Archive for October 24, 2025

GM Is Planning To Ditch Android Auto And Apple CarPlay In ALL Their Vehicles And Not Just EVs….. WTF?

Posted in Commentary with tags on October 24, 2025 by itnerd

Well, I guess that GM vehicles will be off my list when it is time to buy my next time. I say that because I just read this article from The Verge where GM is going to phase out Android Auto and Apple CarPlay in ALL of their vehicles. You might recall that GM started doing this in their EVs some time ago. And that was met with a fair amount of backlash. But clearly that backlash has not deterred them.

Here’s what was said by GM’s CEO Mary Barra:

Let me ask you the second part of that question again, because, again, we’re talking so much about the future, and I understand the argument about the future you’re making, but you still have the smartphone projection in the gas cars. Why is it still in the gas cars?

A lot of it depends on when you do an update to that vehicle. When you look at the fact that we have over 40 models across our portfolio, you don’t just do this and they all update. As we move forward with each new vehicle and major new vehicle launch, I think you’re going to see us consistent on that. We made a decision to prioritize our EV vehicles during this timeframe, and as we go forward, we’ll continue across the portfolio.

So we should expect new gas cars will not have smartphone projection?

As we get to a major rollout, I think that’s the right expectation. Yes.

What GM is going to do is to use Android Automotive. Not to be confused with Android Auto. The former can be best described as a full operating system for cars that GM basically controls. And by control, I mean that they can make money off of it. The thing is, I just recently reviewed a Ford Expedition and it uses Android Automotive complete with Android Auto and Apple CarPlay. And Ford went out of their way to emphasize that while they want Ford owners to use their system, they do not want to remove choice from Ford owners. And I did press them on that and they stood firm on that, even going to the point of walking up to line to call out GM for being the opposite of Ford without actually doing so. Ford has clearly read the room and made the right call because so many people are used to Android Auto and Apple CarPlay that by removing the, Ford would risk alienating their loyal customers.

Now at the start of this article I said that GM would be off my list of vehicles to buy should I need a new car. GM isn’t reading the room here. And given how many cars they sell, this can easily come back to bite them. After all, they aren’t Tesla who can get away with not having Android Auto and Apple CarPlay in their cars. They might want to keep that in mind and reconsider their life choices accordingly.

Leave a comment »

The Business of Travel and Culture at 35,000 ft. Just Leveled Up Thanks To Qatar Airways

Posted in Commentary with tags on October 24, 2025 by itnerd

Qatar Airways has unveiled a first-of-its-kind global partnership with GRAMMY-Award winning artist, entrepreneur, and cultural visionary Swizz Beatz, founder of the prestigious art collective The Dean Collection. Together, they introduced The Qatar Airways “Creative 100,” a bold new platform celebrating and connecting the world’s most influential and inspiring creatives shaping global culture today.

The announcement took place during Art Basel Paris, where Qatar Airways serves as a Premium Partner, marking the beginning of a multi-year collaboration that unites art, travel, and innovation under one creative movement.

A global movement for creativity, each year, the “Creative 100” will spotlight 100 visionaries whose work transcends borders and inspires progress across art, design, music, fashion, sport, and technology.

The first creatives announced are: Black Coffee, the GRAMMY-Award winning South African DJ and producer; Miles Chamley-Watson, Olympic fencing champion and style innovator; Kristian Teär, CEO of Danish high-end electronics company Bang & Olufsen; Yoon Ahn, American fashion designer, co-founder of AMBUSH; Jewelry Director for Dior Homme; and Flavio Manzoni, Ferrari’s Chief Design Officer.

From the world of art, honorees include Kennedy Yanko, a sculptor known for fusing salvaged metal with paint skin, and Patrick Eugene, a visual artist whose work explores identity, culture, and the human experience.

A flagship gala will be held in Doha in February 2026 during Art Basel Doha, where the first inductees will be officially honored and the full list of the “Creative 100” revealed. Throughout the year, the initiative will activate at Art Basel’s global events in Paris, Miami, Hong Kong, and Basel, transforming Qatar Airways’ worldwide network into a cultural bridge connecting creative communities across continents.

A Transformational Partnership  This collaboration marks the first time an airline has partnered directly with a global artist and creative entrepreneur to develop a long-term cultural platform. Through this partnership, Qatar Airways and Swizz Beatz will reimagine how creativity travels, transforming global movement into cultural exchange and storytelling that inspires.

