Recently VPNMentor published a report about an alarming increase of VPN demand in Papua New Guinea after the government shut down Facebook as a “test” conducted under the country’s anti-terrorism laws.
Their research team conducted an analysis of user demand data in PNG observing a 1,900% spike during the duration of the test.
You’ll find their report here: https://www.vpnmentor.com/news/papuanewguinea-vpn-surge/
Samsung today unveiled Galaxy A36 the latest Galaxy A series smartphone. For the first time, the Galaxy A series is integrating Awesome Intelligence—including some of Galaxy’s fan-favorite AI-powered features to reimagine creativity — while bringing, as well as robust security to provide a secure mobile experience.
Awesome Intelligence is the first comprehensive mobile AI exclusively available on Galaxy A36 5G and brings users powerful, fun and easy-to-use AI tools. Powered by One UI 7, the new Awesome Intelligence features bring amazing search and visual experiences to Galaxy A series users.
A fan-favorite on Galaxy A series devices last year, Google’s enhanced Circle to Search, makes it easier than ever to search and discover from the phone’s screen. With the latest upgrades, the search feature is faster and more contextual, now recognizing phone numbers, email and URLs on the screen and helping users perform actions with a single tap. The update also introduces Song Search, which can identify music playing nearby, on the device, or even from a user’s own voice when they hum or sing. With support for multiple languages, Song Search makes it effortless to find a tune with users no longer needing to wait for that song title to finally come to them.
The Galaxy A series also takes the camera experience to a new level with creator-focused tools, starting with a powerful triple-camera system featuring a 50MP main lens on all devices and 10-bit HDR front lens recording on the Galaxy A36 5G for bright and crisp selfies.
Galaxy A36 5G bring fine-refined Object Eraser, allowing users to remove unwanted distractions from photos. Whether it’s an unexpected passerby or a distracting shadow, users can manually or automatically select objects to erase, achieving a cleaner, more polished final image with just a few taps. Moreover, Filters enables custom filter creation by extracting colors and styles from existing photos for users to apply for a unique and personalized effect depending on mood and taste. With these intelligent tools, users can refine and enhance their photos effortlessly, bringing a new level of creativity to every shot.
With a 5,000mAh battery included throughout the entire lineup, the new Galaxy A series is designed to keep up with users’ daily routines. Galaxy A36 5G support 45W charging power and Super Fast Charge 2.0 technology, delivering even faster charging[5] for extended use[6]. Galaxy A36 5G features the Snapdragon® 6 Gen 3 Mobile Platform. A larger vapor chamber in both devices helps sustain performance, ensuring smooth gameplay, video playback, and effortless multitasking.
Beyond performance, the new Galaxy A series is built to withstand life’s unpredictable moments. Galaxy A36 5G features an IP67 dust and water resistance rating for strong protection against the elements. Additionally, an advanced Corning® Glass cover material adds a layer of protection against scratches and cracks.
Thanks to the integration of One UI 7 on the Galaxy A series for the first time, Samsung is further supporting robust security. With Samsung Knox Vault, the Galaxy A series provides an extra, fortified layer of device security, transparency and user choice – ensuring sensitive data is protected. Equipped with the latest One UI 7 security and privacy features, Galaxy A series users benefit from holistic protection — including enhancements in Auto Blocker, Theft Detection, More Security Settings and other features.
Pricing & Availability
The Galaxy A36 5G will be available for purchase starting March 28th.
Pricing:
By Tim Flower, DEX Evangelist at Nexthink
Software supply chain disruptions are the biggest danger to business resiliency today. One response: moving past the traditional ‘break/fix’ model of IT Services.
The last year has seen a spate of high-profile outages that have affected thousands of companies and millions of endpoints around the world. While the events have been different in many ways, there is one underlying commonality – in each case, the root of problem is one that doesn’t get much attention: The software supply chains – i.e. all the existing component parts that underpin new software products – that enterprises and suppliers around the world rely upon, and are largely outside the control of internal IT teams.
Software supply chains are the single biggest danger to business resiliency today, with the average enterprise using nearly 1000 different apps [1] and 96% of codebases [2] featuring open source code.
All of this means that there’s no such thing as an ‘isolated incident’ anymore. Even if companies take every reasonable precaution, there is no guarantee that a mistake three steps down the line won’t cause days of unexpected downtime and millions in lost revenue. Even an unknown compatibility issue can lead to significant headaches during a large-scale deployment. Not to mention the hurdles encountered when the supplier changes versions or discontinues support.
