Technology

ra2 studio – stock.adobe.com Microsoft warns users over notable evolutions in Scattered Spider’s attack playbook, and beefs up some of the defensive capabilities it offers to customers in response By Alex Scroxton, Security Editor Published: 16 Jul 2025 19:00 Microsoft has rolled out a series of targeted enhancements across its Defender and Sentinel cyber security ecosystem designed to help its customers guard against the possibility of falling victim to Scattered Spider as the cyber gang continues to evolve its playbook. Scattered Spider – referred to in Microsoft’s threat telemetry as Octo Tempest – ramped up the pace of its activity in April and May with disruptive attacks aimed at UK high street retailers. It then shifted up its targeting to go after insurance organisations, and in late June appeared to pivot to the aviation sector, with several possible victims emerging. The cyber gang uses varying methods in its attacks and, as before, its most common approaches involve gaining initial access through social engineering attacks and user impersonation to fool service desk workers through phone calls, emails and messages, SMS-based phishing using adversary-in-the-middle domains mimicking legitimate organisations, the use of tools such as ngrok, Chisel and AADInternals, and attacking hybrid identity infrastructures and exfiltrating data to support extortion and ransomware. However, as has been seen recently, the gang now seems to favour the use of DragonForce ransomware and has been particularly focused on VMware ESX hypervisor environments. Moreover, said Microsoft, in contrast to previous attack patterns where Scattered Spider exploited cloud identity privileges in order to attain on-premise access, it now appears to be hitting both on-premise accounts and infrastructure during the initial stage of its intrusions, prior to transitioning to cloud access. “In recent weeks, Microsoft has observed Octo Tempest, also known as Scattered Spider, impacting the airlines sector, following previous activity impacting retail, food services, hospitality organisations and insurance between April and July 2025,” said the Microsoft Defender research team in a blog update. “This aligns with Octo Tempest’s typical patterns of concentrating on one industry for several weeks or months before moving on to new targets. Microsoft Security products continue to update protection coverage as these shifts occur.” More assistance To better assist its customers, Microsoft has updated the range of detections available within Defender, spanning endpoints, identities, software-as-a-service (SaaS) applications, email and collaboration tools, and cloud workloads. It is also enhancing Defender’s built-in attack disruption capabilities – which draw on multi-domain signals, new threat intel, and AI-backed machine learning models to try to predict and disrupt a threat actor’s next move – essentially by containing and isolating the compromised asset. Microsoft said that based on its learnings from previous Scattered Spider attacks, this will also disable the user account used by the gang and revoke all existing active sessions it has open. Elsewhere within Defender, Microsoft has upped its advanced hunting capabilities to help organisations identify and ward off the gang’s more aggressive social engineering attacks on privileged individuals, even going so far as to identify who within the organisation is most likely to be targeted before an attack begins. Analysts will be able to question first- and third-party data sources through Microsoft Defender XDR and Microsoft Sentinel, as well as gaining exposure insights from Microsoft Security Exposure Management, which equips teams with capabilities like critical asset protection and attack path analysis. Exposure Management now also contains threat actor initiatives to unify insights on Scattered Spider to harden their defences and act quicker. The initiative features a guide on key Scattered Spider tactics, techniques and procedures (TTPs), and as well as a broader ransomware initiative focused on reducing exposure to extortion attacks, which also offers Scattered Spider-specific guidance. The latest guidance, which can be read here, also contains core advice for any and all users to take in regard to managing their cloud, endpoint and identity security postures. Read more on Business continuity planning Co-op chief ‘incredibly sorry’ for theft of 6.5m members’ data By: Alex Scroxton Luxury retailer LVMH says UK customer data was stolen in cyber attack By: Alex Scroxton M&S calls for mandatory ransomware reporting By: Alex Scroxton Scattered Spider link to Qantas hack is likely, say experts By: Alex Scroxton Read More

