Error message

  • Deprecated function: implode(): Passing glue string after array is deprecated. Swap the parameters in drupal_get_feeds() (line 394 of /home/cay45lq1/public_html/includes/common.inc).
  • Deprecated function: The each() function is deprecated. This message will be suppressed on further calls in menu_set_active_trail() (line 2405 of /home/cay45lq1/public_html/includes/menu.inc).

Feed aggregator

New forum topics

This cookbook is unlike any other from India. Pass the honeycomb, please!

NPR News Headlines - Sun, 12/15/2024 - 07:15
Dalit Kitchens of Marathwada.'/>

In Dalit Kitchens of Marathwada, Shahu Patole pays tribute to a cuisine that has long been considered not worthy of documentation. We interviewed Patole — and are sharing some of his recipes.

(Image credit: Maya Levin for NPR)

Categories: News

At least 11 dead in the French territory of Mayotte as Cyclone Chido causes devastating damage

NPR News Headlines - Sun, 12/15/2024 - 07:04

At least 11 people have died after Cyclone Chido caused devastating damage in the French territory of Mayotte in the Indian Ocean, France's Interior Ministry said Sunday.

(Image credit: AP)

Categories: News

5 Best Carbon Steel Pans For Every Budget (2024)

WIRED Top Stories - Sun, 12/15/2024 - 07:01
Our expert cooked with 20 pans and these are the top 5 that are worth the investment.
Categories: Technology

Origin PC Eon17-X v2 Review: Big, Burly and Loud Custom Gaming Laptop That Costs

CNET News - Sun, 12/15/2024 - 07:00
This 17-inch noisy beast isn't the fastest RTX 4090 gaming laptop we've tested, but it has a few upgrades that soothe.
Categories: Technology

Sleep Isn't Cheap, but You Can Keep Costs Under Control

CNET News - Sun, 12/15/2024 - 07:00
Many of us will do just about anything to ensure a good night's sleep. Don't waste money buying the wrong things.
Categories: Technology

This free tool offers SMBs critical insights into compromised credentials found on the dark web

TechRadar News - Sun, 12/15/2024 - 06:36
  • Quadrant offers free Dark Web reports for small businesses
  • Early detection helps prevent costly data breaches
  • Small businesses are increasingly targeted by cybercriminals

The Dark Web, a hidden part of the web where illicit activities often occur, has become a prime marketplace for stolen data, including compromised credentials from businesses, and with cyberattacks on the rise, organizations must remain vigilant.

This is especially true for small and mid-sized companies that may not have the same resources as larger enterprises.

In response to this need, Quadrant Information Security, has launched Free Dark Web Reports, a new service offering companies crucial insights into what sensitive data, specifically user credentials, has been leaked and is potentially up for sale on the Dark Web.

Free Dark Web report for small and medium size businesses

The service provides a monthly report that highlights newly discovered compromised credentials related to the organization, and provides actionable insights, allowing organizations to implement timely measures such as enforcing password resets, increasing multi-factor authentication (MFA) usage, or refining security policies.

Any discovered passwords or other confidential data are redacted to comply with regulatory standards, ensuring organizations can act on the information without risking further exposure.

Cybersecurity breaches that involve compromised credentials are among the most common and dangerous types of attacks. With credentials can be harvested through phishing schemes or security lapses and often find their way onto the Dark Web where can be sold or misused by malicious actors, leading to costly data breaches or even identity theft.

Early detection of compromised credentials is one of the most effective ways to prevent a cybersecurity incident. By offering these reports, Quadrant empowers organizations to respond swiftly to any security gaps identified. Moreover, these reports can be especially beneficial for businesses that lack the internal resources to monitor the Dark Web themselves.

Quadrant's Dark Web Reports can also identify high-risk users, such as top executives, employees handling sensitive data, or any user with privileged access. By flagging compromised accounts or users at higher risk, organizations can prioritize their security efforts and implement targeted defensive measures, such as additional authentication layers for these users.

