Agregátor RSS

Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation

The Hacker News - 17 Leden, 2025 - 14:06
Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia. "Over the past two months, a significant volume of attacks from Python-based bots has been observed, suggesting a coordinated effort to exploit thousands of web apps," Imperva researcher Daniel Johnston said in an analysis. "These attacks Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Proč má smysl, aby se do iPhonů vrátilo Touch ID. Stačí se podívat na iPady nebo Androidy

Živě.cz - 17 Leden, 2025 - 12:45
** Face ID je od iPhonu X hlavní bezpečnostní bránou iPhonů ** Touch ID zůstává jen u posledního iPhonu SE a také u iPadů ** Možná je na čase, aby se do iPhonů vrátilo Touch ID, vysvětlíme proč
Kategorie: IT News

Robots get their ‘ChatGPT moment’

Computerworld.com [Hacking News] - 17 Leden, 2025 - 12:00

Nvidia unveiled a new platform at CES called Cosmos. It’s a world foundation model (WFM) development platform designed to advance and accelerate Physical AI for robots and self-driving vehicles (which are also, in fact, robots).

Understanding digital twins and physical AI

I’ve written before about Physical AI in general and Nvidia’s initiatives in that space specifically. 

The “Physical AI” concept involves creating complex virtual environments that simulate real-world physics, where digital replicas of robots and systems can learn and optimize their performance. 

For factory robots, as an example, an Omniverse customer would create a “digital twin” of the factory in a virtual reality space. Every detail of the factory floor would be replicated, with the distances between objects exactly the same as in the real, physical factory. Internet of Things (IoT) sensors in the real factory feed data into the twin, keeping it in an identical state.

Crucially, the virtual twin in Omniverse is programmatically endowed with physics — gravity, inertia, friction, and other physical qualities that are applied to anything happening in the twin. Companies can design, simulate, operate, and maintain their factories virtually through twins.  And they can train robots and robotic systems in Omniverse. 

The newly announced Cosmos works in conjunction with — and dramatically  amplifies — the ability of Omniverse robot training through the creation and use of World Foundation Models (WFMs).

What in the world are ‘World Foundation Models”?

If you’re unfamiliar with the phrase “World Foundation Models,” that makes sense, because it’s pretty new and most likely coined by Nvidia. It conjoins the existing (but also recent) concepts of “world models” (AI systems that create internal representations of their environment to simulate and predict complex scenarios) and “foundation models” (AI systems trained on vast datasets that can be adapted for a wide range of tasks).  

According to Nvidia, WFMs are an easy way to generate massive amounts of photoreal, physics-based artificial data for training existing models or building custom models.  Robot developers can add their own data, such as videos captured in their own factory, then let Cosmos multiply and expand the basic scenario with thousands more, giving robot programming the ability to choose the correct or best movements for the task at hand. 

The Cosmos platform includes generative WFMs, advanced tokenizers, guardrails, and an accelerated video processing pipeline. Developers can use Nvidia’s Omniverse to create geospatially accurate scenarios that account for the laws of physics. Then, they can output these scenarios into Cosmos, creating photorealistic videos that provide the data for robotic reinforcement learning feedback. 

Again, a great way to understand this is to compare it with the LLM-based ChatGPT. 

I recently wrote about how Google’s LLM-based tool, NotebookLM, is fantastic for learning something complex. At the time, I described the following use case: 

“Rather than reading advanced material, it’s far faster and more engaging to let NotebookLM’s ‘Audio Overviews’ feature create a life-like podcast for you to listen to. It will create a ‘study guide,’ a FAQ, a ‘briefing guide,’ and a timeline, enabling you to quickly look at dense content from multiple angles, perspectives, and levels. You can start by asking the chatbot to explain it to you like you’re a sixth-grader, then a high school senior, then an undergrad, and on up until you’ve mastered the material.”

In this scenario, you’re “training” your brain by taking an existing data set and telling the chatbot to give you that same data sliced, diced, and re-formatted in eight or more ways. 

This is also how WFMs work, in outline. The developer takes existing training data and feeds it into Cosmos, which creates more training scenarios that are as usable as the original set. They can turn 30 scenarios into 30,000, which the robot uses as if actual trial-and-error learning had taken place. 

