Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

FBI: Cybercriminals steal health data posing as fraud investigators

Bleeping Computer - 30 Červen, 2025 - 14:42
The Federal Bureau of Investigation (FBI) has warned Americans of cybercriminals impersonating health fraud investigators to steal their sensitive information. [...]
Kategorie: Hacking & Security

Apple dials a ride to lower-cost Macs with A-series chips

Computerworld.com [Hacking News] - 30 Červen, 2025 - 13:56

Ten years ago, Apple introduced the MacBook, a lower-end, more affordable 12-in. Mac the company called “the notebook redefined.”

At only 0.5 inches thick at its thickest point, the compact computer was the thinnest Mac ever at the time, and while the chip was relatively low-powered, it was a popular device until it was discontinued in 2018. Apple may be preparing to introduce something similar.

Ming-Chi Kuo, the widely-cited Apple analyst who seemingly secretively occupies an adjacent pocket to Mark Gurman somewhere in Apple’s boardroom, tells us Apple wants to introduce a new and lower-priced entry-level laptop, probably next year. In order to reach this low price, Apple will allegedly put its A18 Pro iPhone processor inside the Mac.

Doing so is not quite the trade off in performance you might imagine, as 9to5Mac points out the A18 Pro chip’s performance puts it at least on par with an M1 Mac mini, millions of which continue to be used quite happily today. (I use one.)

Compromise or opportunity?

What this means is that in exchange for using a processor that is produced in huge quantities (and therefore likely a little cheaper), Apple gets to offer up an entry-level Mac with enough performance for basic tasks at a low price and likely in a very, very thin chassis due to the low energy of the processor.

This all sounds grand so far, especially budget-holders and particularly those in the education sector who will be seeking an economical route to deploy thousands of Macs. If the speculation is correct, it also underlines two critical realities: Apple Silicon is enabling hardware designs Apple could not have introduced before, and it is becoming increasingly possible to run macOS on an A-series chip — assuming the speculated system is a Mac at all.

Could Kuo have caught half a rumor that leads toward a new hybrid device?

Only time, and probably Mark Gurman, can tell.

A little history

Apple replaced the popular iBook range with the first MacBook in 2006 during the Mac transition to Intel processors and continued to sell these systems into 2011 to make way for MacBook Air. Four years later, in 2015, the company returned with a new MacBook model — the “thinnest and lightest Mac ever.” It was once again updated in 2017 before being discontinued in 2019.

What these Macs did well is likely what Apple envisions for the speculated upon new model. Think web browsing, casual Mac use, access to web services, writing, reading, Apple Music and iCloud. It also likely means Apple Intelligence, access to cloud-based AI and almost certainly movies, light image editing, and so forth.

It won’t be the Mac you use for anything more sophisticated, but for a lot of people it is likely to be all the Mac they need. Thin, light and underpowered in contrast to MacBook Pro, it’s a model that could prove popular, particularly as the A-series chip means battery life should at least compete with other Macs. 

Building the business

Will Apple be cannibalizing its existing notebook markets with a system of this kind?

Perhaps, but perhaps not: You see, while it might lose some entry-level MacBook Air customers to the new product, most professional and aspirational customers will continue to get the best Mac they can afford.

These systems might also compensate for any diverted sales by boosting orders in large-scale markets, such as education, even as the prospect of a lower-cost Apple notebook could help the company secure gains in the all-important emerging markets; that’s where future economic prosperity might emerge as established economies collapse from their own internal moral/economic/political contradictions.

Any gains generated by these new Macs matter quite a lot, especially when seen through the lens of recent Canalys data showing Apple is now the second-biggest notebook maker in the US. (Apple has 18% of that market to HP’s 24%, with Lenovo and Dell sharing third position with 17% and others far behind. Apple is also the fourth largest desktop PC maker in the US, though by wider margins.)

That almost one in five notebooks sold in America comes from Apple shows the tremendous momentum the company once left for dead has built since the beginning of this century. Macs right now are powering a PC market recovery. A move to make some of its products more affordable (while also remaining satisfyingly profitable) can only consolidate these gains and set the scene for a much deeper push at the mid-range PC market. It’s amusing to think this push will in part be driven by an iPhone chip, a processor which with its own existence shows Apple’s growing industry leadership in processor design.

Finally, while it is unsatisfactory to end an article with a question, it is hard to avoid wondering whether Apple will finally put its own 5G modems inside these Macs? Use of an iPhone chip in a low power system does, after all, suggest it could.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Kategorie: Hacking & Security

Over 1,200 Citrix servers unpatched against critical auth bypass flaw

Bleeping Computer - 30 Červen, 2025 - 13:47
Over 1,200 Citrix NetScaler ADC and NetScaler Gateway appliances exposed online are unpatched against a critical vulnerability believed to be actively exploited, allowing threat actors to bypass authentication by hijacking user sessions. [...]
Kategorie: Hacking & Security

The essential office apps for Android

Computerworld.com [Hacking News] - 30 Červen, 2025 - 12:00

The days of taking care of business exclusively in an office are over. You’ve got a powerful productivity system in your pocket practically 24/7, after all — and with the right set of apps, you can stay synced with the same spreadsheets, documents, and presentations that are on your desktop and work with ’em seamlessly from anywhere.

Best of all? These days, achieving that level of connectivity on Android doesn’t require any kind of compromise. The bar’s really been raised when it comes to office app quality in the Play Store over the past several years, particularly compared to the limited landscape we saw in the platform’s earlier days. The question at this point isn’t if you can find a worthwhile set of office apps for your phone but rather which set of commendable offerings makes the most sense for you.

