Technology

Google's Chrome browser is dominant; not in the way Google's search engine is, but at 67% market share, according to Stat Counter, it sits comfortably atop competitors like Safari, Edge, and Opera, who are mostly fighting over scraps.

For the US Government, which is now calling for the breakup of Google by having it sell off Chrome and, perhaps, Android, it's not so much the market share that matters as much as how Chrome acts as a powerful fulcrum for Google's other interests, chief among which is maximizing advertising revenue.

Here's how it works. Chrome is a web browser like Safari and others, but it's also a search engine interface. The default search engine when Chrome is delivered to your desktop or smartphone is, naturally, Google. These days there are few people who only type websites into their browser address bar (so-called because we were only supposed to put the 'address' or URL for our desired website in there). Now we use our browser address bars as prompt fields. That's right; long before the advent of AI, we were typing in fully-formed sentences and, invariably, getting canny answers from Google's powerful search engine.

I've argued here and elsewhere that Google's search dominance comes by way of quality not coercion.

That's not all we've been getting. If I type, "Where do I find the best mattresses?" into my Chrome address bar, Google Search instantly returns a page of results. 'Sponsored' links occupy, by my estimate, 95% of the desktop web page results. I have to scroll down to perhaps the fourth result to see some suggestions from The New York Times.

Google gets paid for those ads; and, essentially every time you search, for every result with ads, Google gets a cut. If Google isn't serving partner ads, then it has ads delivered in search and through millions of websites by its own Doubleclick ad network. It's a system that barters and then fills countless bits of unsold inventory (pages where a specific advertiser didn't choose to sponsor the site or page) to the highest-bidding advertiser. Google gets paid here, too (as do publishers).

That's a lot of ads (Image credit: Future) The everything of Google

Even if you're not on Chrome, Google search is pervasive. The search company pays Apple up to $20 billion a year to be the default search engine in Safari's address bar.

If you own an Android phone, Chrome is often the default browser, or it's at least pre-installed, and virtually all phones also feature Google Discover, which you can usually find by swiping right on your Android homepage. This feed is full of news and ads, with Google again getting paid for the latter.

Which web browser do you use?November 21, 2024

Google's reach and, perhaps, control, are undeniable. Is it a monopoly? A US federal judge said yes in August. I've argued here, and elsewhere, that Google's search dominance comes by way of quality not coercion. Google entered a crowded search market and later a browser market dominated mostly by Microsoft and Internet Explorer. None of these competitors rolled over. Google just did it better.

Technology has a habit of choosing winners and losers. It's also the nature of the beast to start demanding standards and uniformity. If there were two dozen operating systems across our desktops and mobile phones, developers would strain and probably break trying to support them all. In fact, they wouldn't do it; and they, along with consumers, would soon pick the winners and losers.

(Image credit: Future / Lance Ulanoff) Google in control

Google is not blameless here. It's hard to deny the power and control that dominating market share gives you, and while consumers might initially choose a laptop manufacturer and a platform, it's ultimately the tech companies like Google that lead and make decisions for us. They choose how the platforms will work, and which third-party systems to invite. They're the ones connecting the dots on the back end – and that again is a considered decision that's usually hidden from our view.

Chrome is not just a web browser; it's an ecosystem, a platform inside platforms that we live and work in. I manage multiple email accounts, edit documents in Google docs, manage my photo library, post on social media, and, lately, conduct AI conversations all inside of Chrome, with every action and interaction passing by Google's unblinking eye.

(Image credit: Statcounter)

I'm not complaining. Google Search is still the best search engine in the business, and Chrome is an excellent browser that is finally getting its resource-hogging issues under control. It still earns its place on my desktop.

Will I be served by someone else owning Chrome and then taking the code in a different direction, perhaps away from its tight integration with the Google corpus? I don't think so. I know Google definitely doesn't think so. In a tersely worded response to the DoJ brief proposing the break-up, Kent Walker, Google & Alphabet President, Global Affairs & Chief Legal Officer, wrote:

"DoJ’s approach would result in unprecedented government overreach that would harm American consumers, developers, and small businesses – and jeopardize America’s global economic and technological leadership at precisely the moment it’s needed most."

He added that it would hobble access to Google Search, endanger consumer privacy, and harm Google's investment in AI.

