Pourquoi continuer à payer tous les mois pour un service cloud ? Avec pCloud, vous […] Cet article pCloud à prix choc : réduction -37% avec notre lien affilié a été publié sur REALITE-VIRTUELLE.COM.

May 30, 20252 min readSahara Dust Clouds Are Heading to Florida and BeyondClouds of dust blown off the Saharan Desert into the southeastern U.S. could affect local weather and make sunrises and sunsets particularly vividBy Meghan Bartels edited by Dean VisserEach year, seasonal winds carry tens of millions of tons of Saharan dust across the Atlantic and beyond. On February 18, 2021, NOAA-20’s VIIRS captured a dramatic display of airborne dust. NASA Earth Observatory image by Lauren Dauphin, using VIIRS data from NASA EOSDIS LANCE, GIBS/Worldview, and the Suomi National Polar-orbiting PartnershipClouds of dust drifting from the Sahara Desert over the Atlantic Ocean could make for unusual-looking sunrises and sunsets, as well as potentially drier weather, over Florida and parts of the southeastern U.S. in the coming days.What’s HappeningBetween late spring and early fall, dust from the Saharan gets blown out over the Atlantic Ocean every three to five days. When conditions are right, air masses that are filled with this dust can make it across the thousands of miles required to reach North America. Meteorologists call this type of air mass the Saharan Air Layer, or SAL.On supporting science journalismIf you're enjoying this article, consider supporting our award-winning journalism by subscribing. By purchasing a subscription you are helping to ensure the future of impactful stories about the discoveries and ideas shaping our world today.Currently, on Friday, a thin SAL is dispersing over Florida, says Ana Torres-Vazquez, a meteorologist at the National Weather Service’s Miami office, who adds that this could interfere with some storms carried into the peninsula by a cold front on Saturday. Another layer of dust—this one thicker and denser—may then blow in next week, although that forecast is currently less certain, Torres-Vazquez notes.It’s worth noting that the Atlantic hurricane season officially begins on June 1. In general, the SAL tends to dry the atmosphere it drifts through—so some scientists think these dust clouds may actually impede hurricane development. For now, however, forecasters aren’t expecting any tropical storms to develop in the Atlantic within the coming week.Sunrise, SunsetThe effect that will be most noticeable to local residents as the dust lingers might be unusual sunrises and sunsets.“When you have Saharan dust or any other kind of particulate, if the sun is coming in at an angle, like during sunrise or sunset,” Torres-Vazquez says, “it can hit those particulates that are close to the ground just right and result in those different, kind of orangey-reddish colors.”Other parts of the country might also see enhanced sunrises and sunsets during the coming days from a different kind of particulate—wildfire smoke. Canada is experiencing yet another brutal year for wildfires, with nearly 700,000 hectares, or more than 2,500 square miles, burned to date.Right now fires are particularly bad in the provinces of Saskatchewan and Manitoba, in part because of high temperatures stuck over central Canada. Smoke from these blazes is expected to reach U.S. states, including Minnesota, Wisconsin, Illinois and Michigan, in the coming days.Depending on how close the dust and smoke get to Earth’s surface, these kinds of particulate matter can be harmful to people’s health, particularly for people who are very young or very old and those who have asthma or heart or lung disease. The Air Quality Index can help you gauge whether you should take any precautions.

