By Dorothy Atkins ( January 17, 2025, 9:34 PM EST) — Epic Games’ counsel took issue with the rising number of privilege assertions Apple is maintaining over its discovery documents in their ongoing antitrust compliance fight, telling a magistrate judge Friday he’s “frankly surprised and concerned” by the sudden increase as Apple’s privilege-assertion rereview draws to a close…. Law360 is on it, so you are, too. A Law360 subscription puts you at the center of fast-moving legal issues, trends and developments so you can act with speed and confidence. Over 200 articles are published daily across more than 60 topics, industries, practice areas and jurisdictions. A Law360 subscription includes features such as Daily newsletters Expert analysis Mobile app Advanced search Judge information Real-time alerts 450K+ searchable archived articles And more! Experience Law360 today with a free 7-day trial. source

Security researchers at French firm Sekoia detected a new phishing-as-a-service kit targeting Microsoft 365 accounts in December 2024, the company announced on Jan. 16. The kit, called Sneaky 2FA, was distributed through Telegram by the threat actor service Sneaky Log. It is associated with about 100 domains and has been active since at least October 2024. Sneaky 2FA is an adversary-in-the-middle attack, meaning it intercepts information sent between two devices: in this case, a device with Microsoft 365 and a phishing server. Sneaky 2FA falls under the class of business email compromise attacks. “The cybercriminal ecosystem associated with AiTM phishing and Business Email Compromise (BEC) attacks is continuously evolving, with threat actors opportunistically migrating from one PhaaS platform to another, supposedly based on the quality of the phishing service and the competitive price,” Sekoia analysts Quentin Bourgue and Grégoire Clermont wrote in the firm’s analysis of the attack. Must-read security coverage How does the Sneaky 2FA phishing-as-a-service kit work? Sneaky Log sells access to the phishing kit through a chatbot on Telegram. Once the customer pays, Sneaky Log provides access to the Sneaky 2FA source code. Sneaky Log uses compromised WordPress websites and other domains to host the pages that trigger the phishing kit. The scam involves showing a fake Microsoft authentication page to the potential victim. Sneaky 2FA then shows a Cloudflare Turnstile page with a “Verify you are human” prompt box. If the victim provides their account information, their email and password will go to the phishing server. Sneaky Log’s server detects the available 2FA method(s) for the Microsoft 365 account and prompts the user to follow them. The user will be redirected to a real Office365 URL, but the phishing server can now access the user’s account through the Microsoft 365 API. If the visitor to the phishing site is a bot, cloud provider, proxy, VPN, originated from a data center, or uses an IP address “associated with known abuse,” the page redirects to a Microsoft-related Wikipedia entry. Security research team TRAC Labs detected a similar technique in December 2024 in a phishing scheme they named WikiKit. Sneaky Log’s kit shares some source code with another phishing kit found by risk platform company Group-1B in September 2023, Sekoia noted. That kit was associated with a threat actor called W3LL. Sneaky Log sells Sneaky 2FA for $200 monthly, paid in cryptocurrency. Sekoia said this is slightly cheaper than kits Sneaky Log’s fellow criminal competitors offer. SEE: Multifactor authentication and spam filters can reduce phishing, but employees who understand social engineering techniques are the first line of defense. How to detect and mitigate Sneaky 2FA The activities associated with Sneaky 2FA can be detected in a user’s Microsoft 365 audit log, said Sekoia. In particular, security researchers looking into a phishing attempt might see different hardcoded User-Agent strings for the HTTP requests in each step of the authentication flow. This would be unlikely if the user authentication steps were benign. Sekoia published a Sigma detection rule that “looks for a Login:login event with a Safari on iOS User-Agent, and a Login:resume event with an Edge on Windows User-Agent, both having the same correlation ID, and happening within 10 minutes.” Security professionals can remind employees to avoid interacting with suspicious emails, including those that sound urgent or frightening. Sekoia discovered Sneaky 2FA within a malicious email attachment titled “Final Lien Waiver.pdf,” containing a QR code. The URL embedded in the QR code led to a compromised page. Other recent phishing attempts target Microsoft Microsoft’s ubiquity makes it a rich hunting ground for threat actors, whether they run attacks directly or sell phishing-as-a-service tools. In 2023, Microsoft’s Threat Intelligence team disclosed a phishing kit targeting services like Office or Outlook. Later in the same year, Proofpoint pulled the mask off ExilProxy, a phishing kit that could bypass two-factor authentication. In October 2024, Check Point warned users of Microsoft products against sophisticated mimics trying to steal account information. source

