Lifeboat Foundation

Computer vision is one of the most popular applications of artificial intelligence. Image classification, object detection and object segmentation are some of the use cases of computer vision-based AI. These techniques are used in a variety of consumer and industrial scenarios. From face recognition-based user authentication to inventory tracking in warehouses to vehicle detection on roads, computer vision is becoming an integral part of next-generation applications.

Computer vision uses advanced neural networks and deep learning algorithms such as Convolutional Neural Networks (CNN), Single Shot Multibox Detector (SSD) and Generative Adversarial Networks (GAN). Applying these algorithms requires a thorough understanding of neural network architecture, advanced mathematics and image processing techniques. For an average ML developer, CNN remains to be a complex branch of AI.

Apart from the knowledge and understanding of algorithms, CNNs demand high end, expensive infrastructure for training the models, which is out of reach for most of the developers.

When practical quantum computing finally arrives, it will have the power to crack the standard digital codes that safeguard online privacy and security for governments, corporations, and virtually everyone who uses the Internet. That’s why a U.S. government agency has challenged researchers to develop a new generation of quantum-resistant cryptographic algorithms.

Many experts don ’t expect a quantum computer capable of performing the complex calculations required to crack modern cryptography standards to become a reality within the next 10 years. But the U.S. National Institute of Standards and Technology (NIST) wants to stay ahead by getting new cryptographic standards ready by 2022. The agency is overseeing the second phase of its Post-Quantum Cryptography Standardization Process to narrow down the best candidates for quantum-resistant algorithms that can replace modern cryptography.

“Currently intractable computational problems that protect widely-deployed cryptosystems, such as RSA and Elliptic Curve-based schemes, are expected to become solvable,” says Rafael Misoczki, a cryptographer at the Intel Corporation and a member of two teams (named Bike and Classic McEliece) involved in the NIST process. “This means that quantum computers have the potential to eventually break most secure communications on the planet.”

As part of continuing efforts to ensure their vehicles are the safest cars on the road, Tesla’s “Bug Bounty” program gives awards to security researchers that uncover vulnerabilities in the company’s various product systems. Perhaps one of the most impressive parts of that program, however, is Tesla’s ability to remedy the flaws quickly. In the most recent example of their dedication to security, a Bug Bounty find from April this year is now being patched via an over-the-air (OTA) update in 2019.32.

Last year, a Tesla Model S key fob was hacked by a team led by Lennert Wouters of Katholieke Universiteit Leuven in Belgium (KU Leuven). The security flaw enabled would-be car thieves to clone a fob in less than two seconds, after which the vehicle could be driven off. Tesla subsequently offered a multi-part fix: PIN to Drive, a software update, and a new fob. Wouters again found a very similar flaw in the new fob, but this time the fix only required an OTA update which patched both the vehicle software and the fob’s configuration via radio waves.

It’s official: Android 10, the next version of the Android operating system, ships 3 September 2019. Well, it’s semi-official, at least.

Mobile site PhoneArena reports that Google’s customer support staff let the date slip to a reader during a text conversation. Expect the operating system, also known as Android Q, to hit Google’s Pixel phones first before rolling out to other models. It will include a range of privacy and security improvements that should keep Android users a little safer.

Ukrainian authorities are investigating a potential security breach at a local nuclear power plant after employees connected parts of its internal network to the internet so they could mine cryptocurrency.

The investigation is being led by the Ukrainian Secret Service (SBU), who is looking at the incident as a potential breach of state secrets due to the classification of nuclear power plants as critical infrastructure.

Investigators are examining if attackers might have used the mining rigs as a pivot point to enter the nuclear power plant’s network and retrieve information from its systems, such as data about the plant’s physical defenses and protections.

Cambridge Quantum Computing has a demo of its quantum key security generation at Ironbridgeapi.com.

In a session at the Crypto and Privacy Village within the DEF CON 27 conference in Las Vegas, Cat Murdock, security analyst at GuidePoint Security, outlined a nightmare scenario seemingly straight out of an episode of Black Mirror (the session, coincidentally, was titled Black Mirror: You Are Your Own Privacy Nightmare – The Hidden Threat of Paying For Subscription Services).

Murdock detailed how simply having a Netflix account could potentially be the key that enables an attacker to gain access to a user’s banking information. She noted that approximately 60% of the adult population pays for some form of online subscription service, be it Netflix, Spotify or something else. She also noted that everyone with an online subscription has a bank account.

One way a financial institution verifies an account holder when they try to gain access is to verify a recent transaction, which is where subscription services come into play. Murdock observed that there are only so many plans that a subscription service offers and the payments typically recur at the same time every month.

For the last two years, hackers have come to the Voting Village at the Defcon security conference in Las Vegas to tear down voting machines and analyze them for vulnerabilities. But this year’s village features a fancy new target: a prototype of a so-called secure voting machine, created through a $10 million project at the Defense Advanced Research Projects Agency. You know it better as DARPA, the government’s mad science wing.

Several countries have been targeted by a long-term campaign operated by financially motivated threat actors who used a backdoor and a remote access Trojan (RAT) malicious combo to take control of infected computers.

The two malicious payloads dubbed BalkanDoor and BalkanRAT by the ESET researchers who spotted them have been previously detected in the wild by the Croatian CERT in 2017 and, even earlier, by a Serbian security outfit in 2016.

However, ESET was the first to make the connection between them, after observing several quite significant overlaps in the entities targeted by their operators, as well as Tactics, Techniques, and Procedures (TTP) similarities.