When you’re in an all-hands meeting, you’re likely feeling two things. First, you struggle to jot down all the important points — usually everything your boss says. Second, you may feel bored, unfocused, or downright confused throughout the long meetings. Thankfully, there’s a tool that could make your meetings much more bearable. Meet Hedy AI, an AI meeting coach app that records everything that’s presented or spoken; it can also give you smart talking points to sound your brightest in front of your team and managers. Grab it while the one-year subscription is discounted to only $29.99 (reg. $69.99). Image: StackCommerce Your new AI assistant Trying to engage in meeting discussions or project planning can be stressful, especially if you’re unprepared.. Luckily, Hedy AI helps you contribute meaningfully to conversations, whether you’re working with a new client or brainstorming marketing ideas with colleagues. You might come up with a winning idea that gives your team a competitive edge! At the end of your meetings, Hedy AI will provide you with clear transcripts, meaning you won’t have to hurriedly jot down notes mid-meeting and potentially miss key points or requests. Just review the transcript afterwards, and take advantage of the app’s recording of meeting minutes. Beyond using Hedy AI at work to impress coworkers and higher-ups, you can also rely on it in other conversations. Have a job interview? Use this app to ask thoughtful and relevant follow-up questions. Attending a class lecture? With Hedy AI, you can gain a clearer understanding of your teacher’s lessons and the topic of discussion. Grab Hedy AI’s conversation and meeting coaching for just $29.99 while this best-of-web pricing lasts. No coupon needed! Prices and availability are subject to change. source

By Jeff Montgomery ( February 11, 2025, 10:20 PM EST) — New Jersey-headquartered Quantum Computing Inc. won continuation of a Delaware Court of Chancery temporary restraining order Tuesday against a former consultant and advisory firm, barring their alleged use of trade secrets and other confidential information pending a preliminary injunction hearing or trial…. Law360 is on it, so you are, too. A Law360 subscription puts you at the center of fast-moving legal issues, trends and developments so you can act with speed and confidence. Over 200 articles are published daily across more than 60 topics, industries, practice areas and jurisdictions. A Law360 subscription includes features such as Daily newsletters Expert analysis Mobile app Advanced search Judge information Real-time alerts 450K+ searchable archived articles And more! Experience Law360 today with a free 7-day trial. source

Pet adoption is often a high point for many people when creating memories. Do you remember the excitement of bringing home your first pet? The joy of a new furry family member, however, comes with responsibility and preparation. You likely spent hours researching breeds, finding veterinarians, debating names, and preparing your home. Well, adopting an internal product management approach also requires careful planning, commitment, and a readiness to embrace change. Just as you’d prepare your home for a new pet, it’s time to prep your business for a strategy that nurtures growth and innovation. But what exactly is internal product management, and how can you determine if it’s suitable for your organization? What Is Internal Product Management, And Why Might You Need It? Internal product management is a forward-thinking strategy to move away from traditional tactical project execution toward a more flexible, value-aligned, and customer-centric methodology. It focuses on treating internal stakeholders and teams as customers, and it requires a unique set of skills and a customer value-based approach, distinguishing it from traditional IT roles. Signs That Your Organization Is Ready To Adopt An Internal Product Team Approach Adopting an internal product team approach can come with advantages, including more flexible planning, greater business alignment, and more flexibility and adaptability. While the approach can benefit most organizations, several factors will impact its effectiveness: Rapid industry changes. This model thrives on adaptability and is well suited to environments where staying ahead of the curve is crucial. If innovation is a key determinant of success in your industry, it’s time to consider an internal product team approach. Current IT approaches are lagging. If existing IT organization methodologies can’t keep up with the demands of your customers and internal teams, internal product management gives a more agile and flexible development approach. The product model fits your needs. If you’ve seen benefits from treating internal teams as customers, the internal product team approach could be a game-changer. Defending the value of internal products/platforms. It’s crucial for team members to understand the value of the internal platform and that they are able to defend its worth to executive leadership. If your team is ready to showcase the business value of the internal product, this approach could flourish in your organization. If any of these factors look familiar, it might be time to investigate the role of the internal product manager and how it is helping Forrester clients transform their operating models. By doing so, you could be positioning your team to drive greater value for your team and the business. Forrester clients can read the full report, The Rise Of Internal Product Management, to learn more details of these dimensions. Forrester clients can also schedule a guidance session or inquiry to discuss this in the context of your product organization. source