And to be clear: We’re talkin’ traditional office apps here, not their more contemporary AI-centric cousins. Generative AI apps can certainly be useful in the right sort of scenario — from web-based AI apps that offer a helping hand with presentation creation to Android-specific AI apps that assist in all sorts of interesting ways — but sometimes, you just need a solid tool for standard work that fits in naturally with everything else you’re using. And, of course, many of these apps do now offer some manner of AI elements, too, if and when you want ’em.

I’ve spent time testing all the current contenders, ranging from the small-name efforts that used to dominate my recommendations to the big-name products from prominent productivity players. Focusing on factors such as feature availability, ease of use, ecosystem integration, and overall user experience, these are the best office apps on Android today.

Looking for email apps? See my roundup of the best email and texting apps for Android.

The best fully featured Android office apps Microsoft Word, Excel, and PowerPoint

Microsoft was embarrassingly late to the Android app party, but since the company started taking the world’s most popular operating system seriously some years back, its Android productivity services have been among the best around.

That remains true today with its core Microsoft 365, a.k.a. Microsoft Office, offerings: Word, for word processing; Excel, for spreadsheet editing; and PowerPoint, for presentation work. If you’re used to using the equivalent Microsoft 365/Office 365 products on the desktop — or if you just need fully featured mobile office apps with all the bells and whistles — Microsoft’s trio of Android apps is going to be your best all-around option for on-the-go productivity.

If you’re planning to use all three apps, you can also now download them in a space-saving and easier-to-manage all-in-one Microsoft 365 bundle (which is confusingly branded as “Microsoft 365 Copilot,” not to be mixed up with the other non-Office-associated Microsoft Copilot chatbot app — insert over-the-top facepalming here).

Perhaps the greatest strength of Microsoft’s Android apps is their effortless cross-platform compatibility and consistency: First, as you’d expect, all three apps handle standard Office file formats flawlessly and with pristine formatting fidelity. And beyond that, if you’re already using Word, Excel, or PowerPoint in any other setting, you’ll have little to no learning curve with the matching Android versions. The apps’ interfaces and interaction styles aren’t identical to their desktop and web environments, but they’re similar enough to make sense and be quite easy to master.

When you’re actively working on a document in the Word Android app, for instance, you see a small, scrollable toolbar at the bottom of the screen — a sized-down version of the traditional Office Ribbon at the top of a document in a desktop view. It’s a smart way to conserve space and allow you to have a large working area (especially when a virtual keyboard is present and taking up a significant portion of your screen).

Tapping an arrow at the toolbar’s right side, meanwhile, expands the toolbar into a larger form with menu sections corresponding to most of the Ribbon tabs you see in Word’s desktop or web app: Home, with common commands for basic text formatting; Insert, with the standard full range of options; Layout, with commands for adjusting your document’s margins, orientation, column configuration, and so on; Review, for checking spelling or word count, managing comments, and activating Track Changes mode; and View, for moving between different layouts and zoom settings.

Microsoft Word’s toolbar in its sized-down, scrollable form (at left) and when fully expanded (at right).

JR Raphael / Foundry

The Word app’s toolbar also has a Draw section, which is present in the desktop version only if your device has a touchscreen. It allows you to select from a variety of tools for drawing or highlighting directly on your document with your finger or a stylus. (The standard Word References section is curiously missing in this context, though most of the associated options are just scattered across other appropriate-seeming areas.)

The same approach and expansive feature set applies to Excel and PowerPoint as well. There’s really not much you can’t do with Microsoft’s Office apps on Android — including collaboration (as long as your co-workers are also in the Microsoft ecosystem) and cloud synchronization: Out of the box, the apps support both local device storage and cloud-based storage with Microsoft OneDrive, and if you dig around enough, you’ll even find options for connecting cloud-based accounts from Dropbox, Google Drive, and other providers for seamless in-app access.

Microsoft Excel and PowerPoint provide familiar and feature-packed interfaces on Android.

JR Raphael / Foundry

The one asterisk to all of this: In order to get the apps’ complete set of features — or to use the apps at all on tablet-sized devices — you’ll have to pay for a Microsoft 365 subscription, which runs $100 per year for individuals, $130 per year for families (with up to six users), or $72 to $264 per user per year for businesses. Those subscriptions include a bunch of Copilot AI features, though with a suspiciously vague description of exactly how much you’re able to use the features within any given month. (Officially, Microsoft says you get a monthly allotment of credits that “should be enough for most subscribers.” Riiiiiiiight.)

All AI ambiguity aside, assuming you already have such a subscription for desktop access, going with Word, Excel, and PowerPoint on Android is pretty much a no-brainer. If you aren’t already subscribed and don’t necessarily need office apps with oodles of advanced features, though, our next option might be the better fit for you.

The best Android office apps for more basic needs Google Docs, Sheets, and Slides

‘Twas a time when Google’s mobile office apps were barely usable, bare-bones affairs. Make no mistake about it: Those days are no more.

Nowadays, Google Docs, Sheets, and Slides are thoroughly polished and impressively capable on-the-go productivity tools. They boast tight integration with the broader Google ecosystem, along with a first-class system for syncing, collaboration, and effortless cross-device access.

That last item is a critical part of the apps’ appeal. If you’re already invested in the Google ecosystem, personally or professionally — using Google Drive for storage, Gmail for email, and so on — Docs, Sheets, and Slides will fit naturally into your existing setup. You’ll use your same Google account to access them (and you won’t even have to sign in at all from your phone, since your account is already connected at the operating system level). You’ll be able to work on colleagues’ shared files right from your regular interface. And everything you do will be connected to your Drive storage and easily accessible from most any Google app on any device or platform.

