Menu

Blog

Archive for the ‘security’ category: Page 23

Nov 1, 2023

Atlassian Customers Should Patch Latest Critical Vuln Immediately

Posted by in categories: computing, security

Atlassian has discovered yet another critical vulnerability in its Confluence Data Center and Server collaboration and project management platform, and it’s urging customers to patch the problem immediately. The latest advisory by Atlassian describes CVE-2023–22518 as an improper authorization vulnerability that affects all versions of the on-premises versions of Confluence.

It is the second critical vulnerability reported by Atlassian in a month, tied to its widely used Confluence Data Center and Server platform and among numerous security issues from the company during the past year. The previous bulletin (CVE-2023–22515) revealed a vulnerability that could allow an attacker to create unauthorized Confluence administrator accounts, thereby gaining access to instances. That vulnerability had a severity level of 10 and was discovered initially by some customers who reported they may have been breached by it.

To date, Atlassian is not aware of any active exploits of the newest vulnerability, which has a severity level of 9.1., though the company issued a statement encouraging customers to apply the patch. “We have discovered that Confluence Data Center and Server customers are vulnerable to significant data loss if exploited by an unauthenticated attacker,” Atlassian CISO Bala Sathiamurthy warned in a statement. “Customers must take immediate action to protect their instances.”

Nov 1, 2023

Radio waves and mirrors could help build trust between nuclear powers

Posted by in categories: geopolitics, nuclear weapons, security, treaties

An international team of scientists has proposed a new remote monitoring method of nuclear stockpiles using mirrors and radio waves.

An international team of scientists has devised an innovative method of using radio waves to monitor a nation’s nuclear stockpile remotely. Conducted by a team of IT security experts from Germany and the United States, it could be used to build trust between nuclear powers to ensure rivals are keeping their promises when it comes to agreed nuclear disarmament treaties. It could also be used to give a “heads up” if one particular nuclear power removes stored nuclear warheads, which could be an indication of intended use.


Johannes Tobisch et al 2023.

Continue reading “Radio waves and mirrors could help build trust between nuclear powers” »

Oct 30, 2023

Three things to know about the White House’s executive order on AI

Posted by in categories: government, policy, robotics/AI, security

The goal of the order, according to the White House, is to improve “AI safety and security.” It also includes a requirement that developers share safety test results for new AI models with the US government if the tests show that the technology could pose a risk to national security. This is a surprising move that invokes the Defense Production Act, typically used during times of national emergency.

The executive order advances the voluntary requirements for AI policy that the White House set back in August, though it lacks specifics on how the rules will be enforced. Executive orders are also vulnerable to being overturned at any time by a future president, and they lack the legitimacy of congressional legislation on AI, which looks unlikely in the short term.

“The Congress is deeply polarized and even dysfunctional to the extent that it is very unlikely to produce any meaningful AI legislation in the near future,” says Anu Bradford, a law professor at Columbia University who specializes in digital regulation.

Oct 30, 2023

Is iron the Achilles’ heel for cancer?

Posted by in categories: biotech/medical, security

A team of scientists at UC San Francisco reported a way to leverage cancers’ unique metabolic profile to ensure that drugs only target cancer cells: Freethink.


To make matters worse, cancer cells sometimes only die when patients take relatively high doses of a drug. This is because cancer’s metabolism is often greater in cancer cells than in normal cells. For instance, some cancer cells have more MEK enzyme — meaning more cobimetinib is required to stop these cells from replicating. Unfortunately, the doses cancer patients receive often closely approach or even exceed the levels at which the drug causes toxicities in healthy tissues.

Cancer cells hoard iron at a far greater rate than healthy cells, according to previous studies. Although the reason for this remains unclear, the UCSF team realized this could be leveraged to increase the specificity of cancer drugs. If a cancer drug, such as cobimetinib, were only activated in the iron-rich environment of a cancer cell, the drug would be inert when it interacts with healthy cells. It’s something like a two-factor authentication system for cancer drugs.

Continue reading “Is iron the Achilles’ heel for cancer?” »

Oct 30, 2023

Exclusive: G7 to agree AI code of conduct for companies

Posted by in categories: economics, privacy, robotics/AI, security

BRUSSELS, Oct 29 (Reuters) — The Group of Seven industrial countries will on Monday agree a code of conduct for companies developing advanced artificial intelligence systems, a G7 document showed, as governments seek to mitigate the risks and potential misuse of the technology.

