Technology

It's OK to opt out of this costly part of the holidays.

• The latest draft of the UN Cybercrime Convention faces key vote
• The US is set to support the treaty
• Human rights advocates say the convention will make it easier for authoritarian regimes to expand surveillance

A new draft of the UN Cybercrime Convention is set to face a key vote, and the Biden administration is reportedly set to support the treaty, despite criticism from digital rights organizations and human rights campaigners.

The convention is the first piece of legally binding legislation from the UN regarding cybersecurity, and its supporters hope to use it to establish a global framework for states to use to investigate and prevent cybercrime.

However, not only does Cisco think the treaty falls short of sufficiently protecting basic human rights, but some campaigners have said this convention will actually make it easier for authoritarian regimes to abuse their power and expand policing and surveillance.

Extensive deliberation

US officials confirmed there had been consultations with allied states and reviewed hundreds of written submissions from non-government organizations, and ultimately ‘decided to remain with consensus’.

A contributing factor to the support from the US was the need to influence later amendments and updates to the treaty, which would be made easier by support from the early stages.

A group of Democratic senators recently wrote the treaty could “legitimize efforts by authoritarian countries” to censor and surveil internet users and political activists.

“While the executive branch’s efforts to steer this treaty in a less-harmful direction are commendable, more must be done to keep the convention from being used to justify such actions,” the senators said in a joint letter to the Secretary of State, Attorney General, and others.

A primary concern for digital rights groups is that the treaty doesn’t focus on crimes committed against computer systems, such as ransomware. Instead, the legislation focuses on digital communication systems, and could be used as an extension of police surveillance powers rather than protecting internet users and companies from cybercrime.

Via Politico

You might also like

• Take a look at our pick of the best ransomware protection tools around
• The United Nations is drawing up a new treaty to fight cybercrime
• Check out our choices for best antivirus removal software

• High-performance mini PC with AMD Ryzen 9 and RTX graphics
• Supports up to 64TB storage with lightning-fast 10,000 MB/s speeds
• Features triple monitor support, Wi-Fi 7, and dual 10Gb Ethernet

The Falco Prime A2 is a high-performance, budget-friendly mini PC currently seeking funding on Kickstarter.

Designed for content creators, media enthusiasts and gamers, this compact powerhouse is equipped with an AMD Ryzen 9 7940HX processor, optional NVIDIA GeForce RTX 4060 or 4070 mobile graphics, up to 64GB DDR5 RAM, and dual NVMe SSDs for the operating system.

The main selling point of the Falco Prime A2 is the 8x M.2 SSD bay that supports up to 64TB storage with read speeds up to 10,000 MB/s, allowing users to handle massive media libraries and high-speed data access. It also supports up to three monitors for a customizable multi-screen setup suited for different tasks, and network support comes in the form of Wi-Fi 7 and dual 10Gb Ethernet.

RAID

The mini PC offers two USB 3.2 Gen 2 Type-A ports (one front, one back), two USB 3.2 Gen 2 Type-C ports (one front, one back), and four USB 4 ports in the back for high-speed data transfer, along with a 3.5mm combo audio jack, and SD card and microSD slots for additional storage flexibility.

Users can configure RAID setups and choose between performance-boosting or redundancy options for the dual OS drives. The DDR5 RAM enhances data transfer rates and power efficiency, while a convection cooling system keeps the system running quietly and efficiently.

Early supporters on Kickstarter can secure the Super Early Bird price of $799 (a $500 discount from the $1,299 retail price), which includes the Ryzen 9 processor, RTX 4060M graphics, 32GB DDR5 RAM, and a 1TB SSD with the 8-slot SSD bay. Additional SSDs can be added to expand storage capacity further.

At the time of writing, the project has received $133,928 in pledges from 125 backers, well over the $5,000 goal, with 19 days to go. As with any crowdfunding project, backers should be aware that delays or changes to the final product can occur, and there's always a risk that the project may face challenges in production or fulfillment, so be warned.

You might also like

• These are the best mobile workstations around today
• We've also rounded up the best business laptops you can buy right now
• This is probably the most powerful mini PC you can get for under $800

Snag yourself or your gaming buddy a new PS5 console this holiday season for a super low price of just $380.

