TechRadar News

• RTX 5070 Ti could have 16GB of VRAM and use 350W of power
• It may run with the same GPU as the RTX 5080, as previously rumored
• Also it might be released before the vanilla RTX 5070, very early next year

Nvidia’s RTX 5070 Ti is the subject of a new leak sharing a bunch of juicy details about the GPU – including the fact that this graphics card is supposedly set to arrive before the vanilla edition of the RTX 5070.

Wccftech has spoken to sources who’ve outlined some fresh specs for the purported RTX 5070 Ti, as well as confirming some of the info divulged by previous leaks (as ever, keep shovelfuls of skepticism on hand).

We’re told that past rumors of the RTX 5070 Ti are correct in asserting that it’ll use the GB203 chip, the same GPU as in the RTX 5080, but obviously it will be a cut-down version. (In theory, GB203-300, with 8,960 CUDA cores, as opposed to the full loadout on GB203-400 with the RTX 5080).

We didn’t hear anything about the VRAM configuration in the last rumor dump, but Wccftech’s sources believe the RTX 5070 Ti will sport 16GB of GDDR7 with a 256-bit memory bus. The video RAM will be 28Gbps giving a total memory bandwidth of 896GB/s, closing in on that 1TB/s mark, which is pretty impressive.

Apparently, power usage will run at 350W, which is 50W more than previously believed. There’s a twist here, though, as leaker Kopite7kimi has chipped in on X to note that the “latest data shows 285W” – while admitting that 350W is one of the possible configurations. In other words, this isn’t yet decided, which is certainly plausible.

Finally, Nvidia is theoretically going to launch this RTX 5070 Ti as the third Blackwell GeForce graphics card, after the RTX 5090 and 5080 – meaning it’ll actually arrive ahead of the RTX 5070 itself.

(Image credit: Future) Analysis: A chip off big brother's block

It’s a bit odd for a Ti version (or a Super, if that’s what it turns out to be) to arrive before the vanilla flavor of a graphics card, although it has happened before occasionally.

Sometimes this might be related to manufacturing nuances and chip yields, and with the RTX 5070 supposedly using that same GB203 GPU as the RTX 5080, that tracks in this respect. (The RTX 5070 is theoretically a different chip entirely, GB205). At any rate, at this point, Nvidia wouldn’t surprise me if it delivered a Ti Super off the bat…

Speculation about current launch plans has the RTX 5090 and 5080 turning up at CES 2025, and the RTX 5070 – or this 5070 Ti, as is the argument here – arriving perhaps at CES as well, or a bit later in January.

Wccftech also claims that Nvidia is going to launch all its next-gen Blackwell graphics cards in the first half of 2025, and most of them in Q1. So that’d suggest a quick follow-up for the 5070 (or Ti, whichever doesn’t come out in January), and the RTX 5060 debuting perhaps a lot sooner than expected (seeing as the rumors around that have been much scarcer – suggesting it’s still a fair way down the line).

It’s possible that Nvidia fears what AMD might bring out in the way of lower-mid-range GPUs with RDNA 4, and could’ve made a decision to push the RTX 5060 through faster in anticipation of competing better in that space.

Release timings aside, the specs of the RTX 5070 Ti are making me wonder if this might be the new GPU for me. That memory bandwidth of almost 900GB/s is a third faster than the current top dog of the RTX 4070 spins, the RTX 4070 Ti Super.

On the other hand, power usage creeping up isn’t so great, of course – the RTX 4070 Ti Super chugs 285W, so 350W is a fair old step up from that. If it happens, of course, because as noted above, Nvidia could still be sticking with 285W. Team Green is likely still working out the efficiency to performance balancing act – and pricing will be key here, too, as ever.

I really hope that Nvidia can keep some semblance of a lid on that price tag, as if so, there’s a strong possibility that this will be my big GPU upgrade in the New Year. (Something I’ll be writing a feature about very soon, as I’ve got a very specific reason for this graphics card upgrade – so stay tuned).

You might also like

• Black Friday graphics card deals 2024: our choice picks right now
• Nvidia’s RTX 5090 now rumored to have superfast clock speeds – as well as being super-slim – could this GPU be too good to be true?
• Best PC games: must-play titles you don't want to miss

• Apple’s secret foldable iPad won’t launch until 2028, a report alleges
• The company wants to eliminate the crease in its foldable’s display
• Apple could also be developing a folding iPhone for a 2026 release

The Apple Vision Pro headset only launched a year and a half ago, but Apple is already looking for its next big thing. And according to a new report, it might have found it in the form of a giant foldable device that's the size of two iPad Pros sitting side-by-side.

That’s the latest rumor from Bloomberg reporter Mark Gurman’s Power On newsletter, and it sheds light on Apple’s potential plans to enter – and, it hopes, dominate – the foldable market over the next few years.

According to Gurman, Apple is working to ensure that the foldable iPad does not have the crease down the center that has bedeviled other foldable devices. Apple’s secret efforts have resulted in a device that has a “nearly invisible crease” when opened up, Gurman says, although it’s “too early to tell if Apple can get rid of it altogether.”

Gurman believes this device will launch “around 2028,” which is later than the 2026 date predicted by analyst Jeff Pu. It could have a screen size of around 18-20 inches when unfolded, Gurman says, yet it is expected to be small enough to fit into a backpack when not in use.

And it’s not the only foldable Apple has up its sleeve, with the company also working on a folding iPhone. But before you get too excited, this isn’t expected to launch before 2026 at the earliest.

An iPad-Mac hybrid?

(Image credit: Shutterstock)

Over the past few years, Samsung, OnePlus and Google have released their own foldable devices to varying degrees of success. But the majority of the best foldable phones either comprise two separate screens with a large hinge in the middle, or have a single display that exhibits a deep seam in the center.

Apple seemingly wants to avoid both of those scenarios, instead launching a foldable that’s made up of a one screen with no apparent hinge or seam. And, given the company’s culture of attempting to be best rather than first, Apple is clearly happy to take its time and perfect its product rather than rushing to market with something substandard. Yet it also means that you’ve got a long wait ahead if you want to get your hands on Apple’s first foldable iPad.

Interestingly, Gurman states that the foldable iPad will blend elements of iPadOS and macOS, although it will not be a “true iPad-Mac hybrid.” This is because iPadOS will likely be “advanced enough to run macOS apps” by the time the foldable launches, Gurman says, but will also support traditional iPad accessories like the Apple Pencil.

Even though this device could be the closest Apple has ever come to merging the Mac and the iPad, in a way it demonstrates why Apple has never actually made this move.

A combo product like this will be incredibly niche and most people likely don’t need a single device that combines elements of the two systems. Ultimately, Apple wants you to buy both an iPad and a Mac, rather than losing one sale in the form of a dual-purpose device.

Still, iPad-Mac hybrid or not, it’s clear that this foldable tablet has the potential to be a memorable “one more thing” moment for Apple. Now the company just has to hope it proves more popular than the Vision Pro.

