Toggle light / dark theme

UN aviation agency investigating ‘potential’ security breach

On Monday, the United Nations’ International Civil Aviation Organization (ICAO) announced it was investigating what it described as a “reported security incident.”

Established in 1944 as an intergovernmental organization, this United Nations agency works with 193 countries to support the development of mutually recognized technical standards.

“ICAO is actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations,” ICAO said in a statement.

How we classify flood risk may give developers and home buyers a false sense of security

Common methods of communicating flood risk may create a false sense of security, leading to increased development in areas threatened by flooding.

This phenomenon, called the “safe development paradox,” is described in a new paper from North Carolina State University. Lead author Georgina Sanchez, a research scholar in NC State’s Center for Geospatial Analytics, said this may be an unintended byproduct of how the Federal Emergency Management Agency classifies areas based on their probability of dangerous flooding.

The findings are published in the journal PLOS ONE.

Quantum Teleportation Made Possible! Scientists Achieved Near-Perfect Results

Discover the groundbreaking world of quantum teleportation! Learn how scientists are revolutionizing data transfer using quantum entanglement, enabling secure, instant communication over vast distances. From integrating quantum signals into everyday internet cables to overcoming challenges like noise, this technology is reshaping our future. Explore the possibilities of a quantum internet and its role in computing and security. Watch our full video for an engaging dive into how quantum teleportation works and why it’s a game-changer for technology. Don’t miss out!

Paper link: https://journals.aps.org/prl/abstract

Visit our website for up-to-the-minute updates:
www.nasaspacenews.com.

Follow us.
Facebook: / nasaspacenews.
Twitter: / spacenewsnasa.

Join this channel to get access to these perks:
/ @nasaspacenewsagency.

#NSN #NASA #Astronomy#QuantumTeleportation #QuantumInternet #QuantumComputing #SecureCommunication #QuantumTech #ScienceBreakthrough #DataTransfer #FutureTechnology #QuantumEntanglement #QuantumScience #QuantumWorld #TeleportationScience #TechInnovation #NextGenTech #QuantumPhysics #ScienceExplained #CuttingEdgeTech #QuantumFuture #QuantumTechnology #TeleportationExplained #QuantumNetworks #RevolutionaryTech #TechUpdates #QuantumCommunication #DataRevolution #QuantumMechanics #TechAdvancements #PhysicsInnovation #ScienceMadeSimple #QuantumBreakthrough #QuantumDiscoveries

AI’s Achilles’ Heel: Researchers Expose Major Model Security Flaw

Researchers used electromagnetic signals to steal and replicate AI models from a Google Edge TPU with 99.91% accuracy, exposing significant vulnerabilities in AI systems and calling for urgent protective measures.

Researchers have shown that it’s possible to steal an artificial intelligence (AI) model without directly hacking the device it runs on. This innovative technique requires no prior knowledge of the software or architecture supporting the AI, making it a significant advancement in model extraction methods.

“AI models are valuable, we don’t want people to steal them,” says Aydin Aysu, co-author of a paper on the work and an associate professor of electrical and computer engineering at North Carolina State University. “Building a model is expensive and requires significant computing sources. But just as importantly, when a model is leaked, or stolen, the model also becomes more vulnerable to attacks – because third parties can study the model and identify any weaknesses.”

3D-printed ‘ghost guns’, like the one Luigi Mangione allegedly used to kill a health care CEO, surge in popularity as law enforcement struggles to keep up

By November 2024, 15 U.S. states had established regulations on ghost guns, though exact requirements vary. The rules typically require a serial number, background checks for firearm component purchases and reporting to authorities that a person is producing 3D-printed guns.

For instance, in New Jersey, a 2019 law mandates that all ghost guns have a serial number and be registered. Under current New York law, possession or distribution of a 3D-printed gun is classified as a misdemeanor. However, a proposed law seeks to elevate the manufacturing of firearms using 3D-printing technology to a felony offense.

As technology advances and rules evolve, criminals who use 3D-printed firearms will continue to pose threats to public safety and security, and governments will continue playing catch-up to effectively regulate these weapons.

MIT’s light-activated antiferromagnetic memory could replace today’s ferromagnets

The research team, led by physics professor Nuh Gedik, concentrated on a material called FePS₃, a type of antiferromagnet that transitions to a non-magnetic state at around −247°F. They hypothesized that precisely exciting the vibrations of FePS₃’s atoms with lasers could disrupt its typical antiferromagnetic alignment and induce a new magnetic state.

In conventional magnets (ferromagnets), all atomic spins align in the same direction, making their magnetic field easy to control. In contrast, antiferromagnets have a more complex up-down-up-down spin pattern that cancels out, resulting in zero net magnetization. While this property makes antiferromagnets highly resistant to stray magnetic influences – an advantage for secure data storage – it also creates challenges in intentionally switching them between “0” and “1” states for computing.

Gedik’s innovative laser-driven approach seeks to overcome this obstacle, potentially unlocking antiferromagnets for future high-performance memory and computational technologies.

How to Generate a CrowdStrike RFM Report With AI in Tines

Run by the team at orchestration, AI, and automation platform Tines, the Tines library contains pre-built workflows shared by real security practitioners from across the community, all of which are free to import and deploy via the Community Edition of the platform.

Their bi-annual “You Did What with Tines?!” competition highlights some of the most interesting workflows submitted by their users, many of which demonstrate practical applications of large language models (LLMs) to address complex challenges in security operations.

One recent winner is a workflow designed to automate CrowdStrike RFM reporting. Developed by Tom Power, a security analyst at The University of British Columbia, it uses orchestration, AI and automation to reduce the time spent on manual reporting.

US Homeland Security chief attacks EU effort to police artificial intelligence

The outgoing head of the US Department of Homeland Security believes Europe’s “adversarial” relationship with tech companies is hampering a global approach to regulating artificial intelligence that could result in security vulnerabilities.

Alejandro Mayorkas told the Financial Times the US — home of the world’s top artificial intelligence groups, including OpenAI and Google — and Europe are not on a “strong footing” because of a difference in regulatory approach.

He stressed the need for “harmonisation across the Atlantic”, expressing concern that relationships between governments and the tech industry are “more adversarial” in Europe than in the US.

Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online

As many as 296,000 Prometheus Node Exporter instances and 40,300 Prometheus servers have been estimated to be publicly accessible over the internet, making them a huge attack surface that could put data and services at risk.

The fact that sensitive information, such as credentials, passwords, authentication tokens, and API keys, could be leaked through internet-exposed Prometheus servers has been documented previously by JFrog in 2021 and Sysdig in 2022.

“Unauthenticated Prometheus servers enable direct querying of internal data, potentially exposing secrets that attackers can exploit to gain an initial foothold in various organizations,” the researchers said.