Kategorie

Let's be honest''your Linux server isn't the fortress you hope it is if your SSH setup isn't locked down tight. Recently, security teams have been tracking a spike in attacks, and it's not just the usual malware game we've seen before. Attackers are going low-key and crafty, exploiting weak SSH security to install legitimate tools like TinyProxy and Sing-box to turn compromised servers into proxy nodes. These tools are completely normal when used properly, but they're a dream for attackers who want to hide their tracks or sell access to your system.

Linux admins and infosec pros, we've got a real problem on our hands. There's a group out there''the Houken threat actor''that's not messing around. These guys have been targeting industries that form the backbone of society: government, telecoms, finance, you name it. Using unpatched Ivanti devices as their entry point, they're pulling off some slick and dangerous moves. This isn't some dime-a-dozen botnet attack or basic ransomware scheme''it's targeted, it's precise, and it's making life a nightmare for Linux admins tasked with safeguarding critical systems.

When Rust emerged as the "memory-safe" poster child of programming languages, it didn't take long for its influence to spread. From systems programming to infrastructure tools, Rust is being embraced in areas long dominated by C and C++. It's cleaner, safer, and the way forward for Linux kernel modules, system utilities, and network drivers.

Microsoft has announced that the Exchange Server Subscription Edition (SE) is now available to all customers of its enterprise email service. [...]

​The Hunters International Ransomware-as-a-Service (RaaS) operation announced today that it has officially closed down its operations and will offer free decryptors to help victims recover their data without paying a ransom. [...]

Microsoft asked customers this week to disregard incorrect Windows Firewall errors that appear after rebooting their systems following the installation of the June 2025 preview update. [...]

We’ve got a big problem on our hands. The public is using generative AI (genAI) to write, create, and think. But the brain is a use-it-or-lose-it organ — and we’re starting to lose it. 

That doesn’t have to happen to you. Here’s what you need to know about genAI-related brain rot, and the one approach that lets you take advantage of the technology while retaining and even enhancing your own natural intelligence. 

But first, let’s look at what science says about genAI brain rot.

Creativity

Research published by Carnegie Mellon University this month found that groups that turned to Google Search came up with fewer creative ideas during brainstorming sessions compared to groups without access to Google Search. Not only did each Google Search group come up with the same ideas as the other Search groups, they also presented them in the same order, suggesting that the search results replaced their actual creativity. 

The researchers called this a “fixation effect.” When people see a few examples, they tend to get stuck on those and struggle to think beyond them. For example, if you see “butter” and “jam” as things you can spread, you’re more likely to think of other foods and less likely to think of “rumors” or “disease.”

Earlier this year, The Journal of Creative Behavior published a study called “Am I Still Creative? The Effect of Artificial Intelligence on Creative Self-Beliefs.” That study looked at the difference between how creative people think they are in general and how creative they feel when working with AI. The researchers focused on “creative self-beliefs,” which means a person’s confidence in their own creative ability — they wanted to know whether using AI changes this confidence, and if so, how. 

The study found that most people felt less creative with genAI than without it. If someone already doubted their own creative skills, using it made them feel even less sure. Even people who usually felt very creative did not always feel that way when they used genAI. Trust in the technology helped, but it did not erase the feeling of lost creativity. People who saw genAI as a helpful tool sometimes felt more confident, but if they thought it was taking over, their sense of creativity dropped.

Importantly, the study also found that people who feel sure of their own creativity tend to achieve more in creative work. But this self-confidence does not always help when they use genAI.

Brain rot

A new study from MIT’s Media Lab offers a rare glimpse inside the brain during the act of writing, with and without AI assistance. The team recruited 54 college students from the Boston area and had them write short essays under three conditions: 1) unaided, 2) using a search engine, or 3) with OpenAI’s GPT-4o chatbot. 

Each participant wore an EEG cap to track real-time brain activity. The experiment ran for four months, with each student writing three essays, and a fourth session where some swapped their assigned method.

Unfortunately, the results were exactly what you might expect. Students who wrote their essays without any outside help showed the highest brain activity, especially in regions tied to memory, creativity, and semantic processing. Those who used search engines showed less activity but still engaged their brains more than the group using the AI chatbot. The ChatGPT group showed the lowest brain activity of all, with up to a 55% drop in neural connectivity compared to the unaided group, as measured by a method called Dynamic Directed Transfer Function. (This technique tracks how information moves across different parts of the brain and is considered a good marker for executive function, attention, and semantic processing.)

It gets worse. When researchers asked students to recall or summarize what they had written, the genAI-assisted group remembered less and felt less ownership of their work. In the final session, when students who had used the tech were suddenly asked to write without it, their performance and brain engagement lagged behind those who had started out unaided. 