Handicapping Google

Google is on the precipice of radically reimagining our search with deeper integration of AI overviews, Gemini-powered generative results that may soon overtake traditional Google Search results. Again, since Chrome is our de facto search prompt window, shifting the browser to another company means that it could be any AI that returns a result.

Google's AI is not necessarily the best, yet, but it's in a strong competitive position against, for instance, OpenAI and ChatGPT. I like how these companies are pushing each other. A Google breakup won't help the race, or put the US in a better position relative to the rest of the world when it comes to AI development.

I also, ultimately, don't want anyone to pull Google Search out of my Chrome. It's a marriage I like, and one that works for me and, I bet, billions of others. Pulling them apart may make Google look less like a monopoly, but it won't improve anyone's life. I'd prefer that the DoJ and others focus on Google's ad business and SEO control – there may be some more sensible remedies there.

I don't know what will happen next. Google is now been labeled a monopoly, and the DoJ is calling for a breakup that could even include Android. But the X-factor here is that we are about to see a new administration in the White House, and changes at the top of the DOJ. Those changes could mean this initiative is killed off, or they could mean it's accelerated; it could go either way, and your guess is as good as mine. Maybe ask Google Chrome – I'm sure it has the answers.

You might also like

• Judge rules Google has illegal search monopoly and you might not like what comes next
• Google might have a radical plan to beat Apple's iPad
• Google is giving Gemini AI a memory for your favorite things

The popular message board was unavailable on Wednesday and Thursday morning -- the company mentioned an update bug that could be the culprit.

Black Friday is here and it's dropping prices left, right and center, just like on this Keurig K-Express coffee maker.

• Change Healthcare's clearinghouse services have been restored
• The organization suffered a huge ransomware attack in February
• Attack has cost it over $2 billion so far

Change Healthcare has confirmed its clearinghouse services have finally been restored after the organization suffered a massive ransomware attack in February 2024.

Recovery from the Change Healthcare cyberattack has been grueling, costing close to $2 billion so far, with some systems still yet to be restored nearly nine months on.

Although most of its network was restored after two months, some functions are still not fully restored, including its pharmacy claims management and e-health record information exchange systems.

100 million affected

Change Healthcare and parent company UnitedHealth Group's activities touch 1 in 3 patient records in the US, processing 15 billion health care transactions annually.

The attack caused unprecedented levels of disruption to billing and payments providers across the US, and threatened the viability of hospitals across the country.

It was recently revealed that as many as 100 million people’s information was exposed in the attack, with 6TB of sensitive data stolen, including health insurance info, billings, claims, payment information, and much more.

UnitedHealth reportedly paid $22 million to the notorious ALPHV group in exchange for the data, but the remediation of the attack alone cost $873 million, so the costs keep rising.

Reports claim the ransom never made it to the affiliates responsible for the attack, and was taken in entirety by the ransomware operators, who were only meant to receive a portion.

The attackers reportedly used stolen credentials to log into a Citrix portal that didn't have multi-factor authentication turned on, which left the organization vulnerable.

It’s likely the repercussions of the attack will be felt long into the future, with some systems yet to be restored. Healthcare providers reported that by early March 2024, 60% of hospitals in the association were seeing a revenue shortfall of $1 million or more per day, and a third of providers had over half their revenue impacted.

Via The Register

You might also like

• Take a look at our pick of the best malware removal software
• Hospital cyberattack exposes data on nearly a million patients
• Check out our choices for best antivirus software

• Xbox has shared its exclusive Black Friday deals
• Save money on an Xbox Series S and a selection of Xbox controllers
• Xbox is offering up to 55% off popular Xbox Game Studios titles

Black Friday week has finally arrived and to kick off the seasonal event, Xbox has revealed a range of exclusive Black Friday deals.

Now available on the Microsoft Store, Xbox is offering discounts on select Xbox consoles, including a £40 off deal for the Xbox Series S (512GB) and the Xbox Series S Family & Friends bundle.

Refurbished consoles are on sale too, with the same £40 off deal, and consumers can also get their hands on an Xbox Series X Console Wrap - Mineral Camo thanks to a 50% discount.