The voluntary code of conduct will set a landmark for how major countries govern AI, amid privacy concerns and security risks, the document seen by Reuters showed.

Leaders of the Group of Seven (G7) economies made up of Canada, France, Germany, Italy, Japan, Britain and the United States, as well as the European Union, kicked off the process in May at a ministerial forum dubbed the “Hiroshima AI process”.

Oct 25, 2023

Take an Offensive Approach to Password Security by Continuously Monitoring for Breached Passwords

Posted by in categories: policy, security

🔑 Weak passwords can be a major threat.

Find out how Specops Password Policy with Breached Password Protection can safeguard your organization.

Oct 25, 2023

Robots learn faster with AI boost from Eureka

Posted by in categories: biotech/medical, drones, robotics/AI, security

Intelligent robots are reshaping our universe. In New Jersey’s Robert Wood Johnson University Hospital, AI-assisted robots are bringing a new level of security to doctors and patients by scanning every inch of the premises for harmful bacteria and viruses and disinfecting them with precise doses of germicidal ultraviolet light.

In agriculture, robotic arms driven by drones scan varying types of fruits and vegetables and determine when they are perfectly ripe for picking.

The Airspace Intelligence System AI Flyways takes over the challenging and often stressful tasks of flight dispatchers who must make last-minute flight pattern changes due to sudden extreme weather, depleted fuel supplies, mechanical problems or other emergencies. It optimizes solutions, is safer, saves time and is cost-efficient.

Oct 21, 2023

China has a new plan for judging the safety of generative AI—and it’s packed with details

Posted by in categories: government, law, robotics/AI, security

A new proposal spells out the very specific ways companies should evaluate AI security and enforce censorship in AI models.

Ever since the Chinese government passed a law on generative AI back in July, I’ve been wondering how exactly China’s censorship machine would adapt for the AI era.

Last week we got some clarity about what all this may look like in practice.

Oct 21, 2023

Windows 11 Pro’s encryption can slow down SSDs by nearly 50%

Posted by in categories: computing, encryption, security

Windows 11 Pro ships with a security feature that could severely hamper your solid-state drive’s performance. Fortunately, it is easy enough to turn off but some might not even know it is enabled by default.

BitLocker encryption in Windows 11 Pro is designed to safeguard data and ensure it is only accessible by authorized individuals, but it comes with a steep performance penalty. To find out how much of an impact it could have, Tom’s Hardware recently conducted tests under three scenarios: unencrypted (no BitLocker), software-enabled BitLocker (the Windows 11 Pro default), and hardware-based BitLocker.

The crew used a 4 TB Samsung 990 Pro SSD running Windows 11 Pro (22H2, with all patches installed) paired with an Intel Core i9-12900K and 32 GB of DDR4 RAM for testing.

Oct 20, 2023

Thirty Years Later, a Speed Boost for Quantum Factoring

Posted by in categories: computing, information science, mathematics, quantum physics, security

As Shor looked for applications for his quantum period-finding algorithm, he rediscovered a previously known but obscure mathematical theorem: For every number, there exists a periodic function whose periods are related to the number’s prime factors. So if there’s a number you want to factor, you can compute the corresponding function and then solve the problem using period finding — “exactly what quantum computers are so good at,” Regev said.

On a classical computer, this would be an agonizingly slow way to factor a large number — slower even than trying every possible factor. But Shor’s method speeds up the process exponentially, making period finding an ideal way to construct a fast quantum factoring algorithm.

Shor’s algorithm was one of a few key early results that transformed quantum computing from an obscure subfield of theoretical computer science to the juggernaut it is today. But putting the algorithm into practice is a daunting task, because quantum computers are notoriously susceptible to errors: In addition to the qubits required to perform their computations, they need many others doing extra work to keep them from failing. A recent paper by Ekerå and the Google researcher Craig Gidney estimates that using Shor’s algorithm to factor a security-standard 2,048-bit number (about 600 digits long) would require a quantum computer with 20 million qubits. Today’s state-of-the-art machines have at most a few hundred.

Page 23 of 146First2021222324252627Last