Agregátor RSS

Atlona ATOMERX21 - Authenticated Command Injection

Blíží se termín pro elektronické podání daňového přiznání k dani z příjmů. Projděte si s námi, co si předem připravit a na co nezapomenout. V galerii si můžete prohlédnout, jak vypadá vyplnění přiznání v aplikaci MOJE daně.

Mladý bezpečnostní analytik opakovaně hlásí chybné zranitelnosti. Po sérii falešných poplachů mu kolegové přestanou věřit. Pak přijde skutečný problém. Poučení o důvěře a zodpovědnosti v kyberbezpečnosti.

Prozkoumáme detailní parametry grafické karty, automatizujeme instalaci herních kompatibilních vrstev, budeme spravovat písma z příkazové řádky a synchronizujeme přepínání zařízení Logitech mezi počítači.

O kosmologii a odpovědi na otázky z ní je velký zájem, proto v poměrně krátkém časovém sledu zařazuji další, v pořadí již pátý díl, našeho seriálu. I dnes se můžete těšit na pět otázek a odpovědí z oblasti kosmologie a fyziky.

Experiment ARA (Askaryan Radio Array) poprvé detekoval Askaryanovo záření, specifické rádiové signály, které vznikají, když vysokoenergetické částice vletí do hustého dielektrika. Detektory umístěné až 200 metrů pod ledem Antarktidy před časem zachytily celkem 13 událostí, u nichž téměř není pochyb.

Zatímco Intel hovoří o profesionálních řešeních postavených na grafické architektuře Celestial, herní grafické karty od loňska nezmiňuje. Podezření se potvrdilo: Zrušil je již loni, v tichosti…

Researchers are warning that the VECT 2.0 ransomware has a problem in the way it handles encryption nonces that leads to permanently destroying larger files rather than encrypt them. [...]

Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by exploiting a critical vulnerability  tracked as CVE-2026-42208. [...]

Vimeo has disclosed that data belonging to some of its customers and users has been accessed without authorization following the recent breach at the Anodot data anomaly detection company. [...]

When Apple rolled out hardware chief John Ternus as the CEO to replace Tim Cook, the reaction was kind but muted. That’s because Ternus has said nothing yet to indicate he has a specific plan to position Apple for the future. (To be fair, he’s said next to nothing about anything — no easily found social media posts, no big speeches about anything beyond hardware, no major interviews showcasing his vision. 

I have long been a fan of Apple, but the “i” people have a lot of problems. Their failure to make Apple an AI leader — not the leader, just a leader — has dominated headlines for two years now. But the truth is that Apple has spent years without the passion and drive that marked the second coming of Steve Jobs as CEO.

The clearest example involves the iPhone and the Apple Watch. I used to routinely upgrade my devices once a year, or at least every two years. I am sitting here now with an iPhone 13 Pro Max and an Apple Watch Series 7–the same devices I’ve had for almost five years. 

Each year, I’d get excited about Apple’s new devices and look for just one clean reason to upgrade. I didn’t find it. The promise of AI was intriguing, but Apple didn’t deliver. The iPhone camera kept getting better, but my photos look just fine already. 

Apple did deliver one feature that would have made me upgrade: allowing an iPhone to record and quickly transcribe calls. But the company then rolled it out to all devices, meaning it offered little to push new iPhone sales. (Of course, Apple never bothered to tell users the transcription feature has a roughly 30-minute limit. For a guy who often does hour-long interviews, that’s a problem; I’m forced to stop a recording at the 25-minute mark and reactivate it. *Sigh*)

As for AI, I would love for the iPhone to actually be intelligent about all of the data swimming within its case. For example, as a reporter, I have apps for a large number of news organizations. On one election night, I got 16 alerts that a Senate race had been called. I don’t need 16; I just need one. If Apple Intelligence were really intelligent, it would understand that. It should also understand that when I’m driving to an appointment, I don’t need a calendar alert 15 minutes before my meeting when the phone should know — based on my destination and routing in Apple Maps — that I’m on the way.

All those little missteps add up. One of the critical talents a CEO at a company as large as Apple needs is either vision or a passion that can pass for vision. 

