Agregátor RSS

WhatsApp plíživě zaplňuje paměť ve smartphonech. Ukážeme, jak ukládání záloh omezit a uvolnit si místo

Živě.cz - 11 Leden, 2025 - 08:44
** WhatsApp defaultně ukládá sdílené fotky do vaší Galerie ** Paměť zaplňují i automaticky stahované soubory ** Poradíme jak stahování omezit, a jak případně uvolnit paměť
Kategorie: IT News

DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering

The Hacker News - 11 Leden, 2025 - 07:45
The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io. Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the Netherlands' Financial Intelligence and Investigative Service, Finland's National Bureau ofRavie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Před dvanácti lety navždy odešel Aaron Swartz

AbcLinuxu [zprávičky] - 11 Leden, 2025 - 05:00
Před dvanácti lety, ve svých šestadvaceti letech, navždy odešel Aaron Swartz, výjimečný americký hacker (programátor), spisovatel, archivář, politický organizátor a internetový aktivista. Aaron Swartz založil Demand Progress, spolupracoval na projektech Open Library, Internet Archive a Reddit. Ve svých čtrnácti se podílel na specifikaci RSS 1.0. Vytvořil webový framework web.py, pracoval na tor2web a rozšíření HTTPS Everywhere pro Chrome. Stál u zrodu licence Creative Commons. Aaronovi Swartzovi hrozilo 35 let vězení a pokuta milion dolarů za hromadné stahování vědeckých článků z webu JSTOR. Dle přátel i vlastních výpovědí několik posledních let trpěl depresemi. V pátek 11. ledna 2013 ukončil svůj život oběšením.
Kategorie: GNU/Linux & BSD

Matt Mullenweg: WordPress developer hours cutback may or may not slow innovation

Computerworld.com [Hacking News] - 11 Leden, 2025 - 03:23

Automattic CEO Matt Mullenweg said his decision to reduce his team’s weekly hours working on WordPress by 99% , from 4,000 hours to 45 hours, was designed to pressure WP Engine to drop its lawsuit against Mullenweg and Automattic

“They don’t actually make WordPress. They just resell it,” Mullenweg told Computerworld Friday evening. “If what they are reselling is no longer getting all of the free updates, they have less stuff to sell.” 

“It doesn’t make sense for Automattic to pay people to work on all of these things,” he said. “We are under attack and we are circling the wagons. Our number one goal is for WP Engine to drop their expensive lawsuits against me and Automattic.”

WP Engine was asked for comment, but did not respond.

Asked whether the move would also hurt users of WordPress, Mullenweg said that he didn’t think it would. 

“WordPress is great software. It doesn’t change anything that WordPress already does,” Mullenweg said. “How does this affect the timeline? For new stuff, it might slow it down, it might not. It depends on who shows up and commits code. In terms of new functionality, the scope will be smaller.”

He added, “I love WordPress and will continue to put in hours, nights, and weekends to help however possible.”

Mullenweg also stressed that the 45 hours his team will continue to work on WordPress will make sure that security updates/patches are maintained. 

“Security is never going to be an issue. We will always maintain security,” he said. “No one would ever stop a security update.”

Automattic controls WordPress.com, while the project site, WordPress.org, is controlled solely by Mullenweg.

The cutback in hours had been considered last month when Automattic announced a holiday shutdown of some WordPress services and Mullenweg later said that the shutdown might last all of 2025. Instead, Automattic management opted to implement this severe development hours cutback.

On Thursday, Automattic announced, “we’ve observed an imbalance in how contributions to WordPress are distributed across the ecosystem, and it’s time to address this. Additionally, we’re having to spend significant time and money to defend ourselves against the legal attacks started by WP Engine and funded by Silver Lake, a large private equity firm.”

“Automatticians who contributed to core will instead focus on for-profit projects within Automattic, such as WordPress.com, Pressable, WPVIP, Jetpack, and WooCommerce,” the statement said. “As part of this reset, Automattic will match its volunteering pledge to those made by WP Engine and other players in the ecosystem, or about 45 hours a week that qualify under the Five For the Future program as benefitting the entire community and not just a single company. These hours will likely go towards security and critical updates.”

The implication is that the labor reallocations would be reversed were WP Engine to drop its lawsuit. Mullenweg said recent changes that WP Engine has made has altered his demands. He is no longer asking for money, for example.

