attacks

Apple attacks regulation in a harsh message

by

In it WWDC 2026 celebrated today, Apple has presented Siri AIthe most ambitious version of his assistant to date. The assistant is now capable of maintaining fluid conversations, searching the user’s email or photos, act within third party applications and understand what is on the screen, something that represents a leap that many have been waiting for for years. However, European users with iPhone or iPad they will be left without this great updateat least for now. The reason: the European Commission and Apple have been clashing for months and have still not managed to reach an agreement. What is it that Europe is lost. Apple has turbocharged Siri with a good handful of AI capabilities. During the conference, the company has shown how the assistant can now track old messages, emails or photos to answer specific user questions, draft emails from scratch, understand the content that appears on the screen or search for updated information on the web. It also launches its own application where we can dive into the conversations we have had with the assistant, synchronized between all the user’s devices. On the iPhone, among many other capabilities, it is also integrated directly into the camera. On the Mac and iPad, Visual Intelligence finally arrives, allowing you to ask Siri about anything that appears on the screen. None of this will be available in iOS 27 nor on iPadOS 27 in the European Union. Siri AI will arrive in macOS, watchOS and visionOS in the region, but not in the two most used systems. The problem: DMA and an interpretation that Apple rejects. The Digital Markets Law (DMA) forces Apple to open its ecosystem to competition. The European Commission designated it as a gatekeeper in relation to iOS, the App Store and Safari in September 2023, and in relation to iPadOS in April 2024. And of course, opening its AI ecosystem is something that the company did not have in its plans. Apple holds that the Brussels interpretation would require giving any third-party AI system virtually unlimited access to the user’s device, such as reading and sending messages, making purchases, accessing files or executing actions in any application, all autonomously and without the user being able to monitor it in real time. The proposal that the Commission has rejected. To try to unblock the situation, Apple designed an intermediate solution that it called Trusted System Agent, an intermediary that would allow other virtual assistants to access the same functions as Siri AI, but with the security layers that the company considers essential. In addition, it proposed a gradual implementation plan of 18 months to give room to regulators and developers. The European Commission said no. According to Apple, none of its proposals were accepted. What Apple says. Craig Federighi, senior vice president of Software Engineering at Apple, declared be “deeply disappointed” that European iPhone and iPad users will not have access to Siri AI when the new software versions arrive. In the official statement, the company states that it will continue working to find a way, although it recognizes that, given the regulatory blockade, there is no scheduled date for Siri AI to reach iOS and iPadOS in the EU. It is worth keeping in mind that this story is Apple’s, since the European Commission has not made public its version of why it rejected this system. On the other hand, it is also clear that the company has an obvious interest in presenting this regulation as the obstacle. Conflicts. It is not the first time that Apple and the EU have clashed over the DMA, although this takes on a totally different color. Apple It even positioned itself on the side of Google last May when the Commission proposed similar measures for Androidarguing, according to Reuters collectedthat opening access to third-party AI systems would pose serious risks to user privacy and security. The EU, for its part, also concluded that month that the DMA has had a positive impactleaving little room for maneuver for Apple’s complaints to prosper before the regulatory deadline of July 27, 2026 expires. In the EU, with little news. European users with iPhone or iPad will start this fall with the usual Siri while the rest of the world debuts the new assistant. Apple has no date to resolve the blockage, and the Commission also shows no signs of giving up on its interpretation of the DMA. So everything indicates that we will have to wait to find out how this conflict ends up being resolved. Cover image | Apple and Guillaume Perigois In Xataka | iPhone 18 Pro and iPhone 18 Pro Max: everything we think we know about the new Apple phones

