Agregátor RSS

U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer Olympics and compromising a French commercial dynamic display provider to show messages denouncing Israel's participation in the sporting event. The activity has been pinned on an entity that's known as Emennet Pasargad, which the agencies said has been operating Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Download the November 2024 issue of the Enterprise Spotlight from the editors of CIO, Computerworld, CSO, InfoWorld, and Network World.

Download the November 2024 issue of the Enterprise Spotlight from the editors of CIO, Computerworld, CSO, InfoWorld, and Network World.

AMD včera oznámilo nový desktopový procesor Ryzen 7 9800X3D . Je to první čip s jádry Zen 5 a vrstvenou 3D pamětí, která v předchozích dvou generacích ukazovala, jak významně pomáchá v aplikacích a hrách, které brzdí paměťový subsystém, zejména vyšší latence. Zvláštní 64MB cache umístěná na ...

Microsoft has delayed the rollout of its Windows Recall feature. The controversial feature — which takes regular screenshots of a user’s desktop screen — is now slated to launch in preview in December

Microsoft unveiled Recall in May, and initially intended to release it to Windows Insiders in June. Those plans were put on hold as Microsoft addressed data security and privacy concerns raised by experts about  Recall, with a new release date set for October. 

Microsoft said it had again postponed Recall’s release as it continues working on the feature. 

“We are committed to delivering a secure and trusted experience with Recall,” Brandon LeBlanc, senior product manager of Windows, said in a statement. “To ensure we deliver on these important updates, we’re taking additional time to refine the experience before previewing it with Windows Insiders. 

“Originally planned for October, Recall will now be available for preview with Windows Insiders on Copilot Plus PCs by December.”

Pitched as an “explorable timeline of your PC’s past,” Recall has drew criticism from security and privacy experts, with some likening the feature to keylogging software.  When enabled, Recall will record all user actions  Copilot+ PCs, taking “snapshots” of the screen at five-second intervals. Users can then search a timeline of everything they’ve interacted with on their device, whether that’s an application, website, document, image, or anything else. 

Microsoft outlined plans to enhance security and privacy plans to enhance security and privacy measures in September. For instance, Recall is now opt-in, so Copilot+ PC users must turn the feature on or it won’t be record their screen. Biometric authentication is also required via Windows Hello each time a user wants to use Recall, and content filtering to prevent recording of sensitive data such as credit card details is turned on by default.

**Domácnosti si budou moct poprvé zaplatit za podporu Windows **Placená podpora Windows 10 je vyjde na 30 dolarů **Potrvá rok a zprostředkuje jen bezpečnostní opravy

**Domácnosti si budou moct poprvé zaplatit za podporu Windows **Placená podpora Windows 10 je vyjde na 30 dolarů **Potrvá rok a zprostředkuje jen bezpečnostní opravy

Už vás unavuje sedět za pirátskými „Windows, nebo se dívat na otravné připomínky k aktivaci? Dobře, máme pro vás dobrou zprávu – právě teď, při oslavě nadcházenícího Black Friday, se prodávají klíče k Windows 10 a and Windows 11 s obrovskými slevami. Dále máme zvláštní promokód, který udělá ceny ještě lákavějšími.

Local authority websites downed in response to renewed support for Ukraine

Multiple UK councils had their websites either knocked offline or were inaccessible to residents this week after pro-Russia cyber nuisances added them to a daily target list.…

V současné době probíhá klíčové řízení týkající se výstavby nových bloků v jaderné elektrárně Dukovany, což je pro českou energetiku velmi zásadní projekt. Stavební zakázku v hodnotě stovek miliard korun získala korejská firma KHNP, ale celý proces se nyní zkomplikoval, když Úřad pro ochranu ...

Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE, is estimated to have collected over 10,000 private repositories and stored in an Amazon S3 storage bucket belonging to a prior victim. The bucket,

Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE, is estimated to have collected over 10,000 private repositories and stored in an Amazon S3 storage bucket belonging to a prior victim. The bucket, Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk possibilities are endless. Critical organizational assets and data are at risk from malicious actors, data breaches, and insider threats, which pose many challenges for security teams. Misconfigurations are silent killers, leading to major

With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk possibilities are endless. Critical organizational assets and data are at risk from malicious actors, data breaches, and insider threats, which pose many challenges for security teams. Misconfigurations are silent killers, leading to major The Hacker Newshttp://www.blogger.com/profile/[email protected]

Developers are already using multiple large language model (LLM) and other generative AI-based tools in the creation of automation tools. And soon, the tools will be able to use each other.