Frontier Fiber covers much of Clarksburg with its fast internet service. But if you prefer another broadband provider, look to Spectrum or T-Mobile for reasonable speed and prices.

With hacking and data theft becoming common, it's important to keep all your most precious documents, photos and videos safe in one of the best cloud storage services available.

My loved ones would be sorely disappointed if I took ChatGPT's suggestions.

In what would appear to be the beginning of the implementation of VPN-restricting legislation in Pakistan, many residents have reported issues accessing their VPN services. On Sunday, November 9, 2024, people in Pakistan lamented issues using the best VPN apps. After the initial silence, authorities later confirmed to local publications that this wave of restrictions was due to a "brief technical glitch" – VPNs returned working as usual by the end of the day – while reiterating the need for VPN providers to register their services in the country to avoid further disruptions.

The Pakistan Tele­communication Authority (PTA) announced plans to regulate the use of VPNs in August. The new legislation would aim to curb VPN misuse and security risks. Authorities deemed unregistered VPNs a "security risk" for Pakistan as they can be used to access "sensitive data."

Data from Proton VPN shows a huge spike in usage of the VPN service after other providers began experiencing issues. (Image credit: Proton)

Proton VPN has since confirmed to TechRadar a spike in usage of over 350% above normal traffic following the reported VPN outages and connectivity issues (see graph above).

Virtual private network (VPN) services have become a crucial resource for day-to-day activities for many Pakistanis in 2024 thanks to their IP-spoofing capabilities which grant them access to otherwise geo-restricted content.

Authorities have enforced a strict grip on the internet throughout the year. Most notably, people in Pakistan haven't been able to access X (formerly known as Twitter) without a VPN since February, with VPN usage being often a target. Experts also believe that such an increase in censorship is the main cause of the decline of the country's internet.

Are VPNs illegal in Pakistan?

While Pakistan is regulating the use of VPNs, these services are not illegal or completely banned.

As Dawn reported, VPN usage is permitted in Pakistan for legitimate purposes across various sectors, such as banking, foreign missions, corporate enterprises, universities, IT companies, call centers, and freelance professionals.

Authorities are urging companies operating in the aforementioned sectors to complete the VPN registration with PTA as soon as possible. Failing to do that could mean further service interruptions in the future. At the time of writing, over 20,000 VPN IP addresses have been already registered in Pakistan since 2020, according to authorities.

(Image credit: Future)

While the VPNs affected by Sunday throttling returned to work as normal by the end of the day, there's a bitter irony in considering that this "technical glitch" occurred just a few days after Pakistan's Prime Minister shared a post on X – a platform that has had disrupted access in the country since February – to congratulate US President-elected Donald Trump.

If you are based in Pakistan, or planning to visit the country soon, I recommend checking out our best free VPN page to download as many of the most secure freebies out there. Having more than a VPN app could be beneficial in these instances as you can hop between services in case one gets blocked.

Tor browser is another valid alternative. Completely free to use, Tor is supposed to be even more secure than VPNs as it encrypts your connection in at least three layers of protection. Beware that this extra encryption might slow down your performance a little.

It's been a busy month for the best streaming services: this time of year is when we start to stay in and stream more, and to cater for that there are tons of new things to watch on all the major streamers. Prime Video and Max have added loads of new stuff this month – but if like us you're saving your pennies for Black Friday deals and the holidays, subscribing to all the streamers isn't really an option. So, which service should go this month?

Amazon's streaming service has been particularly busy on the movies front, with over 200 new titles coming to Prime Video this month. Max has been busy too, but Max's November 2024 schedule is much more focused on TV shows: it's got just over two dozen new movies to Prime Video's 200. There are some crackers in there – Goodfellas, Elf, Unforgiven and three Jurassic Parks, for example – but Prime Video clearly has the movie magic this month.

Here are five Prime Video movies that more than justify this month's subscription.

