Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Latest News

Anthropic Introduces Claude Opus 4.5 With Lower Pricing, Stronger Coding Abilities, and Expanded Automation Features

  Anthropic has unveiled Claude Opus 4.5, a new flagship model positioned as the company’s most capable system to date. The launch marks a d...

All the recent news you need to know
DOE
AI Advancements AI cybersecurity AI Models AI Systems AI technology critical infrastructures Cyber Security DOE

Genesis Mission Launches as US Builds Closed-Loop AI System Linking National Laboratories

 

The United States has announced a major federal scientific initiative known as the Genesis Mission, framed by the administration as a transformational leap forward in how national research will be conducted. Revealed on November 24, 2025, the mission is described by the White House as the most ambitious federal science effort since the Manhattan Project. The accompanying executive order tasks the Department of Energy with creating an interconnected “closed-loop AI experimentation platform” that will join the nation’s supercomputers, 17 national laboratories, and decades of research datasets into one integrated system. 

Federal statements position the initiative as a way to speed scientific breakthroughs in areas such as quantum engineering, fusion, advanced semiconductors, biotechnology, and critical materials. DOE has called the system “the most complex scientific instrument ever built,” describing it as a mechanism designed to double research productivity by linking experiment automation, data processing, and AI models into a single continuous pipeline. The executive order requires DOE to progress rapidly, outlining milestones across the next nine months that include cataloging datasets, mapping computing capacity, and demonstrating early functionality for at least one scientific challenge. 

The Genesis Mission will not operate solely as a federal project. DOE’s launch materials confirm that the platform is being developed alongside a broad coalition of private, academic, nonprofit, cloud, and industrial partners. The roster includes major technology companies such as Microsoft, Google, OpenAI for Government, NVIDIA, AWS, Anthropic, Dell Technologies, IBM, and HPE, alongside aerospace companies, semiconductor firms, and energy providers. Their involvement signals that Genesis is designed not only to modernize public research, but also to serve as part of a broader industrial and national capability. 

However, key details remain unclear. The administration has not provided a cost estimate, funding breakdown, or explanation of how platform access will be structured. Major news organizations have already noted that the order contains no explicit budget allocation, meaning future appropriations or resource repurposing will determine implementation. This absence has sparked debate across the AI research community, particularly among smaller labs and industry observers who worry that the platform could indirectly benefit large frontier-model developers facing high computational costs. 

The order also lays the groundwork for standardized intellectual-property agreements, data governance rules, commercialization pathways, and security requirements—signaling a tightly controlled environment rather than an open-access scientific commons. Certain community reactions highlight how the initiative could reshape debates around open-source AI, public research access, and the balance of federal and private influence in high-performance computing. While its long-term shape is not yet clear, the Genesis Mission marks a pivotal shift in how the United States intends to organize, govern, and accelerate scientific advancement using artificial intelligence and national infrastructure.
Read more »
Ransomware attack
Adidas Data Breach Fulgar H&M RansomHouse Ransomware attack

RansomHouse Ransomware Hits Fulgar, Key Supplier to H&M and Adidas

 

Fulgar, a major supplier of synthetic yarns to global fashion brands such as H&M, Adidas, Wolford, and Calzedonia, has confirmed it suffered a ransomware attack linked to the notorious RansomHouse group. The attack, which was first noted on RansomHouse’s leak site on November 12, involved the publication of encrypted internal data stolen since October 31. 

Screenshots shared on the leak site displayed sensitive company documents, spreadsheets, communications, and financial records—including bank balances, invoices, and exchanges with external parties. These leaks present a significant risk for targeted phishing attacks, as attackers now possess insider information that can be leveraged to deceive staff and partners.

Fulgar, established in the late 1970s, is one of Europe’s largest spinning mills, producing polyamide 66 and covered elastomers used in hosiery, lingerie, activewear, and technical textiles. The company distributes key brands like Lycra and Elaspan and operates across Italy, Sri Lanka, and Turkey. Its client list includes several of the world’s most recognized fashion retailers. The breach highlights how even large suppliers are vulnerable to cyber threats, especially when a single ransomware group gains access to internal systems.

The RansomHouse group, active since 2021, has claimed more than one hundred victims and is known for encrypting data and demanding ransom payments. US cyber authorities have previously connected the group to Iranian affiliates, who provide encryption support in exchange for a share of the ransom proceeds.

In Fulgar’s case, the attackers issued a direct warning to management: “Dear management of Fulgar S.p.A., we are sure that you are not interested in your confidential data being leaked or sold to a third party. We highly advise you to start resolving that situation.” This underscores the urgency for organizations to respond swiftly to ransomware incidents and mitigate potential reputational and financial damage.