Cosmos’s output looks like real-world training data, but it can rapidly train robots in thousands of scenarios. 

Robotic’s ChatGPT moment

Nvidia implies that Cosmos will usher in a “ChatGPT moment” for robotics. The company means that, just as the basic technology of neural networks existed for many years, Google’s Transformer model enabled radically accelerated training that led to LLM chatbots like ChatGPT. 

In the more familiar world of LLMs, we’ve come to understand the relationship between the size of the data sets used for training these models and the speed of that training and their resulting performance and accuracy. 

Elon Musk pointed out recently that AI companies have exhausted human-generated data for training AI models. “We’ve now exhausted basically the cumulative sum of human knowledge…in AI training,” he said. 

Data for training robots is also limited — but for a different reason. Training data in the real physical world is simply slow and expensive. Unlike human-generated text, which has already happened at scale over centuries, robot-training data has to be generated from scratch. 

Likewise, robots and self-driving cars can essentially “learn” how to do their jobs and navigate complex and unfamiliar terrain. Cosmos (working with Omniverse) should dramatically increase the amount of training that can take place in a much shorter time frame.

Driving safety


The idea of testing autonomous vehicles with massive sets of physics-aware data is a vast improvement over how self-driving cars and trucks have historically been trained — which is that they drive around in the real world with a safety driver. 

Driving in the real world with a person as backup is time-consuming, expensive, and sometimes dangerous — especially when you consider that autonomous vehicles need to be trained to respond to dangerous situations.

Using Cosmos to train autonomous vehicles would involve the rapid creation of huge numbers of simulated scenarios. For example, imagine the simulation of every kind of animal that could conceivably cross a road — bears, dear, dogs, cats, lizards, etc. — in tens of thousands of different weather and lighting conditions. By the end of all this training, the car’s digital twin in Omniverse would be able to recognize and navigate scenarios of animals on the road regardless of the animal and the weather or time of day. That learning would then be transferred to thousands of real cars, which would also know how to navigate those situations (with no animals harmed).

If Nvidia is right, and we have arrived at a “ChatGPT moment” for robotics, then the pace of robotics advances should start accelerating, driving major efficiencies and mainstreaming autonomous vehicles on public roads globally for many companies (not just Waymo in a few cities). 

One fascinating aspect of the new generative AI world in which we live is that predictions are futile. Nobody knows how all this will develop. 

And this appears to be true with predictions about how long it will take for everything to become extremely robotic. It’s probably all going to happen much  faster than anyone thinks. 

Kategorie: Hacking & Security

Americká jaderná ponorka vyplula na tajnou misi a vypouštěla při ní podmořské drony

Živě.cz - 17 Leden, 2025 - 11:45
Americká jaderná ponorka USS Michigan v letech 2022 až 2024 absolvovala nejméně tři tajné mise v nepřátelských a náročných prostředích , během kterých vypouštěla podmořské drony. Prokázala tím, že ponorky SSGN třídy Ohio jsou schopné odpálit nejen celé „hejno“ střel s plochou dráhou Tomahawk, ...
Kategorie: IT News

What everyone’s missing about Android upgrades in 2025

Computerworld.com [Hacking News] - 17 Leden, 2025 - 11:45

When we talk about Android upgrades, it’s all too easy to miss the forest for the trees.

It’s a familiar tale here in the land o’ Googley matters — and with some wacky-seeming changes on the way for Android upgrades in 2025, the myopic musings are only getting louder.

Surely you’ve seen these sentiments, right? One just popped up in my feed the other day, in fact, with a saucy-seeming headline stating that the current Android 15 update is “a waste of a software upgrade.”

In it, the author notes that Android 15 doesn’t introduce many obvious front-facing changes to a phone’s look and feel and is consequently, as he puts it, a “useless” update.

It’s a déjà-vu-inducing view — one we inevitably hear after virtually every Android update. Now, though, it includes a new variable as part of its argument: the fact that Google is shifting away from its annual cadence for new Android versions in 2025 and moving instead toward a twice-yearly pattern for official operating system rollouts. And thus, the thinking goes, each individual update is bound to become even less significant.

