Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Europol Dismantles Criminal Messaging Service MATRIX in Major Global Takedown

The Hacker News - 2 hodiny 20 min zpět
Europol on Tuesday announced the takedown of an invite-only encrypted messaging service called MATRIX that's created by criminals for criminal purposes. The joint operation, conducted by French and Dutch authorities under the moniker Passionflower, comes in the aftermath of an investigation that was launched in 2021 after the messaging service was discovered on the phone of a criminal convicted Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Meta quietly leans on rival GPT-4 despite Zuckerberg’s bold Llama claims

Computerworld.com [Hacking News] - 2 hodiny 46 min zpět

Mark Zuckerberg has consistently championed Meta’s Llama AI model as a leader in generative AI technology, positioning it as a strong competitor to OpenAI and Google. However, behind the scenes, Meta is complementing Llama with a rival AI model to meet its internal needs.

Meta’s internal AI-powered coding assistant, Metamate, uses both Meta’s Llama model and OpenAI’s GPT-4 to help developers and employees with coding tasks, reported The Fortune. The tool, which has been operational since early 2024, dynamically switches between the two models depending on the query, according to a current and a former Meta employee who spoke anonymously to The Fortune.

Kategorie: Hacking & Security

Meta quietly leans on rival GPT-4 despite Zuckerberg’s bold Llama claims

Computerworld.com [Hacking News] - 2 hodiny 46 min zpět

Mark Zuckerberg has consistently championed Meta’s Llama AI model as a leader in generative AI technology, positioning it as a strong competitor to OpenAI and Google. However, behind the scenes, Meta is complementing Llama with a rival AI model to meet its internal needs.

Meta’s internal AI-powered coding assistant, Metamate, uses both Meta’s Llama model and OpenAI’s GPT-4 to help developers and employees with coding tasks, reported The Fortune. The tool, which has been operational since early 2024, dynamically switches between the two models depending on the query, according to a current and a former Meta employee who spoke anonymously to The Fortune.

Kategorie: Hacking & Security

7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments

The Hacker News - 2 hodiny 50 min zpět
Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. However, the cloud's flexibility, scalability, and efficiency come with significant risk — an expanded attack surface. The decentralization that comes with utilizing multi-cloud environments can also lead to limited visibility into user activity [email protected]
Kategorie: Hacking & Security

Hands on with Microsoft’s Windows Recall: Not impressive yet

Computerworld.com [Hacking News] - 3 hodiny 40 min zpět

When Microsoft announced Recall earlier this year, the move took the tech world by storm — and not in a good way.

Recall is supposed to help you find almost anything you see on your PC by taking screenshots in the background and turning your everyday Windows usage into a searchable database. Out of the gate, Microsoft made some questionable privacy decisions, and the company was unable to properly explain why we should actually trust Recall to collect and process so much sensitive info.

Now, many months later and after a variety of changes, the controversial Windows Recall feature is finally available for testing — as long as you have a Qualcomm Snapdragon X-powered Copilot+ PC and are willing to join the bleeding-edge Windows Insider Dev channel for testing early software. In other words, most average business users can’t actually test it yet.

But that doesn’t mean you have to remain blind to the progress. I’ve been using Recall on a Microsoft Surface Laptop 7 for the past few days. And, while I was intrigued by its promise (especially after those privacy changes), it’s just nowhere near what Microsoft has promised.

Want expert insights on the future of Windows? Check out my free Windows Intelligence newsletter — three new things to try every Friday. Plus, get a free Windows Field Guide as a special welcome bonus!

Why you might want to use Windows Recall

On the surface, Recall sounds like an intriguing enough feature for knowledge workers. Just think: If you have a modern Copilot+ PC, Windows can take screenshots (or “snapshots”) in the background every five seconds and store them for later. Then, you can use “AI” to search through them.

Imagine being able to ask, “What was that document I was looking at a week ago — the one with the green-and-red pie chart?” or “I was researching hotels a month ago — show me the one with a balcony overlooking the river.” Recall would understand the content of the snapshots, including the images, and use AI to understand and process your precise requests — in theory, at least.

Depending on who you are and how you use your PC, it seems like either a fascinatingly useful feature or something you’d definitely want to avoid. But it definitely doesn’t seem boring.

And Microsoft designed Recall in a much more private way than you might expect, especially after the latest round of changes. You can read my in-depth Recall privacy FAQ for all the details around how exactly that works. Now, I want to get into the specifics of what the system’s actually like to use.

Getting to know Microsoft’s Windows Recall interface

First things first: When you’re using a Copilot+ PC where Recall is available, the feature isn’t turned on automatically by default. You have to choose to activate it, or it won’t do anything.

And once Recall is active, it’s never hiding. Recall shows a status icon in your system tray, and you can use that status icon to see what it’s doing, access settings, and pause it from saving snapshots.

The Recall system tray icon lights up blue whenever the system is active.

Chris Hoffman, IDG

In the Recall setting window, you can tell Recall to never capture snapshots of specific applications or websites. (Recall already won’t capture snapshots of private browsing windows in modern web browsers like Chrome, Edge, Firefox, and other Chromium-based browsers.)

The Settings window lets you filter out specific apps and websites so Recall will never capture them.

Chris Hoffman, IDG

You can open the full Recall window from that system tray icon or via a taskbar icon or Start menu shortcut. When you do, you’ll have to authenticate with Windows Hello (using facial recognition, a fingerprint, or a PIN) before you can access any snapshots or associated info.

Recall protects your snapshots with encryption, and you have to authenticate to see them.

Chris Hoffman, IDG

Then, you can see the current snapshots or scroll back through everything you’ve had on your screen by hand. But the real point of the Recall window is the search box, where you can search a sprawling database of snapshots simply and without any real effort — again, in theory.

The reality of Microsoft Recall search

In this first public test release, the basics are all perfectly functional. Let’s say, for example, you want to recall what you were reading about a project named Windows Longhorn. You can plug in the word “Longhorn,” and you’ll find instances where the word Longhorn appeared on your screen. This could help you find relevant documents, emails, and web pages you’d explored. That could conceivably be useful to knowledge workers who are looking for a more powerful search experience.

Unfortunately, it doesn’t quite work like Microsoft promised. Let’s say you want to find pie charts: A Recall search for the term “pie chart” will generally only find pie charts if the words “pie” and “chart” actually appeared on the screen at the same time. In other words, the visual search is not working like you’d expect.

Recall’s “text matches” work much more reliably than the “visual matches.”

Chris Hoffman, IDG

Additionally, the “AI-powered” part of the search doesn’t seem to be functioning properly at all. I can’t reliably perform queries like “Find me that document from yesterday with a blue pie chart.”

