Feed aggregator

You can download the iOS update to your iPhone now.

Around 30 missiles appear to have landed around Nevatim Airbase in southern Israel, although damage was limited.

(Image credit: Middlebury Institute of International Studies at Monterey)

With one in 10 potential voters being a naturalized citizen, the group has enormous political power, especially in key swing states like Pennsylvania, where nearly 80% of those Americans plan to vote.

(Image credit: Spencer Platt)

A golden trophy and pot of prize money worth more than $100,000 was hidden in a forest recently. So of course I joined in the hunt.

The Dutch National Police (Politie) has confirmed its network was breached and a threat actor accessed work-related contact details of Dutch police officers.

Officials say it is ‘highly likely a state actor is responsible’ for the attack, which saw officers' phone numbers, full names, email addresses, and some private details of the 65,000 employees leaked, but it will still investigating the ‘nature, scope, and consequences of the data leak.’

The Chair of the Netherlands Police Union has called the hack ‘a nightmare’, saying it is the priority to ‘protect data, protect colleagues’. The agency confirms police are now required to use two-factor authentication to avoid further data loss.

Continuous monitoring

It’s not clear exactly how much data was compromised, and the Politie have not yet named the state it believes is behind the attack, but have confirmed it will not do so until all the details are collected and analyzed.

“Based on the intelligence services' information, the police immediately implemented strong security measures to counter this attack. To prevent making the perpetrators more aware and to not jeopardize further investigation, no more information can be shared at this time.” the Politie confirmed in a statement.

This type of attack is becoming more common, as critical infrastructure is attacked more than ever. Since the start of the Russian invasion in Ukraine, Europe and allies of Ukraine have found themselves at the receiving end of cybercriminals looking to exfiltrate sensitive data.

Threat actors from around the world use critical infrastructure as a way to inflict maximum damage by leveraging information, installing malware, or crippling operations - leaving citizens without access to key services. It’s not yet clear what the motivations for this attack were, but it almost certainly won’t be the last of its kind.

Via BleepingComputer

More from TechRadar Pro

• Check out our pick of the best malware removal on offer
• Data breach gives hackers access to 1.7 million people’s credit card details
• Take a look at our pick of the best identity theft protection around

As technology companies continue to expand their use of artificial intelligence, the demand for energy-intensive data centers is growing rapidly.

Tech firms are searching for sustainable ways to power these operations, with a focus on reducing their environmental impact, and while nuclear energy is being viewed as an attractive option due to its ability to provide large amounts of power with minimal emissions, other solutions are emerging as well.

ECL has announced its development of TerraSite-TX1, the world’s first 1GW off-grid, hydrogen-powered AI factory data center. Located on a 600-acre site near Houston, Texas, this facility is set to provide Lambda and other AI leaders with both space and power for future projects, while maintaining zero emissions.

Up to 2GW

The first phase of TerraSite-TX1 is scheduled for completion in summer 2025, with an estimated investment of $450 million. This phase will deliver 50MW of data center capacity, focusing on cloud and AI cloud operators. The full 1GW project is expected to cost approximately $8 billion, financed by ECL and its partners.

Ken Patchett, Vice President of Data Center Infrastructure at Lambda, the facility’s first tenant, said, “The data center technology committed to by ECL is truly transformative in the industry. We believe ECL’s technology could unlock a powerful and eco-conscious foundation for AI advancement. This new infrastructure could give researchers and developers essential computational resources while drastically reducing the environmental impact of AI operations.”

ECL previously launched ECL-MV1, the first off-grid, hydrogen-powered modular data center, which boasts zero emissions, a power usage effectiveness (PUE) of 1.05, and enhanced data density per rack. When it's up and running, TerraSite-TX1 will receive hydrogen through three pipelines, minimizing the need for additional fuel transport, and its modular design will allow for future expansion up to 2GW.

The TerraSite-TX1 project arrives at a critical time for Texas, where the state’s power grid is expected to double its capacity needs by 2030 due to the expansion of data centers and AI.

“While others talk about delivering off-grid, hydrogen-powered data centers in five, ten, or 20 years, only ECL is giving the AI industry the space, power, and peace of mind they and their customers need, now,” said Yuval Bachar, co-founder and CEO of ECL. “The level of innovation that we have introduced to the market is unprecedented and will serve not only us and our customers but the entire data center industry for decades to come.”

More from TechRadar Pro

• Bill Gates backed firm constructing 'affordable' nuclear power station
• Data center demand is booming - but we don't have the power to deal with it
• Micro nuclear reactors could cost as little as $20 million and launch by 2031

Cybersecurity researchers from Gen Threat Labs have observed multiple websites distributing a piece of malware called WarmCookie disguised as updates for popular softwarre.

These websites were either built from scratch, or were legitimate once and then taken over at some point, the experts noted, but were all seen serving a fake warning to the visitors, that different components of their computer were out of date and required updating.

