We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
State-Sponsored Threat Actors Misusing Google’s Gemini AI
Brief Overview
Actors sponsored by states like China, Iran, Russia, and North Korea have taken advantage of Google’s Gemini AI.
The AI Threat Tracker report has been published by Google’s Threat Intelligence Group (GTIG).
These actors have circumvented the security protocols of Gemini via social engineering.
New malware types such as PROMPTFLUX and PROMPTSTEAL signal the growth of threats.
Google addresses these risks by disabling accounts once suspicious activity is detected.
Introduction
As of 2025, state-sponsored threat actors from China, Iran, Russia, and North Korea have effectively leveraged Google’s Gemini AI to improve their cyber-attack methodologies. In spite of Google’s persistent efforts to identify and curb misuse, these actors have found ways to bypass the AI’s security protocols.
AI Threat Tracker Report
Google’s Threat Intelligence Group (GTIG) published a document named AI Threat Tracker: Advances in Threat Actor Usage of AI Tools. This report emphasizes how adversaries have transitioned from utilizing AI for productivity to more malicious applications. It continues findings from January 2025, offering insights on how these actors exploit AI resources such as Gemini.
Circumventing Security Protocols
Even with Google’s protective measures, threat actors have adeptly bypassed Gemini’s safeguards through social engineering techniques. One significant scenario involved a Chinese actor posing as a capture-the-flag competitor to gain exploitation guidance from Gemini. Other groups have employed similar strategies to create bespoke malware and execute phishing schemes.
Malware Innovation and Application
Emerging malware like PROMPTFLUX and PROMPTSTEAL illustrates the potential maturation of cyber threats. PROMPTFLUX alters its code in real-time to avoid detection, while PROMPTSTEAL dynamically crafts commands for data theft. These advancements showcase continuous experimentation in AI-enhanced malware development.
Conclusion
The exploitation of Google’s Gemini AI by state-sponsored groups highlights the changing landscape of cyber threats. While Google is persistently improving its security defenses, the adaptability of these actors presents ongoing challenges. The rise of AI-driven malware adds complexity to the cybersecurity field, emphasizing the need for sustained vigilance and innovation in defense strategies.
Q&A
Q: What is the AI Threat Tracker report?
A: It is a report from Google’s Threat Intelligence Group that outlines the misuse of AI tools like Gemini by threat actors.
Q: In what ways do threat actors circumvent Gemini’s security?
A: They utilize social engineering methods, such as pretending to be legitimate users, to bypass security measures.
Q: What is PROMPTFLUX?
A: PROMPTFLUX is a form of experimental malware that dynamically adjusts its source code to avoid detection.
Q: How does Google respond to these threats?
A: Google limits the time frame within which actors can misuse the AI by shutting down accounts upon detection.
Q: What significance does AI-driven malware hold?
A: AI-driven malware represents a novel challenge in cybersecurity, necessitating new and creative defensive strategies.
We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
Apple AirPods Pro 3 Wireless Earbuds, Active Noise Cancelling, Heart Rate Sensor, Hearing Aid, Bluetooth Headphones, Space Audio Sound, USB-C Charging Case, Dustproof and Sweatproof and Water
We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
Australia’s Solar Share Program: Complimentary Daytime Energy and Advanced Appliances
Fast Overview
The Australian government’s Solar Share Program grants families complimentary electricity for a minimum of 3 hours during peak solar times.
This program utilizes rooftop solar installations, rendering renewable energy accessible to everyone, including those renting.
Advanced appliances play a crucial role in optimising benefits by scheduling consumption during free electricity intervals.
Compulsory for energy retailers in specific areas starting July next year, necessitating smart meters for involvement.
Aims to alleviate evening peak demand and decrease overall costs within the energy system.
Solar Sharer: A Fresh Chapter in Energy Usage
Australia is poised to transform its energy framework with the Solar Share Program, a progressive initiative introduced by the government. This program guarantees complimentary electricity for at least three hours during peak solar periods, prompting households to adjust their energy usage to coincide with these times. With an emphasis on inclusivity, even renters without solar panels can take advantage.