You might also like

• Foldable iPhone: latest rumors, news and everything we know so far
• Don't expect a foldable iPad anytime soon as new rumors point to delays
• A foldable iPad will likely land before a foldable iPhone

• 74% of parents are confident in school's cybersecurity measures
• But only 14% of schools provide mandatory cybersecurity training
• Cyberattacks are financially impacting schools, parents, and students

New research from Keeper Security highlights a worrying gap in the perception and reality of cybersecurity practices and teachings in schools across the world.

It found parents are overwhelmingly (74%) confident in their child’s school’s cybersecurity measures, but despite this, many schools are falling short of providing robust security education, with only 14% providing mandatory security awareness training, and 13% offering it optionally.

As a new generation of children inevitably enter online spaces, ensuring their information is safe whilst doing so should be something that we drill into them, but only 12% of students have access to dedicated cybersecurity resources.

Schools at risk

Interestingly, only 7% of parents report their child’s institution has been hacked, but research released earlier this year found 71% of UK secondary schools and 52% of primary schools identified breaches in the past year alone - so unless the UK is a particular outlier, there seems to be a worrying trend of overconfidence amongst parents.

Of the 7% which reported breaches, 32% suffered data theft as a result, as well as 16% having financial implications for the school, and even 14% financially impacting students or staff, proving just how serious a cybersecurity incident can be.

Cyberattacks on educational institutions can have devastating consequences, often facing huge pressure to continue to operate despite breaches, with many forced to pay huge ransoms despite their tight budgets.

“Schools play a pivotal role in educating and protecting students, but there is still a significant shortfall in cybersecurity readiness that must be addressed,” said Darren Guccione, CEO and Co-founder at Keeper Security.

“As digital tools increasingly become embedded in education, schools must prioritize cybersecurity education and provide resources to enable students to protect themselves from evolving online threats.”

You might also like

• Take a look at our pick of the best antivirus software around
• Schools and universities are paying higher ransomware demands
• Check out our choices for best malware removal software

• Only one in three workers are confident in spotting cyber threats
• Many have experienced scams, fraud, phishing and deepfakes
• Workers aren’t getting the training they need to stay safe

Following the release of new information from Ofcom surrounding artificial intelligence and deepfakes, new research from Shark UK has revealed how this could be putting Britain’s small and medium businesses at increased risk of cyber threats.

The study found 86% of workers in UK SMBs are increasingly concerned about cyber breaches, but only a third say they’re confident in spotting such threats.

Sharp also found some workers believe their company does not take cybersecurity seriously enough.

AI and deepfakes are escalating cyberthreats

Nearly two in three (63%) workers believe they would be unable to spot a cybersecurity issue, despite increased concern compared with last year. Almost one-third are more worried this year than last that making a mistake at work could make them vulnerable to an attack.

The prevalence of cybersecurity attacks, aided by artificial intelligence which has made writing malicious code more accessible to lower-skilled attackers, has seen a rise in attacks on both businesses and individuals.

The Ofcom data reveals that one in three (34%) internet users have experienced scams, fraud and phishing, whereas even more (43%) have experienced a deepfake in the first half of 2024 alone.

Sharp UK Chief Operating Officer Mark Williams explained nine in 10 data breaches start with a phishing attack; he described workers as the “first line of defence.”

The company found that cybersecurity training from employers over the past two years has been minimal, with more than two in five (43%) workers not receiving any cybersecurity training in the past year.

Williams added: “It is the responsibility of SME leaders to implement a robust cybersecurity training programme which is provided and updated regularly. In doing so, they can maintain a high standard of security awareness across their workforce that can be regularly adapted according to needs.”

You might also like

• Protect your online footprint with the best VPNs
• Many companies have already faced an AI-based security alert
• Consider additional training by using one of the best online learning platforms

• Samsung's The Premiere 8K projector is the first to get 8K certification
• But you still can't actually buy it
• We're expecting it to finally launch at CES 2025

Samsung's The Premiere 8K projector has just achieved a world-first: it's the very first 8K certified projector.

It's not the only 8K projector; far from it. But it's the first one to get a gold star from the 8K Association, aka 8KA.

The 8KA is the industry association for, you've guessed it, 8K technology. It previously set the performance spec for 8K TVs at the beginning of the decade, and Samsung was one of the first firms whose TVs were certified as meeting that spec. And now it's happening again with projectors.

So what does that actually mean?

Why you should care about Samsung's specs appeal

The 8KA specifications have been agreed by the organisation's technical committees, and those committees feature representatives from across the TV and projector industry: Samsung, of course, but also TCL, Panasonic, Intel, MediaTek, Hisense and others.

The specifications are set out in six categories. As you'd expect, display resolution is at the top: an 8K projector needs to deliver 8K, which is 7,680 x 4,320 pixels.

The standards also require 8K upscaling for lower-res media, set out requirements for brightness, contrast and color gamut, include HDR and also mandate certain sound standards. We don't yet know the detail of these specifications but they'll apply to any product that requires certification.

Although The Premiere was unveiled at CES last year, you still can't actually buy it. We're expecting it to become available at CES 2025, which is in January, with a price tab believed to be around five figures.

You might also like

• Why aren't 8K TVs a big deal yet?
• I switched from a 65-inch TV to a 4K projector. The results surprised me
• All of our CES 2025 coverage

A few simple fridge organisation tweaks can make a huge difference not just to your cooking repertoire, but to your lifestyle too. They can help you make better and more interesting food choices, and they can also help reduce your stress levels when you're looking for something quick and easy to eat for you, your family or your friends.

It can also help the planet, and your pocket. That's because around 19% of all food in the world is thrown away uneaten. Across Europe, a significant portion of food waste comes from households—often because we buy too much or forget what’s tucked away in the fridge, hidden behind other items.

(Image credit: TCL)

Is it time for a fridge upgrade? For many kitchens the answer is an enthusiastic yes, because if your fridge is working efficiently, organised smartly and suits your specific needs it can reduce food waste, save you money and encourage you to eat better too. If opening your fridge is more of a pain than a pleasure, TCL have some really smart ideas for every kind of kitchen and every kind of cook.

The technology of tasty

When you choose a TCL fridge you're benefiting from the technology of tasty: cutting-edge tech that doesn't just keep your cucumbers cool but can also keep food fresher for longer and cut down on food waste too.

(Image credit: TCL)

Say hello to the TCL Free Built-In refrigerator. Designed with a 90° opening door and stable recessed hinges, ensuring easy access even when positioned against a wall. TCL's innovative bottom heat dissipation system minimises the required side clearance from 10 cm to just 1 cm by enabling heat exchange at the base. Furthermore, the 4th generation microporous foaming agent reduces the insulation layer's thickness by 10%, maximising internal storage capacity.

(Image credit: TCL)

The TCL Free Built-In refrigerator seamlessly combines style and functionality with an XL capacity, perfect for busy families and cooking enthusiasts. Its spacious design keeps fresh food within easy reach, while customizable compartments adapt effortlessly to your grocery needs, making organization simple. The large-capacity drawer for easy access to ingredients of all sizes. Its smooth slide-out design ensures clear visibility, keeping everything from small spices to large items neatly stored and easily accessible.

Whether hosting a gathering or managing everyday essentials, this fridge’s smart storage solutions keep your kitchen organized and your food fresh, making life more efficient and enjoyable.

