Agregátor RSS

Max a 30 nejoblíbenějších filmů a seriálů v lednu 2025. Tohle Češi na Max (dříve HBO) nejvíc sledují

Živě.cz - 14 Leden, 2025 - 12:15
Tyto filmy a seriály jsou teď na českém Max (dříve HBO Max) nejoblíbenější. Nerozlišujeme žánr, stáří ani hodnocení na filmových webech. Jde o souhrnnou oblíbenost za poslední týdny, kterou zjišťuje a počítá web FlixPatrol.
Kategorie: IT News

UK floats ransomware payout ban for public sector

The Register - Anti-Virus - 14 Leden, 2025 - 12:04
Stronger proposals may also see private sector applying for a payment 'license'

A total ban on ransomware payments across the public sector might actually happen after the UK government opened a consultation on how to combat the trend of criminals locking up whole systems and taxpayers footing the bill.…

Kategorie: Viry a Červi

For Microsoft, 2025 could be a game-changing year

Computerworld.com [Hacking News] - 14 Leden, 2025 - 12:00

It’s looking like 2025 will be one of the most consequential years for Microsoft in a long time.  Since Satya Nadella became CEO in early 2014, the company has been on an upward trajectory, despite a few bumps along the way. Today it’s the most powerful AI company on the planet and the world’s third-most-valuable company, worth more than $3 trillion.

But in these volatile times, that can change quickly thanks to a still evolving AI market, the federal government targeting high tech, and the coming wild-card Trump presidency. What challenges will the company face in 2025, and how will it handle them? 

Here are my top five.

Microsoft and OpenAI will go from frenemies into enemies

Not so long ago, the Microsoft-OpenAI relationship was tech’s biggest bromance. Microsoft invested $13 billion in OpenAI, OpenAI’s influence and valuation skyrocketed, and Microsoft used the company’s generative AI (genAI) technology to vault to the top of the AI heap.

Last year, the bromance soured and the companies became frenemies; as OpenAI openly courted major Microsoft clients, Microsoft laid the groundwork for developing its own AI technology. Nadella disparaged OpenAI, saying, “If OpenAI disappeared tomorrow…, we have all the IP rights and all the capability. We have the people, we have the compute, we have the data, we have everything. We are below them, above them, around them.”

Don’t be surprised if there’s open warfare between the companies this year. OpenAI will be transforming itself from non-profit to a for-profit company, possibly changing the terms of its contract with Microsoft and allowing it to more easily pursue partnerships with other companies. In addition, the terms of the Microsoft-OpenAI deal says that when OpenAI’s ChatGPT achieves what’s called AGI and can reason on its own, Microsoft will lose its stake in the company. 

OpenAI CEO Sam Altman keeps hinting that’s coming sooner rather than later. Meanwhile,  Microsoft has been busy building AI technology that could replace OpenAI’s as the basis for Copilot and other AI products. 

The upshot? Expect open warfare between the two.

Microsoft will get hit with at least one US government antitrust suit

Decades ago, Microsoft was Big Tech’s bad boy, mowing down competitors with shady actions that drew the wrath of the federal government — an antitrust suit that dropped the company from the top tier of tech and led to a lost decade in which it became an also-ran.

After Nadella took the helm, Microsoft became Big Tech’s choirboy, largely avoiding any federal suits, while Amazon, Meta, Google, and Apple were hit with antitrust actions that threaten the core of their businesses. 

That will probably change in 2025. The Federal Trade Commission (FTC) has launched a  wide-ranging investigation into what it believes may be Microsoft’s anticompetitive practices. The agency is looking at the very heart of the company and its business practices — AI, cloud computing, its productivity suite, and Teams. The suit could also endanger the company’s billion-dollar contracts with the US government, because the FTC began looking at the company thanks to its poor security practices.

What’s unclear is whether the Trump administration will continue the investigation, and ultimately prosecute the company. My bet is it will. Top Trump advisor Elon Musk has become a Microsoft competitor with his AI company xAI, and he’ll most certainly use his high-level access to push for prosecution. He’s already suing Microsoft and OpenAI for trying to use their power to get a monopoly on AI.