Francisco Valencia, CEO of Secure&IT, on the challenge of AI attacks

by

Yesterday morning I went to a new edition of the cybersecurity conferences of Secure&IT in Madrid with a fairly clear idea: to listen to how companies are using the artificial intelligence to better defend yourself and make life difficult for cybercriminals. It was a reasonable expectation. AI has become one of the great promises of the sector and it seemed logical to think that a good part of the conversation would revolve around its new defensive capabilities. But the day left a much deeper reading. What is moving is not just another technological layer on top of the usual systems. It is the mental framework of cybersecurity itself. The speed of change, the sophistication of attacks, and the entry of new algorithm-based tools are forcing companies to rethink everything from how they patch software to how they anticipate threats. The feeling there, listening to the speakers, was clear: we are not facing a simple update of tools, but rather a change of era. Francisco ValenciaCEO of Secure&IT, who I was able to interview a while agoput that idea on the table as soon as it began with a particularly graphic phrase: “We have always said that in cybersecurity we are one step behind cybercrime and we are now 10 steps behind cybercrime“The statement was surprising for its crudeness, but it also helped to organize the conversation. Looking at this disadvantage head-on, without selling false certainties, may be the first step to understanding what is coming. Cybersecurity was waiting for an ally, but cybercrime has also found one The key is that AI has not only changed the available tools, but also the balance of the game. Valencia put it crudely because, from his point of view, cybercriminals have taken off while many companies are still trying to decide how to use AI in a safe, useful and governed way. This difference in rhythm explains a good part of the diagnosis. Attackers don’t need to resolve every internal debate in an organization, justify every deployment, or wait for a perfect corporate policy. They just need to test, automate and exploit what works. The speaker began by addressing one of the most disturbing pieces of this new scenario: the Dark LLM. LLMs, or large language models, are the technical layer that powers applications such as ChatGPT, Copilot or Gemini: systems capable of interpreting instructions, helping to program or solve complex tasks. The companies that develop them introduce limits, filters and guardrails to prevent harmful uses, both for safety and for the ethical criteria with which they design these systems. The Dark LLM, such as FraudGPT and WormGPTstart from a much more dangerous logic: offer similar capabilities, but without those barriers. The interesting thing is that this logic does not always depend on creating a new model from scratch. Valencia also spoke of jailbreaka way of trying to avoid the limits of conventional AI through carefully constructed instructions. It’s not simply asking a system to do something forbidden, but wrapping that request in a context that pushes it to respond where it should stop. In practice, the result can be similar: capabilities of a powerful model put at the service of uses that large companies try to block. This leap is very well understood when we move from the tool to deception. For years we have associated many fraud campaigns with clumsy, massive and easy-to-detect messages, but AI allows us to change the scale without giving up personalization. The CEO of Secure&IT summed it up with a very clear phrase: “I don’t need to send the Nigerian’s spam to 20 million people saying that I have fallen in love with 20 million people to see who will bite. I send the same email to 20 million, but I tell each one what they want to hear“That’s the difference: the attack can still be massive, but it no longer has to seem generic. The attack may still be massive, but it no longer has to feel generic. During the presentation a term also appeared that caught my attention: malware polymorphic. It may sound very technical, even more typical of a conversation between analysts than an article to understand what is happening, but it helps to land something important. We are no longer just talking about a malicious program that enters a computer and tries to repeat itself on other computers with the same behavior. It is something much more sophisticated: a threat capable of reaching a machine, reading the environment, identifying what defenses are in front of it and generating a version adapted to that specific scenario. The consequence for security teams is obvious: if each machine receives a different variant, detecting patterns, relating signals and reconstructing the attack becomes much more difficult. It is no longer just a matter of finding a malicious file and following its trail across the network. In a scenario where “the virus on each computer is different“, the campaign can have the same objective, but leave different traces on each team. And when the traces change, the analysis is no longer linear. Secure&IT dedicated its cybersecurity days this year to analyzing how AI is changing the sector Valencia’s message about automation was one of the clearest of the day: AI is taking time away from defense. For years, companies have had some margin between detecting a vulnerability, creating an exploit, and actually exploiting it. That margin could be imperfect, but it existed. It allowed you to organize analysis, prioritize patches and update systems every certain number of months. The phrase that best condenses the change is direct: “Until now time was a weapon to defend ourselves and now time is no longer a weapon to defend ourselves.” The consequence is very practical. If before an organization could carry out vulnerability analyzes every several months and plan updates with some calm, that scheme is beginning to fall short. According to experts, an AI tool can search for a vulnerability, identify it, prepare the attack path, and run it … Read more

