Tech Republic

The number of phishing emails received by Australians surged by 30% last year, new research by security firm Abnormal Security has found. Cybercriminals have increasingly targeted the Asia-Pacific region, partly because it is becoming a larger player in critical industries like data centres and telecoms. For APAC as a whole, credential phishing attacks rose by 30.5% between 2023 and 2024, according to the research. New Zealand saw a 30% rise, while for Japan and Singapore, it was 37%. Out of all the types of advanced email attacks, including business email compromise and malware deployment, phishing saw the biggest increase. “The surge in attack volume across the APAC region can likely be attributed to several factors, including the strategic significance of its countries as epicentres for trade, finance, and defence,” said Tim Bentley, Vice President of APJ at Abnormal Security said in a press release. “This makes organisations in the region attractive targets for complex email campaigns designed to exploit economic dynamics, disrupt essential industries, and steal sensitive data.” SEE: 80% of Critical National Infrastructure Companies Experienced an Email Security Breach in Last Year Between 2023 and 2024, the median monthly rate of all advanced email attacks rose by 26.9% across all of APAC, including Australia, New Zealand, Japan, and Singapore. This encompassed a 16% increase from Q1 to Q2 2024, and a 20% increase from Q2 to Q3. While phishing was the dominant attack type, BEC attacks — including executive impersonation and payment fraud — also grew by 6% year-over-year in APAC. According to Abnormal Security, the average cost associated with one successful BEC attack exceeded USD $137,000 in 2023. More Australia coverage Australia’s cyber immaturity and the AI boom are causing a perfect storm The news that Australia is prone to cyber attack is not entirely new. A Rubrik survey from last year found that Australian organisations reported the highest rate of data breaches compared with global markets in 2023. Antoine Le Tard, vice president – of Asia-Pacific and Japan at Rubrik, said at the time that Australia was a favourite target partly because the country “is a mature market and early adopter of cloud and enterprise security technologies,” and therefore may have prioritised rapid deployment over comprehensive security. At a national level, the approach to cyber security has been a bit slow off the mark. The Australian Signals Directorate reported that only 15% of government agencies achieved the minimum level of cyber security in 2024 — a sharp decline from 25% in 2023. Such entities have also proven reluctant to adopt passkey authentication methods, stemming from cyber security maturity in the public sector and the perception that implementing it is complex. There is also the AI factor, which is influencing the security landscape globally. The ease of access to chatbots, both regular and jailbroken for nefarious purposes, makes it faster to generate material for phishing emails and lowers the barrier to entry, as no technical knowledge is required to use them. AI-powered chatbots were named one of 2025’s top AI threats for Australian cyber professionals, for that reason. SEE: Impacts of AI on Cyber Security Landscape The number of BEC attacks detected by security firm Vipre in the second quarter of 2024 was 20% higher than the same period in 2023 — and two-fifths of them were generated by AI. In June, HP intercepted an email campaign spreading malware in the wild with a script that “was highly likely to have been written with the help of GenAI.” Furthermore, adversaries have begun using AI chatbots to build trust with victims and ultimately scam them. The technique mimics how an enterprise may use AI to combine human-driven interaction with the AI chatbot to engage and “convert” a person. source

TL;DR: Streamline your productivity with My Notes AI Pro Plan — transcribe and summarize unlimited audio on your iPhone, iPad, or Mac with lifetime access for only $39.99. Taking notes during meetings, lectures, or brainstorming sessions can often feel overwhelming, especially when ideas flow faster than your pen or keyboard can move. Luckily, we no longer have to rely on those clunky recorders of the past. My Notes can help make note-taking smarter, faster, and infinitely more efficient. Designed for busy professionals, students, and anyone who needs a productivity boost, this powerful app revolutionizes how you capture, use, and organize information. Lifetime access to this tool is just $39.99 (reg. $299) for a limited time. My Notes AI Pro Plan. Image: StackCommerce With My Notes AI, you can transcribe live recordings or upload audio files for unlimited transcription. The app doesn’t just stop at recording — it takes it a step further by providing instant AI-powered summaries, transforming lengthy notes into concise, actionable insights. It’s perfect for professionals juggling multiple projects, students managing heavy coursework, or entrepreneurs planning their next big idea. Capturing every word is one thing, but My Notes AI takes it much further and condenses it into easy-to-digest summaries. Say goodbye to the tedious process of sifting through hours of audio. In addition, you can keep all your notes tidy and accessible with custom folders. Organize by topic, date, or project to ensure you never lose track of essential information. And if you need to share your insights with a colleague or save it for a future project, you’re in luck: My Notes AI makes exporting your notes and summaries easy. If you’re juggling tight deadlines, managing teams, or presenting to stakeholders, My Notes AI helps you stay organized, on-task, and ahead of schedule. Get a lifetime of the My Notes AI Pro Plan for just $39.99 (reg. $299) for a limited time. Prices and availability are subject to change. source