Key experiences will include:

  • Flagship galas and cultural activations hosted by Qatar Airways and The Dean Collection in Doha and at Art Basel events worldwide.
  • Collaborative projects across art, music, design, and sport that include limited-edition merchandise to creative in-flight experiences and special aircraft liveries.
  • Exclusive access for Qatar Airways Privilege Club members to attend private masterclasses, cultural events, and behind-the-scenes sessions with inductees.

A Digital Home for Global Creativity Qatar Airways will also debut a dedicated digital hub for The “Creative 100,” featuring films, interviews, podcasts, and curated city guides shaped by the voices of these global creators. The interactive platform will span six content pillars: Art & Design, Music & Performance, Fashion & Style, Film & Entertainment, Sport & Influence, and Innovation & Ideas spotlighting the people and places fueling creative progress worldwide.

Users will be able to explore a rotating map of inductees’ home cities and inspirations, along with artist profiles, imagery, short films, and personal travel stories. Exclusive Privilege Club member content will include extended interviews, masterclasses, and event invitations.

The partnership will lend its impact to the Qatar Airways passenger journey through bespoke merchandise and immersive onboard experiences. As the first expression of creativity from the Qatar Airways “Creative 100,” the two collaborative forces revealed renderings of a special-edition Formula 1® livery, celebrating the airline’s role as Global Airline Partner. An additional livery commemorating Qatar Airways’ partnership with the FIFA World Cup 2026™ will be revealed at a later stage.

Leave a comment »

Surfshark launches a privacy-first web content blocker

Posted in Commentary with tags on October 24, 2025 by itnerd

Surfshark has launched a new feature called the web content blocker that focuses on safeguarding every household when browsing online. It allows you to filter various websites based on categories provided, lock them using 2FA (Two-factor Authentication), and help protect family members from potential online threats caused by curiosity or carelessness.

Unlike traditional tracking applications, the web content blocker helps you protect family members from seeing malicious content and websites — without snooping on their browsing activity or monitoring the actual websites they visit. With this new feature, you can filter various websites by category and lock specific content across all family mobile devices.

To extend this protection to your household, install and open the Surfshark app on the device you’d like to add, log in using the same account, enable Web content blocker, and lock with 2FA if needed. Then, under the Web content blocker feature on the Surfshark website app, you can find the Your devices section, where you can select content categories and ensure a safe online environment for your loved ones.

The web content blocker is now available on Android and iOS platforms for Surfshark One or One+ plan users — more platforms are coming soon.

Additionally, Surfshark announces that its server count has surpassed 4,500. Over the years, Surfshark has continually upgraded its server network to enhance performance and reliability, and this figure reflects its growth.

Leave a comment »

Atlas browser vulnerability uncovered by researchers

Posted in Commentary with tags on October 24, 2025 by itnerd

Recently, researchers uncovered that OpenAI’s newly launched Atlas browser is vulnerable to indirect prompt injection, allowing malicious web pages to embed hidden commands that the browser’s AI agent may follow. The flaw is also observed in other AI-powered browsers like Comet and Fellou, according to Brave Software and highlights a systemic security risk where AI models treat untrusted web content as valid instructions, potentially exposing sensitive data and compromising user sessions.

You can read more about this here: Security Experts Raise Cybersecurity Warnings in OpenAI’s New ChatGPT Atlas Browser

The CTO of DryRun Security, Ken Johnson had this to say:

“In corporate environments, I would not allow Comet, Atlas, or any AI-powered browser on company devices at this time. Browser security is already difficult even for the companies that make them, and robust privacy controls require immense care. AI is new to both fronts. Granting these tools unprecedented access to personal and corporate data, combined with the inherent risks of AI systems and existing security concerns, is a time bomb.”

Many companies have restrictions on how AI can be used. If your organization hasn’t looked at this, now would be a good time to do so. Because the risk of having sensitive data leak out to the outside world is to great to ignore.