His original demand had been for payment; in late October, Mullenweg said WP Engine “could have avoided all of this for $32 million. This should have been very easy,” and he then accused WP Engine of having engaged in “18 months of gaslighting” and said, “that’s why I got so crazy.” 

But on Friday, Mullenweg said he is no longer seeking money because WP Engine made extensive changes to its web site and is no longer violating Automattic’s rights to the trademarks, which was apparently what the payment was for.

“They have stopped violating the trademark. They have cleaned up,” Mullenweg said. “To use someone else’s trademark, you typically license it. For more than 18 months, we were trying to do a deal there. They obviously never did one. I realized that they were just stringing me along.”

Analysts and members of the WordPress user community, who made their comments to Computerworld prior to Mullenweg’s interview, were mixed. Some said they were worried that these latest WordPress changes might exacerbate enterprise IT worries about sticking with WordPress.

“This is a massive number of hours that they are planning on cutting back. The community is not likely to make up those hours. They are going to direct their resources to a legal battle and the platform will not be stable,” said Melody Brue, VP/principal analyst at Moor Insights & Strategy. “Users have to plan for the likelihood that they cannot take up the slack. WordPress users are already panicking. They can’t trust him now. They will turn off automatic [WordPress] updates.”

Brue said that Mullenweg’s tactics have yet to work. 

“This has become a spiteful game that he is playing. Part of his whole game is that he makes these big tantrums and threats to get attention,” Brue said. “So far, that hasn’t worked.”

Michelle Rosen, an IDC research manager, said that she was not sure whether this move would ultimately hurt WordPress.

“Automattic has been the largest contributor to WordPress by far, so this decision has to hurt the project’s ability to evolve and improve,” Rosen said. “That said, WordPress has been around for a long time and many users rely on it only as the core of their CMS solution, with other components built on top. In this context, the impact may be lower, especially if Automattic continues to handle security issues.”

Users’ reactions were also mixed.

Jack Prenter, the CEO at WordPress site Dollarwise, said he was somewhat concerned. 

“There is a general loss of confidence. I don’t know if there’s a lot you can do. That’s why the situation is so painful,” Prenter said. “There is such a large ecosystem built around it that people are not going to let it fall apart. It can technically continue to function, but you can cancel all of the future roadmap. Nothing new is going to happen.”

Another WordPress user, Ben May, managing director of The Code Co in Australia, is less concerned. “I suspect this latest statement is ratcheting up the WPE campaign, I guess in an effort to change the hearts and minds of people sympathetic to WPE. I don’t see it as an existential threat to WordPress and am not losing any sleep over it for the time being,” May said. “From what I’ve seen online already, the community is big enough and willing enough to step in and fill in the gaps that would be left with the reduced contributions.”

Kategorie: Hacking & Security

Bezdokladová dobírka. Tak trochu tajná služba České pošty

Lupa.cz - články - 11 Leden, 2025 - 00:00
Česká pošta je instituce, která málokoho nechává chladným. Vznikají o ní písničky, vtipy, je to instituce, která dokáže jitřit emoce. A někdy i pobavit.
Kategorie: IT News

Trendy teplot ČR a Klementina 1961- 2024

OSEL.cz - 11 Leden, 2025 - 00:00
Globální oteplování až na věčné časy, pokud to nezachrání jaderná energetika.
Kategorie: Věda a technika

Jaderná energetika v roce 2024 – klíčový rok pro Česko

OSEL.cz - 11 Leden, 2025 - 00:00
V letošním roce proběhla v České republice klíčová rozhodnutí o dalším rozvoji jaderné energetiky. Japonsko se rozhodlo pro návrat k intenzivnímu rozvoji v této oblasti. V Číně se rozvoj jaderných zdrojů stále zrychluje. I v Evropě se renesance v jádře probouzí, a dokonce i němečtí politici začínají měnit názor. Blíží se nasazení malých modulárních reaktorů.
Kategorie: Věda a technika