The Docs, Sheets, and Slides Android apps are easy to navigate and have all the basic features you’d expect for their respective categories. In Docs, for instance, you can style text, insert tables, adjust alignment, and insert a variety of different types of bulleted lists. In Sheets, you can style and merge cells, create charts, and find and use all sorts of common spreadsheet functions. And in Slides, you can use rich formatting tools, add speaker notes, and insert your own custom backgrounds.

Google Docs and Sheets have easy-to-use interfaces with all the basic features you’d expect.

JR Raphael / Foundry

It’s with the more advanced word processing, spreadsheet, and presentation commands that Google’s apps lag a bit behind Microsoft’s — not being able to style tables within documents from the Docs app, for example, or not being able to sort rows within a spreadsheet in Sheets. If you need those sorts of beyond-the-basics capabilities, Google’s apps won’t be right for you.

In addition, the mobile apps surprisingly don’t sport many AI elements as of yet, which is slightly shocking, really, given how aggressively Google is shoving Gemini into our faces everywhere else thesedays — including within the browser-based Docs, Sheets, and Slides apps. For now, the Docs Android app does have certain limited Gemini functions available for organizations on the $168-per-user-per-year Workplace Business Standard plan and higher, including an AI-provided document summary command, the ability to create an AI-generated draft based on a prompt, and the option to ask Gemini questions about the document you’re viewing.

Other Gemini features are not yet present, and Sheets and Slides are still free from any and all Gemini-related elements — for now. Whether that’s a drawback or a positive, of course, is completely up to your interpretation.

Last but not least, Docs, Sheets, and Slides also use proprietary Google file formats instead of the typical Microsoft formats — but practically speaking, that really isn’t a big deal anymore. Google makes it incredibly easy to import and open any common file format, and it makes it equally painless to export and share your files in any format you need.

Google’s apps are completely free for individual use, without any restrictions. For companies and organizations that require a fully managed setup, the Google Workspace suite ranges from $84 per user per year for a basic setup to $264 per user per year for the fully featured “Business Plus” plan — and onward from there for customized enterprise-level arrangements.

The best Android app for creating, editing, and annotating PDFs Adobe Acrobat Reader

The one function all of these apps are missing is the ability to manage PDFs from your phone. For that, Adobe’s Acrobat Reader Android app is the tool you need to round out your mobile office suite setup. The free (for these purposes) utility has everything you could possibly require for mobile PDF management — and it’s by far the easiest way to view, sign, and edit PDFs on Android.

Even just for basic reading of a PDF, Reader’s one-tap “liquid” function forces a document’s typically static text into an adaptive format that actually makes it legible on a small screen without any awkward zooming. And when you need to sign or mark up a PDF in any way, Reader’s got you covered with an array of options for scribbling directly on your screen or inserting a variety of ready-to-roll elements — including your own saved signatures, if you have (or create) an Adobe account where those are stored.

Adobe’s Acrobat Reader app takes the pain out of editing and viewing PDFs on Android.

JR Raphael / Foundry

Acrobat Reader does offer a premium subscription with a variety of advanced options, including AI elements — but for most typical on-the-go PDF purposes, you really won’t need it. The app’s regular, free tier will handle everything you require.

And with that, your Android office app power-pack is complete. Time to take a brief break (I recommend a grape soda) and then think about what other categories of standout software could help supercharge your Android productivity setup. Note-taking apps? Calendar apps? Travel apps? Apps for team collaboration? Maybe some must-have Android widgets or clever apps for making your phone more efficient?

Whatever you need, I’ve got you covered.

This article was originally published in October 2018 and most recently updated in June 2025.

Kategorie: Hacking & Security

Watch First Person and meet the most interesting people in IT

Computerworld.com [Hacking News] - 30 Červen, 2025 - 11:41

Available on this website, on YouTube, and wherever you find your podcasts, First Person is the show where we meet the most interesting people in IT, and learn from them what makes them tick by focusing only on their firsts. First job, first great boss, first time they realized IT was the industry for them – first failure or first pet. It’s amazing what we can learn from interesting people talking about serious things in a not-too-serious way.

To get you started we are launching with no fewer than five great episodes, available to watch below, as a video series, on YouTube, and as a podcast.

New episodes drop every Monday, so subscribe now on your preferred platform. And if you are one of the most interesting people in IT, let us know by signing up for the Computerworld Contributor Network, or emailing me at [email protected].

(And if you like unvarnished truths and real-world lived experience from IT professionals and leaders, check out our First Person blog on CIO.com).

First Person: Dr CJ Meadows – Executive Chairman – The Tiger Centre

We meet Dr CJ Meadows – from the US, based in Singapore, having worked around the world from Japan to India and beyond. An accountant by training and IT pro by practice, CJ is an entrepreneur, consultant, and educator who runs a not-for-profit using tech to bring access to education to excluded folks. We spoke about how her career (and life) path has never been linear or conventional. We discussed how the future of work will require leaders who can use design thinking to focus on solving new and real problems rather than building the shiniest tech. She explained how her best bosses showed empathy and support, and that those same skills are useful in family and personal life make for great business success. CJ ends with some great lessons for life: follow your own path, and try not to kill each other. Words to live by.

First Person meets Dr CJ Meadows First Person Meets… Paul Preiss – CEO and Founder of the Iasa

We meet Paul Preiss, the CEO and founder of the IASA, the not-for-profit professional association for all business technology architects. In our conversation Paul describes himself as unbelievably passionate person about everything he does, personal and professional, and how that helped him steer and build a storied career in technology. He describes how he went from doing a degree in Japanese, to what he describes as his calling: IT. His first roles in development, moving to become an architect with Dell, and on to great success. Paul tells us some of the things he learnt along the way, outlines his failures and what he learnt from them, as well as introducing us to some of the great leaders who helped shape him and his career.