With laptop and smartphone makers like Samsung spreading generative AI across all aspects of their devices, OpenAI is trying the same with an agentic tool announced on Jan. 23. The tool, called Operator, runs on the same basic technology as ChatGPT but resides within a proprietary web browser. This enables it to autonomously perform actions such as ordering groceries or booking tours. OpenAI suggested in a blog post Operator could “ope[n] up new engagement opportunities for businesses,” but did not elaborate. What is OpenAI’s Operator? Operator is an application that includes a web browser and the generative AI model GPT-4o. It’s the result of an OpenAI project to train GPT-4o’s vision capabilities on the graphical user interfaces found on typical web pages. Its ability to make multi-step plans and correct mistakes independelty if needed set it apart from other efforts to create agentic AI, OpenAI boasted. Operator’s Computer-Using Agent (CUA) model is trained specifically on the buttons, forms, and menus likely to be found on a web page. Operator is in beta. OpenAI said feedback from early-stage users will be used to improve it. ChatGPT Pro subscribers can sign up for Operator starting today. OpenAI plans to provide Operator to Plus, Team, and Enterprise soon. The tech giant also intends to integrate its capabilities into ChatGPT generally. They’ll include the CUA in their API “soon,” according to the blog post. More must-read AI coverage How does Operator work? The company says the CUA’s reasoning technique, which they call an “inner monologue,” helps the model understand intermediate steps and adapt to unexpected input. Under the hood, CUA takes screenshots of web pages and uses a virtual mouse and keyboard to navigate. As with ChatGPT, users can add custom instructions that Operator will remember, such as the user’s preferred airline. SEE: Threat actors can jailbreak generative AI to automatically create phishing emails and other malicious content. Users can prompt Operator in natural language the same way they can prompt ChatGPT. Operator is trained to balk at logging in to sites, providing payment details, or passing CAPTCHAs, so it will hand control back to the user for those steps. Operator is programmed not to accept requests — such as making banking transactions — or to weigh in on high-stakes situations, such as deciding whether to hire an employee. If the Operator encounters an interface it can’t predict how to interact with, it will hand the task back to the user. OpenAI collaborated directly with the following companies to make sure Operator can interact with their sites: DoorDash. Instacart. OpenTable. Priceline. StubHub. Thumbtack. Uber. OpenAI notes that the early iteration of Operator tends to struggle with “complex interfaces,” including creating slideshows or adding items to calendars. Operator enters into a crowded generative AI landscape Some of Operator’s functionality overlaps with competitor tools, such as Google Gemini or Apple Intelligence. Operator invites comparison with Microsoft’s much-maligned Recall feature, which uses screenshots to navigate a PC. Operator also shares some capabilities with Google Lens on Chrome. However, its ability to navigate websites autonomously could be a point of differentiation. Agentic AI, in which generative AI models perform multi-step errands on the user’s account, is either the hot new thing in tech or a new way to package the still-limited products. source

Google announced on Wednesday that Gemini AI will be available to all Google Workspace Business or Enterprise users, integrating directly into the productivity suite. While all Gemini features will be offered at no additional cost initially, Workspace plan prices will rise to account for the expanded offering. “By removing the need to pay for an add-on to access our latest generative AI capabilities, we’re simplifying our plans and pricing to bring the added value of Google AI to all Workspace customers,” Google President of Cloud Applications Jerry Dischler wrote in the product announcement. The AI features will roll out gradually between January and March. More Google news & tips The cost of the AI will now be spread across plans Before Google decided to include Gemini in all Workspace plans, a Gemini subscription cost $20 per month per user for a Business plan or $30 per month per user for an Enterprise plan. The changes to the basic plans are: Business Starter, offering the smallest pool of storage and fewest features, rose from $6 per user per month to $7 per user per month. Business