Agregátor RSS

The European Commission announced the mobilization of €200 billion (about $207 billion) for the InvestAI plan at the AI Action Summit in Paris on Tuesday, with the aim of enabling “open and collaborative development” of artificial intelligence in Europe. This was announced by Commission President Ursula Von der Leyen, who has also opened a new EU fund of €20 billion for AI gigafactories.

The strategy will thus finance four future AI gigafactories in the European Union (EU), which will specialize in training the largest and most complex models. These facilities will have around 100,000 state-of-the-art chips, approximately four times more than the centers currently under construction.

It is intended that companies of all sizes will have access to this computing power. These will have a focus on complex industrial and “mission critical” applications. Initial funding will come from different schemes, such as the Digital Europe Program and Horizon Europe and InvestEU.

The Commission already announced the first seven AI factories in December and will soon follow with the next five, which will represent the largest public investment in AI in the world and, it hopes, will unlock more than 10 times the amount in private investment.

A European AI Research Council will also be set up. Von der Leyen said, “We want AI to be a positive and growth force. We are doing this through our European approach, based on openness, cooperation and excellent talent. But we still need to leverage it. That’s why this unique public-private partnership, similar to a CERN for AI, will enable all our scientists and companies, not just the biggest ones, to develop the cutting-edge large-scale models needed to make Europe an AI continent.”

Silniční cyklistika je koníček, jako každý jiný – když vás nadchne něco, co vylepší/odlehčí/zrychlí vaše kolo, tak to prostě musíte mít. A Flitedeck ( flite.bike ) útočí na ty movitější (až pohádkově bohaté) z bláznů v přiléhavých dresech. Ale k ceně se dostaneme až na konci článku, teď se pojďme ...

It’s been possible for a while now to modify web pages using popular extensions such as Tampermonkey and Greasemonkey, which can be useful for avoiding annoying ads or tracking attempts.

Now, starting with version 1.75 of the Brave browser, you don’t have to download this kind of add-on — because the feature is already built in. According to Bleeping Computer, the new feature can be used for everything from adding support for keyboard shortcuts to stopping the automatic playback of videos.

Information on how to write your own scripts is available on the Brave website.

Apple’s platforms may be more secure by design than others, but that doesn’t make them invulnerable to attack. That’s why every user should install the company’s latest security patch — it fixes a hole Apple says may already have been in active use.

It is important to note that the attack seems to be one that requires direct, physical access to the target device. But iPhones, Macs, and iPads all seem to be vulnerable. 

Update your devices today

The language used in the company’s description of the patch (CVE-2025-24085) is notably more urgent than usual. Introducing it, Apple states: “A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.”

Adam Boynton, senior security strategy manager at Jamf, has said the flaw could potentially let attackers gain full admin access to a hacked device.

The indictions are that this vulnerability formed part of highly targeted attacks. It is also important to note that Apple has published software patches to protect against this vulnerability for several older Mac operating systems, including macOS Sequoia, Sonoma, and Ventura. Patches for older iPads, Apple Watch and Vision OS devices were also made available.

Was this a state actor?

The description strongly hints the vulnerability may have been actively used in major attacks to sidestep USB-based attacks, enabling unauthorized USB devices to be used to exfiltrate user data. So does the discoverer of the flaw, Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School.

What makes this feel a little worse is that Apple is “aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2.”

While additional information is not provided — Apple likes to limit what it reveals so assailants are kept in the dark as to how it deploys improved protection — it is reasonable to see this as a big red flag reflecting the current threat environment.

Look at recent security scares across multiple platforms and it becomes clear that nation-state attacks are intensifying, that surveillance-as-a-service firms continue to be a near and present threat, and ill-thought-through moves by some governments will eventually make things even more insecure.

No one is secure until everyone is secure

Take the power-crazed authoritarianism of the recent UK government move to demand Apple open up the iCloud data of billions to surveillance by UK authorities. Other than the color of the national flag, there is no difference between the potential abuse of the back door the UK now demands from Apple and the US-mandated door recently exploited by allegedly Chinese terrorists. As almost every security expert universally agrees, there is no such thing as a safe back door. The keys will proliferate, the cost of mounting attacks shrink, and eventually there is no security left at all.

That’s what seems to be important about Apple’s latest update; it seems designed to put a stop to at least one attack vector that could be exploited by sophisticated attackers. That’s why the company referred to “an extremely sophisticated attack against specific targeted individuals.” 