When disaster strikes
The problem is, when – and it is when, not if – major third-party incidents occur, the vast majority of businesses lack the visibility and capabilities needed to swiftly identify and remediate such issues. This is because many IT service delivery teams are using legacy management platforms that don’t allow them to move beyond a traditional, reactionary model of handling tickets one by one when employees decide to call for help. The employees are essentially providing IT monitoring services. This creates multiple problems, including:
An evolving function
None of this is to say that IT service teams are redundant or unimportant – far from it. Even when things are going smoothly, strong service teams are worth their weight in gold, never mind when a crisis occurs. In fact, as software supply chains become ever more entangled, the need for skilled IT support experts is only going to grow.
The issue is that, all too often, businesses aren’t providing their IT support staff with the necessary capabilities to proactively identify, understand, and mitigate problems. For instance, in the event of a major third-party outage causing a cascade of endpoints experiencing the dreaded ‘Blue Screen of Death’ (BSOD), IT support teams need to be alerted to an unusual spike in system crashes in real-time, which ones are being affected, and insights about what the common root cause might be.
Armed with this information, IT support can take immediate steps to address the problem – for example by halting any application updates on other endpoints – and reduce the number of those affected by BSOD. And as endpoints are remediated, a platform providing real time visibility can provide immediate status details on which systems still need attention and which ones are back up and running.
Managing the shift effectively
The surge in third-party software issues is a key driver of the transition away from the traditional ‘break/fix’ model of IT Services and towards something more proactive, but it’s not the only motive. Factors such as a desire to improve regulatory compliance, greater demand for upskilling and training from support workers, and changing ways of working are all key reasons why the transition is gathering pace. There is also a growing awareness that the 40+ year practice of reactionary IT is no longer scalable, and actually poses a risk to business viability.
Taken together, the increased relevance of these issues demonstrates that there is a huge opportunity for IT services to take a larger and more important role in achieving core business objectives, especially as modern IT environments become ever-more complex. IT needs to be a provider of business-enabling services, and no longer a team of expensive fire fighters.
The next step is for senior leaders to champion this change by providing support staff with the necessary training and the ability to bring in new, modern capabilities that can transform IT Services from a short-term, reactionary function to one that is central to the operation and success of the entire enterprise.
Tim Flower is VP of DEX Strategy at Nexthink and the author of the Wiley book: DEX for Dummies, a Practical Guide for Organizing and Executing an Effective DEX Strategy in Any Organization.
1 2024 Connectivity Benchmark Report: Insights from over 1000 IT Leaders
SandboxAQ has announced that the National Institute of Standards and Technology (NIST) has officially selected HQC (Hamming Quasi-Cyclic) as the fifth algorithm in its suite of post-quantum cryptographic (PQC) standards. Out of these five algorithms, three will be used for signatures. The other two, HQC and ML-KEM, will be the NIST-approved algorithms that will protect the confidentiality of communications across the Internet, cellular networks, payment systems, and more.
The selection of HQC marks SandboxAQ’s second major contribution to NIST’s post-quantum standardization effort, a key step in ensuring the protection of the world’s most critical data. This landmark decision represents a significant milestone in the global transition to a robust, quantum-safe encryption future and further solidifies SandboxAQ at the forefront of cryptographic innovation.
HQC is a key encapsulation mechanism designed to secure the exchange of encryption keys in a quantum-resistant manner. Unlike traditional public-key encryption systems such as the widely-used public key cryptosystem, RSA, and elliptic-curve cryptography (ECC), which quantum computers render obsolete, HQC is built on the well-established mathematical foundation of error-correcting codes, which is not vulnerable to quantum attacks. It provides strong security guarantees while balancing performance factors such as computational efficiency and key size, which are primary considerations for large-scale real-world deployments. In NIST’s final selection report, the HQC algorithm, co-invented by SandboxAQ team members, stood out as a robust and reliable candidate for wide-scale adoption across industries, following multiple rounds of global cryptanalysis and peer review.
Prior to HQC, the SandboxAQ team also played a significant role in the development of SPHINCS+, one of the initial algorithms already selected by NIST as part of its initial set of PQC standards in 2022. With HQC now formally accepted into the standardization process, SandboxAQ has contributed to two of the five critical PQC standards for key exchanges and signatures, demonstrating deep and sustained leadership in quantum-resistant cybersecurity and ushering in a safer digital world.
