Kategorie

The four-day work week was unthinkable, except in science fiction, as recently as five years ago. But one of the many things the COVID-19 pandemic taught us is that the structure of the workplace can change significantly and still be viable. That realization has opened the door to considering a work week of four 10-hour days or even 32 hours as a real possibility. 

The idea has been around since at least the 1950s; but until recently, it hasn’t been taken seriously.

A 2024 KPMG poll of 100 US CEOs found that nearly one-third of US companies are exploring the idea of dropping one day a week. That may sound unimpressive at first, but think about it for a moment. Let it sink in. 

This is only the vanguard.

Four-day week trials and studies have been surprisingly positive for both employees and employers. The large UK four-day work week pilot program was so successful that, of the 61 firms that participated, 92% said they would continue their four-day work week beyond the trial, including 29% that had already decided to make the change permanent. Earlier studies were also successful. And several companies have reported success in many facets of their business with their own trials, such as US-based Exos.

Employees are receptive to the idea. A Washington Post-Ipsos conducted a year ago showed that 75% of US workers would rather work four 10-hour days than five eight-hour days for the same pay. Meanwhile, according to a survey by cloud-software vendor Qualtrics, 92% of US workers are in favor of a shortened work week, even if it means working longer hours each day.

European countries may be ahead of the curve on shorter work weeks, with the UK and Germany undertaking large-scale trials; Iceland, Portugal, and Spain are also running pilot programs; and Belgium is the first country to pass a law that gives workers the option to work a four-day 40-hour week.

Analyzing the benefits

A shortened work week can help companies attract top talent, boost employee retention, reduce employee stress, lower the carbon footprint of employees (and potentially that of the company), and save employees money on commuting and childcare. The largest benefit, however, is a major boost to work-life balance, which appears to foster an increase in work productivity. (Check out this list of pros and cons of the 4-day work week.) 

The concurrent arrival of a host of generative AI tools should also bolster productivity, mitigating any risks when switching to a four-day work week. 

Those who oppose the notion might see productivity as chiefly measured by time — so many minutes equals so much productivity. And that might be true for assembly-line manufacturing, for example; the four-day work week isn’t for every company.

For many other jobs where what’s being created is intellectual property, ideas, strategic plans, sales, marketing, and software, for instance, intellectual acuity is the essential ingredient — and burn-out is a very real challenge in such roles. To be sharp, you need to be well-rested in mind and body. A four-day work week could well boost productivity in that kind of environment. 

Even before the pandemic, some companies had begun to loosen up. Casual Fridays became work-at-home Fridays, for instance. Switching to working four days a week seems like a natural progression in that scenario.

So, it’s not surprising that a common finding of many four-day-work-week trials is that employee productivity grows, even in 32-hour weeks. More days in a week allows for more meetings, more distractions, more long lunches, and more employee procrastination. Fewer days in a week forces employees to sharpen their time-management skills and focus on completing tasks. Getting your mind out of the job for three days recharges your batteries and brings new perspective to your work, which in turn can elevate productivity.

Implementing a four-day work week

To ensure this change is successful, companies can’t just flip a switch and suddenly tell everyone that they work four days a week. According to the Harvard Business Review, four-day work week initiatives “only work if companies undertake substantial work redesign to reduce hours while maintaining business outcomes. This means streamlining operations, removing administrative burdens, and prioritizing high-impact work.” 

For more information about successfully planning a four-day work week trial or roll-out, here are useful resources:

• How to implement a 4-day work week, according to a CEO —  Fast Company

• A guide to implementing the 4-day work week –— Harvard Business Review

• How to implement a 4-day work week for the whole organization –— MIT Sloan

• Four-day week: how workplaces can successfully establish it — The Conversation

• The 4-day work week schedule – An Implementation  Guide — Shiftbase

The future of work is a complex vista of remote work, hybrid work, return to office mandates, and flexible working arrangements affected by trends like genAI and the pursuit of work-life balance. A shorter work week is a significant alternative in the mix that could reshape work as we know it. What exactly that will look like is hard to predict, but it’s likely the four-day work week will play a leading role.