Researchers found that this “cognitive offloading” effect means users rely on genAI for tasks they would otherwise perform themselves, potentially undermining their own mental capabilities and creativity.

On the other hand, students who switched from brain-only to genAI showed a jump in brain connectivity when allowed to use the tool, but only when they already understood the topic.

The researchers said that the timing and context of genAI use matter. Using it after you’ve already engaged deeply with a topic can be helpful. But letting the tools do the heavy lifting from the start appears to short-circuit the learning process. 

The study’s bottom line: there’s a real tradeoff between the convenience of external support and the lasting benefits of internal effort.

Groupthink

Another risk from an over-reliance on genAI and search is originality. GenAI tools are actually changing how we think, feel, and act. Tools always shape our minds, from the typewriter to the PC. 

Social media platforms like TikTok, Facebook, and Instagram use AI to decide what we see. Their algorithms pick content based on what keeps us engaged. This often means we get more of what we already like or believe. Over time, this narrows our interests and beliefs. (Psychologists call this “preference crystallization.”)

Our knowledge of and perspective on the world becomes less our own and more what the algorithms feed us. They do this by showing us content that triggers strong feelings — anger, joy, fear. Instead of feeling a full range of emotions, we bounce between extremes. Researchers call this “emotional dysregulation.” The constant flood of attention-grabbing posts can make it hard to focus or feel calm.

AI algorithms on social grab our attention with endless new content. It shapes how we learn from others by controlling what social behaviors we see online. It even changes how we remember things, since we now rely on AI to store and recall information for us.

A similar effect happens when people use genAI-based chatbots unskillfully. 

When you ask chatbots like ChatGPT or Google Gemini a question, you get the most common answer from what people wrote online, a kind of consensus or average. When millions or billions of people are turning to chatbots for answers, you can see how that can become a social media-like echo chamber devoid of original thought.

The secret to brain-boosting use of AI

To elevate both the quality of your work and the performance of your mind, begin by crafting your paper, email, or post entirely on your own, without any assistance from genAI tools. Only after you have thoroughly explored a topic and pushed your own capabilities should you turn to chatbots, using them as a catalyst to further enhance your output, generate new ideas, and refine your results.

And don’t get your initial information from social media or those chatbots. Learn by reading high-quality books and magazine articles; only after that traditional learning should you expose your mind to the same subjects on social or chatbots. 

Brainpower and creativity are a use-it-or-lose-it proposition. So, challenge yourself and then —  and only then — turn to genAI to learn just a little bit more. Always turn to technology at the end, never the beginning, of any endeavor. 

Recent reports say Apple may use artificial intelligence models from OpenAI or Anthropic to provide the smarter Siri experience it promised us over a year ago. That’s good in the sense that it means we’ll get yesterday’s jam tomorrow, but it may mean the company ceases to invest as much as it should in the development of genAI models that run on the device.

This concerns me because I think on-device, edge-based intelligence has a huge part to play in the future evolution of AI services. I think there are lots of reasons for this to be the case — security and privacy, obviously, but also for another good reason: the network.

The network, don’t forget the network

Switched-on tech purchasers are making huge investments in network infrastructure to support the AI services they hope to deploy across their companies.

A recent Cisco survey tells us that 97% of IT leaders see the network as critical to rolling out rolling out AI, IoT, and cloud, and 91% of them plan to increase the amount of money they spend on networking as a result. They’re also investing in data centers, and all of them seem to think that the networks themselves need to become smarter.

“AI is changing everything — and infrastructure is at the heart of that reinvention. The network has powered every wave of digital transformation, accelerating the convergence of IoT, cloud, hybrid work, and defending against rising security threats,” said Chintan Patel, CTO and Vice President Solutions Engineering, Cisco EMEA in a press release.

“IT leaders know the network they build today will shape the business they become tomorrow. Those who act now will be the ones who lead in the AI era.” 

The thing is, when it comes to network resources, we already know that the best way to optimize network capacity is to offload traffic to other services where possible. That’s why phones like to use Wi-Fi for calls, for example. Why would it be any different for AI? 

Making AI mundane again

Once you accept that optimizing access to these resources is what’s happening, it becomes easier to accept that one way to reduce demand is to create AI models that run on the device itself. Apple’s devices are, after all, equipped with super powerful low-energy processors and should be more than equal to a range of AI-driven tasks. That’s why it makes sense for the company to invest and continue to invest in genAI models that can work on the device, as so many Apple Intelligence models already do.

