Menu

Blog

Archive for the ‘security’ category: Page 55

Jun 3, 2022

An Actively Exploited Microsoft Zero-Day Flaw Still Doesn’t Have a Patch

Posted by in category: security

“After public knowledge of the exploit grew, we began seeing an immediate response from a variety of attackers beginning to use it,” says Tom Hegel, senior threat researcher at security firm SentinelOne. He adds that while attackers have primarily been observed exploiting the flaw through malicious documents thus far, researchers have discovered other methods as well, including the manipulation of HTML content in network traffic.

“While the malicious document approach is highly concerning, the less documented methods by which the exploit can be triggered are troubling until patched,” Hegel says. “I would expect opportunistic and targeted threat actors to use this vulnerability in a variety of ways when the option is available—it’s just too easy.”

The vulnerability is present in all supported versions of Windows and can be exploited through Microsoft Office 365, Office 2013 through 2019, Office 2021, and Office ProPlus. Microsoft’s main proposed mitigation involves disabling a specific protocol within Support Diagnostic Tool and using Microsoft Defender Antivirus to monitor for and block exploitation.

Jun 3, 2022

New York just passed a bill cracking down on bitcoin mining — here’s everything that’s in it

Posted by in categories: bitcoin, blockchains, cryptocurrencies, law, security

Following an early morning vote in Albany on Friday, lawmakers in New York passed a bill to ban certain bitcoin mining operations that run on carbon-based power sources. The measure now heads to the desk of Governor Kathy Hochul, who could sign it into law or veto it.

If Hochul signs the bill, it would make New York the first state in the country to ban blockchain technology infrastructure, according to Perianne Boring, founder and president of the Chamber of Digital Commerce. Industry insiders also tell CNBC it could have a domino effect across the U.S., which is currently at the forefront of the global bitcoin mining industry, accounting for 38% of the world’s miners.

The New York bill, which previously passed the State Assembly in late April before heading to the State Senate, calls for a two-year moratorium on certain cryptocurrency mining operations which use proof-of-work authentication methods to validate blockchain transactions. Proof-of-work mining, which requires sophisticated gear and a whole lot of electricity, is used to create bitcoin. Ethereum is switching to a less energy-intensive process, but will still use this method for at least for another few months.

Jun 3, 2022

Iraq’s extreme drought reveals a 3,400-year-old city

Posted by in categories: health, security

A team of archaeologists rushed to the site to excavate and map the city before it, once again, became submerged.


Monkeypox appears to be spreading from person to person, the UK Health Security Agency said.

Jun 3, 2022

Health agency confirms community spread of monkeypox in England

Posted by in categories: biotech/medical, health, security

LONDON, June 1 (Reuters) — Monkeypox appears to be spreading from person to person in England, the UK Health Security Agency (UKHSA) said on Wednesday.

The usually mild viral disease, which is endemic in west and central Africa, is understood to spread through close contact. Until early May, cases rarely cropped up outside Africa and were typically linked to travel to there.

“The current outbreak is the first time that the virus has been passed from person to person in England where travel links to an endemic country have not been identified,” the agency said.

Jun 2, 2022

Why the search for a privacy-preserving data sharing mechanism is failing

Posted by in categories: biotech/medical, finance, security

From banking to communication our modern, daily lives are driven by data with ongoing concerns over privacy. Now, a new EPFL paper published in Nature Computational Science argues that many promises made around privacy-preserving mechanisms will never be fulfilled and that we need to accept these inherent limits and not chase the impossible.

Data-driven innovation in the form of personalized medicine, better public services or, for example, greener and more efficient industrial production promises to bring enormous benefits for people and our planet and widespread access to data is considered essential to drive this future. Yet, aggressive data collection and analysis practices raise the alarm over societal values and fundamental rights.

As a result, how to widen access to data while safeguarding the confidentiality of sensitive, has become one of the most prevalent challenges in unleashing the potential of data-driven technologies and a new paper from EPFL’s Security and Privacy Engineering Lab (SPRING) in the School of Comupter and Communication Sciences argues that the promise that any is solvable under both good utility and privacy is akin to chasing rainbows.

Jun 1, 2022

Data is the strongest currency in marketing and there may be too much of it

Posted by in categories: business, information science, robotics/AI, security

Marketing and the need for data rules

Legislators and decision-makers worldwide have also been active in regulating data although it’s almost impossible to keep pace with change in many places. The genuine exploitation of data requires rules and regulations, as growth always increases the potential for misuse. The task of technology companies is to build data pipelines that ensure the trust and security of AI and analytics.