The breach is a stark reminder of the cascading risks posed by compromised supplier networks. Sensitive records exposed in such incidents can fuel targeted identity theft and social engineering attacks, increasing threats for employees and business partners. Experts advise that organizations implement robust cybersecurity measures, including the use of strong antivirus software and properly configured firewalls, to reduce the risk of follow-up intrusions. 

However, even with these precautions, leaked internal documents can still be used to craft highly persuasive phishing campaigns, posing broader risks across manufacturing and supply chain sectors. Overall, the Fulgar breach illustrates the escalating sophistication of ransomware attacks and the critical need for vigilance among global suppliers and their clients to protect sensitive data and prevent further compromise.
Read more »
vehicle security
Automotive Cybersecurity Car Theft Devices Crime Prevention Cyber Attacks Cybercrime Tools Digital Interference Keyless Theft Relay Attacks Signal Hacking vehicle security

Surge in £20k Keyless Car Theft Gadgets Sparks Security Concerns

 


The automotive and security industries have become increasingly aware of the fact that criminals are increasingly using advanced signal-manipulation devices capable of stealing keyless car fobs without entering the property or obtaining the owner's fob, a development that has intensified concerns across the whole industry. 

A variety of specialist tools aimed at copying or amplifying the wireless signal of a key in order to fool a vehicle into believing that an authorized user is nearby have rapidly found their way into organised criminal networks. 

In the report published by the BBC recently, it is noted that some of these devices are openly available for purchase online for sums exceeding a million pounds, which proves both how sophisticated the technology is and how big the illegal market for these devices is. As a result of the increasing accessibility of such equipment, owners of high value, keyless entry vehicles, as well as fleet operators, are more likely to experience targeted thefts.

Despite forthcoming legislation aimed at tightening up controls on who is permitted to possess or operate these devices, security analysts advise that there are already many criminal groups who have gained access to the tools and circulate them throughout their networks. As regulatory changes approach, the threat is largely undiminished. 

Clearly, the proliferation of £20,000 keyless theft devices signals a deeper shift in the methods used to commit vehicle thefts. Using a technology that exploits the vulnerabilities of wireless communication systems that allow cars to start without using a physical key, criminals are able to capture and amplify signals from key fobs, allowing them to unlock and drive away their vehicles with as little effort as possible. 

A key advantage of these machines is that there is only a very low amount of human intervention involved, making them an attractive choice for organised groups seeking efficiency and reducing risk. It is not currently illegal to own such equipment, so an abundance of it remains available online, leaving law enforcement only responding to thefts when the crime occurs rather than curbing its availability at the beginning.

A report by experts cites that this imbalance effectively shifts the constraint on crime prevention to a new location: traditional defenses designed to prevent forced entry or hot-wiring do not provide resistance to remote signal manipulation attacks that are executed by criminals. Instead, the primary challenge is to regulate, restrict, and intercept the tools themselves before criminals are able to take advantage of them. 

Technology-enabled offences are experiencing a broader trend, as automation and remote capabilities are weakening frontline security measures, making authorities more inclined to target upstream supply chains and to intervene legislatively. 

Despite the government's intention to ban such devices, enforcement will continue to trail behind a fast-growing, demand-driven black market unless decisive action is taken at a policy level. There has been an increasing awareness among law enforcement officials and the auto industry of the extent and sophistication of the problem they face. 

Approximately 100,000 vehicles have been stolen over the past year, according to figures from the Office for National Statistics. Insurance companies report that keyless cars now account for 60% to 70% of thefts. A number of people have been exploited through signal-manipulating devices, despite the fact that it is unclear just how many of these devices have been used.

According to evidence gathered by the BBC, these devices range from everyday Bluetooth speakers to military-grade equipment that can block tracking systems after a vehicle has been stolen. Security specialists warn that such tools do not serve any legitimate purpose outside of criminal activity and are now an integral part of a shift away from opportunistic theft into highly organised theft.

The analyst for Thatcham Research, Richard Billyeald, points out that gangs are now stealing to order, recouping their investment by targeting multiple vehicles each week and recouping their investment. According to investigators, the equipment is constantly passed through groups, thereby making it difficult to curb the crime and allowing the networks to operate across state and national borders. 

Criminals often steal from victims in residential areas, intercepting signals quietly as they move through residential areas. Many victims describe thefts that took place in mere minutes. Despite the fact that keyless entry is a convenient feature for motorists, it has also been found to be a lucrative avenue for relay theft as offenders adapt to more advanced vehicle technology, according to industry groups.

