Agregátor RSS

Trezor is alerting users about a phishing campaign that abuses its automated support system to send deceptive emails from its official platform. [...]

Webové editory nabízejí rychlou úpravu snímků bez instalace • Placené programy poskytují profesionální funkce a AI nástroje • Mnoho alternativ nabízí jednorázovou platbu bez předplatného

Apple device management vendor Mosyle has introduced AccessMule, an easy-to-use workflow platform designed to address a specific set of small business needs related to granting, managing, auditing, sharing, storing, and removing employee access from company systems.

These protections are particularly important when on-boarding and off-boarding employees. 

To understand why this matters, it’s important to consider that the main source of cybersecurity breaches among all businesses is not hackers per se, but intentional or unintentional actions performed by employees. That human factor is behind 74% of all security breaches, according to 2023 research from Verizon.

Mosyle has its own research to explain the problem. 

Employee access is a time bomb

According to that data:

• Around 87% of small and mid-sized businesses (SMBs) say they cannot immediately verify which employees have access to company permissions.
• Roughly the same percent of SMBs also fail to promptly revoke employee access when they leave.
• Nearly 90% of companies have found former employees still have access to company applications and files, even after they leave the company.

None of these risks are good, of course — particularly in the context of an unravelling consensus around cybersecurity. So, it makes sense for companies to put sufficient protections in place today rather than face attacks in the future. 

Mosyle encountered challenges managing the on/off-boarding process at first. “The decision to build AccessMule was born out of necessity at Mosyle” said the company’s CEO, Alcyr Araujo. “Later, we realized it wasn’t just a gap for our organization, but a fundamental problem that needed to be solved for all SMBs. We’re launching AccessMule today as an independent subsidiary that will empower organizations with a high-quality, secure and efficient access and password management platform at an affordable price.”

What does AccessMule provide?

Mosyle’s wholly-owned service provider will provide a range of tools designed to defend against the consequences of lax employee security. The main focus is to automate those elements of access control that SMBs often fail to manage. That means tools to automate onboarding and offboarding processes, along with controls to assign access based on roles and overall oversight reporting so it is possible to check who has corporate access at any given time. 

Additional features include bult-in password management, safe password sharing, encryption sharing, and support for shared multi-factor authentication (MFA). Role-based access control (RBAC) features grant permissions in bulk, making it easy to assign permissions for new employees based on their role with a single action. All of these tools and services are available via an easy-to-use portal, the company said. The idea is that IT can maintain oversight on device and employee security, helping them better protect their company.

The ever booming Apple enterprise

Mosyle’s is just one of a range of announcements to emerge from across Apple’s enterprise value chain since WWDC. Just last week, Jamf published its own in-depth Apple-focused security report, while open-source device management vendor Fleet recently announced $27 million in new series B funding to help accelerate development of its own open platform for both cloud- and self-hosted device management for organizations of all kinds. Another vendor, Addigy, recently introduced its own new security partnership with CyberFOX. 

It is usual for Apple’s enterprise partners to begin making service announcements subsequent to WWDC. This is usually inspired by Apple’s moves to enhance enterprise support in its products at the event. It is possible that all reputable Apple device management partners have now begun working with the new Apple betas and enterprise features it is building for introduction this fall.

Apple at WWDC introduced a host of new enterprise-focused improvements, including better support for Apple Accounts in the enterprise, improvements in device management, and a significant enhancement in the quality and quantity of device information IT can access from across their fleets. The latter means tech will even be able to audit MAC address, Activation Lock statues, storage, and cellular information, as well as AppleCare coverage. Platform SSO, App management, and device sharing tools were also improved at WWDC.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

Apple měl v EU otevřít služby AirDrop a AirPlay konkurenci • A nebo připravit volně dostupnou alternativu • A právě to se stane s příchodem iOS 26, jenže ne u všech iPhonů a iPadů

If an endpoint goes ping but isn't on the network, does anyone hear it?

Partner content  Recently, I've been diving deep into security control data across dozens of organizations, and what I've found has been both fascinating and alarming. Most security teams I work with can rattle off their vulnerability management statistics with confidence. They know their scan schedules, their remediation timelines, and their critical vulnerability counts. They point to clean dashboards and comprehensive reports as proof that their programs are working.…

A cybersecurity researcher has developed FileFix, a variant of the ClickFix social engineering attack that tricks users into executing malicious commands via the File Explorer address bar in Windows. [...]