Fyzici spočítali možnou existenci paračástic, doposud považovanou za nemožnou

OSEL.cz - 11 Leden, 2025 - 00:00
Kvantová mechanika zná v podstatě jenom bosony a fermiony. Ve dvourozměrných systémech mohou existovat exotické kvazičástice anyony. Dvojice fyziků Rice University kouzlila s algebrou a dospěla k tomu, že mohou existovat i paračástice, které nebyly vnímány jako reálně možné. Dokonce prý není vyloučeno, že existují elementární paračástice.
Kategorie: Věda a technika

Chinese cyber-spies peek over shoulder of officials probing real-estate deals near American military bases

The Register - Anti-Virus - 10 Leden, 2025 - 22:45
Gee, wonder why Beijing is so keen on the – checks notes – Committee on Foreign Investment in the US

Chinese cyber-spies who broke into the US Treasury Department also stole documents from officials investigating real-estate sales near American military bases, it's reported.…

Kategorie: Viry a Červi

Tech unemployment in the US drops to lowest level in more than two years

Computerworld.com [Hacking News] - 10 Leden, 2025 - 20:46

Tech hiring rose in December, dropping the IT unemployment rate to 2% — its lowest since November 2023, according to an analysis of the latest jobs data published today by the US Bureau of Labor statistics (BLS). The overall national unemployment rate held steady at 4.1%, according to the BLS.

The tech sector added a net 7,000 jobs, bringing the total core tech workforce to nearly 6.5 million, according to CompTIA, a nonprofit association for the IT industry and workforce. The group found that the unemployment rate last month among tech professionals fell a full half a percent from November.

CompTIA

And as 2025 gets under wa, IT employment and hiring appears to be on a positive track, according to staffing agencies. According to ManpowerGroup, the net employment outlook for Q1 2025 is 2% higher than it was for the same period last year — 37% this year compared to 35% in early 2024.

ManpowerGroup recently published its Q1 2025 report on hiring, which claimed hiring in IT fields will beat all other professions in the US. Still, the firm also predicted employers will pull back on hiring in the months ahead because of “economic uncertainty.”

ManpowerGroup

“As we move into 2025, we’re seeing stable year-over-year hiring trends, with employers holding onto the talent they have and planning muted hiring for the quarter ahead,” said Jonas Prising, ManpowerGroup chair and CEO.

Overall, studies by ManpowerGroup, online hiring platform Indeed, and Deloitte Consulting showed that IT hiring will increasingly be based on finding workers with flexible skills that can meet changing demands.

In fact, employment within the tech sector encompassing all types of workers declined by 6,117 jobs in December, according to CompTIA’s data. Positions in PC, semiconductor and components manufacturing accounted for the bulk of those cuts.

The tech sector employs nearly 5.6 million people, which translates to a percentage decline of 1%.

ManpowerGroup

“Employers know a skilled and adaptable workforce is key to navigating transformation, and many are prioritizing hiring and retaining people with in-demand flexible skills that can flex to where demand sits,” Prising said.

Ger Doyle, ManpowerGroup’s US country manager, said the December BLS jobs report delivered “a strong finish to 2024 and is a promising sign of what’s to come in the new year. However, the labor market may still face challenges until inflation is under more control, which is necessary to prevent slower hiring, layoffs, and reduced job growth. Our real-time data shows that open positions have decreased by 8% month-over-month, but increased by 3% year-over-year.”

Overall, job postings have remained steady since November, up 13% year-over-year, reflecting growing demand in digital services, healthcare, and convenience retail, according to ManpowerGroup’s data.

The temp job market was also a bright spot, with open job postings reaching their highest levels since September 2023 and new job postings at their peak since March 2022, according to Doyle. “This surge is driven by an increased demand for IT roles as organizations turn to project work to develop artificial intelligence and machine learning,” Doyle said.

Kye Mitchell, head of Experis North America — a ManpowerGroup tech recruiting business — said demand increased among tech employers in December, particularly related to the “gig economy.” Uber led the surge in such jobs with a remarkable 4,150% increase in job postings, while Outlier Inc., a platform that connects experts to advance generative AI, saw a 342% rise in demand.

“This trend was also evident in the temp job market, where the demand for computer and information research scientists skyrocketed by 2,000% as organizations focused on developing artificial intelligence and machine learning, increasingly relying on temp workers,” Mitchell said.

In December, there were 434,415 active tech job postings, including 165,189 newly added (both down from November). Roles in software development, IT project management, cybersecurity, data science, and tech support saw the most activity, according to CompTIA.