Carrie (streaming now)

Carrie is one of the best horror movies ever made. One of Stephen King's best books, one of Brian DePalma's best movies and one of Sissy Spacek's best performances combined in the original 1976 movie, a stone cold horror classic about a tormented girl and her terrible revenge. The 2013 remake is available to stream on Prime Video too, but the original is much better: the sequel barely cracked 51% on the Rotten Tomatoes tomatometer, whereas the original has a well deserved 94%.

As The New Yorker's legendary critic Pauline Kael put it, the film is "a terrifyingly lyrical thriller... Brian DePalma has mastered a teasing style – a perverse mixture of comedy and horror and tension, like that of Hitchcock or Polanski, but with a lulling sensuousness. He builds our apprehensions languorously, softening us for the kill."

Good Will Hunting (streaming now)

Good Will Hunting stars Matt Damon as a young, headstrong kid and Robin Williams as the professor who takes him under his wing. So far so predictable. But the performances here are something special, with Williams in particular bringing a depth and a darkness that isn't always there in his other twinkly-eyed roles (and if you want to see an even darker side of him, his performance alongside Ed Norton in Death to Smoochy, is incredible too. That's a rental right now).

This film is beloved for good reasons: as RogerEbert.com put it, it's "lyrically directed, efficiently written, side-splittingly funny, quietly devastating." I love Vice's review, which says that "It's a movie that captures (in a way that perhaps an older screenwriter could not convey) the limitless possibilities of youth, a movie in which a character can tell another, without cynicism, 'You could do anything you want. You are bound by nothing.'"

Jacob's Ladder (streaming now)

I've seen many terrifying things on my TV. Slasher movies. Gratuitous gore. Paw Patrol. But nothing has given me nightmares like Jacob's Ladder. Forget the remake: Prime Video has the 1990 original, where Tim Robbins delivers an incredibly unsettling performance as a veteran experiencing horrors at home. Amazon's three-word summary – "cerebral / emotional / frightening" – doesn't do it justice; this is a film that had me variously sobbing and hiding behind the sofa, and it's no less powerful today.

Here's the Seattle Times: "For hours and days after you've seen it, you'll still be putting it together in your head. While all of it is gripping, it doesn't come together until the final scene, which is jolting, transcendent, unexpected yet inevitable." There's a speech by one of the characters, Louis (Danny Aiello), that'll stay in your head for years.

The LEGO Movie (streaming now)

As a parent, I'm used to enduring cynical cash-ins spun off from big-selling toy brands. But long before Barbie, The LEGO Movie showed just what you can do with a big heart as well as a big brand. In The LEGO Movie, everything really is awesome.

Writing on io9, Charlie Jane Anders explains: "The Lego Movie is both a perfect satire of noisy toy-driven summer action movies, and also an absolutely perfect summer movie in its own right." Alternative Lens called it "an instant animated classic". And as Katey Rich of Vanity Fair wrote in a pre-Barbie age, "It's one of the few movies based on a toy with no explicit story behind it. And it is, so far, the only one that's really good."

Coraline (streaming from 24 November)

Writer Neil Gaiman has been credibly accused of abusive behavior, which has tarnished the work he's been involved in – even though that work has typically been the product of talented teams, not just Gaiman. Henry Selick's adaptation of his book is an absolutely beautiful and sometimes utterly terrifying classic, and it's one of the greatest stop-motion movies of all time. If you didn't catch the 15th anniversary re-release in theaters this year then this will be an absolute treat: it's visually breathtaking, utterly thrilling and surprisingly scary for what's officially a kids' movie.

As Empire says, it's a true horror movie: "Terrifying and beautiful, believable and fantastical, this is one of the best children’s films in years and Selick’s finest — better even than The Nightmare Before Christmas."

You might also like

• I'm canceling Prime Video for Apple TV Plus this month
• I'd drop Hulu for Netflix in November 2024 – here's why
• I’m cutting my TV streaming bills by 75% with subscription hopping

Amazon is bringing this portable Jackery power station down to a record-low price.

• Some firms had their Windows Server unexpectedly upgraded to new 2025 version
• Microsoft blames third-party tools after widespread issues reported
• Some are claiming there was a bug on Microsoft's side

Microsoft's recent launch of Windows Server 2025 appears to still be causing aftershocks after many companies said they were automatically upgraded to the new software.