harvepino – stock.adobe.com The Department for Science, Innovation and Technology is leading a push to make the UK tech sector less London-centric By Caroline Donnelly, Senior Editor, UK Published: 16 Jul 2025 18:12 The UK government is investing £1m in accelerating the growth of regional tech clusters outside of London, in acknowledgement of the fact that “tech innovation does not stop at the M25”. The roll-out of the Regional Tech Booster programme is being overseen by the Department for Science, Innovation and Technology (DSIT) and will see tech entrepreneurs based outside the capital offered access to mentoring, funding and skills development opportunities. At the time of writing, no further details had been shared about how interested parties will go about applying for the programme, but DSIT said information on that will be announced later this year. Specifically, DSIT said the programme is geared towards accelerating the growth of tech clusters and early-stage digital startups in areas such as Scotland and the north of England, as part of a push to close the innovation gap between London and the regional tech ecosystems in other parts of the UK. Minister for tech and future digital economy Baroness Jones said the programme is being launched in acknowledgement of the fact that tech innovation is not just limited to London. “Tech innovation doesn’t stop at the M25, and we’re choosing to invest in the talent and ideas flourishing across the UK,” she said. The programme is the latest in a long line of initiatives the government has introduced as part of its Plan for Change, which consists of a series of economic milestones it wants to hit by the end of the current Parliament, continued Jones. “This investment forms an important part of our Plan for Change to kickstart economic growth in every part of the UK. By supporting regional tech entrepreneurs, we’re creating the conditions for innovation and prosperity to flourish.” The UK’s nations and regions are home to a diverse and growing network of tech ecosystems. They already make a vital contribution to the economy, and with the right support, they can do even more Katie Gallagher, UK Tech Cluster Group The initiative also ties into other regional development schemes the government has introduced since coming to power in July 2024, including its AI growth zones buildout plan, which will see high-performance compute facilities built in various corners of the UK in support of the government’s wider AI ambitions. Katie Gallagher, chair of the UK Tech Cluster Group (UKTCG), which is a network of regional tech organisations focused on fostering growth across the UK, said her organisation has been selected to participate in the Regional Tech Booster pilot programme. As such, the UKTCG will support the government in ensuring the programme delivers sustainable benefits that continue beyond the initial £1m funding period, and will work with industry, academic institutions and local tech leaders on its delivery. “We’re pleased that DSIT has selected the UK Tech Cluster Group to pilot a new approach. This programme will focus on collaboration, connecting clusters, sharing best practice, supporting founders and entrepreneurs, and creating a practical playbook for building strong, sustainable regional tech economies,” said Gallagher. She also expanded on the reasons why the programme is needed and why it is so important for tech entrepreneurs based beyond London and the south-east to get a leg-up. “The UK’s nations and regions are home to a diverse and growing network of tech ecosystems. They already make a vital contribution to the economy, and with the right support, they can do even more,” she added. Read more on Infrastructure-as-a-Service (IaaS) Is history repeating itself with the government’s push to open public sector cloud deals to SMEs? By: Caroline Donnelly UK government signs deal with Google Cloud to upskill 100,000 civil servants in AI by 2030 By: Caroline Donnelly DSIT aims to bolster expertise with year-long secondments By: Cliff Saran Government funds training to build UK chip skills By: Cliff Saran Read More

The data protection commissioner for Hamburg believes Meta’s AI training should be stopped By Mark Ballatd Published: 16 Jul 2025 17:47 Europe’s baulked attempt to curb Meta’s artificial intelligence (AI) training will persevere and culminate at the European Court of Justice (ECJ), said the data protection commissioner who is leading the challenge.  Within days of European Union (EU) privacy commissioners giving Meta licence to train its popular open source Llama large language model (LLM) on public posts made by Europeans on its Facebook and Instagram social media platforms, the US big tech firm began its training. It cranked up just in time for the June launch of the AI-powered Ray Ban sunglasses that depend on the deep cultural understanding its AI gets by consuming EU data.  Yet while the regulatory approval was celebrated by those in Europe’s AI industry who believe it has been stifled by over-regulation, and who fear the European Commission’s ongoing implementation of its controversial AI Act will suppress their businesses, the main case against Meta has still to be heard. Four days before Meta was due to start training, a Cologne Court rejected an emergency injunction by which an official German consumer organisation tried to halt Meta’s EU AI training. But it and other consumer bodies have yet to bring their main cases to court. AI training should be stopped Thomas Fuchs, data protection commissioner for Hamburg, who supported the injunction, told Computer Weekly his office has not dropped its belief that the US giant’s AI training should be stopped, even though it conceded after the Cologne ruling and agreed with other EU regulators to let it proceed. “The urgent injunction was denied, but it doesn’t mean that the ruling has to be the same at the end of the whole legislative process,” he said. “So, this is the start. At the end, it will be decided by the European Court of Justice, I’m quite sure.”  