Menu

Blog

Archive for the ‘security’ category

Feb 25, 2024

Texas’s San Antonio airport will get a 420lb autonomous security robot

Posted by in categories: robotics/AI, security, transportation

The robot, which weighs 420lbs, stands at 5ft 4in and travels at 3 miles per hour, is expected to make its appearance at the airport in the next two months, according to local reports.

According to Knightscope, the K5 is intended for outdoor use and features autonomous recharging without requiring human intervention. Features listed on Knightscope’s website include 360-degree and eye-level video streaming, people detection during certain restricted hours, thermal anomaly detection, as well as license plate recognition.

The city’s director of airports, Jesus Saenz, said that the K5 will be used to respond to door alarms at the airport and will be placed near doors with alarms that are frequently set off.

Feb 23, 2024

SentinelOne Singularity Data Lake Data Sheet

Posted by in categories: business, security, singularity

Singularity Data Lake empowers businesses to centralize and transform data into actionable intelligence for cost-effective, high-performance security and log analytics. The unified, AI-powered platform converges SIEM, XDR, and analytics solutions, creating a comprehensive security and log data ecosystem.

Feb 21, 2024

Quantum annealers and the future of prime factorization

Posted by in categories: encryption, information science, quantum physics, security

Researchers at the University of Trento, Italy, have developed a novel approach for prime factorization via quantum annealing, leveraging a compact modular encoding paradigm and enabling the factorization of large numbers using D-Wave quantum devices.

Prime factorization is the procedure of breaking down a number into its prime components. Every integer greater than one can be uniquely expressed as a product of prime numbers.

In cryptography, prime factorization holds particular importance due to its relevance to the security of encryption algorithms, such as the widely used RSA cryptosystem.

Feb 20, 2024

New Malicious PyPI Packages Caught Using Covert Side-Loading Tactics

Posted by in category: security

Malicious packages lurking in open-source repositories. Discover how DLL side-loading is the latest technique used to evade security software.

Feb 20, 2024

Your fingerprints can be recreated from the sounds made when you swipe on a touchscreen — Chinese and US researchers show new side channel can reproduce fingerprints to enable attacks

Posted by in categories: privacy, security

An interesting new attack on biometric security has been outlined by a group of researchers from China and the US. PrintListener: Uncovering the Vulnerability of Fingerprint Authentication via the Finger Friction Sound [PDF] proposes a side-channel attack on the sophisticated Automatic Fingerprint Identification System (AFIS). The attack leverages the sound characteristics of a user’s finger swiping on a touchscreen to extract fingerprint pattern features. Following tests, the researchers assert that they can successfully attack “up to 27.9% of partial fingerprints and 9.3% of complete fingerprints within five attempts at the highest security FAR [False Acceptance Rate] setting of 0.01%.” This is claimed to be the first work that leverages swiping sounds to infer fingerprint information.

Biometric fingerprint security is widespread and widely trusted. If things continue as they are, it is thought that the fingerprint authentication market will be worth nearly $100 billion by 2032. However, organizations and people have become increasingly aware that attackers might want to steal their fingerprints, so some have started to be careful about keeping their fingerprints out of sight, and become sensitive to photos showing their hand details.

Feb 20, 2024

WordPress Bricks Theme Under Active Attack: Critical Flaw Impacts 25,000+ Sites

Posted by in category: security

A critical security flaw in the Bricks theme for WordPress is being actively exploited by threat actors to run arbitrary PHP code on susceptible installations.

The flaw, tracked as CVE-2024–25600 (CVSS score: 9.8), enables unauthenticated attackers to achieve remote code execution. It impacts all versions of the Bricks up to and including 1.9.6.

It has been addressed by the theme developers in version 1.9.6.1 released on February 13, 2024, merely days after WordPress security provider Snicco reported the flaw on February 10.

Feb 19, 2024

MIT develops tamper-proof ID tag for cheaper and secure authentication

Posted by in categories: computing, particle physics, security

RFID tags are commonly used to verify the authenticity of products, but they have some drawbacks. They are relatively large, expensive, and vulnerable to counterfeiting. A team of MIT engineers has developed a new type of ID tag that overcomes these limitations by using terahertz waves, which are smaller and faster than radio waves.

The new tag is a cryptographic chip several times smaller and cheaper than RFID tags. It also offers improved security, using the unique pattern of metal particles in the glue that attaches the tag to the item as a fingerprint. This way, the authentication system will detect tampering if someone tries to peel off the tag and stick it to a fake item.

Feb 15, 2024

OpenAI Hiring Detective to Find Who’s Leaking Its Precious Info

Posted by in categories: robotics/AI, security

OpenAI is looking to hire an “insider risk investigator” to “fortify our organization against internal security threats.”

According to the company’s job listing, first spotted by MSPowerUser, the gumshoe is supposed to help the company safeguard its assets by “analyzing anomalous activities, promoting a secure culture, and interacting with various departments to mitigate risks.” Per the Wayback Machine, the job listing has been up since mid-January.

“You’ll play a crucial role in safeguarding OpenAI’s assets by analyzing anomalous activities, promoting a secure culture, and interacting with various departments to mitigate risks,” the listing reads. “Your expertise will be instrumental in protecting OpenAI against internal risks, thereby contributing to the broader societal benefits of artificial intelligence.”

Feb 13, 2024

Alert: CISA Warns of Active ‘Roundcube’ Email Attacks — Patch Now

Posted by in category: security

CISA has identified a medium-severity security flaw affecting Roundcube email software, categorized as CVE-2023–43770.

Feb 13, 2024

Why AI can’t replace air traffic controllers

Posted by in categories: biotech/medical, robotics/AI, security

An air traffic controller’s routine can be disrupted by an aircraft that requires special handling. This could range from an emergency to priority handling of medical flights or Air Force One. Controllers are given the responsibility and the flexibility to adapt how they manage their airspace.

The requirements for the front line of air traffic control are a poor match for AI’s capabilities. People expect air traffic to continue to be the safest complex, high-technology system ever. It achieves this standard by adhering to procedures when practical, which is something AI can do, and by adapting and exercising good judgment whenever something unplanned occurs or a new operation is implemented – a notable weakness of today’s AI.

Indeed, it is when conditions are the worst – when controllers figure out how to handle aircraft with severe problems, airport crises or widespread airspace closures due to security concerns or infrastructure failures – that controllers’ contributions to safety are the greatest.

Page 1 of 13112345678Last