Hard as it is to believe, there was a time when using any personal technology at work was such a radical concept that most people wouldn’t even consider it an option. IT departments went to great lengths to prevent workers from using their own devices, computers, apps/subscriptions, email, and cloud services. The release of the iPhone in 2007 began to change that. Suddenly people were discovering that the smartphone they bought for their personal use could make them more efficient and productive at work as well. But it was Apple’s launch of its mobile device management framework in 2010 that truly created the bring your own device movement. MDM meant that users could bring their personal devices to work, and IT departments could secure those devices as needed. Almost instantly, BYOD was something that companies began to support in industries across the board. Fifteen years later, BYOD is fully mainstream, and a majority of businesses actively support it. But advances in technology, changing user expectations, and the fallout from Covid’s remote work mandates (and subsequent return to office mandates) have shifted the landscape, sometimes without being overtly visible. With that in mind, I decided to reexamine the assumptions and realities of BYOD and see what has and hasn’t changed in the past decade and a half. BYOD is everywhere but device management isn’t The exact numbers on BYOD adoption vary depending on the source you look to and how it’s being measured. A 2022 paper from HPE claims that 90% of employees use a mix of work and personal devices on the job, while Cybersecurity Insiders says that 82% of organizations have a BYOD program. However you look at it, BYOD is now massively entrenched in our work culture and extends beyond just employees and managers. According to data from Samsung (cited by JumpCloud), 61% of organizations support BYOD for non-employees including contractors, partners, and suppliers to varying degrees. But overtly or tacitly accepting BYOD doesn’t mean that companies actively manage BYOD devices. Cybersecurity Insiders data (also via JumpCloud) also indicates that as many as 70% of BYOD devices used in the workplace aren’t managed — a number that may seem shocking, but that figure includes personal devices used by non-employees such as contractors. About those cost savings… In the early days, there was an assumption that BYOD would lower hardware and service costs, but that wasn’t certain. Today there’s data. In the early 2010s, Cisco estimated a $900+ annual savings per employee, though more recent data from Samsung (cited by JumpCloud) pegs the savings as significantly lower at $341. Despite that disparity, it’s obvious that there are savings to be had, and with significantly climbing smartphone prices, those savings are is poised to grow rather than shrink. Of course, the cost of managing devices needs to be factored in. That cost can vary widely depending on the vendor, specific products, and adopted features, but some MDM vendors charge as little as $1 per user per month (not including staff resources). The cost of providing employees company-purchased apps is also worth noting, though that falls more in line with traditional software procurement. Productivity gains are real, but so are distractions The data is clear that there can be significant gains in productivity attached to BYOD. Samsung estimates that workers using their own devices can gain about an hour of productive worktime per day and Cybersecurity Insiders says that 68% of businesses see some degree of productivity increases. Although the gains are significant, personal devices can also distract workers more than company-owned devices, with personal notifications, social media accounts, news, and games being the major time-sink culprits. This has the potential to be a real issue, as these apps can become addictive and their use compulsive. Tools of the trade When I think back to the first five to ten years after Apple introduced MDM, it reminds me of the later stages of the birth of the solar system, with dozens of companies offering discrete tools that solved part of the mobility and BYOD puzzle, many colliding into each other or being flung out of existence. Some focused on just supporting the MDM server spec sheet, others on cloud storage, securing and managing access to corporate content, corporate app purchasing and management, secure connectivity, user and identity management, Office alternatives (Microsoft waited nearly five years releasing an iOS version of Office), and more. Along the way, major enterprise vendors began dominating the market, some by acquisition and others by building out existing capabilities, although there were also businesses that came out of mergers of some of the new players as well. As the market matured, it became easy to pick a single vendor to provide all enterprise mobility and BYOD needs rather than relying on multiple companies focusing on one particular requirement. Multiplatform support has morphed into something very different The iPhone was the clear early standard for supporting personal devices at work, in part because the hardware, operating system, and MDM mechanics were all created by a single vendor. Going multiplatform was typically assumed to mean iOS and Android — and Android was a fragmented mess of different hardware makers with sometimes widely varying devices and customized Android variants (built to spec by the manufacturers and the demands of wireless carriers) that resulted in no coherent OS update strategy. The gap in management capabilities has narrowed significantly since then, with Google taking a much more active role in courting and supporting enterprise customers and providing a clear and coherent enterprise strategy across a wide swath of major Android phone makers and other vendors. But that isn’t the only massive shift in what it means to be multiplatform. Today