Agregátor RSS

Cybersecurity researchers have uncovered a new phishing campaign that exploits social media private messages to propagate malicious payloads, likely with the intent to deploy a remote access trojan (RAT). The activity delivers "weaponized files via Dynamic Link Library (DLL) sideloading, combined with a legitimate, open-source Python pen-testing script," ReliaQuest said in a report shared with

Cybersecurity researchers have uncovered a new phishing campaign that exploits social media private messages to propagate malicious payloads, likely with the intent to deploy a remote access trojan (RAT). The activity delivers "weaponized files via Dynamic Link Library (DLL) sideloading, combined with a legitimate, open-source Python pen-testing script," ReliaQuest said in a report shared with Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

InvisiLight je jen 0,6mm optické vlákno, které doma rozšíří rychlou síť. • Bude spolehlivější než Wi-Fi a obejde se bez špinavé práce jako u Ethernetu. • Vlákno je rychlé, téměř neviditelné, ale také drahé.

Learn how security leaders and SOC teams can work together to close the gap between platform decisions and operational needs. Join Sumo Logic and BleepingComputer on January 29 for a practical webinar on aligning security tools with real-world workflows. [...]

Many security teams are forced to defend environments using tools they didn't choose. This webinar explores how SOC teams can overcome alert fatigue, platform gaps, and AI hype to get real results from the tools they already have. [...]

Prompt injection for the win

Anthropic has fixed three bugs in its official Git MCP server that researchers say can be chained with other MCP tools to remotely execute malicious code or overwrite files via prompt injection.…

Tyto filmy a seriály jsou teď na českém Disney+ nejoblíbenější. Nerozlišujeme žánr, stáří ani hodnocení na filmových webech. Jde o souhrnnou oblíbenost za poslední týdny, kterou zjišťuje web FlixPatrol.

The era of large-scale hiring at Indian IT services firms is giving way to a more measured approach, as companies reduce staff through automating routine work while still struggling to hire AI specialists, despite a surge in client demand for AI.

“Top five Indian IT firms added only 17 net employees in the first nine months of FY26 versus 17,764 in the same period last year,” said Chirag Mehta, vice president and principal analyst at Constellation Research. “That is what AI-era productivity looks like in practice: more output per employee, fewer benches, and tighter utilization.

The supply of skilled talent is far below demand, according to Biswajeet Mahapatra, principal analyst at Forrester. “India has only one qualified engineer for every ten generative AI jobs, and firms report that only 15–20 percent of the workforce has AI-ready skills due to rapidly evolving technologies, high salary inflation, and limited advanced training and research capabilities,” Mahapatra said.

This shift was evident in the latest earnings for the October–December quarter for the top IT services firms. Even as AI dominated client conversations and deal pipelines, hiring across India’s top IT services remained muted.

Shrinking headcount

At the end of Q3 FY26, TCS reported a global headcount of 582,163, down by over 11,000 employees sequentially and sharply lower than its Q1 level of 613,069. Tech Mahindra also reported a decline, with headcount falling to 149,616 in Q3 from 152,714 in the previous quarter. HCLTech reported a marginal sequential dip of 0.1% to 226,379 employees.

Infosys appeared as an outlier, increasing headcount to 337,034 in Q3 from 331,991 in the previous quarter, adding nearly 5,000 software professionals. This, however, was still far lower than the employee growth the company registered in the previous quarter, indicating a struggle to attract the relevant talent akin to its peers.

AI is reducing the need for large teams

Traditionally, the Indian IT companies deployed large teams linked to cost efficiency and predictable delivery. However, with the adoption of AI and enterprises demanding faster delivery, fewer manual processes, and measurable outcomes, this model is being challenged and reworked.

“Leveraging AI and machine learning, companies are automating high-volume, routine tasks that earlier required large teams,” said Biswajit Maity, senior principal analyst at Gartner. “This is leading to smaller, more specialised teams and contracts increasingly structured around outcomes and key performance indicators.”

This trend is especially visible in software development. With AI and vibe coding, companies are able to push a lot more code into production with a fraction of the headcount, explained Jimit Arora, CEO at Everest Group.

“While the teams will not disappear, we do expect to see a reduction in the traditional way of working and getting more done with either the same or fewer resources,” Arora said. “If the traditional model was 80% human and 20% tech, the reinvention model is roughly 20-80 i.e., 20% human, and 80% tech, where we see the industry gravitating toward is 50-50, i.e., 50% human and 50% tech.”

Hiring gives way to reskilling, subcontracting

Earnings calls from top IT companies for the October–December quarter show that while clients are increasing AI adoption, IT services firms are no longer responding with large-scale hiring.

TCS said it continues to hire from campuses and laterally for roles aligned with future requirements. However, wherever the company was not finding success in re-deployment, it released the workforce. In Q3 alone, TCS fired approximately 1,800 people, the company acknowledged during the earnings call.

To compensate for the lack of talent availability, IT services firms are investing heavily in reskilling.

TCS now has more than 217,000 employees with advanced AI skills, a three-fold increase over last year. HLCTech is implementing GenAI and AI capabilities across its lines of business and scaling adoption with customer-specific AI tooling. To enable all this, over 38,000 additional employees have been trained on GenAI, and more than 600 on responsible AI, acknowledged C. Vijayakumar, CEO at HCLTech, during the earnings call.

Mehta noted there is also a knock-on effect where IT services companies are tilting toward subcontracting and gig-style capacity for variable demand, rather than keeping large permanent benches. That can reduce visible headcount growth even when delivery volume rises.

Group-IB says crims forking out for Dark LLMs, deepfakes, and more at subscription prices

Cybercrime has entered its AI era, with criminals now using weaponized language models and deepfakes as cheap, off-the-shelf infrastructure rather than experimental tools, according to researchers at Group-IB.…

The Problem: The Identities Left Behind As organizations grow and evolve, employees, contractors, services, and systems come and go - but their accounts often remain. These abandoned or “orphan” accounts sit dormant across applications, platforms, assets, and cloud consoles. The reason they persist isn’t negligence - it’s fragmentation.  Traditional IAM and IGA systems are designed

The Problem: The Identities Left Behind As organizations grow and evolve, employees, contractors, services, and systems come and go - but their accounts often remain. These abandoned or “orphan” accounts sit dormant across applications, platforms, assets, and cloud consoles. The reason they persist isn’t negligence - it’s fragmentation.  Traditional IAM and IGA systems are designed [email protected]

Cybersecurity researchers have disclosed details of a malware campaign that's targeting software developers with a new information stealer called Evelyn Stealer by weaponizing the Microsoft Visual Studio Code (VS Code) extension ecosystem. "The malware is designed to exfiltrate sensitive information, including developer credentials and cryptocurrency-related data. Compromised developer

Cybersecurity researchers have disclosed details of a malware campaign that's targeting software developers with a new information stealer called Evelyn Stealer by weaponizing the Microsoft Visual Studio Code (VS Code) extension ecosystem. "The malware is designed to exfiltrate sensitive information, including developer credentials and cryptocurrency-related data. Compromised developer Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

Chrome Beta skrytě obsahuje vertikální karty. • Funkce se zapíná na stránce chrome://flags. • Nástrojová lišta se sice zvětší, ale místo na výšku i tak ušetříte.

Cloudflare has addressed a security vulnerability impacting its Automatic Certificate Management Environment (ACME) validation logic that made it possible to bypass security controls and access origin servers.  "The vulnerability was rooted in how our edge network processed requests destined for the ACME HTTP-01 challenge path (/.well-known/acme-challenge/*)," the web infrastructure

Cloudflare has addressed a security vulnerability impacting its Automatic Certificate Management Environment (ACME) validation logic that made it possible to bypass security controls and access origin servers.  "The vulnerability was rooted in how our edge network processed requests destined for the ACME HTTP-01 challenge path (/.well-known/acme-challenge/*)," the web infrastructure Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]

One of the most important trends in unified endpoint management (UEM) and mobility management is — surprise! — a big move toward AI-enabled capabilities. But this is only part of what is a quickly evolving market.