Intellectual property battles will come to a head

Microsoft and other genAI companies face an even bigger problem than antitrust lawsuits — the lack of content on which to train genAI tools like Copilot and ChatGPT. Improving them requires massive amounts of intellectual property. So far, the companies have simply hoovered up anything they can find, largely without paying, claiming they can use the material under fair-use doctrine.

That’s led to plenty of lawsuits against Microsoft and other AI companies for intellectual property theft. In one of the biggest, The New York Times is seeking “billions of dollars in statutory and actual damages” because of what it calls the “unlawful copying and use of The Times’ uniquely valuable works.” 

Microsoft and other AI companies have begun making deals with publishers to pay for the content to train their AI models. In November, Microsoft inked a deal with the publisher HarperCollins in which it can use many of the company’s nonfiction books to train a new genAI product.

That deal might well be Microsoft’s first in a series of similar agreements with other companies. Expect more to follow this year.

Nadella will try to keep Trump at a distance

Since Donald J. Trump’s election, a number of Big Tech executives and companies have gone full-blown MAGA. In one of the more extreme makeovers, Meta’s Mark Zuckerberg has gone all in, donating $1 million to Trump’s inauguration, eliminating fact-checking on Meta platforms, backing away from policing hate speech, ending the company’s diversity efforts, killing transgender and nonbinary themes from its apps, and even removing tampons from its men’s bathrooms, which it had provided for nonbinary and transgender employees. 

He’s not the only one. Top executives from Google, Amazon, Apple, and others have also bowed to Trump. Microsoft had been the lone holdout until early January, when it donated $1 million to Trump’s inaugural. Aside from that, though, the company hasn’t curtailed diversity efforts or in any other way changed its culture to put it in line with Trump’s way of thinking. And Nadella hasn’t visited Trump in Mar-a-Lago, as have so many other tech execs.

The big question: Will Nadella continue keeping Trump at arm’s length, and not try to make the company culture more like Trump would like to see it? My guess is he’ll stay the course. But we’ll see.

We may get real revenue numbers for AI… or not

Finally comes perhaps the biggest issue of all for the company’s financial health: Can Microsoft sign up enough customers to make its genAI ambitions worth its while? We’re no longer in the early hype days when mere possibilities were more important than revenue. In 2025, the ROI rubber will meet the road of reality.

This is particularly important because the investments that need to be made in genAI are far greater in scale than in any technology before it. Microsoft can spend all the billions it wants for infrastructure, electricity, data centers, training, and development. But if businesses and people don’t find AI useful and open their wallets for it, that will mean nothing.

Microsoft claims it’s got plenty of customers, but it isn’t giving out details, such as how many people pay for Copilot on a monthly basis and how much revenue it gets from that. Instead, it publicizes potentially misleading statistics such as “More than 85% of the Fortune 500 are using Microsoft AI” and “Nearly 70% of the Fortune 500 are using Microsoft 365 Copilot.” Most likely those numbers are based on companies launching small pilot programs testing whether AI is useful. Pilots don’t bring in much revenue — only full deployments do.

We’ll know in 2025 if AI is starting to pay off when Microsoft touts real revenue numbers or the number of people actively paying for AI subscriptions. Until then, consider those numbers smoke and mirrors.

Kategorie: Hacking & Security

Time to audit your MDM setup? Here’s how to get it right

Computerworld.com [Hacking News] - 14 Leden, 2025 - 12:00

Audits are never fun — whether you’re talking about a tax audit, energy audit, or industry compliance audits. But they’re necessary. And when it comes to mobile device management (MDM) deployments, they’re extra important, because mobile devices are endpoints that can expose your company to the security dangers and risk letting corporate data leak out.

Here’s what to consider as you plan an MDM audit and what to include.

What do you need to achieve with an MDM audit

Auditing something as broad as your MDM environment with its mix of identity products, federated cloud services, MDM solutions themselves, policies and groups, app inventories and the devices themselves can get, well, complicated. 

This means your first step is to determine what an MDM audit should cover. 