(Image credit: TCL)

There are two key features that do that in the TCL Free Built-In refrigerator: T-Fresh, and T-Temp. Now in its fourth generation, T-Fresh is industry-leading sterilisation that delivers comprehensive protection, preventing the formulation of 99.99%* of the bacteria that can make your food lose its freshness and eliminating unwanted odours too.

T-Temp is just as useful. It enables you to easily adjust the temperature for different kinds of food, with adjustable temperature settings of -3°C, -1°C, and 4°C, ensuring optimal storage conditions for a variety of foods.

While T-Fresh and T-Temp are the stars here, there's another clever bit of tech inside TCL's fridges: Pure Air. That's a smart air circulation system that effectively maintains a fresh and odour-free environment within your freezer.

The Cleverest Combi

The TCL Combi Fridge is designed to simplify and improve your every day. With flexible storage options including a bottle rack and shelf, flexible balcony and impressively large storage space, the Combi Fridge adapts effortlessly to your specific needs whether you're storing large items or want access to frequently used ingredients – or both.

(Image credit: TCL)

Like its Built-In sibling, the TCL Combi Fridge has TCL's clever T-Temp technology to keep your food fresher for longer by regulating temperature and humidity levels. And it can help with your utility bills too thanks to its environmentally friendly inverter technology, which makes it the smart choice for eco-conscious homes. And with a 10-year warranty** on its compressor, it delivers peace of mind too.

How can TCL help bring more order to your kitchen?

(Image credit: TCL)

If your existing fridge seems to be taking up loads of room without delivering lots of storage space inside it, the TCL Free Built-In refrigerator series will be a breath of air that's as fresh as the food inside it. That's because the Free Built-In Fridge Series is a clever addition to any kitchen. They're designed to fit seamlessly into any space, enhancing your kitchen's aesthetic appeal while maximising space efficiency too. They're made to suit your specific kitchen, and that means they can go wherever suits you: against the wall, next to a cabinet or freestanding.

The TCL Free Built-In refrigerator features a sleek, integrated design that seamlessly fits into your cabinetry, elevating your kitchen's aesthetic while optimising space efficiency. Its flush, built-in appearance creates a cohesive and clutter-free look that’s both functional and stylish. Designed for versatility, the Free Built-In design adapts effortlessly to various kitchen layouts—whether placed against a wall, beside a cabinet, freestanding, or fully integrated.

That's not all. The fridge compartments are customisable, enabling you to keep everything organised and making it all incredibly easy to access. And the brilliant large-capacity drawer can accommodate every kind of ingredient while making it super-easy to find everything from small spices to giant joints.

The customizable design of TCL's Free Built-In refrigerator offers unmatched convenience and practicality. Its ample capacity and flexible compartments prevent the frustration of cramming a large shop into a small space, making it easier to see and access everything—no more forgotten ingredients lurking at the back. This same thoughtful design extends to the TCL Combi Fridge, which features customizable compartments, reversible glass shelves, versatile racking, and flexible door balconies, making organization effortless. Plus, its Humidity Side Crisper keeps produce crisp and fresh, ensuring your lettuce stays crunchy and ready to enjoy.

(Image credit: TCL)

Whether you fancy the freestanding Combi Fridge or would prefer the flexibility of the TCL Free Built-In refrigerator series, TCL delivers exceptional cooling, massive storage space and all kinds of clever features to make every day easier. Click here to find out more about the technology of tasty.

* 99.99% from BV report. Tested bacteria represented were Staphylococcus aureus and Escherichia coli.

***The inverter compressor's 10 years warranty need to be registered on TCL official website within 30 days of purchase.

Product models, capacities, and appearances are subject to the actual market availability in each region. For specific details, please refer to local retailers or the official website.

• Streamlined 3D printing process reduces downtime for multiple buildings
• Eco-friendly construction using 99% locally sourced materials
• Modular design allows customization for diverse project needs

As global demand for housing and infrastructure grows, traditional construction methods often struggle to keep pace. However, the rise of 3D printing technology is set to transform the sector by enabling faster, more cost-effective, and eco-friendly building processes.

COBOD International, which has over 80 3D construction printing operations worldwide, says it has taken a significant leap forward with the launch of its BOD3 3D Construction Printer.

The company says BOD3 is its most advanced 3D construction printer to date, being designed to print with real concrete, and also introducing features which promise to enhance efficiency, reduce costs, and streamline the construction of low-rise buildings across various settings.

A new benchmark in 3D construction printing

The BOD3 has already been deployed globally, with operational units in countries such as Indonesia, Angola, and Bahrain, with these early implementations reducing downtime between projects and speeding up construction times, meaning the printer can handle high-volume construction projects.

BOD3 comes with an advanced, extendable ground-based track system which allows the printer to operate continuously along the Y-axis, meaning it can print multiple buildings one after another without the need for reinstallation, reducing setup time and making the printer highly efficient for large-scale construction sites where multiple structures need to be erected.

This new model comes with a modular design, allowing it to be customized to the specific needs of different construction projects. The BOD3 comes equipped with an operational stand that allows operators to control and monitor the 3D printer and its supplementary equipment through a single, integrated system. It also has a Universal X-Carriage for the integration of additional tools such as those for insulation, painting, and sanding.

This printer also comes with an Advanced House Management System (AHMS) which minimizes the need for manual labour by ensuring a smooth material flow via secured hoses, enhancing the overall efficiency of the construction process.

According to the company, BOD3 can print with 99% locally sourced materials, reducing the need for transporting expensive and environmentally costly resources. In partnership with Cemex, COBOD has also developed the D.fab solution, which allows traditional concrete to be adapted for 3D printing. This reduces the amount of binder required, making the construction process faster and eco-friendly.

"The global housing crisis demands a more efficient construction solution that is faster, more efficient, and scalable. The BOD3 is our answer to this challenge. Drawing on years of research and expertise, we’ve designed the BOD3 with innovative features, making it our most cost-effective and efficient model yet for multiple low-rise buildings," said Henrik Lund-Nielsen, Founder and General Manager of COBOD.

"Its design supports high-volume, linear production of houses, enabling mass production without compromising quality. The fact that six units have already been sold before its official launch speaks volumes about the BOD3’s market demand and the trust our customers place in our technology.”

You might also like

• These are the best printers
• Take a look at the best business VPNs
• Hybrid work is winning out, despite employers trying to force a return to office

Quordle was one of the original Wordle alternatives and is still going strong now more than 1,000 games later. It offers a genuine challenge, though, so read on if you need some Quordle hints today – or scroll down further for the answers.

Enjoy playing word games? You can also check out my NYT Connections today and NYT Strands today pages for hints and answers for those puzzles, while Marc's Wordle today column covers the original viral word game.

SPOILER WARNING: Information about Quordle today is below, so don't read on if you don't want to know the answers.

Quordle today (game #1057) - hint #1 - Vowels How many different vowels are in Quordle today?

• The number of different vowels in Quordle today is 4*.

* Note that by vowel we mean the five standard vowels (A, E, I, O, U), not Y (which is sometimes counted as a vowel too).

Quordle today (game #1057) - hint #2 - repeated letters Do any of today's Quordle answers contain repeated letters?

• The number of Quordle answers containing a repeated letter today is 0.