Multiple Windows Server 2019 and 2022 systems were reportedly unexpectedly upgraded to Windows Server 2025 overnight, and Microsoft and third-party patch management service providers are now shifting blame amongst themselves.

The bug now finally appears to be fixed, but Microsoft is yet to explain to its customers how the upgrade can be rolled back.

Procedural error

"Some devices upgraded automatically to Windows Server 2025 (KB5044284). This was observed in environments that use third-party products to manage the update of clients and servers," Microsoft explained. "Please verify whether third-party update software in your environment is configured not to deploy feature updates. This scenario has been mitigated."

In other words, it’s not Microsoft - it’s you. The company also added the update had the "DeploymentAction=OptionalInstallation" tag, which patch management tools should read as being an optional, rather than recommended update.

Upgrading to a brand new operating system comes with many questions and risks, and in this case, some companies didn’t even have the necessary license.

Microsoft didn’t name any names, but BleepingComputer found many of Heimdal’s clients were affected by the issue. The company blamed the bug on a “procedural error on Microsoft’s side, both with the speed of release and the classification.” In total, 7% of its customers received the unwanted upgrade. At press time, there were no details on how to roll the update back.

KB5044284 is a cumulative update, part of Microsoft’s Patch Tuesday effort, and Windows Server 2025 was supposed to be an optional update.

This optional update is, in fact, the latest release in Microsoft's Windows Server lineup, introducing several advanced features designed to improve security, performance, and hybrid cloud capabilities. Notable features include hotpatching, enhanced storage and GPU support, and stronger AI and machine learning capabilities.

You might also like

• Amazon confirms employee data stolen after third-party MOVEit breach
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now

This basic wired model supports live alerts, two-way audio and is on sale for just $60 right now.

• Netflix and Riot Games have finally released the first episode of Arcane season 2's official after show
• Afterglow will reveal key insights into the hit animated series' second and final season
• Episode 1, which is out now on YouTube, covers the show's first three chapters

Full spoilers follow for Arcane season 2 act 1.

Are you desperate to fill the week-long gap between the multi-episodic releases of Arcane season 2? I can't imagine you've answered anything but an emphatic "yes" to that question.

Well, as the excruciating wait for the next batch of episodes to drop on Netflix goes on, the streaming titan has delivered some new Arcane content for you to consume. An official after show, titled Afterglow, has just debuted on YouTube – indeed, episode 1 is available to stream today (November 12) on YouTube and it provides a peak behind the curtain on some of this season's most important and emotionally stunning moments, as well as season 2 act 1's explosive ending.

Clocking in at just over 12 minutes, the behind-the-scenes look at one of the best Netflix shows' second season is hosted by Hailee Steinfeld and Ella Purnell, who Arcane fans will recognize as sisters Vi and Jinx, aka the series' deuteragonists. For anyone unfamiliar with the actors or the characters they play – why would you be reading this if you weren't? – you can learn more in my Arcane season 2 cast and character guide.

But I digress. Episode 1 sees the stars joined by co-creator Christian Linke in a real-world recreation of The Last Drop, the famous drinking establishment that sits in the center of the undercity known of Zaun. As part of Afterglow's premiere, the trio run through some of episode 1 through 3's biggest moments, including discussions surrounding Jinx and Sevika's burgeoning friendship, the breakdown of Jayce and Viktor's partnership, Ambessa's motivations, and that huge season 2 scene involving Caitlyn and Vi – a scenario Link exclusively told TechRadar that the creative team "couldn't have done" in season 1.

EVERYONE SHUT UP IT'S THE CAITVI KISS pic.twitter.com/CcsESTL63mNovember 10, 2024

"The fans have been waiting for this," Steinfeld said of Caitlyn and Vi's long overdue kiss. "More importantly, [we knew] that Vi and Caitlyn were going to get this moment. We know that they see and understand each other, and they want that intimacy. But, it's very difficult for them to have, given the circumstances they're in.