Booking has been hacked. If you thought phishing was dangerous, wait until you see the follow-up phishing attacks

by

Basic-Fit’s hack yesterday It has not been the only relevant event in terms of cybersecurity in recent days. Last weekend several Booking users received emails with less than reassuring content. In these messages, the company reported that a cyber attacker could have had access to the information on its reservations. On Monday Booking confirmed that the security flaw existedbut has not given too many details about the problem. Your name and reservations were leaked, your card details were not. The information accessed by the attacker(s) includes names, email addresses, phone numbers and booking details. However, Booking has highlighted that the users’ financial data have not been part of this unauthorized access and they have not accessed the users’ home addresses either. To try to mitigate possible problems, the company forced reset of backup PINs of all affected reserves, both active and past. Too many unknowns. Although it has confirmed the incident, Booking has not provided clarification on it and it is not clear if its systems were hacked directly or the problem occurred through other means. There are also no details on the number of users affected nor is it a problem of real scope or limited to certain countries or regions. Booking has indicated that it will inform affected users individually without giving figures. According to its own website, Booking manages hundreds of millions of reservations a year and it is estimated which have about 135 million users of their mobile app. Phishing attacks have already started. These types of data thefts are exploited for massive phishing attacks, and it appears that such attacks have already begun. At least one user indicated on Reddit that he had received a suspicious message on WhatsApp with details of his reservation and personal information. That seems to confirm that the attackers were already using the stolen data to deceive customers before the public announcement occurred. But beware of “tracking” phishing. But in this case the risk is somewhat greater because this is the type of platform from which we are not so surprised to see messages that inform us of the follow-up of the reservation (with the style “There is one week left for your trip!”). Precisely these types of smishing messages can now be generated by attackers fraudulently leveraging the reservation data they have extracted to appear legitimate. If you are a Booking customer and have a pending reservation, be especially careful if you receive one of these follow-up messages. It’s not the first time. In 2021, Dutch regulators fined Booking.com with 475,000 euros after a hack exposed the data of more than 4,000 customers, including credit card information in some cases. On that occasion, Booking notified the Dutch authorities of the cyberattack 22 days late, well above the 72-hour limit required by the GDPR, which caused the company to be fined. In June 2024, the platform itself warned that phishing attacks against its clients had increased by 900% thanks to the use of AI. The company has reported the security breach to Dutch authorities, but it remains to be seen if it again took too long and could face further fines. What to do if you are a Booking user. Theoretically nothing if you have not received an email from Booking.com notifying you of the problem. If you receive it, it is important that you distrust any message, call or WhatsApp that mentions details of your reservation even if they seem legitimate. Attackers may have data about your reservations and may be using it to deceive you. You should not provide your financial data through any channel other than the platform’s official website or app. This data can be used for phishing attacks from other services that use your name or email, since this information is usually sold to be reused by other groups that carry out massive phishing attacks. In Xataka | A family paid 1,800 euros for a tourist house in Galicia. Upon arrival there was no house and no response on Booking

The countries of the Persian Gulf have adopted an unexpected civil protection measure against Iran’s attacks: teleworking

by

When an employee in Riyadh receives an email from his company telling him not to come to the office the next day, the most common reason was usually a sandstorm, construction work, or a holiday. In recent weeks, the reason has been something else: the possibility that its offices, probably located in a downtown financial district, could become Iranian missile target. In the Persian Gulf, teleworking has ceased to be a post-pandemic convenience and has become a civil protection tool in the midst of a geopolitical crisis that has been repeated in Saudi Arabia, the United Arab Emirates, Kuwait and Bahrain since the start of the armed conflict between the US, Israel and Iran. Riyadh: the most visible offices, the first to be emptied. According to published Reutersseveral Western and Saudi companies in Riyadh this week expanded their teleworking recommendations via email or text message sent to their employees. The notices focused on employees working in the King Abdullah financial district, Faisaliah Tower, Business Gate and Laysen Valley, areas where major US banks, technology companies such as Microsoft and Apple, and the Saudi sovereign wealth fund itself are based. The arguments for adopting this measure were not unfounded. Iran threatened to attack American interests in the region in retaliation and, in fact, attacked several Amazon data centers in United Arab Emirates. The order to telework does not mean that this simple measure will keep the civilian population safe, but it does distance them from the international offices occupied by American companies. The Arab Emirates were the first to adopt teleworking. The United Arab Emirates were, in fact, the first in ordering teleworking for its employees, immediately after Iran’s first attacks. According to published the local newspaper Khaleej Times, The Ministry of Human Resources and Emiratization asked private companies to adopt teleworking as a precautionary measure, keeping only workers whose physical presence was essential in their jobs. In those first attacks, four people were injured by debris from intercepted drones that fell on residential buildings, and damage was reported to the dubai international airportthe Burj Al Arab and the Palm Jumeirah. Teleworking recommended, not mandatory. The authorities of other countries in the region, such as Bahrain, Kuwait and Saudi Arabia, also followed in the footsteps of the United Arab Emirates and recommended private companies adopt teleworking and restrictions on influx to offices due to the risk of Iranian missile attacks. Qatar, also punished for reprisals against US interests during the conflict, was another of the countries that activated teleworking protocols for its officials. However, something that all of them have in common is that none of them consider themselves as an obligation to teleworkbut rather companies are recommended to adopt teleworking, leaving the risk assessment to their discretion and that of local authorities. The Government of Dubai Media Office confirmed that the emirate’s private sector continued operating normally, with most business activities uninterrupted despite the risk of attacks. A region that learns to work under pressure. Although these countries are not officially at war with Iran, they are involved and targeted in Iranian attacks in retaliation against US and Israeli companies in the area. In this context, many fear that any escalation would lead Iran to attack critical infrastructure in the region more forcefully, which explains the caution of companies even after the announcement of the ceasefire reached in extremis during the early morning. trump qualified the pact of “total and complete victory.” But as negotiators work in Islamabad to turn that provisional ceasefire into a lasting agreement, Gulf companies continue to watch the calendar with one eye on the news and another on their security protocols to protect their employees. In Xataka | Working from anywhere was the dream of teleworking: not notifying those location changes can get you fired Image | Unsplash (Kate Trysh, Microsoft Copilot)