These were either their web browsers, Java, VMware Workstation, WebEx, or Proton VPN - and visitors that fell for the trick and accepted the download were dropped a backdoor called WarmCookie - a piece of malware that was first spotted in mid-2023.

WarmCookie backdoor

The experts have warned the malware can steal data and different files, enumerate programs via the Windows Registry, run arbitrary command execution via CMD, grab screenshots, and drop additional payloads to the target endpoints, at the operator’s will.

What’s more, WarmCookie can run DLLs from the temp folder and send back the output, and transfer and execute EXE and PowerShell files.

Fake update attacks are nothing new - in fact, they are as old as the internet itself, and revolve around tricking the visitor into thinking their computer is at risk. At its most basic level, the attack is nothing more than a popup.

The best way to defend against these attacks is to learn how most of these programs communicate with their users, and how they are updated. Most browsers update automatically, and never ask their users to download and run an executable file. Other programs usually require the user to visit the official home page and download a new installation file which, most of the time, overwrites the existing installation. Also, having an antivirus program installed helps.

Via BleepingComputer

More from TechRadar Pro

• Hackers have been spreading malware via fake Chrome updates
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now

New data has suggested Chief Information Security Officers (CISOS) in the US and Canada have seen their salaries rise to $565,000 ($426,000) on average.

The findings come from the fifth annual survey from IANS Research, which also suggests that the best way to boost your salary as a CISO is to switch jobs or issue your employer with an ultimatum.

Going this route supposedly brings a 31% increase in average compensation, while sticking it out in a job you perform well in brings an increase of just 6.3%.

Training and AI

Per the IANS report, CISO turnover has almost halved since 2022, with Nick Kakolowski, IANS’ chief research director, suggesting workers are happy to wait for stability and their companies to come through with raises or even other non-cash incentives, like equity.

He also stressed that geography plays an important role in raising this average. The survey shows that Californian CISOS are more likely to be higher paid and being granted equity. Better paid CISOs are also getting richer, with 23% of the top 10% in the role reporting a pay rise of 20%, while, of the lowest paid, two-thirds reported that their pay had risen by less than 5%, if at all.

Kakolowski also cited North Carolina’s financial services, the biotech sector, and Texas’ own growing status as a tech center. The North East is the next most lucrative place to work behind California, while Canadian CISOs earn the least.

Via The Register

More from TechRadar Pro

• We’ve also listed the best endpoint protection software right now
• Security pros are missing attacks due to an overload of pointless alerts
• We’ve also listed the best online cybersecurity course right now

“I was loath to jump into it,” Black List founder Franklin Leonard says of expanding into publishing. “It’s not a great look to be like, ‘I'm from Hollywood and I'm here to save you.’”

Microsoft Edge’s settings page is getting an overhaul in December, which the company promises will boost its performance. This overhaul is the latest in a series aimed at improving the responsiveness of the browser overall in a bid to gain more market share from Google’s rival web browser, Chrome, which continues to be the most widely-used browser by a huge margin.

The improvements revolve around migrating the to Microsoft’s new WebUI 2.0 toolkit. Microsoft describes WebUI 2.0 as “markup-first”, meaning it prioritizes technologies like HTML and CSS over more demanding tools like JavaScript. In Microsoft’s words, “Modern browser engines are very fast at rendering [page content] so long as you don’t let JavaScript get in the way.”

The problem with using JavaScript is that you have to download it before it can start working – and that can end up slowing everything down, especially, as Microsoft notes, on low-end devices.

Can Chrome be toppled?

Microsoft’s solution to this apparently “minimizes the size of [its] bundles of code, and the amount of JavaScript code that runs during the initialization path of the UI.” In plain English, this means that parts of Edge’s user interface (such as buttons and menus) should feel a lot faster and more responsive.

Microsoft has already migrated Edge’s Browser Essentials UI – which presents security information, and browser stats like memory usage – to the new system. It also migrated the Favorites part of Edge and says this has improved response time by 40%. The Browser Essentials change makes pages load 42% faster overall, and, up to 76% faster on low-end devices, such as machines without SSDs and less than 8 GB of RAM – at least, according to Microsoft.

As for Edge Settings, the changes aren’t totally under-the-hood. Microsoft has also taken the opportunity to provide “minor visual and content upgrades to improve overall usability and utility. This includes optimizing for concise wording of individual settings, simplifying the number of pages and reorganizing content, and creating a cohesive user interface.”

Any improvements to the performance of Edge is welcome, especially as despite Microsoft’s best efforts (such as installing it as default in Windows 11, and constantly badgering users to stick with it), its web browser still seriously lags behind Chrome when it comes to user numbers.

I’m sure most people would rather Microsoft try to win over new users to Edge by improving the overall web browsing experience, rather than shoving some more ads in the Start Menu.

