The authors of a new study were able to order all the synthetic genes necessary to reconstruct the 1918 pandemic influenza virus. Do their findings represent a security flaw in a critical area of biotechnology?
Category: security – Page 21
There are plenty of reasons why Google would be interested in going down this route. For example, closer integration would make Android handsets more compatible with Chromebooks. However, it appears the main reason for the move is to accelerate the delivery of AI features.
As the Mountain View-based firm explains, having Chrome OS lean more on Android’s tech stack will make it easier to bring new AI features to Chromebooks. The company adds that along with the change, it wants to maintain the “security, consistent look and feel, and extensive management capabilities” that users are acquainted with.
Google is working on the updates starting today, but notes that users won’t see the changes for a while. The tech giant claims that when everything is ready, the transition will be seamless.
Researchers at the University of California, Los Angeles (UCLA) have developed an innovative information-hiding camera to optically transform and conceal input images into ordinary-looking patterns, providing a powerful solution for visual information security. The work is published in the journal Science Advances.
Sarah Adams (call sign: Superbad) is a former CIA Targeting Officer and author of Benghazi: Know Thy Enemy. Adams served as the Senior Advisor for the U.S. House of Representatives Select Committee on Benghazi. She conducted all-source investigations and oversight activities related to the 2012 Libya terrorist attacks and was instrumental in mitigating future security risks to U.S. personnel serving overseas. Adams remains one of the most knowledgeable individuals on active terrorism threats around the world.
Get Sarah’s intel briefing via the newsletter: https://shawnryanshow.com/pages/newsl…
Join this channel to get access to perks:
/ @shawnryanshow.
Shawn Ryan Show Links.
SUBSCRIBE: / @shawnryanshow.
Sign up: https://shawnryanshow.com/pages/newsl…
Support the Show: / vigilanceelite.
Download Free Content: https://drive.google.com/drive/folder…
Listen on Apple: https://podcasts.apple.com/us/podcast…
Listen on Spotify: https://open.spotify.com/show/5eodRZd…
Follow on TikTok: / shawnryanshow.
Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances.
The vulnerability, tracked as CVE-2024–4577, has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating system.
According to DEVCORE security researcher, the shortcoming makes it possible to bypass protections put in place for another security flaw, CVE-2012–1823.
A group of Israeli researchers explored the security of the Visual Studio Code marketplace and managed to “infect” over 100 organizations by trojanizing a copy of the popular ‘Dracula Official theme to include risky code. Further research into the VSCode Marketplace found thousands of extensions with millions of installs.
Visual Studio Code (VSCode) is a source code editor published by Microsoft and used by many professional software developers worldwide.
Microsoft also operates an extensions market for the IDE, called the Visual Studio Code Marketplace, which offers add-ons that extend the application’s functionality and provide more customization options.
The disclosure notice also noted several security changes made to the Spaces platform in response to the leak, including the removal of org tokens to improve traceability and auditing capabilities, and the implementation of a key management service (KMS) for Spaces secrets.
Hugging Face said it plans to deprecate traditional read and write tokens “in the near future,” replacing them with fine-grained access tokens, which are currently the default.
Spaces users are recommended to switch their Hugging Face tokens to fine-grained access tokens if they are not already using them, and refresh any key or token that may have been exposed.
Applied in this way, it’s not just generative AI—this is transformational AI. It goes beyond accelerating productivity; it accelerates innovation by sparking new business strategies and revamping existing operations, paving the way for a new era of autonomous enterprise.
Keep in mind that not all Large Language Models (LLMs) can be tailored for genuine business innovation. Most models are generalists that are trained on public information found on the internet and are not experts on your particular brand of doing business. However, techniques like Retrieval Augmented Generation (RAG) allow for the augmentation of general LLMs with industry-specific and company-specific data, enabling them to adapt to anyone’s requirements without extensive and expensive training.
We are still in the nascent stages of advanced AI adoption. Most companies are grappling with the basics—such as implementation, security and governance. However, forward-thinking organizations are already looking ahead. By reimagining the application of generative AI, they are laying the groundwork for businesses to reinvent themselves, ushering in an era where innovation knows no bounds.
Google has accidentally collected childrens’ voice data, leaked the trips and home addresses of car pool users, and made YouTube recommendations based on users’ deleted watch history, among thousands of other employee-reported privacy incidents, according to a copy of an internal Google database which tracks six years worth of potential privacy and security issues obtained by 404 Media.
Individually the incidents, most of which have not been previously publicly reported, may only each impact a relatively small number of people, or were fixed quickly. Taken as a whole, though, the internal database shows how one of the most powerful and important companies in the world manages, and often mismanages, a staggering amount of personal, sensitive data on people’s lives.
The data obtained by 404 Media includes privacy and security issues that Google’s own employees reported internally. These include issues with Google’s own products or data collection practices; vulnerabilities in third party vendors that Google uses; or mistakes made by Google staff, contractors, or other people that have impacted Google systems or data. The incidents include everything from a single errant email containing some PII, through to substantial leaks of data, right up to impending raids on Google offices. When reporting an incident, employees give the incident a priority rating, P0 being the highest, P1 being a step below that. The database contains thousands of reports over the course of six years, from 2013 to 2018.
Summary: ChatGPT Edu, powered by GPT-4o, is designed for universities to responsibly integrate AI into academic and campus operations. This advanced AI tool supports text and vision reasoning, data analysis, and offers enterprise-level security.
Successful applications at institutions like Columbia University and Wharton School highlight its potential. ChatGPT Edu aims to make AI accessible and beneficial across educational settings.