Agregátor RSS

Label giant Avery says website hacked to steal credit cards

Bleeping Computer - 15 Leden, 2025 - 20:44
Avery Products Corporation is warning it suffered a data breach after its website was hacked to steal customers' credit cards and personal information. [...]
Kategorie: Hacking & Security

Hackers use Google Search ads to steal Google Ads accounts

Bleeping Computer - 15 Leden, 2025 - 20:02
​Ironically, cybercriminals now use Google search advertisements to promote phishing sites that steal advertisers' credentials for the Google Ads platform. [...]
Kategorie: Hacking & Security

Even modest makeup can thwart facial recognition

The Register - Anti-Virus - 15 Leden, 2025 - 19:45
You may not need to go full Juggalo for the sake of privacy

Researchers at cyber-defense contractor PeopleTec have found that facial-recognition algorithms' focus on specific areas of the face opens the door to subtler surveillance avoidance strategies.…

Kategorie: Viry a Červi

Microsoft creates new internal unit for AI development

Computerworld.com [Hacking News] - 15 Leden, 2025 - 19:33

Microsoft is creating a new engineering group focused on artificial intelligence: Core AI — Platform and Tools. The group combines the company’s Developer Division with the AI Platforms work teams and some employees who previously reported to Microsoft’s CTO. According to The Verge, the group will be led by Jay Parikh, the former CTO at Meta and who joined Microsoft in October 2024.

Core AI — Platform and Tools will focus on building an AI platform and tools for both Microsoft’s own use and for the company’s customers. Microsoft CEO Satya Nadella wrote in a blog post that AI will require a record-breaking pace of development, which means Microsoft needs an AI-focused application stack to build AI apps and tools in the future.

“In this world, Azure must become the infrastructure for AI, while we build our AI platform and developer tools — spanning Azure AI Foundry, GitHub, and VS Code — on top of it,” Nadella said. “In other words, our AI platform and tools will work together to create agents, and these agents will work together to transform every category of SaaS application, and to build custom applications powered by software (i.e. ‘service as software’).”

Kategorie: Hacking & Security

The death of DEI in tech

Computerworld.com [Hacking News] - 15 Leden, 2025 - 18:59

Save me from rich, white men who insist they and their kind are being discriminated against. Tech entrepreneur Elon Musk, majority owner (not the founder) of SpaceX, Tesla, and numerous other leading companies, insists that “DEI [Diversity, equity, and inclusion] is just another word for racism.” He screams, “DEI must DIE. The point was to end discrimination, not replace it with different discrimination.” 

Really? I’m an older, relatively well-off, straight white man, and I know darn well that I owe a lot of my success to the fact that, except for my age, everything in the US economy has been set up to benefit me. 

In baseball terms, I started the game on first base. Black men have to get a hit to get on base. Black women step to home plate for their at-bat with two strikes against them. 

Musk and his ilk? He grew up the son of a millionaire businessman father in South Africa and started on third base.

It used to be worse in this country. The Equal Pay Act of 1963 and the Civil Rights Act of 1964 prohibited discrimination based on race, color, religion, sex, or national origin, while the Age Discrimination in Employment Act of 1967 laid the groundwork for equal employment opportunities and non-discrimination in the workplace.

The laws were one thing. Making it a workplace reality was another. 

Over the next few decades, dedicated diversity professionals began emerging within organizations, often holding titles like Chief Diversity Officer. As businesses became more diverse, companies also started recognizing that diversity is good for business.

While DEI is also about basic fairness, it turns out that businesses that adopt it tend to do better than their rivals. Don’t believe me? How about Goldman Sachs — would you believe it? 

The global investment banking giant decided not to take companies public without diverse board representation in 2000. The financial powerhouse did so because evidence showed that companies with diverse boards outperformed those with all-male boards. Specifically, Goldman Sachs noted that companies with at least one woman on their board performed significantly better in their IPOs than those without women. Since then, the company has increased its minimum number of women board members to two. The company has also continued to support black women business owners for solid business reasons, not warm fuzzy feelings. 

This is nothing new. In 2012, the global management company McKinsey found that US companies with diverse boards had a 95% higher return on equity

Get the picture? DEI helps businesses do well, and the results are right there in the balance sheets.

