As many as 350,000 open source projects are believed to be potentially vulnerable to exploitation as a result of a security flaw in a Python module that has remained unpatched for 15 years.
The open source repositories span a number of industry verticals, such as software development, artificial intelligence/machine learning, web development, media, security, and IT management.
The shortcoming, tracked as CVE-2007–4559 (CVSS score: 6.8), is rooted in the tarfile module, successful exploitation of which could lead to code execution from an arbitrary file write.
Maximizing Benefits Of The Life Sciences & Health Tech For All Americans — Dr. Andrew Hebbeler, Ph.D., Principal Assistant Director for Health and Life Sciences, Office of Science and Technology Policy, The White House.
Dr. Andrew Hebbeler, Ph.D., is Principal Assistant Director for Health and Life Sciences, Office of Science and Technology Policy at The White House (https://www.whitehouse.gov/ostp/ostps-teams/health-and-life-sciences/), and has extensive foreign affairs, national security, global health, and science and technology (S&T) policy experience.
Most recently, Dr. Hebbeler was Senior Director and Lead Scientist for Global Biological Policy and Programs at the non-profit Nuclear Threat Initiative and previous to that served in leadership positions at the State Department’s offices of Science and Technology Cooperation (OES/STC), the Science and Technology Adviser to the Secretary of State (E/STAS), and Cooperative Threat Reduction (ISN/CTR).
From 2013–2015, Dr. Hebbeler was Assistant Director for Biological and Chemical Threats at the Obama White House Office of Science and Technology Policy where he oversaw American S&T efforts to combat infectious disease and chemical weapon threats.
Prior to his White House position, Dr. Hebbeler led the State Department’s Biosecurity Engagement Program, a $40M program that prevents terrorist access to potentially dangerous biological materials and dual-use infrastructure and expertise, while supporting efforts to combat infectious disease and enhance public and animal health worldwide.
Wearable tech has seen an explosion of creativity and applications in the last decade; especially with circuit components getting smaller and cheaper, and batteries getting better and better. Whereas taking phone calls on your wrist was impressive just a few years ago, now, you can experiment with deauthentication attacks on WiFi networks just from this watch: the DSTIKE Deauther Watch SE.
Based on the ESP8266 WiFi microcontroller, this watch is the latest generation of a project to give you a wearable interface for pen testing local WiFi networks. The watch only works on 2.4GHz networks, due to the restrictions of the ESP8266. It comes pre-flashed with the latest ESP8266 Deauther firmware, which is an open-source project! The watch supports four main functions: a deauther attack, which disconnects all local 2.4GHz networks; deauther beacon, used for creating fake networks; deauther probe, to confuse any nearby WiFi trackers; and packet monitoring, which lets you display local WiFi traffic. As you can see, there’s a lot to appreciate in this slick and discreet package.
This watch (and its prior iterations) are made and sold by Travis Lin. Much like the seller emphasizes on the product page, this device is meant for educational purposes, and should be only tested on devices and networks you own. But if this has your curiosity piqued, put on your red hat and check out the wearable devices and other security goodies they have for sale!
These 15 robots may demonstrate that the concept is viable.
Personal robots have been a common trope in sci-fi for many decades. Their apparent plausibility has made many sci-fi enthusiasts wonder when they may become a reality.
Some robots with personal robot-like features have been developed, but are they personal robots?
Would you like a robot to assist you in the house? Perhaps another for personal security? Well, you can’t help but notice that there appears to be a complete lack of them.
The laser that will be the most powerful in the United States is preparing to send its first pulses into an experimental target at the University of Michigan.
Called ZEUS, the Zetawatt-Equivalent Ultrashort pulse laser System, it will explore the physics of the quantum universe as well as outer space, and it is expected to contribute to new technologies in medicine, electronics and national security.
“ZEUS will be the highest peak power laser in the U.S. and among the most powerful laser systems in the world. We’re looking forward to growing the research community and bringing in people with new ideas for experiments and applications,” said Karl Krushelnick, director of the Center for Ultrafast Optical Science, which houses ZEUS, and the Henry J. Gomberg Collegiate Professor of Engineering.
Lassa fever is like ebola and there is an outbreak in Nigeria. It is transmissible through inhalation.
The death of a patient in the UK suffering from Lassa fever has heightened concern around the illness after a third case was reported.
The UK Health Security Agency (UKHSA) said it was contacting individuals who had been in close contact with the infected patients after the death was confirmed last week.
Commenting on the recent cases detected in the UK, which were linked to travel to west Africa, Dr Susan Hopkins, chief medical advisor at UKHSA, said: Cases of Lassa fever are rare in the UK and it does not spread easily between people.
Inbound foreign investments in key sectors are reviewed by the Committee on Foreign Investment in the United States (CFIUS). However, screening of outbound investments – a so-called “reverse CFIUS” – would be new, and could significantly impact industries ranging from aerospace and defense to fintech to pharmaceuticals.
How did we get here?
The last several years have witnessed an accelerated national security pivot from the twenty-year global war on terror to strategic competition with major state adversaries. Unclassified assessments of the U.S. national security posture reveal significant threats in domains ranging from artificial intelligence to hypersonic weapons to energy, many of which have been exacerbated by the theft of U.S. technology. The legislation proposing a “reverse CFIUS” review would seek to counter these threats by adding new controls to the flow of U.S. capital and intellectual property abroad.
While having their own unique areas of expertise and resources, the NQISRCs are all aligned to the same mission—the advancement of quantum information science.
Five National Quantum Information Science Research Centers (NQISRCs) are leveraging the behavior of nature at the smallest scales to develop technologies for science’s most complex problems. Supported by the U.S. Department of Energy (DOE) Office of Science, the NQISRCs have been supporting DOE’s mission since 2020 to advance the energy, economic and national security of the United States. By building a national quantum ecosystem and workforce comprising researchers at roughly 70 institutions across the United States, the centers create a rich environment for quantum innovation and co-design.
The NQISRCs integrate state-of-the-art DOE facilities, preeminent talent at national laboratories and U.S. universities, and the enterprising ingenuity of U.S. technology companies.
“In June, our delegation was in South Korea, in July we went to France. Negotiations are ongoing with Chinese suppliers. Based on the results of an in-depth study of international experience, nuclear technology suppliers will be involved. I repeat, this will be an international project,” he reaffirmed, adding that the results of this experience is under study.
“In principle, the construction of a nuclear power plant is a long process, it takes about eight years. Without nuclear power, we will not be able to ensure energy security for ourselves… We will need such generation — the whole world is moving towards decarbonisation. We must move to clean technologies, and nuclear generation is the answer to the challenge of the times,” he stressed.
He stressed that the safety of NPP operation is of paramount importance. “We will choose the technology that is the safest, and those suppliers who can complete all the work in a timely manner. Related areas of our economy will also develop around this industry. There will be a big positive effect on the development of our country as a whole.”