Mostly, what Recall seems to be doing is:

  • Capturing the contents of the screen every five seconds or so
  • Using optical character recognition (OCR) to convert the words on screen to searchable text
  • Letting you search for words in those screenshots and showing you the results

That’s potentially interesting, but it’s far from what I expected and what Microsoft promised. Recall does provide “visual matches” in addition to those “text matches,” but they often don’t seem to be particularly relevant or helpful.

The power of Recall’s “Click to Do” capability

Basic search smarts aside, Recall includes a noteworthy option called “Click to Do.” After you open a snapshot, Click to Do will make the snapshot interactive, letting you copy text and images and perform actions on the image. For example, you can copy selected text, perform a web search for something seen within the snapshot, or send an email to a selected web address from the snapshot.

Recall uses optical character recognition (OCR) to extract text from snapshots and make it copyable.

Chris Hoffman, IDG

Recall’s Windows integration problem

More than anything, the core issue with Recall is that the system isn’t really part of Windows at any deep level. It’s an application that captures screenshots and lets you search through them. It doesn’t work closely enough with the applications you actually use.

Here’s what I mean: Let’s say you used Recall to dig up a Word document you were looking at the other day. Now you’ve found the document, and you want to open it.

Well, Recall knows the document was in Microsoft Word, so you can click a button to open Word. But Recall doesn’t know what specific file document was involved. There’s no one-click action to open a specific document. You have to look at the title of the document in the Microsoft Word snapshot and hunt it down yourself.

This works a bit better with snapshots of web browsers, since the URL of the web page is displayed at the top of the screen in the address bar — so “Click to Do” can extract the web address and let you open it in a single click.

But, if the address of the web page is particularly long or your browser window is particularly small, the full address of the web page won’t appear visually in the snapshot. And that means you won’t be able to open it, since Recall only captures and uses visual details.

In other words, Recall functions as a bit of a “dirty hack” in some ways. Rather than applications providing information to Recall about what documents, pages, or emails you have open, Recall just grabs whatever it can see visually on screen. And that doesn’t create an especially compelling real-world experience.

Microsoft’s multi-device challenge

There’s another asterisk to consider with Recall’s practical effectiveness, and it’s connected to some of the more positive-seeming changes Microsoft has made to the system.

For privacy reasons, Recall snapshots are stored only on your PC. They can’t be synced to any other device. That’s beneficial for privacy, sure, but it has some serious consequences for knowledge workers.

Specifically, Recall only allows you to search snapshots of things you’ve seen on your current PC. If you use multiple computers — a laptop and a desktop PC, for example — you’ll have to ask yourself, “Did I see that thing on my laptop or my desktop?” And that confusion only gets more complicated when you factor in devices like phones and tablets.

I’m not sure this will ever be resolved, as there’s such a strong push to keep Recall data on each device — and for good privacy reasons. But it will create an awkward challenge for productivity workers looking to use the feature.

The future of Windows Recall

What we’re seeing now is less of a finish line and more of a first step in a long, ongoing race. As it stands now, Recall isn’t for everyone, and I’m glad it’s off by default. Many people, particularly privacy-conscious professionals and those who work at companies with strict policies surrounding data use, won’t want to touch it. But many knowledge workers would benefit from a more powerful search tool that helps them dig through all the information they’ve seen on their PC, and it would be great if Microsoft could deliver a more powerful experience.

As of its initial testing release, Recall delivers the bare minimum and doesn’t provide the strong visual analysis and AI-powered search features Microsoft promised. I hope Recall evolves and improves. And it very well might! We can’t judge it only based on this early release. (Of course, Recall was supposed to launch on consumer PCs nearly six months ago.)

But I’m hoping for progress. It would be a shame to go through such a long and controversial news cycle and not get a powerful tool out of it. Right now, it doesn’t make sense that Microsoft took so much heat for this feature.

This is only the start: Sign up for my free Windows Intelligence newsletter to be the first to see my in-depth impressions. You’ll also get three new things to try every Friday and free copies of Paul Thurrott’s Windows Field Guides as a special welcome bonus.

Kategorie: Hacking & Security

Microsoft moves to stop M365 Copilot from ‘oversharing’ data

Computerworld.com [Hacking News] - 3 hodiny 40 min zpět

As Microsoft pushes for businesses to adopt its Microsoft 365 Copilot, many customers have run into a major stumbling block: the AI assistant’s ability to surface confidential information to employees. To deal with the oversharing problem, Microsoft rolled out new tools at its Ignite event last month, including new features in SharePoint Advanced Management and Purview, alongside a blueprint guide to deploying the generative AI (genAI) assistant. 

“AI tools like Copilot are an increasing concern for data security professionals due to the amount and nature of data that these tools have access too,” said Jennifer Glenn, research director for IDC’s Security and Trust Group. “Since Microsoft 365 is pervasive in the enterprise, the concerns about Copilot inappropriately accessing or sharing data is a concern I’ve heard often.” 

She added that the new data governance and security tools from Microsoft to address oversharing are “essential for enterprises to feel confident in adopting AI tools like Copilot.”

The ability to sift through broad swaths of corporate data and retrieve information for a user is one of M365 Copilot’s strengths. Responses are grounded in the information held across an organization’s M365 environment, such as Word docs, emails, Teams messages, and more. The downside to that feat? Copilot’s language models can also access sensitive files that aren’t locked down. 

For some organizations, this has resulted in employees gaining access to confidential data in Copilot’s responses: payroll data, confidential legal files, even top-secret company strategy documents, or any information Copilot can access. 

“AI is really good at finding information, and it can surface more information than you would have expected,” said Alex Pozin, director of product marketing at Microsoft, during a session at Ignite. “This is why it’s really important to address oversharing.”

The implication for businesses is that “it can be hard to get started with AI in the first place, because you have to address these problems before you get there,” he said.

“Typically, these issues are a by-product of collaboration,” said Pozin, particularly relating to SharePoint sites and OneDrive.

There are a number of reasons Microsoft’s M365 Copilot can “overshare.”

Microsoft

The reasons Copilot can overshare data include site privacy set to “public” rather than “private,” a default file-sharing option that favors access to data by everyone in an organization, and a lack of sensitivity labels, among others. Addressing this is no small task: some companies’ sites contain “millions” of files, said Pozin. 

Part of Microsoft’s plan is to expand access to SharePoint Advanced Management (SAM). SAM — introduced as part of SharePoint Premium last year — will be included at no extra cost to M365 Copilot subscriptions starting in early 2025. (M365 Copilot costs $30 per user a month; SharePoint Premium costs $3 per user each month.)

There are also new features for SAM that Microsoft says will provide greater control over access to SharePoint files.  

