Agregátor RSS

Průmyslové kopírky v Korejské lidově demokratické republice se zřejmě rozjely naplno. Státní tisková agentura Čosŏn Čungangtchongsin (KCNA) se totiž pochlubila snímky salvového raketometu, který jako by z oka vypadl M142 HIMARS. Kromě této kopie americké technologie Korejci testovali také novou ...

AMD obnovilo výrobu Ryzenu 7 5800X3D a uvedlo i nový model 7700X3D. • Podporu platformy AM5 prodlužuje do roku 2029, až do generace Zen 7. • Po roce čínské exkluzivity dorazí také grafiky Radeon RX 9070 GRE.

Intel is invading the physical AI space with a reentry into the robotics market it quit many years ago amid financial struggles.

The robotics strategy is part of the company’s larger plan to establish AI on the “edge,” in which devices have the computing capability to run AI locally. Many devices lack AI capabilities and have to offload processing to the cloud.

The chipmaker said its Intel Series 3 processors are now in 130 edge AI and robotics designs. It also had a design win with SensoryAI, which provides technology for robots that include Ella, a robotic barista made by Crown Digital.

The company’s Core Ultra Series 3 processors are derivatives of chip designs intended for laptops. But Intel has achieved a level of power efficiency for long battery life that allows those chips to be adapted for handheld devices and laptops.

Intel also said it can build advanced robotics chips thanks to its latest manufacturing technologies.

For example, many robotic functions, such as computer vision and real-time controls, can be integrated into a single chip. Previously, functions like graphics and movement and control were distributed among different cores in a chip.

SensoryAI, for example, has a chip architecture that provides the robotic barista — which is more like a robotic arm — with AI capabilities, Intel said.

The main “Avatar” agent handles customers as the main “Ella” agent reasons and executes the task. If Ella encounters errors, it passes on the issue to a Guardian agent, which helps with the recovery. Some issues could include making sense of an order, or cups that might be stuck. 

The three agents are embedded in a single piece of Core Ultra Series 3 silicon.

Intel is displaying some of those robots at the Computex trade show in Taiwan. The company shared a video of a humanoid-style robot from the floor in a X.com post  

This is not Intel’s first attempt at the robotics market. Intel sold robotics chips and kits when it was a dominant chip player in the field, but curtailed efforts in 2021 after Pat Gelsinger took over as CEO and restructured the company to focus on manufacturing.

Robotics is now back on the menu under new Intel CEO Lip-Bu Tan, who replaced Gelsinger last year. He has restructured to company to focus on high-growth areas that can generate high returns.

A Morgan Stanley study last year indicated the robotics market could be worth $5 trillion by 2050 — and more than 1 billion humanoid robots could be in operation. 

Robots are seen to improve human productivity and manufacturing output. For example, they could help factories that are facing labor shortages or be used to complete tasks that are dangerous. 

However, challenges remain. There isn’t yet enough real-world data to train robots to do targeted work. And the AI models — generally called world models — they will need are still under development. 

Training robots to do a specific job requires a sequence of events to happen in succession without any errors. Companies are still training robots to spot and understand errors, analyze possible resolutions, and take the right corrective action.

The Centre for Cybersecurity Belgium (CCB), the country's national authority for cybersecurity, warned on Friday that threat actors are now exploiting a recently patched critical Windows Netlogon vulnerability in attacks. [...]

Palo Alto customers are being been told to patch yet another internet-facing security flaw after researchers caught attackers bypassing GlobalProtect authentication and gaining unauthorized VPN access. The flaw, tracked as CVE-2026-0257, affects PAN-OS deployments using GlobalProtect authentication override cookies under specific configurations. Palo Alto disclosed the bug on May 13 and initially assigned it a medium-severity rating, saying it was aware of attempts to exploit it but had not observed any malicious exploitation. That assessment has not aged well. Security boffins at Rapid7 said they observed successful exploitation across multiple customer environments dating back to at least May 17 and validated the attack technique using its own proof-of-concept testing. Attackers established unauthorized VPN sessions on vulnerable systems, potentially granting access to internal corporate networks without legitimate credentials, it added. Rapid7's analysis suggests the flaw comes down to how PAN-OS trusts authentication override cookies. In certain deployments, hackers can create their own cookies and have the firewall accept them as legitimate. The risk is highest where the same certificate is used for both HTTPS services and authentication override cookies, giving the baddies access to the information needed to generate convincing fakes. Rapid7 said it observed multiple waves of activity targeting vulnerable devices. In some cases, cybercrims successfully obtained VPN IP addresses and network access, but the company said it didn’t observe evidence of successful lateral movement following initial access in the incidents it investigated. The flaw has now landed in CISA's Known Exploited Vulnerabilities catalog, with federal agencies given until June 1 to patch or otherwise secure affected systems. Palo Alto has also revised its advisory, elevating the severity rating and attaching its highest urgency label. Fixes are available for supported releases. "Palo Alto Networks has become aware of limited exploit attempts on unpatched PAN-OS devices without mitigations applied," the firm said in an update. The latest PAN-OS headache arrives less than a month after another Palo Alto emergency. In May, state-backed attackers were found exploiting CVE-2026-0300, a critical remote code execution flaw in the PAN-OS User-ID Authentication Portal, before patches became widely available. Organizations running vulnerable GlobalProtect gateways now face a familiar choice: patch quickly or find out whether someone else gets there first.®

