Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Infostealer campaign compromises 10 npm packages, targets devs

Bleeping Computer - 27 Březen, 2025 - 22:22
Ten npm packages were suddenly updated with malicious code yesterday to steal environment variables and other sensitive data from developers' systems. [...]
Kategorie: Hacking & Security

Chinese FamousSparrow hackers deploy upgraded malware in attacks

Bleeping Computer - 27 Březen, 2025 - 20:38
A China-linked cyberespionage group known as 'FamousSparrow' was observed using a new modular version of its signature backdoor 'SparrowDoor' against a US-based trade organization. [...]
Kategorie: Hacking & Security

Windows 11 KB5053656 update released with 38 changes and fixes

Bleeping Computer - 27 Březen, 2025 - 20:21
​​Microsoft has released the KB5053656 preview cumulative update for Windows 11 24H2 with 38 changes, including real-time translation on AMD and Intel-powered Copilot+ PCs and fixes for authentication and blue-screen issues. [...]
Kategorie: Hacking & Security

US, other G7 nations, fall behind in global tech race, study finds

Computerworld.com [Hacking News] - 27 Březen, 2025 - 20:06

The “Group of 7” (G7) nations are falling behind in key tech economic indicators such as high-tech exports, the number of software developers, and AI-related patent filings, endangering their future competitiveness, according to new study by London-based workforce consultancy SThree and the Center for Economics and Business Research (Cebr).

In fact, not one G7 nation made it into the top 10 — a “clear warning sign” for the future, the study warned. (The G7 consists of the US, UK, Canada, France, Germany, Italy, Japan, and the European Union as a non-enumerated member.)

“Once the global epicenter for innovation, these countries are now facing stiff competition from emerging tech hubs,” said SThree CEO Timo Lehne.The challenge is no longer simply about maintaining their position; it’s about ensuring they lead the charge in fostering innovation and nurturing the businesses that will drive the future of global technology.”

Without focusing on innovation and future industries, tech leadership by the G7 is no longer guaranteed, Lehne said.

Tech advances are reshaping the global economy, with industries such as AI, automation, and clean energy relying on a STEM-skilled workforce. As a result, countries investing in science, technology, engineering and math (STEM) education and training will drive growth; those that don’t may fall behind, according to the report.

The G7 has already seen the effects of reduced competitiveness this year, with the US’s “Magnificent Seven” (Apple, Microsoft, Amazon, Nvidia, Alphabet, Meta, and Tesla) losing $1.5 trillion in market value since the start of 2025. The companies saw similar losses in just a few days last year as well.

According to SThree, the US has slipped several spots and is now behind the UK and Canada in tech competitiveness, while Singapore, Ireland, and Australia all secured top-10 spots based on STEM skills and training.

Asian countries occupied the top spots in the “Foundational Education Pillar,” with Singapore on top, followed by Japan and South Korea. Estonia was the top-scoring European nation at No. 4.

SThree and the Centre for Economics and Business Research

Singapore’s success can be attributed to its focus on services, R&D, and innovation, according to industry observers. The nation’s government has an Economic Development Board (EDB), which works to attract and grow industries, and it has shifted its focus from low-cost manufacturing to high-value sectors such as aerospace and semiconductors. It has also become a hub for digital technologies, with many companies relocating their headquarters from Hong Kong due to China’s influence over that territory, which it reclaimed in 1997.

Education and research institutes in Singapore focus on developing a skilled workforce in tech fields like AI, while companies benefit from funded research partnerships. Singapore has also nurtured a number of tech unicorns including Lazada, Grab, and Ninja Van, promotes fintech through annual events, and has easy work visa access.

The study didn’t include some large economies such as China, India or any African nation because of “a lack of data availability within those countries.” Yet, researchers noted that not including China “is arguably the biggest omission in this year’s index. From what we know, China’s STEM ecosystem is developing very quickly. It boasts 63 of the top 500 research institutions, it is increasingly seen as a research superpower that is competing with the likes of the United States and Europe, and is investing heavily in R&D3.”

