC gamers, though.

AMD is supposedly launching RX 9070 XT and RX 9070 next-gen GPUs
Previous rumors suggested these would be the RX 8000 series
Performance is rumored to be a bit slower than previous chatter from the grapevine

Rumors around AMD’s next-gen GPUs have gone into overdrive this past weekend, and we’ve learned that these RDNA 4 graphics cards may not be the RX 8000 series as previously thought – and we’ve been treated to further speculation on price and performance, too.

So, the theory now is that AMD is going to launch an RX 9070 XT, as first flagged up by an editor on Chiphell, which was pointed out by HXL on X. This will supposedly be the top RDNA 4 GPU, previously rumored to be the RX 8800 XT.

It’ll come alongside a vanilla RX 9070 as a lower-tier offering, if another presence on X – All The Watts, a name we’re not familiar with in the rumor scene – is correct. They believe that the RX 9070 XT will be slightly slower than the current 7900 XT, and that the plain RX 9070 will be about equivalent to the performance of the 7800 XT.

All The Watts spilled some purported price ranges, too, and it seems AMD is looking at around $449 to $649 (in the US) for the Navi 48 graphics cards, which will put the RX 9070 XT at that $650 or so level, and the plain RX 9070 perhaps at $550 to $600. It all feels very vague, though – we’re also told that dropping down a chip, Navi 44 GPUs will range in price from $179 to $349 (RX 9060 models and downwards, presumably).

Another regular rumor peddler on X, Hoang Anh Phu, also shared that the RX 9070 XT is coming at CES 2025, where AMD is rumored to be revealing RDNA 4 – and that FSR 4 will debut alongside it (plus a whole bunch of other stuff, too, in theory).

Finally, Hoang Anh Phu also claimed that a render of a GPU that cropped up in an official AMD advert is supposedly a reference design for one of the next-gen graphics cards from AMD. Season that, and all of this chatter, liberally, of course.

It’s worth further noting that All The Watts reckons there’ll be mobile 9070 variants too, which would be no surprise, but that we may also get some new GPUs for the current RDNA 3 range, namely the RX 7750 and 7650. The latter in particular might be an interesting addition for more affordable GPUs (hopefully).

(VideoCardz spotted all these various posts, by the way, so a hefty four hat tips goes their way – 1, 2, 3, 4).

(Image credit: MSI)

Analysis: Turning it up to 9070?

There’s been a lot of spillage in a very short time around AMD’s next-gen GPUs, and it seems that the RX 9070 XT and 9070 might really be happening. The story is that this was a late switch from AMD in terms of next-gen naming, as until recently, Team Red was going to run with RX 8000 as had been claimed via the rumor mill.

Why switch the name? Well, in some ways, the change to RX 9070 performs that trick of making it seem ‘better’ than Nvidia’s xx70 class graphics card, which this time round will be the RTX 5070 (and 5070 Ti, apparently). So, your mid-range choices early next year could be the RTX 5070 (Ti) or RX 9070 (XT), so the bigger number must be better, right?

It’s that kind of Spinal Tap (turning it up to 11) marketing thinking, we assume (if it happens) – and it’s interesting to note that rather than the 9700 XT, it’s the 9070 XT. (Although that’ll help avoid confusion with AMD’s Ryzen CPU names, to be fair, and the Ryzen 9700X – but it does seem angling very much towards ‘outplaying’ Nvidia too).

The other reason could be that – again, according to rumors – AMD is looking to switch away from the RDNA brand entirely after this next generation of graphics cards. We won’t have RDNA 5, in other words, but UDNA, the ‘U’ meaning unified as this architecture will supposedly bring together CDNA (data center) and RDNA (gaming) under one umbrella.

If that happens, then AMD’s likely to head off the RX x000 naming path entirely, which would make sense rather than go with RX 10000 – which doesn’t work after RX 9000, of course. In other words, the move to UDNA effectively frees up the RX 9000 name for this generation – so why not use it now? We’re just engaging in pure speculation here, mind, but this makes us think it’s perhaps a bit more likely that UDNA, not RDNA 5, comes next on AMD’s GPU roadmap.

As for the performance levels mentioned above for the RX 9070 XT and 9070, they’ll probably come as a bit of a disappointment. The previous hope was that the RDNA 4 top dog GPU could be a bit faster than the 7900 XT, and it’s seemingly slightly slower according to All The Watts – but be particularly skeptical there.

