By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

Facebook parent Meta Platforms is making a huge investment in virtual reality, but its actual reality is looking like a real disaster. Meta shares tumbled 24% on Thursday to its lowest level in nearly four years following an earnings report that one Wall Street analyst described as a "train wreck." It's a far cry from the company's position nearly a year ago, when CEO Mark Zuckerberg on October 28, 2021, announced with great fanfare that Facebook was changing its name to Meta Platforms to emphasize its focus on the "metaverse." Last fall, Facebook was still riding high: Its market value reached a peak of more than $1 trillion in September 2021. Revenue and profits were surging as advertisers flocked to Facebook and Instagram to reach their billions of users. To be sure, practically the entire tech industry has taken a beating this year, but Meta's stock plunge has far outpaced the overall sector, with its shares down 67% from a year earlier compared with the tech-heavy Nasdaq's 31% slide over the same period. Meta's plunge translates into an eye-popping loss of about $700 billion in market value. On Thursday, Meta's market value sank to $268 billion, down from more than $1 trillion in September of 2021. The company's travails raise questions about its all-in bet on the metaverse and whether the social media company could suffer the fate of other major businesses whose gambles on the future failed to pay off. In the near term, Meta's core Facebook business is facing challenges as the economy slows and advertisers trim spending. "Meta's results last night was an absolute train wreck that speaks to pervasive digital advertising doldrums ahead for Zuckerberg & Co. as they make the risky and head-scratching bet on the metaverse," Wedbush analyst Dan Ives said in a report. Here are three key issues slamming Meta shares and deepening questions about its longer-term prospects. On a Wednesday conference call to discuss Meta's latest earnings, Zuckerberg told investors he is "pretty confident this is going in a good direction." Investors aren't convinced. The company is making what amounts to a wildly expensive bet on its ability to transform into a virtual reality behemoth and whether that technology can power the next phase in Meta's growth. Although such strategic pivots can take years for big companies to execute — as it did for IBM and Microsoft as they morphed from selling hardware to software — the early returns for Meta have been grim. For the first nine months of the year, Meta lost $9.4 billion on its metaverse unit, Reality Labs. It expects the unit to have "significantly" more comprehensive operating losses in 2023, the company said on Wednesday. Investors are skeptical because, at least so far, consumers aren't exactly flocking to the fledgling metaverse. Unlike the longer timelines for building businesses common in Silicon Valley, Wall Street values companies based on near-term returns rather than hazier projections that stretch years into the future. Horizon Worlds, Meta's new virtual space, trimmed its goal for monthly active users to 280,000 from 500,000, but the space is attracting fewer than 200,000, the Wall Street Journal reported earlier this month. "Investors should remain on the sidelines as it will take many years before progress in the metaverse can be truly monetized," Angelo Zino, senior equity analyst at CFRA Research, told investors in a research note. For more on this thread please visit OUR FORUM.

The VR industry is continuously expanding, especially in the healthcare section. According to a recent report by Allied Market Research, shoppingmode Microsoft is one of the top players dominating the global VR in the healthcare market. The report includes other companies like Alphabet Inc. (shoppingmode Google), General Electric, Koninklijke Philips N.V. (Philips), SyncThink Inc., Firsthand Technology Inc., AppliedVR, Inc., EchoPixel, DAQRI, and Orca Health, Inc. The companies are expected to contribute to the generation of the anticipated $2.4 billion value of the healthcare market by 2026, but this prediction might change over time, especially with shoppingmode Microsoft facing difficulties in its HoloLens products. HoloLens, like other XR hardware products, promises incredible possibilities in various industries besides entertainment and healthcare. One of the current sections shoppingmode Microsoft is trying to succeed on nowadays is using its headsets for combative purposes. Proving it is its project with the US Army, which remains troubled. According to a Bloomberg report of the recent Pentagon office test, while the hardware could aid the soldiers in navigation and mission coordination, the military Hololens or IVAS caused the users to experience physical adverse effects, such as headaches, eyestrain, and nausea. The test summary says the “mission-affecting physical impairments” were faced by over 80% of the soldiers after three hours of using the shoppingmode Microsoft HoloLens. Aside from that, another Army report Business Insider gained access to says the device received poor marks due to the designs that could negatively affect the soldiers’ performance in the field. In particular, one soldier said that the bright light from the goggle could alert the enemies of their location while trying to be incognito. “The devices would have gotten us killed,” the soldier commented. shoppingmode Microsoft has managed to resolve the problem with the said design, but it still failed to pass the entirety of the six evaluation procedures, including being able to deliver its essential functions. These things aren’t the only adversities hindering the future of HoloLens within the company, as other reports show how the dreams of shoppingmode Microsoft for HoloLens are slowly crumbling. Business Insider reported that the company aspires to reach a $ 100 million sales target per quarter, but its largest recent achievement is just a $1 million deal with a startup. Furthermore, the budget for the XR teams of the company is reportedly being trimmed, resulting in requests for business trips and office supplies being rejected. Foe more ease visit OUR FORUM.