For instance, permission state reports (now generally available) can identify “overshared” SharePoint sites, while site access reviews (also now available) provide a way to ask site owners to address permissions. 

Restricted Content Discovery, which rolls out this month, lets admins prevent Copilot from searching a site and processing content; otherwise, the site will remain unchanged and users can access it as usual. This builds on Restricted Access Control, launched in GA last year, which lets admins take control to restrict site access to site owners only, while also preventing Copilot from summarizing files at the same time (intended as a temporary measure, Microsoft said).

How to restrict Copilot from accessing site data. 

Microsoft

“There are situations where you do identify sites that are top secret or kind of “secret sauce” sites where you … want to hide them from Copilot altogether and never risk anyone unintentionally being able to see that content,” said Dave Minasyan, principal product manager, Microsoft, during the Ignite session. “Restricted Content Discovery is the way to do that … you can surgically lock down or hide sites from Copilot reasoning.” 

There are also new tools in Purview — Microsoft’s data security and governance software suite that’s available in E5 subscriptions — to identify overshared files that can be accessed by Copilot. 

This includes oversharing assessments for M365 Copilot in Data Security Posture Management (DPSM) for AI, which launched in public preview at Ignite. Accessible in the new Purview portal, the oversharing assessments help highlight data that could present a risk by scanning files for sensitive data and identifying repositories such as SharePoint sites where access permissions are applied too broadly. There are also recommendations for how to mitigate oversharing risk, such as adding sensitivity labels or restricting access from SharePoint. 

Microsoft Purview Data Loss Prevention for M365 Copilot, also in public preview, lets data security admins create data loss prevention (DLP) policies to exclude certain documents from processing by Copilot based on a file’s sensitivity label. This applies to files held in SharePoint and OneDrive, but can be configured at other levels, such as group, site, and user, to provide more flexibility around who can access what. 

Another tool in Purview, Insider Risk Management, can now be used to detect “risky AI usage.” This includes prompts that contain sensitive information and attempts by users to access unauthorized sensitive information. The feature, also in public preview, covers M365 Copilot, Copilot Studio, and ChatGPT Enterprise. 

Finally, there’s a new blueprint resource on the Microsoft Learn site that outlines recommended paths to mitigate oversharing during three stages of M365 Copilot rollouts: pilot, deployment, and ongoing operations. There are two blueprints; a more basic “foundational path” and an “optimized path” that uses some of the more advanced data security and governance tools in E5. 

Microsoft’s high-level view for deploying M365 Copilot.

Microsoft

“The new built-in M365 Copilot governance controls are long-overdue,” said Jason Wong, distinguished vice president analyst at Gartner. “Immature security controls and oversharing concerns have been top challenges for organizations as they evaluate and implement M365 Copilot in 2024.”

A Gartner survey of 132 IT leaders in June showed that data “oversharing” prompted  40% of respondents to delay M365 Copilot rollouts by three months or more, while 64% claimed information governance and security risks required significant time and resources to deal with during deployments.

Gartner’s survey indicated that businesses are keen to access tools to help manage their data: more than a quarter of respondents upgraded their M365 licenses to include some Microsoft Purview services. The issue isn’t just a problem for Microsoft; a range of third-party software vendors ­— Syskit and Varonis, for instance — also promise to help organizations manage and secure their data when deploying M365 Copilot.

Wong said customers looking to deploy M365 Copilot need to invest in a range of measures to ensure the AI assistant is rolled out securely — all of which plays into the value generated by M365 Copilot. 

“Even with the built-in features, factoring Copilot total cost of ownership and ROI figures should include any additional spending and resource commitment needed for security remediation and ongoing operations, including training employees on safely storing and sharing information,” said Wong.

Kategorie: Hacking & Security

Intel’s CEO, Pat Gelsinger, ‘retires’ — riiiiight

Computerworld.com [Hacking News] - 3 hodiny 40 min zpět

Back in the 1990s, when Bill Clinton was president, people figured out they might just want to be on the internet, and Intel and Microsoft were the major technology powers. Between them, they owned the PC market and you’d have been laughed at if you told someone that “WinTel” would collapse like a house of cards in a hurricane.

Things have changed.

On Monday, Intel announced CEO Pat Gelsinger’s immediate “retirement.” Well, the company says he retired — but no one with a clue is buying that. He was forced out by the company’s board of directors, which had grown increasingly frustrated with the pace of his attempts to turn Intel around.

Word is that Gelsinger, who had been at Intel’s helm for nearly four years, was reportedly given two options by the board: retire or be fired. After almost 40 years at the company, he understandably didn’t want to be shoved out the door. 

There are many reasons why push came to shove. But you can’t blame it all on Geisinger. Intel had been heading downward since 2007

Why that particular year? Because 2007 is when Apple introduced the iPhone — with Samsung chips. The iPhone could have had “Intel Inside.” Apple CEO Steve Jobs wanted that, but Intel fumbled the deal. We didn’t know it at the time, but tech users —and everyone else — were starting to move away from PCs to smartphones. (In case you haven’t noticed, Intel has never had a meaningful smartphone chip.)

For the record, Intel did have several smartphone-capable chip families, including the XScale and the Atom. Then, as until recently, Intel was laser-focused on its current PC and server market. This short-term thinking, deadly in the long run in the ever-changing tech business, would show up again and again as Intel started its slow, sure decline. 

Next, rather than update its chip foundries, Intel was slow to adopt extreme ultraviolet lithography (EUV), a crucial technology for advanced chip manufacturing. The delay enabled rivals such as AMD and Taiwan Semiconductor Manufacturing Company (TSMC) to take the chip production lead.

More recently, in 2020, Apple dumped Intel for its own ARM-based chips. That hurt. 

In the meantime, AMD introduced its Zen architecture, launching Ryzen processors and EPYC chips for servers in 2017. The result? AMD’s share of the desktop market grew from 17.1% in Q3 2017 to 28.7% by Q3 2024, and EPYC gained significant traction in the server market, with 24.2% unit share and 33.9% revenue share by 2024’s third quarter.

Then came the real killer: AI and Nvidia, another example where Intel didn’t see the revolution coming. Truthfully, you can’t blame Intel too much for missing the rise of AI. Few people did. Nvidia, however, had been growing like gangbusters long before AI supercharged its growth. The rise of high-end gaming and cryptocurrency started its rise as a trillion-dollar company. 

Intel? The chipmaker’s GPU market share dropped from an already abysmal 2% in Q2 2023 to zero — zilch— in Q2 2024, while rival Nvidia’s share rose from 80% to 88% during  the same period.

