Menu

Blog

Archive for the ‘security’ category: Page 13

Apr 14, 2024

Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack

Posted by in category: security

Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday.

The network security company’s Unit 42 division is tracking the activity under the name Operation MidnightEclipse, attributing it as the work of a single threat actor of unknown provenance.

The security vulnerability, tracked as CVE-2024–3400 (CVSS score: 10.0), is a command injection flaw that enables unauthenticated attackers to execute arbitrary code with root privileges on the firewall.

Apr 13, 2024

Private Quantum Cloud: Oxford University Physicists Make Advance in ‘Blind Quantum Computing’

Posted by in categories: computing, encryption, finance, quantum physics, security

PRESS RELEASE — The full power of next-generation quantum computing could soon be harnessed by millions of individuals and companies, thanks to a breakthrough by scientists at Oxford University Physics guaranteeing security and privacy. This advance promises to unlock the transformative potential of cloud-based quantum computing and is detailed in a new study published in the influential U.S. scientific journal Physical Review Letters.

Quantum computing is developing rapidly, paving the way for new applications which could transform services in many areas like healthcare and financial services. It works in a fundamentally different way to conventional computing and is potentially far more powerful. However, it currently requires controlled conditions to remain stable and there are concerns around data authenticity and the effectiveness of current security and encryption systems.

Several leading providers of cloud-based services, like Google, Amazon, and IBM, already separately offer some elements of quantum computing. Safeguarding the privacy and security of customer data is a vital precursor to scaling up and expending its use, and for the development of new applications as the technology advances. The new study by researchers at Oxford University Physics addresses these challenges.

Apr 8, 2024

Google Chrome Adds V8 Sandbox — A New Defense Against Browser Attacks

Posted by in category: security

Google tackles Chrome security with new V8 Sandbox. This aims to stop memory issues from spreading, protecting your browser experience.

Apr 7, 2024

To stay safe in Windows 10 from next October commercial customers have to pay $61, then ‘double every consecutive year for a maximum of three years’

Posted by in category: security

Commercial customers will have to get their wallets ready to keep receiving security updates for Windows 10.

Apr 7, 2024

It Is Time To Take Intel Seriously As A Chip Foundry

Posted by in categories: computing, economics, finance, government, security

The third proof point is both the increase in manufacturing capacity investment and the change in how that investment will be managed. With the interest in governments to secure future semiconductor manufacturing for both supply security and economic growth, Mr. Gelsinger went on a spending spree with investment in expanding capacity in Oregon, Ireland, and Israel, as well as six new fabs in Arizona, Ohio, and Germany. Most of the initial investment was made without the promise of government grants, such as the US Chips Act. However, Intel has now secured more than $50B from US and European government incentives, customer commitments starting with its first five customers on the 18A process node, and its financial partners. Intel has also secured an additional $11B loan from the US government and a 25% investment tax credit.

In addition to it’s own investment in fab capacity, Intel is partnering with Tower Semiconductor and UMC, two foundries with long and successful histories. Tower will be investing in new equipment to be installed in Intel’s New Mexico facility for analog products, and UMC will partner with Intel to leverage three of the older Arizona fabs and process nodes, starting with the 12nm, to support applications like industrial IoT, mobile, communications infrastructure, and networking.

The second side of this investment is how current and future capacity will be used. As strictly an IDM, Intel has historically capitalized on its investments in the physical fab structures by retrofitting the fabs after three process nodes, on average. While this allowed for the reuse of the structures and infrastructure, it eliminated support for older process nodes, which are important for many foundry customers. According to Omdia Research, less than 3% of all semiconductors are produced on the latest process nodes. As a result, Intel is shifting from retrofitting fabs for new process nodes to maintaining fabs to support extended life cycles of older process nodes, as shown in the chart below. This requires additional capacity for newer process nodes.

Apr 5, 2024

School Security Solutions

Posted by in categories: education, robotics/AI, security

Discover AI school safety solutions with security technology from Xtract One. Protect your educational institution with cutting-edge threat detection solutions.

Apr 4, 2024

Microsoft fixes Outlook security alerts bug caused by December updates

Posted by in category: security

Microsoft has fixed an issue that triggers erroneous Outlook security alerts when opening. ICS calendar files after installing the December 2023 Outlook Desktop security updates.

The December Patch Tuesday security updates behind these inaccurate warnings patch the CVE-2023–35636 Microsoft Outlook information disclosure vulnerability, which attackers can exploit to steal NTLM hashes via maliciously crafted files.

These credentials are used to authenticate as the compromised Windows user in pass-the-hash attacks, to gain access to sensitive data or spread laterally on their network.

Apr 4, 2024

New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

Posted by in category: security

New research exposes vulnerability in HTTP/2 protocol! The CONTINUATION frame can be exploited for DoS attacks, warns security expert Bartek Nowotarsk.

Mar 21, 2024

Robots Talk Back, AI Security Risks, Political Deepfakes, and more

Posted by in categories: robotics/AI, security

I think AI agent workflows will drive massive AI progress this year — perhaps even more than the next generation of foundation models. This is an important trend, and I urge everyone who works in AI to pay attention to it.

Mar 21, 2024

Microsoft Introduces AutoDev: A Fully Automated Artificial Intelligence-Driven Software Development Framework

Posted by in categories: habitats, robotics/AI, security

The software development sector stands at the dawn of a transformation powered by artificial intelligence (AI), where AI agents perform development tasks. This transformation is not just about incremental enhancements but a radical reimagining of how software engineering tasks are approached, executed, and delivered. Central to this shift is introducing AI-driven frameworks that transcend traditional code assistance tools, marking a leap toward more autonomous, efficient, and secure software development methodologies.

The integration of AI in software development has been confined largely to providing code suggestions and aiding in file manipulation. This approach, while beneficial, barely scratches the surface of what is technologically feasible. AI-powered tools operate within a constrained scope, missing out on Integrated Development Environments (IDEs)’ vast capabilities, such as comprehensive code building, testing, and version control operations. This limitation underscores a critical gap in the software development toolkit, where the potential for AI to contribute more profoundly to the development lifecycle remains largely untapped.

Microsoft researchers present AutoDev, which empowers AI agents to tackle a broad spectrum of software engineering tasks autonomously, from intricate code editing and comprehensive testing to advanced git operations. This framework is designed to focus on autonomy, efficiency, and security. By housing operations within Docker containers, AutoDev ensures that development processes are streamlined and secure, safeguarding user privacy and project integrity through meticulously designed guardrails.

Page 13 of 146First1011121314151617Last