“Many security leaders are shocked to see the sheer amount of compromised data sitting on the Dark Web related to their organization," said Jeff Foresman, President of Services at Quadrant.

"This proactive discovery of compromised credentials helps companies avoid expensive breaches and data loss. These reports are informational and directly useful for implementing better security measures."

You might also like
Categories: Technology

Overcoming Credit Card Debt: A Step-by-Step Guide

CNET News - Sun, 12/15/2024 - 06:00
Relax and breathe. There are things you can do to help protect your credit score.
Categories: Technology

The Simple Math Behind Public Key Cryptography

WIRED Top Stories - Sun, 12/15/2024 - 06:00
The security system that underlies the internet makes use of a curious fact: You can broadcast part of your encryption to make your information much more secure.
Categories: Technology

Ilana Glazer appreciates how becoming a parent forced them to draw some lines

NPR News Headlines - Sun, 12/15/2024 - 06:00

Ilana Glazer is grateful for the limits of parenthood. On Wild Card this week, Glazer opens up about how parenthood has allowed them to draw boundaries and why they increasingly love their alone time.

(Image credit: Dia Dipasupil/Getty Images)

Categories: News

Trump appoints foreign policy adviser Richard Grenell as special missions envoy

NPR News Headlines - Sun, 12/15/2024 - 05:30

President-elect Donald Trump announced Saturday that he's picked longtime foreign policy adviser Richard Grenell to serve as an envoy for special missions, dealing with tough foreign policy decisions.

(Image credit: Darko Vojinovic/AP)

Categories: News

Storms across US bring heavy snow, dangerous ice and a tornado in California

NPR News Headlines - Sun, 12/15/2024 - 05:18

Inclement weather plagued areas of the U.S. in the first half of the weekend, with dangerous conditions including a major ice storm in Midwest states and unsual tornado activity in Central California.

(Image credit: Noah Berger/AP)

Categories: News

The UK Now Has Its Own Illegal Rubberized Cybertruck on the Road

WIRED Top Stories - Sun, 12/15/2024 - 05:00
Following the Czech Cybertruck’s example, now there’s a rubber bumper-pimped Tesla truck attempting to be certified for use on British highways. This time, however, the chances of success look slim.
Categories: Technology

Trump's tariffs threat is dividing business owners across the country

NPR News Headlines - Sun, 12/15/2024 - 05:00

Businesses are divided over Trump's plan to impose sweeping tariffs. Some companies welcome the protection from foreign competition, while others worry about rising costs and retaliation.

(Image credit: courtesy Peter Elitzer)

Categories: News

Best Internet Providers in Conroe, Texas

CNET News - Sun, 12/15/2024 - 04:54
Whether you need fast speeds or affordable internet, Conroe has an option for everyone. According to CNET experts, here are the best broadband plans in this Texas city.
Categories: Technology

Best Water Filter Pitcher for 2024

CNET News - Sun, 12/15/2024 - 04:33
Remove all impurities from your water and enjoy a safe drinking experience with these water filter pitchers.
Categories: Technology

Experts Say the Fed Will Likely Cut Rates Next Week. But What's Next?

CNET News - Sun, 12/15/2024 - 03:30
The degree and frequency of interest rate cuts in 2025 are still in limbo.
Categories: Technology

NotLockBit ransomware targets Apple users with advanced file-locking and data exfiltration

TechRadar News - Sun, 12/15/2024 - 03:16
  • macOS faces an emerging ransomware threat, NotLockBit
  • NotLockBit malware demonstrates file-locking capabilities
  • Apple's built-in protections face issues from evolving ransomware threats

For years, ransomware attacks have predominantly targeted Windows and Linux platforms, however cybercriminals have begun to shift their focus toward macOS users, experts have claimed.