The Hamburg commissioner dropped his proceedings to use emergency powers he has under Article 66 of Europe’s GDPR data protection law to halt Meta’s training, after the Irish Data Protection Commissioner, which controls Europe’s regulatory oversight of Meta, decided the US firm had a legitimate interest to proceed under EU law, on condition that it takes strict measures to protect people’s privacy. The urgent injunction [to halt Meta AI training] was denied, but it doesn’t mean that the ruling has to be the same at the end of the whole legislative process Thomas Fuchs, data protection commissioner for Hamburg Fuchs does not believe, as Meta and a lobby of EU AI firms claimed in April, that Europe’s confused AI regulation is holding its industry back. The court ruling and regulatory decisions made no difference to the legal standing of EU AI firms because it concerned Meta “very precisely”, said Fuchs. But it did give EU firms a “green light” to do their own AI training on public posts. “You could say, if even Meta can base AI model training with personal data on legitimate interest, then probably for a lot of other companies that will be suitable as well,” said Fuchs. In a statement he wrote before the court hearing in May, Semjon Rens, Meta’s public policy director for Germanic countries, cited Mario Draghi, the former Italian premiere whose report on Europe’s flagging industries has become a blueprint for urgent European Commission reforms. Draghi said Europe’s AI firms had been impaired by a confusion of burdensome regulation. Terminating Meta’s AI training would weaken Germany’s AI industry, preventing firms from building AI applications using a Llama AI that had gained German cultural, historic and linguistic nuance from EU data, he said. The alternative, he implied, was German companies running Anglo-AI. It would also fragment Europe’s single market, offending another Draghi dictum, he said. EU behind EU regulation has delayed Meta’s EU roll-out of its most advanced Llama model by between six and 18 months, and limited its capabilities, while corporations in the US and India are already using it, said Rens. The European Commission’s agenda is meanwhile dominated by urgent efforts to improve EU competitiveness, and to catch up with AI advances in other countries, which it realised had left it far behind even before its regulatory machine stalled Llama’s training and subsequent roll-out last summer. Professor Ivan Yamschikov, co-founder of Pleias, an EU AI firm that built the multilingual Common Corpus – the world’s largest collection of open data for AI training – said the decisions would boost EU industry by increasing inward investment from US firms that now have the freedom to operate on the same terms as they do in the US. EU firms would, as Meta claimed, gain by utilising Llama models trained on EU data. But it is also a “green flag” for European innovators to proceed even without US money or technology, he said. I’m very happy to see that the focus in Brussels has changed from regulation to enabling growth and innovation Peter Sarlin, SiloAI “If even Meta can base AI model training with personal data on legitimate interest, that will probably be suitable for a lot of other companies as well,” added Yamschikov. “It’s what a common-sense regulator should do – balance the interests of business, innovation and society at large. I believe in growth rather than in hindrance,” he said. Peter Sarlin, CEO of SiloAI, one of Europe’s largest AI firms, said: “I’m very happy to see that the focus in Brussels has changed from regulation to enabling growth and innovation.” He applauded the commission’s Draghi-inspired simplification agenda to cut digital regulation. But he said it was “crucial” that it address barriers facing EU entrepreneurs trying to scale their firms – referring to another Draghi diagnosis that fragmented capital markets left firms gasping for growth capital. The Finnish AI firm accelerated its growth by selling to US chip giant AMD last year. The general counsel at another of Europe’s largest AI firms, who asked not to be named, said regulation was

Chris Chambers – stock.adobe.com The BBC is drawing up plans to outsource roles in its digital product group and finance, which could include some being carried out overseas By Karl Flinders, Chief reporter and senior editor EMEA Published: 16 Jul 2025 15:49 The BBC is reported to be looking at how it can meet tough cost-cutting targets by outsourcing roles in tech and finance. According to a Guardian report, thousands of UK jobs are at risk as the broadcaster seeks cost savings, which could see work carried out offshore. The report states that jobs in Salford, Glasgow, Newcastle and Cardiff could be lost through the plans. Affected departments include the BBC’s finance function and its digital product group, which develops digital platforms like iPlayer. The BBC is said to be in talks with US tech giants, and jobs could be moved offshore. The BBC would not comment on the reported plans, but a spokesperson said: “Like many organisations, it’s routine to assess different options that could deliver these changes, and it would be wrong to suggest decisions have been taken.” The spokesperson added: “We have made clear our ambition to innovate and