You might also like

• Microsoft admits Windows 11 24H2 could play havoc with some online games – and it’s blocked the update for affected PCs
• Microsoft explains how Windows 11’s controversial Recall feature is now ready for release – it’s coming to Copilot+ PCs in November
• Don’t make these 5 big mistakes when using Windows 11

Despite opposition from Germany, the European Union will start imposing tariffs as high as 45 percent on Chinese-made electric vehicles. Elon Musk’s marque takes the smallest hit.

So, it's official – NordVPN is the top VPN we tested when it comes to blocking malware and phishing. The newly launched Threat Protection Pro was the winner. Yes, you'll need to pay an extra fee to use this tool, but our results clearly show that it's well worth it for your online security.

This may not come as a surprise as NordVPN recently revamped its tracker blocker offering to help users avoid falling victim to ever-growing phishing attempts and online scams. Nonetheless, we were really pleased to see Nord living up to its promises on this front.

All the best VPN services now have built-in ad, tracker, and malware-blocking tools. While the efficiency and convenience of these tools might be taken for granted by many - TechRadar's VPN reviews look to the core of the issue, and see just how much protection they give, and right now NordVPN is coming out on top.

How does NordVPN protect you against malware, phishing, and intrusive ads?

In June, NordVPN revamped its tracker blocker offering, and it now offers two tools: Threat Protection Pro and Threat Protection.

Threat Protection is what used to be called Threat Protection Lite and works as a DNS filter. This means it blocks harmful websites, trackers, and ads only on the domain level. Other VPN providers offer a similar service, including ExpressVPN and IPVanish. In all these cases, you must be connected to the VPN to benefit from these extra protections.

Threat Protection Pro promises to go even further and act more as an antivirus rather than an ad-blocker, working even without an active VPN connection. The Pro version works at the URL and Javascript levels to help you avoid tracking, phishing, scams, malware, and annoying ads. It also notifies you about potentially dangerous sites and zero-day phishing attempts before clicking on them, while blocking trackers and ads when you access a web page.

The big difference between the two versions you should keep in mind is availability. Threat Protection Pro is exclusive for Plus, Complete, Ultimate, and Ultra subscribers on Windows and macOS only. While, Threat Protection is available to all NordVPN customers using Android, iOS, Linux, Windows, macOS, and browser extensions.

This is how Threat Protection Pro looks on NordVPN macOS app. (Image credit: Future) How good is NordVPN blocking malware, phishing, and intrusive ads?

In August, NordVPN became the first VPN provider to rank among the top tools for avoiding online shopping scams. Its anti-phishing protection, Threat Protection Pro, was certified as the third-best tool out of 35 by the top independent lab AV-Comparatives.

Nonetheless, we decided to run our own tests and attempted to open 100 brand-new malicious URLs from anti-phishing experts OpenPhish. The results were very positive, with Threat Protection Pro blocking 87% of our sample threats. Only Bitdefender was fractionally better, blocking 89% of URLs in its own tests. Surfshark antivirus did really well, too, blocking 94% of phishing sites – but it's a standalone product rather than a VPN feature as is the case for Nord.

Something even more important: "NordVPN Threat Protection Pro was the only one showing any real impact against new phishing sites," said TechRadar Lead Security Reviewer, Mike Williams. Most DNS-level blockers could only catch them when they were over a week old, in fact. This is crucial considering that phishing sites don't generally last long, meaning most are new and may not last long enough to be picked up by other providers.

NordVPN was also the best against malware, dominating the results with 79% of malware threats blocked. Both Threat Protection and Threat Protection Pro were very efficient in blocking ads (84%), too, but the winner of this category was ExpressVPN instead with a brilliant result of 90% blocked ads.

(Image credit: Future)

Phishing attacks, malvertising incidents, and similar online scams are on the rise everywhere. As per NordVPN data, Threat Protection Pro reportedly blocked over 5 billion intrusive ads, almost 40 billion trackers, and 60 million malware infection attempts in May alone. People in the UK were the most affected amounting to over 18 million incidents since the beginning of the year. This is an average of 97 malware-related incidents per device per month, compared to the US median of 89 monthly attempts.

During the research period (January 1 and May 31), criminals heavily impersonated popular brands to trick victims into clicking phishing links and downloading infected files. Malicious Office365 (86K impersonated URLs discovered), Gazprom (60K), AT&T (28K), Facebook (19K), and Bet365 (15K) were the most used big names to spread malware.

You'll need to pay an extra fee, but our results clearly show it's worth it for your online security

What all these types of cyberattacks have in common is tricking people into clicking on malicious links through which criminals can inject malware software into their devices. Cybercriminals are increasingly executing well-crafted scams thanks to AI-powered tools, so it's very difficult now to spot red flags even for experts.

All this shows the growing need for tools like NordVPN Threat Protection Pro. Given how crucial it is to stay more anonymous online, a VPN (virtual private network) alone isn't enough to fight back all the modern threats you may face when you browse the web. This is exactly why many providers include a built-in blocking tool. Yet, not many can offer – as Nord Threat Protection Pro does – antivirus-like protection without having to download additional software.

