Lifeboat Foundation

The outgoing head of the US Department of Homeland Security believes Europe’s “adversarial” relationship with tech companies is hampering a global approach to regulating artificial intelligence that could result in security vulnerabilities.

Alejandro Mayorkas told the Financial Times the US — home of the world’s top artificial intelligence groups, including OpenAI and Google — and Europe are not on a “strong footing” because of a difference in regulatory approach.

He stressed the need for “harmonisation across the Atlantic”, expressing concern that relationships between governments and the tech industry are “more adversarial” in Europe than in the US.

As many as 296,000 Prometheus Node Exporter instances and 40,300 Prometheus servers have been estimated to be publicly accessible over the internet, making them a huge attack surface that could put data and services at risk.

The fact that sensitive information, such as credentials, passwords, authentication tokens, and API keys, could be leaked through internet-exposed Prometheus servers has been documented previously by JFrog in 2021 and Sysdig in 2022.

“Unauthenticated Prometheus servers enable direct querying of internal data, potentially exposing secrets that attackers can exploit to gain an initial foothold in various organizations,” the researchers said.

Google’s new Willow quantum processor has reignited discussions around blockchain security and their ability to withstand rapid advancements.

A team of Rice University scientists has solved a long-standing problem in thermal imaging, making it possible to capture clear images of objects through hot windows. Imaging applications in a range of fields—such as security, surveillance, industrial research and diagnostics—could benefit from the research findings, which were reported in the journal Communications Engineering.

“Say you want to use thermal imaging to monitor chemical reactions in a high-temperature reactor chamber,” said Gururaj Naik, an associate professor of electrical and computer engineering at Rice and corresponding author on the study. “The problem you’d be facing is that the thermal radiation emitted by the window itself overwhelms the camera, obscuring the view of objects on the other side.”

A possible solution could involve coating the window in a material that suppresses thermal light emission toward the camera, but this would also render the window opaque. To get around this issue, the researchers developed a coating that relies on an engineered asymmetry to filter out the thermal noise of a hot window, doubling the contrast of thermal imaging compared to conventional methods.

A vulnerability in WPForms, a WordPress plugin used in over 6 million websites, could allow subscriber-level users to issue arbitrary Stripe refunds or cancel subscriptions.

Tracked under CVE-2024–11205, the flaw was categorized as a high-severity problem due to the authentication prerequisite. However, given that membership systems are available on most sites, exploitation may be fairly easy in most cases.

The issue impacts WPForms from version 1.8.4 and up to 1.9.2.1, with a patch pushed in version 1.9.2.2, released last month.

Conversely, proprietary LLMs typically offer robust security features but still pose data privacy and control risks. Using these models involves sharing sensitive data with a third-party provider, which could lead to regulatory penalties if a breach occurs.

LLMs also lack transparency regarding their training data and how datasets are formed. Be mindful of potential bias and fairness issues and consider a human-in-the-loop approach, where specialists review and manage the model’s output.

Continue reading “Transforming Businesses With LLMs: Risks And Use Cases” »

Kaunas University of Technology (KTU), Lithuania researchers, and scientists from Japan have developed a unique nanolaser. Although the dimensions of this laser are so small that its structure can only be seen through a powerful microscope, its potential is vast. With applications in early medical diagnostics, data communication, and security technologies, this invention could also become a key tool for the study of light and matter interactions.

Depending on the application, lasers differ in the way light is amplified and produced, which determines the color of the radiation and the quality of the laser beam.

“Nanolasers are lasers that use structures a million times smaller than a millimeter to generate and amplify light, and the laser radiation is generated in an extremely tiny volume of material,” says Dr. Mindaugas Juodėnas, one of the authors of the invention.

South Australia has the highest wind and solar share – an average of around 72 per cent over the last 12 months – vastly more than other state in Australia, and higher than any other gigawatt scale grid in the world.

Renewable energy critics, particularly those that don’t understand the way that grids work, instantly assume that this means South Australia’s grid must be weak and unreliable. But that is simply not true, and a new report from Australian Energy Market Operator on “system strength” underlines why this is so.

System strength is an important part of grid security, and – according to AEMO – describes the ability of the power system to maintain and control the voltage waveform at a given location, when the grid is running normally and particularly when it has to deal with a major disturbance.

Critical flaws in MLflow, PyTorch, and more enable remote code execution, threatening AI and ML security.