Meanwhile, Intel’s stock price had dropped by approximately 60% since Gelsinger took over in February 2021. This past October, Intel posted a quarterly loss of $16.6 billion, the company’s largest net loss in its 56-year history. In that same quarter, Intel failed to issue stockholder dividends for the first time since 1992. And then Intel was removed from the Dow.

The latter was the final insult.

Some publications have called Gelsinger’s retirement “surprising.” Please, I’ve been expecting this since the summer, and I’m no genius. 

True, Gelsinger had unveiled plans for a $20 billion chipmaking facility in Ohio and expanded operations in Europe. Intel will also — maybe — benefit from billions in aid, thanks to the CHIPS Act to support America’s chip foundry construction. I say maybe because President-elect Donald J. Trump wants to kill CHIPS. He believes tariffs on foreign companies, such as Taiwan-based TSMC, will magically generate billions of dollars to build new semiconductor foundries in the US. Yeah. Sure. 

Now, in the wake of Gelsinger’s departure, Intel has appointed CFO David Zinsner and Chief Product Officer Michelle Johnston Holthaus as interim co-CEOs. The board has created a search committee to find a permanent replacement “diligently and expeditiously.” I think I’d have worked on finding a new CEO long before now, but that’s just me.

Frankly, I think Intel is done. No, it won’t fall apart tomorrow. But short of a government bailout, much bigger than the one Trump doesn’t want a thing to do with, I don’t see Intel surviving in the long run. 

The name will live on, but Qualcomm, for one, might be the company calling the shots if it ends up buying out Intel. Andy Grove, the CEO who set Intel on its path to glory in b better times, must be spinning in his grave.

Kategorie: Hacking & Security

20 handy hidden tricks for Google Calendar on Android

Computerworld.com [Hacking News] - 3 hodiny 55 min zpět

Google Calendar is a core part of the Android productivity package — but if all you’re using is what you see on the app’s surface, you’re missing out on some pretty powerful possibilities.

Yes, oh yes: Just like so many of our modern digital tools, there’s more to Google Calendar than meets the eye. And while the majority of the service’s advanced options may revolve around the Calendar website, the Calendar Android app has its share of handy out-of-sight options that are specific to the mobile experience. From time-saving shortcuts to efficiency-boosting options, they’re all things that have the potential to make your life easier in small but significant ways.

Find time in your agenda to check out these hidden Google Calendar goodies on Android. Trust me: You’ll be glad you did.

(Note that these tips are all specific to the Google Calendar Android app, which is free and available to use on any Android device — though not necessarily always the default calendar app that’s present on all phones out of the box!)

Google Calendar Android trick #1: Quick peeking

Tell me if you can relate to this: You head into the Calendar app on your phone to create a new event. You open the screen to add the event in — and then you find yourself facing a foggy mental blank.

What else did you have going on that day? Did you need to schedule the event for 2:00 p.m., or would 3:00 be better? When was that podiatrist appointment, again?

[Psst: Love shortcuts? My Android Shortcut Supercourse will teach you tons of time-saving tricks for your phone. Sign up now for free!]

I’ve certainly been there (well, not to the podiatrist, specifically, but in the general event brain fog situation). And the Android Calendar app doesn’t do much to offer any broader calendar context while you’re in the midst of adding in a new event.

Or so it’d seem. After years of using Google Calendar on Android, I not long ago noticed a curiously camouflaged option that’ll change the way you create events on your phone.

See that barely noticeable light-gray line at the top of the Calendar app’s event creation screen? The one that looks vaguely like an arrow pointing downward?

You’d never know it, but that subtle gray line hides a spectacular agenda-juggling superpower.

JR Raphael, IDG

Yup, that’s the one. The next time you’re adding a new event on your phone and you find yourself wondering what else is on your agenda around that same time, tap that line — or, alternatively, use it as a hint to swipe downward anywhere within the main event creation area of the screen.

And…

srcset="https://b2b-contenthub.com/wp-content/uploads/2024/12/01-google-calendar-android-quick-peek-animation.webp?quality=50&strip=all 700w, https://b2b-contenthub.com/wp-content/uploads/2024/12/01-google-calendar-android-quick-peek-animation.webp?resize=290%2C300&quality=50&strip=all 290w, https://b2b-contenthub.com/wp-content/uploads/2024/12/01-google-calendar-android-quick-peek-animation.webp?resize=674%2C697&quality=50&strip=all 674w, https://b2b-contenthub.com/wp-content/uploads/2024/12/01-google-calendar-android-quick-peek-animation.webp?resize=162%2C168&quality=50&strip=all 162w, https://b2b-contenthub.com/wp-content/uploads/2024/12/01-google-calendar-android-quick-peek-animation.webp?resize=81%2C84&quality=50&strip=all 81w, https://b2b-contenthub.com/wp-content/uploads/2024/12/01-google-calendar-android-quick-peek-animation.webp?resize=464%2C480&quality=50&strip=all 464w, https://b2b-contenthub.com/wp-content/uploads/2024/12/01-google-calendar-android-quick-peek-animation.webp?resize=348%2C360&quality=50&strip=all 348w, https://b2b-contenthub.com/wp-content/uploads/2024/12/01-google-calendar-android-quick-peek-animation.webp?resize=242%2C250&quality=50&strip=all 242w" width="700" height="724" sizes="(max-width: 700px) 100vw, 700px">Surprise, surprise: Your entire agenda is never more than a swipe away.

JR Raphael, IDG

Wouldya look at that?! You can actually minimize that event creation interface down to a tiny panel and browse around on your calendar above it.

And that’s not all…

Google Calendar Android trick #2: Simple sliding

After you’ve entered that concealed quick-peek view, remember this: If you decide you need to shift your new event around to another time, you can simply touch and hold the outline on your screen and slide your finger up and down to move it.

Nifty, no? And there’s one more piece to this puzzle yet…

Google Calendar Android trick #3: Gesture adjusting

In addition to sliding an event around to move it in the Calendar Android app’s event creation quick-peek interface, you can touch your finger to the dots on the top or bottom of your event’s outline and then slide up or down from there to make the event longer or shorter.

srcset="https://b2b-contenthub.com/wp-content/uploads/2024/12/03-google-calendar-android-event-length.webp?quality=50&strip=all 700w, https://b2b-contenthub.com/wp-content/uploads/2024/12/03-google-calendar-android-event-length.webp?resize=300%2C141&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2024/12/03-google-calendar-android-event-length.webp?resize=150%2C71&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2024/12/03-google-calendar-android-event-length.webp?resize=640%2C301&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2024/12/03-google-calendar-android-event-length.webp?resize=444%2C209&quality=50&strip=all 444w" width="700" height="329" sizes="(max-width: 700px) 100vw, 700px">Longer? Shorter? You name it — this gesture makes event adjustments as easy as can be.