the personal devices used in the workplace (and able to be managed using MDM) include non-phone entries including Macs, Apple TVs, Chromebooks, and Windows PCs — with Macs and PCs making up a significant number of BYOD devices. Most MDM suites support this full range of devices to one degree or another, but support costs can rise as more and more platforms (and thus complexity) are implemented — and those costs vary by platform, with general agreement that Apple devices provide the greatest savings when it comes to technical support. How Covid changed the BYOD equation I’m pretty sure that in 2010, not one person on the planet was predicting a global pandemic that would lead to the vast majority of knowledge workers working from home within a decade. Yet, as we all remember, that’s exactly what happened. The need to work from home encouraged broader adoption of personal devices as well as ancillary technologies ranging from peripherals/accessories to connectivity. Despite a litany of return-to-office mandates in recent years, remote work is here to stay, whether that’s full-time, hybrid, or just working outside traditional office hours or location. Samsung notes that 61% of businesses expect employees to work remotely to some degree, while Robert Half reports that only 61% of new job postings in 2024 had full in-office requirements. And data from WFH Research shows that at the start of 2025, employees are working remotely 28% of the time. Passing support to new generations One challenge for BYOD has always been user support and education. With two generations of digital natives now comprsing more than half the workforce, support and education needs have changed. Both millennials and Gen Z have grown up with the internet and mobile devices, which makes them more comfortable making technology decisions and troubleshooting problems than baby boomers and Gen X. This doesn’t mean that they don’t need tech support, but they do tend to need less hand-holding and don’t instinctively reach for the phone to access that support. Thus, there’s an ongoing shift to self-support resources and other, less time-intensive, models with text chat being the most common — be it with a person or a bot. They also have different expectations in areas like privacy, processes and policies, and work-life balance. Those expectations make it more important for companies to delineate their BYOD and other tech policies as well as to explain the rationale for them. This means that user education remains important, particularly in a rapidly changing landscape. It also means that policies should be communicated in more concise and easily digestible forms than large monolithic pages of legalese. Users actually want to update (and repair or replace) their devices Twenty years ago, the idea of updating workplace technology was typically met with a groan from users who didn’t appreciate downtime or changes in the way things looked and worked. Even as BYOD gained traction, getting users to update their devices wasn’t always easy and required a certain amount of prompting or policing. While resistance to change will never truly die out, most smartphone (and other device) users actively update on their own because of the new features that come with OS updates and new hardware. Upgrades are something to get excited about. BYOD users also tend to be more careful with their devices just because they are their own devices. Likewise, they’re more on point with repairs or replacements and are keen to handle those issues on their own. Security is ever evolving Security has always been (and always will be) a major concern when it comes to BYOD, and the threats will always be evolving. The biggest concerns stem from user behavior, with users losing devices being one big concern. Verizon reports that more than 90% of security incidents involving lost or stolen devices resulted in an unauthorized data breach, and 42% involved the leaking of internal data. Another big concern is users falling prey to malicious actors: falling for phishing schemes, downloading malware, allowing corporate data to be placed in public spaces, or letting others use their devices. Devices themselves can be major targets, with attacks coming from different directions like public Wi-Fi, malicious apps or apps that are not designed to safeguard data properly, OS and network vulnerabilities, and so on. Supporting infrastructure can also be a weak point. These threats are real. Research by JumpCloud indicates that 20% of businesses have seen malware as a result of unmanaged devices, and nearly half aren’t able to tell if unmanaged devices have compromised their security. Cybersecurity Insiders research shows a similar statistic of 22%, while also noting that 22% of BYOD devices have connected to malicious wireless networks. Shadow IT will always exist Shadow IT is a phenomenon that has existed for decades but grew rapidly alongside BYOD, when users began leveraging their personal devices, apps, and services for work without IT’s involvement, knowledge, or consent. Almost every company has some degree of shadow IT, and thus unmanaged devices or other technologies. Organizations need to educate users (even digital natives) about security and keeping their devices safe. They also need to engage users involved in shadow IT and make allies out of them, because shadow IT often stems from unmet technological needs. Then there’s the trust component. Many users remain uncomfortable letting IT manage their devices, because they don’t understand what IT will be able to see on them. This is a user education problem that all companies need to address clearly and unequivocally. Still the same goals Although much has changed about BYOD, the basic goal remains the same: allowing workers to use the devices and other tools they are comfortable with and already own… and are likely to use whether sanctioned to or not.