Network incidents are often detected quickly, but investigations and coordination can delay resolution. Join our webinar tomorrow to learn how automation and AI-assisted workflows can help IT teams accelerate incident response. [...]

IBM has launched a tool designed to help customers assess cloud-sovereignty risks and meet regulatory compliance requirements. 

The Sovereignty Risk Profile launch comes as digital sovereignty becomes a higher priority for organizations concerned about where data is stored and processed. According to an IBM survey, 93% of executives believe sovereignty needs to be part of their business strategy.  

Via the new tool, customers can set up policies related to regulatory and business requirements — such as where data resides and how it’s protected, for instance. These policies can be applied to specific cloud workloads, regions, or zones in the Sovereignty Risk Profile tool, allowing users to track sovereignty requirements “in real time,” IBM Cloud product manager Janet Van said in a blog post, with “visibility into configurations, encryption posture, and environmental controls.” 

It’s then possible to assess compliance and decide what workloads meet sovereignty requirements. 

Tracking the factors that contribute to sovereignty is a challenge for many organizations, said Holger Mueller, vice president and principal analyst at Constellation Research. “It is very difficult, as you don’t know about the details of the stacks; sometimes, even the location of data is not fully transparent,” he said.

The Sovereignty Risk Profile “addresses many of the compliance-related requirements associated with data residency and encryption, while also tackling sovereignty from a resilience and concentration-risk perspective,” said Dario Maisto, senior analyst at Forrester.

However, the monitoring tool can only do so much to address digital sovereignty concerns, he said. While it can help organizations identify and report on potential issues, it “does not help [make] clients more or less sovereign, per se: it has only the potential to tell that a sovereignty problem is there.”

Broader questions around digital sovereignty remain difficult to address, he said, as there’s no universally accepted definition of the concept and limited legislation to establish clear requirements. 

Mueller described a spectrum of sovereignty issues that depend on factors such as whether data is stored, processed, and backed up in a customer’s own country, as well as whether staff that operate the data are domestic nationals. “Then there is the sovereignty of the software supply chain — but here everybody is dependent,” he said.

To further complicate matters, while several US hyperscalers sell sovereign-branded cloud services to European customers — with local staff and infrastructure —  concerns remain about the potential for extra-jurisdictional access to data, due to the US CLOUD Act and the US Foreign Intelligence Surveillance Act (FISA).

The Sovereignty Risk Profile is available within IBM’s Security and Compliance Center Workload Protection. It’s the latest in a range of IBM Cloud products aimed at addressing customers’ sovereignty concerns, including the recently launched IBM Sovereign Core software platform. 

A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent. According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments

A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent. According to Seqrite Labs, targets of the campaign include government, research, academic, technology, and financial services sectors. The activity entails distributing spear-phishing emails containing ZIP attachments Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Canonical přebírá od Googlu roli hlavního správce desktopové části frameworku Flutter pro Linux, Windows a macOS. Jednomu podnikavému vývojáři systému Haiku se podařilo zprovoznit tento operační systém na hardwaru Apple M1.

Microsoft is working to address an ongoing incident preventing customers from setting up multi-factor authentication (MFA) or accessing the My Sign-Ins platform. [...]

Microsoft is working to address an ongoing incident preventing customers from setting up multi-factor authentication (MFA) or accessing the My Sign-Ins platform. [...]