Facts, even accounting facts, count for little as American technology leaders bow to Donald Trump. For some, like Musk and Meta chief Mark Zuckerberg, it’s all about rising to power on the right-wing wave. For others, it’s simply about preserving their billions. Preserving the gains of blacks, gays, older workers — whoever — is not on their priority list.

So, Amazon has halted some of its DEI programsMeta is killing them, and Microsoft has quietly shuttered its DEI efforts. While this trend has become more obvious since Donald J. Trump won the 2024 election, it’s been coming for a while now. Google and Meta have both shut their doors to diverse employees since 2023.

That year, the Supreme Court’s Trump-friendly majority struck down affirmative action in college admissions. That decision prompted Republican activists and some state attorneys general to target corporate DEI initiatives as discriminatory. Given a choice between fighting a political battle and quietly shutting down their diversity efforts, all too many businesses have folded their DEI tents.

Others, such as Meta — where Zuck is suffering from a middle-aged crisis with his gold chain, newly curled hair, and sudden weird fascination with “masculine energy” — appear to be on their way to getting rid of their existing diverse workforce. He says he wants to “move out low performers faster.” I expect the upcoming 5% cut to come mostly from people of color, older workers, and LGBTQ+ staffers. 

You get the picture.

What it all comes down to is that if you’re not a straight white guy, the job market is going to become a lot harder for you. As for companies? They’ll suffer as well. I fear, though, that we’re stuck with this trend until cold, hard financial facts convince corporate leadership that right-wing politics leads to poor business decisions. 

Kategorie: Hacking & Security

China Is About to Build the World’s Biggest Hydropower Dam—With Triple the Output of Three Gorges

Singularity HUB - 15 Leden, 2025 - 18:45

Medog Hydropower Station, as it will be called, will blow other hydropower dams out of the water.

China’s electricity use over the last 30 years is a hockey-stick curve, climbing steeply as the country industrialized, built dozens of mega-cities, and became the world’s manufacturing center. Though China’s economy has slowed in recent years, electricity demand is only climbing. Given the country has pledged to reach carbon neutrality by 2060, they’re going to need much more renewable power than they currently have.

To help them achieve that goal, the government recently announced plans to build the biggest hydropower dam in the world.

Medog Hydropower Station, as it will be called, will blow other hydropower dams out of the water (pun intended), with an estimated annual generation capacity triple that of the world’s largest existing dam (which, perhaps unsurprisingly, is also in China). The 60-gigawatt project will be able to generate up to 300,000 gigawatt-hours (or 300 terawatt-hours) of electricity per year. That’s equivalent to Greece’s annual energy consumption.

The dam will be built on a river in Tibet called the Yarlung Tsangpo, with construction carried out by the government-owned Power Construction Corporation of China. It will not only be one of China’s biggest infrastructure projects ever, it will be one of the most expensive infrastructure projects ever, with an estimated cost of a trillion yuan or $136 billion (yes, billion with a “b”).

Perhaps unsurprisingly, China is already home to the world’s largest existing hydropower dam: Three Gorges Dam on the Yangtze River stands 594 feet tall (Arizona’s Hoover Dam is taller, but Three Gorges is wider) and has a generating capacity of 22.5 gigawatts. By comparison, the biggest hydropower dam in the US is the Grand Coulee in Washington state, and it has a generating capacity of 6.8 gigawatts. China is the world leader in hydropower deployment, accounting for almost a third of global hydropower capacity. Many of those dams are on the Yangtze (some of them built by robots!) and some are on the same river where the Medog project will be built.

The Yarlung Tsangpo river starts in western Tibet, flowing east and then south, where it merges with India’s Brahmaputra then flows south through Bangladesh and into the Bay of Bengal. It is the highest river in the world, and a 31-mile (50-kilometer) section in the South Tibet Valley drops by a sharp 6,561 feet (2,000 meters); there’s loads of untapped potential for all that moving water to turn some turbines on its way down.

But the project is not without its challenges, both engineering and political.

Environmental groups say the dam will disrupt ecosystems on the biodiverse Tibetan Plateau. Tibetan rights groups see the project as a prime example of China exploiting Tibet’s natural resources while harming local communities. The dam’s construction will require people to be relocated, though likely not as many as Three Gorges, which uprooted and moved 1.4 million people. The Medog dam will be bigger, but it’s in a more sparsely populated area.