Leave a comment »

North Korean Lazarus group targets the drone sector in Europe, ESET Research discovers

Posted in Commentary with tags on October 24, 2025 by itnerd

ESET researchers have recently observed a new instance of Operation DreamJob — a campaign that ESET tracks under the umbrella of North Korea-aligned Lazarus group — in which several European companies active in the defense industry were targeted. Some of these are heavily involved in the unmanned aerial vehicle (UAV / drones) sector, suggesting that the operation may be linked to North Korea’s current efforts to scale up its drone program. The in-the-wild attacks successively targeted three companies active in the defense sector in Central and Southeastern Europe. Initial access was almost certainly achieved via social engineering. The main payload deployed to the targets was ScoringMathTea, a remote-access trojan (RAT) that offers the attackers full control over the compromised machine. The suspected primary goal of the attackers was exfiltration of proprietary information and manufacturing know-how.

In Operation DreamJob, the dominant theme of social engineering is a lucrative, but faux, job offer served with a side of malware: The target usually receives a decoy document with a job description and a trojanized PDF reader to open it. ESET Research attributes this activity with a high level of confidence to Lazarus, particularly because of its campaigns related to Operation DreamJob, and because the targeted sectors, located in Europe, align with the targets of the previous instances of Operation DreamJob (aerospace, defense, engineering).

The three targeted organizations manufacture different types of military equipment (or parts thereof), many of which are currently deployed in Ukraine as a result of European countries’ military assistance. At the time of Operation DreamJob’s observed activity, North Korean soldiers were deployed in Russia, reportedly to help Moscow repel Ukraine’s offensive in the Kursk region. It is thus possible that Operation DreamJob was interested in collecting sensitive information on some Western-made weapons systems currently employed in the Russia-Ukraine war. More generally, these entities are involved in the production of types of materiel that North Korea also manufactures domestically, and for which it might be hoping to perfect its own designs and processes. The interest in UAV-related know-how is notable, as it echoes recent media reports indicating that Pyongyang is investing heavily in domestic drone manufacturing capabilities. North Korea has relied heavily on reverse engineering and intellectual property theft to develop its domestic UAV capabilities. 

Generally, Lazarus attackers are highly active and deploy their backdoors against multiple targets. This frequent use exposes these tools and enables their detection. As a countermeasure, the group’s tools are preceded in the execution chain by a series of droppers, loaders, and simple downloaders. The attackers decided to incorporate their malicious loading routines into open-source projects available on GitHub.

The main payload, ScoringMathTea, is a complex RAT that supports around 40 commands. Its first appearance can be traced back to VirusTotal submissions from Portugal and Germany in October 2022, where its dropper posed as an Airbus-themed job offer lure. The implemented functionality is the usual required by Lazarus: manipulation of files and processes, exchanging the configuration, collecting the victim’s system info, opening a TCP connection, and executing local commands or new payloads downloaded from the C&C server. Regarding ESET telemetry, ScoringMathTea was seen in attacks against an Indian technology company in January 2023, a Polish defense company in March 2023, a British industrial automation company in October 2023, and an Italian aerospace company in September 2025. It seems that it is one of the flagship payloads for Operation DreamJob campaigns.

The group’s most significant evolution is the introduction of new libraries designed for DLL proxying and the selection of new open-source projects to trojanize for improved evasion. “For nearly three years, Lazarus has maintained a consistent modus operandi, deploying its preferred main payload, ScoringMathTea, and using similar methods to trojanize open-source applications. This predictable, yet effective, strategy delivers sufficient polymorphism to evade security detection, even if it is insufficient to mask the group’s identity and obscure the attribution process,” concludes Kálnai.

The Lazarus group (also known as HIDDEN COBRA) is an APT group linked to North Korea that has been active since at least 2009. It is responsible for high-profile incidents. The diversity, number, and eccentricity in implementation of Lazarus campaigns define this group, as well as the fact that it performs all three pillars of cybercriminal activities: cyberespionage, cybersabotage, and pursuit of financial gain.

Operation DreamJob is a codename for Lazarus campaigns that rely primarily on social engineering, specifically using fake job offers for prestigious or high-profile positions (the “dream job” lure). Targets are predominantly in the aerospace and defense sectors, followed by engineering and technology companies, and the media and entertainment sector.

For a more detailed analysis of the latest Lazarus DreamJob campaign against the UAV sector, check out the latest ESET Research blogpost “Gotta fly: Lazarus targets the UAV sector” on WeLiveSecurity.com.

Leave a comment »