Kategorie

An unpatched security flaw impacting the Edimax IC-7100 network camera is being exploited by threat actors to deliver Mirat botnet malware variants since at least May 2024. The vulnerability in question is CVE-2025-1316 (CVSS v4 score: 9.3), a critical operating system command injection flaw that an attacker could exploit to achieve remote code execution on susceptible devices by means of a Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Cisco is adding new features to its Webex collaboration tool as it expands its adoption of agentic AI.

The latest tools include an AI Agent and an updated AI Assistant for the company’s Webex Contact Center, a collaborative tool that helps companies handle customer service calls. The AI tools are designed to bolster customer service experiences.

The announcements came on the opening day of the Enterprise Connect show in Orlando, FL.

The Webex AI Agent, slated to be available at the end of this month, should make customer service calls smoother by using AI alongside human agents. The goal is to reduce wait times and use intelligent ways to resolve issues.

According to Cisco, the Agent will allow companies to tackle complex real-time customer service queries by handling more dynamic conversations. The tool can also run scripted agents with preconfigured responses, Cisco said.

One use case highlighted by Cisco, for example, could help airline customers change flights in real-time by querying timing preferences, providing a range of flight options, and completing the call by making the booking. The agent uses AI technology to connect corporate information systems to customer queries.

The company also added new Cisco AI Assistant features to its Webex Contact Centers. That tool is an assistant for customer service agents that can make recommendations for answering customer queries.

The agent, originally rolled out in February, uses a number of tools to understand customer intent and then provides appropriate recommendations. The goal is to help human agents provide better responses.

For example, one new tool can allow accurate transcription of calls, making it easier to understand speakers with accents or unusual speech patterns. It can also provide context for complex discussions, along with real-time recommendations on actions or responses, Cisco said.

Some of the previously added tools can provide summaries on dropped calls or interactions with virtual agents before calls are transferred to human agents. Still other tools can measure customer satisfaction or pull information from past calls and topics to improve customer service experiences.

Cisco also announced it has integrated Apple’s AirPlay on Cisco Devices for Microsoft Teams Rooms, which enables “instant wireless content sharing from iPhone, iPad or Mac to Cisco Devices.”

Malicious actors are exploiting Cascading Style Sheets (CSS), which are used to style and format the layout of web pages, to bypass spam filters and track users' actions. That's according to new findings from Cisco Talos, which said such malicious activities can compromise a victim's security and privacy. "The features available in CSS allow attackers and spammers to track users' actions and

Malicious actors are exploiting Cascading Style Sheets (CSS), which are used to style and format the layout of web pages, to bypass spam filters and track users' actions. That's according to new findings from Cisco Talos, which said such malicious activities can compromise a victim's security and privacy. "The features available in CSS allow attackers and spammers to track users' actions and Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week’s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats are on the rise, with open-source

From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week’s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats are on the rise, with open-source Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

** Androidy každý měsíc dostávají aktualizaci systému Google ** Týká se funkcí navázaných na služby Google Play a obchod Play ** Přinášíme pravidelný přehled těch největších změn a novinek

The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The SANS Institute recently reported that these attacks can be performed by abusing the cloud provider’s storage security controls and default settings. “In just the past few months, I have witnessed two different methods for

The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The SANS Institute recently reported that these attacks can be performed by abusing the cloud provider’s storage security controls and default settings. “In just the past few months, I have witnessed two different methods [email protected]

Google’s generative AI chatbot, named Gemini, is available as a web app. But you can also access most of Gemini’s AI tools in a side panel as you’re using Google Workspace apps including Google Docs, Sheets, Slides, Drive, and Gmail. Using the Gemini sidebar within a Workspace app is much more convenient and contextual than copying and pasting between browser tabs.

When you’re in one of these five main Workspace apps, open the Gemini side panel by clicking the nova star icon that’s next to your user profile icon at the upper-right corner. From this side panel, you can instruct Gemini to generate new content (such as text, tables, or slides), make changes to your current document or other file, or analyze its content to provide context.

The Gemini side panel in Google Docs.

