Google has unveiled its latest lineup of Pixel smartphones, marking a significant shift towards deeper integration of artificial intelligence in its hardware. Unlike previous years, the company chose to announce the new models in the summer, positioning itself ahead of competitors as it races to incorporate AI technology across its products.
The new Pixel devices feature innovative AI-powered tools, including a unique function that allows users to search for information within screenshots. Additionally, Google’s chatbot, Gemini, can now be accessed as an overlay on other apps, offering assistance and generating content. The launch event, held at Alphabet’s Bay View campus, showcased these advancements, with Google’s senior vice president of devices and services, Rick Osterloh, emphasising the company’s commitment to practical AI applications.
With AI taking centre stage, Google’s event impressed industry experts, with some noting it as one of the most comprehensive presentations the company has ever held. This early release strategy comes as Google aims to stay ahead of its rivals, particularly Apple, which is expected to launch new AI features in its products later this year.
The Pixel 9 series includes several models, with the base version priced at $799, $100 more than its predecessor. The devices will start shipping in August, with the Pixel 9 Pro and Pixel 9 Pro Fold set for release in September, further highlighting Google’s push to lead in the AI-driven smartphone market.
The UK’s National Cyber Security Centre (NCSC) recently brought together international and UK government partners, as well as industry leaders, to discuss the role of cyber deception in cyber defense. The event hosted by the NCSC in London underscored the potential of cyber deception technologies, such as digital tripwires, honeytokens, and honeypots, to enhance national cyber defense strategies. The NCSC aims to establish a comprehensive evidence base on the efficacy of these technologies by promoting their widespread deployment across the country. To achieve this, the NCSC invites public and private sector organisations to contribute to this initiative by sharing their experiences and outcomes from deploying these technologies (as defined by the UK NCSC):
Tripwires: Systems designed to detect unauthorised access by interacting with threat actors, such as honeytokens, to disclose their presence within a network.
Honeypots: Systems that allow threat actors to engage with them, providing opportunities to observe and collect data on their tactics, techniques, procedures, capabilities, and infrastructure for threat intelligence purposes.
Breadcrumbs: Digital artifacts strategically placed within a system to lure threat actors into interacting with tripwires or honeypots, aiding in their detection and study.
To build a comprehensive evidence base on the effectiveness of these tools, the NCSC announced several objectives for this large-scale deployment :
5,000 instances of both low and high interaction solutions across the UK internet, covering both IPv4 and IPv6.
20,000 instances of low interaction solutions within internal networks.
200,000 assets of low interaction solutions deployed within cloud environments.
2,000,000 tokens deployed to bolster detection and intelligence-gathering efforts.
To contribute and participate in this consultation, you contact the UK NCSC at thfcd@ncsc.gov.uk.
The Defense Advanced Research Projects Agency (DARPA) announced the finalists for its AI Cyber Challenge (AIxCC) at DEF CON, a competition that rewards teams for training large language models (LLMs) to identify and fix vulnerabilities in open-source code. BigTech companies like Google, Microsoft, Anthropic, and OpenAI supported participants with AI model credits. The challenge saw about 40 teams submit projects, which were tested on their ability to detect and remediate injected vulnerabilities in open-source coding projects.
Experts say that generative AI can help automate the detection and patching of security flaws in code, and this development can be critical as unsophisticated yet harmful cyberattacks increasingly target critical facilities such as hospitals and water systems. Automating basic cybersecurity practices, such as scanning and fixing code bugs, could significantly reduce these incidents.
Despite running these tests in a controlled, sandboxed environment, the semifinalists’ LLM projects managed to discover 22 unique vulnerabilities and automatically patch 15 of them. DARPA, which has invested over $2 billion in AI research since 2018, plays a unique role in cybersecurity innovation: it created a mock city under cyberattack within DEF CON, attracting over 12,500 visitors. The seven finalist teams will compete in the challenge’s final round at next year’s DEF CON conference, with government officials hoping these AI tools will soon be applied to protect real-life critical infrastructure.
Anne Neuberger, the Biden administration’s deputy national security advisor for cyber and emerging technology, emphasised the goal of using AI for defense as swiftly as adversaries use it for offense. The White House is already collaborating with the Department of Energy to explore deploying these AI tools within the energy sector and hopes to eventually apply them to proprietary company code.