Attorneys have a tendency to overestimate litigation risk before summary judgment and underestimate risk after it, but an eight-stage litigation framework can clarify risk at different points and help litigators reassess what true success looks like in any particular case, says Joshua Libling at Arcadia Finance. source

On January 7, about 140,000 people will join serpentine queues in Las Vegas, where over 300 of the Fortune 500 will flaunt their wares at the world’s most revered tech show: CES 2025. Here are five things to expect this year (beyond mammoth TVs, flying cars, a John Deere tractor, and the occasional toilet-paper-carrying or ping-pong-playing robot): A Focus On Customer Experience You wouldn’t be faulted for thinking that CES is the “Customer Experience Show.” Over the last decade, the event has morphed into providing as much of a platform for brand and customer experiences as it does for tech mainstays such as consumer electronics and cars. Expect that trend to sustain as companies like Walmart, Delta, and John Deere show up in Las Vegas, where Accenture’s CEO will keynote on how technology can power the customer experience (CX). Everywhere AI CES, like the city it calls home, is prone to excess. In years past, the show has always doubled down on the tech du jour (such as the ubiquitous Alexa and the metaverse mania). This year, AI will be everywhere, in ways both astonishing and absurd. But one must ignore the hype and seek the diamonds in the rough. For example, CES 2025 will exhibit the world’s first AI-powered hotel, which, by design, sounds outlandish. But once you peel back the “Jetsons” layer, you will see that it’s really about AI driving pricing strategy for revenue maximization and creating personalized mobile app-based guest experiences (which is more evolution, less revolution). A Quest For What’s Next As the iPhone enters its golden years, there is a scramble to find the next singular technology that will define how consumers interact with brands. The promise of last year’s darlings such as the rabbit r1 has fizzled out but not without leaving an impression, albeit imperfect, of what the future of consumer digital experiences might look like. Expect wearables, especially glasses (given the buzz around Meta’s Ray-Ban glasses), to make a play for claiming that space. The Search For Salience The full spectrum of brand experience includes the process by which prospects search for and discover brands that they then engage with. Generative AI tools like ChatGPT and others are becoming an alternative to the conventional consumer search process for brand discovery, advice, and recommendations. AI providers such as Perplexity, which is rumored to be at CES although not exhibiting, are already testing the ad waters to let brands into that conversation. At this CES, expect many behind-the-scenes dialogues to happen about how brands can enter this new AI-powered consideration stream. AI-Powered Agents And now for something distinctly less flamboyant: There will be plenty of consumer-facing genAI agents at the show. But realize that in real life these conversations are fraught with risk and brands are extremely sensitive to such conversations spiraling out of control. Financial services brands, which tend to be quite risk-averse, have found that one of the best ways to deploy genAI to improve CX is by using it to empower customer service agents. At CES 2025, brands such as Goodyear will discuss why these unglamorous implementations may well be among the best applications for CX.   Learn more: Read my research on how brands grow and how they leverage digital touchpoints to better serve their customers. Follow my work: Go to my Forrester bio and choose “Follow.” Chat with me: If you are a Forrester client interested in discussing these topics, please schedule time with me for an inquiry or a guidance session. Plan a session: If you are a Forrester client looking to host a strategy session on a related topic (for example, “the future of digital consumer experience related to AI”), please contact your account team or email me at [email protected]. source