The Need for Advanced Appliances
While electric vehicles (EVs) have established a standard in energy scheduling, this initiative highlights the necessity for comparable improvements in home appliances. Currently, many devices like dishwashers and washing machines provide limited scheduling options. The ambition is for these to become more advanced, allowing precise timing similar to the sophisticated scheduling of EVs.
Optimising Rooftop Solar Capacity
Australia’s rooftop solar installations have outstripped the capacity of existing coal-fired power stations. The Solar Share Program harnesses this extensive resource, delivering no-cost power when wholesale prices are at their lowest. This approach not only aids individual users but also alleviates peak evening demands, potentially lowering overall energy expenses.
Solar Sharer Clarified
The program will be obligatory for energy retailers in New South Wales, South-East Queensland, and South Australia starting in July next year. It requires a smart meter for involvement, permitting complimentary use of appliances, EV charging, and home cooling during specified intervals. Additional states are being consulted for a prospective nationwide launch by 2027.
Who Stands to Gain?
Available to all households in initial areas, the offer includes renters and apartment residents. By adapting energy consumption to free intervals, participants can optimise savings. This strategy ensures that a wide range of Australians can engage in the solar movement without any upfront costs.
System-Wide Benefits
The program seeks to reduce the necessity for expensive network upgrades by promoting daytime consumption. This also fosters fairer pricing by eliminating unnecessary costs, such as marketing expenditures. Ultimately, it aligns ecological benefits with financial savings, benefiting both households and businesses.
“Our Solar Sharer Initiative enables more Australians to engage in our world-leading rooftop solar uptake. Those who can shift their electricity use into the zero-cost power window will gain directly, regardless of whether they have solar panels or not and whether they own or rent, and the greater the uptake of this offer, the larger the system advantages that will reduce costs for all electricity users. Free daytime energy for families across Australia demonstrates that what is beneficial for the environment is also advantageous for your finances. Australians deserve a fairer deal regarding their energy expenses.”
Chris Bowen, Minister for Climate Change and Energy, Australian Government.
The government has begun consultations to fine-tune reforms, ensuring they cater to real-life needs and deliver maximum value. With Solar Sharer, Australia is set to excel in making clean energy both fair and affordable.
The Australian government’s Solar Share Program is a transformative move towards a sustainable energy future. By providing complimentary electricity during peak solar hours and promoting advanced appliance usage, it lays the groundwork for considerable savings and environmental gains. This initiative is set to ensure renewable energy is accessible to all Australians, cultivating a more equitable and efficient energy system.
Q: How does the Solar Share Program function?
A:
The program offers households free electricity for at least 3 hours during peak solar windows. Participants can optimise their energy consumption during these times with a smart meter.
Q: Who qualifies for the Solar Share Program?
A:
All households in New South Wales, South-East Queensland, and South Australia are eligible, including renters and those without solar installations.
Q: Which appliances can take advantage of this program?
A:
All household appliances, particularly energy-hungry ones like dishwashers, washing machines, and EVs, can be programmed to operate during free power intervals.
Q: What benefits does the program offer to the energy system?
A:
By promoting daytime energy usage, it reduces pressure on the grid during peak periods, potentially lowering costs and diminishing the necessity for infrastructure enhancements.
Q: How will the program influence renters and apartment residents?
A:
Renters and apartment dwellers can also gain from complimentary electricity intervals, making renewable energy savings available to a larger demographic.
Q: When will the program be accessible to other states?
A:
The government intends to consult with additional states, aiming for a possible nationwide implementation by 2027.
We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
Brief Overview
Three experts in cybersecurity have been charged with operating a ransomware scheme in the United States.
Those identified include Ryan Goldberg and Kevin Martin.
The scheme reportedly involved partnership with the ALPHV BlackCat hacking group.
The charges were brought in federal court in Miami.
Goldberg and Martin were affiliated with Sygnia and DigitalMint, respectively.
Both organizations are aiding the investigation.