Xbox is also offering 20% off on a selection of Xbox Controllers, including some from its latest collection, Sky Cipher and Ghost Cipher.

Those who purchase a standard or Elite Xbox Design Lab controller will also be treated to a free engraving on their pad while the Black Friday deal is active.

It's confirmed that hardware offers will only be available from November 21 and will run until December 2, although the free engraving will run until December 5.

For those thinking about resubscribing to Xbox Game Pass, now may be the best time, because Microsoft is now offering 14 days of PC Game Pass for just £1.

This subscription will give members access to new games on day one, including Indiana Jones and The Great Circle, which arrives on December 9. After the 14 days are up, it will cost £9.99 a month.

Finally, Xbox is also offering up to 55% off popular Xbox Game Studios releases, including Forza Horizon 5 and Forza Motorsport, Minecraft Dungeons, Minecraft Legends, and Halo Infinite.

To keep up to date on all the latest offers, be sure to check out our guide to the best Black Friday Xbox deals.

You might also like...

• Xbox Game Pass Ultimate subscribers can now stream "select" games they own via Cloud Gaming, including titles not on Game Pass
• Phil Spencer says Microsoft will release more Xbox games on other platforms - "I do not see sort of red lines in our portfolio that say ‘thou must not'"
• Xbox boss Phil Spencer says 'we’ll definitely do more consoles' as well as 'other devices' in the future but seems against a mid-generation leap like the PS5 Pro

• The biggest bookshelf speakers in Klipsch's Reference range
• The same woofer as the R-605FA floorstanders
• £425.00 in the UK, $399 in US

We've got good news for UK Klipsch fans and slightly less good news for US ones: the maker of fine audio equipment has brought its latest pair of bookshelf speakers to the UK and Europe too. But in the US they're still a Costco exclusive, for the time being at least.

The new Klipsch R-60M are the latest addition to the firm's Reference speaker range, and they have the same 6.5-inch spun-copper TCP woofer as the floorstanding R-605FA speaker. They also have the Reference range's tweeter and edge to edge square "Tractrix" horn, which Klipsch says delivers "an impressive sound across the frequency spectrum."

Subhead

The new R-60M have a 3/4 MDF cabinet with a new bracing design that's designed to reduce vibration, remove unwanted audio coloration, and deliver better accuracy, and the cabinet is finished in a scratch-resistant wood grain vinyl with hidden fasteners and low profile magnetic grilles.

These are the largest bookshelves in the Reference range, and they have a frequency range of 50Hz to 21kHz and up to 85W continuous and 340W peak power handling. They're 8 ohm compatible and come in at 400m x 203mm x 336mm with a weight of 7.75kg. You can have any color you like as long as it's black.

The Klipsch R-60M speakers have a recommended selling price of £425 in the UK, compared to £399 in the US and €449.00 in Europe. At this price, they're very competitive among the best stereo speakers with an audiophile edge – perhaps soon, they'll be available in the US in stores where could demo them…

You might also like

• Klipsch's answer to the Sonos Ray? 11 speakers with Atmos
• Klipsch's modular Atmos soundbar hits the right home theater notes
• Klipsch's 16-inch subwoofer is a beast

• Security researchers find multiple flaws in service introduced a decade ago
• The flaws allow malicious actors to escalate privileges and run arbitrary code
• A patch is available, and users are urged to apply it

Ubuntu Linux has been carrying multiple high-severity vulnerabilities for a decade, allowing malicious actors the ability to escalate their privileges to root without user interaction, experts have warned.

Cybersecurity researchers Qualys found the bugs in the OS utility feature called ‘needrestart’, a utility that checks which services need to be restarted after an update or a change in the system's libraries or binaries.

It is particularly useful after applying security updates or upgrading packages, as it ensures that the updates are effectively applied without requiring a full system reboot.

Exploitable vulnerabilities

Needrestart is capable of identifying services using outdated libraries, prompting to restart them, and recommending a system reboot when necessary. As a result, it helps maintain the security and stability of a system without needing frequent reboots.

It was introduced in 2014 and maintained as a Debian package. It was vulnerable since the day of its inception, with Ubuntu Linux version 21.04. The five vulnerabilities in question are tracked as CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003. Needrestart’s earliest vulnerable version is 0.8, and earliest clean version is 3.8, released earlier this week.