Howard Wen / Foundry

Keep in mind that, like all genAI tools, Gemini can make mistakes, so it’s always advisable to check the output carefully for errors. What’s more, the copy it writes is often generic and flat, but it can be a useful starting point for you to refine and add color to.

As you’ll see, Gemini’s real strengths lie in taking away drudge work such as summarizing a long document or extracting a key piece of information from a sea of emails. This guide explains how to use these AI capabilities from the Gemini side panel in the Google Workspace apps.

Who can use Gemini in Google Workspace apps

The Gemini AI tools that include this side panel are now included with paid Google Workspace plans from the Business Standard plan and up. If you have a regular Google personal account, you can subscribe to Google One AI Premium to have access to these tools. Or, for no cost, you can sign up for access to Google Workspace Labs with your Google account to be permitted to try out Gemini in the Workspace apps.

Get started: Use a suggested prompt or type in your own

In the Gemini side panel, you’ll usually see suggested prompts — these are action links you can click that instruct the AI to do something, such as creating an outline.

Many of these suggested prompts will be the same, or similarly phrased, across the five Workspace apps that you can use the Gemini side panel in. But they can also vary from app to app and sometimes depend on whether you start with a blank document or open an existing one.

Suggestions in the Gemini side panel for Gmail, Sheets, and Slides.

Howard Wen / Foundry

In Docs, for instance, Gemini might prompt you to brainstorm a list of ideas, whereas in Slides it might prompt you to create a slide to pitch an idea. In some cases, prompts might be customized for you based on the emails in your Gmail account or files in your Google Drive. (If you want to see additional suggested prompts, click More suggestions in the panel.)

To choose a prompt, click it, and it will appear in the entry box at the bottom of the window, where you can customize it for your needs. When it’s worded the way you want, press Enter.

Or you can skip the suggested prompts: just type your own prompt inside the entry box and press Enter.

Next steps: Insert, copy, retry, or refine

After you enter your prompt, Gemini generates a result, which appears in the side panel. Like all genAI tools, Gemini sometimes makes errors, so you’ll want to carefully check over its output.

If you’re happy with the result, you can click the arrow icon on the toolbar below it to insert the generated text, image, or other content into your document, email draft, slide, or spreadsheet. Or you can click the Copy button to copy it to your PC clipboard.

Gemini’s generated result appears in the side panel.

Howard Wen / Foundry

If you want to see what the result will look like in your document before inserting it, click the vertical three-dot icon (More options) and select Preview. If you wish, you can send Google feedback on the result by clicking the thumbs up or thumbs down icon on the toolbar.

Right above this toolbar, you may see a link labeled “Sources.” When clicked, this action will list the sources (your documents, emails, presentations, spreadsheets, etc.) that Gemini used to generate the content.

If you’re not happy with Gemini’s generated result, you can instruct it to generate a fresh result from your original prompt by selecting More options > Retry or More options > Retry with Google Search in the toolbar.

Below the toolbar you might see one or more additional prompt suggestions. Click a suggestion, and Gemini will generate a second result that builds on the first one.

Another option is to instruct Gemini to refine the current result rather than starting over from scratch. To do so, just type how you want the result refined into the entry box and press Enter.

A few additional tips for using the Gemini side panel:

• To erase your previous prompts and results from the panel, click the three-dot icon (More options) at the top of the Gemini side panel and click Clear history.
• To make the side panel larger so you can see the results better, click the Expand button immediately to the right of the More options button at the top of the panel.
• To close the side panel, click the X in its upper right corner.

7 useful tasks to try via the Gemini side panel

Now that you know how to use the side panel, let’s look at some specific use cases. There are too many possible actions to cover in this article, and Google adds new capabilities all the time. But here are some common examples of what you can prompt Gemini to do.

1. Summarize documents and emails

Gemini can quickly summarize your emails and files stored in Google Drive in a variety of ways.

In Docs, Sheets, and Slides: Open a document, spreadsheet, or presentation, then open the Gemini sidebar. When you do, Gemini automatically generates a summary of the file, provided that it has enough text or data content. The summary appears near the top of the Gemini panel; you may need to click the three-dot icon (View more) to see the whole thing.