The United Kingdom and France are set to initiate a consultation on addressing the proliferation and irresponsible use of commercial cyber intrusion tools, according to a UK government announcement.
The consultation is part of the Pall Mall Process, a joint UK-French effort focused on addressing the misuse of commercial hacking tools like spyware. The Pall Mall Process was announced last year when the UK and France, alongside major tech companies like Google, Microsoft, and Meta, issued a joint statement acknowledging the urgent need for decisive action against the malicious exploitation of cyberespionage tools. At a conference convened by the UK and France with representatives from 35 nations, concerns were raised regarding the proliferation of spyware used to listen to phone calls, steal photos and remotely operate cameras and microphones.
The following launch of this process came after President Joe Biden issued an executive order prohibiting federal agencies from utilizing commercial spyware that might threaten US security or had been exploited by foreign entities. The executive order aimed to tackle the increasing instances of spyware abuse internationally, as well as reports of its improper use against US officials, government infrastructure, and ordinary citizens. In 2021, the Biden administration had also taken steps against spyware vendor NSO Group, founded by two former Israeli military officers, by adding the company to its Entity List.
As part of this consultation, both governments invite stakeholders to provide insights on best practices concerning commercial cyber intrusion capabilities (CCICs) across three key groups:
States: Acting as both regulators and potential consumers within the CCIC market.
Industry organizations: Engaged in or connected to the CCIC market, along with their broader value chain.
Civil society, experts, and threat researchers: Possessing relevant expertise on the risks posed by the CCIC market and the strategies to address them.
Previously, experts had already raised concerns about the Pall Mall Process and its goals, highlighting questions such as whether the initiative will be geographically diverse and include a broad range of countries. Will stakeholders be involved, and will companies providing some of the intrusive tools, in particular, be invited for discussions? What does success look like for this process, and for whom?
To participate in this consultation, please follow this link.
Bluesky, a social media platform, has reported a significant increase in signups in the United Kingdom recently as users look for alternatives to Elon Musk’s X. The increase follows Musk’s controversial remarks on ongoing riots in the UK, which have driven users, including several Members of Parliament, to explore other platforms. The company announced that it had experienced a 60% rise in activity from UK accounts.
Musk has faced criticism for inflaming tensions after riots in Britain were sparked by misinformation surrounding the murder of three girls in northern England. The Tesla CEO allegedly used X to disseminate misleading information to his vast audience, including a post claiming that civil war in Britain was ‘inevitable.’ The case has prompted Prime Minister Keir Starmer to respond and increased calls for the government to accelerate the implementation of online content regulations.
Bluesky highlighted that the UK had the most signups of any country for five of the last seven days. Once supported by Twitter co-founder Jack Dorsey, the platform is among the many apps vying to replace Twitter after Musk’s turbulent takeover in late 2022.
As of July, Bluesky’s monthly active user base was approximately 688,568, which is small compared to X’s 76.9 million users, according to Similarweb, a digital market intelligence firm. Despite its smaller size, the recent surge in UK signups to Bluesky appears to be a growing interest in alternative social media platforms.
An international operation has dismantled the criminal ransomware group Radar/Dispossessor, which had been targeting companies across various sectors, including healthcare and transport. Authorities from the United States and Germany led the effort to bring down the group, which was founded in August 2023 and initially focused on the US before expanding its attacks globally.
The investigation has identified 43 companies as victims, spanning countries such as the UK, Germany, Brazil, and Australia. The group, led by an individual using the alias ‘Brain’, primarily targeted small to medium-sized enterprises. Many more companies are believed to have been affected, with some cases still under investigation.
Radar/Dispossessor exploited vulnerable computer systems, often through weak passwords and the absence of two-factor authentication, to hold data for ransom. Authorities successfully dismantled servers and domains associated with the group in Germany, the US, and Britain.
Twelve suspects have been identified, hailing from various countries, including Germany, Russia, Ukraine, and Kenya. Investigations are ongoing to identify further suspects and uncover more companies that may have been victimised.