transform to be able to invest in the content and services audiences love. To do this, we must accelerate our transformation and take advantage of opportunities in technology or with partners to strengthen our capabilities.” Transform through technology In a speech in May, BBC director general Tim Davie said: “We want to transform the BBC through new technology.” He described the use of artificial intelligence (AI) across the broadcaster’s business as an example: “The majority of BBC staff are already using AI in their work and we see big potential as we develop our own bespoke large language model, deploying agentic AI capabilities.” To this end, he said the organisation was “looking at new, major partnerships with the world-leading big-tech companies, the hyperscalers”. “As part of this, we are already working on the media supply chain, the process behind the scenes that gets content from the camera to screen, from microphone to the headphone. This will open up huge creative possibilities, and it will allow us to drive efficiencies and reinvest into world-class content,” he added. Davie also said the organisation wants to increase its use of social media platforms. “We want to help turn the tide by dramatically increasing our news presence on platforms like YouTube and TikTok to ensure we have a stronger position amidst the noise,” he said. “We are already making progress. We are the biggest news account globally on Instagram, but we want to deploy new technology and skills to create more content that works on these platforms while incentivising links to our services.” When it comes to the finance department, the BBC has used Tata Consultancy Services (TCS) since 2023, in a contract with the Indian IT giant to transform the finance and payroll function. Public sector offshoring There is a growing appetite for public sector organisations, such as the BBC, to offshore work to locations such as India to take advantage of huge low-cost talent pools. Speaking to Computer Weekly about TCS’s UK public sector plans last year, Amit Kapur, its UK country head, said there was “potential, paucity and action” with “good engagement”. It’s not just Indian giants that see the UK public sector as an opportunity. Mumbai-headquartered Hexaware said IT suppliers that currently dominate the public sector were in its sights, with a changing appetite for tech within UK government departments and public sector bodies. Read more on IT outsourcing BBC votes for multi-network IoT SIMs in general election By: Joe O’Halloran Ooredoo Qatar claims milestone for private networks in Middle East By: Joe O’Halloran BBC outsources IT to India’s Tata Consultancy Services By: Karl Flinders Delays, downscaling of national fast broadband roll-out threaten BBC digitisation By: Joe O’Halloran Read More

July 17, 2025 Albert Ziegler Head of AI This spring, we had a simple and, to my knowledge, novel idea that turned out to dramatically boost the performance of our vulnerability detection agents at XBOW. On fixed benchmarks and with a constrained number of iterations, we saw success rates rise from 25% to 40%, and then soon after to 55%. The principles behind this idea are not limited to cybersecurity. They apply to a large class of agentic AI setups. Let me share. XBOW’s Challenge XBOW is an autonomous pentester. You point it at your website, and it tries to hack it. If it finds a way in (something XBOW is rather good at), it reports back so you can fix the vulnerability. It’s autonomous, which means: once you’ve done your initial setup, no further human handholding is allowed. There is quite a bit to do and organize when pentesting an asset. You need to run discovery and create a mental model of the website, its tech stack, logic, and attack surface, then keep updating that mental model, building up leads and discarding them by systematically probing every part of it in different ways. That’s an interesting challenge, but not what this blog post is about. I want to talk about one particular, fungible subtask that comes up hundreds of times in each test, and for which we’ve built a dedicated subagent: you’re pointed at a part of the attack surface knowing the genre of bug you’re supposed to be looking for, and you’re supposed to demonstrate the vulnerability. It’s a bit like competing in a CTF challenge: try to find the flag you can only get by exploiting a vulnerability that’s placed at a certain location. In fact, we built a benchmark set of such tasks, and packaged them in a CTF-like style so we could easily repeat, scale, and assess our “solver agent’s” performance on it. The original set has, sadly, mostly outlived its usefulness because our solver agent is just too good on it by now, but we harvested more challenging examples from open source projects we ran on. The Agent’s Task On such a CTF-like challenge, the solver is basically an agentic loop set to work for a number of iterations. Each iteration consists of the solver deciding on an action: a command in a terminal, writing a Python script, running one of our pentesting tools. We vet the action and execute it, show the solver its result, and the solver decides on the next one. After a fixed number of iterations we cut our losses. Typically and for the experiments in this post, that number is 80: while we still get solves after more iterations, it becomes