If you’re confident in auditing other aspects of your IT stack, or your entire stack is from one vendor — say you’re a fully Microsoft shop with a stack built around Entra and Azure, both of which you already have audit programs for — then you might just need to focus on Intune and your mobile device policies and configurations. But if you mix and match cloud services from multiple companies and your MDM solution is from a different vendor than everything else, you’ll need to look at your MDM links to everything else (and possibly how all your other systems link to each other). Auditing systems individually won’t give you a holistic understanding of how they work together.

If your company is subject to various compliance regimes (such as GDPR or HIPAA, for example), some subjects might be defined for you. Either way, set the scope of the audit so it can capture the systems, policies, user groups, device types, apps, user experiences and even the backend tools used in your environment. 

As with any audit, standard procedures need to be considered. Ideally, these basic processes will follow the model of other audit procedures already in place. There will always be some variation — different systems have different functions and require measuring different metrics. But there should be some connective thread that runs through how you capture audit data, process it, report your findings and list corrective steps that need to be taken based on the results. An MDM audit will obviously focus on different things than a server or network security audit, but all three should come from the same basic template.

As you consider the scope of an audit and its processes, make notes of the specific questions you need to answer and the data points you need to answer them. If this is your first MDM audit, brainstorming areas of importance and looking to outside resources such as your MDM (and related service) vendor can help define exactly what you need to ask. Be sure to consider each idea carefully to see whether it’s really significant or simply mission creep. 

If you’ve performed MDM audits in the past, you’ll want to review whether they captured the relevant information or let things fall between the cracks. And even if past audits went well, remember the mobile landscape and threat environment changes quickly. So you’ll need to account for any major changes — such as the recent proliferation of generative AI — since your last audit and decide whether your previous scope needs to be adjusted.

The logistics matter

How the audit is done from a logistical perspective also matters. Some can be carried out simply by examining and testing back-end systems and have no real or direct user-facing components. MDM audits might require some fieldwork, virtual or in-person, to gather accurate data. And if various teams or groups of employees or managers need to be consulted or might be impacted during the audit, you’ll want to establish that up front for both the audit team and anyone affected. 

Who is the auditor(s)?

The next step is determining who will conduct the audit. With something as broad as MDM, which touches several different domains – network access, app licensing, user and group management, device and procurement from multiple vendors, endpoint security, user experience, general and mobile-specific policy requirements and so on – it can be difficult to establish exactly who’s ultimately responsible. 

This means MDM audits are often best done by a team where various stakeholders are represented.

Should you consider a pre-audit?

In some cases, you might know going into the process that there are areas that are problematic. These could include policies you’ve been meaning to update; the criteria on which you authorize user access to resources; how you manage or group users and devices; and significant updates – mobile OS and app versions, backend systems – that you have yet to get around to doing. 

Dealing with these known issues before the full audit occurs can make the entire process easier and shorten your departmental to-do list.

The items you want to capture

Every audit will vary based on your needs and environment. The following isn’t an exhaustive list, but these areas should be part of any MDM audit:

  • Logs: Application and system logs from the MDM itself, and logs involving MDM interactions with devices and other services.
  • Policies: Auditing MDM policies include the policies themselves (are they appropriate to your environment, security and user needs) and whether or not they are enforced as intended. As MDM provides a wealth of policy configurations and restrictions, this will be one of the major focus areas for an audit and it should be done across every major device/user demographic across an organization
  • Device and network security: Broadly speaking, you need to ensure that information being transferred between devices and your network is secure, visible and functions appropriately regardless of how devices are connecting (corporate Wi-Fi, home or public W-Fi and cellular) as well as device integrity/malware checking.
  • Device and data controls: One crucial feature of any MDM system is the ability to separate work and personal apps, settings and content. Rules related to this functionality should be clearly established and tested as widely as possible across your device fleet and user community. This can include encryption at rest and in transit and  procedures for handling things such as remote lock and remote wipe.
  • Device enrollment and lifecycle processes.
  • Mobile OS and app updates: Make sure these are consistent throughout your fleet and environment.
  • Suspicious activity monitoring and reaction: What counts as suspicious activity can vary greatly, as can the intended reactions. 
After the audit

After you’ve completed the audit, take time to sift through the results. It’s also good to have multiple sets of eyes and perspectives on the data; an audit should be more than just a list of boxes to check. Seeing which criteria have been met or unmet is critical, but the question of why the results are what they are is equally important. If there are devices or apps that are out of compliance, you’ll need to know that and understand why if you’re going to remedy the issues. Your ultimate report should include this background and potential challenges during remediation. 