It is hoped that the government's Crime and Policing Bill will fill this gap by making possession or distribution of these devices a criminal offence carrying a five-year prison sentence, a substantial shift from previous rules whereby police needed to prove that the equipment was used in a specific crime in order to obtain the warrant. 

Despite keyless technology becoming increasingly prevalent, analysts claim that there is still a structural weakness in current security practices that makes traditional alarms and physical locks less effective against signal-based attacks that are relying on radio signals. Legislative action in this context is just as crucial as technical upgrades; experts have stated that, in other sectors, tighter bans on digital signal interception tools have decreased their circulation and have affected the reach of criminal groups operationally to a great extent. 

The authors state that a similar approach is critical to the automotive industry, where one of the biggest challenges now is not merely to improve vehicle hardware, but also to close the loopholes that allow such devices to be purchased and shared easily rather than to enhance them. There is no doubt that this situation reflects a broader pattern of cybersecurity attacks where adversaries exploit overlooked vulnerabilities to gain disproportionate leverage. 

As a result, authorities have been forced to shift away from addressing incidents to limiting access to the tools themselves that enable the attack. With the criminalization of possessions and distributions of keyless theft devices, the government is attempting to rebalance that leverage by focusing on the upstream supply chains that facilitate high-volume thefts, preventing the spread of these technologies to the public. 

In order to combat technologically driven crime at its source, it is increasingly being seen as essential to implement a multilayered strategy that combines strengthened digital protections with firm legal boundaries. 

Despite the upcoming full enforcement of new laws, experts warn that long-term progress will require coordinated actions between manufacturers, legislators, insurers, and consumers as the industry awaits the full implementation of new legislation. In order to narrow the window of criminal opportunity, it is seen as essential to strengthen encryption standards, to improve tracker resilience, and to accelerate over-the-air security updates. 

Meanwhile, insurance companies and the police emphasize the importance of community reporting, secure parking habits, and signal-blocking storage of key fobs. Although legislation may be able to restrict access to illicit devices to some extent, the extent to which the UK will be able to combat this ever-evolving threat will ultimately depend upon sustained investment in smarter vehicle design as well as public awareness.
Read more »
Ransomware
Akira Cyber Security Data Extortion Ransomware

Akira Ramps up Ransomware Activity With New Variant And More Aggressive Intrusion Methods

 


Akira, one of the most active ransomware operations this year, has expanded its capabilities and increased the scale of its attacks, according to new threat intelligence shared by global security agencies. The group’s operators have upgraded their ransomware toolkit, continued to target a broad range of sectors, and sharply increased the financial impact of their attacks.

Data collected from public extortion portals shows that by the end of September 2025 the group had claimed roughly 244.17 million dollars in ransom proceeds. Analysts note that this figure represents a steep rise compared to estimates released in early 2024. Current tracking data places Akira second in overall activity among hundreds of monitored ransomware groups, with more than 620 victim organisations listed this year.

The growing number of incidents has prompted an updated joint advisory from international cyber authorities. The latest report outlines newly observed techniques, warns of the group’s expanded targeting, and urges all organisations to review their defensive posture.

Researchers confirm that Akira has introduced a new ransomware strain, commonly referenced as Akira v2. This version is designed to encrypt files at higher speeds and make data recovery significantly harder. Systems affected by the new variant often show one of several extensions, which include akira, powerranges, akiranew, and aki. Victims typically find ransom instructions stored as text files in both the main system directory and user folders.

Investigations show that Akira actors gain entry through several familiar but effective routes. These include exploiting security gaps in edge devices and backup servers, taking advantage of authentication bypass and scripting flaws, and using buffer overflow vulnerabilities to run malicious code. Stolen or brute forced credentials remain a common factor, especially when multi factor authentication is disabled.

Once inside a network, the attackers quickly establish long-term access. They generate new domain accounts, including administrative profiles, and have repeatedly created an account named itadm during intrusions. The group also uses legitimate system tools to explore networks and identify sensitive assets. This includes commands used for domain discovery and open-source frameworks designed for remote execution. In many cases, the attackers uninstall endpoint detection products, change firewall rules, and disable antivirus tools to remain unnoticed.

The group has also expanded its focus to virtual and cloud based environments. Security teams recently observed the encryption of virtual machine disk files on Nutanix AHV, in addition to previous activity on VMware ESXi and Hyper-V platforms. In one incident, operators temporarily powered down a domain controller to copy protected virtual disk files and load them onto a new virtual machine, allowing them to access privileged credentials.