Cybercrime Allegations
Three cybersecurity specialists from the US are accused of plotting a ransomware operation. The implicated, including Ryan Goldberg and Kevin Martin, reportedly collaborated with the ALPHV BlackCat hack group to extort US companies by encrypting their systems and demanding cryptocurrency payments.
Indictment Details
The charges, submitted in Miami, accuse the individuals of engaging in a complex cybercrime operation. Ryan Goldberg has been arrested, whereas Kevin Martin has entered a not guilty plea. The indictment does not name the affected companies but suggests their businesses extend across multiple US states, including California and Florida.
Professional Histories
Kevin Martin was associated with DigitalMint, an organization focused on cybercrime incident response. Ryan Goldberg worked as an incident response manager at Sygnia. Both companies have expressed they are not involved in any wrongdoing and are assisting law enforcement. Goldberg’s employment with Sygnia was terminated in light of the allegations.
Responses from Corporations
DigitalMint has acknowledged that a former staff member is facing indictment and is cooperating as a witness. Sygnia, upon gaining awareness of the developments, has also collaborated with legal authorities, ensuring that their company is not included in the investigation.
Conclusion
The indictment of three cybersecurity professionals accused of managing a ransomware operation has raised alarms regarding insider threats in the cybersecurity sector. With both DigitalMint and Sygnia collaborating with the investigation, this case emphasizes the significance of internal security protocols and organizational accountability.
Q: What charges are levied against the cybersecurity professionals?
A: They are accused of executing a ransomware scheme alongside the ALPHV BlackCat group to extort businesses through network encryption for cryptocurrency ransoms.
Q: Who are the implicated individuals?
A: The individuals identified are Ryan Goldberg and Kevin Martin, with an additional unnamed co-conspirator cited.
Q: Which companies were they affiliated with?
A: Ryan Goldberg was part of Sygnia, while Kevin Martin was associated with DigitalMint.
Q: How have the companies responded to the allegations?
A: Both companies have refuted involvement and are collaborating with the investigation. Sygnia has terminated Goldberg’s employment.
Q: In which states are the affected businesses located?
A: The impacted companies are situated in California, Florida, Virginia, and Maryland.
We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
EPOS Adapt E1 White Wireless in-Ear Headphones – Hybrid ANC, Multi-Point Bluetooth, Microsoft Teams & for iPhone Certified, 50H Battery, Wireless Charging, Semi-Open, USB C Dongle IPX5 Waterproof
We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
OpenAI and Amazon Create a New Chapter in AI through $38 Billion Agreement
Quick Summary
OpenAI collaborates with Amazon Web Services in a $38 billion long-term agreement.
The partnership seeks to exploit AWS’s extensive infrastructure for enhanced AI scalability.
OpenAI will harness AWS’s computing power to improve AI tasks.
Deployment will feature cutting-edge NVIDIA GPUs and millions of CPUs.
Anticipated to address rising needs for AI processing capacity by 2026, with further expansions into 2027.
Expanding AI Frontiers: The Multi-Cloud Approach
Why Choose Amazon?
OpenAI’s choice to collaborate with Amazon Web Services (AWS) signifies a tactical pivot towards a multi-cloud strategy. This collaboration is designed to meet the skyrocketing demand for generative AI solutions. AWS’s standing as a reliable, scalable, and secure cloud service provider makes it perfectly suited to support OpenAI’s ambitious AI objectives.
Leading-Edge Infrastructure
Through the $38 billion arrangement, OpenAI will leverage AWS’s infrastructure, employing NVIDIA GPUs and configurations with millions of CPUs to manage high-demand AI tasks. These assets are essential for delivering rapid performance and enhancing AI processing capabilities, which are vital for emerging technologies like ChatGPT.
The Significance of AWS in AI Developments
Establishing the Core for AI Aspirations
This partnership is set to serve as a foundation for OpenAI’s AI aspirations, with AWS delivering the vital infrastructure to support diverse AI initiatives. From boosting ChatGPT’s functionalities to training next-generation AI models, AWS’s technology is poised to be instrumental in OpenAI’s upcoming projects.