Three years ago, the practical question for an MSP building a cybersecurity practice was which "vCISO platform" to buy. The term was good shorthand for the work at the time: assessments, advisory, reporting, maybe a compliance module bolted on the side. The work has since outgrown the descriptor. A Security Growth Platform is the more precise name for what MSPs and MSSPs need from the software

Three years ago, the practical question for an MSP building a cybersecurity practice was which "vCISO platform" to buy. The term was good shorthand for the work at the time: assessments, advisory, reporting, maybe a compliance module bolted on the side. The work has since outgrown the descriptor. A Security Growth Platform is the more precise name for what MSPs and MSSPs need from the [email protected]

Na Kickstarteru běží kampaň na podporu kapesního počítače s Linuxem CardputerZero od společnosti M5Stack. Postaven je na Raspberry Pi Compute Module 0. Podporuje moduly M5. Koupit lze s rozšířeními LoRa a CC1101.

Password manager Dashlane has disabled a number of user accounts as a precaution amid a spate of brute force attacks. It didn't specify the scale of the attack, although scores of users have queried the reason for receiving emails informing them of account suspensions. “Your account has been temporarily suspended for security reasons as someone has attempted to register a new device and didn't enter the correct token after several tries,” the emails read, along with instructions to contact customer support to restore access. The attacks began on Sunday afternoon and the Dashlane team said it had finished investigating the matter later that evening, restoring all affected user accounts in the process, according to its status page. In a copy-paste statement sent to a number of users via social media, Dashlane also confirmed there was no compromise of internal systems. Dashlane posted an update to its status page on Monday morning, repeating the same statement from a day earlier, but changing the incident status from "resolved" to "monitoring." Several users reported unauthorized login attempt notifications from various countries - the common culprits being Korea and Russia. Dashlane did not specify whether any attempts on customer accounts were successful. Dashlane’s interventions involved suspending accounts and its two-factor authentication (2FA) service. Some users reported trying to access Dashlane’s 2FA one-time passcodes, but when entering them, all that returned was an error. Some criticised the company for a lack of public comms about the attacks. Aside from the direct account suspension emails and some replies to users on social media, Dashlane has not disclosed the attack through any high-visibility channels. Users also queried whether the initial account suspension emails were a phishing attempt. But the emails showed no hallmarks of phishing as they contained no suspicious links, no attachments and were sent from a real Dashlane domain. However, the nature of the message and the fact that the emails contained an old Dashlane logo only exacerbated some customers’ fears. The Register has contacted Dashlane for more information. ®

In the ever-evolving cybersecurity landscape, Microsoft has introduced various new features in Windows 11 designed to protect users from modern workplace threats. Among such features, Smart App Control (SAC) changes how Windows devices handle, and occasionally block, unwanted or potentially malicious applications.

But what exactly is Smart App Control? How does it work, who benefits most, and are there any caveats? In this story we’ll share some history and explain why SAC has been something of a stealth feature in Windows 11.

What is Smart App Control?

Smart App Control is a security feature in Windows 11 designed to block untrusted or potentially dangerous applications from running on a PC. Built directly into the operating system (through Windows Security), SAC leverages code signing, Microsoft’s intelligence cloud, and artificial intelligence to make real-time decisions about whether an app or application should be allowed to run. Its goal is to minimize the risk that malware, ransomware, and unwanted software could run on users’ systems — with minimal user intervention.

At its heart, Smart App Control is a kind of gatekeeper. When you attempt to run an app, SAC evaluates its trustworthiness. That evaluation is based on numerous criteria: Is the app digitally signed? Is it widely used and recognized as safe by Microsoft’s threat intelligence network? Has it been flagged previously for questionable behavior?

If an app fails one or more such checks and is found suspicious or untrustworthy, SAC blocks its execution, silently preventing a potential security event before it starts.

How does Smart App Control work?

SAC operates using a combination of cloud-based intelligence, local analysis, and digital signatures. Here’s a step-by-step breakdown of how it functions:

• App verification: When a user attempts to launch an application, SAC inspects the file. It first checks if the app is digitally signed by a trusted publisher, an important indicator of legitimacy.
• Cloud intelligence search: SAC then consults Microsoft’s extensive security databases in the cloud. These aggregate threat data from millions of Windows devices worldwide. If the app has been flagged already or is recognized as part of any malware campaign, it is blocked.
• AI-based analysis: For less clear-cut instances, SAC uses AI to evaluate an app’s behavior. That is, it looks for telltale signs of malware or unwanted code. Such a dynamic analysis helps catch emerging threats not yet known to the cloud.

When an app is blocked, the user gets a clear, informative notification. Usually, there’s no way to override SAC’s decision, which puts security ahead of convenience. It also ensures that users will quickly report false positives.