The US continues to hit targets in Iran, but the Islamic republic keeps another weapon practically intact: its cyber attacks

by

In recent days, tension between the United States and Iran has escalated with direct military actions. Washington has resorted to Tomahawk cruise missiles launched from warships and fighters F-35 to attack Iranian strategic infrastructure. At the moment, there is no evidence that Tehran has managed to respond with military attacks on US territory. Its response, however, has been felt on another front: the attacks against energy facilities in the Gulf, like those of Ras Laffan, in Qatar. In parallel, the conflict is also being fought in a less visible terrain, cyberspace. The information war. The photograph of the conflict begins to be completed when we look beyond the military level. Analysts cited by The Register They argue that Iran is turning more intensively to cyberspace to pressure the United States, an area in which it can operate with less direct exposure. In this context, the attack against Stryker is not interpreted as an isolated episode, but as an indication of a trend. “This is just the beginning,” said retired Gen. Ross Coffman. A case already visible. The most recent example of this dynamic is offered by Stryker, a medical device manufacturer with a global presence. According to Reutersa cyberattack last week altered its internal operations and made it difficult to manage personalized inventory. The company confirmed that it had contained the incident, although the episode shows how this type of action can impact especially sensitive sectors, beyond the strictly technological field. Beyond a specific interruption. Bloomberg notes that the impact on Stryker’s operations had an indirect impact on hospitals and patients, with surgeries that had to be rescheduled due to problems in the supply of specific material. This is a clear example of how the border between digital and physical can quickly blur. The American Stryker specializes in surgical equipment, orthopedic implants and neurotechnology solutions Civilian targets. Along the same lines as the analysts pointed out, the focus is not limited to public organizations. The aforementioned media reports that several voices agree that companies may be more exposed than government agencies, in part due to their unequal defenses. Targeting this type of offensive seeks to generate economic pressure and disruption without the need for a direct confrontation, they explain. A historical case. A clear example is Stuxneta malware discovered in 2010 that managed to infiltrate the Natanz nuclear plant and manipulate its systems until it caused failures in about a thousand centrifuges. The code was designed specifically for that environment, acting stealthily for weeks while altering processes without being detected. Its authorship has never been officially confirmed, although it has been widely attributed to the United States and Israel. When the damage is physical. The Stuxnet case helps to understand a key idea in this type of conflict. As we tell in a video from Xataka Presentahe malware He did not limit himself to infiltrating computer systems, but took control of the industrial controllers that regulated the centrifuges and altered their operation. First accelerating them and then slowing them down, he caused progressive wear until they became unusable. A front that already leaves its mark. The scenario that is drawn is clear. While there is no evidence of a direct Iranian military attack inside the United States, the conflict is already having effects inside the United States through other means. The Stryker case shows how an intrusion can translate into real disruptions in sensitive sectors, with an impact on companies and patients. Images | DC Studio | Stryker In Xataka | Russia is not sending troops or weapons to Iran: it is sending something much more important to take down the US