Image: StackCommerce If you don’t know how to create a chart or graph in Excel or you have forgotten, you’re not the only one. Instead of trying to watch YouTube tutorials or have a coworker explain it, why not let AI do the work for you? With Columns AI, you might never need to manually create visuals for your presentations again. Its features take your data and automatically generate charts, graphs, and other visual content. Grab lifetime access while it’s still available for only $99 (reg. $900). Columns AI is a browser-based app that can be accessed on any device. Open it on Chrome on your Windows laptop or your iPhone for on-the-go chart generation. It’s easy to use this AI tool. Here’s how: Upload your data source from G-Sheets, Notion, Airtable, SQL databases, CSV files, and other formats. Did your data change? No worries. Your visuals will be updated with the correct information. Generate your AI graph or chart in a single click. You can select from preset models first if you’d like. Modify and personalize your visual so it fits your presentation. You’ll appreciate that Columns AI has Canva-like design tools, allowing you to tailor them to your preferences. With a few clicks, you can select specific themes, color palettes, background colors, and more to create a presentation-ready visual.. Ditch the Excel tutorial videos and have AI create charts and graphs for you. Grab a Columns AI lifetime subscription for just $99 while inventory is still available. Prices and availability are subject to change. source

The monthly report is relatively lightweight, with some mobile updates or fixes that have already been performed server-side and shouldn’t be a concern to admins, said Tyler Reguly, associate director of security R&D at global cybersecurity software and services provider Fortra. Another vulnerability impacts only Microsoft Surface hardware. February update patches two exploited vulnerabilities The two exploited vulnerabilities are: CVE-2025-21391, a Windows storage flaw that could let a threat actor delete files. CVE-2025-21418, an opening for privilege escalation beginning in Windows Ancillary Function Driver for WinSock. “While both vulnerabilities are rated Important by Microsoft and have CVSS scores in the 7.x range, I would treat the Windows AFD for WinSock vulnerability as critical when it comes to patching, given that it has seen active exploitation,” Reguly said in an email to TechRepublic. Vulnerabilities have been found in the Windows Ancillary Function Driver for WinSock nine times since 2022, including instances attributed to a North Korea-sponsored advanced persistent threat group, Tenable senior staff research engineer Satnam Narang pointed out in a comment to KrebsonSecurity. “The root cause is insufficient validation of user-supplied input, allowing low-privileged users to send specially crafted data that overflows the buffer,” wrote Mike Walters, president and co-founder of patch management company Action1 in a blog post. No user interaction is required to patch either of the exploited vulnerabilities. CVE-2025-21391, the zero-day Windows storage flaw, stems from the way Windows resolves file paths and follows links, Walters said. File deletion is just the beginning of the problems it could cause, as it could lead to privilege escalation, unwanted access to security logs or configurations, malware injection, data manipulation, or other attacks. “With a CVSS score of 7.1, the CVSS metrics outline that this vulnerability doesn’t affect confidentiality, so no sensitive data can be accessed,” said Kev Breen, senior director of threat research at cybersecurity platform maker Immersive, in an email to TechRepublic. “However, it can severely affect data integrity and availability.” One vulnerability scores CVSS 9.0 The highest CVSS score addressed in the February patch pack is CVE-2025-21198, rated at 9.0. This CVE could let a threat actor perform a remote attack against a Linux agent in High Performance Computing clusters. However, it only works if the attacker already has access to the network the cluster is attached to. “This networking requirement should limit the impact of what would otherwise be a more serious vulnerability,” Reguly said. SEE: Microsoft PowerToys now includes Sysinternals’ ZoomIT, a screen recording tool meant for technical presentations. Microsoft patches spoofing bug affecting all client and server versions CVE-2025-21377 was already publicly disclosed, but the patch is rolling out today. With this vulnerability a threat actor could reveal a user’s NTLMv2 hash, letting the attacker spoof the user’s identity. Walters said any organization using Windows systems that do not exclusively rely on Kerberos for authentication is at risk. CVE-2025-21377 is “another CVE to patch sooner rather than later,” Breen said. “The user doesn’t have to open or run the executable but simply viewing the file in Explorer could be enough to trigger the vulnerability,” said Breen. “This specific vulnerability is known as an NTLM relay or pass-the-hash attack and this style of attack is a favorite for threat actors as it allows them to impersonate users in the network.” Finally, Ben McCarthy, lead cybersecurity engineer at Immersive, pointed out CVE-2025-21381, a vulnerability allowing for remote code execution in Excel. “Excel vulnerabilities are particularly dangerous because Excel macros and embedded scripts have historically been a major attack vector for APT groups, ransomware operators, and