SandboxAQ has a unique position to improve cryptographic postures and ensure better compliance, fewer outages, and robust cybersecurity. It produces world-class cryptographic research, internationally recognized standards, and widely adopted cryptographic innovations. Leveraging this world-leading expertise, SandboxAQ also offers an industry-leading cryptography management product, uniquely positioning it within the global cryptographic landscape. Our flagship cryptographic offering, AQtive Guard, is trained on billions of cryptographic findings meticulously structured and enriched with supplemental data by our world-class cryptography team. By cross-referencing and augmenting our customers’ inventories, we empower efficient exploration and actionable insights. Leveraging our distinctive AI approach, seamless third-party integrations, and comprehensive 360-degree coverage sensors, AQtive Guard delivers unparalleled visibility and effectiveness for the protection of enterprises and governments.
Provided by CoinLedger.io
The crypto market is rapidly growing in popularity, largely due to the emphasis Donald Trump placed on the industry during his presidential campaign.
As more and more people begin to invest in cryptocurrency, scams are becoming more prevalent. It’s estimated that individuals lost $51.3 billion (£40.6 billion) after falling victim to crypto scams in 2024.
Romance scams are becoming a point of particular concern, with the FBI estimating that there were over 40,000 victims of romance fraud in 2023.
In order to clamp down on their increasing occurrence, experts at the cryptocurrency tax software site, Coin Ledger, have created a guide on some of the warning signs of romance scams and why it’s so important to be aware of them in the crypto sphere.
What are crypto romance scams?
Romance scams begin when the scammer creates a fake profile on social media to approach the intended victim. Scammers will typically approach victims on social media sites, such as Instagram and Facebook, dating sites, and LinkedIn.
This will then be the beginning of a slow and calculated process in which the scammer maintains daily communication with the victim to win over their trust. In some cases, the talking stage of a romance scam can last several months or even years. This process has become known as ‘pig butchering,’ in which the scammer will win over the victim’s trust solely to steal their financial assets more easily.
Scammers will often be complimentary and will express a desire to find out personal information about the victim. Once enough time has passed, the scammer will then start to bring up the topic of cryptocurrency, with many scammers claiming that their family has insider trading knowledge and have made thousands through crypto investments.
The scammer will then encourage the victim to invest in a specific investment opportunity. Once the victim invests a considerable sum of digital assets into the illegitimate investment platform, the scammer will then shut the project down and will become untraceable, resulting in victims losing thousands.
Romance scammers will typically target vulnerable people, which is why the majority of victims of these scams will be older and will often have little understanding surrounding the crypto market.
The crypto market is becoming a go-to opportunity for romance scams, largely because scammers can transfer funds quickly, enabling them to disappear without the victim noticing. Unlike traditional currencies, crypto transactions are not monitored by any regulatory authorities, such as banks. This enables scammers to gain a sense of anonymity, with transactions being difficult to trace and recover.
What are the signs that you’re falling for a crypto romance scam?
Contacted out of the blue:
If you have been contacted out of the blue by an unknown account online, then it’s important not to let your guard down. Social media sites are one of the most common ways in which romance scammers will contact potential victims.
Rather than immediately engaging in conversation, take time to look through the person’s account and if it looks suspicious then block them immediately.
Suspicious social media account:
Romance scammers will often have a public account that uses other people’s images to catfish the victim. If a person’s social media account looks ‘too good to be true,’ then it often is. Scammers will typically have few followers on social media due to hastily building a fake profile, so it’s important to look out for this.
Some romance scammers will create additional fake profiles on other social media sites, such as LinkedIn, so it’s important to do your research before engaging in conversation.
Uses ‘AI-generated’ language:
Romance scammers typically operate within a wider team, which means that they often follow a script to win over the victim’s trust. If the messages sent by the individual seem rigid or unrealistic, then it’s likely to be a scam.
Are over-complimentary:
When trying to win over a victim’s trust, scammers will typically use over-complimentary language and will frequently use phrases such as ‘honey’ and ‘baby’ in conversation.
This type of language is intended to trick the victim into forming an emotional connection, which will then make it easier for scammers to later influence the victim into investing in a fake crypto project.
Will frequently endorse cryptocurrency:
If the individual frequently brings up the topic of cryptocurrency, specifically in the context of how much money they’ve made from it, then this should be seen as a red flag.
Romance scammers will claim to have made thousands by investing in cryptocurrency and will often upload images on social media that seemingly adhere to this luxury lifestyle. Be wary if the individual continuously mentions cryptocurrency investments, as this is often planting the seeds for encouraging victims to invest in a fake project at a later date.
Creates a sense of urgency:
In order to try and coerce victims into investing in a fake crypto project, the scammer will typically create a false sense of urgency, advertising that this project is a ‘one-off’ and ‘unmissable’ investment opportunity. Romance scammers tend to play on the victim’s emotions to convince them to invest quicker.
