Quote:1.0.0.1217 Jul 25, 2025

• Added: Added driver protection to malicious behavior protection
  

Version History | 360 Total Security

Quote:We dive into which corporate systems support passkeys, where compatibility falls short, and why we probably won’t be saying goodbye to passwords anytime soon.
 
Transition to passkeys promises organizations a cost-effective path toward robust employee authentication, increased productivity, and regulatory compliance. We’ve already covered all the pros and cons of this business solution in a separate, in-depth article. However, the success of the transition — and even its feasibility — really hinges on the technical details and implementation specifics across numerous corporate systems.

Passkey support in identity management systems

Before tackling organizational hurdles and drafting policies, you’ll have to determine if your core IT systems are ready for the switch to passkeys.

Microsoft Entra ID (Azure AD) fully supports passkeys, letting admins set them as the primary sign-in method. For hybrid deployments with on-premises resources, Entra ID can generate Kerberos tickets (TGTs), which your Active Directory domain controller can then process.

However, Microsoft doesn’t yet offer native passkey support for RDP, VDI, or on-premises-only AD sign-ins. That said, with a few workarounds, organizations can store passkeys on a hardware token like a YubiKey. This kind of token can simultaneously support both the traditional PIV (smart cards) technology and FIDO2 (passkeys). There are also third-party solutions for these scenarios, but you’ll need to evaluate how using them impacts your overall security posture and regulatory compliance.

Good news for Google Workspace and Google Cloud users: they offer full passkey support.

Popular identity management systems like Okta, Ping, Cisco Duo, and RSA IDplus also support FIDO2 and all major forms of passkeys.

Passkey support on client devices

We have a detailed post on the subject. All modern operating systems from Google, Apple, and Microsoft support passkeys. However, if your company uses Linux, you’ll likely need extra tools, and overall support is still limited.

Also, while for all major operating systems it might look like full support on the surface, there’s a lot of variety in how passkeys are stored, and that can lead to compatibility headaches. Combinations of several systems like Windows computers and Android smartphones are the most problematic. You might create a passkey on one device and then find you can’t access it on another. For companies with a strictly managed device fleet, there are a couple of ways to tackle this. For example, you could have employees generate a separate passkey for each company device they use. This means a bit more initial setup: employees will need to go through the same process of creating a passkey on every device. However, once that’s done, signing in takes minimal time. Plus, if they lose one device, they won’t be completely locked out of their work data.

Another option is to use a company-approved password manager to store and sync passkeys across all employees’ devices. This is also a must for companies using Linux computers, as its operating system can’t natively store passkeys. Just a heads-up: this approach might add some complexity when it comes to regulatory compliance audits.

If you’re looking for a solution with almost no issues with sync and multiple platforms, hardware passkeys like the YubiKey are the way to go. The catch is that they can be significantly more expensive to deploy and manage.

Continue Reading...

Quote:Don’t panic. Again, don’t panic. Did we say don’t panic? A common threat explained in simple terms.
 
Phishing emails typically end up in the spam folder, because today’s security systems easily recognize most of them; however, these systems aren’t completely reliable, so some bona fide email messages land in the junk folder too. This article explains how to detect phishing emails, and what to do about them.

Signs of phishing email

There are several markers that are widely believed to indicate a message sent by scammers. Below are some examples.

• Catchy subject line. A phishing message will likely represent a fraction of all the mail landing in your inbox. This is why scammers usually try to make their subject lines stand out by using trigger words like “urgent”, “prize”, “cash”, “giveaway”, or similar, designed to prompt you to open the message as quickly as possible.
  
• Call to action. You can bet the message will encourage you to do at least one of the following: click a link, pay for something you don’t really need, or check the details in an attachment. The attackers’ primary goal is to lure victims away from their email and into unsafe spaces where they’re tricked into spending money or surrendering access to their accounts.
  
• Expiring timer. The message might feature a timer that says, “Follow this link. It expires in 24 hours.” All these tricks are just nonsense. Scammers want to rush you so you start to panic and stop thinking carefully about your money.
  
• Mistakes in the email body. In the past year, there’s been an increase in phishing emails sent in multiple languages at once, often with some odd mistakes.
  
• Suspicious sender address. If you live in, say, Brazil, and you get an email message from an Italian address, that’s a red flag and a good reason to completely ignore its contents.
  

An impersonal greeting like “Dear %username%” used to be a sure sign of a phishing email, but scammers have moved on from that. Targeted messages addressing the victim by name are becoming increasingly common. Ignore those too.

What to do if you get a phishing email

If you’ve managed to spot one using the signs described above, well done — you’re awesome! You can go ahead and delete it without even opening. And if you want to do your good deed for the day, report the phishing attempt via Outlook or Gmail to make this world a tiny bit safer. We understand that spotting phishing in your email right away isn’t easy — so here’s a short list of don’ts to help with detection.

Continue Reading...

Quote:The iOS 18.6, iPadOS 18.6, and macOS Sequoia 15.6 updates that Apple released today address dozens of vulnerabilities, according to Apple's security support documents. None of the vulnerabilities are known to have been actively exploited in the wild, but it's still a good idea to install the new updates right away.

There are over 20 vulnerability fixes in iOS 18.6 and iPadOS 18.6. An issue with Accessibility could let a Passcode be read aloud by VoiceOver, and parsing maliciously crafted audio could lead to memory corruption.

The update includes eight WebKit-related fixes that could disclose sensitive user information, cause Safari to crash, and result in memory corruption. For iPad users unable to update to iPadOS 18.6, Apple released iPadOS 17.7.9 with a number of security fixes.

macOS Sequoia 15.6 patches over 80 vulnerabilities that could lead to crashes, leak sensitive user data, and more. There are fixes for the Dock, Find My, Notes, Safari, Spotlight, System Settings, and other apps and features.