Immediate Effects and Future Opportunities
The collaboration will lead to the immediate application of AWS’s computing resources, with deployment objectives aimed for 2026 and additional growth strategies planned for 2027. This strategic partnership is expected to significantly enhance the AI ecosystem, benefitting millions of users worldwide.
OpenAI’s Involvement in Amazon Bedrock
An Expanding Collection
This year, OpenAI’s open weight foundation models became available on Amazon Bedrock. This initiative has broadened OpenAI’s reach, offering clients a wide array of model selections. The acceptance of these models has surged, with many organizations adopting them for various uses.
Conclusion
OpenAI’s collaboration with AWS signifies a landmark advancement in AI evolution, marking a $38 billion commitment to the future of generative AI. With AWS’s robust infrastructure, OpenAI is positioned to meet the increasing requirements for AI solutions, promising improved capabilities and scalability for its innovations.
FAQs
Q: What is the significance of the $38 billion arrangement between OpenAI and AWS?
A: This arrangement represents a strategic effort for OpenAI to utilize AWS’s infrastructure, ensuring scalability and efficacy in AI tasks.
Q: In what ways will AWS’s resources be advantageous to OpenAI?
A: AWS provides state-of-the-art infrastructure, including NVIDIA GPUs and extensive CPU capabilities, vital for managing demanding AI operations.
Q: When is the complete rollout of AWS resources projected?
A: The planned deployment of AWS computing resources is scheduled for completion by 2026, with expansion anticipated into 2027 and beyond.
Q: What function does Amazon Bedrock serve in OpenAI’s approach?
A: Amazon Bedrock grants access to OpenAI’s foundation models to a broad customer segment, enhancing the accessibility and usefulness of AI technologies.
Q: How does this collaboration impact the AI industry?
A: By merging AWS’s infrastructure with OpenAI’s innovative technologies, the partnership is expected to foster significant progress in the AI field.
We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
BADCANDY Malware Risk on Australian Cisco Devices
Fast Overview
More than 150 Cisco devices in Australia continue to be infected with BADCANDY malware.
Fixes for the flaw have been accessible for over two years.
Re-infection remains a threat as malicious actors are actively taking advantage of the vulnerability.
BADCANDY enables attackers to entirely compromise devices and capture network traffic.
The ASD has marked China’s Salt Typhoon group as one of the malicious actors.
The vulnerability, CVE-2023-20198, has a top severity rating of 10.0.
Restarting devices eliminates BADCANDY but does not address the flaw.
It is essential to implement patches and examine device settings for effective protection.
Overview of BADCANDY Malware
The BADCANDY webshell has consistently posed a threat to Cisco routers and switches within Australia. Despite patches having been available for over two years, as of late October 2025, over 150 devices remain compromised. The Australian Signals Directorate’s Cybersecurity Centre (ACSC-ASD) notes that re-infection is a major concern as malicious actors exploit the flaw.
Technical Insights and Exploitation
The BADCANDY malware exploits a flaw designated as CVE-2023-20198, which carries a maximum severity rating of 10.0. This enables attackers to establish admin accounts, run commands, and gain complete control over the affected devices. Emerged in October 2023, the malware’s ease of use appeals to both criminal and state-sponsored entities, including China’s Salt Typhoon group.
Preventive Strategies and Suggestions
The ACSC-ASD recommends that organizations implement necessary patches and examine device configurations for unusual admin accounts. Investigating the presence of unknown tunnel interfaces is also advised. While rebooting can eliminate the malware, it does not rectify the core vulnerability, requiring additional steps to secure devices.
Conclusion
The persistent existence of BADCANDY malware on Australian Cisco devices highlights the urgent need for alertness and proactive cybersecurity actions. Organizations must take swift measures to patch vulnerabilities and monitor their systems to reduce the risk of re-infection and potential data leaks.
Q: What is BADCANDY malware?
A: BADCANDY is a webshell that takes advantage of a vulnerability in Cisco devices, enabling attackers to control and intercept network traffic.