Standard, allowing 150 people in Google Meet and adding tools like eSignature, increased from $12 per user per month to $14 per user per month. Business Plus, offering enhanced security and management tools, grew in price from $18 per user per month to $22 per user per month. New customers will be charged the updated pricing starting on Jan. 16, while existing customers will see it go into effect on March 17 or at their next annual or fixed-term renewal date. Businesses already paying for the Google Gemini add-on will no longer be charged for it after Jan. 31. However, the pricing changes may not impact small businesses with 20 or fewer users as quickly. Google hasn’t specified when these businesses might be subject to the new pricing scheme. Google’s decision to incorporate an AI fee into its professional Workspace plans signals that AI is now an essential, fully integrated component of its professional applications. By building the cost into the overall plan, the price increase may be less noticeable to customers. This gives Google Gemini a competitive advantage over standalone AI services that charge separately monthly. SEE: Generative AI has been devastating for nearly half of companies’ plans for environmental responsibility, a January report found. What does Google Gemini bring to Workspace? The Gemini digital assistant brings standardized generative AI features, such as note-taking and summarization. It can analyze documents, edit videos, write code, or help search for information. Gemini will sit within: Gmail. Google Chat. Google Meet. Google Docs. Google Sheets. Google Slides. Google Vids. Google Drive. Google NotebookLM. Google’s Gems, AI “agents” made for specific tasks, will be available in all business plans. Gems can ideally take roles to perform as assistants on more specialized tasks. Google reassures Workspace users that data shared with Gemini will not be used to train future AI models. Data sovereignty controls are in place automatically, Google said. Plus, Gemini is SOC 1/2/3, ISO 27001/17/18, and ISO 42001 compliant, and can be incorporated into plans to comply with health privacy laws. source

By default, Microsoft 365 saves files in the environment where you opened them and reopens them in the environment where you last saved them. This can quickly lead to confusion — like finding yourself in Word for the web when you thought you were working in the desktop app. If you prefer using desktop apps, even when accessing files through your online Office account or Edge’s new Office 365 dashboard, you can adjust a simple setting to make it happen. SEE: Windows, Linux, and Mac Commands Everyone Needs to Know In this tutorial, I’ll show you how to determine your environment at any given time. Then, I’ll present a quick way to force Office 365 to always open a file in the desktop environment, regardless of where you open or save it. I’m using Office 365 on a Windows 10 64-bit system. I’m using Word, but this behavior also applies to Microsoft Excel and Microsoft PowerPoint. How to determine which environment you’re in with Microsoft 365 If you open a file while working online, you might find it difficult to tell whether you work online or in a desktop app. Fortunately, it’s quite easy to discover which environment is active. To do so, click the File tab and then click Info. The document shown below is open in Word for the web. Word will switch to the desktop version if you click Open in Desktop App. This file is open in Word for the web. How to manually choose an environment in Microsoft 365 The online apps are convenient. You can open a file quickly, make changes, and save those changes in SharePoint or OneDrive automatically. Despite the convenience, if you need to use the desktop app, you can choose that environment from the online environment as follows. Sign into your Office account as you normally would. Select the file you want to open in Word, but don’t double-click it to open it. With the file selected, choose one of the options shown in the Open dropdown. Choose the environment when you’re working online with your Office account. You must be working with a system that has Microsoft 365 installed to choose that option. Use this option when you’re unsure of the file’s default environment setting. What’s hot at TechRepublic How can I set Microsoft 365 to always open files in desktop apps by default? Microsoft 365 apps for the web are incredibly convenient despite their limited functionality. Those limitations are why most users prefer to work in the full-featured desktop environment. Thanks to the easy-to-use Office online and Microsoft 365 dashboard in Edge, many of us are now working in one of those environments. That means it’s easy to open a file in the web app without realizing it until you try to perform a task the web app doesn’t support. It’s not a huge deal, but it is frustrating and unnecessary. SEE: How to Download and Install Microsoft 365 Apps on Mac, iPad or iPhone When you know you want to use a desktop app when working most of the time, you can force the issue with a simple setting. If you open the file online, Microsoft 365 will open it on the desktop by default, so you can skip the manual process without worry. To set this default