more efficient to start a new solver agent unburdened by the misunderstandings and false assumptions accumulated over time. What makes this task special, as an agentic task? Agentic AI is often used on the continuously-make-progress type of problems, where every step brings you closer to the goal. This task is more like prospecting through a vast search space: the agent digs in many places, follows false leads for a while, and eventually course corrects to strike gold somewhere else. Over the course of one challenge, among all the dead ends, the AI agent will need to come up with and combine a couple of great ideas. If you ever face an agentic AI task like that, model alloys may be for you. The LLM From our very beginning, it was part of our AI strategy that XBOW be model provider agnostic. That means we can just plug-and-play the best LLM for our use case. Our benchmark set makes it easy to compare models, and we continuously evaluate new ones. For a while, OpenAI’s GPT-4 was the best off-the-shelf model we evaluated, but since Anthropic’s Sonnet 3.5 came along in June last year, no other provider managed to come close for a while, no matter how many we tested. Sonnet 3.7 presented a modest but recognizable improvement over its predecessor, but when Google released Gemini 2.5 Pro (preview in March), it presented a real step up. Then Anthropic hit back with Sonnet 4.0, which performed better again. On average. On the basis of individual challenges, some are best solved by Gemini, some by Sonnet. That’s not terribly surprising. If every agent needs five good insights to progress through the challenge, then some sets of five are the kind that come easily to Sonnet, and some sets of five come easily to Gemini. But what about the challenges that need five good ideas, three of which are the kind that Sonnet is good at, and two are the kind that Gemini is good at? Alloyed Agents Like most typical AI agents, we call the model in a loop. The idea behind an alloy is simple: instead of always calling the same model, sometimes call one and sometimes the other. The trick is that you still keep to a single chat thread with one user and a single assistant. So while the true origin of the assistant messages in the conversation alternates, the models are not aware of each other. Whatever the other model said, they think it was said by them. So in the first round, you might call Sonnet for an action to get started, with a prompt like this: System: Find the bug! Let’s say it tells you to use curl. You do that and gather the output to present to the model. So now you call Gemini with a prompt like this: System: Find the bug! Assistant: Let’s start by curling the app. User: You got a 401 Unauthorized response. Gemini might tell you to log in with the admin credentials, and you do that, and then you present the result to Sonnet: System: Find the bug! Assistant: Let’s start by curling the app. User: You got a 401 Unauthorized response. Assistant: Let’s try to log in with the admin credentials. User: You got a 200

connmap connmap is an X11 desktop widget that shows location of your current network peers on a world map. (Works on Wayland as well!) Installation Clone the repository git clone https://github.com/h2337/connmap –depth 1, install the dependencies (see below), run make install, then run the resulting executable ./connmap.elf. If you want to run it without attaching it to the terminal then add ampersand at the end of the command: ./connmal.elf &. You can also add it to your i3wm config to run at startup (make sure it is in the PATH): exec –no-startup-id connmap.elf Dependencies Build dependencies: xlib, libxext, libxfixes, libcairo2 Installation dependencies: unzip Runtime dependencies: iproute2 Installation for Arch Linux: sudo pacman -S –needed iproute2 libx11 libxext libxfixes cairo unzip Installation for Ubuntu: sudo apt install iproute2 libx11-dev libxext-dev libxfixes-dev libcairo2-dev unzip Config Installation will create ~/.config/connmap/connmaprc. Default connmaprc looks like this: location_x 20 location_y 500 map_width 1000 black false update_interval 1 location_x/location_y specifies the initial widget location in your desktop (you can later drag/drop the widget with mouse if you are not using a desktop environment that treats mouse drag as multi-select). map_width specifies the custom pixel width of the map. Height is automatically calculated as width/2. Examples: map_width 500 creates a 500×250px map map_width 1000 creates a 1000×500px map map_width 1500 creates a 1500×750px map map_width 2000 creates a 2000×1000px map Setting black to true will draw map outline in black instead of white. update_interval is seconds the application will sleep for before fetching the updated list of network connections. Limitations Tested only with i3wm, might not work as expected in other DE/WM. Only IPv4 is supported. Read More