The recent discovery of macOS.NotLockBit suggests a shift in the landscape, as this newly identified malware, named after the notorious LockBit variant, could mark the beginning of more serious ransomware campaigns against Mac users.

Discovered by researchers at Trend Micro and later analyzed by SentinelLabs, macOS.NotLockBit shows credible file-locking and data exfiltration capabilities, posing a potential risk to macOS users.

macOS.NotLockBit threat

Ransomware targeting Mac devices tends to lack the necessary tools to truly lock files or exfiltrate data. The general perception has been that macOS is better protected against these kinds of threats, partially due to Apple's built-in security features, such as Transparency, Consent, and Control (TCC) protections. However, the emergence of macOS.NotLockBit signals that hackers are actively developing more sophisticated methods for targeting Apple devices.

macOS.NotLockBit functions similarly to other ransomware, but it specifically targets macOS systems. The malware only runs on Intel-based Macs or Apple silicon Macs with Rosetta emulation software installed, which allows it to execute x86_64 binaries on newer Apple processors.

Upon execution, the ransomware collects system information, including the product name, version, and architecture. It also gathers data on how long the system has been running since its last reboot. Before locking the user’s files, macOS.NotLockBit attempts to exfiltrate data to a remote server using Amazon Web Services (AWS) S3 storage. The malware employs a public key for asymmetric encryption, meaning decryption without the attacker’s private key is nearly impossible.

The malware drops a README.txt file in directories containing encrypted files. The encrypted files are marked with an “.abcd” extension, and the README instructs victims on how to recover their files, typically by paying a ransom. Additionally, in later versions of the malware, macOS.NotLockBit displays a LockBit 2.0-themed desktop wallpaper, co-opting the branding of the LockBit ransomware group.

Thankfully, Apple’s TCC protections remain a hard nut for macOS.NotLockBit to crack. These safeguards require user consent before granting access to sensitive directories or allowing control over processes like System Events. While this creates a hurdle for the ransomware’s full functionality, bypassing TCC protection is not insurmountable, and security experts expect that future iterations of the malware may develop ways to circumvent these alerts.

Researchers from SentinelLabs and Trend Micro have not yet identified a specific distribution method, and there are no known victims at present. However, the rapid evolution of the malware demonstrated by the increasing size and sophistication of each new sample indicates that the attackers are actively working on improving its capabilities.

SentinelLabs identified multiple versions of the malware, suggesting that macOS.NotLockBit is still in active development. Early samples appeared lighter in functionality, focusing solely on encryption. Later versions added data exfiltration capabilities and began employing AWS S3 cloud storage to exfiltrate stolen files. The attackers hardcoded AWS credentials into the malware to create new repositories for storing victim data, though these accounts have since been deactivated.

In one of its most recent versions, macOS.NotLockBit requires macOS Sonoma, indicating that the malware developers are targeting some the latest macOS versions. It also showed attempts at obfuscating code, suggesting that the attackers are testing various techniques to evade detection by antivirus software.

You might also like
Categories: Technology

AI Will Evolve Into an Organizational Strategy for All

WIRED Top Stories - Sun, 12/15/2024 - 03:00
Traditional hierarchies hold businesses back. Instead, teams need to combine human and artificial intelligence to succeed.
Categories: Technology

Everything You Need to Know About Apple AirTags

CNET News - Sun, 12/15/2024 - 02:38
How often does a product give you peace of mind by letting you forget about it?
Categories: Technology

Apricorn Aegis NVX secure hard drive review

TechRadar Reviews - Sun, 12/15/2024 - 01:44
Apricorn Aegis NVX: 30-second review Specs

Connection: USB 10Gbps with 1000 MB/s read/write speeds
Compatible OS: Windows, Mac, Linux, Android, Symbian, and any powered USB OS with a storage file system
Dimensions: 67mm x 120mm x 15mm
Weight: 200g
Certification: IP68, FCC, CE, and VCCI standards
Warranty: 3-year limited

The Aegis NVX 1TB is a relatively simple-to-use portable hard drive, but unlike the majority of portable hard drives, this device is all about security. As is common with this style of drive, there’s a 12-key keypad on the front of the device that enables you to enter a PIN to gain access.