Command and control activity is often routed through encrypted tunnels, and recent intrusions show the use of tunnelling services to mask traffic. Authorities warn that data theft can occur within hours of initial access.

Security agencies stress that the most effective defence remains prompt patching of known exploited vulnerabilities, enforcing multi factor authentication on all remote services, monitoring for unusual account creation, and ensuring that backup systems are fully secured and tested.



Read more »
UK ransomware payment ban
Cyber Attacks cyber resilience ransomware attacks ransomware statistics 2025 UK ransomware payment ban

UK’s Proposed Ransomware Payment Ban Sparks New Debate as Attacks Surge in 2025

 

Ransomware incidents are climbing at an alarming rate, reigniting discussions around whether organizations should be allowed to pay attackers at all.

Cybercriminals are increasingly turning to ransomware to extort large sums of money from organizations desperate to protect sensitive employee and customer data. Recent findings revealed a 126% increase in ransomware incidents in Q1 2025 compared to the previous quarter, a surge that has captured global attention.

In response, the UK government has unveiled a proposal to prohibit ransomware payments, aiming to stop public bodies and Critical National Infrastructure (CNI) providers from transferring large amounts of money to cybercriminals in hopes of regaining stolen data or avoiding public embarrassment. Many experts believe this ban could eventually expand to cover every organization operating in the UK.

If the restriction becomes universal, businesses will be forced to operate in an environment where paying attackers is no longer an option. This shift would require a stronger emphasis on resilience, incident response, and rapid recovery strategies.

The debate now centers on a key question: Is banning ransomware payments a wise move? And if the ban comes into effect, how can organizations safeguard their data without relying on a ransom fund?

Many companies have long viewed ransom payments as a quick, albeit risky, solution — almost a “get out of jail free” card. They see it as a seemingly reliable way to recover stolen data without formal disclosure or regulatory reporting.

However, negotiations with criminals come with no certainty. Paying a ransom only strengthens the broader cybercrime ecosystem and incentivizes further attacks.

Yet the practice persists. Research from 2025 reveals that 41% of organizations have paid a ransom, but only 67% of those regained full access to their data. These figures highlight that companies are still funneling large budgets into ransom payments — money that could instead be invested in preventing attacks through stronger cyber infrastructure.

The UK’s proposed ban brings both advantages and disadvantages. On the positive side, organizations would no longer be pushed into negotiating with unreliable cybercriminals. Since attackers may not return the data even after receiving payment, the ban eliminates that particular risk entirely.

Additionally, many organizations prefer to quietly pay ransoms to avoid reputational damage associated with admitting an attack. This secrecy not only benefits attackers but also leaves authorities unaware of crimes being committed. A payment ban, however, would force almost all affected organizations to formally report incidents — encouraging more accurate investigations and accountability.

Supporters of the ban argue that if attackers know ransom payments are impossible, the financial incentive behind ransomware will eventually disappear. While optimistic, the UK government sees the ban as a strong step toward reducing or even eliminating ransomware threats.

But opponents highlight an undeniable concern: ransomware attacks will continue, at least in the near term. If payment is no longer an option, organizations may struggle to recover highly sensitive information — often involving customer data — and may be left without any practical alternatives, even if negotiating feels morally uncomfortable.

If the UK enforces a nationwide prohibition on ransom payments, businesses must prioritize strengthening their cyber resilience. Increasing investment in preventive strategies will be crucial.

For SMEs — many of which lack dedicated cybersecurity teams — partnering with a Managed Service Provider (MSP) is one of the simplest ways to boost security. MSPs oversee IT operations and cybersecurity defenses, allowing business leaders to focus on innovation and growth. Recent studies show that over 80% of SMEs now rely on MSPs for cybersecurity support.

Regular employee security awareness training is also essential, helping staff identify early warning signs of cyberattacks and avoid mistakes that commonly lead to ransomware infections.

Organizations should also create and routinely test a detailed incident response plan. Although often overlooked, a well-rehearsed plan is critical for minimizing the damage when an attack occurs.

With the UK considering a nationwide ban on ransom payments, companies cannot afford to wait. The most effective approach is to build strong cyber resilience now.