Gemini can instantly summarize the contents of a document.

Howard Wen / Foundry

In Drive: Select a document or other file, then click Summarize this file on the toolbar above the file listing. This will open the Gemini side panel, and a summary for the contents of the file will be generated if possible.

Gemini can summarize documents stored in Google Drive.

Howard Wen / Foundry

You can summarize all the contents of a folder in Google Drive in the same way. Navigate to the folder in Drive, select it, and click Summarize this folder on the toolbar above the listing.

Another method to summarize files in Drive is to open the Gemini sidebar first, then write a prompt in the entry box telling it what you want it to summarize. Type summarize @ and start typing the document’s filename. A small menu of suggested files will open, and you can select the one you want.

If you can’t remember the filename, you can try describing the document or file, and Gemini may be able to determine which file you’re referring to. You can also instruct Gemini to summarize more than one document or file together.

Examples:

• Summarize the meeting notes from the July meeting
• Summarize @Office Budget Winter and @Office Budget Annual

In Gmail: Open an email or email thread first. Then, in the Gemini side panel, you can click a suggested prompt to generate a summary of the email or thread.

You can also prompt Gemini to summarize multiple emails, even if they’re not in a single thread. To do so, open the Gemini sidebar and describe what you want it to summarize in the entry box.

• Give me a summary of the emails that Saulo sent me regarding our upcoming meeting
• Summarize the emails I sent to Mona over the last week

Gemini can also summarize multiple emails based on a description you provide.

Howard Wen / Foundry

2. Extract specific info from files or emails

Instead of asking Gemini to summarize an entire document or email, try asking it questions about your files in Drive or about your emails in Gmail to extract specific information.

• What are the key points in @Business Plan: IT Consulting for Restaurant Management?
• How much is allocated for new technology purchases @Office Budget Annual?
• How much has [business name] charged me this year?

Ask Gemini for specific information from your emails and files.

Howard Wen / Foundry

3. Create a table

Gemini can generate a table template with headings, placeholder text, and even formulas in its cells. After you insert it into your document, email draft, slide, or spreadsheet, you fill out the table with your own data.

Gemini works best at designing tables for project management, so try describing a table that has dropdowns, lists, task lists, or to-dos. It can also generate a data table that you can insert into a spreadsheet and then create a chart from it.

• Make me a table depicting 12 months with 3 categories per month
• Create a table with dropdowns with selections that include Greek, Japanese, Italian for a business luncheon

A generated table template in Sheets.

Howard Wen / Foundry

When you create a table in Sheets, it will appear as an overlay on the spreadsheet. Click the Insert button below it to insert it in the spreadsheet.

Note: In Sheets, when you launch a new, blank spreadsheet, the Tables side panel will automatically open on the right. To switch to the Gemini side panel, either click the “Help me create a table” button in the Tables side panel or just click the nova star icon at the top of the screen.

If the spreadsheet you open already has data in the cells, and they’re not organized in a formal way, try clicking one of the Create a table suggested prompts. Gemini will generate a table with this data arranged in a neater fashion.

Finally, it’s worth noting that Sheets has another table template tool called Help Me Organize that we’ve covered previously. See “How to use Gemini AI to make templates in Google Sheets” for details on how to use it, along with ideas for crafting successful table prompts that would work in the Gemini sidebar as well.

4. Create an image

Describe the kind of image that you want Gemini to generate. In Slides, you can prompt Gemini to generate an image based on the content of the slide that you’re currently viewing in the main window.

• Create a cartoon of a giraffe reading a menu while seated at a restaurant table
• Create an image based on the current slide

In Slides, Gemini can create images related to the current slide’s content.

Howard Wen / Foundry

5. Write a text draft

You can use the Gemini side panel to generate a first draft for an email or document. In Docs or Gmail, open the side panel and type a prompt describing the kind of text that you want Gemini to generate.