Switzerland and Sweden got top marks for STEM skills, while Denmark passed Sweden for second place for Life Sciences, according to the study. Finland and the Republic of Korea saw improved scores on engineering skills, coming in first and second, respectively.

Although the UK and US refused to sign last month’s European Union AI agreement regulating the technology, each ranks 11th and 16th, respectively, for AI patents, with Korea, Japan, and Singapore at the top.

“The lack of competitiveness in the G7 was felt when US tech giants lost $1.13 trillion in market value, affecting companies like Germany’s Infineon and Japan’s SoftBank,” the study said, pointing to losses in 2024. “In overall tech rankings, Singapore, Ireland, and Australia lead in fostering tech innovation, surpassing all G7 nations.”

The importance of investing in STEM

Singapore has skyrocketed in tech innovation and exports for a myriad of reasons, not the least of which is because STEM skills can boost critical thinking and problem-solving across any role.

Cebr and SThree used 26 indicators in areas like education, workforce integration, industry opportunities, and innovation to develop their index ranking 35 countries based on STEM skills. Success depends on collaboration between governments, businesses, and education to build a skilled STEM workforce.

A growing number of organizations are dropping traditional college degree requirements in favor of skills gained through alternative methods. Large companies, including Boeing, Walmart, and IBM, have signed on to varying skills-based employment projects, such as the Rework America Alliance, the Business Roundtable’s Multiple Pathways program, and the campaign to Tear the Paper Ceiling, pledging to implement skills-based practices, according to McKinsey & Co.

“So far, they’ve removed degree requirements from certain job postings and have worked with other organizations to help workers progress from lower- to higher-wage jobs,” McKinsey said in a November report.

Skills-based hiring helps companies find and attract a broader pool of candidates better suited to fill positions long term, and it opens up opportunities to non-traditional candidates, including women and minorities, according to McKinsey.

Kategorie: Hacking & Security

Microsoft: New Windows scheduled task will launch Office apps faster

Bleeping Computer - 27 Březen, 2025 - 19:00
​In May, Microsoft plans to roll out a new Windows scheduled task that launches automatically to help Microsoft Office apps load faster. [...]
Kategorie: Hacking & Security

New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records

The Hacker News - 27 Březen, 2025 - 18:58
Cybersecurity researchers have shed light on a new phishing-as-a-service (PhaaS) platform that leverages the Domain Name System (DNS) mail exchange (MX) records to serve fake login pages that impersonate about 114 brands. DNS intelligence firm Infoblox is tracking the actor behind the PhaaS, the phishing kit, and the related activity under the moniker Morphing Meerkat. "The threat actor behind
Kategorie: Hacking & Security

New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records

The Hacker News - 27 Březen, 2025 - 18:58
Cybersecurity researchers have shed light on a new phishing-as-a-service (PhaaS) platform that leverages the Domain Name System (DNS) mail exchange (MX) records to serve fake login pages that impersonate about 114 brands. DNS intelligence firm Infoblox is tracking the actor behind the PhaaS, the phishing kit, and the related activity under the moniker Morphing Meerkat. "The threat actor behind Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

The 4 WordPress flaws hackers targeted the most in Q1 2025

Bleeping Computer - 27 Březen, 2025 - 18:29
A new report sheds light on the most targeted WordPress plugin vulnerabilities hackers used in the first quarter of 2025 to compromise sites. [...]
Kategorie: Hacking & Security

Mozilla warns Windows users of critical Firefox sandbox escape flaw

Bleeping Computer - 27 Březen, 2025 - 16:48
Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser's sandbox on Windows systems. [...]
Kategorie: Hacking & Security

WhatsApp's Meta AI is now rolling out in Europe, and it can't be turned off

Bleeping Computer - 27 Březen, 2025 - 16:31
You can't escape Meta AI in WhatsApp even if you are based in one of the 41 European countries, with the feature now rolling out to more devices. [...]
Kategorie: Hacking & Security

Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks

The Hacker News - 27 Březen, 2025 - 16:10
A new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play. The connection stems from the use of a custom tool that's designed to disable endpoint detection and response (EDR) software on compromised hosts, according to ESET. The EDR killing tool, dubbed EDRKillShifter, was first documented as used by RansomHub actors in
Kategorie: Hacking & Security

Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks

The Hacker News - 27 Březen, 2025 - 16:10
A new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play. The connection stems from the use of a custom tool that's designed to disable endpoint detection and response (EDR) software on compromised hosts, according to ESET. The EDR killing tool, dubbed EDRKillShifter, was first documented as used by RansomHub actors in Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Recent Windows Server 2025 updates cause Remote Desktop freezes

Bleeping Computer - 27 Březen, 2025 - 15:59
​Microsoft says a known issue is causing Remote Desktop freezes on Windows Server 2025 systems after installing security updates released since the February 2025 Patch Tuesday. [...]
Kategorie: Hacking & Security

Vivaldi integrates Proton VPN into the browser to fight web tracking

Bleeping Computer - 27 Březen, 2025 - 15:39
Vivaldi has announced the integration of Proton VPN directly into its browser without requiring add-on downloads or plugin activations, allowing users to protect their data against 'Big Tech' surveillance for free. [...]
Kategorie: Hacking & Security

Qualcomm launches global antitrust offensive against Arm, accusing it of stifling competition

Computerworld.com [Hacking News] - 27 Březen, 2025 - 15:37

Qualcomm has launched a global antitrust offensive against Arm Holdings, accusing its longtime partner of anti-competitive practices in regulatory complaints filed across three continents. This escalating legal battle marks a significant shift in the relationship between two of the most influential players in the semiconductor industry.

The unprecedented legal offensive spans three continents, with Qualcomm filing complaints with the European Commission, US Federal Trade Commission, and Korea Fair Trade Commission, reported Bloomberg.

The dispute threatens to upend the global technology supply chain, potentially impacting billions of devices — from smartphones and laptops to AI-driven systems and data center infrastructure. At stake is the future of semiconductor intellectual property licensing, with potential ripple effects including increased costs for manufacturers and consumers, as well as heightened uncertainty across an industry that relies heavily on Arm’s processor designs.

A shifting semiconductor landscape

The dispute centers on Arm’s shift from an open licensing model — under which chipmakers like Qualcomm could develop custom processors based on Arm’s designs — to a more restrictive approach favoring its own chip products. Qualcomm argues that this move threatens competition in the semiconductor industry, which has relied on Arm’s technology for over two decades.

The chipmaker argues that Arm is undermining the competitive ecosystem it previously cultivated by pursuing its own chipmaking ambitions.

Arm has received the EU complaint and preparing to respond, the report added.

The report also said that Qualcomm met with US Federal Trade Commission officials in Washington earlier this year to discuss its concerns. The company has accused Arm of withholding critical technology that should be provided under existing license agreements.

Additionally, Qualcomm has raised similar concerns with South Korea’s antitrust regulator, the report added citing people familiar with the development.

The dispute emerges against the backdrop of Arm’s recent strategic pivot, including its controversial decision to design and sell server chips directly to Meta — a move that has already disrupted traditional industry dynamics.

As Arm continues to push forward with its strategic vision — including its direct chip design efforts — the stakes have never been higher in this high-stakes technological chess match.

“Arm remains focused on enhancing innovation, promoting competition, and respecting contractual rights and obligations. Any allegation of anti-competitive conduct is nothing more than a desperate attempt by Qualcomm to detract from the merits and expand the parties’ ongoing commercial dispute for its own competitive benefit. Arm is confident that it will ultimately prevail in this dispute,” an Arm spokesperson said.

Qualcomm did not comment on the development.

Market dynamics and technological shifts

At the heart of the conflict lies Arm’s instruction set architecture — the fundamental code enabling software communication with processors. Qualcomm’s challenge extends beyond immediate commercial interests, potentially questioning the very mechanisms of technological licensing and intellectual property management in the semiconductor sector.