For anyone staring only at the surface and without the deeper context of everything happening in the Android software ocean, it sure sounds like an sensible conclusion. But my, oh my, you’d better believe there’s a lot more going on here — and Google, unfortunately, has never been great about making regular phone-owning folk aware of that bigger picture.

Specifically, we’ve got two pesky misconceptions we’re gonna hear plenty more of in the months to come. Let’s tackle ’em both and get to the bottom of why they’re misguided, shall we?

[Get level-headed knowledge in your inbox with my free Android Intelligence newsletter — three new things to know each Friday and my free Android Notification Power-Pack as a special welcome bonus!]

Android upgrade misconception #1: Android updates don’t matter

Ah, yes — a classic complaint and one we’ve been hearing for ages: “This update barely changes anything! I guess I didn’t really need it after all.”

And look: I certainly get why it could seem that way. There’s a reason why each new generation of a physical product tends to look different from the last. We mealy-mouthed mammals need an obvious, front-facing visual that confirms to us something is new and exciting, lest it seem like more of the same.

But as I’ve been reminding folks for years now, an Android update is about much more than what you see on the surface.

Sure, the shiny new stuff is nice. Who doesn’t love exploring fun new features and interesting interface improvements? Those are the elements most of us relate to most readily.

But the most important parts of an Android update are typically what’s under the hood and often even invisible to us from the outside.

Each new Android update, y’see, includes an array of engine-room enhancements along with noteworthy privacy, security, and performance strengtheners — things that go beyond the little fixes provided in those separate monthly patches. Beyond that, each update introduces both expansions and restrictions to APIs, which are what permit third-party apps to interact with your phone and data and perform a variety of advanced functions. Frequently, the updates better control how and when apps are able to access different types of data and make it more difficult for them to take advantage of permissions.

You may not immediately see all that stuff, but — oh, yes — you’d better believe it matters.

That aside, even in terms of front-facing features, Android 15 actually includes a surprising amount of interesting stuff — everything from the introduction of a platform-level place for securely storing important files to an intelligent auto-adjusting vibration control, a new and more effective system volume panel setup, and a useful new charging-time home control screensaver. And that’s just the start.

Now, could Google do a better job of (a) showcasing this stuff and (b) educating everyone about the importance of all the less visible advantages each new update introduces? Absotively. That’s been a soapbox subject of mine for something like 737 years now.

But just because it isn’t in your face doesn’t mean it isn’t there — or that the update itself doesn’t matter. At this point, at least, it’s just up to you to do a little discovering (or, ahem, to read a pithy weekly newsletter that points you to all the pertinent info) and wrap your brain around the benefits both front-facing and unseen.

Android upgrade misconception #2: iPhones get more with their annual updates

Whoo, boy — is this ever a fun one.

From the earliest days of Android, there’s been a popular perception that Apple does way more for its iDevices and gives iPhone owners a major advantage over us Android-appreciating animals.

With no disrespect to the Apple adorers among us, this couldn’t be more off-base.

Again, Google doesn’t do a great job of highlighting this and helping average Android phone-owners appreciate the bigger picture — but, well, go go gadget self-quote summoner:

With Android, operating system updates are only half the story. For well over a decade now, Google’s been pulling what were once core operating system elements out of the operating system proper and treating them as standalone apps instead. That means those elements — all of which are still considered part of the single-bundle operating system in the land of iOS — get updated numerous times a month, all throughout the year. And those updates reach every single Android device within a matter of days, regardless of which company made it or how long ago it was released.

A perfect example of that principle in action is how Google recently made a quiet under-the-hood update to a system-level utility called Google Play Services that gave all Android phone-owners with 2019’s Android 10 or higher a trio of important new security features — instantly, universally, and without any manufacturer or carrier involvement.

Those types of underemphasized updates arrive on Android all the time — with random rollouts like that as well as with the now-standard quarterly feature drops and monthly security patches, too.

And all of that is still but one tiny example of the effect we’re talking about here.