Od začátku června někteří lidé hlásí, že jim padá Chrome ve Windows 11. • Prohlížeč nelze spustit a nepomáhají ani běžné recepty jako restartování. • Family Safety blokuje prohlížeče, které nejsou Edge, zapnete-li filtrování obsahu.

A US House of Representatives official has reportedly banned WhatsApp from staffers’ government-issued devices, citing cybersecurity concerns about the messaging platform’s data handling practices. The decision adds Meta’s flagship messaging service to a growing list of applications deemed too risky for congressional use.

This ban signals heightened scrutiny of consumer messaging platforms in government environments and reinforces long-standing enterprise security concerns about using consumer-grade communication tools for sensitive business operations.

House cybersecurity office raises multiple red flags

The House Chief Administrative Officer (CAO) informed congressional staffers Monday that WhatsApp is banned on their government devices, according to a report by Axios. It cited an internal email saying “the Office of Cybersecurity has deemed WhatsApp a high risk to users due to the lack of transparency in how it protects user data, absence of stored data encryption, and potential security risks involved with its use.”

House staffers are prohibited from downloading or keeping “any mobile, desktop, or web browser versions” of WhatsApp on House-managed devices, the report said. Those who already have the app installed will be contacted to remove it.

According to the report, the CAO recommended several messaging alternatives, including Signal, Microsoft Teams, Amazon’s Wickr, and Apple’s iMessage and FaceTime. This selection reveals the House’s preference for platforms with stronger enterprise-grade security features or those developed by trusted US technology partners.

The CAO’s office did not respond to Computerworld’s request for comment.

Meta disputed the CAO’s decision. “We disagree with the House Chief Administrative Officer’s characterization in the strongest possible terms,” said a Meta spokesperson. “We know members and their staffs regularly use WhatsApp and we look forward to ensuring members of the House can join their Senate counterparts in doing so officially. Messages on WhatsApp are end-to-end encrypted by default, meaning only the recipients and not even WhatsApp can see them. This is a higher level of security than most of the apps on the CAO’s approved list that do not offer that protection.”

Enterprise-grade requirements take center stage

The House’s decision demonstrates a fundamental shift in how organizations approach messaging platform selection, particularly for sensitive communications.

Counterpoint Research partner Neil Shah said, “Applications meant for enterprise or critical public sector personas need to be enterprise grade, certified and whitelisted by the CIO or IT departments to mitigate any risk concerns.”

The ban represents “a big blow to Meta setting precedent on security concerns or transparency of the data traversing through its apps,” he said.

While WhatsApp remains a highly popular personal application, Shah noted, it “needs to have more transparency on how the data will be handled not just in transit but on servers as there is a deeper integration with Instagram, Facebook and other Meta properties building the user’s social graph to augment Meta’s ad business.”

This WhatsApp ban continues a broader trend of the House restricting technology applications based on security concerns.

“With all the geopolitical tensions, the US house doesn’t want to leave any gaping holes in security as data and information is the new arsenal for countries to get upper hand,” Shah said.

In December 2022, the House banned TikTok from staffers’ devices, citing the app as “high risk due to a number of security issues.” More recently, the House has restricted Microsoft Copilot AI and limited ChatGPT usage to the paid ChatGPT Plus version only, citing concerns about data leaks to unauthorized cloud services.

Enterprise security implications

The House’s decision reflects growing concerns among enterprise IT leaders about consumer messaging platforms documented by security experts for years.

Consumer messaging apps such as WhatsApp often lack administrative controls organizations need for compliance and data retention, failing to provide centralized management capabilities or detailed audit trails required in regulated industries. Even more concerning is the metadata exposure issue: Although WhatsApp encrypts message content, communication patterns and usage statistics may still be collected, potentially revealing sensitive business intelligence.

Additionally, WhatsApp backups stored in cloud services are not encrypted by default, leaving chat histories potentially exposed unless users manually enable encrypted backups, a step many users overlook.

Enterprise messaging strategy

For enterprise IT leaders, the House’s WhatsApp decision offers several strategic considerations. Organizations should assess messaging platforms based on enterprise security requirements rather than consumer popularity, evaluating key factors including end-to-end encryption, administrative controls, compliance features, and data residency options.