Quordle today (game #1057) - hint #3 - uncommon letters Do the letters Q, Z, X or J appear in Quordle today?

• No. None of Q, Z, X or J appear among today's Quordle answers.

Quordle today (game #1057) - hint #4 - starting letters (1) Do any of today's Quordle puzzles start with the same letter?

• The number of today's Quordle answers starting with the same letter is 2.

If you just want to know the answers at this stage, simply scroll down. If you're not ready yet then here's one more clue to make things a lot easier:

Quordle today (game #1057) - hint #5 - starting letters (2) What letters do today's Quordle answers start with?

• H

• C

• C

• S

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

Quordle today (game #1057) - the answers

(Image credit: Merriam-Webster)

The answers to today's Quordle, game #1057, are…

• HYDRO
• CREAM
• CHIDE
• SLIME

Renewable energy, CBD, analytics, online gambling, true crime podcasts, AI… the 21st century has seen many boom industries. Among them, the most unexpected and niche of them all (not even AI could have predicted it), is SLIME.

In the last century, Slime was a forfeit poured over the top of people’s heads in TV game shows or used for pranks. Today it’s evolved into a multi-billion dollar sector, with businesses and entrepreneurs stretching (and oozing) the boundaries of stuff you can put your fingers in.

These are complicated times and Slime is pure chemical fun, I mean it’s better than putting your hands in a tub of CREAM but I’d never CHIDE anyone for their hobbies.

How did you do today? Send me an email and let me know.

Daily Sequence today (game #1057) - the answers

(Image credit: Merriam-Webster)

The answers to today's Quordle Daily Sequence, game #1057, are…

• EGRET
• TOUCH
• EQUIP
• AGATE

Quordle answers: The past 20

• Quordle #1056, Sunday 15 December: DROVE, STILT, LINEN, GIANT
• Quordle #1055, Saturday 14 December: SPIEL, ONSET, TIGER, DITTO
• Quordle #1054, Friday 13 December: ERECT, REBAR, MOIST, IDIOM
• Quordle #1053, Thursday 12 December: MILKY, CRIER, STORK, DRIER
• Quordle #1052, Wednesday 11 December: BRIAR, NASAL, SHARD, FLUFF
• Quordle #1051, Tuesday 10 December: BEGAN, TRIAL, IDEAL, GUIDE
• Quordle #1050, Monday 9 December: TITAN, FORTE, SPEED, BRIAR
• Quordle #1049, Sunday 8 December: BUNCH, SHINY, MOULT, INTRO
• Quordle #1048, Saturday 7 December: SHAKY, CROOK, GHOUL, VERSE
• Quordle #1047, Friday 6 December: BRAWL, UNTIL, DOWRY, STING
• Quordle #1046, Thursday 5 December: AGING, BICEP, CLOVE, SPILL
• Quordle #1045, Wednesday 4 December: JUDGE, GIVER, GNASH, CLOAK
• Quordle #1044, Tuesday 3 December: FUDGE, THICK, CRANK, STASH
• Quordle #1043, Monday 2 December: TROPE, HOVER, SAUNA, SHAPE
• Quordle #1042, Sunday 1 December: NAIVE, CIRCA, STEAD, MICRO
• Quordle #1041, Saturday 30 November: MAMMA, SNUCK, CRYPT, TAROT
• Quordle #1040, Friday 29 November: JOIST, DROOL, DUSKY, GLIDE
• Quordle #1039, Thursday 28 November: GRADE, WORRY, NOISE, DAISY
• Quordle #1038, Wednesday 27 November: HEART, ROGUE, INEPT, UTILE
• Quordle #1037, Tuesday 26 November: PRIED, FAINT, HURRY, WOOER

Good morning! Let's play Connections, the NYT's clever word game that challenges you to group answers in various categories. It can be tough, so read on if you need clues.

What should you do once you've finished? Why, play some more word games of course. I've also got daily Strands hints and answers and Quordle hints and answers articles if you need help for those too, while Marc's Wordle today page covers the original viral word game.

SPOILER WARNING: Information about NYT Connections today is below, so don't read on if you don't want to know the answers.

NYT Connections today (game #554) - today's words

(Image credit: New York Times)

Today's NYT Connections words are…

• LIGHT BULB
• SNOWBALL
• HAM
• CHICKEN
• PILLOW
• YODEL
• BAR
• FOOD
• KNOCK-KNOCK
• WALKIE-TALKIE
• DING DONG
• WATER BALLOON
• SATELLITE
• DEVIL DOG
• AM
• HOHO

NYT Connections today (game #554) - hint #1 - group hints

What are some clues for today's NYT Connections groups?

• YELLOW: Listening 
• GREEN: Fun scraps
• BLUE: Sweet treats
• PURPLE: Typical gags

Need more clues?

We're firmly in spoiler territory now, but read on if you want to know what the four theme answers are for today's NYT Connections puzzles…

NYT Connections today (game #554) - hint #2 - group answers

What are the answers for today's NYT Connections groups?

• YELLOW: TYPES OF RADIO
• GREEN: KINDS OF PLAY FIGHTS
• BLUE: SNACK CAKES
• PURPLE: CLASSIC JOKE STAPLES

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Connections today (game #554) - the answers

(Image credit: New York Times)

The answers to today's Connections, game #554, are…

• YELLOW: TYPES OF RADIO AM, HAM, SATELLITE, WALKIE-TALKIE
• GREEN: KINDS OF PLAY FIGHTS FOOD, PILLOW, SNOWBALL, WATER BALLOON
• BLUE: SNACK CAKES DEVIL DOG, DING DONG, HOHO, YODEL
• PURPLE: CLASSIC JOKE STAPLES BAR, CHICKEN, KNOCK-KNOCK, LIGHT BULB

• My rating: Moderate
• My score: 3 mistakes

A Connections word walks into a bar.

The barman says: “Sorry we don’t serve your type here.”

I struggled with blue today. I knew DEVIL DOGS were a type of cake, but I couldn’t think of the other two until a vague memory of a Simpsons episode came to mind – one where Homer has to choose between a winning lottery ticket or a YODEL and choses a Yodel. Mmm… Yodels.

This LIGHT BULB moment got me over the line on my final guess.

Yesterday's NYT Connections answers (Sunday, 15 December, game #553)

• YELLOW: SPICES CLOVE, MACE, NUTMEG, PEPPER
• GREEN: PERFORM POORLY FLAIL, FLOP, FLOUNDER, TANK
• BLUE: SKIM THROUGH, AS PAGES FLIP, LEAF, RIFFLE, THUMB
• PURPLE: POP SINGERS MINUS "S" KEY, MAR, SPEAR, STYLE

What is NYT Connections?

NYT Connections is one of several increasingly popular word games made by the New York Times. It challenges you to find groups of four items that share something in common, and each group has a different difficulty level: green is easy, yellow a little harder, blue often quite tough and purple usually very difficult.

On the plus side, you don't technically need to solve the final one, as you'll be able to answer that one by a process of elimination. What's more, you can make up to four mistakes, which gives you a little bit of breathing room.

It's a little more involved than something like Wordle, however, and there are plenty of opportunities for the game to trip you up with tricks. For instance, watch out for homophones and other word games that could disguise the answers.