Top hiring companies included Amazon, Accenture, Deloitte, PwC, GovCIO, Robert Half, Lumen Technologies, and Insight Global. Job postings spanned all career levels: 22% required 0-3 years of experience, 28% wanted 4-7 years, and 16% sought 8+ years, CompTIA’s data showed.

Notably, 45% of postings across tech roles didn’t require a four-year degree, according to CompTIA. Network support specialists (85%), tech support specialists (72%), and computer programmers (54%) had the highest percentages of degree-optional roles.

For more historical data, here’s a rundown of tech unemployment data dating back to mid-2020.

Kategorie: Hacking & Security

Telefónica confirms internal ticketing system breach after data leak

Bleeping Computer - 10 Leden, 2025 - 20:15
Spanish telecommunications company Telefónica confirms an internal ticketing system was breached after stolen data was leaked on a hacking forum. [...]
Kategorie: Hacking & Security

New Web3 attack exploits transaction simulations to steal crypto

Bleeping Computer - 10 Leden, 2025 - 19:12
Threat actors are employing a new tactic called "transaction simulation spoofing" to steal crypto, with one attack successfully stealing 143.45 Ethereum, worth approximately $460,000. [...]
Kategorie: Hacking & Security

US charges operators of cryptomixers linked to ransomware gangs

Bleeping Computer - 10 Leden, 2025 - 18:59
The U.S. Department of Justice indicted three operators of sanctioned Blender.io and Sinbad.io crypto mixer services used by ransomware gangs and North Korean hackers to launder ransoms and stolen cryptocurrency. [...]
Kategorie: Hacking & Security

4 in 10 companies plan to replace employees with AI, WEF says

Computerworld.com [Hacking News] - 10 Leden, 2025 - 18:48

Forty-one percent of companies intend to cut their workforce in the next five years as many tasks are automated with AI, according to the World Economic Forum (WEF) Future of Jobs Report 2025.

At the same time, 70% of companies say they expect to hire people with knowledge of the new AI tools, reports CNN Business.

The WEF sees advances in AI and renewable energy as reshaping the labor market, driving demand for a variety of technical or specialist roles while leading to a decline for others. The shifts will also likely push companies to upskill their own employees.

There’s good news as well. According to the WEF forecast, while 92 million existing jobs will disappear by 2030, 170 million new jobs will be created. In other words, there will be a net addition of 78 million jobs if the forecast is accurate.

Kategorie: Hacking & Security

Superjasná TV, monitor nahrazující sluchátka a čistička s pelíškem pro kočky. Přehled nejzajímavějších inovací z CESu

Živě.cz - 10 Leden, 2025 - 18:45
** V Las Vegas jsou k vidění nejnovější technologické vymoženosti ** Některé jsou praktické, jiné pouze pro efekt ** Do článku budeme postupně doplňovat ty nejzajímavější
Kategorie: IT News

New malware justifies Apple’s locked-down security strategy

Computerworld.com [Hacking News] - 10 Leden, 2025 - 18:36

Apple has told us Macs aren’t secure enough and it continues working to improve their security, as it does across all of its platforms. But a newly identified malware attack confirms that third-party developers can sometimes be a weak link in the perimeter.

In this case, Checkpoint security has identified a malware-as-a-service attack it calls Banshee macOS Stealer. 

This insidious attack, which has apparently now been closed down, was spread via seemingly legitimate browser downloads distributed outside of Apple’s Mac App Store. When installed, it was capable of exfiltrating all kinds of information, including account, banking and crypto logins, and more, and was resistant to Apple’s own antivirus protection system, Gatekeeper. (The malware is also available on Windows, but I’m less sure of the degree of risk users on that platform face.

If it’s too good to be true, it’s too good to be true

Here’s what we know:

  • The software was distributed in infected versions of popular software (such as Chrome or Telegram) via phishing websites and fake GitHub repositories.
  • When in the field, it targets third-party browsers such as Chrome, browser extensions, and makes use of a 2FA extension to capture sensitive information.
  • It also tricks users into sharing their passwords with legitimate seeming system prompts, sending stolen data back via command and control servers. 

An attack-as-a-service malware of this kind usually relies on a command server within the exfiltration process, with legitimate-seeming but infiltrated software a method of attack ever since people used to share applications via FTP, and probably before.