Clear policies distinguishing between approved personal and professional communication tools can help prevent security gaps while maintaining productivity. The House’s concerns about WhatsApp’s data handling transparency highlight the critical importance of thorough vendor assessments and clear data processing agreements.

Enterprise-grade platforms such as Microsoft Teams, Slack, or specialized secure messaging solutions may better serve organizational security and compliance needs, offering features like data loss prevention, legal hold capabilities, and integration with existing security infrastructure that consumer apps simply cannot match.

The House’s action on WhatsApp may influence other government agencies and enterprises to reevaluate their messaging platform policies. As organizations increasingly rely on digital communication tools, the balance between usability and security will continue to evolve.

Legacy pentests give you a snapshot. Attackers see a live stream. Sprocket's Continuous Penetration Testing (CPT) mimics real-world attackers—daily, not annually—so you can fix what matters, faster. Learn why CPT is the future. [...]

Scientists are converting immune cells into super-soldiers that can hunt down and destroy cancer cells.

CAR T therapy has been transformative in the battle against deadly cancers. Scientists extract a patient’s own immune cells, genetically engineer them to target a specific type of cancer, and infuse the boosted cells back into the body to hunt down their prey.

Six therapies have been approved by the FDA for multiple types of blood cancer. Hundreds of other clinical trials are in the works to broaden the immunotherapy’s scope. These include trials aimed at recurrent cancers and autoimmune diseases, such as lupus and systemic sclerosis, in which the body’s immune system destroys its own organs.

But making CAR T cells is a long and expensive process. It requires genetic tinkering in the lab, and patients need to have mutated blood cells wiped out with chemotherapy to make room for healthy new ones. While effective, the treatment takes a massive toll on the body and mind.

It would be faster and potentially more effective to make CAR T cells inside the body. Previous studies have tried to shuttle genes that would do just that into immune cells using viruses or fatty bubbles. But these tend to accumulate in the liver rather than target cells. The approach could also result in hyper-aggressive cells that spark life-threatening immune responses.

Inspired by Covid-19 vaccines, a new study tried shuttling a different kind of gene expression into the body. Instead of gene editors, the method turned to mRNA, a biomolecule that translates DNA instructions into cellular functions. The new method is now more targeted—skipping the liver and heading straight to immune cells—and doesn’t change a cell’s DNA blueprint, potentially making it safer than previous approaches. In rodents and monkeys, a few jabs converted T cells to CAR T cells within hours, and these went on to kill cancer cells. The effects “reset” the animals’ immune systems and lasted for roughly a month with few side effects.

“The achievement has implications for treating” certain cancers and autoimmune disorders, and moves “immunotherapy with CAR T cells to wider clinical use,” wrote Vivek Peche and Stephen Gottschalk at St. Jude Children’s Research Hospital, who were not involved in the study.

Immune Civil War

Our immune system is a double-edged sword. When working in tandem, immune cells fight off bacteria and viruses and nip cancer cells in the bud. But sometimes one immune-cell type, called a B cell, goes rogue.

Normally, B cells produce antibodies to ward off pathogens. But they can also turn into multiple types of aggressive blood cancer and wreak havoc. Cancerous versions of these sneaky cells develop ways to escape the body’s other immune cell types—like T cells, which are constantly on the lookout for unwanted intruders.

Cancer cells aren’t completely invisible. Tumors have unique proteins dotted all over their surfaces, a sort of “fingerprint” that separates them from healthy cells. In classic CAR T therapy, scientists extract T cells from the patient and genetically engineer them to produce protein “hooks”—dubbed chimeric antigen receptors (CAR)—that grab onto those cancer cell proteins. When infused back into the patient, the cells readily hunt down and destroy cancer cells.

CAR T therapy has saved lives. But it has drawbacks. Genetically engineering cells to produce the hook protein could damage their genome and potentially trigger secondary tumors. The manufacturing process also takes time—sometimes too long for the patient to survive.

In My Blood

An alternative is to directly convert a person’s T cells into CAR T cells inside their body with a shot. There have already been successes using DNA-carrying viruses.

The team wondered if they could achieve the same results with mRNA. Unlike DNA, mRNA molecules don’t integrate into the genome, reducing “the risk of damaging DNA in T cells,” wrote Peche and Gottschalk. The idea is similar to how mRNA vaccines for Covid work. These vaccines are loaded with mRNA instructions to fight off the virus. Once inside cells, these mRNA snippets direct the cells to produce proteins that trigger an immune defense. But mRNA can help cells battle other intruders too, like bacteria, or even cancer.