setting, follow these steps. Open the file on the Word desktop. Click the File menu. Choose Options from the left pane. Choose Advanced from the left pane. Scroll down to the Link Handling section. Check the Open Supported Hyperlinks to Office Files in Office Desktop Apps option. Click OK to return to the Word document. Enable this setting so that Microsoft 365 always opens the file in Word for the web. Regardless of where you created or saved the file, once you enable this setting, Word will always open the file in the desktop environment if available. To my knowledge, Microsoft 365 doesn’t offer a setting for always defaulting to Word for the web. However, if you create the file online and never save it to the desktop app, Microsoft 365 will always open the file in Word for the web. If you can’t make this setting stick, talk to your administrator. If the feature is available to your organization, an administrator can make it available. Why are my Word, Excel, or PowerPoint files not opening in their desktop applications? If your files aren’t opening in their dedicated desktop applications, it’s likely for one of three reasons: Your default program settings are incorrect. You are opening the files from a web browser in online mode. There is an issue with file associations on your system. Even if your computer did open Office files in desktop apps at one point, an update to the program or your operating system can change the default settings. You can fix this by right-clicking on an Office file, selecting Open with → Choose default program, then choosing the desired Office application and checking the “Always use this app to open .docx” (or relevant file extension) box. You can make a similar change within an Office application. When it’s open, go to File → Options → Advanced, then, under File Open Preference, select Desktop from the dropdown menu. A corrupted file or partially installed Office suite can also lead to opening issues. To perform a Quick Repair, open your computer’s Control Panel and choose Programs → Programs and Features. Then, select the Office product you desire, and click Change → Quick Repair → Repair. Furthermore, to open Office files in desktop apps, your license must be up-to-date and activated, the files must be compatible with the version of Office on your device, and your account must have sufficient permissions to access the files. Got a question about Microsoft 365? Ask in the TechRepublic forum. Fiona Jackson updated this article in January 2024. source

The global ecommerce landscape projects global sales to surpass $7 trillion by 2025 and account for 24% of global retail sales by 2027. As consumer preferences shift towards online shopping, ecommerce merchants are presented with enormous opportunities for growth in operations, such as high volumes of sale transactions, omnichannel selling, and even cross-border or global transactions. Along with great growth opportunities, ecommerce growth can also bring plenty of challenges to ecommerce merchants that hinder scaling. Fortunately, there are solutions and processes that can help address these challenges. Streamlining operations, automating processes, and partnering with industry leaders like Shopify are some key steps merchants can take. This article will explore these challenges as well as present actionable solutions to enhance growth instead of hinder it. Ecommerce Growth Opportunities Using Shopify as an ecommerce platform enables merchants to scale operations seamlessly and efficiently. Shopify is a very robust and popular ecommerce platform highly-reviewed by real-world users and experts alike. On top of all the features needed for ecommerce operations, some ecommerce growth opportunities you can easily handle with Shopify are the following: High volume of sales transactions With 270.11 million online shoppers in the US, ecommerce has made the world smaller for buyers, and bigger for sellers. Ecommerce merchants can process sales orders across locations (states and other countries) and in different channels, too. Online sales have huge profit potential for businesses of all sizes. Shopify expertly handles high transaction volumes via its scalable cloud-based infrastructure that can easily adapt to traffic spikes without compromising speed. Its latest report from the Black Friday Cyber Monday (BFCM) stated, “Shopify handled 57.3 PB of data from our infrastructure, 1.19 trillion edge requests, 10.5 trillion database queries, and 1.17 trillion database writes over the weekend—peaking at 284 million requests per minute on edge, and more than 80 million on app servers pushing 12TB per minute on Black Friday.” Sell anywhere (omnichannel sales) ECcommerce has allowed merchants to sell anywhere. With online shopping as the preferred buying method of nearly 60% of consumers, the Internet has also given merchants more channels to sell their products—marketplaces, mobile apps, and lately, even social media. In-person selling hasn’t gone away, too, making it a relevant sales channel even for primarily ecommerce businesses. Presently, consumers expect a seamless and consistent buying experience regardless of the sales platform they use. This is why omnichannel selling has become the new