More details about the vulnerabilities can be found here, but in short - they allow crooks to execute arbitrary code on vulnerable systems. The only prerequisite is that they have local access, either through malware, or compromised accounts.

While this sounds like a solid mitigation, BleepingComputer reminds that attackers exploited similar Linux elevation of privilege flaws in the past, as well.

One notable example is Loony Tunables, which exploited the nf_tables bug. Needrestart is an extremely popular, and widely used feature, and hackers will most likely now try to exploit it. Therefore, it is essential users upgrade to version 3.8 or later, as soon as possible.

Via BleepingComputer

You might also like

• This commonly-used Ubuntu tool can be hijacked to spread malware
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now

It’s an age-old conundrum for business leaders – there’s an opportunity in front of you but it comes with a cost. Can you afford to do it? Or, perhaps more pertinently, can you afford not to do it?

This dilemma has arguably never been as acute as it is today. The opportunity afforded by emerging technologies such as AI is clear for all to see – it has the potential to turbo-charge the enterprise cloud platform and empower organizations to innovate and stay competitive.

However, unlocking this potential means using additional processing power and computing scale to hold and manage the huge volumes of reference data required by AI and as a result cloud investment decisions are increasingly being driven by the need to support AI.

The cost management gap

But at what cost? New research from Wipro reveals that whilst 54% of organizations cite AI/GenAI as the top driver for cloud investment, 43% of UK organizations do not have a coordinated or centralized approach to managing their cloud costs – this is significantly higher than the corresponding figures for France and Germany at 25% and 24%, respectively.

There is no doubt that the unique nature of cloud spending is a factor here – as well as the additional processing and computing scale referenced above, creating testing sandboxes and accommodating new user adoption are both key requirements too. In addition, cloud spending is also based on consumption and, as a result, constantly variable – unlike a fixed-cost model such as a non-SaaS ERP system. However, like an ERP system, many departments and business functions use the cloud, meaning a single enterprise can have multiple functions accumulating their own cloud costs. Such siloed management can lead to duplicative spending, inflating the cost of cloud and diluting the ROI for the business.

When you consider all of the above, this cost management gap is a real cause for concern, especially when you factor in two other key findings from the new research – namely, that 54% of organizations plan to increase hybrid cloud investment and 56% plan to increase public cloud investment. With AI cloud investment set to continue to make up the majority of enterprise technology budgets, it’s vital that we bridge this cost management gap and quickly.

But how do businesses get the control they need over cloud spending without limiting innovation or the new technologies only truly enabled through the cloud?

Moving from cost to value

The answer lies in cloud economics, a collaborative, pragmatic process which brings clarity to cloud spending by helping organization leaders (IT, operations, finance, development, business units) define what value means in terms of cloud investments and then develop a strategy accordingly. This approach encourages the different business functions to look beyond optimizing costs in order to make decisions that will maximize the business value of the cloud.

For me, this shift in focus from cost to value is the key to a successful cloud program. The reason many first-time cloud migrations deliver average results is because the business is focused primarily on moving to the cloud as a way to cut costs. And whilst it’s true that moving to the cloud can help make some processes more cost-effective, doing so is also likely to require time and money upfront.

Businesses solely focused on cutting costs may view these investments as a ‘failure’ but they’re not looking at the bigger picture – the key to saving money in the long term is to incorporate AI and automation throughout operations, confident in the knowledge that investing time and resources in specific areas of cloud development will lay the groundwork for capabilities and advancements critical to the larger business goals.

Cloud economics can help businesses identify their own specific cloud goals and the actions necessary to achieve them. In doing so, the businesses learn how to optimize cloud costs and maximize the value of cloud by aligning the various business teams around shared investment goals. This is an organizational change management endeavor that requires the business to act in concert to achieve like-minded goals.

The role for FinOps

As the cloud program progresses – through the evolution of investment spending models and changing company needs – other tools such as FinOps can help business managers further optimize cloud spending and business value.

FinOps is a component of cloud economics that focuses on operational aspects. Now that the business has moved to the cloud, how does it best manage its cloud spending to achieve its cloud goals? What are the areas of extraneous cloud spending? What areas need greater investment? How can teams focus or redirect their cloud investments without disrupting business operations?