Have you ever had a magical experience with software? I have. The magic of Merlin With just 5 simple questions, you can almost identify any bird in North America. These questions are easy: location, time of year, size, color, and what the bird was doing. The Merlin app uses your answers to narrow down candidate birds to just a few options. From there, it’s easy to pick the right bird from the shortlist – no need to mess with a camera to catch a bird mid-flight or deal with unreliable AI features. But then the shocking, magical thing happened – they did introduce an AI-powered “Sound ID” feature, and it was awesome. It was not dodgy in the slightest; I’m no expert, but I’ve never seen Merlin’s Sound ID produce an obviously-wrong identification like I had with so many other AI-powered nature tools.  I thought they might have some crazy technical advancements, but I was wrong. They built that quality through good old-fashioned sweat equity. From their blog post: Merlin is not the first to use deep convolutional neural networks to identify birds by their sounds. […] Previous bird sound ID models have typically been trained using data with a coarser level of temporal resolution. For instance, a model might hear a 30 second recording of a White-breasted Nuthatch, but not be told when the nuthatch is singing in the recording. This can lead to problems: if other species are singing in the same recording, the model will erroneously call all species in the recording a White-breasted Nuthatch, leading to false predictions.  Merlin’s Sound ID tool is trained using audio data which includes the precise moments in time when each bird is vocalizing. The process of generating this data is labor intensive, because it requires sound ID experts to listen to each audio file carefully. As a result of these efforts, the model has the opportunity to learn a more accurate representation of which sounds correspond to which species (and which sounds are ambient noises). We built a custom annotation tool that allows sound ID experts to listen to Macaulay Library recordings and annotate the precise moments when different bird species are vocalizing. Benjamin Hoffman and Grant Van Horn for the Macaulay Library: Behind the Scenes of Sound ID in Merlin My emphasis added in bold above – the magic wasn’t just advanced number-crunching by the latest NVIDIA GPUs or some genius new algorithm. It was created by expert birders who spent hours listening and drawing boxes on top of spectrograms.  What an unreasonable amount of work! And what a beautiful outcome!  Teller? I hardly know her! It reminds me of a story I saw about Penn and Teller, the famous magician duo. Allen Pike tells the story better than I could: Years ago, Teller performed a magic trick. First, he’d have you pick a card. He would attempt to produce the card, but fail, indicating the card may have travelled elsewhere. He’d then lead you on a short walk to a nearby park, and then be inspired to dig a hole. Buried there, beneath undisturbed grass, was a box. When opened, the box would, somehow, contain the card you’d chosen. An impossible trick. To create this magical moment, he had to do something you wouldn’t expect: he’d gone out into the park and buried a number of boxes, corresponding to potential cards one might choose. Then, he waited months – until the grass had grown over. Only then could he perform the trick. Deducing what card you’ve picked is a well-known sleight. But performing a trick where your card is seamlessly buried requires so much advance preparation that it seems impossible. Allen Pike: An Unreasonable Amount of Time The beauty is that anyone could have done this. No individual step is insane – a bit of memorization, a bit of digging and burying. But we’ve all got other responsibilities, priorities, and other what-have-yous. No reasonable person would plan so many months ahead with this tedium. But regardless, one person did. Teller describes the underlying principle like so: “Sometimes magic is just someone spending more time on something than anyone else might reasonably expect.” Allen Pike: An Unreasonable Amount of Time And if you look at it from the other direction, that means that you – yes, you personally 🫵 – have the opportunity to produce magical experiences without any “secret sauce” beyond your willingness to put in the work. But it might not come easily. Progress Everyone who writes code goes through this emotional journey. It’s an uphill battle figuring out the basics. Finally, you get the hang of it. You’re capable of doing anything you want, and that feeling is the highest of highs. Then you hit the lows: when you realize all the interesting parts are farmed out to tech companies doing the real heavy lifting. You started to build your perfect life management app, but your personal contribution is 100% glue code, between Google and Plaid and OpenAI and Twilio and Home Assistant and a dozen other services. When you want to do something and get stuck because there’s no off-the-shelf API to deal with it, that’s the worst feeling of all: realizing that you were never that powerful to begin with.  Everyone who writes code goes through this. Everyone who creates anything goes through this. Having learned to code before LLMs, I can only imagine how hard it is now – easier to get a taste of the good life, harder still to learn the skills needed to make it great. It’s disillusioning to realize you’ve come so far from the start, but you’re still so far from making an impact. Even those cool algorithms fade away as you write your hundredth boring business logic if-statement.  Is this all there is? It’s easy to get jaded. But as you keep going, you find that you can make a difference. You pick up domain experience and life experience, novel insights, and the ability to contribute.

