Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: security – Page 45

Can you imagine if we had computer/brain interfaces what would happen? We’ll need brain firewalls and antivirus.

Android apps digitally signed by China’s third-biggest e-commerce company exploited a zero-day vulnerability that allowed them to surreptitiously take control of millions of end-user devices to steal personal data and install malicious apps, researchers from security firm Lookout have confirmed.

The malicious versions of the Pinduoduo app were available in third-party markets, which users in China and elsewhere rely on because the official Google Play market is off-limits or not easy to access. No malicious versions were found in Play or Apple’s App Store. Last Monday, TechCrunch reported that Pinduoduo was pulled from Play after Google discovered a malicious version of the app available elsewhere. TechCrunch reported the malicious apps available in third-party markets exploited several zero-days, vulnerabilities that are known or exploited before a vendor has a patch available.

Sophisticated attack

A preliminary analysis by Lookout found that at least two off-Play versions of Pinduoduo for Android exploited CVE-2023–20963, the tracking number for an Android vulnerability Google patched in updates that became available to end users two weeks ago. This privilege-escalation flaw, which was exploited prior to Google’s disclosure, allowed the app to perform operations with elevated privileges. The app used these privileges to download code from a developer-designated site and run it within a privileged environment.

Read more | >

It’s past time the world moves away from text-based passwords and verifications for mobile phones and starts embracing more secure image-based solutions, say computer scientists from the University of Surrey.

In a new study, Surrey scientists demonstrate an image-based authentication system called TIM (Transparent Image Moving) for mobile phones to help reduce the risk of shoulder surfing attacks. TIM requires users to select and move predefined images to a designated position for passing authentication checks, similar to those required for .

The proof-of-concept study found that 85% of TIM users believed it could help them to prevent password guessing and shoulder surfing attacks. The study also found that 71% of participants think TIM is a more usable image-based solution than others on the market. The research has been published in the Journal of Information Security and Applications.

Read more | >

University of Texas at Dallas researchers have developed a new approach that addresses challenges in the field of quantum computing and has the potential to revolutionize computing, communications and electronic security.

To make solid-state qubits, the basic information unit for quantum computers, a defect must be inserted into the to control the spin states of electrons. Creating and positioning the defect, however, especially in the most commonly used solid material——poses a major challenge.

UT Dallas researchers found that making qubits from thin, two-dimensional sheets of crystals called (TMDs) instead of diamond can solve this problem. Led by Dr. Kyeongjae Cho, professor of materials science and engineering in the Erik Jonsson School of Engineering and Computer Science, the researchers published their findings online Dec. 6 in Nature Communications.

Read more | >

Following this trial, the bank will offer this service to its larger base of US merchant clients.

JP Morgan has announced plans to pilot biometric-based payments at select US retailers. It is one of the world’s largest payment-processing companies.

Pilot program roll-out.

Prostock-Studio/iStock.

This development comes at a time when biometric authentication is gaining popularity. Biometric tools are thought to be the most secure method of transaction authentication. According to Goode Intelligence, global biometric payments are expected to reach $5.8 trillion by 2026, with up to three billion users.

Read more | >

US gaming and computer graphics giant Nvidia has joined forces with an Israeli startup to roll out a new hardware system to connect the quantum computer with classical computers.

The new system, Nvidia DGX Quantum, built together with Israel’s Quantum Machines, a developer of a standard universal language for quantum computers, is expected to be first deployed at Israel’s quantum computing research center at the end of this year.

The quantum computing R&D center funded by the Israel Innovation Authority at an investment of NIS 100 million ($27 million), which is headed by Quantum Machines, was established to help Israel build a quantum computer and advance research in the field that would lead to future developments in economics, technology, security, engineering, and science.

Read more | >

United Launch Alliance’s second-to-last Delta 4-Heavy rocket is scheduled to blast off from Cape Canaveral April 20 with a classified cargo for the U.S. government’s spy satellite agency, a mission that will mark ULA’s first flight of the year, officials announced this week.

ULA and the National Reconnaissance Office, the customer for the national security mission, announced the target launch date Tuesday.