To answer these questions, FinOps uses a three-phase iterative approach: inform, optimize and operate.

1. Inform Increasing transparency of cloud spending, budgets, benchmarks, forecasting, etc., and giving teams the information they need to make decisions about cloud spending that align with the goals of the business.

2. Optimize Implementing changes to optimize cloud consumption.

3. Operate Integrating analysis and optimization into day-to-day operations, tracking the progress of cloud programs and adjusting as needed.

Through FinOps, businesses can identify areas of overspending, corrective actions and the best way to reinvest those savings. For example, through FinOps, a company may learn that it's paying for much more storage space than it needs based on average usage. Downsizing the storage could free up funds that the company could reinvest in other avenues based on the cloud goals outlined through cloud economics.

Moving forward

As I assess the overall business landscape, the fact that over 50% of organizations view AI as the primary driver for cloud investment really does open up a whole new world of opportunities. But this emerging cost management gap needs to be addressed.

As a cloud leader, we are playing our part, for example, by training our associates on Google Cloud’s AI technologies to better help global enterprise customers scope, deploy and manage AI projects that solve their unique business objectives. This will significantly enhance vital digital transformation projects such as application migrations and modernization, with GenAI-powered productivity improvements of up to 30%.

But collectively, if we’re going to unlock the true potential of AI, we need to work together to embrace a cloud economics approach which is powered by value not by cost.

We've featured the best AI website builder.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

We’ve been living with widely-available generative AI tools for nearly two years now, so the time is right to ask the question – what effect is it having on the public’s understanding of their own digital identities, and how safe their identities are online? The answer, unfortunately, shows there’s a lot more work to do to improve our security online in the age of AI. In some recent research Okta commissioned, an overwhelming 93% of consumers across Europe are worried about digital identity theft, and over half (54%) of consumers have heightened their awareness of their digital footprint over the past year. This increased vigilance is driven by the surge in cyberattacks and the rise of AI, which both present new challenges and amplify existing vulnerabilities in the online environment.

Given that it is the entrance to any experience in a digital-first world, focusing on digital identity must be a priority. It serves as the foundational layer of security and access control. With 80% of cybersecurity attacks stemming from credential abuse, identity-based attacks have become a top method for bad actors, exploiting weaknesses in authentication processes. In response, business leaders must rapidly adopt rigorous security strategies and foster a security-conscious work culture, especially in the era of AI.

Growing adoption of cyber hygiene practices

Over half (52%) of UK consumers know someone who has had their personal details hacked. Clearly, there is already a concern about cybercrime and a willingness to improve cyber hygiene. For instance, 43% of people in the UK report using different passwords for every online account, a practice that significantly enhances security by ensuring that a breach of one account does not compromise others. In contrast, only 11% use the same password for everything, indicating a growing recognition of the risks associated with password reuse. The shift towards more secure online behaviors reflects a broader understanding of the importance of protecting personal information in an increasingly digital world.

While it’s heartening that consumers have a basic understanding of cyber hygiene, the results show that this simply isn’t enough. Users need help managing their passwords – which we should ultimately be moving beyond anyway - and fear still remains around the implications of AI and the potential security threat that it poses.

AI’s dual role in cybersecurity

The boom in AI has introduced a whole new dimension to Europe and the UK concerns around digital identity. On the one hand, AI enhances cybersecurity by detecting and mitigating threats faster than traditional methods. However, it also presents new risks by enabling more sophisticated cyberattacks, such as AI-generated phishing schemes. The negative implications of the technology appear to be where most UJ consumers are focusing their attention with over half of consumers (54%) across the UK thinking that AI has made the online environment less safe, this rises to two thirds (66%) amongst 18-24 year olds. Furthermore, AI increases the likelihood of digital identity attacks.

The UK public is well-aware of the risks that AI poses, it’s vital that regulation is therefore put in place to mitigate these risks and ensure that we can realize the potential benefits of the technology in a safe and secure way.

Workplace accounts – the forgotten threat

The average consumer has 100 accounts to their name, ranging from social media to online shopping to subscription services. There’s a huge range, but they’re not all equal in terms of risk. Unsurprisingly, financial service and online banking accounts are top of consumers’ worries because it’s where their money is. In fact, 60% identify it as their primary concern, but are they missing a trick?