Please update your browser Your browser is no longer supported. Update it to get the best YouTube experience and our latest features. Learn more Opera Mozilla Firefox Microsoft Edge Google Chrome Remind me later Read More

Looking for the most recent Mini Crossword answer? Click here for today’s Mini Crossword hints, as well as our daily answers and hints for The New York Times Wordle, Strands, Connections and Connections: Sports Edition puzzles. My favorite Mini Crosswords are ones that take me on a little journey. Today, I learned something new about Hawaii and also basked in a nostalgic moment while thinking about a childhood board game. Need an assist with today’s Mini Crossword? Read on. And if you could use some hints and guidance for daily solving, check out our Mini Crossword tips. The Mini Crossword is just one of many games in the Times’ games collection. If you’re looking for today’s Wordle, Connections, Connections: Sports Edition and Strands answers, you can visit CNET’s NYT puzzle hints page. Read more: Tips and Tricks for Solving The New York Times Mini Crossword Let’s get to those Mini Crossword clues and answers. The completed NYT Mini Crossword puzzle for Monday, July 21, 2025. NYT/Screenshot by CNET Mini across clues and answers 1A clue: Ceremonial bandAnswer: SASH 5A clue: First official state hand gesture, following a 2024 Hawaiian billAnswer: SHAKA 6A clue: Deck with the Major and Minor ArcanaAnswer: TAROT 7A clue: Just loveAnswer: ADORE 8A clue: Boardwalk has the highest one on a Monopoly boardAnswer: RENT Mini down clues and answers 1D clue: Cool place to be on a sunny dayAnswer: SHADE 2D clue: Name that might come first during an alphabetical roll callAnswer: AARON 3D clue: Hybrid athletic garmentAnswer: SKORT 4D clue: Just loatheAnswer: HATE 5D clue: One whose name is in lightsAnswer: STAR Read More

What is the best internet provider in Raleigh? CNET recommends AT&T Fiber as the best internet provider in Raleigh. The service offers wideespread fiber coverage, fast upload and download speeds, and competitive pricing. It’s the best all-around option in a city that’s already ahead of the curve when it comes to internet performance. If you’re looking for even faster speeds, Google Fiber is the fastest provider in Raleigh, though its premium pricing may not fit every budget. For those outside fiber coverage areas or looking for alternatives, Spectrum delivers reliable cable internet throughout the region, filling in the gaps where fiber might not yet reach. Whether you’re new to the area or just upgrading your connection, Raleigh offers a strong mix of options which balance speed, value and availability when it comes to internet service. Internet providers in Raleigh compared Provider Internet technology Monthly price range Speed range Monthly equipment costs Data cap Contract CNET review score AT&T Fiber Read full review Fiber $55-$245 300-5,000Mbps None None None 7.4 Google Fiber Read full review Fiber $70-$150 1,000-8,000Mbps None None None 7.5 Spectrum Read full review Cable $30-$70 100-1,000Mbps Free modem; $10 router (optional) None None 7.2 T-Mobile Home Internet Read full review Fixed wireless $50-$70 ($35-$55 with eligible mobile plans) 87-415Mbps None None None 7.4 Verizon 5G Home Internet Read full review Fixed wireless $50-$70 ($35-$55 with eligible mobile plans) 50-250Mbps None None None 7.2 Show more (0 item) Source: CNET analysis of provider data. All available Raleigh residential internet providers Fiber is fantastic and Spectrum is everywhere, but there are a few other ISPs to consider when you’re shopping in Raleigh. T-Mobile, in particular, is worthy of consideration as a no-fuss option with simple pricing and a tempting bundle discount. AT&T Internet: Remember those AT&T Fiber dry spots I mentioned earlier? Those areas may be serviced by AT&T’s Internet Air network instead. Speeds can vary greatly. You may only get 10Mbps in some areas of Raleigh