standard of selling. Tracking inventory and syncing across multiple channels is a must, and delivering personalized experiences are expected. Shopify provides built-in integrations with multiple sales channels that merchants can sync with and manage inventory, process orders, and fulfill purchases all from their Shopify dashboards. Ecommerce Growth Challenges Scaling ecommerce operations also presents a plethora of challenges, namely the need for an efficient and wholly integrated business system, automation of workflows, and compliance with federal and state laws, especially when it comes to sales tax. Siloed business systems Usually when businesses scale, there are certain features that are better off serviced by another provider. Ecommerce platforms provide integration capabilities for this need. The challenge is ensuring that all providers are compatible working with one another. Sales tax calculation software, for example, ideally should seamlessly integrate with a merchant’s accounting software and ecommerce platform. Siloed business systems are prone to errors, operational inefficiencies, and declining sales. Processes and workflows prone to human error Ecommerce businesses that have high sales volumes also have high orders to fulfill and ship, and so are the rest of operations—customer service, marketing, and website operations. Workflows can become more complex, requiring more steps to ensure accuracy, and if not automated, can lead to more errors due to human error. Compliance complexities Tax compliance is one of the biggest ecommerce growth challenges for most businesses. Selling in different states, across different jurisdictions, and multiple sales channels can quickly become a huge administrative task when it comes to calculating and filing the correct sales tax. There are also associated processing fees involved that need to be taken into account for proper filing. While all these are usually automated, having  tax software that can provide support a bit further than just automatic calculations can spell the difference between just staying compliant and being compliant and addressing other ecommerce growth challenges mentioned above. Achieving Seamless Tax Compliance with Tax Automation Software When evaluating tax automation software for your ecommerce business, it’s essential to look beyond just automatic tax calculations. A robust solution should also offer key features, such as: Calculate VAT and sales tax based on regularly updated rates Know liabilities and obligations for cross-border transactions, including shipping goods Simplify tax returns filing and file on your behalf Collect, verify, renew, and access tax documents on demand Provide guidance on how to effectively use the tools to streamline tax compliance processes As a long-standing Shopify partner, Avalara has supported Shopify Plus customers with advanced tax calculation services. Now, Avalara offers seamless integration for Shopify merchants across all plans. Avalara for Shopify is equipped to handle international tax calculation, including VAT, and provide supplementary solutions for tax return preparation, filing, and seamless exemption certificate management. Using Avalara as tax automation software can help merchants: Save time: Avalara automatically updates tax calculations with frequent rate and rules changes Expand compliance coverage: Calculate taxes accurately across 13,000+ U.S. sales and use tax jurisdictions and 192 VAT jurisdictions worldwide. Streamline integrations: Break down silos by connecting Avalara with thousands of business applications, including Shopify. Signing up with a tax automation software need not only let you achieve tax compliance, it should also help you achieve ecommerce growth. With Avalara, Shopify merchants can automate calculations, stay on top of compliance changes, and achieve an integrated business system.  Simplify tax compliance for your Shopify store. Avalara integrates seamlessly with Shopify to automate tax calculations, streamline returns, and help you stay compliant as your business grows. Learn more today. source

When it comes to protecting yourself online, having a secure password has been the default recommendation. However, you may be surprised to know that having a secure username is just as important as using a strong password. Serving as your identity online, usernames are prized assets for hackers to acquire. Even if they’re not as coveted as your passwords, they can be used to get hold of your online data.  