A new development in AI “swarms” serves as a wake up call for everyone involved in cybersecurity, automation and, in fact, IT generally: OpenAI’s Swarm. 

What is OpenAI Swarm?

OpenAI launched an experimental framework last month called Swarm. It’s a “lightweight” system for the development of agentic AI swarms, which are networks of autonomous AI agents able to work together to handle complex tasks without human intervention, according to OpenAI. 

(I wrote about agentic AI, but not swarming agents, in July.)

Swarm is not a product. It’s an experimental tool for coordinating or orchestrating networks of AI agents. The framework is open-source under the MIT license (which allows Python developers to use, modify, and distribute the software with minimal restrictions), and available on GitHub.

   

In the GitHub readme section, OpenAI says: 

“Swarm is currently an experimental sample framework intended to explore ergonomic interfaces for multi-agent systems. It is not intended to be used in production, and therefore has no official support. (This also means we will not be reviewing PRs or issues!)

The primary goal of Swarm is to showcase the handoff & routines patterns explored in the Orchestrating Agents: Handoffs & Routines cookbook. It is not meant as a standalone library and is primarily for educational purposes.”

Swarm is not totally unique. Other existing systems can be used for the orchestration of multiple agents, which approaches the functioning of agentic AI swarms. Though not explicitly designed for swarming, they can be used for making AI agents interact with each other to varying degrees. These include: Microsoft AutoGen, CrewAI, LangChain, LangGraph, MetaGPT, AutoGPT, and Haystack.

While Swarm might be designed for simplicity and relative ease of use, all these other tools are more robust, reliable, supported and ready for prime-time.  

OpenAI apparently launched Swarm to explore methods for improving agent collaboration through “routines” and “handoffs.” In this case, “routines” are predefined sets of instructions that guide agents through tasks or workflows. They serve as recipes for agents to follow, which adds control and predictability to multi-agent systems. “Handoffs” enable one agent to delegate a job to another based on the current context. For example, if the agent requires something specific that can be better handled by an agent specializing in that task, it can delegate it. That “handoff” provides the history of the task to the new agent, so it has context under which to proceed. 

One characteristic of Swarm is that it’s stateless, so agents don’t remember anything from previous interactions. That simplifying element also limits the tool to simpler tasks. (Developers can, however, build solutions that do enable memory between agent interactions.)

While Swarm isn’t intended for actual production (and OpenAI won’t maintain it going forward), the fact that it’s dabbling in the concept is one indication that agent swarms could eventually become commonplace.

It also points to a trend in which agent swarm technology becomes increasingly usable and, for lack of a better term, democratized.

The right tool for the job?

One way to look at agentic AI swarming technology is that it’s the next powerful phase in the evolution of generative AI (genAI). In fact, Swarm is built on OpenAI’s Chat Completions API, which uses LLMs like GPT-4. 

The API is designed to facilitate interactive “conversations” with AI models. It allows developers to create chatbots, interactive agents, and other applications that can engage in natural language conversations.

Today, developers are creating what you might call one-off AI tools that do one specific task. Agentic AI would enable developers to create a large number of such tools that specialize in different specific tasks, and then enable each tool to dragoon any others into service if the agent decides the task would be better handled by the other kind of tool. These tool types could include: 

• 1. RAG (Retrieval-Augmented Generation): Enhancing text generation with relevant retrieved information. Basically, these agents would be tasked to “Google it” and return to the task at hand with that found information. 
• 2. NL2SQL: Converting natural language queries into SQL commands.
• 3. Text Generation: Creating various forms of written content.
• 4. Code Generation: Producing code based on natural language descriptions.
• 5. Data Analysis: Processing and interpreting large datasets.
• 6. Image Generation: Creating images from text prompts.
• 7. Speech Synthesis: Converting text to spoken audio.
• 8. Language Translation: Translating between different languages.
• 9. Summarization: Condensing long-form content into concise summaries.
• 10. Dialogue Management: Handling multi-turn conversations in chatbots.

Instead of the user making choices, opening new tools and essentially serving as the guide and glue for complex AI-based tasks, the agents would do all this autonomously. 

Easy-to-use swarms of AI agents — what could go wrong? 

It’s clear that agentic AI swarms could seriously boost enterprise productivity, offloading chores from people, enabling them to focus on higher-level responsibilities.

The risks are also clear. Take security, for example. 