"The dialog before that [kiss] says it all," Steinfeld continued. "Vi's in a place where she's lost everything she's ever been seen by, or been close to. The only way she has any of it left is through Caitlyn, and she's now asking a lot of her [Caitlyn] and to not change, given what she [Caitlyn] is now going through. I think it unlocks this newfound vulnerability [in Vi]... there's such a pay off of 'we are in that moment'. It's not just another kiss. It's a really beautiful scene that means a lot."

"So many people around her have changed," Linke added. "She's also seen Caitlyn, like, suddenly become this dogged leader, so I think Vi is really scared to commit because she's lost people so often. Is Caitlyn going to be another one for her [to lose]? So, it's a really fragile moment for Vi, because she's such a powerhouse."

Alongside other intriguing conversational points, Afterglow episode 1 also gives fans a glimpse at what's to come in season 2's next three episodes. Having seen episodes 4 through 6 – read my Arcane season 2 review for more teases about what's on the way – let me say that nobody is prepared for how epic and emotionally devastating season 2 act 2 will be. Make sure you have a box of tissues handy, everyone, because they made me cry more than once (yeah, I'm not afraid to admit it!).

With two more parts comprising three entries apiece, there'll be more Afterglow episodes coming soon, too. Another behind-the-scenes look at the League of Legends TV adaptation will be released on Tuesday, November 19, and it'll cover chapters 4 to 6. Afterglow episode 3 will debut a week later on November 26, with that installment examining what happens in the series' final three episodes.

In the meantime, read more of my coverage on Arcane season 2 below – and check back in with TechRadar this weekend (November 16 and 17) for even more from my exclusive chat with Linke and co-showrunner Alex Yee.

You might also like

• After Arcane season 1 ended on a stunning cliff hanger, its creators say it was 'always the plan' for those characters to die in the season 2 premiere
• 'That was never the plan': Arcane creators dismiss claims that the hit Netflix show was going to run for five seasons
• 8 huge questions I need Arcane season 2 to answer before the highly-rated Netflix show ends

Watch out for these holiday gift card scams, including one that can leave you with an empty card.

• Researchers spotted a brand new Ymir ransomware
• This new strain teamed up with a group deploying infostealers
• There is a chance that the entire operation was done by a single actor

Two hacking groups have been recently observed working together to infect a victim - one to establish initial persistence and steal information, and one to encrypt the systems and demand a ransomware payment.

Researchers from Kaspersky recently investigated one such incident in Colombia, where the unnamed company first got infected by RustyStealer, an infostealing malware capable of grabbing login credentials, sensitive files, and more.

This part of the attack was likely conducted by one set of criminals who, once their part was done, handed the access over to a second group.

Single actor?

The second group first made sure its encryptor doesn’t trigger any antivirus or antimalware alarms. To that end, they installed different tools, such as Process Hacker and AdvancedIP Scanner. “Eventually, after reducing system security, the adversary ran Ymir to achieve their goals,” the researchers conclude.

Ymir is the name of both the encryptor and the threat actor behind it, and is also a relatively new entrant in the ransomware space. The malware is quite unique, too, in that it operates entirely from memory, taking advantage of different functions such as ‘malloc’, ‘memove’, and ‘memcmp’ to prevent being detected.

While teamwork is not a foreign word in the world of cybercrime, there is also a slight possibility that this entire operation was done by a single actor. In that case, it would mark an entirely different approach to ransomware attacks, and possibly a notable shift in how ransomware attacks are conducted.

"If the brokers are indeed the same actors who deployed the ransomware, this could signal a new trend, creating additional hijacking options without relying on traditional Ransomware-as-a-Service (RaaS) groups," Kaspersky researcher Cristian Souza said.

In any case, it is possible that Ymir will grow into a formidable threat actor, infecting more companies in the months to come.

Via The Hacker News

You might also like

• Halliburton hit by cyberattack disrupting operations
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now

No waitlist needed.

Our list of the top home equity loan lenders can help you find the best interest rate and terms on your future loan.

CISOs face the always challenging task of ensuring their cybersecurity investments yield maximum returns. With limited budgets, an influx of new security tools, complex third-party relationships, and ever-changing regulatory requirements, it’s essential to adopt best practices that optimize security spending while effectively mitigating risks.