Back to that self-quoting magic:

Time for the biggest and most rarely acknowledged reality check of all: At this point, nearly every single element that’s considered a significant part of an annual Apple iOS update is handled in an a la carte manner on Android — with multiple monthly updates that impact close to every still-functioning Android phone. In other words, even Android phones from eight years ago get updates numerous times a year that are all virtually equivalent to an entire iOS operating system rollout. Those updates just aren’t packaged neatly or presented cohesively, and most people don’t consider how all of the small-seeming pieces add up.

It’s no exaggeration: When you look at an average Apple iOS update, nearly every high-profile addition tends to be something that’s handled by a standalone app in Android and updated year-round — whether we’re talkin’ updates to messaging and video calling, voice-to-text translation, or system-level tools like the browser, maps app, notes app, and mobile payment applications. 

Heck, the same even applies for updates to things like Gemini, which occur nearly constantly on Android but only as part of those annual bundled OS updates on the Apple side of the mobile divide, with its equivalent.

The main difference is just that Google just doesn’t do much to draw attention to it or emphasize how it all fits into the same broader picture. And — well…

What’s especially interesting is that with rare exception, there are virtually no limits to how and when those scattered Android updates apply. The nearly-nine-year-old Nexus 4 sitting in my desk drawer still gets every update to every one of those applications every month and receives the same sort of functionality Apple is delivering as part of its [latest] iOS update in small deliveries year-round. …

For as good as Apple’s support is, it typically stops entirely after a phone has passed the six-year mark since its release. And what’s almost always overlooked in the glowing headlines about iOS updates is the fact that even devices from a year or two ago frequently don’t get all of the features announced in a new iOS update. In fact, the vast majority of these latest additions and improvements have some manner of cutoff or restriction associated with ’em, even within that six-year window.

So while an older iPhone is still getting the latest update — and while that’s undeniably a very good thing! — it’s also very accurate to say that an equally dated Android device is ultimately getting more current features and updates even more regularly. It’s just framed in a very different and generally less attention-grabbing way.

Plain and simple, it’s an apples-to-oranges comparison. But all of that not-so-obvious nuance tends to get lost in the shuffle of most public discussions.

Here in 2025, the level of nuance is only gonna grow greater. We’ve got Android 16 on the horizon with its extra-early Q2 timeline, then a second smaller Android update set for the fourth quarter of the year (which may or may not sport its own new number).

But that expanding framework aside, y’know all the smaller stuff we just went over? Yup — all of that is also still present and pertinent as ever: the in-between-update quarterly feature drops, the separate monthly security patches, and perhaps most important, all the ongoing week-to-week updates of system-level apps both front-facing and under-the-hood, all year long.

So, yeah: Android updates matter, all right. And with more of ’em slated to show up in the year ahead, that perspective is more important than ever to wrap your head around and remember — even if the Apple marketing machine will do everything in its power to downplay that reality and make you forget.

Want even more Googley knowledge? Check out my weekly Android Intelligence newsletter to get next-level tips and insight delivered directly to your inbox — and get my free Android Notification Power-Pack the second you sign up.

Kategorie: Hacking & Security

Medusa ransomware group claims attack on UK's Gateshead Council

The Register - Anti-Virus - 17 Leden, 2025 - 11:30
Pastes allegedly stolen documents on leak site with £600K demand

Another year and yet another UK local authority has been pwned by a ransomware crew. This time it's Gateshead Council in North East England at the hands of the Medusa group.…

Kategorie: Viry a Červi

How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal?

The Hacker News - 17 Leden, 2025 - 11:21
Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their networks while providing convenient access to visitors, contractors, temporary staff, and employees with BYOD. Implementing secure guest Wi-Fi infrastructure has become essential for authenticating access,
Kategorie: Hacking & Security

How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal?