India and Bangladesh have both expressed concerns about the dam, as it could alter the flow of the river downstream where it runs through these countries. There are also concerns about the area’s geological stability, as it sits at the convergence of the Indian and Eurasian continental plates and is considered tectonically active. An earthquake could destroy the dam and cause catastrophic flooding. In fact, a magnitude 6.8 earthquake killed 126 people and damaged 4 reservoirs just last week.

However, Medog won’t be a conventional dam in the form of one giant wall built to hold water behind it, like Three Gorges or the Hoover Dam. Instead, four 12.4-mile (20-kilometer) tunnels will be blasted and excavated through a mountain called Namcha Barwa to divert the river. The water flowing through these tunnels will turn turbines attached to generators before running back into the Yarlung Tsangpo.  

The Chinese government says the Medog project will help it achieve the country’s carbon neutrality goals. In 2023, coal was still China’s main source of electricity generation by a long shot, supplying 61 percent of the country’s electricity. Hydropower was a distant second at 13 percent, followed by wind, solar, nuclear, and gas, in that order.

Construction is slated to start in 2029, and if all goes as planned—which would be impressive for a project of this scale—it will take four years to complete, with the dam beginning commercial operation in 2033.

The post China Is About to Build the World’s Biggest Hydropower Dam—With Triple the Output of Three Gorges appeared first on SingularityHub.

Kategorie: Transhumanismus

Jak dobře vybrat domácí NAS. Jeden disk je riziko, vezměte aspoň dva

Živě.cz - 15 Leden, 2025 - 18:45
** Povedený NAS lze pořídit už pod pět tisíc korun. ** I za tuto cenu nabídne solidní hardware, zpracování, a přehledné webové rozhraní v češtině. ** Dostanete k němu i užitečné mobilní aplikace
Kategorie: IT News

What Nokia was thinking when Apple introduced iPhone in 2007

Computerworld.com [Hacking News] - 15 Leden, 2025 - 18:34

The whole world was watching when legendary Apple CEO Steve Jobs launched the iconic iPhone in 2007. Mobile was the future. Apple knew it (and rebranded itself to reflect it). And Nokia had a fight on its hands. So, what did Nokia think about the iPhone launch? 

Now we know.

Nokia, at one time the world’s leading mobile phone company, has made a huge archive of corporate assets available through a website curated by Finland’s Aalto University, the Nokia Design Archive. The fascinating collection provides deep insight into how the company operated; in particular, a 2007 Nokia Confidential report caught my eye, as it captures what the company thought when Apple introduced iPhone in 2007.

Much of the document focuses on price — Nokia believed the cost of the iPhone would put consumers off. 

The company was also less convinced about Apple’s touch interface; Nokia execs thought consumers would want to stick with those dinky little QWERTY keyboards everybody used at that time. But in the end, cost and keyboard didn’t form the competitive moat Nokia anticipated, because the iPhone was all about the user experience, and the report shows Nokia executives were concerned.

You and your UI

“User interface has been a big strength for Nokia,” the post-iPhone introduction report authors wrote, warning that at that time consumers were falling out of love with the UI Nokia provided. “Urgent action needed to prevent further erosion of this position,” they said.  

Apple’s new UI “may change the standards of the superior user experience for the whole market,” Nokia executives explained, noting it had been called “visually stunning and incredibly responsive.” Nokia also saw that Apple had protected its product with more than 200 patents, and once again argued that “UI may be the biggest threat that iPhone presents.

“Nokia needs a chief UI architect to re-energize Nokia’s IO innovations across platforms and businesses,” they wrote.

Apple’s product also introduced an innovative user interface built around the company’s powerful OS X system, something which integrated seamlessly with PC, Mac and the Internet, the executives noted.

Be cool, like Apple 

Apple’s cool factor was seen as another challenge. And the fact Apple had delivered a full-fledged internet experience in its phone was seen as an even bigger threat. The company confessed that its own high-end N-series devices, including the brand-new N800 it introduced just before iPhone in 2007, were challenged in comparison. 