To help CISOs get the most out of their cybersecurity investments, it's essential they can focus on maximizing upfront spending, prioritizing risks, and establishing clear communication with the board. Having the right security capabilities can ease this process. By putting cybersecurity at the center of business operations, CISOs can serve as the point of connection between both.

Maximize upfront security investments

One of the foundational steps to maximizing cybersecurity ROI is to leverage an integrated security approach by consolidating multiple security tools into an integrated framework. This not only reduces the complexity of managing disparate tools but also enhances the efficiency of security operations. For example, adopting an integrated security platform can streamline monitoring, detection, and response processes, providing a comprehensive view of the threat landscape and supporting faster mitigations and incident resolutions.

As one example, Application Security Posture Management (ASPM) platforms are a key way to maximize cybersecurity ROI across Product and Software security as they streamline security processes, providing comprehensive visibility across applications and security gaps. ASPM platforms help organizations break down security silos, facilitating a unified approach to threat detection, risk management, and compliance.

In addition, tools that help with automation play a critical role in maximizing the value of security investments. Automated systems can offer continuous monitoring and real-time threat detection, capabilities that human teams alone cannot sustain. By handling routine tasks such as log analysis, compliance reporting, and initial threat triage, automation frees up time for security teams to focus on strategic activities. This not only enhances operational efficiency but also reduces the risk of human error and fatigue. The level of automation is critical; it must optimize operations without introducing new complexities or risks.

Address the highest risks first

Prioritizing risks is crucial for achieving the highest ROI from security investments. Given the sheer volume of potential threats, organizations must focus on the most impactful vulnerabilities first. Advanced analytics and AI can provide clear, actionable insights, allowing security teams to identify and address the highest risks first.

One practical approach is to use threat intelligence to inform risk management strategies. Threat intelligence involves collecting and analyzing data on current threats, including indicators of compromise (IoCs), tactics, techniques, and procedures (TTPs) of threat actors, and profiles of cybercriminal groups. This information enables organizations to anticipate and mitigate threats proactively, reducing the likelihood of successful attacks and minimizing potential damage.

In reviewing the ideal approach to application security and ASPM, it is crucial to adopt a three-dimensional perspective on threat management. First, organizations should consider the severity of potential vulnerabilities (CVEs), ensuring to prioritize those that pose the greatest risk. Second, it is vital to assess whether these vulnerabilities are being actively exploited, which adds urgency to remediation efforts. Finally, security responses must be aligned to the unique business context of each threat and its potential damage. This nuanced understanding helps to assess and prioritize the risks that matter most to each organization while saving time and resources by avoiding taking unnecessary actions.

As a part of that final step, conducting regular security audits can also help identify and prioritize vulnerabilities. Audits involve comprehensive evaluations of an organization’s cybersecurity policies, procedures, and systems to ensure they are effective and compliant with regulatory requirements. Key elements of a security audit include risk assessments, policy reviews, penetration testing, and vulnerability scans. These activities provide a roadmap for enhancing an organization’s security posture and addressing critical risks.

Enhance communication with the board

Effective communication with the board is essential for aligning cybersecurity initiatives with broader business goals. CISOs must translate complex security data into easy-to-understand metrics and visualizations that highlight the value of a security investment. This involves identifying key performance indicators (KPIs) that resonate with board members and demonstrate how cybersecurity efforts contribute to an organization’s overall success and risk management posture.

One strategy is to present metrics that reflect the financial impact of security measures, such as more seamless product rollouts, heightened customer experiences from frictionless access, above and beyond cost savings from avoided breaches or other efficiencies gained through automation. Additionally, highlighting how security initiatives support compliance with regulatory requirements can underscore the importance of an organization’s legal and financial standing.

Using storytelling techniques can also enhance board communication. By framing security updates within the context of real-world incidents and potential business impacts, CISOs can make the information more relatable and compelling. This approach helps board members understand the significance of cybersecurity and the need for ongoing investments in this area.

Bridging future security and business goals

To truly maximize the ROI of cybersecurity investments, organizations must adopt a forward-looking approach that anticipates future threats and business needs. This means investing in technologies that provide scalability and flexibility—comprehensive solutions that take into account cloud-based security and AI-driven threat detection systems, which can adapt to changing business environments and evolving threats.