At present, as far as we know, no nation-state or state-sponsored hackers are using agentic AI swarms. But that day is surely coming.

Hostile nation states are using LLMs in general, and even ChatGPT in particular, for malicious rreconnaissance and research, scripting and coding, social-engineering and phishing content, language translation, and detection evasion.

At present, people working for these nation states are doing individual hacking, and using LLMs as part of their knowledge toolset, manually prompt-engineering chatbots, then using the returned results in their breach attempts.

In an agentic AI swarm future, state-sponsored hackers will be able to create individual specialist AI agents to do each of these tasks, and enable the agents to call into play the other agents as needed. By removing the “bottleneck” of a human operator, malicious hacking can take place on a massive scale at blistering speed.

It’s reasonable to assume at this early stage that the most effective defense against agentic AI swarm attacks will be agentic AI swarm defenses. 

Another area of concern is the risk of overcomplexity. Agentic AI, including agentic AI swarming technology, operates autonomously to pursue goals. It can be “creative,” or, more accurately, unpredictable in how it achieves goals given to it by the developers who create it and the users who deploy it. Because it’s autonomous, people might not know what it’s doing or how it’s doing it. And it’s possible to lose track of what agent swarms are doing, or even that they’re still operating. 

Individual employees might automate their own work using agentic AI swarms they monitor close — agents that could continue running after the workers leaves the company (or gets hit by a bus). 

Pessimistic (or realistic) prognosticators fear agentic AI swarms might even accelerate job losses because they’ll be so capable of operating like people do.

As with other new, powerful developments in AI technology, agentic AI swarms are packed with promise and peril. 

What’s important to know about OpenAI’s Swarm is that it represents a move to simplify and democratize swarming agents. That probably means near-future exponential growth in the number of swarming agents in operation, and a rise in the expectation that tech pros will be using agentic AI agents for all manner of automation. 

The agents are coming. I recommend you learn all about them before they get here. 

Even with the US economy doing well by most measures, technology job seekers often find it difficult to get hired. It’s a conundrum.

The technology sector unemployment rate remains at near historic lows (from 2.5% to 3.8%, depending on the data source), but corporate layoffs have continued in earnest and some traditional IT skills are often no longer in demand. Online hiring platform Indeed recently found that tech jobs including software development remain 30% below 2020 levels, and that 79% tech workers feel pressure to upskill because of the rise of generative AI.

Those kinds of changes have prompted more workers to cast about for new jobs; this year, 34% of survey respondents said they are actively looking for work, up 11% from 2023. (The same percentage said they’re worried about layoffs in the next year, and four in 10 said if their company makes job cuts, they expect to be affected.)

Job data over the past two years have been a mixed bag of good times and bad; 260,000 tech workers were laid off in 2023, with another 142,000 getting pink slips so far this year, according to Layoffs.fyi. At the same time, US unemployment data released last month showed unexpected growth overall for tech job listings and hiring, along with a marked shift in the kind of workers organizations need — AI talent is no longer at the top of the list.

So what’s going on?

“While the labor market overall is performing well and unemployment is low, some sectors are doing much better than others,” said Allison Shrivastava, an economic research associate at Indeed’s Hiring Lab.

IT and tech-related sectors expanded during the post-pandemic boom, with job postings in software development reaching well above pre-pandemic levels, according to Shrivastava. Some of the decline in hiring now could be a correction to that rapid expansion.

“These sectors are also pretty costly to hire in, both in terms of time and money, so employers could be more cautious in expanding their employee base, favoring a wait-and-see approach while the labor market settles,” she said.

Janco Associates

ZipRecruiter’s latest Job Seeker Confidence Index has dropped to its lowest level since the index began in early 2022, with job seekers’ confidence in the labor market and their own financial wellbeing down sharply. Fully 41% of job hunters said it’s now much harder to find a job and slightly more, 43%, said their search is going poorly, ZipRecruiter found. Only 13% described their job hunt as going well.

Fewer opportunities for some, more for others

More than half of job seekers (53%) said there are fewer opportunities than just six months ago, and 34% have had to expand their search outside their usual field, ZipRecruiter said. Part of those frustrations could be because the mix of companies that are hiring has changed.

Industry observers say smaller organizations have been scooping up talent left in the wake of more than two-years’ worth of layoffs by bigger corporations. That could explain why the number of unemployed IT professionals in the US dropped last month from 148,000 to 98,000, according to IT industry consultancy Janco Associates, which drew its findings from a US Bureau of Labor Statistics (BLS) data for Septermber.)