Nokia’s executives delivered a strong and, in the end, accurate set of predictions about how iPhone would affect the wider smartphone industry at that time:

  • “A price war may emerge by Motorola trying to push their new models.” It did. Apple did not lose — and didn’t shift prices much, either.
  • “iPhone will also hurt Sony Ericsson’s momentum and coherent music strategy.” It did just that. iTunes was the dominant music service.
  • “N-Series and SEMC Walkman probably need to clearly undercut iPhone pricing to succeed in the market.” They tried, but consumers were not prepared to compromise on user experiences, and the integration with the Mac added a front that no mobile incumbent was able to match — certainly not Microsoft.
  • “Expect RIM and Palm to suffer – their stock prices have been most badly beaten.” Apple ate their lunch.
  • “All the high-end devices attract the enterprise segment — expect that also for iPhone.” Arguably, iPhone and iPad are what have led to Apple’s huge resurgence in the enterprise. Almost every company worldwide now users Apple products.
  • Nokia introduced its own iTunes competitor, Ovi a few months later, but this never really challenged iTunes.

The fascinating document confirms that Nokia understood some of what was coming when Jobs introduced Apple’s mobile phone. It could see that the iPhone had the potential to stimulate demand for high-end devices, which it did and still does. iPhones became the de facto high-end market leader.

When Android stole the market

Even today, Apple scoops up a vast share of industry profits as its customers continue to invest in the best model iPhone they can afford. They do this because they continue to enjoy the user experience Apple provides.

But even back in 2007, Nokia saw that the exclusive US iPhone distribution relationship Apple reached with Cingular (later acquired by AT&T) was both a strength and a weakness. To compete, the industry was famously forced to rally round Google’s Android, an operating system Steve Jobs once vowed to destroy

However, the embrace of Android proved ill-judged. It led the market into homogeneity, eternal price wars, and enabled Google, rather than the mobile device makers, to take the lion’s share of any services-related income. Apple did this too, of course — but Apple also took the risk of making and selling the hardware, software, and services used. Now, it sells one in every four smartphones, and perhaps almost one in five of those sold is now made in India. 

The problem for Nokia was that it didn’t make Android, either. Arguably, it failed to find a response in user interfaces and (looking through the online archive) seemed limited in its outlook when it came to designing operating systems to compete with Apple’s own. But I guess execs from around that time can console themselves in thinking that they accurately read the room.

It’s a fascinating archive (and the Nokia research document about iPod is also interesting). 

You can follow me on social media! Join me on BlueSky,  LinkedInMastodon, and MeWe

Kategorie: Hacking & Security

Microsoft adds ‘pay-as-you-go’ access for AI agents with M365 Copilot Chat

Computerworld.com [Hacking News] - 15 Leden, 2025 - 18:23

Microsoft has added a “pay-as-you-go” option to access AI agents alongside its free M365 Copilot Chat plan. 

Microsoft 365 Copilot Chat is a chat interface powered by OpenAI’s GPT4o that serves up responses based on web data (rather than information held in the Microsoft Graph, as per the paid M365 Copilot subscription). It also includes features such as Copilot Pages and image generation, as well as data protection and IT admin controls at no cost to users. 

Businesses using M365 Copilot Chat can also now deploy Microsoft’s Copilot AI agents, the company announced Wednesday, with metered pricing based on the number of times agents are used.

As with many software vendors, Microsoft began a major push around its M365 Copilot agents towards the end of 2024. These range from chatbots that can answer questions about specific documents to autonomous software agents that can complete more complex tasks such as client onboarding or customer support. 

M365 Copilot Chat provides an “on-ramp” for business to access Copilot and AI agents, Microsoft said.

Microsoft 365 Copilot Chat now has a “pay-as-you-go” option that allows access to agents.

MIcrosoft

“M365 Copilot Chat reflects a broader change in the world of generative AI happening in 2025: The rise of agents to complement personal AI assistants like Copilot,” said J.P. Gownder, vice president and principal analyst on Forrester’s Future of Work team.

The plan lacks many of the core features available in the main M365 Copilot subscription service — which costs $30 per user a month — notably the AI personal assistant embedded in apps such as Outlook, Teams, Word, and Excel. Microsoft has struggled to convince large numbers of customers to adopt its M365 Copilot broadly since the service launched in November 2023. 

Microsoft said it expects customers will have “a mix of Microsoft 365 Copilot Chat and Microsoft 365 Copilot — our best-in-class offering — to drive AI transformation at scale.”

“On the one hand, having access to a basic LLM is becoming table stakes, so it makes sense for Microsoft to offer a secure and managed Copilot Chat as part of the broader Microsoft 365 offering,” said Gownder. “On the other hand, this Copilot Chat can act as a conduit to agents, which will soon proliferate throughout enterprises.”