In this sense, it’s essential to craft a unique and safe username that will keep your accounts away from threat actors and prying eyes. In this article, we discuss what a username is, why it’s important to have a unique and secure username, and some tips and tricks to get there. NordPass Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Micro (0-49 Employees), Small (50-249 Employees), Medium (250-999 Employees), Large (1,000-4,999 Employees), Enterprise (5,000+ Employees) Micro, Small, Medium, Large, Enterprise Features Activity Log, Business Admin Panel for user management, Company-wide settings, and more Dashlane Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Micro (0-49 Employees), Small (50-249 Employees), Medium (250-999 Employees), Large (1,000-4,999 Employees), Enterprise (5,000+ Employees) Micro, Small, Medium, Large, Enterprise Features Automated Provisioning ManageEngine ADSelfService Plus Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Any Company Size Any Company Size Features Access Management, Compliance Management, Credential Management, and more What is a username? A username is a group of characters that serve as your identity for an account or service, either in a computer system or on the internet. They’re also called login names, user IDs, login IDs, and account names. As identifiers, usernames help distinguish and set you apart from other people or accounts. This is in contrast to passwords, which are used to authenticate or verify that you are who you say you are when logging into an account. Below is a quick description of both and their main difference: Usernames: Identifies who you are, either in a computer, a network, an online service, or an application. Passwords: Authenticates or confirms that you are who you claim to be, enabling you access to an account after it’s correctly provided. These days, most online sites, social media networks, games, and applications require a username before you can continue using their service. Some websites allow you to use your email address as a username, but that isn’t always the case and, at times, isn’t the recommended practice. SEE: SMB Security Pack (TechRepublic Premium) Why is it important to create a secure username? While it seems like a no-brainer to have a strong password, having an equally secure username is crucial for these reasons: They’re often included in data leaks and breaches In a massive data breach, a hacker aims to get as much information on you as possible. This means they not only target passwords but also eye your phone number, address, email, and of course, your username. Since usernames and passwords go hand-in-hand, a hacker having your username technically means they have 50% of your login credentials. This makes it significantly easier for cybercriminals to use strategies like brute force attacks or credential stuffing, i.e., a high-powered form of trial and error, to try and steal your account. Usernames are public information It’s essential to remember that most usernames are available to the public because they act as identifiers. Think about your business’ LinkedIn account, your Amazon account, or even your personal username for gaming. All of these can be viewed by both you, other people, and hackers alike. In this regard, they don’t have the same type of security as passwords regarding private information. With this, I strongly recommend creating unique usernames for each account you have. Why? Let’s say you regularly use one username for many of your accounts — including your email address. Here, hackers can use your public username to track down all your other accounts. This leaves you highly susceptible to social engineering tactics, scams, or phishing attempts. They can help build your anonymity online While usernames are public, they don’t necessarily have to include your full name. In this regard, having a secure username can be a great way for you to strengthen your online privacy. If you do it right, no one technically knows which username is tied to your account. This allows you to browse the internet without worrying about others looking into what you’re doing online. Another way usernames can help strengthen privacy is by using them to separate your work and personal life online. Like the example above, you can use a completely different username for your personal accounts. This allows you to keep your personal feed private and maintain your business account at the same time. How do I create a secure username? Fortunately, creating a secure username can be a straightforward process, provided you follow some key steps. Here’s what I recommend: 1. Avoid including your full name, address, or other personal information Most accounts, except work accounts perhaps, won’t require you to use your full name — and for good reason. Having your name in your username will make it much easier for hackers to identify you and subsequently find your other accounts. For example, if both your name is John Doe and you have “JohnDoe” as your Amazon account, it would be a breeze for cybercriminals to put two and two together and conclude that this Amazon username is yours. Similarly, any personally identifiable information also shouldn’t be in your username, as you’re inadvertently giving hackers more data to work with to hack your account. Here’s a list of data you should definitely avoid including in your username: Date of birth. Address. Email address. Phone number/s. ID numbers or PINs. Social security number. Your hometown. Remember, since usernames are public info, hackers have the same access to them as you do. If you include something like your home address in your username, a savvy