Pancreatic cancer is a silent killer. A new experimental therapy has managed to “intercept” it before it attacks

by

Pancreatic cancer is classically known as one of the most lethal and feared that exist because of how difficult it can be to treat in some cases and the high mortality rates. But this high mortality rate is not due to its aggressiveness from minute 0, but to its stealthy nature, making it when he shows his face With the first symptoms, the disease is already in a very advanced phase that makes treatment very difficult. It’s where to act. In this way, the objective of the researchers is precisely to try to advance the diagnosis as much as possible, since treatment in the initial phases of the disease can give great results. And this is exactly what a new study that focuses on the ‘cancer interception’ strategy suggests. This is something that researchers at the University of Pennsylvania have focused on, who have achieved a vitally important advance in mouse models. And the fact is that, instead of focusing on attacking the already formed pancreatic tumor of considerable size, they have directed their artillery against the microscopic precursor lesions, known as PanIN. Its foundation. This is something that can be reduced to literally putting out the fire when it is still just a small spark. And as the specialized media report, by removing these microscopic lesions precancerous diseases, researchers manage to stop the advance towards the dreaded pancreatic adenocarcinoma in mice, proposing a total paradigm shift in how we could face this disease. Genetics is key. Something that has been known for a long time is that there are people who have a genetic predisposition to suffer from this disease. Specifically, in more than 90% of cases, the mutation responsible for triggering the disease is found in a gene called KRAS. A gene that for decades was considered “unapproachable” by classical pharmacology and that acted as a great shield against the disease. However, medicine is advancing in leaps and bounds, and this study uses selective inhibitors for this gene with the aim of silencing it precisely in PanIN lesions. In this way, by neutralizing the growth signals that the KRAS gene gives to tumor cells, they cannot take the step to begin to spread throughout the body, which causes the most serious symptoms. Mice today, hope for tomorrow. Logically, we must put our feet on the ground, since we are dealing with a preclinical study. That is, the therapy has proven to be a resounding success in animal models, but there is still a long way to go until this therapy can be used in a human in a hospital, since it must be seen that the effect is similar in our organisms. However, this research fits perfectly with the new medical philosophy against pancreatic cancer. As highlighted by the National Cancer Research Center (CNIO) in his recent communicationsthe future undoubtedly involves knowing the personalized risk and ensuring that those people who are more likely to suffer from pancreatic cancer due to their genetics receive exhaustive screening to detect the disease in time and increase the probability of survival. Images | Bioscience Image Library In Xataka | A Spanish milestone against pancreatic cancer: we are one step closer to eradicating it but there is still a long way to go

If the US attacks Iran like Venezuela, it will be a drain in both directions.