Smart App Control is designed to be simple and automatic. Unlike conventional antivirus or endpoint security, it requires no updates to definitions, nor manual scans. SAC works behind the scenes to block threats in real time. Because it uses both local and cloud-based intelligence, it’s always current.

On the downside, some legitimate apps, especially older or custom business software, may not be digitally signed, resulting in false positives. If SAC decides an app is unsafe, the only way to run the app is to turn SAC off.

Working with Smart App Control

Notably, Smart App Control is enabled by default — but only on “clean installs” of Windows 11 version 22H2 or later. Systems upgraded from older versions of Windows 11 will always show SAC in the “Off” state.

Microsoft made this decision to avoid potential compatibility issues with legacy or line-of-business applications. That means users can’t benefit from SAC unless they have a newer PC or somebody reinstalls Windows 11 from scratch on an older one. (See my Windows clean install tutorial for complete instructions.)

SAC prerequisites

To get granular: SAC requires that the following be present as Windows 11 comes up for the first time:

• Secure Boot, a security feature that allows only trusted, digitally signed software to run as Windows boots up
• A working chain of trust, including current CA-2023 boot certificates in Unified Extensible Firmware Interface (UEFI) and a CA-2023 compliant bootloader

Newer PCs — namely, those built in 2018 or later, with Windows 10 or 11 installed prior to delivery — routinely include UEFI-only boot and support Secure Boot from the get-go. Indeed, Secure Boot was introduced with Windows 8, and the original certificates came along in 2011 (Production PCA 2011, UEFI CA 2011, and KEK CA 2011). They’ve been shipped in firmware ever since.

As long as such machines get updated through Windows Update (or some managed equivalent, such as Microsoft Intune, Windows Autopilot, or Microsoft Configuration Manager), the new certificates and a proper chain of trust should be established on those PCs. (See FAQ: What you need to know about expiring Windows Secure Boot certificates for more information.) All this said, only Windows 11 imposes a working Secure Boot environment as a hard and fast system requirement as of 2021.

In short, Secure Boot and the chain of trust provide the essential foundation for SAC to start with a clean bill of health, security wise, and keep things that way. To learn more about Secure Boot and its various certificates and trappings, consult the Secure Boot and Windows Secure Boot Key Creation and Management Guidance pages on Microsoft Learn.

Modes of operation

SAC has three distinct modes:

• On: SAC actively monitors and blocks untrusted apps.
• Evaluation: SAC quietly observes your usage patterns and system needs before fully activating.
• Off: SAC is disabled and will not intervene.

SAC will normally start in Evaluation mode for up to a month, then turn itself On or Off depending on observed system behavior. Once turned on, SAC cannot be set back into Evaluation mode. Organizations or users who run custom software or specialized workflows should leave SAC in Evaluation mode to ensure that business functions keep working.

To check SAC’s status:

1. Open the Windows Security app.
2. Navigate to App & browser control.
3. Look for the “Smart App Control” section. You’ll see the current status: On, Off, or Evaluation mode, as shown in Figure 1.

Figure 1: On this PC, the evaluation period is over and Smart App Control is enabled.

Ed Tittel / Foundry

Until recently, SAC could not be toggled off and on again — once it was turned off, you had to reinstall or reset Windows 11 to re-enable it. But with the April 2026 Patch Tuesday release of Windows 11 (KB5083769), admins and elevated users can turn SAC on or off as they see fit, as long as the initial setup conditions described above are met.

This toggling capability is a step forward for usability and safety, because it lets users with administrative privileges temporarily disable SAC in order to install, update, or uninstall certain unsigned apps, such as those that rely on Windows Installer Transform (MST) files, and then turn SAC back on immediately.

Note that this feature is being gradually rolled out, so you may not have access to it yet.

Smart App Control compared to other Windows 11 protections

Microsoft has long offered security features like Windows Defender, Controlled Folder Access, and Application Control. SAC differs in its general, automated approach. Rather than relying on static definitions, group policies, or user input, SAC leverages real-time intelligence and AI.

In many ways, SAC takes the best bits of Application Control (previously available through Device Guard and Windows Defender Application Control) and makes them accessible to a wider audience. It also involves little or no manual setup and few, if any, policy issues. Then again, as covered earlier in the story, SAC also functions as a black box: one either lives with its judgments, or does without it.

Real-world impact and industry reception

Feedback from the IT community has been mostly positive. Security researchers note SAC’s ability to block emerging threats before traditional antivirus solutions can respond. But SAC is hardly bullet-proof: a number of studies cite focused exploits or workarounds to bypass or trick SAC. For instance, Elastic Security Labs documented multiple techniques to break SAC in 2021, with follow-ons from Hacker News and TechRadar.