Elon Musk’s Starlink has been granted a licence to offer satellite broadband services in Sri Lanka. This development follows the country’s recent amendment to its telecommunications law, the first change in 28 years, which allowed Starlink Lanka to establish its presence.
Sri Lanka’s parliament passed the updated telecommunications bill last month, clearing the way for new players like Starlink to enter the market. The satellite service, a subsidiary of SpaceX, owns around 60% of the 7,500 satellites currently in orbit, solidifying its dominance in the satellite internet sector.
In March, Starlink proposed to set up operations in Sri Lanka, with officials confirming the company will need to pay a tariff for the licence. While Starlink has shown interest in expanding into South Asia, including India, no concrete plans have been revealed.
Starlink has not yet commented on the recent developments, leaving questions about its next steps in the region.
IBM has teamed up with WWF-Germany to develop an AI-driven solution aimed at safeguarding African forest elephants, a species facing severe threats from poaching and habitat loss. This new technology will use AI to accurately identify individual elephants from camera trap photos, enhancing conservation efforts and allowing for more precise tracking of these endangered animals.
The partnership will combine IBM’s technological expertise with WWF’s conservation knowledge to create an AI-powered tool that could revolutionise how elephants are monitored. By focusing on image recognition, the technology aims to identify elephants by their unique physical features, such as heads and tusks, much like human fingerprints.
Additionally, the collaboration will employ IBM Environmental Intelligence to monitor and analyse biomass and vegetation in elephant habitats. The data will be crucial in predicting elephant movements and assessing the ecosystem services provided by these animals, such as carbon sequestration. Such insights could also pave the way for sustainable finance investments by quantifying the carbon services offered by elephants.
IBM emphasised the broader potential of this initiative, highlighting its role in supporting nature restoration and contributing to global climate change efforts. By integrating advanced technology with conservation strategies, the partnership seeks to make a lasting positive impact on both the environment and sustainable development.
Schlatter Industries, a renowned Switzerland-based engineering company, was targeted by a sophisticated cyberattack. The attackers employed malware to breach the company’s IT network in an incident characterised as highly professional. During the breach, the perpetrators attempted to blackmail Schlatter Industries, though the specific details of their demands remain undisclosed.
Following the incident, Schlatter Industries initiated a thorough investigation to determine whether any data was stolen. Cybersecurity experts have been enlisted to assess and mitigate the damage, aiming to restore the full functionality of the compromised systems. In response to the breach, the company promptly activated stringent security measures and notified relevant authorities, underscoring its proactive approach to managing the crisis.
Why does it matter?
The company publicly acknowledged the attack on Monday, highlighting its commitment to transparency and accountability. The swift and comprehensive response from Schlatter Industries reflects the model companies should adopt to address these threats. It reminds other organisations of the importance of robust cybersecurity frameworks and crisis response strategies in the face of increasingly sophisticated cybercriminal activities.
The Australian gold mining company has confirmed it was targeted by a cyberattack last week, joining a growing list of domestic firms hit by similar breaches. The incident comes as Australia continues to grapple with a wave of cyber attacks that have exposed vulnerabilities in the country’s cyber security infrastructure. Although Evolution Mining has stated that the security breach has been contained, it has not provided further details about the extent of the damage or the nature of the attack.
The company has reported the incident to the Australian Cyber Security Centre, which has acknowledged the report but noted that Evolution Mining did not supply much information on the breach. Despite the attack, Evolution Mining assured that its operations would not be materially impacted. The Australian government has recently strengthened its cyber defences by increasing law enforcement funding and mandating the reporting of cyber attacks as part of a broader security overhaul.
Cyber crime has been on the rise in Australia, with reports increasing by nearly 25% in the year leading up to June 2023. The average cost to victims has also surged by 14%. Experts have pointed out that the country’s cyber security industry is under-resourced and may not be fully equipped to handle the growing threat. The increased collaboration between Australia, the US, and Britain under a new defence agreement has also made Australia a more prominent target for cyber attacks.
The attack on Evolution Mining echoes a series of breaches that have affected major Australian companies in recent years, including Optus, Woolworths, Medibank, DP World Australia and the Australian unit of Shell. These incidents have brought attention to the urgent need for stronger cyber defences as Australia continues to face significant digital security challenges.