The threat against individuals also deserves to be contextualized. Nation-state attackers are increasingly targeting operational infrastructure (OT) and in those exploits individual security becomes a link in complex, planned excursions to penetrate trusted, vital systems. That’s everything from road transport management to smart factories. An individual might not be the final target, but their security — or lack of it — is a link in a chain of attacks to undermine OT security.

In other words, by making individuals less safe, weak security makes everything else less safe, including nations, economies, manufacturing, transit systems and more.

Protecting those assets is in every nation’s interest, which is why Apple has pushed out this patch, why you should install it, and why any nation plotting to weaken security for any reason should think more than twice before doing so. There is no such thing as a safe back door — and no one using confidential data should ever use a public USB charging system, just in case there’s a monster within.

In the meantime, install Apple security updates as they appear. Just because you don’t happen to be a high-value target doesn’t mean you have not been identified as part of a potential route to attack one. 

You can follow me on social media! Join me on BlueSky,  LinkedIn, Mastodon, and MeWe. 

[RateBox: {"rate":"8.8","plus":"Široká paleta sportovních funkcí;Krásný OLED displej ;Praktická svítilna;Nízká hmotnost;Odolnost;Výdrž baterie","minus":"Chybí bezdrátové nabíjení;Chybí mapy;Plastová spona na řemínku"}] Hodinky prodává a do testu zapůjčil Garmin Brno ( www.garmin-brno.cz ). ...

The Sandworm Russian military cyber-espionage group is targeting Windows users in Ukraine with trojanized Microsoft Key Management Service (KMS) activators and fake Windows updates. [...]

Said to have asked search engine 'What are some signs that the FBI is after you?'

An Alabama man is pleading guilty after being charged with SIM swapping the Securities and Exchange Commission's (SEC) X account in January last year.…

** Tzv. „zero-click" zranitelnosti mobilů patří mezi nejproblematičtější ** Řadu z nich vyřadí z provozu pouhý restart telefonu, třeba každý den ** Mimo včasných updatů je to to nejmenší, co lze pro bezpečnost telefonu udělat

** Tzv. „zero-click" zranitelnosti mobilů patří mezi nejproblematičtější ** Řadu z nich vyřadí z provozu pouhý restart telefonu, třeba každý den ** Mimo včasných updatů je to to nejmenší, co lze pro bezpečnost telefonu udělat

Security researchers at Bishop Fox have published complete exploitation details for the CVE-2024-53704 vulnerability that allows bypassing the authentication mechanism in certain versions of the SonicOS SSLVPN application. [...]

Security researchers at Bishop Fox have published complete exploitation details for the CVE-2024-53704 vulnerability that allows bypassing the authentication mechanism in certain versions of the SonicOS SSLVPN application. [...]

BundleHunt se zaměřuje na slevové akce aplikací pro macOS. Tento týden si můžete poskládat balíček s velmi dobrými BusyCal a BusyContacts, které standardně stojí po 50 dolarech, ale tady je můžete mít za 7 dolarů. Na 3 dolary tam zlevnila i povedená utilitka Mission Control Plus, která zlepšuje ...

The U.S. Justice Department announced the names of two Phobos ransomware affiliates arrested yesterday in Thailand, charging them on 11 counts due to their involvement in more than a thousand cyberattacks. [...]

Google has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content. "Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam protections, while preserving user privacy and keeping users in control of their data," a spokesperson for

Google has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content. "Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam protections, while preserving user privacy and keeping users in control of their data," a spokesperson for Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Americký startup Boom Supersonic chce postavit nadzvukové dopravní letadlo až pro osmdesát cestujících a na konci ledna prokázal, že nápad nezůstane pouze na papíře. Jedenadvacetimetrový demonstrátor v podobě stíhačky pro jednu osobu totiž poprvé překonal rychlost 1 Mach. Zakladatel společnosti ...

​The United States, Australia, and the United Kingdom have sanctioned Zservers, a Russia-based bulletproof hosting (BPH) services provider, for supplying essential attack infrastructure for the LockBit ransomware gang. [...]

Evropská unie hodlá iniciovat investice do rozvoje umělé inteligence v hodnotě 200 miliard eur, v přepočtu zhruba pět bilionů korun. V projevu na summitu o umělé inteligenci v Paříži to v úterý řekla předsedkyně Evropské komise Ursula von der Leyenová. Umělá inteligence podle ní může přispět mimo jiné ke zvýšení konkurenceschopnosti.