How can you avoid crypto romance scams?
Do your research:
If an unknown account contacts you out of the blue on social media, then do your research before initiating contact.
Check out the account’s followers to verify whether they are being followed by real people or whether the social media account has been hastily made by a scammer.
Use Google reverse image search:
The majority of scammers use other people’s photos in an attempt to catfish potential victims, which is why it’s so important to use Google reverse image search to verify an individual’s identity.
If the scammer has been using other people’s images, then the original source of the photo will be revealed by using Google reverse image search. If this is the case, then block the account immediately and do not engage in conversation.
Ensure that you investigate every crypto project:
Before investing in any cryptocurrency project, it’s important that you do your research. Scammers will often advertise these investment opportunities to be time sensitive, but this should not prevent you from looking into the project in more detail.
If possible, check online reviews about the investment opportunity and seek outside advice from family and friends. If an investment opportunity seems ‘too good to be true,’ then it likely is.
Report the scammer immediately:
If you notice any suspicious activity, then it’s important to report the potential scammer to the relevant authorities. A lot of victims do not report that they’ve been the victim of a romance scam, but it’s important to flag any suspicious activity immediately to prevent others from becoming victims of the same romance scammer.
As scammers typically operate within a wider team, it’s common that they will be scamming multiple people at once, which is why it’s so crucial to report any suspicious activity as soon as possible.
David Kemmerer, the co-founder and CEO of Coin Ledger, commented:
“Unfortunately, the crypto market is becoming a dominant space for romance scams, largely because of the anonymity associated with crypto investing. Because of this, it’s important to remain hypervigilant to reduce the risk of falling victim to a romance scam.
“If an individual is strongly influencing you to invest in a specific crypto project, then it’s important to take a step back. Scammers will often rely on a pre-established emotional connection to convince victims to invest, but it’s crucial that this doesn’t prevent you from doing your own research.
“Romance scammers will often target vulnerable people who are uncertain about how social media and the wider crypto market works. Taking a few minutes to Google the name of both the individual and the investment opportunity in question can be the difference between financial protection and loss.”
Today, the KnowBe4 Threat Lab released a threat alert detailing a surge of phishing attacks that have been hijacking legitimate Microsoft communications.
This spike comes amid a rise in the exploitation of trusted platforms like DocuSign, PayPal, Google Drive, and Salesforce for phishing emails.
In this attack, cybercriminals hijacked a legitimate Microsoft invoice and used mail flow rules to auto-forward it to thousands of recipients. By setting up their own Microsoft domain, the attackers ensured the emails passed authentication protocols. They then embedded a fake organization name as their own, which appeared in the body of the email, to socially engineer the victim to call the number present in that ‘name’. Other than this the attacks had no other payload and all links present are legitimate.
The alert can be read in full here: https://blog.knowbe4.com/surge-in-phishing-attacks-hijacking-legitimate-microsoft-communications
Leaseweb, a leading cloud services and Infrastructure as a Service (IaaS) provider, today shared a major update on its contribution to the EU’s Important Projects of Common European Interest on Cloud Infrastructure and Services (IPCEI-CIS). With its European Cloud Campus project, Leaseweb is actively building the foundation for a sovereign European cloud – designed to protect sensitive data, comply with EU regulations, and ensure that Europe’s digital infrastructure is no longer dependent on US providers.
In the last nine months, Leaseweb has made an industry-leading contribution to the IPCEI-CIS initiative, including developing powerful and flexible cloud infrastructure. This includes creating a scalable compute platform with enhanced automation capabilities, including an open API to streamline automation initially for virtual machines, with plans to integrate physical servers and storage in 2025-26. The company has also developed data integration tools for interaction with public cloud compute services, with ongoing enhancements for greater efficiency and scalability. Additionally, Leaseweb has created a flexible, multi-tenant system for running applications, enabling independent operations within shared clusters. This incorporates backend services and a scalable container platform, currently in beta, with full integration expected in 2025. These activities form the foundation for new, sovereign cloud services in Europe.
As the platform expands, Leaseweb continues to enhance management tools, ensuring an intuitive and adaptable cloud environment, further expanding compute and storage capabilities with increased automation and flexibility. Strengthening the integration between compute and container platforms will be a key priority, allowing for more efficient operations. In addition, Leaseweb is committed to enhancing monitoring and self-healing features, ensuring the cloud infrastructure remains resilient, scalable, and future-proof.