JR Raphael, IDG

Now if only our actual meetings could be condensed down so easily.

Google Calendar Android trick #4: Instant perspective

When you need to glance at a full-month view whilst thumbing through your events, take note of the following invisible Android Calendar shortcut: You can tap or swipe downward on the app’s top bar — where it says the current month’s name — to bring a monthly view into focus. Tap on the bar a second time (or swipe back up, with your finger starting just beneath that area) to hide it when you’re done.

srcset="https://b2b-contenthub.com/wp-content/uploads/2024/12/04-google-calendar-android-month-view-slide.webp?quality=50&strip=all 700w, https://b2b-contenthub.com/wp-content/uploads/2024/12/04-google-calendar-android-month-view-slide.webp?resize=288%2C300&quality=50&strip=all 288w, https://b2b-contenthub.com/wp-content/uploads/2024/12/04-google-calendar-android-month-view-slide.webp?resize=668%2C697&quality=50&strip=all 668w, https://b2b-contenthub.com/wp-content/uploads/2024/12/04-google-calendar-android-month-view-slide.webp?resize=161%2C168&quality=50&strip=all 161w, https://b2b-contenthub.com/wp-content/uploads/2024/12/04-google-calendar-android-month-view-slide.webp?resize=81%2C84&quality=50&strip=all 81w, https://b2b-contenthub.com/wp-content/uploads/2024/12/04-google-calendar-android-month-view-slide.webp?resize=460%2C480&quality=50&strip=all 460w, https://b2b-contenthub.com/wp-content/uploads/2024/12/04-google-calendar-android-month-view-slide.webp?resize=345%2C360&quality=50&strip=all 345w, https://b2b-contenthub.com/wp-content/uploads/2024/12/04-google-calendar-android-month-view-slide.webp?resize=240%2C250&quality=50&strip=all 240w" width="700" height="730" sizes="(max-width: 700px) 100vw, 700px">One swift swipe, and boom: Your monthly calendar view is there and ready.

JR Raphael, IDG

Who knew?!

Google Calendar Android trick #5: Expanded intelligence

Looking at the Google Calendar app on an Android tablet — or a folding phone like the Pixel Fold in its fully unfolded state? You’ve got even more agenda-expanding magic at your fingertips and just begging to be found.

By default on any such device, the Calendar app will expand to take advantage of that screen space in a variety of scenarios. What isn’t obvious, though, is the fact that you can split and then customize your view anytime with a simple on-screen swipe.

In any view other than the Month overview, look for a thin gray line at the left of the screen. (Again: This’ll work only when you’re using the app on a larger-screened device — either a tablet or a fully unfolded foldable.)

Slide your finger on that line toward the right — and hey, how ’bout that?!

srcset="https://b2b-contenthub.com/wp-content/uploads/2024/12/05-google-calendar-android-pixel-fold-panels.webp?quality=50&strip=all 600w, https://b2b-contenthub.com/wp-content/uploads/2024/12/05-google-calendar-android-pixel-fold-panels.webp?resize=300%2C287&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2024/12/05-google-calendar-android-pixel-fold-panels.webp?resize=176%2C168&quality=50&strip=all 176w, https://b2b-contenthub.com/wp-content/uploads/2024/12/05-google-calendar-android-pixel-fold-panels.webp?resize=88%2C84&quality=50&strip=all 88w, https://b2b-contenthub.com/wp-content/uploads/2024/12/05-google-calendar-android-pixel-fold-panels.webp?resize=502%2C480&quality=50&strip=all 502w, https://b2b-contenthub.com/wp-content/uploads/2024/12/05-google-calendar-android-pixel-fold-panels.webp?resize=376%2C360&quality=50&strip=all 376w, https://b2b-contenthub.com/wp-content/uploads/2024/12/05-google-calendar-android-pixel-fold-panels.webp?resize=261%2C250&quality=50&strip=all 261w" width="600" height="574" sizes="(max-width: 600px) 100vw, 600px">Panels a-plenty await in the Google Calendar Android app on a large-screened device.

JR Raphael, IDG

You can see the full month view right there alongside whatever else you were viewing — at any width you like.

To get to a similar sort of setup from the main Month view, just tap on any event in the calendar. That’ll pull up detailed info about the event in a separate panel to the left — which, once more, you can customize and resize by sliding your finger along the thin gray line separating the two panels.

Not bad, eh?

Google Calendar Android trick #6: Time travel

If you’re already in the Android Calendar app’s full-screen Month view — no matter what type of device you’re using — try tapping on that same month’s name at the top of the screen.

From that view, that action will reveal a nifty new quick-jump bar for quickly zipping forward or back in time to any month imaginable — no scrolling, flipping, or futzing around required.

srcset="https://b2b-contenthub.com/wp-content/uploads/2024/12/06-google-calendar-android-month-chips.webp?quality=50&strip=all 700w, https://b2b-contenthub.com/wp-content/uploads/2024/12/06-google-calendar-android-month-chips.webp?resize=300%2C39&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2024/12/06-google-calendar-android-month-chips.webp?resize=150%2C19&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2024/12/06-google-calendar-android-month-chips.webp?resize=640%2C82&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2024/12/06-google-calendar-android-month-chips.webp?resize=444%2C57&quality=50&strip=all 444w" width="700" height="90" sizes="(max-width: 700px) 100vw, 700px">All it takes is a tap to fly through time from the Google Calendar app’s Month view.

JR Raphael, IDG

And speaking of shadowy shortcuts…

Google Calendar Android trick #7: Snazzy snapping

Anytime you’re scrolling through your Schedule view in the Calendar app and want to jump back to the current day, tap the small calendar icon (the box with the current date in it, directly to the left of your profile picture in the upper-right corner of the screen).

You can snap yourself back to the present with the Android Calendar app’s easily overlooked day icon.

JR Raphael, IDG

That’ll beam you instantly back to today, no matter how far into the future you’ve traveled.

Google Calendar Android trick #8: Tasks on demand

While we’ve got our attention on that upper-right corner area of the Google Calendar Android app interface, be sure to take note of a very recently added option that’s all too easy to overlook.

As of only this month, Google’s in the midst of rolling out an Android Calendar update that integrates Google Tasks directly into the app — so you can see and manage all of your tasks right within your calendar environment, without having to toggle over to the separate standalone Tasks app.