This brings us to the inevitable comparison between Jobs and Cook. Jobs was passionate, persuasive, inspirational and he truly had a plan for future products based on his gut feeling of what users would want or need. But Jobs was also undisciplined, harsh, and abrupt and someone who wasn’t always worried about the truth.

He was, therefore, a great business leader, but he had help. (Keep reading for more.) 

Cook was nearly the opposite of Jobs. He was precise, methodical, detail-oriented and he for the most part treated people well and with respect. But his speeches were lackluster and I have yet to meet anyone who dubbed him electric or inspirational. He was privately passionate about his work, but that passion rarely surfaced in public. 

Here’s my point about Jobs’ success: He did so well because he had Cook as a senior deputy. Having the ultimate technocrat in place allowed Jobs to focus on the bigger-picture future. 

There’s been chatter on LinkedIn suggesting that Cook was a weaker CEO than Jobs. There’s a valid argument for that, but many do not give credit to Cook for helping Jobs perform as well as he did. 

Earlier in Cook’s tenure, he did have one executive with a healthy chunk of the Jobs passion: Jony Ive. But Ive got tired of the technocratic nature of his boss and left in 2019 to work elsewhere. Turns out the best leadership duo is a visionary CEO with a technocrat deputy. It doesn’t seem to work the other way around. 

Customers and employees also want to see passion and vision from a CEO directly. And that brings us to the upcoming change.Can Apple under CEO Ternus get its AI act together? That is the big mystery. 

Apple certainly has the money and the clout to make AI work from either side of the buy/build path. But does it have a vision of what customers want — or more precisely, what they need?. Jobs had the knack for correctly guessing what customers would want once they got it, even if they didn’t yet know they needed it. 

Justin Greis, CEO of consulting firm Acceligence and former head of the North American cybersecurity practice at McKinsey, sees Ternus as an executive “who has also [along with Cook] been heads down on execution mode his entire career and he’s an insider. He knows how to keep (Apple) in its lane.”

Greis goes with the crowd in pinning most of his Apple hopes on AI. “If you look at the big AI companies, Apple is not on the map. Everybody is outpacing them. Siri simply doesn’t have the power that is needed to be valuable for their end-users.”

The AI magic is really not about simply using AI on-device. It’s about the value that can be delivered by a sophisticated integration of literally every piece of information coursing through a phone, your watch, a Mac or an iPad. 

A few years ago, people saw Apple as a gatekeeper controlling access to Siri. Back then, the assumption was that access to Siri would be worth tons of money. No longer. Plenty of people now use their iPhone to access generative AI offerings from a variety of Apple’s AI rivals. 

Apple can still win the AI mindshare battle, but only if it can truly deliver intelligent integration of everything that interacts with the phone. That package could be offered solely through Siri, allowing Apple to again control the almighty gateway. Sure, an iPhone user can access Claude or Perplexity — but if only Apple’s knighted partner can analyze your calendar, your contacts, your call history, your travel plans, your bank account, your photos, etc.— companies will again be willing to pay for access. 

That’s where Apple gold lies. The question is whether Ternus can mine it.

'Full recovery is impossible for anyone, including the attacker'

Organizations hit by the wave of Trivy and LiteLLM supply-chain compromises that paid Vect in hopes of recovering their data likely did not get much back, according to Check Point Research. That's because the ransomware Vect uses isn't actually ransomware at all, but a wiper that destroys any file larger than 128KB.…

The ongoing shift from generative AI (genAI) to agentic AI provides an opportunity for enterprises to move to more nimble and less expensive forms of computing, according to analysts.

Early AI models were largely built on expensive GPUs from Nvidia and AMD that offered raw processing power. But newer agentic AI tools, rooted in business process and workflow management, can run on more efficient, cost-effective hardware.

As a result, IT decision-makers who still think they require GPUs for anything AI-related need to reconsider their hardware options in terms of both cost and capabilities, analysts said.

“A better way of thinking about this is the cost of AI compute and now agentic AI platform services or systems,” said Leonard Lee, principal analyst at Next Curve. “’AI computing’ or ‘accelerated computing’ has clearly transcended the GPU as an inference accelerator.”

The new hardware options include CPUs and specialized AI chips, also known as ASICs in semiconductor parlance. Although these chips have been around for years, they are now showing real utility as agentic AI goes mainstream.