In some recent cyberattacks such as the NHS hacks and MailChimp data breach in 2022, workplace accounts were the main vector that attackers used for cracking into an organization's system. Despite this, workplace accounts are considered primary targets by only 2% of UK consumers. Organizations must take note of these attitudes. If the workforce doesn’t think that these digital identities are a target for cybercriminals, then businesses must make sure that those accounts are more secure as their workers simply aren’t paying enough attention.

Balancing convenience and security

Clearly there is a concern around cybersecurity and a willingness to become more resilient as shown by the 71% of European consumers that are actively planning to improve their digital identity strategies for enhanced security. Whilst 45% consider protecting their online identity as a personal responsibility, businesses must also do more to protect their identity ecosystems – as shown by the limited consideration for workplace accounts. The approach must be collaborative as agreed with by the 26% of consumers that believe protecting online identity should be a shared responsibility. For this to work effectively we need individuals to take proactive measures, governments to enforce regulations, and businesses to implement robust security measures to ensure a safer online environment for everyone.

One key change should be to make passwords a thing of the past. Not only are they less secure but they also create an added layer of friction for users with 65% of respondents to Okta’s Customer Identity Trends Report 2023 feeling overwhelmed with the number of usernames and passwords they have to manage . Fortunately, there are passwordless options that offer both stronger authentication and more convenience for consumers. For example, enabling users to authenticate with biometrics reduces friction during authentication and increases security since the flow is generally not “phishable”.

With growing cybersecurity concerns in Europe and across the UK, business leaders must rapidly adopt rigorous security strategies and foster a security-conscious work culture, especially in the era of AI, where advanced technologies can both enhance and threaten security measures. This involves implementing multi-factor authentication, passwordless technology, continuous monitoring and regular updates to security protocols while promoting cybersecurity awareness among employees. By integrating these practices into overall business strategy, organizations and governments can protect sensitive information, maintain trust and ensure resilience in an increasingly digital world.

We've featured the best identity theft protection.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Messenger has rolled out video and audio improvements for video and voice calls
• You can now leave voicemails on Messenger, much like on FaceTime
• There’s also a deeper integration with iOS that enables Siri support

Meta has unveiled plans to turn Messenger into a more capable video conferencing solution as it looks to keep up with other advanced work-based alternatives.

Key to the enhancements are a series of upgrades designed to improve the video calling experience, and unsurprisingly, artificial intelligence makes a guest appearance.

The new features is designed to grow the over seven billion minutes of Facebook and Messenger calls that the company already hosts every single day.

Meta upgrades video calling experience

Adding to existing Meta AI features within the Messenger app, users will soon be able to use AI-generated backgrounds to personalize video calls. Users can ‘Describe an image’ and pick from a selection of examples.

More important to those spending a lot of time conversing online, Meta is adding HD support for video calls together with background noise suppression and voice isolation. Wi-Fi connections will enable HD calls automatically, and users can choose whether to continue using HD quality over mobile data.

Audio and video voice messages now allow users to leave messages for contacts who don’t answer, much like a traditional voicemail. The social media platform likened the new feature to a “fully outfitted phone, plus some extra features,” but the feature comes a year after Apple introduced similar functionality to FaceTime.

In an era of constant investigations into anticompetitive business practices, the final feature is a welcome move that will see iPhone users make the most out of the app. Messenger now integrates with Siri, so users can ask the voice assistant to “send a message to” a contact and then dictate the content of the message.

The company proudly boasted the new feature rollout was the result of feedback from users, and that Messenger would become “easier, more reliable and more fun.”

You might also like

• One simple prompt can make AI images come alive in Facebook Messenger and Instagram
• Reaching audiences online? These are the best social media management tools
• Look your best with the best business webcams

This MagSafe wireless charging stand rotates to track your movements and is great for shooting video and FaceTime.

These earbuds would make a great gift for just $42 (an all-time low).

Grab the best snack box subscription out there at a discount with this Black Friday deal.

ExpressVPN has launched a new credit monitoring tool to help you protect your identity and finances online.

Credit Scanner offers real-time monitoring so that you can take swift action against suspicious activities before your online credit is impacted. It complements the newly launched Identity Defender suite that seeks to protect you against identity theft.