As always, a proactive approach to cybersecurity that includes teaching users to avoid trouble remains a key ingredient in establishing and maintaining a strong security posture.

For end users, SAC’s presence may go largely unnoticed — until, that is, it intercepts a malicious download or prevents installation of a suspicious or malicious program. Or, as the case may sometimes be, when users try to run old, unsigned software that SAC won’t allow.

Tips for IT administrators

For IT professionals considering deploying devices with SAC, certain best practices are worth implementing:

• Test SAC in Evaluation mode before rolling out widely, especially if your organization relies on custom or legacy software, or if anything important is unsigned.
• Educate users about SAC’s presence and purpose so they understand why certain apps may be blocked. Set up a procedure to request support and/or fixes, particularly if important software gets blocked. Possible workarounds include restricted VMs with SAC turned off to run unsigned applications.
• Maintain an up-to-date inventory of critical applications and ensure as many as possible are digitally signed by trusted publishers.
• Monitor Microsoft resources Learn, Support, and Answers forums for SAC updates, compatibility lists, and troubleshooting tips.

The future of Smart App Control

As threats continue to evolve, Microsoft should continue to expand SAC’s capabilities. Undoubtedly it will use more advanced AI models and deeper integration with Windows Defender and Microsoft 365 security. Future updates may introduce more granular controls for enterprise environments, including managed exceptions and better reporting tools.

For now, SAC represents a useful additional tool for Windows security. It’s intended to shift the balance in favor of the good guys in the ongoing war against malware. So far, it’s been a modest step forward. But it’s not unthinkable that SAC could offer more and better protection in upcoming Windows releases.

[Also see: FAQ: What you need to know about expiring Windows Secure Boot certificates]

This article was originally published in September 2025 and updated in June 2026.

Microsoft has resolved a known issue causing installation failures and 0x800f0922 errors when deploying the May 2026 Windows 11 security update (KB5089549). [...]

The British government wants stronger protection for subsea internet cables following a surge in Russian activity near UK waters, but its latest proposals lean heavily on fines and prison sentences rather than direct defensive action. Plans - outlined in a speech by Baroness Liz Lloyd, Minister for Digital Economy ahead of a consultation - include tougher penalties for recklessly damaging undersea cables, operator security obligations and emergency powers allowing government to compel businesses to better protect their infrastructure. In April, the Royal Navy and Royal Air Force tracked Russian submarines on a covert reconnaissance near critical undersea infrastructure. According to reports, Russia deployed an Akula-class attack submarine as a decoy while two specialist vessels from Directorate of Deep Sea Research - known as Glavnoye Upravlenie Glubokovodnikh Issledovanii (GUGI) - surveyed the UK's cable routes. “Their mission was to survey our cables in peacetime, so they could more easily sabotage them in a conflict,” Lloyd said in a speech delivered at the Royal United Services Institute (RUSI). “They wanted this operation to be secret, but they failed." In light of this, the government is reviewing whether the UK’s security and resilience arrangements are strong enough, the Defence, Science and Technology Laboratory said. UK Parliament's Joint Committee on National Security Strategy (JCNSS) last year told the government it is "too timid" in its approach to protecting Britain’s cable connections, and must do a better job. Measures proposed include tightening the law so ship owners and operators that recklessly damage subsea internet cables face tougher penalties. Cable operators could be landed with extra obligations to ensure they take steps to prevent, detect and respond to security incidents in a consistent and timely manner. “The UK already has strong protections in place for our subsea cables, but in a more uncertain world we cannot stand still,” said Lloyd. "As hostile activity by Russia and others grows, protecting these cables matters more than ever for our economy, security and daily lives.” Some 64 cables connect Britain to the global internet, and when one breaks, repair vessels are typically on scene within eight days. Historically, most cable faults have stemmed from fishing activity or dragging anchors, not sabotage. The Royal Navy unveiled its Atlantic Bastion program last year to supplement its sub-hunting ships with a force of uncrewed, autonomous vessels. The aim is that enemy submarines in the North Atlantic have nowhere to hide. This is in its early stages, with £14 million committed so far for testing and development. The latest proposals will be outlined a white paper published later this year. Separately, the UK, US, and Australia announced this weekend that their AUKUS partnership will jointly develop sensor and weapons payloads for uncrewed underwater vehicles, which is another building block for protecting seabed infrastructure. ®