The conservation of network resources isn’t predicated only on cost efficiency, but also response. Look at it this way: as AI is inevitably more widely deployed in mission-critical environments, any kind of lag between an AI request and resolution of that request is unacceptable.

Just as you don’t want an AI-powered vehicle to suffer from lag as it approaches a pedestrian crossing, you don’t want lag to hit a rail traffic management system as two express trains speed toward each other on the same track. In some situations, network-derived lag costs lives, and while the drip-fed TV broadcast images of human misery we see so regularly today suggests lives don’t matter as much now as they did at the end of the last century, it still makes sense to offload mundane requests like spelling, summarization, and transcription so more critically important needs can be met within the context of network congestion and scarcity.

This also means it makes sense to continue to invest in edge intelligence. 

Eyes on the prize(s)

Doing so answers another burning need in enterprise deployment for privacy and security. It simply seems better to put more intelligence on the edge device. That means creating focused AI models capable of running on the device.

Doing so dramatically reduces the attack surface, eliminates network-derived lag, and ensures better privacy.

That’s why intelligence at the edge will inevitably become more important over time. Apple’s own on-device Apple Intelligence tools are likely to be the first in a larger suite, though building out that suite may take a while. That time frame is reflected in Apple’s purported decision to open Siri up to additional AI services.

In the end, as you can see, a confluence of factors make intelligence at the edge vital to the overall AI ecosystem. As more and more services and systems become network-reliant, all stakeholders will seek to offload some of those demands elsewhere (just as mobile telcos already shift traffic to Wi-Fi when they can), and the most logical place to run at least the most commonplace demands will be on the devices themselves. Every genAI transaction that can be handled on the device means one less whirl on the server and the preservation of the fragment of power it takes to send the instruction there and back again. 

So, who will make the mobile AI infrastructure?

Of all the AI firms I’m reading about, and all the Big Tech firms working with them, only Apple seems to have made significant investment in delivering such services in this way. That doesn’t mean it is the only one, nor does it mean it will succeed — it may already have declared failure internally — but the direction remains the same: networks will become smarter and devices more capable of handling more complex models natively.

With that in mind, despite the relatively short-term obstacles Apple seems to face, in the longer term it still makes sense for it to invest in on-device AI, because that is the direction of travel. And that’s why I hope Apple continues to invest in it.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.

If you’re an enterprise still hosting on-premises Exchange 2016 or Exchange 2019 email, it’s time to stop dragging your feet: Microsoft has now made Exchange Server Subscription Edition (SE) generally available to replace them.

SE is just what it sounds like: Enterprise users must soon buy subscription licenses for all users and servers. The change, now in effect, comes with an immediate 10% price hike for standalone on premises server products, as well as a 15% increase for the on-prem Core CAL Suite and a 20% increase for the on-prem Enterprise CAL Suite, effective August 1.

For Exchange Server SE, Microsoft explained, in addition to purchasing the required Server licenses and CALs, customers must also maintain an active subscription. This means purchasing either:

• Cloud subscription licenses for all users and devices that access Exchange Server SE (for example, Microsoft 365 E3 or E5 licenses); or
• Exchange Server SE Server licenses and CALs with Software Assurance (SA).

The tech giant will officially end support for Exchange Server 2016 and 2019 on October 14, meaning it will provide no more updates, technical help, bug fixes, or security patches.

Enterprises can continue to use Exchange Server 2016 and 2019 after end-of-life (EOL), but they do so at their own risk, the company said.

Moving to a ‘modern lifecycle policy’ with continuous service and support

“With an EOL date some 3.5 months away, this will give laggards (and those with compliance and business reasons to remain on-prem) a supported path forward,” said John Annand, digital infrastructure practice lead at Info-Tech Research Group.

Microsoft released its final cumulative update (CU) for Exchange Server 2019 in February, which means that, if customers want to keep email on-premises, they must upgrade to the SE licensing model to keep receiving support and updates. If ready to make the shift to the cloud, they can also choose Microsoft’s fully-hosted platforms Exchange Online or M365.

“Exchange SE demonstrates our commitment to ongoing support for scenarios where on-premises solutions remain critical,” Microsoft wrote in a blog post.

The good news is that SE will be governed by Microsoft’s ‘modern lifecycle policy,’ meaning it will be an evergreen product that receives continuous service and support. There will be no fixed end dates for the release, allowing customers to keep configurations fresh.

“This will create unique opportunities to simplify, streamline, and modernize the product over the coming years,” Microsoft said. 

The company said it will continue releasing Exchange SE CUs at the “same cadence” of two per calendar year, with security or hotfix updates — targeted software updates to address specific, typically critical issues that arise between CUs — released as needed.