As we mentioned earlier, Threat Protection Pro is no longer a basic feature, as you need to upgrade to a more expensive plan to benefit from its protection. If you are after only antivirus protection and don't want to put your hands in your wallet, I recommend checking out Avast Free. Remember, though, doing this means you won't have VPN protection.

Most of the backup software we review are paid products – at best, they offer a free version with fewer features – but that’s not the case with UrBackup.

UrBackup is free backup software, open-source and with a client/server backup system, that works in the background while your PC is motoring through other tasks, so you won’t even notice it.

It has a very minimal footprint on your PC because much of the management is handled by a web interface, and it works on a host of alternative platforms too.

We've also highlighted the best disk cloning software right now.

Urbackup: Plans and pricing

Urbackup is open source, meaning that it’s functionally free as long as you adhere to its terms and conditions in both personal and commercial settings, so it could be a viable option if you want basic small business backup without having to pay.

It’s not just for Windows, either. The client application works on MacOS and a variety of Linux systems, and on the server side, it supports Windows, Debian, Ubuntu, RedHat, several other Linux versions and systems like FreeNAS, QNAP NAS and other NAS systems.

(Image credit: Urbackup) Features

UrBackup uses image and file backups to deliver fast, unintrusive, complete file preservation in the background while your system runs. It also keeps a continuous watch on folders and systems to ensure faster incremental backups, so you don’t have to make a fresh start each time you want to preserve files or folders.

File backup, management, and restoration are possible through the web interface, and backups can be configured, started, restored and logged using the small client installed on your home system.

Because this app largely uses a web interface, it’s mostly designed for web and NAS-based backups rather than local backups.

Restoration is also possible if you download a version of UrBackup that can be used to create a bootable USB stick – handy if you need to restore a system that has encountered technical difficulties and so won’t boot.

Backups can be made to the standard Microsoft VHD format or as a file-by-file replication, and the same files on different computers are only saved once – a handy move to preserve space.

The app’s logging and reporting options are extensive, and you can send backups anywhere, from local destinations and external hard disks to network and NAS-connected locations.

It’s certainly ideal if you want a simple and lightweight app to send backups to network and NAS locations, and UrBackup’s open-source status is a boon for people on a budget or those who want to use Linux distributions.

Delve into the options in the web interface and plenty of customisation is available. You can restrict the maximum number of backups and how much bandwidth is used, tweak permissions, back up mail servers, view extensive logs and monitor the status of your various backup locations.

This free app is missing many features compared to commercial backup apps, though. You’ll find more encryption and scheduling options elsewhere and a more comprehensive range of cloud options on many other tools. Many other backup apps also have additional modules for verifying backups, cleaning up and wiping files and other sundry computing tasks.

(Image credit: Urbackup) Interface and use

UrBackup is a free and focused app with a narrow remit, which is fine if you just need core backup functionality without an intrusive app.

It’s pretty quick to get started, too. Download the Server app, configure the network location where your backup will be stored, specify what you want to back up and let the app work.

Anyone who uses this tool, though, does need to have plenty of computing experience to get the most out of it. The tiny downloadable client is easily navigable for experienced users, but it makes nothing easy for beginners and is quite basic.

The web interface is similarly complicated, but it is packed with options – dozens, if not hundreds, that allow you to tweak virtually every aspect of your backup regime.

As before, though, you’ll need to be a pretty experienced PC or Linux user to get the most out of this app, even if there’s loads of potential here for creating unintrusive and personalised backup schedules and regimes.

UrBackup is certainly not the only app out there with this level of customization, and if you opt for systems from Macrium or EaseUS, or enterprise systems from Veeam or Acronis, you’ll find those options crammed into a far more accessible and understandable interface.

And because UrBackup is primarily an online tool, its performance will largely depend on your internet connection.

It took just over ten minutes to preserve our document and Excel folders and nearly twenty to handle our media and mixed file folders. Those are results that put it into the mid-table in our latest selection of backup tools, which is undoubtedly a decent result for a free piece of software.

Support

(Image credit: UrBackup)

You won’t get the support system here that you will with commercial apps that have dedicated teams.

The best option for support with UrBackup is to head to the forums – UrBackup has an active and helpful community that can help with most issues. It’s also worth checking out the developer blog to see if extra features or fixes are coming in future updates to the app.

Elsewhere, there’s an issue tracker, FAQ, online manuals, and server support, but that’s all.

Competition

Any of the big commercial options will outmatch UrBackup in te, so we’d advise you to look to faster tools from big names like Acronis Cyber Protect, EaseUS Todo Backup, and Macrium if you need any level of backup.

If you want a free product, then Uranium, FBackup, Hasleo and Cobian tools do the job without asking you to spend a penny. And if you don’t like those, even more free versions are available elsewhere.