Just tap the small circled checkmark icon in the Calendar app’s upper-right corner, directly to the right of the current day box we were just chewing over.

srcset="https://b2b-contenthub.com/wp-content/uploads/2024/12/08-google-calendar-android-tasks.webp?quality=50&strip=all 700w, https://b2b-contenthub.com/wp-content/uploads/2024/12/08-google-calendar-android-tasks.webp?resize=300%2C216&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2024/12/08-google-calendar-android-tasks.webp?resize=233%2C168&quality=50&strip=all 233w, https://b2b-contenthub.com/wp-content/uploads/2024/12/08-google-calendar-android-tasks.webp?resize=117%2C84&quality=50&strip=all 117w, https://b2b-contenthub.com/wp-content/uploads/2024/12/08-google-calendar-android-tasks.webp?resize=667%2C480&quality=50&strip=all 667w, https://b2b-contenthub.com/wp-content/uploads/2024/12/08-google-calendar-android-tasks.webp?resize=500%2C360&quality=50&strip=all 500w, https://b2b-contenthub.com/wp-content/uploads/2024/12/08-google-calendar-android-tasks.webp?resize=347%2C250&quality=50&strip=all 347w" width="700" height="504" sizes="(max-width: 700px) 100vw, 700px">Tasks, within Calendar — what’ll they think of next?!

JR Raphael, IDG

If you aren’t seeing that icon yet, don’t panic! It’s actively arriving for Android device-owners worldwide as we speak, and it should show up for you any day now.

Google Calendar Android trick #9: Speedy deleting

Here’s an easily missed and incredibly handy gesture in the Google Calendar Android app: From the Schedule view, you can swipe any event or reminder toward the right to delete it in a single, swift action.

srcset="https://b2b-contenthub.com/wp-content/uploads/2024/12/09-google-calendar-android-delete-event.webp?quality=50&strip=all 700w, https://b2b-contenthub.com/wp-content/uploads/2024/12/09-google-calendar-android-delete-event.webp?resize=300%2C130&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2024/12/09-google-calendar-android-delete-event.webp?resize=150%2C65&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2024/12/09-google-calendar-android-delete-event.webp?resize=640%2C277&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2024/12/09-google-calendar-android-delete-event.webp?resize=444%2C192&quality=50&strip=all 444w" width="700" height="303" sizes="(max-width: 700px) 100vw, 700px">Ahh — cancelling plans has never been so satisfying.

JR Raphael, IDG

So long, responsibilities!

Google Calendar Android trick #10: Quick creation

In addition to deleting events at the speed of light, you can also create new events in a delightfully swift way within the Google Calendar app — right from your daily calendar view.

All you’ve gotta do is tap on any open space in that part of the Android Calendar app, and you’ll see an event creation box right then and there:

Add an event into your calendar without any fuss by tap, tap, tapping.

JR Raphael, IDG

Also worth noting: The same tricks we went over a second ago for sliding around or extending your event’s time will work in this context, too, once you’ve brought that box into focus.

Google Calendar Android trick #11: The double-tap dance

In addition to the tap-anywhere trick for speedy event creation, the Google Calendar Android app has a hidden step-saver within its regular new-event button — y’know, that big honkin’ plus icon floating in the lower-right corner of the screen.

Typically, when you tap that button, you see a pop-up list of options for what you want to create — an event, a task, and so on. It consequently takes extra time to tap the button once, wait for the options to appear, then find and tap the “Event” option to move forward.

But there’s a better way — if you know how to use it. The next time you need to create a new event and you find your finger on that fancy floating button, remember this: You can simply double-tap that button quickly, without pausing, to instantly jump into the new event creation interface.

srcset="https://b2b-contenthub.com/wp-content/uploads/2024/12/11-google-calendar-android-double-tap-add-event.webp?quality=50&strip=all 700w, https://b2b-contenthub.com/wp-content/uploads/2024/12/11-google-calendar-android-double-tap-add-event.webp?resize=290%2C300&quality=50&strip=all 290w, https://b2b-contenthub.com/wp-content/uploads/2024/12/11-google-calendar-android-double-tap-add-event.webp?resize=675%2C697&quality=50&strip=all 675w, https://b2b-contenthub.com/wp-content/uploads/2024/12/11-google-calendar-android-double-tap-add-event.webp?resize=163%2C168&quality=50&strip=all 163w, https://b2b-contenthub.com/wp-content/uploads/2024/12/11-google-calendar-android-double-tap-add-event.webp?resize=81%2C84&quality=50&strip=all 81w, https://b2b-contenthub.com/wp-content/uploads/2024/12/11-google-calendar-android-double-tap-add-event.webp?resize=465%2C480&quality=50&strip=all 465w, https://b2b-contenthub.com/wp-content/uploads/2024/12/11-google-calendar-android-double-tap-add-event.webp?resize=349%2C360&quality=50&strip=all 349w, https://b2b-contenthub.com/wp-content/uploads/2024/12/11-google-calendar-android-double-tap-add-event.webp?resize=242%2C250&quality=50&strip=all 242w" width="700" height="723" sizes="(max-width: 700px) 100vw, 700px">Two taps for a new event on the Android Calendar app’s big plus button.

JR Raphael, IDG

No waiting, no watching, no wasting time whatsoever: Just two quick taps, and boom — you’ll be where you want to be.

Google Calendar Android trick #12: Practical pinching

While we’re thinking about all this tapping and swiping, make a mental note of this: Whilst gazing uponst the Google Calendar app’s Day, 3-Day, Week, or Month view on Android, you can actually pinch your fingers apart on the screen to expand the interface and make everything bigger — or pinch ’em together to condense it and make all the elements smaller.

The key is to place your fingers on top of each other and move ’em in an up and down motion or diagonally — not sideways:

Expand, collapse. Expand, collapse. Expand, collapse.

JR Raphael, IDG

Whee!

Google Calendar Android trick #13: Find the time

Here’s a fun one I only just discovered the other day, thanks to a tip from a resourceful Android Intelligence reader:

When you’re looking at the Google Calendar Android app’s Day view and you have an event that starts at a time that isn’t at the top of an hour — say, at 12:30 p.m., 1:05 p.m., 3:33 p.m., or any other such number — it can be tough to know exactly what time the event begins at a glance.

But if you press and hold your finger onto the event for a second, the Calendar app will adjust the number on the time grid at the left to show the exact start time for that specific item.

See?

srcset="https://b2b-contenthub.com/wp-content/uploads/2024/12/13-google-calendar-android-precise-event-time.webp?quality=50&strip=all 700w, https://b2b-contenthub.com/wp-content/uploads/2024/12/13-google-calendar-android-precise-event-time.webp?resize=300%2C75&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2024/12/13-google-calendar-android-precise-event-time.webp?resize=150%2C37&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2024/12/13-google-calendar-android-precise-event-time.webp?resize=640%2C159&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2024/12/13-google-calendar-android-precise-event-time.webp?resize=444%2C110&quality=50&strip=all 444w" width="700" height="174" sizes="(max-width: 700px) 100vw, 700px">Look closely along the left side of the screen, and you’ll see the precise time appear with a long-press on the event.