Analysts point out that this shouldn’t be unexpected: Microsoft has been making it known for some time that it intended to end support for 2016 and 2019 Exchange editions and move to a subscription model.

But Annand pointed out that, three years ago, there were still rumored to be around 300,000 physical servers on prem with 7.3 billion mailboxes.

Of course, Microsoft wants to “see more money in the bank,” he noted, pointing to the 10% price increase on server licensing and a 15% or 20% increase on client access licensing, depending on the purchasing vehicle.

“Price increases are never welcomed by customers, and our members are no different,” Annand said. “That being said, they’re resigned to that fact of life. As long as MS continues to let them host their data locally and manage the update cycle (as opposed to updates being forced on them, as with Exchange Online), they’ll grudgingly acquiesce.”

How to upgrade to Exchange SE

The final Exchange Server 2019 update incorporates all prior security patches and introduces server-side components for Feature Flighting, an optional cloud-based service that supports immediate updating when new features become available. This can help ensure stability and security up to EOL this fall.

Microsoft advises upgrading to Exchange SE as soon as possible and decommissioning Exchange 2016 or 2019. After moving to SE, as of SE CU2, enterprises will no longer be able to also have Exchange 2016 or 2019 servers on premises.

Organizations have two upgrade options: A legacy upgrade that requires new servers, or an “in-place” upgrade (available only for Exchange 2019), which involves downloading and installing the latest upgrade package.

During this process, there can be some disruption, Microsoft said, as mailboxes will be temporarily paused; however, enterprises can plan around this by performing upgrades overnight, on the weekend, or when offices are otherwise closed.

Microsoft pointed out that the move to SE is unlike previous releases, as it does not contain a major code upgrade and does not have any major changes. No new license keys are required, no features were added or removed, no installation prerequisites were changed and there are no Active Directory schema changes.

While there’s little time left, analysts advise organizations still on Exchange 2016 or 2019 to build a migration strategy, plan extensively, and assess infrastructure needs to avoid migration headaches. Beyond budgeting for extra costs, they said, it’s also helpful to have project managers, IT personnel skilled in Exchange, and support from vendors skilled in migration available during the changeover.

North Korean state-backed hackers have been using a new family of macOS malware called NimDoor in a campaign that targets web3 and cryptocurrency organizations. [...]

Google is adding a new feature that allows system administrators to control when users try out beta features in Workspace.

The features in Workspace typically pop up silently within menus and interfaces, but some companies might want a slower rollout. “As an administrator, you can choose whether your users can try out early general availability Google features or wait until after they’re released by selecting a release track,” Google said in a support document.

There are two paces at which the beta features can be rolled out. A “Rapid Release” track will make new features available to users immediately. A “Scheduled Release” track allows enterprises to roll out new features at a gradual pace. 

The latter will be available starting July 15.

“Your users get new features at least one week after they’re released to Rapid Release domains,” Google said. “This gives you more time to prepare your organization for changes.”

Google isn’t alone in tweaking how updates are rolled out. Microsoft, for instance, has also made changes to how Microsoft 365 support updates are done. The company is encouraging enterprises to adopt more frequent software updates.

Microsoft and Google are rapidly pushing out new generative AI (genAI) features for their productivity suites. Microsoft has close to 1,000 new M365 features under development, with most involving Copilot. For its part, Google maintains a weekly feature release calendar, with most of the new features based on Google’s Gemini AI model.

The companies are hoping to get users on to genAI features quickly and collect feedback from them to develop more functionality and automation tools in the productivity suites.

Google this week also made Gemini available in Google Docs on Android devices in more than 20 languages. The company also released its genAI video tool called Vids to Workspace for Education customers.

More on Google Workspace:

• How Google is integrating Gemini into Workspace
• Google Workspace tips and tutorials
• Analysts: Go slow on M365, Google Workspace ‘agent-ish’ AI rollouts
• Google Spaces cheat sheet: How to get started>

>

An ex-ransomware negotiator is under criminal investigation by the Department of Justice for allegedly working with ransomware gangs to profit from extortion payment deals. [...]

The Spanish police have arrested two individuals in the province of Las Palmas for their alleged involvement in cybercriminal activity, including data theft from the country's government. [...]

Cisco has removed a backdoor account from its Unified Communications Manager (Unified CM), which would have allowed remote attackers to log in to unpatched devices with root privileges. [...]

Citrix warns that patching recently disclosed vulnerabilities that can be exploited to bypass authentication and launch denial-of-service attacks may also break login pages on NetScaler ADC and Gateway appliances. [...]