Be aware, though, that many of those free versions – while more accessible and competent – include adverts that try to upsell you to paid products. You won’t find that in UrBackup.

Verdict

This free, open-source app is a very niche and particular bit of software – an ideal backup option for anyone experienced with networks, interfaces and navigating tricky apps or anyone who wants to support open-source software or backup on Linux.

Beyond that, though, it’s tricky to recommend this tool unless you really know what you’re doing and have security measures incorporated into your systems elsewhere. Other apps are easier to use, faster, or have more support options. There’s also no encryption built-in to UrBackup, which is a huge risk to any home or business user.

UrBackup is an admirably open-source option that will sate some people who want a low-key, low-resource “send and forget” backup tool, but it’s hard to recommend for most people beyond those technically-minded few who will be comfortable with this kind of software.

Get your pictures off your phone and in front of your friends and family with these connected displays.

CrowdStrike, a global leader in endpoint security, incident response and cybersecurity, recently deployed an update to its Falcon sensor for Microsoft Windows systems. This update, designed to enhance the detection of novel threats, inadvertently caused significant malfunctions in the Windows operating system, leading to widespread crashes and system instability.

Notably, Mac and Linux operating systems were unaffected by this issue.

What happened?

Despite concerns, it’s important to clarify that this incident was not the result of a hack, security breach, or malicious attack. Here are three key factors that led to the CrowdStrike chaos:

Faulty internal update: The problem stemmed from an internal update error rather than external tampering.

Elevated privileges: As security software, CrowdStrike Falcon has high privileges and integrates with the Microsoft Windows kernel.

Global impact: The impact was particularly severe because CrowdStrike’s software is deeply integrated into critical infrastructure across large corporations and government agencies.

This integration, while essential for detecting and neutralizing high-level threats, also meant that when the faulty update was rolled out, it led to immediate and widespread disruptions.

The impact

CrowdStrike is widely used among enterprises and state, local and federal government agencies, so the scale of the disruption was enormous. Delta Airlines, for instance, has engaged high-profile attorney David Boise as they face potential losses exceeding $300 million due to the incident. While many other organizations of similar size recovered within hours, Delta experienced prolonged operational disruptions lasting several days, sparking industry debate over whether the fault lay with CrowdStrike’s update or Delta’s recovery plan and preparedness.

This incident triggered what may be the largest technology outage on record to date, caused by a misconfiguration or bug, with estimated damages reaching into the billions — and that figure continues to climb. The fallout was massive, thousands of flights delayed or cancelled, halting reservation systems worldwide, and causing a cascade of global disruptions. At least 8.5 million computers were affected, leading to unprecedented operational chaos

It is indeed ironic that CrowdStrike, a company renowned for its expertise in incident response, found itself at the center of such a significant episode. This event underscores the complexities and challenges even the most well-regarded firms can face, as well as the recovery plans and response preparedness.

CrowdStrike’s response

In the face of this unprecedented incident, CrowdStrike responded with prompt and decisive action. The company swiftly deployed a fix to address the issue and subsequently released a statement outlining a series of commitments aimed at preventing a recurrence. While the list of actions was thorough and comprehensive, much of it aligned with existing industry-standard practices. However, CrowdStrike notably pledged to revise its update deployment processes, a critical change expected to enhance the reliability and safety of future updates.

Observations and lessons learned

The CrowdStrike outage serves as a reminder for all size organizations to review their processes and ensure steps are in place to help mitigate the impact of future incidents. Not only having a plan, but have it tested for functionality.

Among steps for action that organizations need to have set are:

1. Ensure Robust Backup and Disaster Recovery Plans: Seems simple, but it's crucial to have well-defined backup, business continuity, and disaster recovery plans in place. Equally important is the regular testing of these plans through actual walkthroughs to ensure they function effectively when needed.

2. Be Cautious with Privileged Software: Any software with privileged access to your systems can potentially cause significant disruptions. While this incident was not a security breach, it serves as a stark reminder that even security tools can introduce vulnerabilities. Security tools, like any other software, can be a source of breaches or downtime, as demonstrated by this incident with CrowdStrike.

3. Maintain Heightened Vigilance During Outages: Large-scale outages create an attractive opportunity for attackers. Amid the noise and disruption, malicious actors can easily slip in undetected and steal data. It is essential to maintain heightened security awareness during such events to prevent opportunistic exploitation.

4. Avoid Knee-Jerk Reactions: While the instinct may be to switch vendors after an incident like this, it’s important to proceed with caution. Quick, unplanned changes can lead to even bigger problems. Any transition to a new vendor should be approached as a phased project, not an overnight swap. This is especially critical for organizations handling sensitive data, such as those involved in national security.

In conclusion, the CrowdStrike incident highlights the importance of robust systems, cautious planning, and the readiness to respond to even the most unexpected challenges.

This has become a reminder that in the realm of cybersecurity, even the leaders in the field are not immune to significant disruptions, nor are they immune from causing them – but being ready for when these may happen may be the difference between swift resolution and loss of business.