Q: How critical is the BADCANDY vulnerability?
A: The vulnerability, recognized as CVE-2023-20198, has a maximum severity rating of 10.0, indicating a critical threat.
Q: Who is responsible for the BADCANDY attacks?
A: Both criminal organizations and state-sponsored actors, including China’s Salt Typhoon group, have been known to exploit BADCANDY.
Q: Is it possible to remove BADCANDY by rebooting a device?
A: Rebooting can eliminate the malware, but it does not resolve the underlying vulnerability, leaving devices still exposed.
Q: What steps should organizations undertake to safeguard their devices?
A: Organizations should apply patches, audit admin accounts for suspicious behavior, and fortify their network settings.
Q: Why are numerous devices still infected after two years?
A: Even though patches are available, many devices remain unpatched, with re-infections occurring due to active exploitation by malicious actors.
We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
soundcore by Anker Liberty 4 NC Wireless Noise Cancelling Earbuds, 98.5% Noise Reduction, Adaptive Noise Cancelling to Ears and Environment, Hi-Res Sound, 50H Battery, Bluetooth 5.3 (Pastel Pink)
We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
Optus’ Strategy for Addressing Triple Zero Failures
Quick Overview
Optus recruits 450 new personnel to tackle triple zero service deficiencies.
Implementation of required escalation procedures for emergency call concerns.
Continuous monitoring and daily assessments of emergency call dependability.
Changes in network maintenance necessitate clear verification of emergency service status.
Optus intends to hasten the shift of network operations from Nokia to in-house.
Optus’ Strategy for Addressing Triple Zero Failures
Optus has undertaken substantial measures to rectify the recent shortcomings in its triple zero emergency call services. The telecommunications company, under the leadership of CEO Stephen Rue, revealed the addition of 450 new employees to enhance its call center and network management sectors. This initiative is designed to restore public trust following a significant outage in September.
New Protocols to Enhance Emergency Services
Optus has enacted obligatory escalation protocols for any reported issues with triple zero calls, facilitating prompt investigation by network teams. To boost reliability, the company will ensure 24/7 monitoring of call failure rates and perform daily manual testing across various regions.
A key modification in network maintenance now demands explicit validation that emergency calling services are functioning correctly before and after any network adjustments. This measure is vital to avoid future interruptions.
Internal Modifications and Workforce Growth
The telecommunications provider is establishing 150 new positions within a “process centre of excellence” in Australia, aiming to expedite business transformation. Furthermore, 300 additional staff members will enhance its Australian call center operations, concentrating on triple zero services and customers in need.
Optus is also accelerating the transition of its network operations from Nokia, previously scheduled for May 2027, due to dissatisfaction with the current outsourcing setup.
Overview
Optus is taking strong measures to resolve its triple zero service issues, hiring 450 additional employees and establishing new protocols to guarantee reliability and restore public confidence. The telecommunications company is also implementing internal modifications to better customer service and hasten the in-sourcing of network operations from Nokia.
FAQs
Q: What is the reason for Optus hiring 450 new employees?
A: Optus is bringing on 450 new employees to tackle failures in its triple zero emergency call services and enhance customer service and network management.
Q: What new protocols has Optus put in place?
A: Optus has rolled out mandatory escalation for emergency call problems, 24/7 tracking of call failures, daily assessments of emergency call reliability, and adjustments to network maintenance practices.
Q: What modifications are being introduced to the network maintenance practices?
A: Network maintenance now requires clear confirmation of emergency service functionality before and after any network changes to avert disruptions.
Q: In what way is Optus altering its relationship with Nokia?
A: Optus plans to bring its network operations back in-house earlier than the initially set May 2027 timeline, due to dissatisfaction with Nokia’s management of a network upgrade.
We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
Earaku Open Ear Earbuds, Equipped with DSP Amplifier, Open Type That Breaches Traditional Sound Quality, Wireless Earphones, Bluetooth 5.4, Does Not Block Ears, Air Conduction Earphones, Ear Cuffs