by

In recent weeks, the United States has concentrated hundreds of aircraft and support assets around the Middle East, while commercial satellites captured unusual movements around the Iranian capital. That combination of deployments and repositioning It has raised tension and forced us to rethink calculations about what a direct collision would really entail. The temptation to copy Caracas. I remembered this morning the new york times that when Donald Trump compared an eventual offensive against Iran with the lightning operation which allowed Nicolás Maduro to be captured in Caracas, raised the idea of ​​rapid, surgical and decisive action. The problem is that the parallelism is quite misleading from its strategic basis. Venezuela offered a aging airspace and weakly defended, in addition to an accessible political objective, while Tehran is supported by a theocratic structure consolidated for almost half a century, a Revolutionary Guard of some 150,000 troops and a regional network of militias that can open multiple fronts. There is no “clean” or low-cost option, and any attempt to decapitate the regime would involve a sustained campaign with real risk of American casualties and regional escalation. And not only that. Satellite images. The latest images commercial flights from space through Airbus and Planet Labs have shown something that changes the calculus: the relocation of S-300 systems long-range around Tehran and Isfahan, accompanied by the Cobra-V8 electronic warfare in key positions south of the capital. This combination combines interceptors capable of hitting targets hundreds of kilometers away with powerful jamming capabilities in critical bands for radars, satellite links and designation pods, which points directly to the US “kill chain” before the missiles even enter their range. The signal is clear: Iran not only wants or can fire, it also wants blinddegrade and force attackers to operate closer and with greater exposure. A shield that complicates air attack. He S-300PMU-2with high-speed missiles and three-dimensional radars optimized for detect targets at low altitudesuch as drones and cruise missiles, constitutes the hard shell of the Iranian system, while the Cobra-V8 system seeks to erode and wear down the sensory advantage of American platforms like AWACS or even electronic suppression aircraft. Although there are doubts about the full integration of these systems and the absence of advanced fighters that act as overhead sensors, their deployment near the capital suggests an architecture designed to survive the first wave of attacks and force Washington to devote additional resources to suppression and electronic warfare. In other words, it is no longer just about dropping bombs, but about winning a previous battle in the electromagnetic spectrum. Missiles and multiple fronts. Added to this defensive armor is one of the missile arsenals wider Middle Eastwith medium-range systems capable of hitting US bases and allied cities more than 2,000 kilometersin addition to drones, anti-ship weapons and recent sea-based air defense tests in the Strait of Hormuz. In fact, it is entirely plausible that Iran could scale quickly through its so-called “axis of resistance”, activating Hezbollah, the Houthis or Iraqi militias to disperse the cost and expand the theater of the conflict. All this, of course, while threatening a road along which nearly a fifth of of world oil and gas. The logic, therefore, is dissuasive: any blow against Tehran would have an immediate echo in Israel, in the Gulf and in the planet’s energy trade. An indentation in both directions. The result of this equation is that the comparison with Caracas is diluted facing a scenario where the Iranian capital has become a strongly defended and electromagnetically contested space. The satellite images do not show a disarmed country, but one that has strengthened its core strategic in anticipation of a modern aerial suppression campaign. In short, if the United States plans to attack as he did it in Venezuelayou will not face an operational vacuum, but rather an environment saturated with missilesinterference and possible regional retaliation, a full-blown clash that threatens to become a combat with casualties in both directions from day one. Image | Airbus, Planet Labs In Xataka | If the US attacks Iran with drones, it will find a surprise: Russia has shielded its sky with an explosive weapon, Verba In Xataka | It is so small that it can barely be seen from space, but this secret island is the main problem for the US to attack Iran

If the US attacks Iran with drones, it will be in for a surprise. Russia shielded its sky with an explosive weapon: Verba

by

It we count last week. In the Middle East, crises rarely erupt overnight. First pieces move away from the spotlight, discreet commitments are signed and deployments multiply that seem routine. Only later, when everything falls into place, do you understand that the board had been preparing for something bigger for weeks. Now we know that Washington has not been the only one that has prepared. Agreement sealed in the shadows. counted this morning in an exclusive the financial times that Iran and Russia signed a secret contract of almost 500 million euros for delivery of 500 lVerba portable spears and 2,500 9M336 missiles. It would be Tehran’s most significant move to rebuild air defenses devastated after the 12 day war against Israel. The Iranian request came just days after its integrated network was seriously degraded by Israeli and American attacks, which allowed enemy aircraft to operate with superiority over large areas of the country. The agreement provides deliveries until 2029although the media explained that there are indications of early shipments, and it is complemented with night vision devices and other equipment that points to a phased but urgent reconstruction. What are Verba and why do they matter. The Verba system is a portable guided missile infrared designed to shoot down drones, cruise missiles and low-level aircraft such as helicopters, operated by small mobile teams that can deploy dispersed defenses without depending on fixed radars vulnerable to bombing. These are not heavy strategic systems like lthe S-300 or S-400but rather a flexible tactical layer that complicates helicopter operations and low-level flights. Its adoption is rapid, requires less integration and allows Iran to reinforce critical points at a relatively acceptable cost for Moscow, which can supply them without weakening substantially its own defense against Ukraine. Verba missile carrier A military alliance despite sanctions. Apparently the contract was negotiated between Rosoboronexport and the Iranian Ministry of Defense, with intermediaries already sanctioned by Washington, in a context of growing cooperation that includes Iranian drones employed by Russia in Ukraine and a bilateral treaty signed in 2025. Moscow thus demonstrates that it has no intention of abiding by Western sanctions or the arms embargo reactivated by European powers, while Tehran tries rebuild the relationship following the perception that Russia did not come to their aid during the latest conflict with Israel. The flow of cargo flights and the reception of attack helicopters Mi-28 reinforce the image of a active and sustained military association. The largest deployment since 2003. It we count last week. The agreement emerges in parallel to a massive accumulation of American air and naval power in the Middle East, with dozens of F-35, F-15 and A-10 fighters deployed at bases such as Muwaffaq Salti in Jordan and Prince Sultan in Saudi Arabia, in addition to two aircraft carrier groups led by the USS Abraham Lincoln and the USS Gerald R. Ford. In total, about 40,000 troops and a fleet comparable to the one before the 2003 invasion of Iraq support Donald Trump’s threats to impose a nuclear ultimatum on Tehran. Iran, for its part, warns that it would respond by attacking US bases in the region if hit. A reinforcement that changes the risk calculation. The new systems They will not turn Iran into a conventional rival comparable to the United States or Israel, of course, nor will they prevent sustained air campaigns if these are executed with technological superiority. However, they can raise cost and risk of specific operations, especially helicopter raids or low-altitude attacks, and prolong a possible conflict by making initial phases of aerial suppression difficult. In an environment where each shootdown would have a disproportionate political and strategic impact, the mere presence of hundreds of mobile launchers introduces a tactical deterrence variable. A preparation race. What does seem quite clear is that the combination Iranian rearmament and American deployment draws a scenario of maximum tension in which diplomacy and force advance in parallel. Tehran seeks to buy time, rebuild defensive layers and negotiate from a less vulnerable position. Washington tries to pressure with a demonstration of power without recent precedents in the region. What happens in the coming weeks will not only determine whether there is an attack or an agreement, but also whether the Russian-Iranian alliance is consolidated as a military axis capable of openly challenging the sanctions regime and reconfiguring the strategic balance of the Middle East. Image | ТАСС In Xataka | It is so small that it can barely be seen from space, but this secret island is the main problem for the US to attack Iran In Xataka | If the most advanced US nuclear aircraft carrier maintains its speed it will reach its destination on Sunday: a bad omen for Iran