First Person meets Paul Preiss First Person Meets… Jim Wilt – CTO | Chief Architect | Distinguished Architect – WVE

We meet Jim Wilt, a voraciously curious CTO, distinguished chief architect and engineering advocate. Jim’s enjoying a stellar career with roles as CTO, CDO and chief architect across a multitude of enterprise organizations. In this conversation we learn about his success and failures, and how he may have learnt more from the latter. He takes us from being inspired by a Disney movie to learn to code on paper because he couldn’t afford access to a computer, to working in medical research and winning prestigious awards for huge organizations. He describes a great boss in McDonalds who taught him the value of giving your best to everything you do, including the story of the janitor at NASA who sent a man to the Moon. Jim shares how he needed to be convinced of his own expertise, and shares the view that material success follows passion and focus – don’t waste your time being safe.

First Person meets Jim Wilt First Person Meets… Arno Schilperoord – Director Global Architecture & Digital Innovation at The HEINEKEN Company

We meet Arno Schilperoord, a global leader for Heineken who believes that coding is magic and poetry, offering the opportunity to create something from nothing and infinite possibility. Arno tells us how studying physics and using computer models and writing computer code to help in the analysis was his way into IT. He says that in IT everybody was learning things for the first time, and explains how designing resilient high-performance solutions was just a small step from his current practice of architecture. Arno tells us that great bosses are able to spot and resolve problems early, and that great leadership isn’t just about technical expertise, it’s about awareness, timing, and creating a culture of high performance and creating an environment where people feel safe and feel supported.

First Person meets Arno Schilperoord First Person: David Jones – Chief Architect – WVE

We meet David Jones – a chief architect, CTO and CIO who describes his work as elevating business technology strategy through architectural excellence. David introduces himself as someone who loves collaborating, doesn’t do politics and is always honest. He tells us how he got started by choosing to study electrical engineering inspired by his brother and a French pen pal, and espouses the value of practical, in-industry training over academic learning (although he returned to his own school to teach). David tells us how he was supported to accelerate his career by studying bleeding edge tech whilst he was working in an operational business, and how that taught him a valuable architectural lesson: the best solution for the organization you are in may not always be the most current technical solution. David’s message to those starting out is to follow your passions, learn, and be open and curious – you never know where life will take you.

First Person meets David Jones
Kategorie: Hacking & Security

How data center skills gap causes cloud outages

Computerworld.com [Hacking News] - 30 Červen, 2025 - 09:09
Can’t get the staff

Recently we reported on a global Microsoft 365 outage that disrupted Teams and Exchange services. We said that aggressive traffic rerouting was blamed for service failures; with experts warning of architectural brittleness and rising cloud fragility.  

It was that fragility that caught the attention of Computerworld readers, who rushed to ask Smart Answers about one potential cause. We know that IT skills are in short supply even as lots of IT pros are being laid off. But the chat tends to focus on AI skills: we don’t often hear about how hard it is to get data center staff. But it’s a real factor, both in the public cloud sector, and maybe especially for those who are repatriating data back to their own data centers. We hear reports of understaffing in areas such as operations, electrical engineering, and cloud architecture.  

And it’s a problem. According to Smart Answers, being short staffed increases the risk of human error. It leads to maintenance being delayed, less effective remote monitoring, and longer response times when things do go wrong.  

Find out: How can insufficient data center staff contribute to cloud outages?  

Remind me…?

This week Computerworld broke the stunning news that – alongside all the generative-AI silliness – Google’s Gemini has some genuinely practical purposes on Android — if you know what to ask. Our readers latched on to one in particular. Now which one was it..?  

Oh yes: ‘Remember that’. 

‘Remember that’ is a genuinely useful feature, and Smart Answers has an outline of how to use it. Activation, Information Storage, Information Retrieval, and Note Creation. But you don’t need to remember that list – just ask our own useful AI assistant. 

Find out: How do I use Gemini’s “remember that” feature?  

Danger in the shadows

Recently we reported that SAP and IBM were slammed for their roles in a Quebec auto insurance board ERP overhaul fiasco. We said that a Quebec anti-corruption squad raided the organization that commissioned the over-budget ERP overhaul – (SAAQ) the provincial auto insurance board. Investigation into the project continues. 

Of interest to readers of CIO.com was one risk factor for all operators of large scale IT projects: shadow IT. They asked Smart Answers how shadow IT introduces risks such as vulnerabilities to be exploited by bad actors. There are more – but you’ll have to ask Smart Answers to find out.  

Find out: What risks does shadow IT pose to enterprise infrastructure?  

About Smart Answers 

Smart Answers is an AI-based chatbot tool designed to help you discover content, answer questions, and go deep on the topics that matter to you. Each week we send you the three most popular questions asked by our readers, and the answers Smart Answers provides.  

Developed in partnership with Miso.ai, Smart Answers draws only on editorial content from our network of trusted media brands—CIO, Computerworld, CSO, InfoWorld, and Network World—and was trained on questions that a savvy enterprise IT audience would ask. The result is a fast, efficient way for you to get more value from our content. 