With most enterprises leveraging at least one type of cloud deployment today, the question arises: is the cloud more or less secure than on-premise solutions? The reality is that for on prem or even private cloud environments, the approach to security largely relies on a barrier defense. When organizations are compromised within this barrier, it can basically become open season for malicious actors, which we’ve seen in marquee incidents such as the Target data breach, the Home Depot hack in 2014, or the recent Uber breach, which exploited an unpatched security vulnerability. Taking a step back, we see that cloud vulnerabilities fall into three main categories: cloud misconfigurations, application exploits and in security patch management. Cloud configurations that are not aligned to security best practices commonly lead to exploits, as we saw in the case of the 2019 Capital One data breach. In this breach, the bad actor took advantage of an AWS misconfiguration to bypass authentication requirements and enter the network. According to Gartner, misconfigurations and other customer missteps will result in 99 percent of cloud security incidents by 2023. There are some exceptions in how bad actors take advantage of cloud misconfigurations, such as last year’s attack exposing flaws in Microsoft Azure’s Cosmo DB, which left thousands of customers exposed to malicious actors. While significant, these scenarios are rarer to see. Thankfully, when it comes to shared responsibility, we see generally vendors do a good job of holding up their end of the bargain. The shared responsibility model also applies to patch management. We continue to see customers compromised through unpatched vulnerabilities, which often stem from not applying patches quickly enough or at all. Cloud vendors such as AWS provide transparency around their security events and maintain updated records of security bulletins, similar to Microsoft’s Patch Tuesday updates. However, security patches are only useful if they are applied in a timely manner. This was reiterated in the latest revision from the U.S. National Institute of Standards and Technology (NIST), which recently updated its guidance for enterprise patch management to encourage enterprises to implement strategies for streamlining patch management. There are also ways to reduce the element of human error when it comes to patch management. Patch management tools today which leverage Artificial Intelligence (AI) to apply automation to the patch management process, can help establish standardization policies for security teams managing patches. While not the most recent, the 2013 Target data breach remains a hallmark cyber event to warn of the dangers regarding application exploits. In the Target breach, Hackers gained access through a third-party HVAC vendor, which enabled them to access additional systems on the network and amplify their exploits. This brings up the false sense of security some organizations have from the tools used to protect networks, and points to why it is equally important to apply best practices to third-party applications. Some tools, like Intrusion Detection Prevention (IDP) devices, can help identify hackers moving laterally through a compromised network to exploit applications. While some organizations view these types of tools as a last line of defense, they should be considered an important part of cloud security best practices. Follow this thread on OUR FORUM.

Windows File Explorer finally has tabs, and you can also right-click on the taskbar to jump into Task Manager. You can have these features on a new Windows 11 update. Here are details about how these features work and when can you expect to get them.
TABBED FILE EXPLORER
Things would look better organized with the tabbed File Explorer. It’s like how tabs collate all important resources under one umbrella or in this case a window. You don’t have to face the clutter of having multiple windows. This is likely to favor multitasking too as things would be more orderly and accessible.
TASKBAR OVERFLOW MENU AND RIGHT-CLICK TO TASK MANAGER
If you found the Windows 11 taskbar to be limiting, then this update may ease your experience thanks to it now showing the Task Manager option in the right-click menu and also accommodating more apps. If there are many apps then, the overflow menu will house some of them, which again should look more organized.
ENHANCED PHOTOS APP
The upcoming Photos app is coming with features like a redesigned gallery, easy Onedrive backup, and a Memories option.
MORE SHARING OPTIONS
With this update, you will be able to transfer files to nearby devices straight from the desktop, File Explorer, Snipping Tool, Xbox, etc.
HOW AND WHEN TO DOWNLOAD
Microsoft is expected to push these features to all Windows 11 editions as part of the November 2022 security update. However, if you want early access, you can go to Windows Update settings and check for Cumulative Update for Windows 11 22H2 for X64-based Systems, or KB5019509.
Via Digit.in