The path to maximizing cybersecurity returns takes ongoing focus. It demands a dedication to integrating state-of-the-art technology, fine-tuning risk management strategies, and improving communication with key stakeholders. By taking these steps, organizations will feel empowered to safeguard their assets and bolster their business growth—and resilience—for the years to come. Looking ahead, it’s no mystery that the need to unify security approaches with business goals will grow even more important, placing the CISO role at the center of business success.

We've featured the best encryption software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Netflix has renewed America's Sweethearts: Dallas Cowboys Cheerleaders
• It reached the Netflix global top 10 list and has 100% on Rotten Tomatoes
• Season 2 will follow the Dallas Cowboys Cheerleaders through the 2024-25 season

Netflix has renewed one of my favorite docuseries America’s Sweethearts: Dallas Cowboys Cheerleaders for a second season, so BRB, just going to blast their pre-game routine song (Thunderstruck by ACDC) through my speakers right now.

America's Sweethearts: Dallas Cowboys Cheerleaders spent four weeks in the Netflix global top 10 list when it was released in June and earned a stellar 100% Rotten Tomatoes score, making it one of the best Netflix shows.

The best streaming service announced that the DC cheerleaders would be back for more sass and splits in 2025 with a video of the squad performing a cheer routine in their iconic blue and white uniforms.

DCC SEASON TWO WOO! The cheerleaders and the routine that captivated the world are coming back for Season 2! AMERICA’S SWEETHEARTS: Dallas Cowboys Cheerleaders returns in 2025. pic.twitter.com/H2DqDyn2DiNovember 11, 2024

What can we expect in America's Sweethearts: Dallas Cowboys Cheerleaders season 2?

Netflix Tudum has revealed that America’s Sweethearts: Dallas Cowboys Cheerleaders season 2 "will chronicle the Dallas Cowboys Cheerleaders from nerve-wracking auditions and grueling training camp all the way through the high-energy NFL 2024–25 season".

If it's anything like season 1, we can expect high kicks and high emotions as the cheerleaders navigate their careers and personal lives while committing themselves to the cheerleading squad. It looks like we'll be seeing some of our fan-favorites return for season 2 and we could potentially see some former faces come back and audition once again to become a member of the team.

While America’s Sweethearts: Dallas Cowboys Cheerleaders delves into the competitive world of the legendary cheerleading team, it also exposes the young womens' struggles and emotional battles as they fight for their dream of securing a coveted spot on the squad.

The best Netflix documentary left me amazed at the utter dedication, physical stamina and technical skills needed to become a DC cheerleader. Having to learn 50 routines while juggling a personal and professional life is definitely something I would struggle with, but that's just a regular day for the Dallas Cowboys Cheerleaders. Bring on 2025!

You might also like

• Arcane season 2 finally gave us the huge Caitlyn and Vi moment we've been waiting for
• Virgin River season 7 will start filming in 2025 and I can’t wait for the Netflix show to return
• Scavengers Reign co-creator says the hit Netflix show with 100% Rotten Tomatoes has been canceled and fans are heartbroken

In today's digital age, it's becoming more common to hear phrases like "Our systems are down," whether you're at a school, doctor's office, or company office. This isn't just a technical glitch, it's often a symptom of the rising wave of cyberattacks, particularly ransomware. These disruptions aren't just inconvenient. They can lead to significant financial and operational losses. Despite efforts by government regulators to address these concerns, ransomware attacks are becoming more sophisticated, especially as attackers leverage artificial intelligence to amplify their tactics.

To better gauge the fallout of these attacks, we surveyed 500 senior cybersecurity professionals across the UK and found that 83% of organizations had experienced ransomware attacks in the last year, with 46% reporting four or more incidents. Furthermore, 61% of businesses affected by ransomware reported being offline for at least 24 hours. For large enterprises, this level of downtime can translate to losses in the millions of pounds.

The data underscores the urgency of addressing these threats with more effective, comprehensive cybersecurity strategies.