The Forminator plugin for WordPress is vulnerable to an unauthenticated arbitrary file deletion flaw that could enable full site takeover attacks. [...]

Microsoft has fixed a known bug that breaks the 'Print to PDF' feature on Windows 11 24H2 systems after installing the April 2025 preview update. [...]

More than 40 fake extensions in Firefox's official add-ons store are impersonating popular cryptocurrency wallets from trusted providers to steal wallet credentials and sensitive data. [...]

If you're managing industrial networks, critical manufacturing systems, or infrastructure that demands tight security, you'll want to sit down for this one. MICROSENS NMP Web+, a popular network management platform, is in the spotlight after researchers discovered several critical vulnerabilities that essentially gift-wrap your systems for attackers. This isn't just a fix-it-whenever-you-can scenario. We're staring at vulnerabilities with CVSS v4 scores as high as 9.3''serious problems that require immediate attention.

Since its introduction in 2021, Apple has always seen Declarative Device Management (DDM) as the future for device management on its platforms.

At this year’s WWDC, it told us that future has arrived, making DDM the primary framework with which to manage Apple devices and officially confirming plans to deprecate legacy MDM software commands. Bottom line: the transition to the more powerful DDM system is mandatory.

Some of the top-level DDM changes announced at last month’s developer’s event include:

• DDM support across all Apple’s platforms, including iOS 26, macOS 26, iPadOS 26, tvOS26, visionOS26.
• DDM’s ability to configure update deferrals, set enforcement deadlines, and to define the window in which updates must take place.
• Status channel reporting in Apple’s DDM support, which means devices will report compliance with DDM requests automatically, reducing server-side load.

Underpinning the system is an idea that makes devices fundamentally more autonomous while also making them intrinsically more secure. It turns out the best way to securely manage endpoints is to help them do a better job of managing themselves. It also makes the user experience simpler, bringing the convenience of enterprise-scale protection in a consumer-friendly way.

The philosophy of Declarative Device Management (DDM)

It’s helpful to anyone who uses a managed device to understand the philosophy behind DDM — principally, that it empowers both the device and the end user and does so by simplifying the device management interaction and forcing the device itself to protect itself. More autonomous devices are more resilient devices.

Take a simple software update. MDM might inform a device that it should upgrade and then poll the device frequently to see whether the upgrade has taken place. While it might eventually be done, the device is pretty dumb in the interaction, and users, network access, or other obstacles could get in the way each time the request is made. 

With DDM (and forgive this slightly unnuanced layman’s articulation), the device is instructed to upgrade and will then be required to do so by a specific time. Then, rather than polling the device to nag it to conduct the upgrade, the device itself is forced to regularly report back on whether it has achieved the desired upgraded state. In this model, the device is made aware that it should upgrade and will upgrade itself at the first possible opportunity.

There are several advantages — management is more effective, network demands are reduced, and IT has a much better overview across the state of the corporate fleet. DDM is also more secure, as the onus of reporting turns to the device, which, in conjunction with improvements in identity and zero-trust, means IT enjoys a far more accurate picture of events, and devices become less likely to become attack vectors.

What difference does it make?

Apple’s growing cohort of device management partners (Jamf to Kandji, Mosyle, Fleet, Hexnode, Addigy and beyond) already understood Apple’s intention to move toward DDM, which means they are already introducing support for the improved DDM features Apple plans.

That means users who do migrate to DDM will get access to related enhancements Apple introduced at WWDC, such as version pinning for App Store apps alongside existing software update management. With a nod to the flourishing device management market, Apple is also introducing tools to make it easier to migrate devices between different MDM providers.

All these device management features are being enabled by Apple Business Manager (ABM) and Apple School Manager (ASM), both of which are critical to Apple’s enterprise push, and both of which have been improved drastically to enable new device management features. Organizations can actually prevent personal Apple IDs from signing into corporate-owned devices, even during setup, for example. 

Apple also introduced some new capabilities to help manage devices. These included new APIs to manage new attributes; one useful addition is support for users to request temporary privileges upgrades via their device management system. IT also gains better insight into AppleCare, Managed Apple IDs, and on-device authentication, which in itself promises highly secure yet-friction free device management. We’ve looked at some of these improvements previously. You should also find updates from your chosen device management service provider, which might be of help.

Defense is the sum of all the parts

When combined with enhancements to DDM, you’ll have a system that can securely distribute security, as well as autonomy, to endpoint devices. This effectively supersedes old perimeter defenses by transforming them into a networked, more intelligent system of equally well-defended nodes working together to maintain resilience. 

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.