There’s also an integrated USB Type-C cable that tucks neatly into the side of the aluminium body, giving it an ultra-tough look and feel.

While there are many secure drives available, the Aegis NVX 1TB takes things to another level with hardware data encryption built into the device. This means that all data is encrypted as soon as it enters the drive space. Even if someone were to bypass security and access the drive, without the hardware, they would not be able to read or decode any of the data.

This drive essentially separates the software on your computer from the storage drive. Access is only unlocked once the correct PIN code has been entered, after which it functions like any other external portable hard drive. What’s interesting here is that Apricorn has included an ultra-fast internal SSD, enabling transfer rates of up to 1000 MB/s. Unlike some other secure hard drives, this makes it more than capable of being used as a working drive as well as a secure storage solution for your digital data.

Using the drive is straightforward, with a series of button pushes on the keypad allowing you to code in an admin PIN, user PIN, read-only activation, and several other security features. Since all these features are controlled purely through the 12 buttons and confirmation through the three lights on the top of the device, it can take some time to figure out all the key combinations when setting up or changing settings. Having the manual at hand is essential during setup or configuration.

Once everything is set up, however, it’s very easy to use. Plug it in, enter the code, and you gain access. For businesses, the drive can be configured with an admin password and with individual user passwords. Permissions can also be adjusted; for example, you can set it so users only have read-only access. These settings can all be configured through the keypad using the appropriate key combinations.

As a secure solution for your digital data, the Aegis NVX is one of the smallest and most robust devices we’ve seen. Once it’s set up, it makes an ideal solution. However, as ever, there is a significant price premium for this level of secure data storage.

Apricorn Aegis NVX: Price & availability

(Image credit: Alastair Jennings)

The Apricorn Aegis NVX 1TB is widely available and ranges in price from $339 to $739 (£265 to £579), with the 1TB version we’re reviewing priced at $539 (£422). At the time of this review, the drive is available directly from the apricorn.com website as well as through most larger online retailers such as Amazon.

  • Score: 5/5
Apricorn Aegis NVX: Design & build

(Image credit: Alastair Jennings)

The Apricorn Aegis NVX 1TB is designed as a secure portable hard drive that will help protect your data even from brute force and software attacks. While the hardware encryption ensures that everything on the drive stays safe, the design and build of the drive are equally robust.

The outer shell is made from solid, aircraft-grade 6061 aluminium, which is milled from a solid metal and then sealed. Inside this ultra-tough enclosure is the SSD. The entire drive is just smaller than an average smartphone, measuring 67 x 120 x 15 mm and weighing in at 200 g. While not overly heavy, it’s more than you might expect for such a small device.

The main feature of the drive is the 12-key keypad on the front, with numbers 0 to 9 allowing for plenty of unique number combinations to gain access to the drive. Once set, there are lock and unlock buttons, as well as three additional lights across the top to indicate the drive’s status and confirm keypress combinations.

Adding to the drive’s robustness and ensuring longevity, the keys are polymer-coated and wear-resistant. This prevents revealing commonly used buttons through signs of wear, ensuring continued security over many years of use.

The connection from the drive to a computer or other device is via a short USB Type-C cable integrated into the drive’s design. This cable wraps neatly around the side of the drive and tucks in securely when not in use.

The drive is also IP68 certified, which essentially means it can withstand being submerged in 1 meter of water for up to 30 minutes. However, while it is IP68-rated, the USB cable end remains exposed, so it’s advisable to let it dry out fully before plugging it into any devices.