Kategorie: Hacking & Security

Google rolls out Veo 3 video generator, try it for free using credits

Bleeping Computer - 30 Červen, 2025 - 01:38
Google is rolling out Veo 3 to everyone using Vertex AI, which is an ML-testing platform provided by Google Cloud. [...]
Kategorie: Hacking & Security

Bluetooth flaws could let hackers spy through your microphone

Bleeping Computer - 29 Červen, 2025 - 18:03
Vulnerabilities affecting a Bluetooth chipset present in more than two dozen audio devices from ten vendors can be exploited for eavesdropping or stealing sensitive information. [...]
Kategorie: Hacking & Security

Cloudflare open-sources Orange Meets with End-to-End encryption

Bleeping Computer - 29 Červen, 2025 - 16:11
Cloudflare has implemented end-to-end encryption (E2EE) to its video calling app Orange Meets and open-sourced the solution for transparency. [...]
Kategorie: Hacking & Security

Optimizing Linux Security in 2025: Key Strategies & Best Practices

LinuxSecurity.com - 29 Červen, 2025 - 13:01
Recent years have demonstrated a notable shift in the cybersecurity landscape, with Linux systems increasingly targeted by adversaries. Once considered relatively immune to malware threats , Linux servers have seen the emergence of sophisticated attack vectors, including high-profile Linux malware strains such as Cloud Snooper, HiddenWasp, and Tycoon.
Kategorie: Hacking & Security

Let’s Encrypt ends certificate expiry emails to cut costs, boost privacy

Bleeping Computer - 28 Červen, 2025 - 16:09
Let's Encrypt has announced it will no longer notify users about imminent certificate expirations via email due to high costs, privacy concerns, and unnecessary complexities. [...]
Kategorie: Hacking & Security

FBI Warns of Scattered Spider's Expanding Attacks on Airlines Using Social Engineering

The Hacker News - 28 Červen, 2025 - 11:48
The U.S. Federal Bureau of Investigation (FBI) has revealed that it has observed the notorious cybercrime group Scattered Spider broadening its targeting footprint to strike the airline sector. To that end, the agency said it's actively working with aviation and industry partners to combat the activity and help victims. "These actors rely on social engineering techniques, often impersonating Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

GIFTEDCROOK Malware Evolves: From Browser Stealer to Intelligence-Gathering Tool

The Hacker News - 28 Červen, 2025 - 09:58
The threat actor behind the GIFTEDCROOK malware has made significant updates to turn the malicious program from a basic browser data stealer to a potent intelligence-gathering tool. "Recent campaigns in June 2025 demonstrate GIFTEDCROOK's enhanced ability to exfiltrate a broad range of sensitive documents from the devices of targeted individuals, including potentially proprietary files and Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Facebook’s New AI Tool Asks to Upload Your Photos for Story Ideas, Sparking Privacy Concerns

The Hacker News - 28 Červen, 2025 - 09:19
Facebook, the social network platform owned by Meta, is asking for users to upload pictures from their phones to suggest collages, recaps, and other ideas using artificial intelligence (AI), including those that have not been directly uploaded to the service. According to TechCrunch, which first reported the feature, users are being served a new pop-up message asking for permission to "allow Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

GStreamer 1.26.3 Fixes H.266 Security Flaw, Adds New Features

LinuxSecurity.com - 28 Červen, 2025 - 00:13
If you've ever set up or maintained a multimedia pipeline on Linux, you already know the stakes. Your system needs to decode, encode, stream, and sync diverse media formats flawlessly, often under significant workload. GStreamer has been the workhorse of open-source multimedia for years, but it's not unbreakable. That's why version 1.26.3 matters.
Kategorie: Hacking & Security

AI regulation freeze could fracture US digital future

Computerworld.com [Hacking News] - 27 Červen, 2025 - 23:11

The fireworks that could soon go off across the US have nothing to do with July 4 celebrations, but are reaction to a double hit that every state in the union may soon face relating to a potential reduction of connectivity capabilities and a proposed 10-year ban on its ability to regulate AI.

Drastic legislative changes around both issues are contained in the Trump administration’s Reconciliation Tax Bill, which is now before the Senate.

In early June, 260 state lawmakers from both parties in all 50 states sent a letter to Congress voicing strong opposition to the AI regulation ban. The letter, which was spearheaded by Americans for Responsible Innovation (ARI), a nonprofit policy advocacy organization, stated, “the proposed 10-year freeze of state and local regulation of AI and automated decision systems would cut short democratic discussion of AI policy in the states with a sweeping moratorium that threatens to halt a broad array of laws and restrict policymakers from responding to emerging issues.”

ARI president Brad Carson said, “lawmakers from every state in the country are sending a clear message that the proposed ban on state AI laws would freeze a whole range of common-sense laws that voters depend on.”

There is, he said, “room for a debate on pre-emption of a targeted set of state AI laws with the passage of a federal framework for AI governance. But this proposal fails on all counts, with an overbroad scope and nothing to offer when it comes to federal governance.”

Moratorium would be ‘a historic mistake’

On Thursday, lawmakers from Utah, South Carolina, Ohio, Tennessee, Wisconsin and Montana held a press conference organized by the ARI to ask Congress to remove the moratorium. There has also been a major new twist since Trump’s so-called One Big Beautiful Bill moved to the Senate for final approval, in that Senator Ted Cruz, chair of the Senate Committee on Commerce, Science, and Transportation, inserted a clause that would preclude any state receiving funding under the Broadband, Equity, Access and Deployment (BEAD) program if they refused to introduce an AI law moratorium.

Satya Thallam, senior advisor with ARI, said in a release following the press conference, “state lawmakers are sending a clear message to Congress: the moratorium threatens a range of state laws, from kids’ online safety to pro-innovation measures, and it needs to be struck from the bill.”

He added, “preventing lawmakers back home from doing the hard work of legislating on AI issues for the next decade would be a historic mistake. Congress shouldn’t be working in opposition to state lawmakers, but hand-in-hand with state legislators to get AI policy right.”

Amba Kak, co-executive director of AI Now Institute, said Thursday in an email to Computerworld, “simply put, this ban on state AI law would leave American consumers and workers with even less protections than we have today against some of the worst forms of AI-related abuse and exploitation. The moratorium rolls back the clock on the protections that are in place, and prevents new rules from coming into place. Essentially [it’s] forcing state lawmakers to turn a deaf ear to their constituents.”