If you’re looking for an affordable (and secure) way to back up your files, the Seagate Portable 2TB external hard drive (HDD) currently on sale at Amazon is a great pick. Seagate is a global leader in the storage industry and for this Memorial Day sale, you can grab the 2TB HDD model for just $69 which is a 13% discount from its usual $79 price tag. Compared to the ongoing expense of cloud storage, this is a one-time investment that saves you money in the long run. For example, a 2TB cloud plan at pCloud will cost you $120 per year, while this Seagate drive gives you the same capacity (lifetime) for less than $70. See at Amazon HDD versus SSD The Seagate hard drive is designed to be spare and compatible with anything that will interface with both Windows and Mac computers and most game consoles (PlayStation, Xbox…). It is available for backing up files, photos, videos or game libraries, and plug-and-play design means no software install or difficult setup to accomplish. The drive is powered directly via the USB port so you don’t need external power supply. Even though HDDs generally offer slower speeds than SSDs, the Seagate 2TB external hard drive still offers fast performance for day-to-day use. With transfer rates as high as 120MB/s, it’s more than sufficient to transfer large files. In contrast, SSDs can go much faster (500 to 1000MB/s) but for most users who need to store or back up large amounts of information, the difference in speed is never a bottleneck. For a 2TB capacity, an HDD like this remains a good and affordable option. With 2TB of storage, you have room to store hundreds of thousands of photos, hours of HD video or entire game libraries without worrying about having too little space. With drag-and-drop simple organization and control over your files, the drive’s compatibility with both USB 3.0 and 2.0 ports ensures that it will get along with nearly any computer or console you happen to have on hand. For peace of mind for data protection, the drive also includes a data recovery service plan, which provides expert assistance in the case of data loss. If you need low-cost, secure and high-capacity storage, this Seagate external hard drive is a very good choice. It’s far more economical and convenient than paying for periodic cloud storage plans (or SSD hard drives) with the added benefits of portability, performance, and convenience. See at Amazon

May 13, 2025Ravie LakshmananCyber Espionage / Malware The North Korea-linked threat actor known as Konni APT has been attributed to a phishing campaign targeting government entities in Ukraine, indicating the threat actor's targeting beyond Russia. Enterprise security firm Proofpoint said the end goal of the campaign is to collect intelligence on the "trajectory of the Russian invasion." "The group's interest in Ukraine follows historical targeting of government entities in Russia for strategic intelligence gathering purposes," security researchers Greg Lesnewich, Saher Naumaan, and Mark Kelly said in a report shared with The Hacker News. Konni APT, also known as Opal Sleet, Osmium, TA406, and Vedalia, is a cyber espionage group that has a history of targeting entities in South Korea, the United States, and Russia. It's operational since at least 2014. Attack chains mounted by the threat actor often involve the use of phishing emails to distribute malware called Konni RAT (aka UpDog) and redirect recipients to credential harvesting pages. Proofpoint, in an analysis of the threat group published in November 2021, assessed TA406 to be one of several actors that make up the activity publicly tracked as Kimsuky, Thallium, and Konni Group. The latest set of attacks documented by the cybersecurity company entails the use of phishing emails that impersonate a fictitious senior fellow at a think tank called the Royal Institute of Strategic Studies, which is also a non-existent organization. The email messages contain a link to a password-protected RAR archive that's hosted on the MEGA cloud service. Opening the RAR archive using a password mentioned in the message body launches an infection sequence that's engineered to conduct extensive reconnaissance of the compromised machines. Specifically, present within the RAR archive is a CHM file that displays decoy content related to former Ukrainian military leader Valeriy Zaluzhnyi. Should the victim click anywhere on the page, a PowerShell command embedded within the HTML is executed to reach out to an external server and download a next-stage PowerShell payload. The newly launched PowerShell script is capable of executing various commands to gather information about the system, encode it using Base64-encoding, and send it to the same server. "The actor sent multiple phishing emails on consecutive days