This includes leveraging MSP services, upgrading security tools, and establishing a clear incident response strategy. Proactive planning will lower the chances of falling victim to ransomware and ensure smoother recovery if an attack does occur.
Read more »
Victim Rescue
Cross-Border Crime Cyber Fraud Cybercrime Networks Digital Exploitation Financial Global Sanctions human trafficking Illicit Finance Scam Compounds Victim Rescue

Rising International Alarm Over Southeast Asia’s Entrenched Scam Networks

There was a sweeping move by the United States Department of the Treasury Office of Foreign Assets Control that underscored the growing global concern over transnational fraud networks. Earlier this week, the Office of Foreign Assets Control imposed sanctions on a vast network of scam operations in Southeast Asia. 

The scams have swindled billions from unsuspecting Americans by forcing them into labour contracts and exploiting them harshly. Specifically, nine entities embedded in Shwe Kokko, Burma, are facing sanctions as part of the coordinated action against them, including one entity located in a region long associated with high-yield virtual currency fraud schemes operating under the banner of the OFAC-designated Karen National Army, as well as ten others based in Cambodia. 

Congressional aides characterized the crackdown as both a national security imperative and a humanitarian necessity, as the criminal enterprises are not only destroying U.S. consumers but also enslaving thousands in conditions that are similar to modern slavery. 

John K. Hurley, the Under Secretary for Terrorism and Financial Intelligence, stated that losses attributed to Southeast Asian scam networks surpassed $10 billion in 2024 alone, which prompted the Treasury, under the direction of President Trump and Secretary Bessent, to use every available enforcement tool to counter organised financial crime and protect the American public against its repercussions. 

Southeast Asia's regional governments, as well as major corporations, are increasingly being scrutinised by the international community as attention intensifies on the region's entrenched scam compounds, where trafficked and coerced workers are being forced to engage in elaborate fraud schemes against wealthier economies such as Singapore and Hong Kong, with the ultimate goal of exploiting those workers. 

There was a sharp increase in pressure in October, when the United States and the United Kingdom imposed coordinated sanctions against individuals and entities linked to Cambodia's Prince Group, alleging extensive cybercrime. Singapore immediately responded by seizing assets linked to the conglomerate valued at $115 million, despite the group's public and unequivocal denial of wrongdoing. 

It has been equally clear that the regional fallout has been equally stark. After one Korean tourist was found murdered near a scam facility, South Korea launched an emergency operation to recover its abducted citizens in Cambodia. As well, Vorapak Tanyawong, Thailand's Deputy Finance Minister, stepped down only a few months into his tenure amid accusations that he was involved in Cambodian scam networks—accusations that he strongly denied. 

During the week of Thursday, the United States deepened its involvement in the Southeast Asian cybercrime network by launching a dedicated Strike Force in the Scam Centre, an initiative aimed at pursuing cybercriminal networks throughout the region. Despite the rapid evolution of the crisis, United States Attorney for the District of Columbia Jeanine Pirro characterised it both as a national security and a homeland security concern, emphasising how rapidly it has escalated. 

It was Wang Xing's disappearance in Thailand that first brought the issue to the public's attention in the year. Wang was later discovered to have been trafficked into a scam compound in Myanmar, a case that sparked a worldwide discussion about the hidden machinery of these syndicates. This is not the only case of one of these gangs. 

UN estimates indicate that hundreds of thousands of people remain imprisoned in such facilities around the world, often being enticed by fraudulent job postings which are posted on major social media platforms such as Twitter. 

According to Jacob Sims, a fellow at Harvard University’s Asia Centre who studies cross-border crime, these sites are heavily fortified complexes reminiscent of internal prison camps. In the presence of violence, torture, and death, victims are coerced into large-scale fraud by imposing barbed wire turned inward, watchtowers, and metal bars on their windows. 

It is most apparent that these operations are most deeply embedded in the borderlands of Cambodia, Laos, and Myanmar, where the state authority is fragmented and criminal groups exercise practical control over the territory. It is widely acknowledged by governments and experts that progress is fragile, despite intensified international crackdowns. 

Dismantling one compound often reveals a new compound just beyond reach, demonstrating the persistence and adaptability of the networks responsible for their operations. Increasing enforcement efforts by governments and strengthening international cooperation have been discussed over the past few years, but experts argue that lasting progress will depend on stronger border governance, sustained diplomatic pressure, and more aggressive regulations to combat the digital recruitment channels that fuel these networks. 

Analysts also emphasise the need for expanded victim-rescue initiatives and coordinated financial intelligence sharing in order to disrupt the money flow that keeps these syndicates going. The recent actions have been hailed as a success, but officials are cautioning that a sustained, multi-national effort will be necessary to halt the growth of scam empires in Southeast Asia, which are able to regenerate and persist only over time.
Read more »
Subscribe to: Comments (Atom)

Featured