IT Strategy, Productivity Software, Technology Industry

The alarming discovery of a backdoor in the xz data compression library , which had the potential to compromise Linux systems, has dominated recent security news. While the backdoor did not make its way into production Linux distributions, the incident raises crucial questions about open-source security and the need for vigilance in the face of emerging threats.

A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity firm has assessed it to be a variant of a known malware called RedLine Stealer owing to the fact that the command-and-control (C2) server IP address has been previously identified as associated with the malware. RedLine Stealer,&nbsp

A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity firm has assessed it to be a variant of a known malware called RedLine Stealer owing to the fact that the command-and-control (C2) server IP address has been previously identified as associated with the malware. RedLine Stealer,&nbspNewsroomhttp://www.blogger.com/profile/[email protected]

Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as "intricate" and a combination of two bugs in versions PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 of the software. "In

Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as "intricate" and a combination of two bugs in versions PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 of the software. "In Newsroomhttp://www.blogger.com/profile/[email protected]

Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild. "CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files," CrushFTP said in an advisory released Friday.

Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild. "CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files," CrushFTP said in an advisory released Friday.Newsroomhttp://www.blogger.com/profile/[email protected]

The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on Windows systems but later shifted its attention to Linux servers, mainly targeting VMware ESXi virtual machines. The ransomware leverages different methods for initial access to target networks, such as exploiting known flaws in Cisco appliances, spear phishing, and abusing VPN services lacking multi-factor authentication protections. It also utilizes various tools for setting up persistence, privilege escalation, and lateral movement within networks.

While politicians who should know better waste time worrying about green bubbles, Apple continues to explore opportunities in global markets as its traditional ones become increasingly stagnant. 

Apple is also seeking ways to become less exposed to America’s growing politically driven tension against China, a nation that has been a strong partner for Cupertino — and therefore, also for US soft power’s success.

Following his visit to China in March, Apple CEO Tim Cook spent a week in Indonesia, Vietnam, and Singapore. The week was no idle executive jolly, nor should it be seen as an opportunity to purchase some new carbon offsets to justify use of the executive jet. Apple’s boss was there to do business — with a few splendid social media moments to add a little extra shine. 

Preparing the ground in Vietnam

During a two-day visit to Vietnam, Cook announced plans to increase spending on manufacturing suppliers there. Luxshare, Foxconn, Compal, and GoerTek already employ 150,000 people in Vietnam, while Apple and third parties support another 50,000 jobs. “From cooperating with local suppliers, to supporting clean water projects and educational opportunities, we are committed to continuing to strengthen connections in Vietnam,” Cook said in a statement.

The current thinking is that Apple sees Vietnam as a hub for Mac, AirPod production.

Nurturing talent in Indonesia

Cook’s tour then stopped in Indonesia, where Apple’s leader met President Joko Widodo to discuss potential investments. Cook even spoke at a news conference, during which he confirmed discussions about manufacturing and characterized the investment opportunity there as “endless.”

Apple doesn’t really have a strong manufacturing connection with Indonesia, but is making significant investments in people there. During Cook’s visit, the company announced its fourth developer academy in Bali. “We’ve seen many times over that a line of code can change the world — and in Indonesia, we’re investing in the creativity and skills of people determined to prove it,” Cook said in a statement. 

Expanding corporate staff in Singapore

Finally, Cook stopped in Singapore, where he visited Apple stores and the company’s new Developer Center. Apple had big news here too, announcing a $250 million investment to extend its existing campus in Ang Mo Kio. That campus is believed to act as a regional hub for corporate operations across the region. Apple first opened up in Singapore in 1981 when it was making the Apple II systems.

Feet on the ground

Apple’s connection with the region is nothing new. It has worked with suppliers and manufacturers across the Asia-Pacific region for years and Cook led those teams. While he was Apple’s Chief Operating Office, he was the leading architect of the company’s globalized, highly efficient supply chain. (He might have engaged in similar negotiations before Apple, when he led procurement at Compaq.)

Staying in the arena

Today, as Apple battles stormy regulatory seas, Cook seems to be leaning deep into his experience to guide the company through. That means meeting national leaders at the highest level in countries in which he sees signs of future opportunity. It builds on Cook’s track record — Apple’s work in India means that nation is accelerating to become a top three market for the company, and the company’s investments across the region should help it build its presence across adjacent national economies.

