БЛОГ

Archive for the ‘security’ category: Page 9

Apr 22, 2024

SpaceX’s Upcoming Starship Launch Schedule and FAA Approval Update

Posted by in categories: security, space travel

SpaceX is preparing for upcoming Starship launches and is working on upgrading launch support infrastructure, but still needs FAA approval for the new launch schedule.

Questions to inspire discussion.

Continue reading “SpaceX’s Upcoming Starship Launch Schedule and FAA Approval Update” »

Apr 19, 2024

22,500 Palo Alto firewalls “possibly vulnerable” to ongoing attacks

Posted by in category: security

Approximately 22,500 exposed Palo Alto GlobalProtect firewall devices are likely vulnerable to the CVE-2024–3400 flaw, a critical command injection vulnerability that has been actively exploited in attacks since at least March 26, 2024.

CVE-2024–3400 is a critical vulnerability impacting specific Palo Alto Networks’ PAN-OS versions in the GlobalProtect feature that allows unauthenticated attackers to execute commands with root privileges using command injection triggered by arbitrary file creation.

The flaw was disclosed by Palo Alto Networks on April 12, with the security advisory urging system administrators to apply provided mitigations immediately until a patch was made available.

Apr 17, 2024

Tesla set to roll out awesome new Sentry Mode feature

Posted by in categories: security, sustainability, transportation

Tesla is set to roll out an awesome new feature with Sentry Mode, allowing owners to watch the video clip recorded by the car on their phone.

Sentry Mode is a security feature on Tesla vehicles that records instances and events that occur near the car. It has helped solve things as simple as petty vandalism, like keying, and even liability in accidents.

For years, it has been available on Tesla vehicles. Yet, people are still not aware of this capability and continue to commit crimes on the cars, not realizing they are being recorded.

Apr 14, 2024

Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack

Posted by in category: security

Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday.

The network security company’s Unit 42 division is tracking the activity under the name Operation MidnightEclipse, attributing it as the work of a single threat actor of unknown provenance.

The security vulnerability, tracked as CVE-2024–3400 (CVSS score: 10.0), is a command injection flaw that enables unauthenticated attackers to execute arbitrary code with root privileges on the firewall.

Apr 13, 2024

Private Quantum Cloud: Oxford University Physicists Make Advance in ‘Blind Quantum Computing’

Posted by in categories: computing, encryption, finance, quantum physics, security

PRESS RELEASE — The full power of next-generation quantum computing could soon be harnessed by millions of individuals and companies, thanks to a breakthrough by scientists at Oxford University Physics guaranteeing security and privacy. This advance promises to unlock the transformative potential of cloud-based quantum computing and is detailed in a new study published in the influential U.S. scientific journal Physical Review Letters.

Quantum computing is developing rapidly, paving the way for new applications which could transform services in many areas like healthcare and financial services. It works in a fundamentally different way to conventional computing and is potentially far more powerful. However, it currently requires controlled conditions to remain stable and there are concerns around data authenticity and the effectiveness of current security and encryption systems.

Several leading providers of cloud-based services, like Google, Amazon, and IBM, already separately offer some elements of quantum computing. Safeguarding the privacy and security of customer data is a vital precursor to scaling up and expending its use, and for the development of new applications as the technology advances. The new study by researchers at Oxford University Physics addresses these challenges.

Apr 8, 2024

Google Chrome Adds V8 Sandbox — A New Defense Against Browser Attacks

Posted by in category: security

Google tackles Chrome security with new V8 Sandbox. This aims to stop memory issues from spreading, protecting your browser experience.

Apr 7, 2024

To stay safe in Windows 10 from next October commercial customers have to pay $61, then ‘double every consecutive year for a maximum of three years’

Posted by in category: security

Commercial customers will have to get their wallets ready to keep receiving security updates for Windows 10.

Apr 7, 2024

It Is Time To Take Intel Seriously As A Chip Foundry

Posted by in categories: computing, economics, finance, government, security

The third proof point is both the increase in manufacturing capacity investment and the change in how that investment will be managed. With the interest in governments to secure future semiconductor manufacturing for both supply security and economic growth, Mr. Gelsinger went on a spending spree with investment in expanding capacity in Oregon, Ireland, and Israel, as well as six new fabs in Arizona, Ohio, and Germany. Most of the initial investment was made without the promise of government grants, such as the US Chips Act. However, Intel has now secured more than $50B from US and European government incentives, customer commitments starting with its first five customers on the 18A process node, and its financial partners. Intel has also secured an additional $11B loan from the US government and a 25% investment tax credit.

In addition to it’s own investment in fab capacity, Intel is partnering with Tower Semiconductor and UMC, two foundries with long and successful histories. Tower will be investing in new equipment to be installed in Intel’s New Mexico facility for analog products, and UMC will partner with Intel to leverage three of the older Arizona fabs and process nodes, starting with the 12nm, to support applications like industrial IoT, mobile, communications infrastructure, and networking.

The second side of this investment is how current and future capacity will be used. As strictly an IDM, Intel has historically capitalized on its investments in the physical fab structures by retrofitting the fabs after three process nodes, on average. While this allowed for the reuse of the structures and infrastructure, it eliminated support for older process nodes, which are important for many foundry customers. According to Omdia Research, less than 3% of all semiconductors are produced on the latest process nodes. As a result, Intel is shifting from retrofitting fabs for new process nodes to maintaining fabs to support extended life cycles of older process nodes, as shown in the chart below. This requires additional capacity for newer process nodes.

Apr 5, 2024

School Security Solutions

Posted by in categories: education, robotics/AI, security

Discover AI school safety solutions with security technology from Xtract One. Protect your educational institution with cutting-edge threat detection solutions.

Apr 4, 2024

Microsoft fixes Outlook security alerts bug caused by December updates

Posted by in category: security

Microsoft has fixed an issue that triggers erroneous Outlook security alerts when opening. ICS calendar files after installing the December 2023 Outlook Desktop security updates.

The December Patch Tuesday security updates behind these inaccurate warnings patch the CVE-2023–35636 Microsoft Outlook information disclosure vulnerability, which attackers can exploit to steal NTLM hashes via maliciously crafted files.

These credentials are used to authenticate as the compromised Windows user in pass-the-hash attacks, to gain access to sensitive data or spread laterally on their network.

Page 9 of 142First678910111213Last