For one, the CPU — the main chip in any computer — is seeing something of a revival. “The CPU is reinserting itself as the indispensable foundation of the AI era. The CPU now serves as the orchestration layer and critical control plane for the entire AI stack,” Lee said.

CPUs are both power efficient and well-suited for AI on the edge, although specialized low-power chips are more capable depending on the task, said Jim McGregor, principal analyst at Tirias Research. “It will still be more efficient to use an ASIC instead of a CPU, and in most cases it will be less expensive over the life of a platform,” he said.

The growth of inference provides an opening for optimized AI accelerators, which can handle those jobs more efficiently than GPUs, said Mike Feibus, principal analyst at FeibusTech. “…The relative importance of [the] CPU is rising.”

Nvidia — sensing that it needed a low-power chip beyond its power-hungry GPUs — has already introduced an ASIC for inferencing in its hardware stack. And it recently licensed AI chip technology from Groq for $20 billion.

Because Agentic AI involves a different computing model than genAI training on GPUs, enterprises need to consider the hardware options and pricing models available through cloud providers. “It’s more about model management than about model building — and the CPU is critical in providing workflow management,” said Jack Gold, principal analyst at J. Gold Associates.

Pricing variations continue to be an issue. Straight CPU compute is not billed the same as heavy GPU use, making it difficult to nail down costs, Gold said. “GPUs in training use more electricity generically due to near 100% utilization in a training workload, whereas in general-purpose compute, servers and CPUs run more like 40% to 60% utilization,” he said. “But it’s highly variable depending on what the agent is doing.”

Gold predicts that 80% to 85% of AI workloads will move to inference in the next two to three years, especially as tools become more agentic. (Inference means moving away from GPUs, which are better used for training, to CPUs, which are more efficient for simpler AI tasks.)

“CPUs take on a major significance in making everything work. It’s why all the hyperscalers are now loading up on CPUs, not just GPUs,” Gold said.

Major cloud providers Google, Amazon and Microsoft , for instance, have their own CPUs and low-power ASICs for inferencing.

What looks at the moment like a resurgence in CPU demand is actually pointing to a larger issue: the growing complexity of AI infrastructure, said Gaurav Shah, vice president of business development and strategic partnerships at NeuReality.

The overhead around data movement, orchestration and networking is exploding, Shah said. “That’s what’s driving demand — not CPUs doing more AI, but systems struggling to keep up with AI,” Shah said.

Beyond enterprises, genAI companies, AI-native companies and neoclouds all will need to rethink their architecture. “The winners will be the architectures that deliver the most inference per watt, not the most cores per server,” Shah said.

Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an authenticated user to obtain remote code execution with a single "git push" command. The flaw, tracked as CVE-2026-3854 (CVSS score: 8.7), is a case of command injection that could allow an attacker with push access to a repository to achieveRavie Lakshmananhttp://www.blogger.com/profile/[email protected]

Může strategie, ve které se na konflikt místo vojáků díváte pohledem mediků a lékařů v týlu, vůbec bavit? Je zachraňování životů stejně atraktivní jako jejich ničení? Přesvědčit vás o tom, že i správa polní nemocnice může být zábava, se pokouší česká hra Medix.

Češi si s digitálními technologiemi vedou lépe než většina Evropanů. Alespoň základní digitální dovednosti má podle dat Českého statistického úřadu sedm z deseti lidí a nad průměrem EU se pohybujeme také v používání internetového bankovnictví nebo online nákupů.

A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer called LofyStealer (aka GrabBot). "The malware disguises itself as a Minecraft hack called 'Slinky,'" Brazil-based cybersecurity company ZenoX said in a technical report. "It uses the official game icon to induce voluntary execution, Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Fleet, the independent, open-source, multi-platform MDM service, recently announced its new partner program for VARs and MSPs serving enterprise customers and recruited MobileIron co-founder Suresh Batchu to serve on the company’s board. With those moves in mind, I caught up with company CEO Mike McNeil to find out more about the Fleet’s plans.

Given the company’s roots in open source, working with partners is a good way to enable it to support a variety of enterprise needs, with resellers and MSPs playing an active role in customizing the core solution for those requirements.