There’s a problem, though. The fatty shuttles used to deliver the mRNA cargo—known as lipid nanoparticles—tend to collect in liver cells, not T cells. In the new study, the team tweaked the shuttles so they would be drawn toward T cells instead. Compared to conventional nanoparticles, these ones rarely stayed inside the liver and more often found their targets.

Each shuttle contained a soup of mRNA molecules encoding a CAR—the “super soldier” protein that helps T cells seek and destroy cancer cells.

When injected into the bloodstreams of mice, rats, and monkeys, the shot converted T cells into CAR Ts in their blood, spleen, and lymph nodes in a few hours, suggesting that the mRNA instructions worked as expected. The therapy went on to destroy cancers in mice with B cell leukemia and lowered B cell levels in monkeys, with effects lasting at least a month.

The shots also seemed to “reset” the body’s immune system. In monkeys, doses of CAR T initially tanked their B cell levels as expected. But these levels eventually rebounded to normal within weeks—with no signs of the new cells turning cancerous.

Compared to clinical studies that used CAR T cells manufactured in labs, these results “should be sufficient to bring about substantial therapeutic benefits,” wrote Peche and Gottschalk.

Not Throwing Away My Shot

The study is the latest to engineer CAR T cells inside the body. But there are caveats.

Compared to directly tinkering with T cell DNA, mRNA is theoretically safer as it doesn’t change the cell’s genetic blueprint. But the method requires functional T cells with the metabolic capability to integrate the added molecular instructions—which isn’t always possible in certain types of cancer or other diseases because the cells break down.

However, the system has promise for a myriad of other diseases. Because mRNA doesn’t last long inside the body, it could lower the risk of side effects while still having long-term impact. And because of the B cell “reset,” it’s possible for the immune system to rebuild itself and once again fight off pathogens.

The team is planning a Phase 1 clinical trial to test the therapy. A similar method could also be used to strengthen other immune cell types or ferry other kinds of therapeutic mRNA into the body. It’s “engineering immunotherapy from within,” wrote Peche and Gottschalk.

The post Cancer-Killing Immune Cells Can Now Be Engineered in the Body—With a Vaccine-Like Shot of mRNA appeared first on SingularityHub.

Výroba vodíku je závislá na velmi vzácném a drahém iridiu • Japonští vědci použili levný oxid manganičitý k aktivaci atomů iridia • Tento přístup snižuje potřebné množství vzácného iridia o více než 95 %

The U.S. House of Representatives has banned the installation and use of WhatsApp on government-issued devices belonging to congressional staff, citing concerns over how the app encrypts and secures data. [...]

Společnost Bosch eBike Systems před největším cyklistickým veletrhem Eurobike představila produktové novinky na rok 2026 a je jich opravdu hodně. Začněme tím nejdůležitějším, motory. Nové motory Motorů přibývá. Zrekapituluji celé portfolio, v první části je řadím je od levných s nižšími ...

Linux admins who value privacy directly baked into their operating system should undoubtedly give Securonis a hard look. It's not a name that's been bouncing around forums for years '' not yet, anyway '' but for anyone managing secure environments, evaluating anonymity-focused setups, or tracking developments in privacy-first operating systems , Securonis is a compelling contender.

IBM recently announced that it was donating its CBOM toolset to the Post-Quantum Cryptography Alliance (PQCA) under the Linux Foundation. If you're a Linux admin or seasoned infosec professional, this announcement should catch your attention''not just as another open-source contribution, but as a serious move toward improving cryptography management in increasingly complex environments.

Russian judge lets off accused with time served – but others who refused to plead guilty face years in penal colony

Four convicted members of the once-supreme ransomware operation REvil are leaving captivity after completing most of their five-year sentences.…

Grafické karty Radeon RX 9070 XT 16 GB se prodávají ve velkém a využívají vyšších cen konkurenčních GeForce. Jde o nejlepší volbu okolo 20 000 Kč?

Byla vydána (Mastodon, 𝕏) vývojová verze 3.1.2 příští stabilní verze 3.2 svobodné aplikace pro úpravu a vytváření rastrové grafiky GIMP (GNU Image Manipulation Program). Přehled novinek v oznámení o vydání.