After all, as Cook once said, “The sidelines are not where you want to live your life. The world needs you in the arena,” and keeping that place in that arena is precisely what Apple needs to do. It’s also important to note that it’s about this time of year the company finalizes production deals with suppliers across the region.

Given the strategic importance of those arrangements, particularly during such interesting times, who better to sign the final commitment than the CEO? After all, we know new iPhones, Macs, iPads, and Vision family products are coming. They just won’t necessarily be made in China.

Please follow me on Mastodon, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Apple, Manufacturing Industry, Vendors and Providers

Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part of a recent cyber attack wave. The intrusions pave the way for an updated version of modular backdoor dubbed Waterbear as well as its enhanced successor referred to as Deuterbear. Cybersecurity firm Trend Micro is tracking the

Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part of a recent cyber attack wave. The intrusions pave the way for an updated version of modular backdoor dubbed Waterbear as well as its enhanced successor referred to as Deuterbear. Cybersecurity firm Trend Micro is tracking the Newsroomhttp://www.blogger.com/profile/[email protected]

Microsoft is reminding customers that support for its Office 2016 and Office 2019 suites and related productivity servers will end on Oct. 14, 2025. 

Microsoft issued the reminder this week that applications in the two Office suites — including versions of Excel, Outlook, PowerPoint, Word, and others — will no longer receive security fixes, bug fixes, and technical updates after the support date passes. 

That’s also true for Exchange Server 2016 and 2019, as well as Skype for Business Server 2015 and 2019, Microsoft said in a blog post Monday (Oct. 14, 2025 also happens to be the same date for Windows 10 support to end.)

Using these products after the end of support  leaves  business users vulnerable to “potential security threats, productivity losses, and compliance issues,” said Mariana Prudencio, senior product marketing manager at Microsoft. 

Not surprisingly, the company is pushing customers to cloud-based options. Microsoft recommends customers update to cloud-hosted versions of the software such as Microsoft 365 E3. Another option for Office 2016 and 2019 users is the Office Long-Term Servicing Channel, Microsoft said, which extends support into 2026.

Those that want to continue running Exchange Server on-premises are advised to prepare to migrate to the upcoming Exchange Server slated to arrive in 2025 prior to the end of support date. Microsoft recommends customers move to Exchange Server 2019 to ease this transition.

Businesses should be particularly wary of the looming end of support for Exchange servers, said Jack Gold, founder and principal analyst at J. Gold Associates. 

A lack of security updates would expose them to “a lot of risk,” he said, “since a large portion of threats are targeted against email and email servers, and stolen identities pose a big risk here.” Businesses that continue to run Exchange on-prem tend to be smaller, so it might be more difficult or costly for them to migrate, said Gold. 

“The larger companies have mostly migrated to online already,” he said.

End of support for the Office suites, on the other hand, is less problematic, said Gold, particularly for small business users. While security updates are important, smaller firms tend to run third-party antivirus and other security tools that can mitigate many potential threats. 

Some smaller business will look to migrate to Microsoft’s cloud-based Office apps, but many will opt to remain on the outdated versions past the support date and update the software in line with upgrades of other equipment. 

“And it is still possible to buy a standalone Office suite if you’re not in need of back-end servers, as many smaller businesses don’t require, so you can update that way,” said Gold. 

Microsoft, Microsoft Office, Office Suites

Aimed at accelerating progress in AI development and responsible AI deployment, Alphabet-owned Google is consolidating its teams responsible for building AI models across Google Research and Google DeepMind, CEO Sundar Pichai said Thursday in a note to its employees. All AI “work will now sit in Google DeepMind,” Pichai said in the note.

The restructuring will “scale our capacity to deliver capable AI for our users, partners and customers,” Pichai said. “This will simplify development by concentrating compute-intensive model building in one place and establishing single access points for PAs looking to take these models and build generative AI applications.”

The Google DeepMind team will be led by Demis Hassabis.

Google formed Google DeepMind a year ago by combining two research teams in the AI field — the Brain Team of Google Research, and DeepMind. This focused team, backed by the computational prowess of Google “will significantly accelerate our progress in AI,” Pichai had said in an April 2023 note. Gemini models were created by Google DeepMind.