when the target did not click the link, asking the target if they had received the prior emails and if they would download the files," the researchers said. Proofpoint said it also observed an HTML file being directly distributed as an attachment to the phishing messages. In this variation of the attack, the victim is instructed to click on an embedded link in the HTML file, resulting in the download of a ZIP archive that includes a benign PDF and a Windows shortcut (LNK) file. When the LNK is run, it executes Base64-encoded PowerShell to drop a Javascript Encoded file called "Themes.jse" using a Visual Basic Script. The JSE malware, in turn, contacts an attacker-controlled URL and runs the response from the server via PowerShell. The exact nature of the payload is currently not known. Furthermore, TA406 has been spotted attempting to harvest credentials by sending fake Microsoft security alert messages to Ukrainian government entities from ProtonMail accounts, warning them of suspicious sign-in activity from IP addresses located in the United States and urging them to verify the login by visiting a link. While the credential harvesting page has not been recovered, the same compromised domain is said to have been used in the past to collect Naver login information. "These credential harvesting campaigns took place prior to the attempted malware deployments and targeted some of the same users later targeted with the HTML delivery campaign," Proofpoint said. "TA406 is very likely gathering intelligence to help North Korean leadership determine the current risk to its forces already in the theatre, as well as the likelihood that Russia will request more troops or armaments." "Unlike Russian groups who have likely been tasked with gathering tactical battlefield information and targeting of Ukrainian forces in situ, TA406 has typically focused on more strategic, political intelligence collection efforts." The disclosure comes as the Konni group has been linked to a sophisticated multi-stage malware campaign targeting entities in South Korea with ZIP archives containing LNK files, which run PowerShell scripts to extract a CAB archive and ultimately deliver batch script malware capable of collecting sensitive data and exfiltrating it to a remote server. The findings also dovetail with spear-phishing campaigns orchestrated by Kimsuky to target government agencies in South Korea by delivering a stealer malware capable of establishing command-and-control (C2 or C&C) communications and exfiltrating files, web browser data, and cryptocurrency wallet information. According to South Korean cybersecurity company AhnLab, Kimsuky has also been observed propagating PEBBLEDASH as part of a multi-stage infection sequence initiated via spear-phishing. The trojan was attributed by the U.S. government to the Lazarus Group in May 2020. "While the Kimsuky group uses various types of malware, in the case of PEBBLEDASH, they execute malware based on an LNK file by spear-phishing in the initial access stage to launch their attacks," it said. "They then utilize a PowerShell script to create a task scheduler and register it for automatic execution. Through communication with a Dropbox and TCP socket-based C&C server, the group installs multiple malware and tools including PEBBLEDASH." Konni and Kimsuky are far from the only North Korean threat actors to focus on Seoul. As recently as March 2025, South Korean entities have been found to be at the receiving end of another campaign carried out by APT37, which is also referred to as ScarCruft. Dubbed Operation ToyBox Story, the spear-phishing attacks singled out several activists focused on North Korea, per the Genians Security Center (GSC). The first observed spear phishing attack occurred on March 8, 2025. "The email contained a Dropbox link leading to a compressed archive that included a malicious shortcut (LNK) file," the South Korean company said. "When extracted and executed, the LNK file activated additional malware containing the keyword 'toy.'" The LNK files are configured to launch a decoy HWP file and run PowerShell commands, leading to the execution of files named toy03.bat, toy02.bat, and toy01.bat (in that order), the last of which contains shellcode to launch RoKRAT, a staple malware associated with APT37. RokRAT is equipped to collect system information, capture screenshots, and use three different cloud services, including pCloud, Yandex, and Dropbox for C2. "The threat actors exploited legitimate cloud services as C2 infrastructure and continued to modify shortcut (LNK) files while focusing on fileless attack techniques to evade detection by antivirus software installed on target endpoints," Genians said. Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post. SHARE    