It's playable for free via the NYT Games site on desktop or mobile.

Strands is the NYT's latest word game after the likes of Wordle, Spelling Bee and Connections – and it's great fun. It can be difficult, though, so read on for my Strands hints.

Want more word-based fun? Then check out my NYT Connections today and Quordle today pages for hints and answers for those games, and Marc's Wordle today page for the original viral word game.

SPOILER WARNING: Information about NYT Strands today is below, so don't read on if you don't want to know the answers.

NYT Strands today (game #288) - hint #1 - today's theme What is the theme of today's NYT Strands?

• Today's NYT Strands theme is… Crossed words

NYT Strands today (game #288) - hint #2 - clue words

Play any of these words to unlock the in-game hints system.

• SURE
• MATES
• TANK
• RATHER
• HURT
• NEAT

NYT Strands today (game #288) - hint #3 - spangram What is a hint for today's spangram?

• Word smash

NYT Strands today (game #288) - hint #4 - spangram position What are two sides of the board that today's spangram touches?

First side: top, 4th column

Last side: bottom, 4th column

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Strands today (game #288) - the answers

(Image credit: New York Times)

The answers to today's Strands, game #288, are…

• SMOG
• SPORT
• BRUNCH
• ZORSE
• ATHLEISURE
• ANKLET
• SPANGRAM: PORTMANTEAUX

• My rating: Moderate
• My score: 2 hints

In honor of today’s Spangram I’ve invented my own portmanteaux. Stranesia describes that moment playing Strands where your memory and brain power completely evade you. Today, I experienced this all-too-common sensation when, even though I only had five letters left, I still could not get the final word and was left dumbfounded.

In my defense, ZORSE is hardly the most common of words. But then again, none of my numerous attempts (Orzes – zesty Oreos?, etc) made any sense either.

According to Google, there are only around 100 Zorses (a hybrid between zebra and horse) in the world. Several years ago one breeder called the zorse "the horse of the future". But there is one hitch – zorses cannot breed, making their future bleak.

Zorse is also rumored to be the name of a puzzle game that the NYT has been testing, so this portmanteaux business could be a cunning bit of marketing. Zorse: the puzzle of the future. Or maybe it doesn't exist at all.

How did you do today? Send me an email and let me know.

Yesterday's NYT Strands answers (Sunday, 15 December, game #287)

• FULL
• WANING
• WAXING
• GIBBOUS
• QUARTER
• CRESCENT
• SPANGRAM: LUNAR PHASE

What is NYT Strands?

Strands is the NYT's new word game, following Wordle and Connections. It's now out of beta so is a fully fledged member of the NYT's games stable and can be played on the NYT Games site on desktop or mobile.

I've got a full guide to how to play NYT Strands, complete with tips for solving it, so check that out if you're struggling to beat it each day.

• Ransomware attacks often now target backup data directly, experts warn
• Zero Trust principles are key to data protection
• 59% of organizations experienced ransomware attacks in 2023

Ransomware attacks have increasingly become a top concern for businesses worldwide, targeting organizations of all sizes and industries.

Recent research by Object First has highlighted key vulnerabilities and the growing importance of modern backup technologies in combating ransomware threats.

The survey revealed many businesses are still using outdated technologies that leave their backup data vulnerable to attack, suggesting they are not yet adequately prepared to fend off modern ransomware attacks.

The state of backup security

Backup data is becoming a prime target for cybercriminals, therefore organizations need to rethink their backup security practices to adopt more resilient, ransomware-proof solutions.

The report revealed while over a third (34%) of respondents pointed to outdated backup systems as a major weakness, making them easier targets for ransomware attackers, 31% cited a lack of backup data encryption, which prevents sensitive data from being securely stored and transferred.

In addition, failed data backups were identified by 28% of respondents as another key vulnerability. These failures leave organizations unable to restore their systems after an attack, often resulting in lengthy downtimes and expensive recovery processes.

More troubling is the finding that ransomware attacks are increasingly targeting backup data directly. Normally, backups are considered a last line of defense in the event of an attack. However, with attackers now focusing on compromising this data, simply having backups is no longer enough. This shift has led to a growing need for immutable storage backup systems designed to ensure data cannot be altered or deleted by ransomware once it is stored.

An overwhelming 93% of survey respondents agreed that immutable storage is essential for protecting against ransomware attacks, while 84% of IT workers highlighted that they need better backup security to meet regulatory compliance. This need for enhanced security is further evidenced by the fact that 97% of respondents plan to invest in immutable storage solutions as part of their cybersecurity strategy.

Immutable storage is built on Zero Trust principles, a security model that assumes no user or system is inherently trustworthy. This approach focuses on continuously validating every access request and limiting permissions to minimize the risk of unauthorized access.

The Object First survey found that 93% of IT professionals believe aligning their backup systems with Zero Trust principles is key to safeguarding their data from ransomware. Zero Trust architecture ensures that even if cybercriminals gain access to a system, they are limited in their ability to manipulate or delete critical data.

While the need for enhanced security is clear, the survey also revealed that managing backup storage systems remains a challenge for many organizations. Nearly 41% of IT professionals stated that they lack the skills necessary to manage complex backup solutions, and 69% reported that budget constraints prevent them from hiring additional security experts.

“Our research shows that almost half of organizations suffered attacks that targeted their backup data, highlighting the criticality of adopting backup storage solutions that are ransomware-proof,” said Andrew Wittman, Chief Marketing Officer at Object First.

You might also like

• Microsoft is releasing Microsoft 365 Backup
• Take a look at the best business cloud storage
• Data backup and recovery tools are failing businesses

• Report warns long-lived credentials remain a significant security risk
• Outdated access keys increase vulnerability across cloud platforms
• Automated credential management is crucial for cloud security

As cloud computing adoption continues to rise, organizations increasingly rely on platforms such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud for their infrastructure and services, however, this means their security risks also grow more complex.

The recent Datadog State of Cloud Security 2024 report reveals one particularly concerning issue - the use of long-lived credentials, which pose significant security threats across all major cloud providers.

Despite advancements in cloud security tools and practices, many organizations still use long-lived credentials, which do not expire automatically.

The prevalence of long-lived credentials

Long-lived credentials, particularly those that are no longer actively managed, can serve as an easy target for attackers. If leaked or compromised, they could provide unauthorized access to sensitive data or systems. The longer these credentials remain in place without rotation or monitoring, the greater the risk of a security breach.

Datadog's report reveals nearly half (46%) of organizations still have unmanaged users with long-lived credentials. These credentials are particularly problematic because they are often embedded in various assets such as source code, container images, and build logs. If these credentials are not properly managed, they can easily be leaked or exposed, providing an entry point for attackers to access critical systems and data.

Almost two-thirds 62% of Google Cloud service accounts, 60% of AWS Identity and Access Management (IAM) users, and 46% of Microsoft Entra ID applications have access keys that are more than a year old.

In response to these risks, cloud providers have been making strides toward improving security. Datadog's report notes that the adoption of cloud guardrails is on the rise. These guardrails are automated rules or configurations designed to enforce security best practices and prevent human error.