Fleet and the Mac

Fleet is just as happy managing Macs as it is Linux systems and integrates well with existing tools — as long as they support open standards and APIs. This gives it a unique insight into Apple device adoption in the enterprise.

McNeil confirmed that both Apple and Linux systems are seeing rapid increases in deployment. “The new MacBook Neo is now cheaper than comparable PCs, so Apple adoption is increasing, but so are other OS options like desktop Linux,” he said. (Desktop Linux reached 3.16% market share in March, says StatCounter, while OS X hit 9.52% and Windows fell to 60.8%.)

That’s not to say migration to any platform is always easy. “I spoke to an IT director yesterday from a casino company whose team had bought a couple of Neos and tried enrolling them in Microsoft Intune, but gave up,” McNeil told me. This was because they hit an unrelated bug with their traditional MDM, didn’t have great diagnostics to work with, and the IT director then “assumed” that it must be because the Neo wouldn’t work for enterprise use. As it turns out, the issue was with the MDM, McNeil said.

“At Fleet, we’ve enrolled MacBook Neos ourselves with no problems, and seen customers do the same,” he said. “Enterprises are usually mixed OS environments, and [MDM] solutions limited to a single ecosystem, like Jamf that’s Apple only, are pretty restrictive.

Why partnerships matter

“Enterprises are very particular, and they often operate in vastly different ways,” said McNeil. “For example, there are many, many ways to automatically make sure employees can get on to a Wi-Fi network or a VPN on their first day at work.” 

Fleet, he said, works to balance needs between different parts of a company – infosec and IT, for example. “We optimize for baby steps, small iterations,” McNeil said, pointing out that new features are documented and explained as they are introduced.

“The first generation of device management was built for control and compliance,” said Batchu. “The next generation needs to be built for speed, automation, and how modern teams actually operate. Fleet is taking a fundamentally different approach with infrastructure as code and AI-driven workflows, and I’m excited to help shape that direction.

“In 2026, every company needs to do more with less.  Budgets are shifting towards AI and innovation, forcing leaders to extract more value from existing infrastructure. Some IT estates have been around for 20, 30, 35 years, and organizational structures, technical debt, and even entire jobs exist just to keep the lights on. But when you suddenly go from patching monthly to patching in hours, something has got to give.”

He argued that the adoption of a partnership model should help companies move through digital transformation with Fleet while maintaining tight budgets. Partners can help train employees and better understand the context of company need.

It’s also about making sure things are usable. Citing the “Concur” effect, which he describes as a product designed to satisfy high-level stakeholder requirements rather than the needs of those actually using the software, McNeil says he has a “personal vendetta” against complexity in software design.

What will enterprises need?

It’s a move to make every platform easy to manage using powerful tools optimized for the unique needs of customers. “By 2030, IT will need reliable infrastructure that works with the productivity and security tools they’re already using throughout their business.” IT and security teams won’t want separate platforms for each OS or function, and they’ll want to use chat to get projects started. 

AI is a constant. At least one current Fleet customer now has tens of thousands of computers running AI agents and recently gave each of its employees a headless “claw” — a powerful AI agent based on OpenClaw, the free, open-source AI agent software that is accessed via remote computers.

Fleet helps IT recognize the use of shadow AI tools across the business, as well as tracking other app installs, licenses, and use. “So whether you want to find out who’s using the Claude app, who’s using shadow AI tools they shouldn’t be using, or just how many extra, expensive Bloomberg terminal licenses you’re paying for that aren’t actually getting used, you can do that in Fleet, right from your MDM.” 

As McNeil sees it, the emerging AI services environment favors Linux for AI, with other platforms the province of human workers. “I don’t think we’ll see a world where most human users are running desktop Linux in five years, but I wouldn’t be surprised if Microsoft and Apple are neck and neck in the enterprise” by then,” he said.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Díky smartphonům můžeme dnes fotit kdykoliv a kdekoliv • Při focení však děláme spoustu chyb • Toto jsou ty nejčastější, které dělají snad úplně všichni

Think about Linux security like the structural integrity of a building. Most information security best practices focus on the front door''locks, cameras, and ID badges. That's the "policy" layer. It's great for keeping people out, but it doesn't address what happens to the foundation if those locks fail.