JR Raphael, IDG

The precise time will remain present for as long as you keep your finger pressed.

And speaking of that area of the Android Calendar interface…

Google Calendar Android trick #14: A jaunty jump

An easy and not-at-all-obvious way to move between different calendar views is hiding in the leftmost column of the Google Calendar app’s Android interface — specifically, in the Day and Agenda views.

Starting in Agenda, you can tap the day name and number next to any events to jump directly to the Day view for that date — and then, when in the Day view, you can tap that same day name and number indicator (now in the upper-left corner of the screen) to bop back over into Agenda.

srcset="https://b2b-contenthub.com/wp-content/uploads/2024/12/14-google-calendar-android-day-tap.webp?quality=50&strip=all 700w, https://b2b-contenthub.com/wp-content/uploads/2024/12/14-google-calendar-android-day-tap.webp?resize=300%2C183&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2024/12/14-google-calendar-android-day-tap.webp?resize=275%2C168&quality=50&strip=all 275w, https://b2b-contenthub.com/wp-content/uploads/2024/12/14-google-calendar-android-day-tap.webp?resize=137%2C84&quality=50&strip=all 137w, https://b2b-contenthub.com/wp-content/uploads/2024/12/14-google-calendar-android-day-tap.webp?resize=589%2C360&quality=50&strip=all 589w, https://b2b-contenthub.com/wp-content/uploads/2024/12/14-google-calendar-android-day-tap.webp?resize=409%2C250&quality=50&strip=all 409w" width="700" height="428" sizes="(max-width: 700px) 100vw, 700px">So many views, such little time.

JR Raphael, IDG

Hip, hip, hoorah!

Google Calendar Android trick #15: Meet no more

Have you ever noticed how Calendar developed an irksome habit of automatically adding Google Meet links into every forkin’ event you create?

That’s fine and dandy if your event actually includes a Meet-based video meeting, but it’s pretty annoying — and potentially confusing — when your event is something that’s in person. Worse yet is when your event is virtual but in a different video meeting service, like Zoom, and then everyone you invite ends up getting both the correct link and a meaningless Meet link for the same event.

Here’s a little secret: You can put a stop to this madness. And all it takes is a handful of quick taps in your Android Calendar app.

Open up Google Calendar on your phone, tap the three-line menu icon in its upper-left corner, and scroll down to the bottom to select “Settings.”

Tap “General,” then tap “Add video conferencing” and turn the toggles into the off position for every account you’ve got connected.

Now, if you ever want to add a Meet link to an event, you can do so manually whilst creating said event. But by default, those blasted links won’t get auto-added onto every single event for you.

Google Calendar Android trick #16: Smarter silencing

This one is technically an Android feature, but it works hand in hand with Calendar and is one of the most practical options out there: the ability for your phone to automatically silence itself anytime an event from your Google Calendar is underway.

All you’ve gotta do is enable it: Head into your phone’s settings and find the Do Not Disturb section (by either looking in the Sound section or simply searching for “Do Not Disturb” in the box at the top of the screen). Tap “Schedules,” bring your pretty little pinky to the line labeled “Event,” and either tap the line itself (not the toggle next to it) or the gear icon alongside it, if you see one.

That’ll pull up a screen that looks somethin’ like this:

loading="lazy" width="400px">Android’s Do Not Disturb settings hold some spectacularly useful options connected to your calendar.

JR Raphael, IDG

The first option on the screen, “During events for,” lets you select which of the calendars associated with your device will trigger the phone-silencing behavior. You can leave it set to the default setting of “Any calendar” to have any event on any calendar cause your phone to be silenced, or you can narrow it down to one specific calendar — like your work calendar — and leave the others out.

The second line lets you specify what types of events will cause your phone to go quiet. You can tell the system to silence your phone only if you’ve replied “Yes” to an event, if you’ve replied “Yes” or “Maybe,” or if you’ve replied “Yes” or “Maybe” or haven’t replied at all. (Those choices are for events that other people created and invited you to attend, by the by; any event you create on your own will always count as an automatic “Yes.”)

And finally, the third line lets you decide whether your phone should use its default Do Not Disturb behavior or if you’d rather create your own custom settings for how the phone should behave in this specific circumstance. The custom settings option gives you tons of flexibility for how exactly your phone should act while a Calendar event is underway: You can opt to allow calls or texts from starred contacts to come through, for example, or to let events and reminders alert you even if no other sounds are permitted. You can even customize how different types of notifications appear visually during an appointment.

loading="lazy" width="400px">Behold, the many calendar-connected powers deep within Android’s Do Not Disturb options.

JR Raphael, IDG

Not seeing any of this on your device? If you’re using a phone with an older Android version or one whose manufacturer has fudged around with this part of the operating system, you can set up your own standalone equivalent of the same basic concept by embracing this purpose-specific app or the brilliantly versatile MacroDroid automation creation utility.

Google Calendar Android trick #17: Rapid responses

Just like Android itself allows you to send a prewritten quick response when you’re rejecting a call, Google’s Android Calendar app can let you send a speedy note to anyone involved in an upcoming meeting — all with a couple quick taps on your phone.

To configure the feature, open up the Calendar app, tap the three-line menu icon in the upper-left corner, and select “Settings” from the menu that appears.

Next, select “General,” then scroll down until you see “Quick responses.” Tap that — and there, you’ll see four options for prewritten messages you can fire off on the fly while en route to any appointment involving multiple mammals.

loading="lazy" width="400px">The Android Calendar app’s quick responses can be surprisingly helpful.

Oddly, Calendar doesn’t let you create additional responses, but you can edit any of the default responses to make it say whatever you want. Just tap any one of ’em and then replace it with whatever text your silly ol’ heart desires.

loading="lazy" width="400px">Custom event responses? Hey, we’ll take ’em!

To put your custom quick responses to use, open up any upcoming event that has at least one other person invited. Tap the envelope icon within the “Guests” line, then tap the response you want from the list.

That’ll take you directly to a ready-to-roll email with your message in place and the recipients added in. All that’s left is to hit “Send” — and maybe let out a guffaw in delight, should such inspiration strike.

Google Calendar Android trick #18: Duplication elation

Ever find yourself needing to create a new event that’s remarkably similar to one already on your agenda? The Google Calendar app for Android has an easy way to duplicate an event and then use it as a blueprint for a new one: Just tap the event you want to emulate, tap the three-dot menu icon in its upper-right corner, and select — yup, you guessed it — “Duplicate.”