Furthermore, we assume that this is talking about rasterization (non-ray tracing performance), and for ray-traced graphics, AMD supposedly has a much bigger leap in frame rates ready for us, or so other rumors have suggested.

You might also like

The best graphics card deals out there
Top gaming PCs: great rigs for serious PC gaming
Best PC games of 2024: must-play titles you don’t want to miss

Read More 

FlowerStorm has significant overlaps with the defunct Rockstar2FA, warns Sophos.

Researchers said that Rockstar2FA went quiet in November 2024
But a new PaaS emerged soon afterwards, with partly overlapping infrastructure
The new PaaS is called FlowerStorm, and it targets Microsoft365 accounts

Cybersecurity researchers from Sophos have warned a new Phishing-as-a-Service (PaaS) tool has emerged, allowing threat actors to easily hunt for people’s Microsoft 365 credentials.

This tool is called FlowerStorm, and it might have emerged from the (defunct) Rockstar2FA, the company revealed, noting how in November, detections for Rockstar2FA have “suddenly gone quiet”.

The organization’s infrastructure was taken offline, at least partly, for reasons yet unknown – but the researchers don’t think this was the work of law enforcement, though.

Long live FlowerStorm?

Rockstar2FA was a PaaS platform designed to bypass two-factor authentication (2FA), primarily targeting Microsoft 365 accounts. It worked by intercepting login processes to steal session cookies, allowing attackers to access accounts without needing credentials or verification codes. Through a simple interface and Telegram integration, threat actors that purchased a license could manage their campaigns in real time.

The new platform, which emerged in the weeks after Rockstar2FA went quiet, was dubbed FlowerStorm by the researchers. Apparently, much of its tools and features overlap with that of Rockstar2FA, which is why Sophos speculates that it could be its (spiritual) successor.

The vast majority of the targets chosen by FlowerStorm users (84%) are located in the United States, Canada, United Kingdom, Australia, and Italy, Sophos added.

Companies in the States were most frequently targeted (60%), followed by Canada (8.96%). Overall, almost all (94%) of FlowerStorm targets were either in North America or Europe, with the rest falling on Singapore, India, Israel, New Zealand, and the United Arab Emirates.

The majority of the victims are in the service industry, namely firms providing engineering, construction, real estate, and legal services and consulting.

Defending against FlowerStorm is the same as against any other phishing attack – using common sense and being careful with incoming emails.

You might also like

This worrying new phishing attack is going after Microsoft 365 accounts
Here’s a list of the best antivirus tools on offer
These are the best endpoint protection tools right now

Read More 

More than five million people had sensitive data exposed, including healthcare and payment info.

Ascension was struck by ransomware attack in May 2024
It has now concluded its investigation into the attack
Sensitive data on almost 5.6 million people was stolen

Hackers that struck Ascension with ransomware managed to steal a whole treasure trove of sensitive customer information, with medical information, personally identifiable information, payment data, and more all compromised.

The US healthcare giant has now released new details about the ransomware attack, and filed a new form with the Office of the Maine Attorney General.

The cyberattack occurred on May 7 and 8, leading to significant disruptions in clinical operations. Employees were unable to access electronic health records and patient portals, and some facilities were even forced to divert ambulances, and elective care was paused in the aftermath.

Disrupting healthcare

In the filing, the firm said exactly 5,599,699 people were affected by the incident, and in the update, it added that the information crooks took included:

medical information (medical record number, date of service, types of lab tests, or procedure codes)
payment information (credit card information or bank account number)
insurance information (Medicaid/Medicare ID, policy number, or insurance claim)
government identification (Social Security number, tax identification number, driver’s license number, or passport number)
and other personal information (date of birth or address).

While the attack seems enormous, putting millions at risk of identity theft, wire fraud, phishing and social engineering attacks, Ascension is keeping a positive outlook.

“Although patient data was involved, importantly, there remains no evidence that data was taken from our Electronic Health Records (EHR) and other clinical systems, where our full patient records are securely stored,” it said.

The company said it will now start notifying affected individuals, and expects the job to be done within three weeks.

At press time, no threat actors took responsibility for the attack, and we don’t know if Ascension paid any ransom in exchange for the data – although it did say the attack hurt its ability to recover from the previous financial year.

You might also like

Ascension healthcare giant forced to take systems offline following cyberattack
Here’s a list of the best antivirus tools on offer
These are the best endpoint protection tools right now

Read More