The complaints come as regulators worldwide scrutinize the evolving dynamics of the semiconductor market. Arm, which is majority-owned by Japan’s SoftBank, licenses its processor architecture to a vast ecosystem of chipmakers, including Apple and MediaTek.

However, under CEO Rene Haas, the company has moved toward offering more complete chip designs, competing directly with some of its own customers. That move signaled a dramatic shift from Arm’s traditional role as a neutral technology licensing company to a direct competitor in the semiconductor market.

This strategic repositioning has fundamentally altered the company’s relationship with long-standing partners like Qualcomm, Nvidia, and Apple.

However, both companies are maneuvering to capitalize on the expanding computing market, particularly in AI and high-performance computing. The smartphone chip market — previously a primary revenue source — has become increasingly saturated, pushing companies to seek new growth opportunities.

Arm’s response to the allegations has been robust and devoid of any wrongdoing. The company stated it remains “focused on enhancing innovation, promoting competition, and respecting contractual rights and obligations,” characterizing Qualcomm’s complaints as “a desperate attempt to detract from the merits” of their ongoing commercial dispute, the report added.

Potential industry ramifications

The ongoing legal and regulatory battles between Qualcomm and Arm highlight broader tensions in the semiconductor industry, particularly as companies position themselves to capitalize on growing demand for computing chips beyond smartphones. AI, data centers, and enterprise computing are emerging as key battlegrounds, with chipmakers vying for market dominance.

Both companies have a history of regulatory challenges. Qualcomm, which previously faced scrutiny over its own licensing practices, has largely prevailed in antitrust cases, including a high-profile appeal against the FTC. Meanwhile, Arm is under pressure to sustain growth following its failed acquisition by Nvidia in 2022 and its subsequent public listing.

With court-ordered mediation talks scheduled and multiple regulatory investigations underway, the technology industry will be watching closely. The outcome could significantly reshape the semiconductor landscape, influencing how chip design companies interact with their customers and compete in an increasingly complex market.

Kategorie: Hacking & Security

APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware

The Hacker News - 27 Březen, 2025 - 14:31
An advanced persistent threat (APT) group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India's public sector postal system as part of a campaign designed to infect both Windows and Android users in the country. Cybersecurity company CYFIRMA has attributed the campaign with medium confidence to a threat actor called APT36, which is also known as
Kategorie: Hacking & Security

APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware

The Hacker News - 27 Březen, 2025 - 14:31
An advanced persistent threat (APT) group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India's public sector postal system as part of a campaign designed to infect both Windows and Android users in the country. Cybersecurity company CYFIRMA has attributed the campaign with medium confidence to a threat actor called APT36, which is also known as Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Dozens of solar inverter flaws could be exploited to attack power grids

Bleeping Computer - 27 Březen, 2025 - 14:00
Dozens of vulnerabilities in products from three leading makers of solar inverters, Sungrow, Growatt, and SMA, could be exploited to control devices or execute code remotely on the vendor's cloud platform. [...]
Kategorie: Hacking & Security

New Report Explains Why CASB Solutions Fail to Address Shadow SaaS and How to Fix It

The Hacker News - 27 Březen, 2025 - 13:25
Whether it’s CRMs, project management tools, payment processors, or lead management tools - your workforce is using SaaS applications by the pound. Organizations often rely on traditional CASB solutions for protecting against malicious access and data exfiltration, but these fall short for protecting against shadow SaaS, data damage, and more. A new report, Understanding SaaS Security Risks: Why
Kategorie: Hacking & Security

New Report Explains Why CASB Solutions Fail to Address Shadow SaaS and How to Fix It

The Hacker News - 27 Březen, 2025 - 13:25
Whether it’s CRMs, project management tools, payment processors, or lead management tools - your workforce is using SaaS applications by the pound. Organizations often rely on traditional CASB solutions for protecting against malicious access and data exfiltration, but these fall short for protecting against shadow SaaS, data damage, and more. A new report, Understanding SaaS Security Risks: [email protected]
Kategorie: Hacking & Security
Syndikovat obsah