And that’s it: Your new event will show up with the original event’s info filled in and ready for to be tweaked as needed.

Doesn’t get much easier than that.

Google Calendar Android trick #19: Nicer notifications

Google Calendar’s default notification times for new events aren’t right for everyone. If you find yourself changing the setting for when an event will notify you more often than not (and/or quietly muttering creative curses every time an event notifies you earlier or later than you’d like), do yourself a favor and adjust your Calendar’s default notification times so that they work better for you.

Just head back into the Calendar app’s settings section — and this time, find the section for the Google account you want to modify and tap the “Events” line beneath it. That’ll give you a screen on which you can change the default notification times for standard new events as well as all-day events. You can even add multiple notifications, if you want, and change the default color for events on that calendar while you’re at it (ooh, ahh, etc).

loading="lazy" width="400px">All sorts of Android calendar notification customization options await — if you know where to look for ’em.

If you want to change the default notification time for tasks or for any secondary calendars you’ve created within a particular Google account, just find the appropriate line beneath the account’s header and select that instead of “Events” — then make the same sorts of modifications there.

Google Calendar Android trick #20: Secret codewords

Hardly anyone knows this, but there’s a way to hack the Calendar app’s illustration system and make any of Google’s contextual graphics appear on any event you want.

The trick is simply learning the Calendar app’s secret codewords and then putting ’em to use exactly how you want.

Check out this complete (and just recently updated) list of Google Calendar codewords, and get ready to give your calendar a whole new customized look.

And with that, your Android calendar experience is officially upgraded. Now all you’ve gotta do is get everything on your agenda accomplished — and that, my dear amigo, is squarely on your shoulders.

Get even more advanced shortcut knowledge with my free Android Shortcut Supercourse. You’ll learn tons of time-saving tricks for your phone!

Kategorie: Hacking & Security

How to Plan a New (and Improved!) Password Policy for Real-World Security Challenges

The Hacker News - 4 hodiny 10 min zpět
Many organizations struggle with password policies that look strong on paper but fail in practice because they're too rigid to follow, too vague to enforce, or disconnected from real security needs. Some are so tedious and complex that employees post passwords on sticky notes under keyboards, monitors, or desk drawers. Others set rules so loose they may as well not exist. And many simply copy [email protected]
Kategorie: Hacking & Security

Researchers Uncover Backdoor in Solana's Popular Web3.js npm Library

The Hacker News - 4 hodiny 52 min zpět
Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js npm library that involved pushing two malicious versions capable of harvesting users' private keys with an aim to drain their cryptocurrency wallets. The attack has been detected in versions 1.95.6 and 1.95.7. Both these versions are no longer available for download from the npm Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks

The Hacker News - 8 hodin 33 min zpět
A joint advisory issued by Australia, Canada, New Zealand, and the U.S. has warned of a broad cyber espionage campaign undertaken by People's Republic of China (PRC)-affiliated threat actors targeting telecommunications providers. "Identified exploitations or compromises associated with these threat actors' activity align with existing weaknesses associated with victim infrastructure; no novel Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console

The Hacker News - 9 hodin 6 min zpět
Veeam has released security updates to address a critical flaw impacting Service Provider Console (VSPC) that could pave the way for remote code execution on susceptible instances. The vulnerability, tracked as CVE-2024-42448, carries a CVSS score of 9.9 out of a maximum of 10.0. The company noted that the bug was identified during internal testing. "From the VSPC management agent machine, underRavie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access

The Hacker News - 9 hodin 32 min zpět
A critical security vulnerability has been disclosed in SailPoint's IdentityIQ identity and access management (IAM) software that allows unauthorized access to content stored within the application directory. The flaw, tracked as CVE-2024-10905, has a CVSS score of 10.0, indicating maximum severity. It affects IdentityIQ versions 8.2. 8.3, 8.4, and other previous versions. IdentityIQ "allows Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses

The Hacker News - 9 hodin 52 min zpět
Cybersecurity researchers have called attention to a novel phishing campaign that leverages corrupted Microsoft Office documents and ZIP archives as a way to bypass email defenses. "The ongoing attack evades #antivirus software, prevents uploads to sandboxes, and bypasses Outlook's spam filters, allowing the malicious emails to reach your inbox," ANY.RUN said in a series of posts on X. The Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Vodka maker Stoli files for bankruptcy in US after ransomware attack

Bleeping Computer - 3 Prosinec, 2024 - 23:00
Stoli Group's U.S. companies have filed for bankruptcy following an August ransomware attack and Russian authorities seizing the company's remaining distilleries in the country. [...]
Kategorie: Hacking & Security

In lawsuit, Apple is accused of spying on its employees

Computerworld.com [Hacking News] - 3 Prosinec, 2024 - 22:53

Apple has been accused of spying on its employees in a lawsuit filed in a California court.

Among other things, the company is alleged to control staffers’ personal devices and iCloud accounts and requires employees to install special software that allows the tech giant to access their email, image library, and other information. Apple reportedly prohibits its employees from discussing wages and working conditions, according to Reuters.

The lawsuit also charged that Apple discriminates against women, who are allegedly offered lower wages than men in similar positions.

An Apple spokesperson denied the allegations and emphasized that employees receive information about their rights at training sessions every year.

In October, the company was accused by the National Labor Relations Board of violating labor laws.

Kategorie: Hacking & Security

Cloudflare’s developer domains increasingly abused by threat actors

Bleeping Computer - 3 Prosinec, 2024 - 22:00
Cloudflare's 'pages.dev' and 'workers.dev' domains, used for deploying web pages and facilitating serverless computing, are being increasingly abused by cybercriminals for phishing and other malicious activities. [...]
Kategorie: Hacking & Security

US shares tips to block hackers behind recent telecom breaches

Bleeping Computer - 3 Prosinec, 2024 - 20:49
​CISA released guidance today to help network defenders harden their systems against attacks coordinated by the Salt Typhoon Chinese threat group that breached multiple major global telecommunications providers earlier this year. [...]
Kategorie: Hacking & Security

Exploit released for critical WhatsUp Gold RCE flaw, patch now

Bleeping Computer - 3 Prosinec, 2024 - 20:00
A proof-of-concept (PoC) exploit for a critical-severity remote code execution flaw in Progress WhatsUp Gold has been published, making it critical to install the latest security updates as soon as possible. [...]
Kategorie: Hacking & Security

Veeam warns of critical RCE bug in Service Provider Console

Bleeping Computer - 3 Prosinec, 2024 - 19:07
​Veeam released security updates today to address two Service Provider Console (VSPC) vulnerabilities, including a critical remote code execution (RCE) discovered during internal testing. [...]
Kategorie: Hacking & Security
Syndikovat obsah