The mission is known as NROL-68, and is expected to loft a large surveillance satellite into geosynchronous orbit, joining a fleet of government-owned spacecraft designed to eavesdrop on the communications of adversaries and foreign powers. But the NRO does not disclose details about its missions, and independent analysts use information about the rocket’s lift capability, trajectory, and similar past launches to predict the purpose of spy satellite missions.

Read more | >

ChatGPT launched a tide wave of interest in AI. For many consumers, AI is finally living up to long overdue expectations. The accomplishments of ChatGPT in a short period of time are phenomenal. But what is yet to come when AI is combined with robotics will change everything.

I have been promoting the advances in robotics for several years. I even called 2022 the year of robotics, partially because of the growing need to overcome shortages in labor and to handle tasks beyond the physical or mental capability of humans, and partially because of the continued advances that AI, accelerated processing, semiconductor, sensors, wireless connectivity, and software technologies are enabling to develop advanced, autonomous machines. Robots are no longer just for the manufacturing floor. They are hazardous material handlers, janitors, personal assistants, food preparers, food deliverers, security guards, and even surgeons that are increasingly autonomous. Essentially, they are AI in the physical world. As a result, robot competitions are heating up from middle schools to Las Vegas.

As seen at CES, robotics technology is advancing rapidly with advances in technology. My favorite examples were the multi-configurable Yarbo outdoor robot and the John Deere See & Spray. Yarbo can be a mower, a leaf blower, or a snow blower. If it could dispose of animal excrement and the annoying neighbor, it would be perfect yard tool. On the other end of the spectrum was the John Deere See & Spray Ultimate, a tractor with up to a 120-foot (36.6m) reach that uses AI/ML to detect weeds smaller than the size of a smart phone camera and spray herbicide accordingly. John Deere also offers self-drive tractors.

Read more | >

Check out all the on-demand sessions from the Intelligent Security Summit here.

Many businesses struggle with demand forecasting. Whether you run a small business or a large enterprise, the challenge of predicting customer behavior and stock levels never gets easier. Even major organizations like Target and Walmart that are able to afford teams of data scientists have recently reported struggles with excess inventory due to poor demand forecasting.

During this time of global uncertainty, many businesses have adopted a just-in-case mindset. They’ve relied on archaic methods of forecasting, scouring old data and drawing poor conclusions based on past problems.

Read more | >

Optical computing has been gaining wide interest for machine learning applications because of the massive parallelism and bandwidth of optics. Diffractive networks provide one such computing paradigm based on the transformation of the input light as it diffracts through a set of spatially-engineered surfaces, performing computation at the speed of light propagation without requiring any external power apart from the input light beam. Among numerous other applications, diffractive networks have been demonstrated to perform all-optical classification of input objects.

Researchers at the University of California, Los Angeles (UCLA), led by Professor Aydogan Ozcan, have introduced a “time-lapse” scheme to significantly improve the accuracy of diffractive optical networks on complex input objects. The findings are published in the journal Advanced Intelligent Systems.

In this scheme, the object and/or the diffractive network are moved relative to each other during the exposure of the output detectors. Such a “time-lapse” scheme has previously been used to achieve super-resolution imaging, for example, in , by capturing multiple images of a scene with lateral movements of the camera.

Read more | >

Researchers have captured the signal of neutrinos from a nuclear reactor using a water-filled neutrino detector, a first for such a device.

In a mine in Sudbury, Canada, the SNO+ detector is being readied to search for a so-far-undetected nuclear-decay process. Spotting this rare decay would allow researchers to confirm that the neutrino is its own antiparticle (see Viewpoint: Probing Majorana Neutrinos). But while SNO+ team members prepare for that search, they have made another breakthrough by capturing the interaction with water of antineutrinos from nuclear reactors [1]. The finding offers the possibility of making neutrino detectors from a nontoxic material that is easy to handle and inexpensive to obtain, key factors for use of the technology in auditing the world’s nuclear reactors (see Feature: Neutrino Detectors for National Security).

The SNO+ detector was inherited from the earlier Sudbury Neutrino Observatory (SNO) experiment. Today the detector is filled with a liquid that lights up when charged particles pass through it. But in 2018, to calibrate the detector’s components and to characterize its intrinsic radioactive background signal after the experiment’s upgrade, it contained water. The antineutrino signal was observed when, after completing those measurements, the researchers took the opportunity to carry out additional experiments before the liquid was switched out.

Read more | >