Google Preparing For A "Scrappy" 2025

During the strategy meeting facilitated by Google CEO Sundar Pichai and other top executives, the tech giant recognized 2025 as a pivotal year, especially in artificial intelligence.

According to audio of the 18 December meeting obtained by CNBC, Pichai repeatedly urged employees to "stay scrappy" as he noted competitive and regulatory challenges while stressing the importance of AI.

"I think 2025 will be critical," he said. "I think it’s really important we internalize the urgency of this moment, and need to move faster as a company. The stakes are high. These are disruptive moments. In 2025, we need to be relentlessly focused on unlocking the benefits of this technology and solve real user problems."

Pichai also acknowledged mounting legal scrutiny after Google lost an antitrust case earlier this year on its search business with the Justice Department seeking divestment of the Chrome browser business and pursuing the company over its online ad technology.

He attributed the growing pressure to the broader trend of technology having a greater impacting on society. "So more than ever, through this moment, we have to make sure we don’t get distracted," he added.

A top priority is "building big, new business," including the AI-powered Gemini app, Pichai said, adding that scaling it for consumers will be "our biggest focus next year."

"With the Gemini app, there is strong momentum, particularly over the last few months," he said, according to CNBC. "But we have some work to do in 2025 to close the gap and establish a leadership position there as well."

Demis Hassabis, cofounder of Google's DeepMind, said Gemini will see a "turbo charge" and that products will "evolve massively" in the next year or two.

The head of Google Labs, Josh Woodward, also showed off a coding assistant, an AI note-taking product, and an AI-powered multi-tasking Chrome extension, CNBC reported.

Read More

"Salt Typhoon" Hackers Infiltrated U.S. Telco

It was reported last 27 December that Chinese hackers called Salt Typhoon have infiltrated a ninth telecommunications firm. It was also alleged by the U.S. cybersecurity officials that these hackers gained access to information about millions of people.

The FBI is investigating the Salt Typhoon attacks, which are spurring new defensive measures, deputy U.S. national security adviser Anne Neuberger told reporters recently.

"As we look at China's compromise of now nine telecom companies, the first step is creating a defensible infrastructure," she said.

The hackers primarily are targeting individuals and organizations involved in political or governmental activities and a significant number of hacking victims are located in the Washington D.C.-Virginia area.

The hackers can geolocate millions of people in the United States, listen to their phone conversations and record them whenever they like, Politico reported.

Among recent victims are President-elect Donald Trump, Vice President-elect JD Vance and several Biden administration officials.

Neuberger did not name the nine telecommunications firms that have been hacked, but said telecommunications firms and others must do more to improve cybersecurity and protect individual customers.

"We wouldn't leave our homes, our offices unlocked," she said. "Yet, the private companies owning and operating our critical infrastructure often do not have the basic cybersecurity practices in place that would make our infrastructure riskier, costlier and harder for countries and criminals to attack."

She said companies need better management of configuration, better vulnerability management of networks and better work across the telecom sector to share information when incidents occur.

"However, we know that voluntary cybersecurity practices are inadequate to protect against China, Russia and Iran hacking our critical infrastructure," Neuberger said.

Australian and British officials already have enacted telecom regulations "because they recognize that the nation's secrets, the nation's economy relies on their telecommunications sector."

Read More

Hacking Competition Revealed TrueNAS Vulnerabilities

At the recent Pwn2Own Ireland 2024 event, security researchers identified vulnerabilities in various high-use devices, including network-attached storage NAS devices, cameras, and other connected products.

TrueNAS was one of the companies whose products were successfully targeted during the event, with vulnerabilities found in its products with default, non-hardened configurations.

Following the competition, TrueNAS have started implementing updates to secure their products against these newly discovered vulnerabilities.

During the competition, multiple teams successfully exploited TrueNAS Mini X devices, demonstrating the potential for attackers to leverage interconnected vulnerabilities between different network devices. Notably, the Viettel Cyber Security team earned US$ 50,000 and 10 Master of Pwn points by chaining SQL injection and authentication bypass vulnerabilities from a QNAP router to the TrueNAS device.

Furthermore, the Computest Sector 7 team also executed a successful attack by exploiting both a QNAP router and a TrueNAS Mini X using four vulnerabilities. The types of vulnerabilities included command injection, SQL injection, authentication bypass, improper certificate validation, and hardcoded cryptographic keys.

TrueNAS responded to the results by releasing an advisory for its users, acknowledging the vulnerabilities and emphasizing the importance of following security recommendations to protect data storage systems against potential exploits.

Read More

Japan Seeks To Stop Google For Anti-Trust Practices

Google is being called out all over the world and accused it for adopting monopolistic monopolistic practices. The leatest accuser is the Japan Fair Trade Commission (JFTC), which reportedly alleged that Google violated the country's antitrust laws in regards to its search engine, Chrome, and issue a cease and desist letter, Nikkei Asia reported.

The watchdog started an investigation into Google's practices last October. They have already notified the company of possible disciplinary measures and will decide on them after hearing its response, they said.

The JFTC reportedly accuses Google of requiring smartphone manufacturers to sign a contract stating Chrome will be not only pre-downloaded on all devices, but that it will be placed in a certain spot on the screen. The manufacturers are allegedly forced to do this in order to have the Google Play available on their devices.

The tech giant is also suspected of mandating specific placement of app icons on device screens in exchange for access to its app store, they added.

Moreover, it is accused of striking deals with manufacturers to share part of its revenue on the condition that they refrain from pre-installing rival companies' apps on their devices, the sources said.

In the US, federal judge Amit Mehta ruled in November that Google "is a monopolist" in the search engine industry. The Department of Justice (DoJ) then called for Google to sell Chrome as it "will permanently stop Google’s control of this critical search access point and allow rival search engines the ability to access the browser that for many users is a gateway to the internet."

The DoJ also called for Google to cease favoring Chrome on Android. Google recently released a proposal to appease the DoJ, but stated it will appeal the judge's ruling before a hearing scheduled for April.

Read More

Shooting Down Those Aerial Menace

Aerial light drones may be the latest trend right now, but it doesn’t mean that anybody can use it to eavesdrop on somebody’s privacy or, worse, compromise security.

This is the reason why China developed a highly accurate laser weapon system that can shoot these light drones at low altitude. The weapon has a two-kilometre range and can bring down "various small aircraft" within five seconds of locating its target, the official Xinhua news agency said, citing a statement by the China Academy of Engineering Physics (CAEP), one of the developers.

Xinhua showed pictures of large metal boxes in camouflage paint and the wreckage of a small drone, some of it burning. It is expected that these metal boxes will "play a key role in ensuring security during major events in urban areas" and address concerns on unlicensed mapping activities.

It is effective up to a maximum altitude of 500 metres and against aircraft flying at up to 50 metres per second (112 mph), Xinhua said.

It also cited Yi Jinsong, a manager with China Jiuyuan Hi-Tech Equipment Corp., a firm under the academy, as saying that small-scale, unmanned drones were relatively cheap and easy to use, making them a likely choice for terrorists.

"Intercepting such drones is usually the work of snipers and helicopters, but their success rate is not as high and mistakes with accuracy can result in unwanted damage," he said.

The system, which can be installed on vehicles, shot down more than 30 drones in a recent test with a "100 percent success rate" said the CAEP statement.

The academy is developing similar laser security systems with greater power and range, Xinhua said in its report late Sunday.

China typically deploys tight security for domestic political meetings, international conferences and sports events, looking to prevent public protests over issues such as illegal land seizures and corruption as well as any threats to the participants.

Read More