The Hacker News - 17 Leden, 2025 - 11:21
Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their networks while providing convenient access to visitors, contractors, temporary staff, and employees with BYOD. Implementing secure guest Wi-Fi infrastructure has become essential for authenticating access,[email protected]
Kategorie: Hacking & Security

New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass

The Hacker News - 17 Leden, 2025 - 11:07
Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that's capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication (2FA) codes since at least October 2024. The nascent phishing kit has been dubbed Sneaky 2FA by French cybersecurity company Sekoia, which detected it in the wild in December. Nearly 100 domains hosting
Kategorie: Hacking & Security

U.S. Sanctions North Korean IT Worker Network Supporting WMD Programs

The Hacker News - 17 Leden, 2025 - 11:07
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and four entities for their alleged involvement in illicit revenue generation schemes for the Democratic People's Republic of Korea (DPRK) by dispatching IT workers around the world to obtain employment and draw a steady source of income for the regime in violation of international sanctions. "These
Kategorie: Hacking & Security

New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass

The Hacker News - 17 Leden, 2025 - 11:07
Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that's capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication (2FA) codes since at least October 2024. The nascent phishing kit has been dubbed Sneaky 2FA by French cybersecurity company Sekoia, which detected it in the wild in December. Nearly 100 domains hosting Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

U.S. Sanctions North Korean IT Worker Network Supporting WMD Programs

The Hacker News - 17 Leden, 2025 - 11:07
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and four entities for their alleged involvement in illicit revenue generation schemes for the Democratic People's Republic of Korea (DPRK) by dispatching IT workers around the world to obtain employment and draw a steady source of income for the regime in violation of international sanctions. "TheseRavie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Chytré vytápění pro každého. Termostat a hlavice Tado X jsou teď o 30 % levnější

Živě.cz - 17 Leden, 2025 - 10:45
Pokud vám unikla akce na Black Friday, Amazon a Alza v těchto dnech zlevnily chytré vytápění Tado X. Na Černý pátek byly ceny ještě nižší, ale lepší nabídky momentálně neseženete. V obou obchodech stojí produkty víceméně stejně, nákup v Alze ale bude přece jen jednodušší. Třicetiprocentní slevu ...
Kategorie: IT News

Bidenův ban: Žádný výrobce na světě nesmí Číně dodat ≤16nm čip s ≥30 mld. tranz.

CD-R server - 17 Leden, 2025 - 10:00
Regulace, v tichosti a na poslední chvíli připravené odstupující Bidenovou administrativou, znamenají prakticky celosvětový zákaz dodávek čipů s více než 30 miliardami tranzistorů Číně a dalším zemím…
Kategorie: IT News

Microsoft 365 pro rodiny i jednotlivce pořádně zdražil. K Wordu, Outlooku a OneDrivu totiž přibyl Copilot

Živě.cz - 17 Leden, 2025 - 09:45
Levně už bylo. Na podzim jsme psali, kterak v Austrálii zdražilo rodinné i individuální předplatné Microsoft 365 . Bylo jen otázkou času, než vlna dorazí také nám – a už je tady. Microsoft totiž oznámil, že do svého kancelářského předplatného přidal AI Copilot, kvůli němuž roční ceny narostou o ...
Kategorie: IT News

Konečně funkční záloha systému přímo od Microsoftu. Návod, jak nastavit Windows Zálohování

Živě.cz - 17 Leden, 2025 - 08:45
Ve Windows 11 objevíte aplikaci Windows Zálohování, která umožňuje alespoň částečnou zálohu souborů do cloudu. Kromě toho umí synchronizovat i nastavení systému nebo hesla k Wi-Fi.
Kategorie: IT News

Microsoft eggheads say AI can never be made secure – after testing Redmond's own products

The Register - Anti-Virus - 17 Leden, 2025 - 08:42
If you want a picture of the future, imagine your infosec team stamping on software forever

Microsoft brainiacs who probed the security of more than 100 of the software giant's own generative AI products came away with a sobering message: The models amplify existing security risks and create new ones.…

Kategorie: Viry a Červi

Týden na ScienceMag.cz: Relativistický elektronový paprsek by mohl dostat sondu k Alfa Centauri za 40 let

AbcLinuxu [články] - 17 Leden, 2025 - 08:00

Top 10 ve fyzice za rok 2024: Laserové chlazení pozitronia. AI jazykové modely mohou efektivně vytvářet konzistentní příběhy. Studium fotonů umožnilo navrhnout novou metodu detekce axionů.

Kategorie: GNU/Linux & BSD
Syndikovat obsah