The alleged PcComponentes hack affects 16 million customers. It’s another nightmare for phishing attacks

by

In Hackmanac Cybersecurity alerts reporting alleged hacks and massive data thefts around the world are frequent. One of the last notices, posted yesterdayaffects a Spanish company on the rise: PcComponentes. If confirmed, the alleged data theft would have affected a huge number of users. 16 million affected. According to these data, a cyber attacker using the alias ‘daghetiaw’ claimed to have managed to infiltrate PcComponentes. By doing so, it has obtained the data of 16.3 million customers, specifically: DNI/NIF Orders and invoices Address Contact details (phone) Credit card metadata (type, expiration date) IP address A sample that seems to confirm the hack. The author of the cyberattack wanted to demonstrate that the database he managed to obtain is legitimate, and to do so he has published a free extract of 500,000 users. That is already a very bad sign and seems to confirm that this hack and massive data theft has indeed been successful. There were already problems a year ago. An This failure exposed a database with access credentials. And everything fits. In The Computer Chapuzas They have contacted 0xBogart and obtained more information about that incident. This user actually talks about the fact that a database from August 2023 was already stolen and that then “it had 11,951,125 users, it makes sense that in 2026 they will have 16 million.” This expert had access to PcComponentes’ servers for five years, and only lost it “when they abandoned their data center for Amazon Web Services,” he indicates in the El Chapuzas Informático text. Pc Componentes has not confirmed the hack. At the moment those responsible for Pc Componentes have neither confirmed nor denied the massive data theft. At Xataka we are trying to contact the company to clarify the details. Meanwhile, those responsible have 72 hours from when the hack was discovered to notify the Spanish Data Protection Agency (AEPD). Up next: phishing attacks. This new massive data theft represents a potential nightmare for PcComponentes customers. If the hack is confirmed, all that data could be used for much more convincing phishing attacks: the more information cyber attackers have about us, the more they can “convince” us with messages that appear to be authentic and that manage to confuse us. Or phishing. There is also the danger of identity theft: the stolen data allows the creation of a “user profile” with which a cybercriminal can impersonate one person to deceive another with social engineering techniques. If the database has been leaked there is little that PcComponentes clients can do because their information will already be exposed. It has not been clear if there are passwords included for access to the company website in the massive data theft, but our recommendation is to change that access password as soon as possible. In Xataka | The leak of 16 billion passwords would be the largest in history. If it weren’t for the fact that it’s a gigantic rehash