We've featured the best IT Infrastructure management service.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

AI has significantly enhanced the capabilities of cybersecurity systems by enabling more sophisticated and proactive defense mechanisms. The ability of AI systems to learn from vast datasets and adapt to new threats in real-time has created a more dynamic and resilient security environment. By continuously analyzing patterns and anomalies, AI can identify potential threats more accurately and efficiently than traditional methods.  

This technological leap forward has made it possible to prevent cyber-attacks before they can cause significant damage. For example, AI-powered security solutions like Darktrace use machine learning to autonomously detect and respond to cyber threats across digital environments, stopping potential breaches in their tracks. Similarly, IBM’s Watson for Cyber Security analyses vast amounts of data and cross-references it with known threats, helping security teams quickly identify and mitigate risks. 

However, with these advancements come two major concerns. The first is the safety of AI design and coding. It is crucial to ensure that AI systems are developed with robust safety protocols to avoid errors and unintended consequences. Poorly designed AI can lead to security vulnerabilities that malicious actors could exploit. For instance, in 2020, the Clearview AI facial recognition system, which was used by law enforcement agencies, faced a massive data breach due to poor security practices, exposing sensitive information to potential misuse. Therefore, the development of AI must prioritize safety and error prevention to protect human users and systems. 

The second concern revolves around control and oversight. As AI systems become more autonomous, understanding who controls these systems and their capacity to be switched off in emergencies becomes increasingly important. The potential misuse of AI, especially in cybersecurity, poses significant risks. For instance, if an AI system were to fall into the wrong hands, it could be used for malicious purposes, such as launching cyber-attacks or manipulating information. 

These challenges underscore the need for a comprehensive approach to cybersecurity that includes AI security. The focus must extend beyond technical aspects to encompass the human impact and safety considerations. Governments worldwide have recognised the implications of AI in cybersecurity, leading to numerous AI safety summits, such as the one held at Bletchley Park in 2023. These events highlight the growing awareness and urgency to address AI’s role in cybersecurity. 

Highlighting the role of quantum computing

As we look to the future, the convergence of AI and quantum computing is set to bring about even more significant changes to the cybersecurity landscape. Quantum computing, which harnesses the principles of quantum mechanics, has the potential to process information at unprecedented speeds. Although quantum computing is still in its early stages and not yet commercially viable, this is likely to change as major corporations like IBM continue investing heavily in its development. With these advancements, quantum computing could revolutionize cybersecurity by enabling AI to analyze data and solve complex problems faster than ever before. However, even with today's advanced computing power and global networks, ensuring AI safety remains a primary concern. 

One of the most current concerns is the potential for quantum computers to render current encryption methods obsolete. This could open the door for malicious actors to decrypt sensitive data, including financial transactions, intellectual property, and national security secrets. As a result, there's a growing urgency to develop quantum-resistant cryptographic algorithms that can withstand the computational power of quantum machines. Therefore, the focus on safety and regulation must remain a priority as we navigate this new frontier. The potential impact of quantum computing on AI and cybersecurity is immense, but it also highlights the need for ongoing vigilance and adaptation. As AI systems become more powerful, the cybersecurity industry must evolve to keep pace with these developments, ensuring that robust defenses and ethical considerations are in place. 

The need for greater cohesion and maturity in the industry 

Given the rapid advancements in AI and the potential threats they pose, the cybersecurity industry must develop greater cohesion and maturity. This need extends to all aspects of cybersecurity, from online safety and the defense of critical national infrastructure to the development of offensive capabilities. To achieve this, there must be a strong partnership between governments, international regulators, and big data companies. This collaboration should prioritize the greater good over profit, ensuring that cybersecurity measures are comprehensive, effective, and aligned with ethical standards. 

The threat of cyber warfare, where AI is used as a weapon, highlights the urgent need for stronger regulations and controls. In the UK, this is particularly important as we continue to face growing cyber threats from both state and non-state actors. As AI technology advances, there is also the potential for it to reach a point where it could make decisions without human input, known as singularity. If we do not establish clear guidelines and oversight now, the misuse of AI in cybersecurity could lead to disastrous outcomes, including large-scale data breaches, infrastructure attacks, or other harmful actions. Ensuring proper regulation is crucial to protect the UK's digital infrastructure and its citizens from these evolving threats. To foster greater cohesion and maturity in the industry, stakeholders must work together to develop and enforce legislation and controls that address the unique challenges posed by AI and cyber threats. This includes creating frameworks for international cooperation and establishing norms for the ethical use of AI in cybersecurity. Events such as the National Cyber and AI Awards play a crucial role in promoting industry standards by recognizing companies and individuals who demonstrate excellence and innovation in cybersecurity and AI. Such awards not only celebrate achievements but also encourage the development of best practices and the sharing of knowledge across the industry, helping to drive progress and foster a culture of responsibility and collaboration. 