Data is the new currency for businesses, and the overwhelming growth rate of it can be intimidating. The key challenge is to harness data in a way that benefits both marketers and consumers who produce it. And in doing this, manage the “big data” in an ethically correct and consumer-friendly way. Luckily, there are many great services for analyzing data, effective regulation to protect consumers’ rights and a never-ending supply of information at our hands to make better products and services. The key for businesses is to embrace these technologies so that they can avoid sinking in their own data.

May 30, 2022

Top 5 Hottest Blockchain Programming Languages in 2022

Posted by in categories: biotech/medical, blockchains, business, cryptocurrencies, finance, security

Blockchain technology is spreading like fire across industries and businesses. It is currently used in digital voting, medical recordkeeping, decentralized finance, gaming, capital markets, supply chain management, etc. More and more businesses and individual users want to take advantage of blockchain to increase transparency, security, and communication. To leverage blockchain development in innovative use cases, organizations need to comprehend the programming languages best suited for their upcoming projects. Here are the top 5 hottest blockchain programming languages that are being utilized by start-ups and enterprises today.

A high-level programming language is getting more popularity as a blockchain developer language, particularly for dApps development. If you are looking for a language for developing smart contracts on Ethereum Blockchain, Solidity is the one. It is a contract-based language, allowing to store all the logic in the code of the Blockchain.

With amazing code portability, it is the most popular programming language among application developers. It has been used to create smart contracts such as Truffle, ARK, and some of the popular blockchains that are developed using Java include Ethereum, IOTA, NEM, and NEO.

May 28, 2022

What are the security risks of open sourcing the Twitter algorithm?

Posted by in categories: information science, security

May 28, 2022

‘Privacy’ Search Engine DuckDuckGo Smoked Over Hidden Tracking Agreement With Microsoft

Posted by in category: security

ZeroHedge — On a long enough timeline, the survival rate for everyone drops to zero.


DuckDuckGo, the search engine which claims to offer ‘real privacy’ because it doesn’t track searches or store users’ history, has come under fire after a security researcher discovered that the mobile DuckDuckGo browser app contains a third-party tracker from Microsoft.

Researcher Zach Edwards found that while Google and Facebook’s trackers are blocked, trackers related to bing.com and linkedin.com were also being allowed through.

Continue reading “‘Privacy’ Search Engine DuckDuckGo Smoked Over Hidden Tracking Agreement With Microsoft” »

May 28, 2022

Neural network-based prediction of the secret-key rate of quantum key distribution

Posted by in categories: quantum physics, robotics/AI, security

For instance, continuous-variable (CV) QKD has its own distinct advantages at a metropolitan distance36,37 due to the use of common components of coherent optical communication technology. In addition, the homodyne38 or heterodyne39 measurements used by CV-QKD have inherent extraordinary spectral filtering capabilities, which allows the crosstalk in wavelength division multiplexing (WDM) channels to be effectively suppressed. Therefore, hundreds of QKD channels may be integrated into a single optical fiber and can be cotransmitted with classic data channels. This allows QKD channels to be more effectively integrated into existing communication networks. In CV-QKD, discrete modulation technology has attracted much attention31,40,41,42,43,44,45,46,47,48,49,50 because of its ability to reduce the requirements for modulation devices. However, due to the lack of symmetry, the security proof of discrete modulation CV-QKD also mainly relies on numerical methods43,44,45,46,47,48,51.

Unfortunately, calculating a secure key rate by numerical methods requires minimizing a convex function over all eavesdropping attacks related with the experimental data52,53. The efficiency of this optimization depends on the number of parameters of the QKD protocol. For example, in discrete modulation CV-QKD, the number of parameters is generally \(1000–3000\) depending on the different choices of cutoff photon numbers44. This leads to the corresponding optimization possibly taking minutes or even hours51. Therefore, it is especially important to develop tools for calculating the key rate that are more efficient than numerical methods.

In this work, we take the homodyne detection discrete-modulated CV-QKD44 as an example to construct a neural network capable of predicting the secure key rate for the purpose of saving time and resource consumption. We apply our neural network to a test set obtained at different excess noises and distances. Excellent accuracy and time savings are observed after adjusting the hyperparameters. Importantly, the predicted key rates are highly likely to be secure. Note that our method is versatile and can be extended to quickly calculate the complex secure key rates of various other unstructured quantum key distribution protocols. Through some open source deep learning frameworks for on-device inference, such as TensorFlow Lite54, our model can also be easily deployed on devices at the edge of the network, such as mobile devices, embedded Linux or microcontrollers.

Page 55 of 146First5253545556575859Last