There are also macOS Sonoma 14.7.7 and macOS Ventura 13.7.7 updates for those who have older Macs that can't run ‌macOS Sequoia‌ 15.6.

Apple's other updates released today, including visionOS 2.6, tvOS 18.6, and watchOS 11.6, include fixes for between 17 and 19 vulnerabilities.

iOS 18.6 Includes Over 20 Security Fixes

Quote:AMD Ryzen AI MAX+ with 128GB now support Large Language Models up to 128 Billion parameter



AMD has just rolled out a major upgrade for its Ryzen AI Max+ platform, expanding support for massive LLMs on Windows. This builds on what they showed at CES 2025, where the Ryzen AI processors became the first to run Llama 70B locally using llama.cpp and LM Studio. With the upcoming Adrenalin Edition 25.8.1 WHQL driver, systems like the Ryzen AI Max+ 395 with 128GB RAM will now be able to handle models with up to 128 billion parameters in Vulkan llama.cpp. That’s thanks to AMD’s Variable Graphics Memory, which allows up to 96GB to be allocated for AI workloads.

This update also makes the Ryzen AI Max+ 395 the first Windows AI processor to run Meta’s Llama 4 Scout 109B (with 17B active) locally, complete with vision and MCP support. Since Llama Scout uses a mixture-of-experts setup, only part of the model is active at a time, which keeps performance usable, up to 15 tokens per second in testing. The platform supports a wide range of model sizes and quantization formats, including GGUF, making it very flexible for different use cases.

Continue Reading...

Quote:AMD Ryzen PRO 9000 series spotted

No upgrade in core count.



Hardware leaker @momomo_us has shared the first specs of the next-gen Ryzen PRO series for the AM5 socket. It’s worth noting that AMD offers two separate lines for business and workstation users: Ryzen PRO 7000 (based on the same silicon as the Raphael series) and Ryzen AI PRO 8000 (based on Hawk Point).

This leak specifically refers to an update to the Ryzen PRO non-AI series. That means the new lineup is most likely based on the Granite Ridge chip with Zen5 CPU cores, although this has not been confirmed. However, the I/O die should to be unchanged from the previous generation, so integrated graphics support should remain the same—up to 2 RDNA2 Compute Units. This also means no XDNA2 upgrade and lack of “AI” in product name.

Three SKUs are listed, matching the core counts of the Zen4 variants. The 12-core Ryzen 9 PRO 7945 is expected to have a base clock of 3.4 GHz, which is lower than the previous model’s 3.7 GHz. The 8-core 9745 and 6-core 9645 variants, on the other hand, show either no change or a 100 MHz increase in base clocks. Since this information comes from an ASUS motherboard support list, it confirms these are AM5 processors and supported by the platform.

Continue Reading...

Quote:AMD Ryzen 7 9700F confirmed by ASUS

First Zen5 CPU with graphics disabled.



One of the features of Ryzen CPUs for the AM5 socket is that all processors come with some form of integrated graphics, except for the F-Series variants, which have this feature disabled.

Apart from the 8000G and upcoming 9000G series, most CPUs for the AM5 socket are equipped with at least 2 CU RDNA2 iGPU located in the IO die. AMD may add more Compute Tiles (CCDs) if needed, but this does not affect the IOD specifications.

Apparently, AMD has identified some chips with IO dies that are not functioning as intended, usually meaning the graphics are either non-functional or partially limited (e.g. 1 CU, limited media engine). These dies can either be discarded or reused for future SKUs.

As discovered by Bits and Chips, ASUS has now confirmed that AMD will launch a Ryzen 7 9700F SKU with 8 Zen5 cores, lacking iGPU support:


Source: ASUS

Continue Reading...

Quote:July 29, 2015. This was an important day, it was the day Microsoft released Windows 10. Today, Windows 10 turns 10. Happy Birthday!

Microsoft surprised many users by offering Windows 10 as a free upgrade from Windows 7, and Windows 8/8.1. Windows 9 was skipped because there were compatibility issues if apps detected the operating system version string as Windows 9 but mistook it as Windows 95 or 98.

I have fond memories of Windows 10, aka Windows Threshold, and remember installing the first preview of the operating system back in 2015 on my old PC. It felt like a real upgrade over Windows 8.1. The new Start Menu was welcome relief from the infamous Windows 8 full-screen menu. Windows 10's UX design felt like a breath of fresh air compared to Metro UI.



Windows 10 introduced Windows Hello, the Xbox PC app, to name a few. But the OS didn't have the perfect debut, there was some criticism about Cortana, the Settings app, the Photos app, Microsoft Store, and also about the various stock apps that the operating system shipped with such as OneDrive, OneNote, Maps, etc. There were also concerns about privacy due to various telemetry settings.

Continue Reading...

Quote:Windows 11 is getting a feature that users have been requesting for a long time. You will soon be able to access your notifications across multiple monitors.
 
Microsoft first added support for displaying the taskbar on all monitors nearly 4 years ago. Then it made the clock and date available across all screens. But, the system tray has remained exclusive to the primary display. Some third-party tools have allowed using the system tray on all monitors.
 
It's rather odd that such a basic feature has not been available for so long, I mean that is one of the key areas where you interact with the operating system, i.e. tray apps, notifications, network/Bluetooth etc. Well, it's better late than never to have a native option for accessing these options in a multi-monitor environment.
 
In addition to that, Microsoft is also testing an option to show a bigger clock in the Calendar panel that appears when you click on the Date/Time in the System Tray.

The new design will display a larger clock with seconds. This is not a new feature, it is available on Windows 10, but was removed from Windows 11. The notifications panel will be displayed when you click on the date/time.

Continue Reading...