Other World Computing today announced the general availability (GA) launch of the OWC Jellyfish B24 and OWC Jellyfish S24, two powerful new additions to its award-winning shared storage lineup. Designed to meet the evolving needs of media teams, the OWC Jellyfish B24 delivers a cost-effective, high-capacity solution for seamless collaboration and nearline backup, while the OWC Jellyfish S24 offers a full SSD production server with lightning-fast performance for demanding video workflows. With scalable expansion options and rock-solid reliability, these new OWC Jellyfish solutions give video editors, post-production teams, and content creators the tools they need to work faster, collaborate more easily, and keep their projects moving – without storage ever slowing them down.
Video editors, post-production teams, and content creators are constantly juggling massive file sizes, complex collaborations, and the need for seamless access to their media – all while making sure their work is safely backed up. But as video resolutions continue to climb to 4K, 8K, and beyond, many storage solutions just can’t keep up, creating frustrating bottlenecks that slow down the creative process. The OWC Jellyfish B24 and S24 are built to solve these problems, delivering high-performance, scalable shared storage that keeps workflows smooth, file transfers fast, and backups reliable. Whether a team needs affordable nearline storage – with plenty of capacity, or lightning-fast SSDs – for real-time editing, these solutions ensure creatives can focus on what they do best – telling great stories – without storage getting in the way.
About the OWC Jellyfish B24
The OWC Jellyfish B24 is an adapted version of the powerful OWC Jellyfish R24, designed as a cost-effective collaboration solution for smaller teams using workflows that don’t need high throughput but require large storage capacities. The OWC Jellyfish B24 can also be used as a fully expandable nearline backup server for any OWC Jellyfish to ensure that your media are always safe and immediately available in case anything happens to your online production system.
The B24 has four dedicated SAS ports to which you can connect B24-E expansions via a mini-SAS cable, included with every expansion chassis. If the drives in the B24-E have the same capacity per drive as the drives in the B24, you can easily merge the media pools into a single pool using OWC Jellyfish Manager. This will increase the aggregate performance of the system. Adding four B24-E expansion chassis to a B24 head unit, storage capacity for a full-blown B24 configuration can go up to 2.8 Petabytes.
About the OWC Jellyfish S24
The OWC Jellyfish S24 is a high-performance Full SSD production server for media teams who need the responsiveness of full flash while still being able to easily expand their storage in the future. The SSDs in the S24 are the powerful OWC Mercury Extreme Pro SSDs. The S24 can be combined with an OWC Jellyfish S24-E SSD expansion chassis for up to 736TB of fast SSD storage.
The OWC Jellyfish S24 easily scales both in performance and in storage capacity. Add an OWC Jellyfish S24-E expansion for up to 736TB of powerful Full Flash shared storage. If the drives in the S24-E have the same capacity per drive as the drives in the S24, you can easily merge the media pools into a single pool using OWC Jellyfish Manager. This will also increase the aggregate performance for the system.
Salesforce’s latest Connected Shoppers Report highlights how retailers are feeling pressure as costs mount, customer expectations rise, and technology gets increasingly complex.
Canadian retailers are turning to AI agents to improve customer experiences and beat the competition. In fact, 60% of Canadian retailers say AI agents will be essential to compete within a year. A seamless shopping experience is critical for retailers as they face economic uncertainty and more complex shopping behaviour. With more unified data, AI agents can provide more personalized and real-time responses – improving efficiency and shopper experience.
Further findings include:
Shoppers show readiness for the AI era
Retailers see AI agents as a way forward
Methodology
Data in this report is from two double-anonymous surveys conducted November 27 through December 26, 2024. The surveys generated responses from 8,350 shoppers and 1,700 retail industry decision-makers across 21 countries in North America, Latin America, Asia-Pacific, and Europe, including 500 shoppers and 100 retail decision-makers in Canada.
ALIEN TXTBASE data-dump analysis: Dangerous or junk?
Posted in Commentary with tags Specops on March 28, 2025 by itnerdToday Specops Software published an analysis digging into the ALIEN TXTBASEdata-dump, which was recently merged into the HaveIBeenPwned (HIBP) dataset by Troy Hunt.
As with the Rockyou2024 data dump last year, Specops Software researchers found that this dump isn’t quite the mega-leak it was initially hyped as. The ALIEN TXTBASE dump contained a pretty standard distribution of base words, passwords, and lengths – essentially a lot of peoples’ local password stores. There was a non-zero amount of junk, telegram URLs, and other stuff mashed in there too. It’s clear this is someone collecting and processing a lot of stealer logs into one.
However, 20 million of the breached passwords were new to the Specops Breached Password database.
For the full findings, the analysis can be read here: https://specopssoft.com/blog/alien-txtbase-data-dump-analysis/
Leave a comment »