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Tencent has unveiled “Hunyuan3D 2.0,” an AI system that turns single images or text descriptions into detailed 3D models within seconds. The system makes a typically lengthy process — one that can take skilled artists days or weeks — into a rapid, automated task. Following its predecessor, this new version of the model is available as an open-source project on both Hugging Face and GitHub, making the technology immediately accessible to developers and researchers worldwide. “Creating high-quality 3D assets is a time-intensive process for artists, making automatic generation a long-term goal for researchers,” the company’s research team writes in a technical report. The upgraded system builds upon its predecessor’s foundation while introducing significant improvements in speed and quality. How Hunyuan3D 2.0 turns images into 3D models Hunyuan3D 2.0 uses two main components: Hunyuan3D-DiT creates the basic shape, while Hunyuan3D-Paint adds surface details. The system first makes multiple 2D views of an object, then builds these into a complete 3D model. A new guidance system ensures all views of the object match — solving a common problem in AI-generated 3D models. “We position cameras at specific heights to capture the maximum visible area of each object,” the researchers explain. This approach, combined with their method of mixing different viewpoints, helps the system capture details that other models often miss, especially on the tops and bottoms of objects. A diagram showing how Hunyuan3D 2.0 transforms a single panda image into a 3D model through multi-view diffusion and sparse-view reconstruction techniques. (credit: arxiv.org) Faster and more accurate: What sets Hunyuan3D 2.0 apart The technical results are impressive. Hunyuan3D 2.0 produces more accurate and visually appealing models than existing systems, according to standard industry measurements. The standard version creates a complete 3D model in about 25 seconds, while a smaller, faster version works in just 10 seconds. What sets Hunyuan3D 2.0 apart is its ability to handle both text and image inputs, making it more versatile than previous solutions. The system also introduces innovative features like “adaptive classifier-free guidance” and “hybrid inputs” that help ensure consistency and detail in generated 3D models. According to their published benchmarks, Hunyuan3D 2.0 achieves a CLIP score of 0.809, surpassing both open-source and proprietary alternatives. The technology introduces significant improvements in texture synthesis and geometric accuracy, outperforming existing solutions across all standard industry metrics. The system’s key technical advance is its ability to create high-resolution models without requiring massive computing power. The team developed a new way to increase detail while keeping processing demands manageable — a frequent limitation of other 3D AI systems. These advances matter for many industries. Game developers can quickly create test versions of characters and environments. Online stores could show products in 3D. Movie studios could preview special effects more efficiently. Tencent has shared nearly all parts of their system through Hugging Face. Developers can now use the code to create 3D models that work with standard design software, making it practical for immediate use in professional settings. While this technology marks a significant step forward in automated 3D creation, it raises questions about how artists will work in the future. Tencent sees Hunyuan3D 2.0 not as a replacement for human artists, but as a tool that handles technical tasks while creators focus on artistic decisions. As 3D content becomes increasingly central to gaming, shopping, and entertainment, tools like Hunyuan3D 2.0 suggest a future where creating virtual worlds is as simple as describing them. The challenge ahead may not be generating 3D models, but deciding what to do with them. source

By Rachel Scharf ( January 17, 2025, 5:41 PM EST) — A Los Angeles-based cryptocurrency founder who called himself “The Godfather” will plead guilty to earning $36 million through the sale of hacked Meta Platforms advertising accounts and evading taxes on the fraudulent profits, according to federal court documents unsealed Friday,… Law360 is on it, so you are, too. A Law360 subscription puts you at the center of fast-moving legal issues, trends and developments so you can act with speed and confidence. Over 200 articles are published daily across more than 60 topics, industries, practice areas and jurisdictions. A Law360 subscription includes features such as Daily newsletters Expert analysis Mobile app Advanced search Judge information Real-time alerts 450K+ searchable archived articles And more! Experience Law360 today with a free 7-day trial. source

We all know that Microsoft makes some of the best digital tools for business. But signing up for multiple subscriptions is not super appealing when you’re trying to stick to a strict budget. The solution? Grab the All-in-One Microsoft Office Pro 2021 and Windows 11 Pro Bundle. This deal includes lifetime licenses for both products, and you can get it today for only $54.97 via TechRepublic Academy. A few years ago, Microsoft tried to get everyone to sign up for Office 365. This cloud-based service is only available as a subscription. This is great for reducing startup costs, but it can be expensive in the long run. In contrast, Microsoft Office Pro 2021 for Windows is available on a lifetime license with a one-time purchase. That means lifetime access to Word, Excel, PowerPoint, Outlook, OneNote, Teams, Publisher and Access — including future updates. That means you can craft documents, analyze data, create amazing presentations and much more. With this bundle, you also get Windows 11 Pro. This version of the desktop OS comes with a raft of useful business features, particularly regarding security and device management. These include BitLocker device encryption, better remote desktop options and group policy settings. Put together, Microsoft Office Pro 2021 and Windows 11 Pro make quite an upgrade for any professional workflow. The former received a review score of 4.5 out of 5 stars from PCMag, and the latter has 4.4 stars on Amazon. Get The All-in-One Microsoft Office Pro 2021 for Windows: Lifetime License + Windows 11 Pro bundle for just $54.97 (reg. $418) through Feb. 2, 2025. Prices and availability are subject to change. source