financial fraud campaigns, often bypassing traditional security defenses,” McCarthy said. Other major patches across brands As Walters pointed out, Chrome 131 landed recently, bringing patches for several memory vulnerabilities. None of the vulnerabilities Google identified have been exploited. Apple has also started rolling out iOS 18.3.1, which includes a fix for a physical attack that may have been exploited against specific individuals. Ivanti recommended admins to watch for updates from Google Chrome and Microsoft Edge this week. “Browsers are a prime target for attackers to target users,” IT software company Ivanti’s vice president of product management for security products Chris Goettl wrote in a blog post. “While including browsers in your monthly update process is recommended, it leaves a lot of CVEs exposed in between cycles. It’s recommended to move browsers to a weekly Priority Updates cadence.” Last but not least, Adobe released updates for InDesign, Photoshop Elements, Illustrator, and more. source

Security experts advise creating strong, complex passwords to protect our online accounts and data from savvy cybercriminals. And “complex” typically means using lowercase and uppercase characters, numbers, and even special symbols. But, complexity by itself can still open your password to cracking if it doesn’t contain enough characters, according to research by security firm Hive Systems. In this article, we look into how long it would take for hackers to crack different types of passwords and what you can do to make them more secure. NordPass Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Micro (0-49 Employees), Small (50-249 Employees), Medium (250-999 Employees), Large (1,000-4,999 Employees), Enterprise (5,000+ Employees) Micro, Small, Medium, Large, Enterprise Features Activity Log, Business Admin Panel for user management, Company-wide settings, and more Dashlane Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Micro (0-49 Employees), Small (50-249 Employees), Medium (250-999 Employees), Large (1,000-4,999 Employees), Enterprise (5,000+ Employees) Micro, Small, Medium, Large, Enterprise Features Automated Provisioning Scalefusion Single Sign-On Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Any Company Size Any Company Size Features Access Management, Conditional Access, Credential Management, and more How long does it take to crack a password? In their 2024 Hive Systems Password Table report, Hive found that a complex, eight-character password that contains numbers, symbols, and both upper and lowercase letters will take seven years to crack — if an attacker were to use a top-of-the-line 12 x RTX 4090 graphics card. In comparison, a five-character password with only upper and lowercase letters can be cracked in two minutes. Further, Hive says that a four-character password with only lowercase letters can be hacked instantly, while a five-character password with both upper and lowercase letters can be hacked in three seconds. The 2024 Hive Systems Password Table. Image: Hive Systems In my view, this shows how crucial it is to apply password best practices, such as using a mix of letters, symbols, and numbers, whenever possible. This is especially so since, given the stark contrast in the amount of time passwords could be cracked depending on their complexity. On the plus side, even simpler passwords with a greater number of characters are less vulnerable to cracking in a short amount of time, according to Hive’s research. For example, a 10-character password made up of numbers would take one hour to crack. Meanwhile, upping that number-only password to 18 characters will increase the time frame to 11,000 years. Looking into words versus numbers, Hive’s data shows that passphrases win over more traditional passwords. An 18-character password with only numbers would require 11,000 years to crack, but one with the same number of characters using lowercase letters would take 350 billion years to crack. This piece of data shows why passphrases, which use a long string of real but random words, can be more secure than a complex but short password. Hive’s report shows that passphrases with a mix of 18 uppercase and lowercase letters, numbers, and symbols are the most difficult to brute force. What tools do hackers use to crack your passwords? A hacker aiming to crack complex yet short passwords quickly enough would need the latest and most advanced graphics processing technology. The more powerful the graphics processing unit, the faster it can perform such tasks as mining cryptocurrencies and cracking passwords. With these GPUs, hackers can initiate brute-force attacks and use password-cracking software to guess your passwords and other credentials. Brute force attacks involve using GPUs and machine-powered trial and error in an attempt to get the right combination of characters, numbers, and symbols and, eventually, crack a user’s password. For example, one of the top GPUs around today is Nvidia’s GeForce RTX 4090, a product that starts at $1,599. But even less powerful and less expensive GPUs can crack passwords of a small length and low complexity in a relatively short amount of time. Hackers who don’t have the latest and greatest graphics processing on their computers can easily turn to the cloud, according to Hive. By renting computer and graphics hardware through Amazon AWS and other cloud providers, a cybercriminal can tap into multiple virtual instances of a powerful GPU to perform password cracking at a fairly low cost. Plus, the advances in AI have given hackers another type of tool to