‘AI being used on us, not just by us’

Who might be most at risk? “It’s all of us, any of us, that will be at the receiving end of AI mediating our life and work, whether we choose to opt in or not,” she said. “AI is routinely being used on us, not just by us. But it is most unconscionable to unleash these risks on those least well positioned to fend for ourselves — children, seniors more susceptible to AI scams and manipulation, low income people subject to faulty and error ridden AI-mediated social services systems, and those working jobs that are being aggressively devalued or replaced.” 

Kak added, “I’d also flip that question to say: who has most to gain here? Big Tech: The same industry that, by increasingly bipartisan consensus, has gotten too big for its boots. And have proven themselves to be reckless custodians of this power. This moratorium drives that impunity further, in ways that send a truly dangerous message to the Big Tech AI firms: they’re in charge, no questions asked.”

On Wednesday, Cruz issued a release which said that he had published updated text for the Commerce Committee’s portion of the budget reconciliation bill.

A backgrounder accompanying the release states that the update involves the appropriation of  “$500 million to the National Telecommunications and Information Administration (NTIA) to support deployment of AI models or systems and underlying infrastructure. The proposal uses the administrative structure of the Broadband, Equity, Access, and Deployment (BEAD) program to streamline allocation of new funding.”

It goes on to say that, in order to receive “a portion of this new $500 million federal investment to deploy AI,” states must agree to several conditions, one of which is the temporary pause of “any enforcement of any state restrictions, as specified, related to AI models, AI systems, or automated decision systems for 10 years.”

US Senator Maria Cantwell, a Democrat and Ranking Member of the committee, reacted by saying, “the newly released language by Chair Cruz continues to hold $42 billion in BEAD funding hostage, forcing states to choose between protecting consumers and expanding critical broadband infrastructure to rural communities.”

Cementing the digital divide

Drew Garner, director of policy engagement at Benton Institute for Broadband & Society, a nonprofit organization whose focus is ensuring all people in the US have access to competitive, high-performance broadband, sided with Cantwell, saying, “[it] sounds insane even not tied to BEAD, but tied to BEAD is doubly insane.”

The Trump administration and Cruz, he said, are “treating [BEAD] like a piñata right now and it’s crazy. It is an awful time to be in a state broadband office.”

This new threat worsens an already bad situation. In March, US Department of Commerce secretary Howard Lutnick announced that he had launched a “rigorous review of the BEAD program. The Department is ripping out the Biden administration’s pointless requirements. It is revamping the BEAD program to take a tech-neutral approach that is rigorously driven by outcomes, so states can provide internet access for the lowest cost.”

And following the release of revised rules earlier this month, Garner wrote, “[Lutnick’s] actions will cement the digital divide for decades. He is hurting our economic competitiveness, our healthcare and education … Secretary Lutnick wants to invest in the ‘cheapest’ broadband infrastructure, not the best infrastructure. It’s a self-inflicted wound to American competitiveness.”

Kategorie: Hacking & Security

Scattered Spider hackers shift focus to aviation, transportation firms

Bleeping Computer - 27 Červen, 2025 - 20:20
Hackers associated with Scattered Spider tactics have expanded their targeting to the aviation and transportation industries after previously attacking insurance and retail sectors [...]
Kategorie: Hacking & Security

Agentic AI – Ongoing coverage of its impact on the enterprise

Computerworld.com [Hacking News] - 27 Červen, 2025 - 19:47

Over the next few years, agentic AI is expected to bring not only rapid technological breakthroughs, but a societal transformation, redefining how we live, work and interact with the world. And this shift is happening quickly.

“By 2028, 33% of enterprise software applications will include agentic AI, up from less than 1% in 2024, enabling 15% of day-to-day work decisions to be made autonomously,” according to research firm Gartner.

Unlike traditional AI, which typically follows preset rules or algorithms, agentic AI adapts to new situations, learns from experiences, and operates independently to pursue goals without human intervention. In short, agentic AI empowers systems to act autonomously, making decisions and executing tasks — even communicating directly with other AI agents — with little or no human involvement.

One key driver is the growing sophistication of large language models (LLMs), which provide the “brains” for these agents. Agentic AI will enable machines to interact with the physical world with unprecedented intelligence, allowing them to perform complex tasks in dynamic environments, which could be especially useful for industries facing labor shortages or hazardous conditions.

The rise of agentic AI also brings security and ethical concerns. Ensuring these autonomous systems operate safely, transparently and responsibly will require governance frameworks and testing. Preventing the law of unintended consequences will also require human vigilance.

Because job displacement is a potential outcome, strategies for retraining and upskilling workers will be needed as the technology necessitate a shift in how people approach work, emphasizing collaboration between humans and intelligent machines.

To stay on top of this evolving technology, follow this page for ongoing agentic AI coverage from Computerworld and Foundry’s other publications.

Agentic AI news and insights IFS rolls TheLoops agentic AI into industrial ERP

June 27, 2025: IFS is adding AI agent development and management capabilities to its ERP platform with the acquisition of software startup The acquisition brings TheLoops’ full Agent Development life cycle (ADLC) platform into IFS, enabling enterprises to design, test, deploy, monitor, and fine-tune AI agents with built-in support for versioning, compliance, and performance optimization.

How AI agents and agentic AI differ from each other

June 12, 2025: With agentic AI in its infancy and organizations rushing to adopt AI agents, there seems to be confusion about the difference between “agentic AI” and “AI agents” technologies, but experts say there’s growing understanding that the two are separate, but related, tools.

The future of RPA ties to AI agents

June 10, 2025: RPA is accelerating toward a crossroads, with IT leaders and experts debating its future. Some IT leaders say that more powerful and autonomous AI agents will replace the two-decade-old AI precursor technology, while others predict that AI agents and RPA will work hand-in-hand.