M365 Copilot Chat agent usage is measured in “message” credits. These are charged either with a pay-as-you-go model at 1 cent per message, or with pre-paid message bundles priced at $200 for 25,000 messages, Microsoft said in a blog post.

Microsoft sets out four types of agent “answers,” or responses, that each consume a different number of message credits. For example, “classic” answers, used for pre-written responses that are manually authored when an agent is created, cost 1 message, while autonomous agent responses cost 25 messages.

Consumption-based licensing provides a low-cost alternative for customers that want to get started with Copilot services grounded in M365 content, said Larry Cannell, research director at Gartner’s Technical Professionals Digital Workplace service. 

“CIOs often prefer it to flat-based licensing of new products because they can better align value delivered to the cost of the product,” he said. “It is much easier to sell a solution based on demonstrated use rather than expected demand.”

Kategorie: Hacking & Security

Windows Patch Tuesday hits snag with Citrix software, workarounds published

The Register - Anti-Virus - 15 Leden, 2025 - 18:15
Microsoft starts 2025 as it hopefully doesn't mean to go on

Devices that have Citrix's Session Recording software installed are having problems completing this month's Microsoft Patch Tuesday update, which includes important fixes.…

Kategorie: Viry a Červi

Microsoft ends support for Office apps on Windows 10 in October

Bleeping Computer - 15 Leden, 2025 - 18:05
Microsoft says it will drop support for Office apps in Windows 10 after the operating system reaches its end of support on October 14. [...]
Kategorie: Hacking & Security

Over 660,000 Rsync servers exposed to code execution attacks

Bleeping Computer - 15 Leden, 2025 - 18:00
Over 660,000 exposed Rsync servers are potentially vulnerable to six new vulnerabilities, including a critical-severity heap-buffer overflow flaw that allows remote code execution on servers. [...]
Kategorie: Hacking & Security

Míří bitcoin do nebes? Mohou za to Trump s Muskem? Rozhovor s expertem na kryptoměny Petrem Lukáčem

Živě.cz - 15 Leden, 2025 - 17:45
V prosinci hodnota bitcoinu překonala rekordní hranici sta tisíc dolarů. Co na jeho růst mělo největší vliv? A nebude nás zase čekat rychlý pád?
Kategorie: IT News

Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes

The Hacker News - 15 Leden, 2025 - 16:48
Cybersecurity researchers have alerted to a new malvertising campaign that's targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google. "The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to fake login pages," Jérôme Segura, senior director of
Kategorie: Hacking & Security

Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes

The Hacker News - 15 Leden, 2025 - 16:48
Cybersecurity researchers have alerted to a new malvertising campaign that's targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google. "The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to fake login pages," Jérôme Segura, senior director of Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Windows BitLocker bug triggers warnings on devices with TPMs

Bleeping Computer - 15 Leden, 2025 - 16:46
​Microsoft is investigating a bug triggering security alerts on systems with a Trusted Platform Module (TPM) processor after enabling BitLocker. [...]
Kategorie: Hacking & Security

USA omezí vývoz AI čipů. Restrikce se mají týkat i Česka

Živě.cz - 15 Leden, 2025 - 16:45
Spojené státy možná už od pátku omezí vývoz čipů v oblasti umělé inteligence (AI), aby tato vysoce pokročilá technologie zůstala mimo dosah Ruska a Číny. Informovala o tom agentura Bloomberg . Regulace se bude týkat i České republiky, zatímco západní část EU bude mít podmínky volnější, což v ...
Kategorie: IT News

Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99

The Hacker News - 15 Leden, 2025 - 16:37
The North Korea-linked Lazarus Group has been attributed to a new cyber attack campaign dubbed Operation 99 that targeted software developers looking for freelance Web3 and cryptocurrency work to deliver malware. "The campaign begins with fake recruiters, posing on platforms like LinkedIn, luring developers with project tests and code reviews," Ryan Sherstobitoff, senior vice president of Threat
Kategorie: Hacking & Security

Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99

The Hacker News - 15 Leden, 2025 - 16:37
The North Korea-linked Lazarus Group has been attributed to a new cyber attack campaign dubbed Operation 99 that targeted software developers looking for freelance Web3 and cryptocurrency work to deliver malware. "The campaign begins with fake recruiters, posing on platforms like LinkedIn, luring developers with project tests and code reviews," Ryan Sherstobitoff, senior vice president of ThreatRavie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
Syndikovat obsah