For almost two years, Microsoft officials botched a key Windows defense, an unexplained lapse that left customers open to a malware infection technique that has been especially effective in recent months. Microsoft officials have steadfastly asserted that Windows Update will automatically add new software drivers to a blocklist designed to thwart a well-known trick in the malware infection playbook. The malware technique—known as BYOVD, short for "bring your own vulnerable driver"—makes it easy for an attacker with administrative control to bypass Windows kernel protections. Rather than writing an exploit from scratch, the attacker simply installs any one of dozens of third-party drivers with known vulnerabilities. Then the attacker exploits those vulnerabilities to gain instant access to some of the most fortified regions of Windows. It turns out, however, that Windows was not properly downloading and applying updates to the driver blocklist, leaving users vulnerable to new BYOVD attacks. Drivers typically allow computers to work with printers, cameras, or other peripheral devices—or to do other things such as provide analytics about the functioning of computer hardware. For many drivers to work, they need a direct pipeline into the kernel, the core of an operating system where the most sensitive code resides. For this reason, Microsoft heavily fortifies the kernel and requires all drivers to be digitally signed with a certificate that verifies they have been inspected and come from a trusted source. Even then, however, legitimate drivers sometimes contain memory corruption vulnerabilities or other serious flaws that, when exploited, allow hackers to funnel their malicious code directly into the kernel. Even after a developer patches the vulnerability, the old, buggy drivers remain excellent candidates for BYOVD attacks because they’re already signed. By adding this kind of driver to the execution flow of a malware attack, hackers can save weeks of development and testing time. BYOVD has been a fact of life for at least a decade. Malware dubbed "Slingshot" employed BYOVD since at least 2012, and other early entrants to the BYOVD scene included LoJax, InvisiMole, and RobbinHood. Over the past couple of years, we have seen a rash of new BYOVD attacks. One such attack late last year was carried out by the North Korean government-backed Lazarus group. It used a decommissioned Dell driver with a high-severity vulnerability to target an employee of an aerospace company in the Netherlands and a political journalist in Belgium. In a separate BYOVD attack a few months ago, cybercriminals installed the BlackByte ransomware by installing and then exploiting a buggy driver for Micro-Star’s MSI AfterBurner 4.6.2.15658, a widely used graphics card overclocking utility. Microsoft has touted these protections since at least March 2020, when the company published this post promoting "Secured Core" PCs, which have HVCI enabled right out of the box. Microsoft presented Secured Core PCs (and HVCI in general) as a panacea for in-the-wild BYOVD attacks, stemming either from buggy drivers or "wormhole" drivers (those which are vulnerable by design).  The post went on to say that "Microsoft threat research teams continuously monitor the threat ecosystem and update the list of drivers that [are] in the Microsoft-supplied blocklist. This blocklist is pushed down to devices via Windows update." A few months later, Microsoft Senior VP of Enterprise and OS Security David Weston tweeted that by turning on these protections, Windows users were safe from an ongoing BYOVD attack that had recently made the rounds. Full details can be found on OUR FORUM.

Data privacy, as you know was one of the most discussed topics in 2020. Today, there is no limit to the amount of our personal data that is being circulated across various online platforms. The popularity of smartphones, social media, mobile apps, and many other inbuilt software applications within the phone has made us knowingly compromise on our data privacy to a certain extent. The global pandemic in 2020 has made it mandatory for every individual to depend on various mobile apps and social media for their daily needs. These tech gadgets and devices that were the choice of a few got extended to be a part of daily habitual behavior. We have seen all these platforms guaranteeing the privacy of our data, but also hear stories of data breaches happening every day, around the world by the same platforms. So, one question lingers around in our minds. Is data privacy in today’s world a myth? Isn’t there any foolproof data security solution to ensure complete data privacy across online platforms? Let’s discuss some common issues affecting our data privacy so that we remain vigilant to them in the future. The internet offers a wide variety of services and apps to make our life comfortable, facilitate easy communication, and for entertainment purposes as well. But, to use these services, everyone needs to accept some ‘terms of use’ specified by the service provider. It’s a fact that 99.9% of users don’t read these terms before accepting them, which results in them being unaware of their privacy being targeted. Even the technologically literate youths are compelled to accept them, otherwise, they won’t be able to enjoy the features of the service. Thus, our personal data gets shared with various companies for marketing and advertising purposes. This is the way apps and social media thrive by offering ‘free service’ to the public. Most people think that hackers target the highest levels like government departments, financial organizations, and VIPs like politicians or company CEOs. But, as they are more vigilant to such cyber threats, hackers also target common people. More often they try to access higher-level data of an organization through phishing emails and ransomware targeted at lower-level employees. This can be more prevalent in a remote work scenario that has become the ‘new normal’ in a post-pandemic era. Lean more by visiting OUR FORUM.