crack passwords more quickly and efficiently. An April 2023 report from Home Security Heroes that analyzed 15,600,000 common passwords discovered that by using AI, hackers could crack 81% of them in less than a month, 71% in less than a day, 65% in less than an hour, and 51% in less than a minute. SEE: Securing Linux Policy (TechRepublic Premium) How to protect yourself and your organization from password cracking Due to the progress in graphics and AI technology, most types of passwords require less time to crack than they did only two years ago. For example, a seven-character password with letters, numbers, and symbols would take seven minutes to crack in 2020 but only four seconds in 2023. Given these technological advances, how can you and your organization better secure your password-protected accounts and data? Here are a few tips. Try using a passphrase instead of a password A passphrase is a long string of often random words. Passphrases are often more secure than passwords and are usually easier to remember. Examples of this would be something like “Sunset-cola-Mouse!” or “GatePen2BoxerRose”. If you go the passphrase route, there are a few things to remember: Make sure it’s at least 10-15 characters or more. Avoid using common phrases or song lyrics. Choose a passphrase that’s memorable to you. Add in some numbers and symbols to your phrases. For a more in-depth tutorial, check out our What is a Passphrase? guide here. Use a mix of numbers, symbols, uppercase, and lowercase letters at the same time One of the main takeaways from the Hive Systems report is the significant

Artificial intelligence is changing the world in innumerable ways. But it’s not all chatbots and eerily realistic images. This technology, for all its surreal qualities, has a basis in the material world. The materials that power its capabilities range across the periodic table — from easily accessible elements such as silicon and phosphorus to rare earth elements (REEs), derived from complex purification processes.   Rare earth elements are a series of 15 elements ranging from atomic numbers 57–71 on the periodic table called the lanthanide series, along with two other elements (21 and 39) with similar properties. They are divided into light and heavy categories. Heavy rare earth elements, which have higher atomic numbers, are less common.   The light rare earths are lanthanum, cerium, praseodymium, neodymium, europium, promethium, samarium, and gadolinium. The heavy rare earths are yttrium, terbium, dysprosium, holmium, erbium, thulium, ytterbium, and lutetium. Scandium falls outside the two categories.  These metals are not actually rare — they just exist in low concentrations and are difficult to extract. They are crucial components of the semiconductors that provide the computing power that drives AI. They possess uniquely powerful magnetic qualities and are excellent at conducting electricity and resisting heat.   Related:Possibilities with AI: Lessons From the Paris AI Summit These qualities make them excellent for graphics processing units (GPUs), application-specific integrated circuits (ASICs) and field-programmable gate arrays (FPGAs). REEs are also crucial to sustainable energy production that supposedly offsets the drain on the power grid by AI — notably wind turbines.   The market for these metals is expected to reach $10 billion in the next two years.  If recent headlines are to be believed, some of these materials are becoming increasingly scarce due to supply chain issues. China has throttled the export of REEs and other critical materials. It produces some 70% of global supply and processes around 90% of REEs.   Whether that is a genuine concern is debated. It has certainly resulted in trade tensions between China and the West. But other countries, including the United States, are attempting to ramp up production and prospects in the deep sea may offer additional sources.   InformationWeek investigates, with insights from David Hammond, principal mineral economist at chemical manufacturer Hammond International Group, and Ramon Barua, CEO of rare earths supplier Aclara Resources.   Which Elements Are Required to Power AI?  Related:An AI Prompting Trick That Will Change Everything for You Semiconductors comprise some 300 materials — with REEs and other critical minerals among them. Among the most crucial components are cerium, europium, gadolinium, lanthanum, neodymium, praseodymium, scandium, terbium, and yttrium as well as critical minerals gallium and germanium.  Some REEs are used in the manufacturing process and others are integrated into the chips themselves — used to dope other materials to alter their conductive properties. The performance of gallium nitride and indium phosphide are enhanced by doping with europium and yttrium, for example. And layers of oxides formed from gadolinium, lanthanum, and lutetium have improved logic and memory performance.   The proportions of the materials used in semiconductors are largely trade secrets — and thus the demand for specific REEs and other critical minerals for semiconductors is difficult to determine. But they are likely not the major driver of extraction of these elements.   “The usage of rare earths in semiconductors is really a minor aspect of all rare earth demand,” Hammond claims. “I don’t believe it will ever be a major demand driver for rare earths. Less than 10%, probably 5%.”  