Challenges of regulating a fast-moving sector 

Regulating the rapidly evolving AI and cybersecurity industry presents several challenges, particularly given its global nature and the diverse interests of various stakeholders. Geo-political considerations often complicate efforts to establish uniform regulations, as different countries may have varying priorities and approaches to AI and cybersecurity. This lack of consensus can hinder progress and leave gaps in the global security framework. 

In addition, as we progress through the digital revolution, the absence of regulation can lead to AI being used for economic gain, political power, or as a disruptive force. For example, without proper oversight, AI could be exploited to manipulate markets, influence elections, or even launch cyber-attacks against critical infrastructure. 

Another significant challenge lies in the ethical implications of AI, particularly in areas like bioengineering, where AI is used to enhance physical and mental capabilities. As we integrate AI into our bodies and minds, the ethical considerations become even more complex. In the midst of this, it is vital to ensure that these technologies are used responsibly and do not compromise our independence or well-being. 

To address these challenges, the industry must prioritize regulation and ethical considerations alongside technological advancements. This includes fostering international cooperation to develop standards that ensure the responsible use of AI in cybersecurity. By doing so, we can mitigate the risks associated with rapid technological change and create a safer, more secure digital future. 

Looking at the future  

As we navigate the rapidly evolving landscape of AI, it is crucial to prioritize safety, regulation, and ethical considerations. By fostering greater cohesion and maturity in the industry and addressing the challenges of regulation, we can harness the full potential of AI while safeguarding against its risks. The future of cybersecurity depends on our ability to adapt and innovate responsibly, ensuring that AI serves as a force for good in the digital age.

We've featured the best IT infrastructure management service.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Britain’s nuclear regulator has fined the largest UK nuclear power facility £332,500 for "persistently" breaching security regulations which left IT systems vulnerable.

The instances occurred between 2019 and 2023, and although the Office for Nuclear Regulation (ONR) say there is no evidence the vulnerabilities were exploited, cybersecurity shortcomings left the facility exposed to potential loss of data and unauthorised access.

Sellafield’s reactor was shut down in 2003, but nuclear materials are still stored and plutonium is handled at the site, including a range of facilities for waste storage and processing.

All cleaned up

The site pleaded guilty to three criminal charges over the failings.

The shortfalls included failing to carry out annual security checks, which the company attributes to “sector-wide difficulties recruiting suitably qualified staff”. Since the ruling, Sellafield has made "significant improvements" to its systems and structures to ensure public safety.

A successful attack could have come in the form of a phishing campaign or a malicious insider which could have damaged facilities or disrupted operations. It was previously reported that Sellafield was breached by Russian and Chinese hackers, but both the site and the UK government have denied this.

"Failings were known about for a considerable length of time but despite our interventions and guidance, Sellafield failed to respond effectively, which left it vulnerable to security breaches and its systems being compromised.” said The ONR's Senior Director of Regulation Paul Fyfe.

Secretary of State for Energy, Ed Miliband previously commented on news that contractors could access the site network unsupervised as a “very concerning report about one of our most sensitive pieces of energy infrastructure”.

Whilst the regulator found no evidence of harm from the cybersecurity shortfalls, the site is said to be taking the charges "very seriously", which it says is reflected in the guilty plea.

Via BBC

More from TechRadar Pro

• Check out our pick of the best malware removal software
• This AI-powered malware has evolved to add image recognition
• Take a look at our best endpoint protection software choices

Whether you need a travel-friendly slate or something affordable for the kids, we tested every model to find the right one for every occasion.

Spooky season is here – and, to celebrate October's arrival, the world's best streaming services are primed to deliver frights aplenty over the next four weeks.

Some aren't hanging around, too, with the likes of Netflix and Max providing some early terrifying treats to stream this weekend. But, if you're not a horror aficionado, there are plenty of other less scary recommendations on this list, including the returning of two fan-favorite shows. So, whether you're ready to get your scream on or not, we're confident you'll find something worth watching over the next few days. Enjoy!

Heartstopper season 3 (Netflix)

Heartstopper has taken the world by storm and it's easy to see why. This coming-of-age story tackles all sorts of tricky themes like LGBTQ+ representation, self-discovery, mental health, and more, so it's been refreshing to see a story like this do so well.

There are some great guest stars in season 3 too, like Marvel alumnus Hayley Atwell, who plays Nick's aunt, and Bridgerton's very own Jonathan Bailey having a cameo as an author. As well as the series regulars, then, we've got some huge new names to fall in love with again in one of the best Netflix shows' latest chapter. Just make sure you've got plenty of tissues to get you through season 3 as it's another emotional one!

Lucy Buglass, senior entertainment writer

• Watch Heartstopper season 3 on Netflix

The Legend of Vox Machina season 3 (Prime Video)

It's hard to believe it's been nearly two years since The Legend of Vox Machina last graced our screens. But, with the underappreciated Prime Video R-rated animated series' third season out now on the streaming giant, I'm ready to be reunited with the titular gang of misfits as they embark on more hilariously gross and heart-poundingly dramatic adventures.