Japan has a problem with bear attacks in its cities. So they have started eating them

by

If it is true that every crisis hides an opportunity, in Japan they have taken it to a new dimension. For some time now, the country of the rising sun has been dealing with a serious problem of bear attacks on humans, which has left more than a dozen victims since last spring. The authorities have been searching for some time the way to solve itbut there are those who have already found a way to benefit from it: the psychosis due to encounters with plantigrades is coming accompanied by what seems to be a growing interest in their meat. In Japan the (gastronomic) taste for these animals it’s not newbut there are hoteliers who they assure that demand is growing so much that they are unable to satisfy it. And they are clear about the reason: the news about attacks. Beware of the bears. Japan has long grappled with a serious problem birth rate, a trend that comes accompanied by the abandonment of rural areas and farmlands. That’s nothing new. Nor anything that Spain (and many other countries) has experienced firsthand. What is curious is the effect that this population decline is causing, combined with other factors, such as climate change, fluctuations in harvests and the increase in the populations of certain wild animals: an ‘epidemic’ of human bear attacks. One figure: 13 dead. With more bears prowling through the mountains, when acorns are scarce, the animals choose to approach towns and cities… with the risk that this implies. Sometimes his encounters with humans remain just that, scares, like what happened in october when a 1.4 m specimen sneaked into a supermarket in Numata. Other times the outcome is more tragic. According to the Government, between April and November 13 people died by claws and bites from these animals. To them are added 230 injured. It is the worst balance since the country began studying the phenomenon in 2006. Is the problem that serious? Yes. The figures are eloquent. And not only those of attacks, injuries and deaths. The japanese press (even the international) has been echoing the increase in sightings of bears, the increase in captured specimens and the problem that these animals are beginning to represent, which has led companies to look for ways to protect their employees and administrations to consider strategies to address the problem. Proof of how desperate the Government is is that it has approved emergency hunts and even has turned to the army. 13 deaths may not be a high number in a country of almost 123 million of inhabitants, but it is high enough to set off alarms, especially in certain regions. There are basically two species in the country: Asian black bears and brown bears, which can be found in Hokkaido and whose population has skyrocketed in the last three decades, reaching 11,500 individuals. according to The Japan Times. A delicious threat. All of the above was more or less known. In recent weeks local media such as The Mainichi, The Asashi Shimbun, NHK World Japan However, they have published articles that suggest something else: that in the midst of a wave of attacks, the Japanese seem to be rediscovering the pleasure of a good slice of grilled bear. a few days ago The Japan Times He even spoke with the owners of a restaurant located in a mountainous area of ​​Saitama who say they are having difficulty meeting the growing demand for meat. “With the increase in news about bears, the number of customers who want to eat their meat has increased,” explains to the newspaper the head of the business, Koji Suzuki. His wife confirms that they have even been forced to turn away clients. Another Sapporo restaurant presume also of the success of their “bear soup” and in Aomori there is a population that is promoting wild bear meat as a local gastronomic specialty. Those who promote the use of bear meat from the sector claim that it is a local and they insist in the usefulness of using the meat of slaughtered animals. Is it something new? Yes. And no. As Suzuki and Katsushiko Kakuta, a restaurant manager in Aomori, explain, bear meat seems to be arousing special interest among the Japanese, but for them it is not a new product. Does five years in Nishimeya (Aomori) they even opened a center to process meat from wild bears captured in the Shirakami-Sanchi mountains. And in 2023 in Akita they installed neither more nor less than a vending machine which sells 250 g of fresh meat from bears caught by hunters in the region for 2,200 yen. “Most say it’s delicious”. Kiyoshi Fujimoto, Sapporo chef, confesses that, in your opinion“now there are more people” interested in his bear meat-based recipe. What’s more, he assures that “most people who try it say it’s delicious.” The truth is that in Japan not only attacks and victims have increased. The captures of animals have also done so, which has forced the authorities to face the challenge of what to do with their corpses. Chosun remember that, although there are restaurants in the country that serve their meat, the law is restrictive on the consumption of slaughtered bears, so many end up incinerated. Images |Lucas Law (Unsplash), Adam Kolmacka (Unsplash) and Suzi Kim (Unsplash) In Xataka | A Japanese restaurant has taken its obsession with fresh fish to the extreme: it lets you catch it yourself

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.