for the standard price of $60 a month. So basically, this is me saying, please look for a better option. Go with AT&T Internet Air only if you don’t have faster fiber or cable available to you. Frontier Internet: Frontier’s DSL network sneaks into Raleigh from the northwest so that you will find it as an option up around Brier Creek and Bethesda and around the Durham area. Speeds, however, can be variable. You may be able to pull down speeds of only 12Mbps, or you may be able to get 25Mbps. The price is $65 a month. Residents of Durham can look for Frontier’s faster fiber offerings, which are much preferable to DSL. Raleigh folks, however, will want to skip the Frontier DSL and opt for Google or AT&T fiber, if available, or Spectrum’s speedier cable plans. Google Fiber: AT&T Fiber’s toughest competitor is Google Fiber, which doesn’t quite match AT&T’s top speed or availability across town. However, it’s worthy of strong consideration if it services your address. While Google Fiber has speeds of up to 8,000Mbps in some areas of the US, you’ll be looking at speeds up to 3,000Mbps in Raleigh. That will cost you $100 a month, or you can get 1,000Mbps service for $70 a month. There are no contracts or data caps, and equipment is included, making it one of the best deals for fast, reliable internet.  T-Mobile Home Internet: Availability of either T-Mobile or Verizon home internet services is a roll of the dice that depends on your address and whether any slots are available. Check into T-Mobile if you’re interested in trying fixed wireless internet. T-Mobile costs $50-$70 a month for typical speeds up to 415Mbps. Equipment is included and there are no data caps. It’s a particularly good deal for T-Mobile phone customers. Bundle an eligible phone plan and get your internet for just $35-$55 a month. Satellite internet: Starlink, Viasat and Hughesnet are competitors in the satellite internet market. They likely won’t be your first choice for getting online unless you’re in a rural area with few options. However, digital nomads with a home base in Raleigh might consider Starlink’s on-the-go plan for staying connected while traveling. Walter Bibikow/Getty Images Raleigh broadband at a glance Raleigh residents are in the enviable position of having two major fiber providers competing for their dollars. It’s hard to go wrong with either AT&T Fiber or Google Fiber, but pricing is a factor that can influence which ISP you go with. It may push you to explore options from Spectrum, Verizon or T-Mobile. How many members of your household use the internet? Pricing info on Raleigh home internet service The average starting price for home internet in Raleigh is around $50 a month. It will cost you a little more to get started with fiber. AT&T’s 300Mbps runs $55 a month while Google’s lowest-cost plan is $70 for 1,000Mbps. Look to Spectrum, Verizon and T-Mobile if you’re searching for budget options.  Cheap internet options in the Raleigh metro area One of the cheapest ways to get online is to bundle Verizon or T-Mobile home internet with an eligible phone plan. That knocks your home internet price down to as low as $35 for Verizon and T-Mobile. If you’re shopping for Google Fiber, keep an eye out for the ISP’s Neighborhood 100 Meg plan, which is available in some areas. It’s for households with an annual income under $40,000, and it costs only $20 a month. You’ll be asked to confirm your income when you sign up.  What’s the cheapest internet plan in Raleigh? Provider Starting price Max download speed Monthly equipment fee Contract Spectrum Internet Advantage Read full review $30 100Mbps Free modem; $10 router None Spectrum Internet Premier Read full review $40 500Mbps Free modem; $10 router None T-Mobile Home Internet Read full review $50 ($35 with eligible mobile plan)  318Mbps None None Verizon 5G Home Internet Read full review $50 ($35 with eligible mobile plan) 85Mbps None None AT&T Fiber 300 Read full review