None of this is new. Nor is the main attack’s reliance on tricking users. Everyone by now knows that computer users are now and will forever be the weakest link in platform security. Convincing people to download software that is infected is common, and recent attacks from NSO and other reprehensible companies showed that it is still possible to craft attacks that don’t even require user intervention. (Though those are very, very expensive.)

What is new is that those behind the attack used some of Apple’s own anti-virus tools, stealing, “a string encryption algorithm from Apple’s own XProtect antivirus engine, which replaced the plain text strings used in the original version,” according to Checkpoint.

This is what helped the attack evade detection for two months, though it was eventually identified, mitigated, and the operation shut down. Crisis over.

Prevention beats cure

Except the crisis is never really over. 

What this attack exposed is that platforms can be undermined, and while Macs (and Apple’s other products) are — unlike others — secure by design, that doesn’t mean they are infallible.

The introduction of Lockdown Mode demonstrates that Apple knows attacks happen. Within that context, it becomes super-important to ensure every user understands that if software they usually pay for is available free somewhere, they should absolutely avoid installing it. And they should always ensure that legitimate software (such as Chrome) is installed from the original source.

That’s not a problem if you stay within trusted app distribution ecosystems, of course — particularly Apple’s own heavily-policed app stores. But as the company is forced to open up to third-party distribution, that security will be eroded as, at least in some cases, some app developers insist on independent distribution of their software. 

That represents a golden opportunity for malware distributors to try to build legitimate-seeming download sites for these apps. Though it’s possible that Apple’s Notarization system (as it expands) might become an essential tool to protect against this.

While some developers continue to complain about the cost of distribution on Apple’s platforms, it must be stressed that the cost of cybercrime is expected to surpass $10 trillion this year. That means it is in the public interest for app developers — if they really want to play their part to combat cybercrime — to ensure they create and protect secure software distribution systems that do not confuse consumers. 

We all play a part

It’s actually in the national (international) interest. “I think some of the top people predict that the next big war is fought on cybersecurity,” Apple CEO Tim Cook told Time in 2016

Software consumers need to play their part. “As cyber criminals continue to innovate, security solutions must evolve in tandem to provide comprehensive protection,” Check Point Research explains. “Businesses and users alike must take proactive steps to defend against threats, leveraging advanced tools and fostering a culture of caution and awareness.”

Despite this attack, the Mac remains the world’s most secure PC platform. One of the easiest ways for anyone to improve their own security posture is to move to Apple’s platforms. And one of the easiest ways to undermine that security is to install dodgy software, no matter how genuine it appears to be. If it seems too good to be true, it’s too good to be true.

So, don’t download it.

You can follow me on social media! You’ll find me on BlueSky,  LinkedInMastodon, and MeWe

Kategorie: Hacking & Security

Treasury hackers also breached US foreign investments review office

Bleeping Computer - 10 Leden, 2025 - 18:02
Chinese hackers, part of the state-backed Silk Typhoon threat group, have reportedly breached the Committee on Foreign Investment in the United States (CFIUS), which reviews foreign investments to determine national security risks. [...]
Kategorie: Hacking & Security

Bing zkouší další trik. Napodobuje Google, když hledáte Google

Živě.cz - 10 Leden, 2025 - 17:45
**Když v Bingu vyhledáte „Chrome“, vyhledávač napodobí konkurenta **Stránka má bílé pozadí a schová záhlaví Bingu **Falešný Google dokonce napodobuje doodly
Kategorie: IT News

Docker Desktop blocked on Macs due to false malware alert

Bleeping Computer - 10 Leden, 2025 - 17:37
Docker is warning that Docker Desktop is not starting on macOS due to malware warnings after some files were signed with an incorrect code-signing certificate. [...]
Kategorie: Hacking & Security

Gambas 3.20.0

AbcLinuxu [zprávičky] - 10 Leden, 2025 - 17:29
Byla vydána nová major verze 3.20.0 grafického vývojového prostředí a platformy Gambas (Wikipedie) založené na interpretru programovacího jazyka Basic s rozšířením o objektově orientované programování. Přehled novinek v poznámkách k vydání. Zdrojové kódy jsou k dispozici na GitLabu.
Kategorie: GNU/Linux & BSD
Syndikovat obsah