For instance, 79% of Amazon S3 buckets now have either account-wide or bucket-specific public access blocks enabled, up from 73% the previous year. However, while these proactive measures are a step in the right direction, long-lived credentials remain a major blind spot in cloud security efforts.

Furthermore, the report added there is a conspicuously high number of cloud resources with overly permissive configurations.

About 18% of AWS EC2 instances and 33% of Google Cloud VMs were found to have sensitive permissions that could potentially allow an attacker to compromise the environment. In cases where a cloud workload is breached, these sensitive permissions can be exploited to steal associated credentials, enabling attackers to access the broader cloud environment.

In addition, there is the risk of third-party integrations, which are common in modern cloud environments. More than 10% of third-party integrations examined in the report were found to have risky cloud permissions, potentially allowing the vendor to access sensitive data or take control of the entire AWS account.

What's more, 2% of these third-party roles do not enforce the use of External IDs, leaving them susceptible to a "confused deputy" attack, a scenario where an attacker tricks a service into using its privileges to perform unintended actions.

“The findings from the State of Cloud Security 2024 suggest it is unrealistic to expect that long-lived credentials can be securely managed,” said Andrew Krug, Head of Security Advocacy at Datadog.

“In addition to long-lived credentials being a major risk, the report found that most cloud security incidents are caused by compromised credentials. To protect themselves, companies need to secure identities with modern authentication mechanisms, leverage short-lived credentials and actively monitor changes to APIs that attackers commonly use,” Krug added.

You might also like

• These are the best password managers
• Take a look at the best password generators
• Critical infrastructure being hit by dangerous new malware - routers, firewalls and fuel systems all under threat

• Minisforum's customizable MS-A1 has AM5 socket for Ryzen CPUs
• Compact design with up to 16TB storage, includes OCuLink port
• Wi-Fi 6E, USB4, and advanced cooling for high performance

The Minisforum MS-A1 is the latest addition to the company's line of powerful mini PCs, and is the spiritual successor to the MS-01 model.

Unlike its predecessor, the MS-A1 introduces the option of swapping CPUs, utilizing an AM5 socket to take various AMD Ryzen processors, including AMD's 7000 series, 8000 PHX architecture (8700G/8600G), and potentially the AMD 9000 series following a BIOS update. It supports up to AMD 8700G APU for graphics.

The Minisforum MS-A1 is available as a barebone system (without a CPU or OS) starting at $259 or as a pre-configured model. At the moment, there’s an offer to save $20, bringing the barebone price down to $239. You can add the Minisforum Deg1 OCuLink graphics docking station when purchasing the workstation for an additional $99, which allows the system to drive up to four 8K screens simultaneously.

Staying cool

The mini PC supports up to 16TB of storage via four SSDs using PCIe 4.0 M.2 slots. There are five USB Type-A ports, a USB4 port capable of 40Gbps, the OCuLink interface, and dual Ethernet RJ45 ports supporting up to 2.5Gbps each.

For display outputs, the device includes HDMI 2.1 and DisplayPort 2.0 connections, with the USB4 interface also supporting screen output. Without an eGPU, it can still drive three 8K displays. For wireless connectivity, the Minisforum MS-A1 offers WiFi 6E and Bluetooth 5.2.

The mini PC's housing is compact and constructed from a mix of metal and plastic. The Cold Wave cooling system, featuring dual fans and quad heat pipes, prevents overheating even when under load.

With customizable CPU options and affordable eGPU support, the Minisforum MS-A1 offers a flexible, mini PC solution that is ideal for users seeking a compact yet powerful workstation for content creation, multitasking, gaming, or general productivity.

You might also like

• These are the best business laptops around today
• We've also rounded up the best mobile workstations you can buy right now
• Subwoofer-like mini PC hides eight (yes 8!) SSDs

• Bixby could catch up to Google Gemini in 2025
• The upgrade may arrive alongside One UI 7
• The new Bixby is already available in China

Amidst the rapid rise of ChatGPT, Copilot, and Gemini, you might have forgotten all about Samsung's Bixby – but a revamp is coming for the AI assistant, and it could be available worldwide at the same time as the Samsung Galaxy S25.

A new report in South Korean outlet ET News (via @Jukanlosreve) says that Bixby will come with Large Language Model (LLM) support at the start of next year, matching the generative AI chatbots we've already mentioned.

This Bixby upgrade has actually already been quietly pushed out – but only in China. Based on this new report, it looks as though the rest of the world will be getting access to the new version, most probably in January.

That's when the Galaxy S25 series is rumored to be launching, and it's also when we're expecting One UI 7 (based on Android 15) to be pushed out to the masses. The One UI 7 software update is currently in beta testing.

'The biggest selling point'

The biggest selling point of Galaxy S25 series: the new Bixby returns!December 15, 2024

Samsung has of course already pushed out plenty of Galaxy AI features on its phones this year – including Sketch to Image and the Circle to Search feature. Google Gemini is also available on Samsung handsets as well.

But with LLM support added to Bixby, Samsung phones will get even more powerful, with more comprehensive answers and image generation capabilities. Another well-known tipster, @UniverseIce, says it will be "the biggest selling point" of the Galaxy S25.

Google has already given its own Google Assistant an LLM upgrade in the form of Google Gemini – and it'll be interesting to see how much competition Bixby gives Gemini when it comes to built-in options on the best Android phones.

We'll be sure to bring you all the details of the new and improved Bixby when it arrives – maybe in a month or so from now. In the meantime, Apple continues to push out its own Apple Intelligence features through iOS updates.

You might also like

• I used Claude AI to plan a photography trip – and it worked
• Take a look at the best Samsung phones
• Galaxy AI could be Samsung’s last chance to redeem Bixby

• Chinese firm develops new compact radiation detection chip
• The chip measures just 15mm x 15mm x 3mm and consumes 1 milliwatt in operation
• The chip could be planted in phones and drones for every

Amid escalating efforts to boost its national semiconductor self-reliance, China National Nuclear Corporation (CNNC), a state-owned nuclear enterprise, has revealed the development of a groundbreaking radiation detection chip.

According to CNNC’s official statement on its WeChat channel, the chip can monitor radiation doses across a wide range of environments and adapt to multiple settings including nuclear workplaces, personnel monitoring, and environmental safety inspections.

This chip measures dose rates from 100 nanoSievert (nSv) per hour to 10 milliSievert (mSv) per hour, allowing it to cover various use cases, from monitoring natural background radiation (typically 60–200 nSv/h) to more specific industrial scenarios.

Versatile applications and high-sensitivity

The chip can also detect radiation energies between 50 kiloelectron volts (keV) and 2 mega-electron volts (MeV). This range covers both X-rays and gamma rays, making it useful for industries such as healthcare, nuclear energy, and environmental monitoring.

The chip measures only 15mm x 15mm x 3mm and its energy consumption to operate is just 1 milliwatt. Despite its miniature form, the chip offers sensitivity comparable to traditional Geiger-Muller counters, which are widely used for environmental radiation measurement.

The company announced mass production of the chip has now begun, marking a significant milestone in China's technological push in radiation sensing applications.

This achievement is seen as part of the broader strategy to overcome trade and technology restrictions imposed by the United States, particularly in the semiconductor sector.