• Create an opening paragraph pitching my IT consulting service for restaurant owners
• Create an email to send to Eric Jones in which I suggest we catch up at the tech conference in San Diego next week

Using email as an example, from the main page of your Gmail account, open the Gemini side panel and enter your prompt. If you like Gemini’s generated draft, click the Insert button, and a composition window for a new email will open with the generated text inserted into it. You can add or make changes before sending it out, or leave it in your Drafts folder to work on later.

A new email draft generated by Gemini.

Howard Wen / Foundry

The Gemini side panel will also present suggested prompts that you can click to guide you through refining or rephrasing your document or email draft.

All that said, a better way to generate and redo text is to use the Help Me Write tool (which is also powered by Gemini). See our story “How to use Gemini AI to write (and rewrite) in Google Docs and Gmail” for full instructions on using Help Me Write.

6. Create a formula in Sheets

Don’t know most of the formulas that you can use in Sheets, or want some ideas? Describe to Gemini the kind of calculation you want, and the AI will try to generate something workable. You can then insert the formula into a cell on your spreadsheet.

• Formula for the sum of Column B divided by 10 and then multiplied by 1.67
• Formula to calculate compound interest at 3.5% over 3 years

In Sheets, Gemini can help you create a formula.

Howard Wen / Foundry

7. Create a slide in Slides

In Slides, describe a slide that you want Gemini to generate.

You can even ask Gemini to create a slide based on the content of a document, spreadsheet, or other file in your Google Drive.

• Create a slide that introduces an annual business budget report
• Create a slide using @Office Budget Winter

Gemini can create a slide based on a document or other file.

Howard Wen / Foundry

This is just a sampling of what you can ask Gemini to do in Google Workspace apps. Once you start experimenting, you’ll likely find numerous ways it can help you in your work.

[ See more Google Workspace tips and tutorials ]

Cybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to leak secrets from repositories using the continuous integration and continuous delivery (CI/CD) workflow. The incident involved the tj-actions/changed-files GitHub Action, which is used in over 23,000 repositories. It's used to track and retrieve all

Cybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to leak secrets from repositories using the continuous integration and continuous delivery (CI/CD) workflow. The incident involved the tj-actions/changed-files GitHub Action, which is used in over 23,000 repositories. It's used to track and retrieve all Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

** Z běžného buzení telefonem se stal doslova horor ** Uživatel Pixelu aktivoval nouzový režim, který vytočil nouzové číslo ** Telefon ještě natočil intimní video, které poslal všem nouzovým kontaktům

A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers full control over their accounts and code. [...]

Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft 365 accounts credentials. [...]

Security researcher Yohanes Nugroho has released a decryptor for the Linux variant of Akira ransomware, which utilizes GPU power to retrieve the decryption key and unlock files for free. [...]

Cybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index (PyPI) repository with bogus libraries masquerading as "time" related utilities, but harboring hidden functionality to steal sensitive data such as cloud access tokens. Software supply chain security firm ReversingLabs said it discovered two sets of packages totaling 20 of them. The packages

Cybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index (PyPI) repository with bogus libraries masquerading as "time" related utilities, but harboring hidden functionality to steal sensitive data such as cloud access tokens. Software supply chain security firm ReversingLabs said it discovered two sets of packages totaling 20 of them. The packagesRavie Lakshmananhttp://www.blogger.com/profile/[email protected]

A large-scale Coinbase phishing attack poses as a mandatory wallet migration, tricking recipients into setting up a new wallet with a pre-generated recovery phrase controlled by attackers. [...]

Imagine a world of the near future where Android and Apple iOS users can message one another with the certainty that their communication is secured against eavesdropping by end-to-end encryption (E2EE).

And it would not only be for one-to-one chats, but across large groups of employees and users, something that is impossible to guarantee today without resorting to standalone apps such as WhatsApp.

These capabilities might soon be a reality, thanks to a technical specification released this week, the GSM Association’s RCS Universal Profile version 3.0.

In development since 2007 as a replacement for SMS, Rich Communication Services (RCS) already allows a range of features including read receipts, typing indicators, and media sharing. But E2EE security, a much more complex technical feat, has always proved elusive.