MCP is enabling agentic AI, but how secure is it?

June 2, 2025: Model context protocol (MCP) is becoming the plug-and-play standard for agentic AI apps to pull in data in real time from multiple sources. However, this also makes it more attractive for malicious actors looking to exploit weaknesses in how MCP has been deployed. 

The agentic AI assist Stanford University cancer care staff needed

May 30, 2025: At Microsoft Build 2025 earlier this month, Nigam Shah, CDO for Stanford Health Care, discussed agentic AI’s ability to redefine healthcare, especially in oncology, as physicians get overloaded with the administrative tasks of medicine, he said, which lead to burnout.

Agentic AI, LLMs and standards big focus of Red Hat Summit

May 26, 2025: Red Hat, announced a number of improvements in its core enterprise Linux product, including better security, better support for containers, better support for edge devices. But the one topic that dominated the conversation was AI.

Putting agentic AI to work in Firebase Studio

May 21, 2025: Putting agentic AI to work in software engineering can be done in a variety of ways. Some agents work independently of the developer’s environment, working essentially like a remote developer. Other agents directly within a developer’s own environment. Google’s Firebase Studio is an example of the latter, drawing on Google’s Gemini LLM o help developers prototype and build applications .

Why is Microsoft offering to turn websites into AI apps with NLWeb?

May 20. 2025: NLWeb, short for Natural Language Web, is designed to help enterprises build a natural language interface for their websites using the model of their choice and data to answer user queries about the contents of the website. Microsoft hopes to stake its claim on the agentic web before rivals Google and Amazon do.

Databricks to acquire open-source database startup Neon to build the next wave of AI agents

May 14, 2025: Agentic AI requires a new type of architecture because traditional workflows create gridlock, dragging down speed and performance. To get ahead in this next generation of app building, Databricks announced it will purchase Neon, an open-source serverless Postgres company.

Agentic mesh: The future of enterprise agent ecosystems

May 13, 2025: Nvidia CEO Jensen Huang predicts we’ll soon see “a couple of hundred million digital agents” inside the enterprise. Microsoft CEO Satya Nadella takes it even further: “Agents will replace all software.”

Google to unveil AI agent for developers at I/O, expand Gemini integration

May 13, 2025: Google is expected to unveil a new AI agent aimed at helping software developers manage tasks across the coding lifecycle, including task execution and documentation. The tool has reportedly been demonstrated to employees and select external developers ahead of the company’s annual I/O conference.

Nvidia, ServiceNow engineer open-source model to create AI agents

May 6, 2025: Nvidia and ServiceNow have created an AI model that can help companies create learning AI agents to automate corporate workloads. The open-source Apriel model, available generally in the second quarter on HuggingFace, will help create AI agents that can make decisions around IT, human resources and customer-service functions.

How IT leaders use agentic AI for business workflows

April 30, 2025: Jay Upchurch, CIO at SAS, backs agentic AI to enhance sales, marketing, IT, and HR motions. “Agentic AI can make sales more effective by handling lead scoring, assisting with customer segmentation, and optimizing targeted outreach,” he says.

Microsoft sees AI agents shaking up org charts, eliminating traditional functions

April 28, 2025: As companies increasingly automate work processes using agents, traditional functions such as finance, marketing, and engineering may fall away, giving rise to an ‘agent boss’ era of delegation and orchestration of myriad bots.

Cisco automates AI-driven security across enterprise networks

April 28, 2025: Cisco announced a range of AI-driven security enhancements, including improved threat detection and response capabilities in Cisco XDR and Splunk Security, new AI agents, and integration between Cisco’s AI Defense platform and ServiceNow SecOps.

Hype versus execution in agentic AI

April 25, 2025: Agentic AI promises autonomous systems capable of reasoning, making decisions, and dynamically adapting to changing conditions. The allure lies in machines operating independently, free of human intervention, streamlining processes and enhancing efficiency at unprecedented scales. But David Linthicum writes, don’t be swept up by ambitious promises. 

Agents are here — but can you see what they’re doing?

April 23, 2025: As the agentic AI models powering individual agents get smarter, the use cases for agentic AI systems get more ambitious — and the risks posed by these systems increase exponentially.A multicloud experiment in agentic AI: Lessons learned

Agentic AI might soon get into cryptocurrency trading — what could possibly go wron

April 15, 2025: Agentic AI promises to simplify complex tasks such as crypto trading or managing digital assets by automating decisions, enhancing accessibility, and masking technical complexity.

Agentic AI is both boon and bane for security pros

April 15, 2025: Cybersecurity is at a crossroads with agentic AI. It’s a powerful tool that can create reams of code in a blink of an eye, find and defuse threats, and be used so decisively and defensively. This has proved to be a huge force multiplier and productivity boon. But while powerful, agentic AI isn’t dependable, and that is the conundrum. 

AI agents vs. agentic AI: What do enterprises want?

April 15, 2025:  Now that this AI agent story has morphed into “agentic AI,” it seems to have taken on the same big-cloud-AI flavor that enteriprise already rejected. What do they want from AI agents, why is “agentic” thinking wrong, and where is this all headed?

A multicloud experiment in agentic AI: Lessons learned

April 11, 2025: Turns out you really can build a decentralized AI system that operates successfully across multiple public cloud providers. It’s both challenging and costly.

Google adds open source framework for building agents to Vertex AI

April 9, 2025: Google is adding a new open source framework for building agents to its AI and machine learning platform Vertex AI, along with other updates to help deploy and maintain these agents. The open source Agent Development Kit (ADK) will make it possible to build an AI agent in under 100 lines of Python code. It expects to add support for more languages later this year.