Remember, an audit isn’t just about seeing where you miss the mark. Sometimes you’ll discover areas where your organization beats expectations, shows improvement from an earlier audit or helps you see your baseline compared to your overall industry. If something works well, you want to understand why. It might be something you can incorporate more broadly throughout your organization.

The last major step is to create an action or remediation plan. (This is especially important if you’re in an industry subject to regulation such as financial services or healthcare.) What this plan will look like can vary significantly from company to company and even from audit to audit. 

The most important thing is that this plan be actionable. Each item should be specific, have metrics that allow you to ensure it is being addressed and have a timetable for resolution. The main reason for an audit in the first place is to identify issues and make serious improvements. Performing an audit and then letting the results sit in a drawer is nothing more than audit theater — you go through the motions, but don’t act on the results.

Kategorie: Hacking & Security

Nedaleko Františkových Lázní se chvěla země. Série zemětřesení dosáhla magnituda 2,2

Živě.cz - 14 Leden, 2025 - 11:45
Západní Čechy opět pocítily chvění země. U Františkových Lázní a Vojtanova se v neděli 12. ledna 2025 objevila série zemětřesení , která dosáhla maximálního magnituda 2,2. Tato geologická událost, označovaná jako zemětřesný roj, zahrnovala desítky slabších otřesů, které většina obyvatel ani ...
Kategorie: IT News

Když jsou Androidy zamknuté, zástupci v horní liště často nefungují. Poměrně překvapivě to však neplatí o Pixelech

Zive.cz - bezpečnost - 14 Leden, 2025 - 11:15
** Výrobci Androidů využívají horní lišty se zástupci rychlého spuštění ** Ke klíčovým funkcím vyžadují odemknutí telefonu ** U Pixelů si však v liště může každý dělat, co chce
Kategorie: Hacking & Security

Když jsou Androidy zamknuté, zástupci v horní liště často nefungují. Poměrně překvapivě to však neplatí o Pixelech

Živě.cz - 14 Leden, 2025 - 11:15
** Výrobci Androidů využívají horní lišty se zástupci rychlého spuštění ** Ke klíčovým funkcím vyžadují odemknutí telefonu ** U Pixelů si však v liště může každý dělat, co chce
Kategorie: IT News

4 Reasons Your SaaS Attack Surface Can No Longer be Ignored

The Hacker News - 14 Leden, 2025 - 11:08
What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place where sensitive data can end up, and a new source of third party risk. Learn how you can protect this sprawling attack surface in 2025. What do identity risks, data security risks and third-party
Kategorie: Hacking & Security

4 Reasons Your SaaS Attack Surface Can No Longer be Ignored

The Hacker News - 14 Leden, 2025 - 11:08
What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place where sensitive data can end up, and a new source of third party risk. Learn how you can protect this sprawling attack surface in 2025. What do identity risks, data security risks and third-party [email protected]
Kategorie: Hacking & Security

Adobe ruší nejlevnější způsob, jak se legálně dostat k Photoshopu. A také zdražuje

Živě.cz - 14 Leden, 2025 - 10:45
Adobe zavádí několik změn do předplatných Creative Cloud. Nejdůležitější zprávou je, že k 15. lednu ukončí prodej nejlevnějšího tarifu Plán pro digitální fotografii s 20GB cloudovým diskem. Ten zahrnuje dvě nejoblíbenější aplikace pro fotografy, tedy Photoshop a Lightroom, a běžně stojí 12,09 eur ...
Kategorie: IT News

Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions

The Hacker News - 14 Leden, 2025 - 10:29
The Telegram-based online marketplace known as HuiOne Guarantee and its vendors have cumulatively received at least $24 billion in cryptocurrency, dwarfing the now-defunct Hydra to become the largest online illicit marketplace to have ever operated. The figures, released by blockchain analytics firm Elliptic, show that monthly inflows have increased by 51% since July 2024. Huione Guarantee, part
Kategorie: Hacking & Security

Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions

The Hacker News - 14 Leden, 2025 - 10:29
The Telegram-based online marketplace known as HuiOne Guarantee and its vendors have cumulatively received at least $24 billion in cryptocurrency, dwarfing the now-defunct Hydra to become the largest online illicit marketplace to have ever operated. The figures, released by blockchain analytics firm Elliptic, show that monthly inflows have increased by 51% since July 2024. Huione Guarantee, partRavie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Změna telefonního čísla je jako noční můra. Aplikace a služby stále lpějí na ověření přes mobil

Živě.cz - 14 Leden, 2025 - 10:15
** Změna mobilního čísla může být horší než stěhování ** Mobilní služby a aplikace dodnes lpí na ověření přes telefon ** Jenže zkuste změnu čísla vysvětlovat automatu a umělé inteligenci
Kategorie: IT News

Změna telefonního čísla je jako noční můra. Aplikace a služby stále lpějí na ověření přes mobil

Zive.cz - bezpečnost - 14 Leden, 2025 - 10:15
** Změna mobilního čísla může být horší než stěhování ** Mobilní služby a aplikace dodnes lpí na ověření přes telefon ** Jenže zkuste změnu čísla vysvětlovat automatu a umělé inteligenci
Kategorie: Hacking & Security

Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces

The Hacker News - 14 Leden, 2025 - 10:13
Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet. "The campaign involved unauthorized administrative logins on management interfaces of firewalls, creation of new accounts, SSL VPN authentication through those accounts, and various other configuration changes," cybersecurity firm
Kategorie: Hacking & Security

Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces

The Hacker News - 14 Leden, 2025 - 10:13
Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet. "The campaign involved unauthorized administrative logins on management interfaces of firewalls, creation of new accounts, SSL VPN authentication through those accounts, and various other configuration changes," cybersecurity firmRavie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Russian-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware

The Hacker News - 14 Leden, 2025 - 10:10
Russia-linked threat actors have been attributed to an ongoing cyber espionage campaign targeting Kazakhstan as part of the Kremlin's efforts to gather economic and political intelligence in Central Asia. The campaign has been assessed to be the work of an intrusion set dubbed UAC-0063, which likely shares overlap with APT28, a nation-state group affiliated with Russia's General Staff Main
Kategorie: Hacking & Security

Russian-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware

The Hacker News - 14 Leden, 2025 - 10:10
Russia-linked threat actors have been attributed to an ongoing cyber espionage campaign targeting Kazakhstan as part of the Kremlin's efforts to gather economic and political intelligence in Central Asia. The campaign has been assessed to be the work of an intrusion set dubbed UAC-0063, which likely shares overlap with APT28, a nation-state group affiliated with Russia's General Staff Main Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

12 velkých jader od Intelu pro LGA-1700 stále v plánu

CD-R server - 14 Leden, 2025 - 10:00
Dvanáctijádrový „Raptor Lake“ okleštěný o Atomy, je nadále v přípravě. Zvěsti o procesoru, který by Intel mohl použít i v rámci herního desktopu, se potvrzují…
Kategorie: IT News

Gigabitový internet za 199 Kč měsíčně. Vodafone vábí nové uživatele velkou slevou

Živě.cz - 14 Leden, 2025 - 09:45
Vodafone má od 13. do 26. ledna 2025 akci Crazy Week , během níž nabízí internetová připojení ve vlastní síti za 199 Kč. Tuto cenu bude účtovat první rok, pak se zvýší na standardní. Za oněch 199 Kč je možné získat všechny tři tarify s rychlostmi stahování 250, 500 i 1000 Mb/s. Sleva platí jen pro ...
Kategorie: IT News
Syndikovat obsah