Thanks to some IETF-backed magic inside RCS 3.0 called the Messaging Layer Security (MLS) protocol, that is about to change. Specifications may come and go, but history suggests that the addition of security to a spec is always a significant moment when people start to feel more positive about its adoption; at least that’s what the GSMA is hoping.

This is especially true for businesses, which value two features above all: absolute certainty about messaging security, and the ability for employees to communicate in large groups. RCS 3.0 with MLS delivers on both fronts, said GSMA technical director, Tom Van Pelt.

“[This ensures] that messages and other content such as files remain confidential and secure as they travel between clients,” he said.

“RCS will be the first large-scale messaging service to support interoperable E2EE between client implementations from different providers. Together with other unique security features such as SIM-based authentication, E2EE will provide RCS users with the highest level of privacy and security for stronger protection from scams, fraud, and other security and privacy threats,” said Van Pelt.

RCS fragmentation

RCS 3.0’s big feature is interoperability, which makes it easier for different apps to implement the same features consistently.  Today, while RCS is widely implemented by OS platforms, mobile networks, and device makers, each does it in their own way. This has led to fragmentation, hindering uptake. 

The result is that if you want to send a secure RCS message between Android devices, you need to use Google’s own Messages app at both ends; it implements E2EE using the well-worn Signal protocol. Similarly, Apple adopted RCS in iMessage last year, but with a proprietary implementation of E2EE.

In short, it’s a confusing jumble. This is one reason why alternatives such as WhatsApp and Signal, both of which also use the Signal protocol, have become so popular; you get E2EE out of the box without compatibility worries, and they allow groups of up to 1,024 members.

Having a single protocol, MLS, covering E2EE changes the story. Now RCS with MLS can offer a range of advanced features including large groups, which are critical for businesses which need many-to-many communication. Right now, if even one user in a group is using an RCS app without compatible E2EE, the security of the whole group chat can be compromised. MLS gives every app maker one IETF standard to aim for.

The WhatsApp effect

Google has said it plans to adopt MLS inside Messages, which means replacing the proven Signal protocol that struggles to handle larger groups. That will take time, during which it will probably support one with a fallback to the other. Apple, too, said it is committed to MLS.

“We will add support for end-to-end encrypted RCS messages to iOS, iPadOS, macOS, and watchOS in future software updates,” said Apple spokesperson Shane Bauer, in support of the GSMA.

As the two biggest platform apps, these names are important. However, one that’s not on the RCS list yet is WhatsApp, an app for both Android and Apple that, with three billion users, operates in a parallel world to RCS-enabled apps.

WhatsApp is in no hurry to adopt MLS. For parent Meta, the real prize is to turn WhatsApp into a secure business communications platform that dominates the messaging space across multiple types of engagement. Despite that, it will eventually have to adopt MLS in some form, not least to comply with the EU’s Digital Markets Act, which mandates greater app interoperability.

“It’s questionable if and when WhatsApp and Signal are going to support this protocol, as both have already implemented end-to-end encryption within each respective ecosystem,” commented Arne Möhle, CEO of secure email provider Tuta Mail.

“As an encrypted email service, we can also say that interoperability is a challenge,” he added. “It comes with complications such as spam and phishing attempts, an issue that WhatsApp has had to fight hard against. This will get even worse once the app starts allowing people to chat with their friends on other platforms as well.”

But E2EE was only today’s privacy issue. Soon, he predicted, messaging platforms will need to evolve to counter the ability of quantum computers to undermine the security of public key encryption.

“The GSMA protocol needs to be updated with quantum-resistant encryption keys,” said Möhle.

Ironically, a major uncertainty is E2EE itself. This is now being probed by the UK government, which has decided to use Apple as its test case in a campaign to introduce backdoors into the encryption used in iCloud services. So far, Apple is resisting, choosing to disable security rather than allow surveillance. Talks are reportedly ongoing.

E2EE, which stores keys on devices rather than centrally, isn’t part of this effort, but might come under fire if the UK government reheats its controversial idea of client-side scanning (scanning messages before they are encrypted on-device).