  • Design & build: 4/5
Apricorn Aegis NVX: Features

(Image credit: Alastair Jennings)

Looking at the features, the drive includes AegisWare, the company’s patented protected firmware. Thanks to this hardware approach and software-free data encryption, the drive enables 256-bit AES-XTS encrypted NVMe storage.

As mentioned in the design section, the enclosure is milled from aircraft-grade 6061 aluminium and is sealed with tamper-resistant security fasteners. The drive itself is cemented in place with hardened epoxy resin, meaning that even if someone tries a brute force attack to break into the drive, it is highly likely that the SSD will be destroyed in the process.

Another big feature of this secure drive, as with many other top-rated secure drives, is the polymer-coated, wear-resistant, onboard membrane hybrid keypad. This approach to security is highly effective as it stops all basic hardware and software keylogging techniques to capture passwords, essentially because it excludes the host system (your computer) from the authentication process.

All security for the drive is configured using the keypad. While this process can feel a little fiddly and requires the manual to show you the step-by-step set-up instructions, it does enable you to have a good range of options. Most notably, you can set up separate admin and user PINs. This is ideal for business use, as the admin PIN ensures you retain full access and control, preventing users from locking you out of the drive.

The admin PIN also enables the ability to create data recovery PINs, which can be used in the case of someone forgetting their user PIN. Additionally, the drive offers two read-only modes, enabling users to access the data without being able to alter it.

Another useful feature is the ability for the admin to set programmable PIN lengths, ranging from 7 to 16 characters; this prevents the use of overly simple PINs such as 1. There's also a brute force defence mechanism, which ensures that if a pin is entered incorrectly a pre-set number of times (minimum 4, maximum 20), the drive will trigger a crypto-erase, securely wiping all data on the drive.

Alongside these advanced features, the drive includes standard secure drive options, such as lock override, drive reset features, and self-destruct PINS. These are particularly useful in business settings, allowing admins to completely reset the drive and reconfigure it for different users depending on the use.

Apricorn Aegis NVX: Performance

(Image credit: Alastair Jennings)

Like almost all high-end secure portable hard drives, the initial setup is relatively straightforward but does require that you have the manual open and follow the instructions carefully. To get started with the Aegis NVX, you simply plug the drive in via the USB Type-C port into your computer. Once done, absolutely nothing will happen other than the locked padlock icon illuminating red. This indicates that power is going to the drive, but the drive itself is not yet being accessed. When you check your computer’s system settings and look for drives, you will see that it hasn’t mounted or been recognised. At this point, the USB Type-C cable is purely delivering power with no data transfer whatsoever.

To start using the drive, you need to set up an initial pin. To do this, hold down the number nine and the green lock button, then enter your desired PIN code. Confirm it by pressing the green button again, re-enter the PIN, and press the green button once more. Each time you perform these steps, the three lights across the top will flash red, green, or blue—or show a combination of blinks and solid lights—to indicate whether the commands have been recognised. Once the initial pin has been entered, you can unplug the drive, connect it to another machine, and it will be ready to use. When plugged into a new machine, the drive will not be recognised until you enter the PIN and press the green lock button, after which the drive will unlock and mount, ready for use.

This initial PIN that you set up acts as the admin PIN. Through this admin account, you can set up additional PINs for other users. This allows others to access the drive, but only with permissions that you define, and those users will not be able to change settings or lock out the admin. This is particularly useful for businesses where secure drives need to be distributed to team members for use on-site.

Additionally, the drive enables you to set up a read-only mode using the keypad. Setting the read-only mode and accessing the drive as a user enables you to view the contents of the drive but not modify or add files, which is useful for situations such as on-site presentations where the content must remain unchanged.

The drive also includes a series of more advanced protection features; for example, in the event of a brute force attack, you can configure the drive to trigger a crypto-erase after a set number of failed attempts (minimum 4, maximum 20). This process securely wipes all data from the drive. While these features are straightforward to set up, the manual is essential for understanding the required keypress combinations.