Google Research is the research arm of Google, dedicated to AI and computer science to develop next-generation technologies that benefit Google products having key focus areas including AI/ML, Responsible Human-centric Technology, Science & Societal Impact, Computing Paradigms, and Algorithms and Optimization.

What’s new now?

Google is now consolidating all its AI units one to “simplify our structure and improve velocity and execution — such as bringing together the Brain team in Google Research with teams in DeepMind, which helped accelerate our Gemini models; unifying our ML infrastructure and ML developer teams to enable faster decisions, smarter compute allocation, and a better customer experience; and bringing our Search teams under one leader,” the note added.

The move, Pichai said, also gives Google Research a clear mandate to continue investing in three key areas that align with Google’s mission — computing systems, foundational ML and algorithms, and applied science and society.

“Consolidating all of Google’s AI teams, including Google Research and DeepMind, into one unit under Google DeepMind likely reflects a strategic move aimed at streamlining and optimizing AI development and deployment across the company,” said Pradeepta Mishra, an AI expert and co-founder of data privacy firm Data Safeguard.

Besides, Google is reaffirming its commitment to responsible AI deployment by ramping up its Responsible AI Team’s roles and accountability. Teams focusing on Responsible AI within the Google Research team will now move to Google DeepMind to be closer to ‘where the models are built and scaled’, said the note.

Similarly, “other responsibility teams” are moving into our central “Trust and Safety” team where the company is investing more in “AI testing and evaluations” to enhance product accuracy and responsiveness. “These shifts create clearer responsibility and accountability at every level as we build and deploy, and strengthen the feedback loop between models, products, and users,” Pichai added in the note.

Recognizing the potential of AI, Google is also formalizing collaboration between its AI divisions, software, and computing platforms. “So we are formalizing the collaboration between DSPA and P&E and bringing the teams together in a new PA called Platforms & Devices.”

Having a unified team across Platforms & Devices will help Google deliver higher-quality products and experiences for its users and partners, Pichai said. It will help us turbocharge the Android and Chrome ecosystems, and bring the best innovations to partners faster — as we did with Circle to Search with Samsung. And internally, it will also speed up decision-making.”

How it helps Google

Merging teams eliminates redundancy and fosters closer collaboration between researchers and developers. This could accelerate the development cycle for new AI products and features. All these moves, Pichai said in the note, “will help us work with greater focus and clarity towards our mission.”

“With one central unit, decision-making around resource allocation and project priorities becomes more efficient,” Mishra added. The AI landscape is fiercely competitive. Data Safeguard’s Mishra said this consolidation could help Google “stay ahead of the curve by accelerating innovation.”

“By integrating research and development under one roof, Google might create more unified and impactful AI products across its platforms (Search, Assistant, etc.). Streamlined operations could lead to better resource utilization and potentially cost savings,” said Mishra.

Google

Attackers are increasingly making use of “networkless” attack techniques targeting cloud apps and identities. Here’s how attackers can (and are) compromising organizations – without ever needing to touch the endpoint or conventional networked systems and services.  Before getting into the details of the attack techniques being used, let’s discuss why

Attackers are increasingly making use of “networkless” attack techniques targeting cloud apps and identities. Here’s how attackers can (and are) compromising organizations – without ever needing to touch the endpoint or conventional networked systems and services.  Before getting into the details of the attack techniques being used, let’s discuss why The Hacker Newshttp://www.blogger.com/profile/[email protected]

Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than 250 victims as of January 1, 2024. "Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia," cybersecurity agencies from the Netherlands and the U.S.,

Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than 250 victims as of January 1, 2024. "Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia," cybersecurity agencies from the Netherlands and the U.S., Newsroomhttp://www.blogger.com/profile/[email protected]

In the world of open-source software , security vulnerabilities can have widespread consequences. The recent publication of a Linux privilege-escalation proof-of-concept exploit has sent shockwaves through the Linux community, demanding the immediate attention of Linux admins, infosec professionals, internet security enthusiasts, and sysadmins.

Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it discovered the activity in February 2024, with evidence suggesting that it may have been active since at least a year prior. The campaign has been codenamed