ERP systems are a blind spot

One of the most concerning findings from the research is the vulnerability of enterprise resource planning (ERP) software to ransomware attacks. ERP systems are critical to modern business operations, managing everything from financial data and human resources to supply chains and customer relationships. Unfortunately, 89% of organizations that experienced ransomware attacks reported that their ERP systems were targeted. Given that ERP systems house a company’s most sensitive and essential data, this vulnerability represents a significant blind spot in many organizations' cybersecurity defenses.

The challenge is compounded by the fact that ERP systems are often managed separately from other IT infrastructure, which can lead to gaps in protection. Cybersecurity teams may focus on securing a broader network, while ERP administrators concentrate on ensuring system performance and uptime. This lack of coordination can create vulnerabilities that cybercriminals are eager to exploit

AI multiplies attack impact

As ransomware becomes more prevalent, attackers are increasingly leveraging AI to enhance the sophistication of their attacks. AI allows cybercriminals to automate and scale their operations, targeting specific systems like ERP with precision. For example, cybercriminal organizations are using AI-driven phishing tactics to target high-level government officials and businesses to bypass traditional defenses, using cloud platforms such as Dropbox and Google Drive to deliver malicious payloads.

The use of AI in cyberattacks also opens the door to more complex manipulations, including the creation of deepfakes and highly personalized phishing emails. These tactics deceive even experienced cybersecurity professionals, highlighting the need for more advanced defensive measures. The traditional approaches to cybersecurity, which often focus on perimeter defenses, access controls, and identity management, are no longer sufficient.

Businesses investing in new solutions

Survey data indicates that just over half of companies are enhancing their security postures: 57% are investing in new solutions, 54% are prioritizing employee training, 53% have added more cybersecurity staff internally, and around 36% have hired external threat research firms. While these measures represent a positive shift, they are only part of the solution. To fully address the growing complexity of cyberattacks, companies must move beyond general cybersecurity measures and incorporate ERP-specific threat detection and response into their broader strategies.

Traditionally, many organizations have viewed ERP security as secondary to more visible components like network or endpoint security. This mindset needs to evolve. ERP systems are built on top of very complex technology, that if not managed properly can be just as vulnerable, if not more, than other components of the IT landscape, due to the sensitive nature of the data these business critical applications store. Continuous monitoring for vulnerabilities is essential, as is the use of AI-driven tools to detect suspicious behaviors before they escalate into more severe threats. A comprehensive ERP security strategy must also include advanced threat intelligence to stay informed of emerging risks and respond to them swiftly.

A critical aspect of defending ERP systems involves better alignment between cybersecurity teams and ERP administrators. These groups must collaborate closely to identify and close security gaps that attackers often exploit. Given the integral role ERP systems play in a company's overall operations, ensuring that these two teams work together to monitor and defend these systems is vital for minimizing risks and preventing potential breaches.

The path forward: Using AI to fight AI

As the threat landscape evolves, solution providers in the cybersecurity space are offering increasingly advanced AI-driven tools that can help organizations safeguard their ERP systems. These tools can automate the detection of vulnerabilities, offer real-time threat intelligence, and provide pre-emptive patching solutions. Additionally, AI-enabled security solutions can help organizations detect patterns and behaviors that indicate cyberattack, allowing them to respond more quickly and effectively. This is particularly important in ERP environments, where a delay in response could lead to massive operational downtime and data loss.

While technology will undoubtedly play a key role in defending against AI-enhanced ransomware, it’s equally important for organizations to foster a culture of cybersecurity awareness. Employees should be trained to recognize the signs of phishing and social engineering attacks, as many ransomware incidents begin with seemingly innocuous emails or links. By combining advanced technological solutions with continuous employee education, organizations can better protect themselves from evolving threats.

Looking ahead, AI will play a dual role in cybersecurity, both as a tool for cybercriminals and as a key part of the defense strategy. To protect critical systems and sensitive data, businesses must adopt advanced, multi-layered security solutions that can detect, prevent, and respond to AI-enhanced threats. By taking a proactive approach, organizations can not only safeguard their operations but also ensure long-term resilience in an increasingly hostile cyber environment.

We've featured the best business VPN.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro