Everything we know about Apple Intelligence
Apple devices support Apple Intelligence, the growing collection of artificial intelligence (AI) tools the company began to roll out in October 2024. These include both consumer-friendly tools such as automatic mixing in Apple Music alongside a growing selection of increasingly powerful tools to get tasks done, ranging from writing tools to image creation, visual intelligence, […] more…Rise of AI crawlers and bots causing web traffic havoc
A new report from edge cloud platform provider Fastly reveals what it called “a striking shift in the nature of automated web traffic” with a recent analysis of traffic indicating that AI crawlers make up close to 80% of the AI bot traffic observed. Meta generated more than half, eclipsing both Google and OpenAI combined. […] more…How IT leaders unlock productivity with Microsoft 365 Copilot
In environments ranging from construction sites to university campuses to legal and retail operations, IT leaders are putting generative AI assistants to work — and discovering how to make them drive productivity. In this article, we focus on Microsoft 365 Copilot, examining real-world experiences that reveal both the promise and the pitfalls of the AI […] more…AI in the classroom is important for real-world skills, college professors say
Will the use of generative AI (genAI) tools degrade human intelligence over the long term? That question — and lingering concerns about cheating and hallucinations — are among the issues US university professors are grappling with as a new academic year approaches. Even as some embrace the technology, others look askance at generative AI tools. […] more…Microsoft pushes Copilot directly into Excel cells
A new Copilot feature has been added to Excel for Windows and Mac, specifically the generative AI (genAI feature has been integrated into the engine used for calculations, according to the Microsoft 365 Insider blog. (The feature is not yet generally available — it’s rolling out to users in the Beta Channel of the Microsoft […] more…UK agrees to drop dangerous data encryption backdoor demands, says US
The UK has agreed to drop its mandate that Apple install a backdoor into the encrypted data stored on its devices, though it isn’t clear whether this is an overall change or simply a tweak to protect US citizens. The landmark move would be a victory for digital privacy experts that sets a precedent between […] more…How agentic AI will impact software engineering
Agents, assemble! AI-powered coding agents are now real and usable. Indeed, coding agents are all around us, touching on every aspect of the software development life cycle, and recently InfoWorld outlined 12 of the best. This raised in the minds of our readers the bigger question, which they rushed to ask Smart Answers: how […] more…Fake Spam Plugin Uses Victim’s Domain Name to Evade Detection
During our investigation of an SEO spam infection (spam content designed to manipulate search engine results), we discovered a nicely crafted plugin that named itself after the infected domain, helping it evade detection. While this tactic was simple, it easily blended in with other legitimate plugins, making it harder to spot during the troubleshooting process. […] more…Canadian Airline WestJet Hit by Cyberattack
A cybersecurity incident at WestJet resulted in users experiencing interruptions when accessing the company’s application and website. The post Canadian Airline WestJet Hit by Cyberattack appeared first on SecurityWeek. more…What 17,845 GitHub Repos Taught Us About Malicious MCP Servers
Audio version of this post, created with NotebookLM Deep Dive Your browser does not support the audio element. Spoiler: VirusTotal Code Insight’s preliminary audit flagged nearly 8% of MCP (Model Context Protocol) servers on GitHub as potentially forged for evil, though the sad truth is, bad intentions aren’t required to follow bad practices and publish […] more…What Motivates Website Malware Attacks?
The depiction in the media of hackers tends to be that of balaclava-wearing villains who type furiously in a dark basement, motivated by nothing but evil intentions. However, while this may be true in some instances, by and large the determining factors that result in malware attacks are largely motivated not by ideology or malice […] more…UK Software Firm Fined £3 Million Over Ransomware-Caused Data Breach
The UK ICO has fined Advanced Computer Software Group £3 million ($3.8 million) over a 2022 data breach resulting from a ransomware attack. The post UK Software Firm Fined £3 Million Over Ransomware-Caused Data Breach appeared first on SecurityWeek. more…When Spam Hides In Plain Sight
We recently worked on an interesting case where Casino spam was visible in the page source, but couldn’t be located in any of the usual database rows or site files. Sitecheck flagged this as well. Casino and gambling spam is one of the most common types of spam attackers use. They are hoping that victims […] more…Japanese Spam on a Cleaned WordPress Site: The Hidden Sitemap Problem
While investigating a compromised WordPress site, we discovered a malware infection causing Japanese spam links to appear in Google search results. Although the site had been cleaned, Google was still crawling and indexing spammy URLs, which impacted the site’s SEO and credibility. Japanese SEO Spam: A Common Threat Japanese SEO spam is a recurring issue […] more…Research that builds detections
Note: You can view the full content of the blog here. Introduction Detection engineering is becoming increasingly important in surfacing new malicious activity. Threat actors might take advantage of previously unknown malware families – but a successful detection of certain methodologies or artifacts can help expose the entire infection chain. In previous blog posts, we […] more…Understanding and Fixing Authentication Bypass Vulnerabilities: A Case Study on Really Simple SSL
Introduction In the world of WordPress plugins, security vulnerabilities can have far-reaching consequences, especially when they affect widely used tools like Really Simple SSL. A recent vulnerability in versions 9.0.0 to 9.1.1.1 exposed websites to the risk of authentication bypass. However, the vulnerability only affected sites where the Two-Factor Authentication (2FA) feature was enabled. This […] more…More information
- IT Services Giant Sopra Steria Hit by Ransomware
- Virtual Web Host Migrations – March 22 & 23
- The Motorola Dimple: Why Do We Love A Missing Fingerprint Sensor?
- Over 100 arrested in FBI Blackshades RAT raids
- Heartbleed Bug—Mobile Apps are Affected Too
- Facebook tops Google’s list of domains for ‘right to be forgotten’ requests
- How NSS Labs’ CAWS finds and fixes network threats
- SnapChat-Like Apps Hide Content on Twitter, Facebook
- Apple Explains Mysterious iPhone 11 Location Requests
- Evolution of Malware Sandbox Evasion Tactics – A Retrospective Study