The U.K. government has unveiled a set of digitisation plans within the public sector to save £45 billion each year in productivity. The headline announcement is “Humphrey,” a set of AI tools to speed up policy-making activities. Most Humphrey tools summarise government data, including debates, meetings, policies, laws, and responses to consultations, so civil servants can search through it more quickly when making decisions. Before this, the collation of consultation responses was outsourced to contractors, costing the taxpayer £100,000 a pop. Another plan is to establish a new team within the Department for Science, Technology, and Innovation that will be in charge of identifying how tech can be used to improve the efficiency of public services. Current systems result in the U.K. tax authority taking 100,000 phone calls daily and the driving licence agency processing 45,000 physical letters, making response times unnecessarily long. This team will start by developing solutions to help people with disabilities or long-term illnesses more quickly access the services they need, such as financial support or healthcare. The tech will connect the relevant government departments or local authorities so individuals don’t have to be passed between up to 40 of them in a series of phone calls. Other initiatives, announced on Jan. 21, include: A full roadmap of these plans on how the government will renew its £23 billion a year tech spend will come in the summer. SEE: UK Trails Behind Europe in Technical Skills Proficiency More must-read AI coverage UK public services are plagued by legacy technology European companies tend to specialise in mature technologies, meaning the region is often seen as technologically behind, particularly compared to the U.S. The U.K. is a top culprit, particularly in critical national infrastructure, which is difficult and expensive to update without downtime. SEE: 99% of UK Businesses Faced Cyber Attacks in the Last Year A government report published this week found that nearly half of public services, such as those offered by the NHS and local councils, cannot be accessed online. For example, registering a death must be done in person and, businesses must place a newspaper advert when they want to buy a lorry. The report found that a quarter of all digital systems used by the central government are outdated, leading to high maintenance costs and a heightened risk of cyber attacks. NHS England alone saw 123 critical service outages last year, leading to missed appointments and disruptions relating to staff being forced to use paper-based systems. Cybercrime disruption can have even more severe consequences. In June, a ransomware attack on pathology company Synnovis led to months of NHS disruption and, according to Bloomberg. This resulted in harm to dozens of patients, with long-term or permanent damage in at least two cases. Government is dedicated to making the UK an AI leader, reaping economic growth This announcement comes just a few days after the government’s “AI Opportunities Action Plan,” outlining the 50 ways it will build out the AI sector and turn the U.K. into a “world leader.” The strategy involves boosting public computing capacity twentyfold, creating a training data library, and building AI hubs in deindustrialised areas. Last year, the U.K. signed an agreement committing to explore how AI can improve public services and boost economic growth, along with the other Group of Seven nations. SEE: UK Government Announces £32m of AI Projects Science Secretary Peter Kyle said in a press release: “We will use technology to bear down hard to the nonsensical approach the public sector takes to sharing information and working together to help the people it serves. We will also end delays businesses face when they are applying for licenses or permits, when they just want to get on with the task in hand – growth.” A “Digital Commercial Centre of Excellence” will also be forged as part of the overhaul, which will look at how public sector firms can invest in U.K. tech startups and scaleups, simultaneously boosting their efficiency and creating jobs. source

Security researchers have discovered a new malicious chatbot advertised on cybercrime forums. GhostGPT generates malware, business email compromise scams, and more material for illegal activities. The chatbot likely uses a wrapper to connect to a jailbroken version of OpenAI’s ChatGPT or another large language model, the Abnormal Security experts suspect. Jailbroken chatbots have been instructed to ignore their safeguards to prove more useful to criminals. Must-read security coverage What is GhostGPT? The security researchers found an advert for GhostGPT on a cyber forum, and the image of a hooded figure as its background is not the only clue that it is intended for nefarious purposes. The bot offers fast processing speeds, useful for time-pressured attack campaigns. For example, ransomware attackers must act quickly once within a target system before defenses are strengthened. The official advertisement graphic for GhostGPT. Image: Abnormal Security It also says that user activity is not logged on GhostGPT and can be bought through the encrypted messenger app Telegram, likely to appeal to criminals who are concerned about privacy. The chatbot can be used within Telegram, so no suspicious software needs to be downloaded onto the user’s device. Its accessibility through Telegram saves time, too. The hacker does not need to craft a convoluted jailbreak prompt or set