Highest in demand technology platform skills and % change in demand year over year (Aug 2023 vs Aug 2024)

Indeed

By Janco’s tally, more than 78,000 IT pros were hired in September, cutting into unemployment. “IT pros who were unemployed last month found jobs more quickly than was anticipated, as CIOs rushed to fill open positions,” said Janco CEO Victor Janulaitis. “Our analysis predicts the same will be the case for the next several months.”

Janco pegged the September unemployment rate for IT workers at 3.8%, down from 6% in August and now below the overall national unemployment rate of 4.1%.

“The moving average of the number of unfilled jobs for IT professionals peaked in January, and has steadily declined to 45,000 in September,” Janulaitis said. “Most of those positions are for new technologies. IT pros having a legacy application focus are finding few opportunities.”

How to get hired

Of the tech workers open to new opportunities, nearly 80% say they would consider relocation, a 10% increase from 2023. Tech talent is also taking control of their hiring journey, with 61% in 2024 finding roles on their own compared to 55% who did so in 2023. This indicates a shift away from reliance on recruiters and personal networks, according to Indeed.

Linsey Fagan, a senior talent strategy advisor at Indeed, noted that the tech job market is currently seeing decreased job volume and an influx of talent, making it a unique challenge for job seekers to find suitable roles.

But there are a few key steps job seekers can take to improve their chances of success, according to Fagan — beginning with upskilling.

Indeed

“Technologies like Rust, Go, Google Cloud Platform, Terraform, and AWS are experiencing a surge in demand, but have relatively few job seekers compared to open roles,” Fagan said. “Learning these skills can give candidates a significant advantage in securing roles in this dynamic landscape.”

According to Indeed, the fastest-growing areas in tech at the moment are software development, generative AI, and cybersecurity, where despite high demand, there remains a shortage of experts.

Freelance employment platform Upwork found similar trends in a recently released study of freelance worker earnings for all of 2023; it found “unprecedented” growth in importance for genAI and data science and analytics skills.

Indeed

The genAI factor

In the US and Europe, as many as 300 million jobs could be threatened by some form of AI over the next few years, according to a March research note by investment bank Goldman Sachs. Fully two-thirds of US jobs could be partially automated through AI, and up to one in four current work tasks could be completely automated by AI, Goldman Sachs said.

Indeed

In particular, roles that require repetitive data entry, legal administration, careers involving math skills — even healthcare jobs — will all be impacted by AI’s adoption. Amid that backdrop, job seekers should ask a potential employer if they offer upskilling opportunities, as 89% of tech professionals use company-provided training opportunities to keep their skills up to date, according to Fagan.

“…With genAI gaining momentum, tech professionals feel pressure to upskill,” she said. “Most employers offer tuition reimbursement or upskilling opportunities, so it would be a missed opportunity not to take advantage. Additionally, adapting and integrating AI into workflows is becoming essential. By staying open to upskilling, particularly in high-demand areas and in AI integration, and considering flexibility in work location, tech job seekers can better navigate today’s tech job market.”

Tech professionals with five to 10 years of experience are more likely to apply for internal roles rather than outside their current company, underlining the need for companies to invest in upskilling. Sixty-six percent of employees say they are likely to remain at a company with mentorship programs, according to Indeed’s survey.

While work flexibility remains a top priority for many job seekers, it’s important for tech job seekers to be open-minded about hybrid or on-site work if they are looking to find a job quickly. “Our research found that professionals who work on-site about four days per week tend to want to stay with their employers, likely due to the collaboration and sense of community fostered by in-person interactions,” Fagan said.

Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called Quad7 to orchestrate highly evasive password spray attacks. The tech giant has given the botnet the name CovertNetwork-1658, stating the password spray operations are used to steal credentials from multiple Microsoft customers. "Active since at least 2021, Storm-0940 obtains initial access

Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called Quad7 to orchestrate highly evasive password spray attacks. The tech giant has given the botnet the name CovertNetwork-1658, stating the password spray operations are used to steal credentials from multiple Microsoft customers. "Active since at least 2021, Storm-0940 obtains initial access Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Cupertinská společnost zveřejnila finanční výsledky za poslední čtvrtletí fiskálního roku 2024. V něm dosáhla tržeb ve výši 94,9 miliardy dolarů, to je o 6 % více než loni. Zároveň je to také nejúspěšnější poslední kvartál v historii. Provozní zisk vzrostl o 10 % na 29,6 miliardy dolarů, ale ten ...