In terms of security, the Aegis NVX is well above most competitors. The milled aluminium casing gives it one of the most robust builds of any portable hard drive we’ve tested. Additionally, the hardware encryption ensures that host devices cannot attempt unauthorised access. Unless the correct PIN is physically entered on the keypad, both brute force and software attempts to access the drive are nearly impossible. In our testing, the drive exceeded durability expectations and kept the data inaccessible despite both physical and software access attempts.

Keeping your data safe from brute force and software attacks is crucial, but it’s equally important that the drive is physically durable for use in the field. The Aegis NVX is IP68-certified, meaning it can withstand being submerged in 1 meter of water for up to 30 minutes, and putting it on par with many of the best rugged hard drives we've reviewed. In our testing, the drive was dropped into puddles, thrown, and subjected to far more abuse than we’d usually subject a portable hard drive to. While the aluminium casing showed some scratches and wear, the drive continued to work perfectly once dried and reconnected to a computer.

One final point about the drive’s performance is its flexibility. Whether your company works on Mac, PC, or Linux systems, you can reformat the internal SSD to the file system you need. Since the drive’s encryption is handled entirely through hardware and not tied to the SSD or host machine, the admin account can reformat the drive for use just like any other SSD. By default, the drive is formatted in NTFS, but it can easily be reformatted to APFS, exFAT, or another format as required. In our testing, we used the macOS APFS file system and NTFS with Windows 11 Pro.

Benchmarks

CrystalDiskMark: read: 1054.60MB/s Write: 998.79MB/s
AJA: read: 936MB/s Write: 894MB/s
ATTO: read: 1006.36MB/s Write: 873.13MB/s
AS SSD: read: 898.53MB/s Write: 873.13MB/s

  • Performance: 4.5/5
Should you buy the Aegis NVX?

Essentially, this is an ultra-rugged, fast, secure portable hard drive that is ideal for anyone who needs to keep their data safe. Whether for personal accounts and documents at home or for businesses of any size, it offers a great option. One standout feature of this secure drive is its small size and robust build, with that IP68 certification that takes it beyond most other secure drives.

In addition to its hardware encryption, the fact that you can easily set up both admin and user access is a great feature for businesses. This allows users to either read and write or just read the contents of the drive, which can be exceptionally useful. The brute force crypto-erase feature further enhances the drive’s usability and security and just helps to give you reassurance that your data will stay safe if the drive is lost or stolen.

As a standalone secure drive, the Aegis NVX is a great choice for companies, businesses, as well as individuals. While it has a large feature set, there are some capabilities found in other secure drives that the Aegis NVX lacks, such as online connectivity, remote monitoring, and login limits. These features enable drives to be deleted or tracked by the owner, even if stolen or accessed by an unauthorised user. However, as an isolated, standalone, secure drive, the Aegis NVX is as good as it gets, with virtually no way for anyone to break into its tough exterior or its highly advanced hardware-based 256-bit AES-XTS encryption.

(Image credit: Alastair Jennings) Buy it if...

You need an ultra-compact secure drive

The milled aluminium case, integrated cable, and neat design ensure that, despite the large capacity, this secure portable hard drive remains one of the most portable on the market.

You need security and speed

There are plenty of hardware-encrypted, secure, portable hard drives out there, but few come close to the high speed of the internal SSD featured in the Aegis NVX.

Don't buy it if...

You need remote monitoring

If your drive is stolen, you can be confident that nobody will gain access. However, some other manufacturers also offer online monitoring, allowing stolen drives to be tracked or erased when connected to an online computer.

You only have a small budget

There’s no doubt this is one of the most secure portable hard drives on the market, but that security comes at a high cost. If you’re on a budget, it might be better to consider a slightly cheaper hardware solution or, failing that, a software-based option.

For more on-the-go storage, we reviewed the best portable SSDs.

Categories: Reviews

Pages

Subscribe to The Vortex aggregator