up an open-source model. Instead, they just pay for access and can get going. “GhostGPT is basically marketed for a range of malicious activities, including coding, malware creation, and exploit development,” the Abnormal Security researchers said in their report. “It can also be used to write convincing emails for BEC scams, making it a convenient tool for committing cybercrime.” It does mention “cybersecurity” as a potential use on the advert, but, given the language alluding to its effectiveness for criminal activities, the researchers say this is likely a “weak attempt to dodge legal accountability.” To test its capabilities, the researchers gave it the prompt “Write a phishing email from Docusign,” and it responded with a convincing template, including a space for a “Fake Support Number.” A phishing email generated by GhostGPT. Image: Abnormal Security The ad has racked up thousands of views, indicating both that GhostGPT is proving useful and that there is growing interest amongst cyber criminals in jailbroken LLMs. Despite this, research has shown that phishing emails written by humans have a 3% better click rate than those written by AI, and are also reported as suspicious at a lower rate. However, AI-generated material can also be created and distributed more quickly and can be done by almost anyone with a credit card, regardless of technical knowledge. It can also be used for more than just phishing attacks; researchers have found that GPT-4 can autonomously exploit 87% of “one-day” vulnerabilities when provided with the necessary tools. Jailbroken GPTs have been emerging and actively used for nearly two years Private GPT models for nefarious use have been emerging for some time. In April 2024, a report from security firm Radware named them as one of the biggest impacts of AI on the cybersecurity landscape that year. Creators of such private GPTs tend to offer access for a monthly fee of hundreds to thousands of dollars, making them good business. However, it’s also not insurmountably difficult to jailbreak existing models, with research showing that 20% of such attacks are successful. On average, adversaries need just 42 seconds and five interactions to break through. SEE: AI-Assisted Attacks Top Cyber Threat, Gartner Finds Other examples of such models include WormGPT, WolfGPT, EscapeGPT, FraudGPT, DarkBard, and Dark Gemini. In August 2023, Rakesh Krishnan, a senior threat analyst at Netenrich, told Wired that FraudGPT only appeared to have a few subscribers and that “all these projects are in their infancy.” However, in January, a panel at the World Economic Forum, including Secretary General of INTERPOL Jürgen Stock, discussed FraudGPT specifically, highlighting its continued relevance. There is evidence that criminals are already using AI for their cyber attacks. The number of business email compromise attacks detected by security firm Vipre in the second quarter of 2024 was 20% higher than the same period in 2023 — and two-fifths of them were generated by AI. In June, HP intercepted an email campaign spreading malware in the wild with a script that “was highly likely to have been written with the help of GenAI.” Pascal Geenens, Radware’s director of threat intelligence, told TechRepublic in an email: “The next advancement in this area, in my opinion, will be the implementation of frameworks for agentific AI services. In the near future, look for fully automated AI agent swarms that can accomplish even more complex tasks.” source

Pretty much all of the tech giants offer cloud storage nowadays. However, you can easily find yourself shelling out serious money to store your digital data. As a more affordable alternative, Koofr is earning some serious plaudits. This innovative platform lets you upload and access your files with no size limit, and you can even hook up your other online accounts. In a unique offer from TechRepublic Academy, you can pick up a lifetime 1TB subscription for only $129.97 with coupon code KOOFR to be used at checkout. That’s a massive 84% off. Cloud storage is really an essential tool in running any business. Whether it’s simple spreadsheets, promo videos, company logos or even customer data, having a secure online backup of your files is vital. Putting your files in the cloud also means you can work on any device. About Koofr Cloud Storage Koofr provides these benefits and more. This platform allows you to upload and view files on pretty much any device with a browser. This means you can log in on Windows, macOS, Linux, and Chrome laptops along with iOS and Android mobile devices. You can even connect via WebDAV. Koofr’s desktop app makes it easy to manage your data, with smart features like duplicate removal and batch file renaming. The service uses absolutely no trackers, and you can easily connect other online accounts to import your files. Another useful feature for businesses is the ability to share files via custom branded links. This means you can easily go above the file size limit on your email, with the ability to share the same link over and over again. Order today for only $129.97 with code KOOFR to get your lifetime 1TB subscription, normally sold for $810. Prices and availability are subject to change. source