Picking up after the show's season 2 finale, the group known as Vox Machina continue their quest to end the tyrannical rule of the Chroma Conclave – aka the seemingly unkillable dragons that currently rule Emon with an iron fist. Judging by season 3's official trailer, one of the best Prime Video shows is not only going to scratch my adult animated show itch again, but have me shouting at everyone (who'll listen, anyway) that they're missing out on an utterly fantastic series. Give it a whirl, why don't you?

Tom Power, senior entertainment writer

• Watch The Legend of Vox Machina season 3 on Prime Video

Salem's Lot (Max)

Stephen King novels been adapted multiple times down the years, including Salem's Lot, which has just been remade by Max. Previously, I was thrilled to see Salem's Lot 2024 had kept one integral detail and it does look like it's staying faithful to the source material in many ways, which is always a recipe for a great adaptation. The King of Horror has also stated he's happy with the overall product but, based on its early critical reception, it seems many don't agree with them.

Anyway, this is the perfect movie to kick off your countdown to Halloween, in my opinion. Salem's Lot has everything you could want from a classic horror flick – creepy houses, even creepier vampires, and a brooding writer returning to his strange hometown. Maybe it'll be among the best horror movies you'll stream this year? I'm sure you, rather than King himself, will be the judge of that.

Lucy Buglass, senior entertainment writer

• Watch Salem's Lot on Max

It's What's Inside (Netflix)

It’s What’s Inside is one of 2024's most-anticipated new Netflix movies – and with good reason. After the buzz it gleaned following this year's Sundance Film Festival, which took place in January, Netflix forked out $17 million for the rights for this psychological horror-thriller from Greg Jardin, who's mainly known for independent films.

The neon laced trailer gives off similar vibes to A24's Bodies Bodies Bodies in that its group of young adults are in an opulent estate, before a wedding they're all due to attend, and play a game that soon gets out of hand. It sounds like a wild ride and I can't wait to get onboard to find out if it'll deserves to be included in our best Netflix movies guide.

Amelia Schwanke, senior entertainment editor

• Watch It's What's Inside on Netflix

The Franchise (Max)

Some of my favorite movies and shows are parodies. From Mars Attacks! poking fun at Independence Day, to Shaun of the Dead’s playful pun on Dawn of the Dead, I do love a comedic twist on films that take themselves a bit too seriously. Spoofs are even better, with the likes of Cabin in the Woods putting a spin on horror flicks and now The Franchise, which aims to pick apart the best superhero movies and their less esteemed genre cousins.

But, it's not just a critique on the sub-genre. The new series also takes aim at the entertainment industry, just like Extras and Episodes did before it. Looking at the trailer and what I've read of the plot, the new comedy series pokes fun at Hollywood superhero movies like the MCU and follows a filmmaking crew as they try to make the next big screen hit. It comes from the talented minds of Jon Brown (Succession), Armando Iannucci (The Death of Stalin) and Sam Mendes (Skyfall), so it has the potential to be one of the best Max shows.

Amelia Schwanke, senior entertainment editor

• Watch The Franchise on Max

Hold Your Breath (Hulu/Disney Plus)

Now I'm not a horror fan, but if it has the legendary Sarah Paulson in it, I can't help but tune in. With spooky season upon us, Hold Your Breath (out now on Hulu and Disney Plus) could be the perfect watch to gear up for Halloween, too. Paulson stars as Margaret, a mother bringing up two young daughters in 1930s Oklahoma. Haunted by the past, she descends further into madness as she becomes convinced that a mysterious presence in dust storms is threatening her family and takes desperate measures to protect them.

After seeing Paulson in Bird Box, Ratched, and Run, I have no doubt that she'll put on a terrifyingly good performance in Hold Your Breath. But, we'll have to wait and see if it makes it onto our best Hulu movies and/or best Disney Plus movies lists.

Grace Morris, entertainment writer

• Watch Hold Your Breath on Hulu (US) and Disney Plus (internationally)

Love Is Blind season 7 (Netflix)

After watching Love Is Blind UK, I can't wait to watch Love Is Blind season 7. This time, 29 singles from Washington DC are braving the pods in a bid to find ever-lasting love without ever seeing each other.

However, as emotional connection attempts to conquer physical attraction, sometimes the unusual experiment doesn't work for everyone (although there has been several marriages and two babies produced from the show), and this often leads to drama, love triangles, secrets, and heartbreak. As a reality TV fan, I can't help but love it!

Grace Morris, entertainment writer

• Watch Love is Blind season 7 on Netflix

For more streaming recommendations, read our guides on the best Disney Plus movies, best Hulu movies, best Prime Video movies, and best Apple TV Plus shows.

The Warner Bros. streamer has the horror goods.