Shift, a social enterprise founded by Dutch tech entrepreneur Don Ritzen, has announced its ambitious plans to construct a massive landmark designed to inspire action on climate change.  Shift aims to attract 1 million annual visitors to the “New World Wonder,” which it estimates will cost up to $250mn. The startup plans to build the monument in the Netherlands, and if that’s successful, construct one on every continent.   “Civilisations before us built grand monuments to celebrate gods, momentous events or industrial progress,” Ritzen told TNW over the phone. “I truly believe that our generation needs something equally big and extraordinary to drive people to take action on climate.” To turn its vision into reality, Shift has kicked off an international architecture competition with a total prize pool of €250,000. Architects from around the world will battle it out to create a winning design for the landmark.  The Shift team is open to fresh ideas, but it does have a basic outline of what the World Wonder will offer. According to a brief seen by TNW, the startup envisions a striking physical structure that features “immersive experiences” that “engage all the senses.” The 💜 of EU tech The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now! The landmark will serve as a hub for sustainability education, showcasing stories of “climate heroes” and providing visitors and non-visitors access to thousands of green initiatives via an accompanying digital platform. “We want it to be space that inspires awe,” said Ritzen. “But most importantly, one that ignites hope and empowers people to change their behaviours over the long term.”  Ritzen’s vision might seem like a load of hot air, but it’s a serious proposal coming from a well-respected figure in the Dutch tech scene. Ritzen is the co-founder of Rockstart, a startup incubator that has guided over 350 early-stage companies to a collective net worth of €1.7bn. “Shift has a financial roadmap in place and relationships with institutional investors and high-net-worth individuals to develop the design and realise the first landmark,” the company said in a statement. It also said it is in discussion with several municipalities in the Netherlands to secure a location for the structure. Ticket sales will constitute the main revenue for the monument and its accompanying digital platform. The entry fee is expected to start at €20 per person.   Shift operates a social enterprise model, with 95% of the company owned by a foundation, Stichting Shift World. The remaining 5% is held by impact investors. Residents of the municipality in which the landmark is to be built also have the option to become co-owners.   The architecture competition will run across two stages, with the winning team set to be announced in November. Judges include Ben van Berkel, founder of internationally renowned design firm UNStudio, and Géke Roelink, director at the NEMO Science Museum in Amsterdam. source

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More A new artificial intelligence startup is betting that HR departments will become the next major battleground for enterprise AI adoption, launching a specialized search engine that aims to transform how companies manage their workforce. Borderless AI, which emerged from stealth last year, announced today the release of HRGPT, a free AI-powered search engine that allows companies to query their internal HR data alongside employment laws and regulations. The company also secured a $5 million strategic investment as part of its latest funding round, with participation from Cohere co-founders Aidan Gomez and Ivan Zhang, bringing its total seed funding to $32 million. “Every HR department is going to have AI agents that manage various aspects across the HR stack,” said Willson Cross, cofounder and CEO of Borderless AI, in an exclusive interview with VentureBeat. “We’re proud to be at the forefront of that vertical.” How Borderless AI’s HRGPT is transforming workforce management The Toronto-based startup is positioning itself to compete with established HR software providers like Workday and ADP by focusing exclusively on AI-powered solutions. Its platform already counts several multinational companies as customers, including Dunlop Sporting Goods, which uses the technology to manage employee onboarding across 17 global offices. Unlike general-purpose AI chatbots, HRGPT combines real-time web search with access to internal company data and specialized HR knowledge. The system can perform tasks ranging from generating employment agreements to tracking time-off requests and managing international expense reimbursements. “Unlike ChatGPT, we have real-time web search. When a customer asks HRGPT a question, it scans the web for real-time sourcing and citations,” Cross told VentureBeat. The platform also integrates with PricewaterhouseCoopers for employment law expertise. Borderless AI’s platform displays employee time-off requests and compliance data in a conversational interface designed for HR professionals. (Credit: Borderless AI) The investment from Cohere‘s co-founders signals growing interest in vertical-specific AI applications for the enterprise. While consumer AI tools like ChatGPT have captured public attention, Cross believes the next wave of AI adoption will come from businesses. “For the next two to three years, it’s going to be the businesses that are catching up and waking up to bringing AI to their organizations,” he said. “HR is one that has many applicable use cases.” Borderless AI’s approach reflects a broader trend of AI companies focusing on specific industries rather than trying to build general-purpose tools. Similar vertical-focused companies include Harvey AI in legal tech and Sierra in customer service. Building a billion-dollar HR tech company with AI at its core The company’s ambitious vision includes automating complex HR processes like payroll management and employee analytics. Cross indicated they aim to build a billion-dollar company with fewer than 50 employees by leveraging AI extensively in their own operations. However, Borderless AI faces significant challenges, including prioritizing which features to build next amid strong customer demand. The company must also maintain accuracy and compliance in its automated HR functions, particularly for sensitive tasks like employment agreements and international payments. The startup’s success could signal whether specialized AI tools will successfully compete against established enterprise software providers who are racing to add AI capabilities to their existing products. For now, early customers appear convinced: Borderless AI reports that its AI agents perform tasks hourly across its customer base. source