Google’s Agent2Agent open protocol aims to connect disparate agents

April 9, 2025: Google has taken the covers off a new open protocol — Agent2Agent (A2A) — that aims to connect agents across disparate ecosystems.. At its annual Cloud Next conference, Google said that the A2A protocol will enable enterprises to adopt agents more readily as it bypasses the challenge of agents that are built on different vendor ecosystems not being able to communicate with each other.

Riverbed bolsters AIOps platform with predictive and agentic AI

April 8, 2025: Riverbed unveiled updates to its AIOps and observability platform that the company says will transform how IT organizations manage complex distributed infrastructure and data more efficiently. Expanded AI capabilities are aimed at making it easier to manage AIOps and enabling IT organizations to transition from reactive to predictive IT operations.

Microsoft’s newest AI agents can detail how they reason

March 26, 2025: If you’re wondering how AI agents work, Microsoft’s new Copilot AI agents provide real-time answers on how data is being analyzed and sourced to reach results. The Researcher and Analyst agents take a deeper look at data sources such as email, chat or databases within an organization to produce research reports, analyze strategies, or convert raw information into meaningful data.

Microsoft launches AI agents to automate cybersecurity amid rising threats

March 26, 2025: Microsoft has introduced a new set of AI agents for its Security Copilot platform, designed to automate key cybersecurity functions as organizations face increasingly complex and fast-moving digital threats. The new tools focus on tasks such as phishing detection, data protection, and identity management.

How AI agents work

March 24, 2025: By leveraging technologies such as machine learning, natural language processing (NLP), and contextual understanding, AI agents can operate independently, even partnering with other agents to perform complex tasks.

5 top business use cases for AI agents

March 19, 2025: AI agents are poised to transform the enterprise, from automating mundane tasks to driving customer service and innovation. But having strong guardrails in place will be key to success.

Nvidia launches AgentIQ toolkit to connect disparate AI agents

March 21, 2025: As enterprises look to adopt agents and agentic AI to boost the efficiency of their applications, Nvidia this week introduced a new open-source software library — AgentIQ toolkit — to help developers connect disparate agents and agent frameworks..

Deloitte unveils agentic AI platform

March 18, 2025: At Nvidia GTC 2025 in San Jose, Deloitte announced Zora AI, a new agentic AI platform that offers a portfolio of AI agents for finance, human capital, supply chain, procurement, sales and marketing, and customer service.The platform draws on Deloitte’s experience from its technology, risk, tax, and audit businesses, and is integrated with all major enterprise software platforms. 

The dawn of agentic AI: Are we ready for autonomous technology?

March 15, 2025: Much of the AI work prior has focused on large language models (LLMs) with a goal to give prompts to get knowledge out of the unstructured data. So it’s a question-and-answer process. Agentic AI goes beyond that. You can give it a task that might involve a complex set of steps that can change each time.

How to know a business process is ripe for agentic AI

March 11, 2025: Deloitte predicts that in 2025, 25% of companies that use generative AI will launch agentic AI pilots or proofs of concept, growing to 50% in 2027. The firm says some agentic AI applications, in some industries and for some use cases, could see actual adoption into existing workflows this year.

With new division, AWS bets big on agentic AI automation

March 6, 2025: Amazon Web Services customers can expect to hear a lot more about agentic AI from AWS in future with the news that the company is setting up a dedicated unit to promote the technology on its platform.

How agentic AI makes decisions and solves problems

March 6, 2025: GenAI’s latest big step forward has been the arrival of autonomous AI agents. Agentic AI is based on AI-enabled applications capable of perceiving their environment, making decisions, and taking actions to achieve specific goals. 

CIOs are bullish on AI agents. IT employees? Not so much

Feb. 4, 2025: Most CIOs and CTOs are bullish on agentic AI, believing the emerging technology will soon become essential to their enterprises, but lower-level IT pros who will be tasked with implementing agents have serious doubts.

The next AI wave — agents — should come with warning labels. Is now the right time to invest in them?

Jan.13, 2025: The next wave of artificial intelligence (AI) adoption is already under way, as AI agents — AI applications that can function independently and execute complex workflows with minimal or limited direct human oversight — are being rolled out across the tech industry.

AI agents are unlike any technology ever

Dec. 1, 2024: The agents are coming, and they represent a fundamental shift in the role artificial intelligence plays in businesses, governments, and our lives.

AI agents are coming to work — here’s what businesses need to know

Nov. 21, 2024: AI agents will soon be everywhere, automating complex business processes and taking care of mundane tasks for workers — at least that’s the claim of various software vendors that are quickly adding intelligent bots to a wide range of work apps.

Agentic AI swarms are headed your way

November 1, 2024: OpenAI launched an experimental framework called Swarm. It’s a “lightweight” system for the development of agentic AI swarms, which are networks of autonomous AI agents able to work together to handle complex tasks without human intervention, according to OpenAI. 

Is now the right time to invest in implementing agentic AI?

October 31, 2024: While software vendors say their current agentic AI-based offerings are easy to implement, analysts say that’s far from the truth.

Kategorie: Hacking & Security

Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign

The Hacker News - 27 Červen, 2025 - 17:58
Threat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used to facilitate a prolonged cyber espionage infrastructure campaign for China-nexus hacking groups. The Operational Relay Box (ORB) network has been codenamed LapDogs by SecurityScorecard's STRIKE team. "The LapDogs network has a high concentration of victims Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Russia’s throttling of Cloudflare makes sites inaccessible

Bleeping Computer - 27 Červen, 2025 - 17:47
Starting June 9, 2025, Russian internet service providers (ISPs) have begun throttling access to websites and services protected by Cloudflare, an American internet giant. [...]
Kategorie: Hacking & Security
Syndikovat obsah