Speaking to Chinese state news agency, Xinhua, during his visit to the southeastern high-tech hub of Hefei, Chinese President Xi Jinping said, “High-tech development cannot be begged for; we must accelerate the realisation of high-level technological self-reliance and self-improvement.”

CNNC envisions broader applications beyond industrial use, stating that the chip can be integrated into consumer devices such as smartphones and drones. This could enable smart devices to offer real-time radiation detection, opening up new possibilities for consumer and environmental safety applications.

The development of this chip involved the full cycle of semiconductor production, including chip design, tape-out, packaging, and testing. The mass production was outsourced to "authorized factories," though details about these partners were not disclosed.

Via SCMP

You might also like

• These are the best business laptops
• Take a look at the best business smartphones
• US government agencies told to patch these critical security flaws or face attack

• Deepfake selfies can now bypass traditional verification systems
• Fraudsters are exploiting AI for synthetic identity creation
• Organizations must adopt advanced behavior-based detection methods

The latest Global Identity Fraud Report by AU10TIX reveals a new wave in identity fraud, largely driven by the industrialization of AI-based attacks.

With millions of transactions analyzed from July through September 2024, the report reveals how digital platforms across sectors, particularly social media, payments, and crypto, are facing unprecedented challenges.

Fraud tactics have evolved from simple document forgeries to sophisticated synthetic identities, deepfake images, and automated bots that can bypass conventional verification systems.

Election-driven surge in social media bot attacks

Social media platforms experienced a dramatic escalation in automated bot attacks in the lead-up to the 2024 US presidential election. The report reveals that social media attacks accounted for 28% of all fraud attempts in Q3 2024, a notable jump from only 3% in Q1.

These attacks focus on disinformation and the manipulation of public opinion on a large scale. AU10TIX says these bot-driven disinformation campaigns employ advanced Generative AI (GenAI) elements to avoid detection, an innovation that has enabled attackers to scale their operations while evading traditional verification systems.

The GenAI-powered attacks began escalating in March 2024 and peaked in September and are believed to influence public perception by spreading false narratives and inflammatory content.

One of the most striking discoveries in the report involves the emergence of 100% deepfake synthetic selfies - hyper-realistic images created to mimic authentic facial features with the intention of bypassing verification systems.

Traditionally, selfies were considered a reliable method for biometric authentication, as the technology needed to convincingly fake a facial image was beyond the reach of most fraudsters.

AU10TIX highlights these synthetic selfies pose a unique challenge to traditional KYC (Know Your Customer) procedures. The shift suggests that moving forward, organizations relying solely on facial matching technology may need to re-evaluate and bolster their detection methods.

Furthermore, fraudsters are increasingly using AI to generate variations of synthetic identities with the help of “image template” attacks. These involve manipulating a single ID template to create multiple unique identities, complete with randomized photo elements, document numbers, and other personal identifiers, allowing attackers to quickly create fraudulent accounts across platforms by leveraging AI to scale synthetic identity creation.

In the payment sector, the fraud rate saw a decline in Q3, from 52% in Q2 to 39%. AU10TIX credits this progress to increased regulatory oversight and law enforcement interventions. However, despite the reduction in direct attacks, the payments industry remains the most frequently targeted sector with many fraudsters, deterred by heightened security, redirecting their efforts toward the crypto market, which accounted for 31% of all attacks in Q3.

AU10TIX recommends that organizations move beyond traditional document-based verification methods. One critical recommendation is adopting behaviour-based detection systems that go deeper than standard identity checks. By analyzing patterns in user behaviour such as login routines, traffic sources, and other unique behavioural cues, companies can identify anomalies that indicate potentially fraudulent activity.

“Fraudsters are evolving faster than ever, leveraging AI to scale and execute their attacks, especially in the social media and payments sectors,” said Dan Yerushalmi, CEO of AU10TIX.

“While companies are using AI to bolster security, criminals are weaponizing the same technology to create synthetic selfies and fake documents, making detection almost impossible."

You might also like

• These are the best password managers
• Take a look at the best endpoint protection
• Companies want to get serious on AI, but their workers don't have the skills

• iPhone 17 price increases are expected
• As yet we haven't seen many price leaks
• A new model is expected to appear in 2025

It's a pretty safe bet that the iPhone 17 is going to break cover at some point during September 2025, but how much is it going to cost? Well, more than the iPhone 16, if recent comments from an industry analyst are to be believed.

Commenting at a guest lecture (via @Jukanlosreve), Samsung Securities Research Center senior researcher Jong Wook Lee has gone on record as saying "iPhone prices are expected to increase next year" – after no price increase in 2024.

iPhone 16 pricing currently starts at $799 / £799 / AU$1,399, which matches the launch pricing of the iPhone 15 (though that phone is now available for less) – in fact, the 2024 model was AU$100 cheaper than the 2023 model was in Australia.

According to Lee, that means Apple is set to hike prices this time around, though we don't know how much they might go up. In fact, we haven't heard much in the way of iPhone 17 price leaks at all, up to this point.

The price is right?

At a guest lecture, Jong Wook Lee, a senior researcher at Samsung Securities Research Center, stated, “Although there were initial expectations that Apple’s iPhone prices would rise this year, prices were unusually not increased. As a result, profit margins have declined since…December 14, 2024

While we don't know how much the iPhone 17 will cost, we can look at current pricing. We've already mentioned the iPhone 16, and the iPhone 16 Plus starts at $899 / £899 / AU$1,599 for the lowest amount of storage.

The iPhone 16 Pro will set you back $999 / £999 / AU$1,799 and up, while the iPhone 16 Pro Max starts at a considerable $1,199 / £1,199 / AU$2,149. We'll have to wait and see whether price hikes hit some or all of the iPhone 17 models.

And there's rumored to be a new model arriving in place of the iPhone 16 Plus: the iPhone 17 Air. That phone is apparently going to set you back $1,299 (around £1,030 / AU$2,045), which would be a considerable jump over the handset it's replacing.

With sales of the iPhone 16 Plus reportedly not what they could be, perhaps a change in design can help – and of course a higher price will often mean more money per device for Apple. We can expect a few more price leaks to appear between now in September.

You might also like

• The iPhone 17 could borrow a Pixel design choice
• Choose one of the best iPhones available
• This iPhone trick lets you take pictures using your voice

• Quadrant offers free Dark Web reports for small businesses
• Early detection helps prevent costly data breaches
• Small businesses are increasingly targeted by cybercriminals

The Dark Web, a hidden part of the web where illicit activities often occur, has become a prime marketplace for stolen data, including compromised credentials from businesses, and with cyberattacks on the rise, organizations must remain vigilant.

This is especially true for small and mid-sized companies that may not have the same resources as larger enterprises.

In response to this need, Quadrant Information Security, has launched Free Dark Web Reports, a new service offering companies crucial insights into what sensitive data, specifically user credentials, has been leaked and is potentially up for sale on the Dark Web.

Free Dark Web report for small and medium size businesses

The service provides a monthly report that highlights newly discovered compromised credentials related to the organization, and provides actionable insights, allowing organizations to implement timely measures such as enforcing password resets, increasing multi-factor authentication (MFA) usage, or refining security policies.