Dysprosium, neodymium, praseodymium, and terbium are essential components of the magnets used in wind turbines — which comprise a portion of the sustainable energy used to supposedly offset AI energy drain. Hammond thinks that demand for these REEs, also used in generators and solar panels, will be the major driver for extraction and consumption of REEs. Whether that demand will compete with demand from the semiconductor industry remains unknown.  Related:How to Regulate AI Without Stifling Innovation “The need for these other applications is probably going to create that marginal supply that is going to be used by semiconductors,” Barua predicts.  Additional elements, such as gallium, germanium and compounds such as high-purity aluminum (HPA) are also essential. Common elements including silicon and copper play key roles as well. Demand for copper is expected to grow significantly — by up to a million metric tons in the next five years.  Many of these elements, though crucial, are only required in small quantities. “Last year, the US required 19 metric tons of gallium,” Hammond says. “That’s basically 19 pickup trucks of gallium. The panic was so vastly exaggerated to be almost in the realm of stupidity.”  How Available Are These Elements?  China has a monopoly on REEs, both in terms of extraction and processing. It produced more than 240,000 metric tons in 2023. But REEs are also found elsewhere — the US, Australia, India, Myanmar, Russia, and Vietnam. They are relatively common and usually found together, in varying levels of abundance.   China only holds around 40% of the world’s reserves of these minerals. China was not always the primary producer — prior to the 1980s, the US was dominant. But China’s more lax environmental regulations proved advantageous and by the late 1990s had the upper hand in terms of availability and processing technology.   While China currently has a stranglehold on supply and processing, other countries are investigating how to leverage their own reserves of REEs. The US and Australia still manage to extract substantial amounts of these minerals. The processing technology required to turn these elements into usable materials is perhaps the most pressing issue — countries that extract REEs usually send them to China for refinement.   “The big issue for rare earths isn’t so much finding them. It’s processing them,” Hammond observes. “It requires a challenging chemical process to extract the individual components.”  David Hammond, Hammond International Group “The companies producing rare earths are pretty sticky about talking about it — for competitive reasons. But also, nobody really knows what the demand is going to be. Nobody

Deepfakes have become alarmingly difficult to detect. So difficult, that only 0.1% of people today can identify them. That’s according to iProov, a British biometric authentication firm. The company tested the public’s AI detective skills by showing 2,000 UK and US consumers a collection of both genuine and synthetic content. Sadly, the budding sleuths overwhelmingly failed in their investigations. A woeful 99.9% of them couldn’t distinguish between the real and the deepfake. Think you can do better, Sherlock? You’re not the only one. TNW Conference FLASH SALE is LIVE Meet investors from Sequoia, Walden Catalyst Ventures, and more. Take advantage of our 50% our Startup, Scaleup and Investor Programs. Ends 21 February. In iProov’s study, over 60% of the participants were confident in their AI detection skills — regardless of the accuracy of their guesses. Still trust your nose for digital clues? Well, you can test it for yourself in a deepfake quiz released alongside the study results. The quiz arrives amid a surge in headline-grabbing deepfake attacks. In January, for instance, the tabloids were enraptured by one that targeted a French woman called Anne. Scammers swindled her out of €830,000 after using deepfakes to pose as Brad Pitt with deepfakes of the actor. The fraudsters also sent her footage of an AI-generated TV anchor revealing the Hollywood star’s “exclusive relationship with one special individual… who goes by the name of Anne.” Poor Anne was roundly mocked for her naivety, but she’s far from alone in falling for a deepfake. Deepfakes on the rise Last year, a deepfake attack happened every five minutes, according to ID verification firm Onfido. The content is frequently weaponised for fraud. A recent study estimated that AI drives almost half (43%) of all fraud attempts. Andrew Bud, the founder and CEO of iProov, attributes the escalation to three converging trends: The rapid evolution of  AI and its ability to produce realistic deepfakes The growth of Crime-as-a-Service (CaaS) networks that offer cheaper access to sophisticated, purpose-built, attack technologies The vulnerability of  traditional ID verification practices Bud also pointed to the lower barriers of entry to deepfakes. Attackers have progressed from simple “cheapfakes” to powerful tools that create convincing synthetic media within minutes. “Deepfaking has become commoditised,” Bud told TNW via email. “The tools to create deepfake content are widely accessible, very affordable, and produce results undetectable to the human eye. It’s creating a perfect storm of cybercrime, as most organisations lack adequate defences to counter these attacks. “Traditional solutions and manual processes like video identification simply can’t keep up. Organisations must adopt science-based biometric systems combined with AI-powered defences that can detect, evolve with, and prevent these attacks.” AI will take centre stage at TNW Conference, which takes place on June 19-20 in Amsterdam. Tickets for the event are now on sale. Use the code TNWXMEDIA2025 at the check-out to get 30% off the price tag. source