“The endpoint management market is undergoing a rapid transformation fueled by SaaS-powered innovations, deeper integration of threat intelligence, growing reliance on digital [employee] experience tools, and breakthroughs in AI/ML and generative AI [genAI],” says Tom Cipolla, vice president and analyst, Digital Workplace Infrastructure and Operations at research firm Gartner.

“These trends are setting the stage for next-generation solutions that prioritize automation and intelligence,” Cipolla says.

AI, and specifically genAI, are now solidly part of the mobility landscape, as enterprises and vendors continue to look for ways to automate functions and increase efficiency.

The AI push

Many current platforms include genAI capabilities designed to make the platforms easier to use through conversational interfaces, Cipolla says. “AI is starting to be used to analyze data and make recommendations for device management efficiency,” he says.

Natural language assistants and chatbots, patch management and predictive maintenance, AI-driven security and threat detection, and insight generation and reporting are four major areas where genAI is accelerating operations and reducing labor, Cipolla says. Wider-scale usage of genAI will depend on vendors releasing capabilities that allow administrators to chat with their data and uncover insights not previously available via existing dashboards and reports, he adds.

One AI technology that has yet to take off in UEM is agentic AI, Cipolla says. This involves the use of AI applications known as agents that execute complex workflows, make decisions, take actions, and interact with other agents — all with limited oversight from humans.

“Agentic AI is a potential transformational force in endpoint management tools, but not currently widely enabled by vendors,” Cipolla says. “We are watching this closely as we expect rapid innovation. Agentic AI not only can generate insights, but can act based on those insights and the risk, business, and operational goals of the organization.”

The complexity of modern endpoints and the reliance on devices for more tasks and use cases can leave workers under-provisioned in terms of the software and configurations required to do their jobs at a basic level, says Phil Hochmuth, research vice president, Endpoint Management and Enterprise Mobility at research firm IDC.

“The emergence of AI can help organizations take a large step forward toward hyper-customizing end-user devices for exactly the job they do — from optimizing the installed software to ensuring the right levels of connectivity, access control, and data access privileges are enabled when users unbox their PCs or laptops,” Hochmuth says.

While automated patching, deployment, and alerting have been around for some time, “now we’re seeing vendors lean more heavily into AI,” says Jeremy Roberts, senior director, research and content at Info-Tech Research Group. “I think there is significant overlap with AIOps [AI for IT operations] to facilitate automation across the entire stack, and these tools require input of the sort collected by traditional UEM tools.”

Predictive analytics is the biggest use case for AI in UEM, Roberts says, to address questions such as “when is a device likely to die, [or] what is likely causing a poor experience?” Managers are focused on productivity, “and preemptively remediating issues before they cause productivity problems is definitely an area for UEM to shine,” he says.

Enterprises need to understand their genAI use cases well and make a case for return on investment, Roberts says. “AI is not good for its own sake,” he says. “Look for things that AI is good at: anomaly detection, predictive analytics are cool.”

As with other applications of AI and automation, the technology should not just replace people, but enable them to be more productive. “Keep humans in the loop until you’ve figured out how the system behaves with confidence,” Roberts says. “It’s not a given that AI will make things easier or more efficient, so keeping an eye on the system before you let auto-remediation run rampant is wise.”

A related trend is the growing use of autonomous endpoint management (AEM), an approach that uses AI and machine learning to automate device management for greater efficiency, security, and compliance. AEM handles tasks such as patching and configuration.

“Demand for autonomous actions will surge within the next three years, as IT leaders and managed service providers struggle to scale staffing and skill sets to meet operational demands,” Gartner’s Cipolla says. “In response, vendors are embedding [AEM] into their offerings.”

While current implementations focus on intelligence-driven patch automation, Cipolla says, Gartner predicts AEM will soon expand to include configuration and policy management, among other critical workloads.

Stable market

The endpoint management market continues to be highly mature, dominated by a handful of vendors with significant market share, Cipolla says. Despite this concentration, Gartner notes that many organizations supplement their primary UEM platform with competitive or complementary tools to close gaps or enhance underperforming capabilities.

“As a result, Gartner has reformatted the market to include the broader endpoint management tool vendors,” Cipolla says. “Gartner projects moderate topline growth over the next several years, as mainstream modern-management-based UEM solutions work to bridge functionality gaps compared to traditional client-based tools,” he says.

These gaps — often related to speed, reliability, and granularity — create operational overhead and remain key barriers to efficiency in endpoint operations, Cipolla says.

In response to a need to move faster to patch devices and reduce security risks, many endpoint management platforms have started to provide real-time measurements of digital employee experience (DEX) into their platforms, Cipolla says.

“This data is used to very quickly determine whether [an] impact is seen, and the platform can halt operations if negative signals are received and also accelerate operations if positive signals are seen,” Cipolla says. “This is referred to as operational digital employee experience measurements, or OpDEX. OpDEX is at the heart of the autonomous endpoint management approach.”

A key mobility management dynamic involves balancing the ideal of a single unified platform with the practical needs of managing advanced use cases and functions, according to IDC’s Hochmuth.

“Enterprises report that full convergence is often stymied by the diversity of use cases — frontline workers, field staff, knowledge employees, and device fleets operating on a mix of Windows, Mac, iOS, Android, Chromebooks, and specialized IoT [Internet of Things] or single-purpose devices,” he says. “As a result, many organizations adopt multi-vendor UEM deployments, choosing specific tools based on best-fit features for distinct operational or regulatory demands.”

As for the cost of UEM platforms, there has not been an increase in UEM pricing over the past year, in terms of price per device or user per month, Hochmuth says. “However, premiums will be charged for AI-based and automation-based intelligence ‘add-on’ products to UEM suites,” he says.

Looking ahead, predictive analytics will become a standard, baseline function of endpoint device management tools, Hochmuth says. “AI will augment this function to help IT teams preempt endpoint device failures, optimize resource allocation, and improve device uptime based on usage patterns and telemetry,” he says.

As IT operations moves toward a future of smaller IT teams, “organizations will have to rely on help from data-driven AI and automation capabilities to manage ever-growing fleets of endpoints, from mobile devices and PCs, and beyond,” Hochmuth says.

Related:

• GenAI is coming to your UEM platform: How to prepare
• UEM buyer’s guide: How to choose the right unified endpoint management platform
• What is UEM? Unified endpoint management explained
• Enterprise mobility 2025: Automation lightens the load

Leaked API keys are no longer unusual, nor are the breaches that follow. So why are sensitive tokens still being so easily exposed? To find out, Intruder’s research team looked at what traditional vulnerability scanners actually cover and built a new secrets detection method to address gaps in existing approaches.  Applying this at scale by scanning 5 million applications revealed over

Leaked API keys are no longer unusual, nor are the breaches that follow. So why are sensitive tokens still being so easily exposed? To find out, Intruder’s research team looked at what traditional vulnerability scanners actually cover and built a new secrets detection method to address gaps in existing approaches.  Applying this at scale by scanning 5 million applications revealed over [email protected]

Na titulní stránky světových periodik se po čase opět dostalo Grónsko. Všichni rozebírají jeho velikost, strategickou polohu a výrobci předražených glóbusů nestačí objednávat další a další role papíru. Těžko bychom tedy hledali lepší příležitost ke zopakování učiva z hodin zeměpisu pro základní a ...