Any discovered passwords or other confidential data are redacted to comply with regulatory standards, ensuring organizations can act on the information without risking further exposure.

Cybersecurity breaches that involve compromised credentials are among the most common and dangerous types of attacks. With credentials can be harvested through phishing schemes or security lapses and often find their way onto the Dark Web where can be sold or misused by malicious actors, leading to costly data breaches or even identity theft.

Early detection of compromised credentials is one of the most effective ways to prevent a cybersecurity incident. By offering these reports, Quadrant empowers organizations to respond swiftly to any security gaps identified. Moreover, these reports can be especially beneficial for businesses that lack the internal resources to monitor the Dark Web themselves.

Quadrant's Dark Web Reports can also identify high-risk users, such as top executives, employees handling sensitive data, or any user with privileged access. By flagging compromised accounts or users at higher risk, organizations can prioritize their security efforts and implement targeted defensive measures, such as additional authentication layers for these users.

“Many security leaders are shocked to see the sheer amount of compromised data sitting on the Dark Web related to their organization," said Jeff Foresman, President of Services at Quadrant.

"This proactive discovery of compromised credentials helps companies avoid expensive breaches and data loss. These reports are informational and directly useful for implementing better security measures."

You might also like

• These are the best firewalls
• Take a look at the best antivirus
• What is dark web monitoring?

• macOS faces an emerging ransomware threat, NotLockBit
• NotLockBit malware demonstrates file-locking capabilities
• Apple's built-in protections face issues from evolving ransomware threats

For years, ransomware attacks have predominantly targeted Windows and Linux platforms, however cybercriminals have begun to shift their focus toward macOS users, experts have claimed.

The recent discovery of macOS.NotLockBit suggests a shift in the landscape, as this newly identified malware, named after the notorious LockBit variant, could mark the beginning of more serious ransomware campaigns against Mac users.

Discovered by researchers at Trend Micro and later analyzed by SentinelLabs, macOS.NotLockBit shows credible file-locking and data exfiltration capabilities, posing a potential risk to macOS users.

macOS.NotLockBit threat

Ransomware targeting Mac devices tends to lack the necessary tools to truly lock files or exfiltrate data. The general perception has been that macOS is better protected against these kinds of threats, partially due to Apple's built-in security features, such as Transparency, Consent, and Control (TCC) protections. However, the emergence of macOS.NotLockBit signals that hackers are actively developing more sophisticated methods for targeting Apple devices.

macOS.NotLockBit functions similarly to other ransomware, but it specifically targets macOS systems. The malware only runs on Intel-based Macs or Apple silicon Macs with Rosetta emulation software installed, which allows it to execute x86_64 binaries on newer Apple processors.

Upon execution, the ransomware collects system information, including the product name, version, and architecture. It also gathers data on how long the system has been running since its last reboot. Before locking the user’s files, macOS.NotLockBit attempts to exfiltrate data to a remote server using Amazon Web Services (AWS) S3 storage. The malware employs a public key for asymmetric encryption, meaning decryption without the attacker’s private key is nearly impossible.

The malware drops a README.txt file in directories containing encrypted files. The encrypted files are marked with an “.abcd” extension, and the README instructs victims on how to recover their files, typically by paying a ransom. Additionally, in later versions of the malware, macOS.NotLockBit displays a LockBit 2.0-themed desktop wallpaper, co-opting the branding of the LockBit ransomware group.

Thankfully, Apple’s TCC protections remain a hard nut for macOS.NotLockBit to crack. These safeguards require user consent before granting access to sensitive directories or allowing control over processes like System Events. While this creates a hurdle for the ransomware’s full functionality, bypassing TCC protection is not insurmountable, and security experts expect that future iterations of the malware may develop ways to circumvent these alerts.

Researchers from SentinelLabs and Trend Micro have not yet identified a specific distribution method, and there are no known victims at present. However, the rapid evolution of the malware demonstrated by the increasing size and sophistication of each new sample indicates that the attackers are actively working on improving its capabilities.

SentinelLabs identified multiple versions of the malware, suggesting that macOS.NotLockBit is still in active development. Early samples appeared lighter in functionality, focusing solely on encryption. Later versions added data exfiltration capabilities and began employing AWS S3 cloud storage to exfiltrate stolen files. The attackers hardcoded AWS credentials into the malware to create new repositories for storing victim data, though these accounts have since been deactivated.

In one of its most recent versions, macOS.NotLockBit requires macOS Sonoma, indicating that the malware developers are targeting some the latest macOS versions. It also showed attempts at obfuscating code, suggesting that the attackers are testing various techniques to evade detection by antivirus software.

You might also like

• These are the best Mac antivirus solutions
• Ransomware attack on Blue Yonder hits Starbucks, grocery stores across the world
• Take a look at our guide to the best endpoint protection

• AI investments aren't slowing, despite skepticism and real world dangers
• AI is expected to be an integral part of most industries
• Tech giants are going nuclear to manage electricity demands

Despite the wide-ranging potential applications of AI technology, concerns remain about its reliability, the legality of training models on copyrighted data without permission, and environmental impact.

In face of this, many investors believe generative AI will become integral to industries such as business analytics, creative services, and automation.

Analysts predict 60% of current skeptics will embrace generative AI within the next few years, knowingly or not, and investors are not slowing down as they continue to throw their hat in the ring.

The rapid expansion of Generative AI

New figures from PitchBook hae claimed investment in generative AI startups remains robust, with venture capitalists pouring $3.9 billion across 206 deals in the third quarter of 2024. US-based companies attracted the lion’s share, raising $2.9 billion across 127 deals and this does not include OpenAI’s notable $6.6 billion round.

Some standout funding rounds include Magic, a coding assistant startup that secured $320 million in August, and Glean, an enterprise search company, which raised $260 million in September.

Meanwhile, Hebbia, a business analytics firm, drew $130 million in July. Furthermore, investments extended beyond the U.S., with China’s Moonshot AI raising $300 million and Japan’s Sakana AI closing a $214 million round focused on scientific discovery.

Unfortunately, the rapid expansion of generative AI also brings challenges, particularly regarding energy consumption. According to Bain & Company, companies deploying AI at scale will require gigawatt-scale data centers, which consume up to 20 times the power of typical data centers today. This demand risks straining global electricity and labour markets.

The reliance on data centers has already prolonged the use of coal-fired power plants, with Morgan Stanley warning greenhouse gas emissions could triple by 2030 if the trend continues unchecked.

In response, major data center operators like Microsoft, Amazon, and Google are turning to nuclear energy to offset their environmental impact. Microsoft, for instance, announced plans to source power from the controversial Three Mile Island nuclear facility, though such projects could take years to become operational.

Despite these environmental and technical hurdles, investor interest in generative AI remains high. ElevenLabs, known for its viral voice-cloning tool, is reportedly seeking to raise funds at a $3 billion valuation. Black Forest Labs, the company behind a controversial image generator on the X platform, is also in talks for a $100 million funding round.

Via TechCrunch

You might also like

• These are the best business laptops
• Take a look at the best AI writers
• Meta's plan for nuclear datacenter reportedly undone by bees