Like the ID bundle, ExpressVPN Credit Scanner is available only for the US market at the time of writing. It comes free of charge alongside one of the best VPN apps you can get when you sign up for its one or two-year subscription plans. The latter offer also adds the option to get a detailed monthly credit report.

Why use ExpressVPN Credit Scanner?

"Credit has moved online, so it’s not just about knowing how to manage a budget – people also need digital skills to track scores, manage accounts, and protect their information," said Lauren Hendry Parsons, Digital Privacy Advocate at ExpressVPN. "Without this, people can fall victim to scams or data breaches that impact their credit and finances."

This is where ExpressVPN Credit Scanner comes in. By sending regular updates, the tool lets you easily track changes in your credit score, payment history, and account balance.

You'll also receive timely notifications when unusual credit activity occurs. This proactive approach allows you to identify ID theft before it's too late and take all the measures to protect your finances.

ExpressVPN's new tool also promises to make it easier to access credit-freezing options, allowing you more control in protecting your credit online.

When you sign up for ExpressVPN's new 2-year plan you'll also get exclusive access to monthly detailed credit reports, helping you stay on top of your financial life. You can get up to 82% off this plan with the provider's time-limited Black Friday VPN deal.

You can activate the Credit Scanner feature directly within the ExpressVPN mobile app under the Upgrades tab, or by heading on your account page on the website. (Image credit: ExpressVPN)

Credit Scanner is part of the Identity Defender Suite the provider launched at the end of October. ID theft incidents have been rising year by year, as Data coming from the Federal Trade Commission (FTC) shows, with credit frauds being a big motive behind these attacks.

"We wanted to do more to help our users take control of their online identity and financial security," said Sam Bultez, Head of Product at ExpressVPN, explaining that each tool focuses on a different aspect of identity protection.

ExpressVPN Identity Defender also includes an identity theft alert, cyber insurance, and data removal service. All these solutions come alongside feature-packed VPN software with a built-in tracker blocker and free-to-use password manager for a multi-layered approach to online security.

• A threat actor is offering a large database for sale, claims it came from Finastra
• The finance giant sends out data breach notification letter to affected customers, claiming its secure file transfer service was compromised
• The attacker used stolen credentials to pull off the heist

Fintech software firm Finastra is warning its customers a recent data breach may have meant it recently lost some data.

Security researcher Brian Krebs obtained a copy of the letter sent to affected individuals, which says the breach was not the result of an exploited vulnerability, but rather the result of stolen credentials.

“The threat actor did not deploy malware or tamper with any customer files within the environment,” the notice reads. “Furthermore, no files other than the exfiltrated files were viewed or accessed.”

400GB - zipped

The company told BleepingComputer the attack originated on its Secure File Transfer Platform (SFTP): "On November 7, 2024 Finastra's Security Operations Center (SOC) detected suspicious activity related to an internally hosted Secure File Transfer Platform (SFTP) we use to send files to certain customers," Finastra told the publication.

"We immediately launched an investigation alongside of a third-party cybersecurity firm and, as a precautionary step, isolated and contained the platform. This incident was limited to the one platform and there was no lateral movement beyond it."

The same source also claims the platform was not the company’s default one, and was not used by all customers, suggesting that not everyone’s data was compromised.

At the same time, a threat actor with the alias ‘abyss0’ offered for sale a large archive, claiming to originate from Finastra.

“Today we list for sale Finastra.com data breach, dated 2024 Nov,” the notice reads. “In total, 400GB~ zipped.”

“This data is from their ESB and exfil via IBM Aspera, not everything just stuff we deemed as important. There is a lot of files and different file format.”

Finastra is a financial software company with more than 8,000 institutions for customers - among its clients are most of the world’s top banks and credit unions, and it counts tens of thousands of employees.

Via BleepingComputer

You might also like

• Fidelity data breach exposes details of thousands of customers
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now

You can reach your step goals—even when working from home—when you have a walking pad.

It's like a TikTok-style viewer for movie and TV show scenes from Tubi's huge catalog.

Listen to new versions of Defying Gravity, Popular and more.

The Tablo also offers free streaming channels.

Grab incredible soundbars, headphones and more at a rare discounted price.