Menu

Blog

Archive for the ‘security’ category: Page 47

Aug 13, 2022

Microsoft blocks UEFI bootloaders enabling Windows Secure Boot bypass

Posted by in categories: computing, security

Some signed third-party bootloaders for the Unified Extensible Firmware Interface (UEFI) could allow attackers to execute unauthorized code in an early stage of the boot process, before the operating system loads.

Vendor-specific bootloaders used by Windows were found to be vulnerable while the status of almost a dozen others is currently unknown.

Threat actors could exploit the security issue to establish persistence on a target system that cannot be removed by reinstalling the operating system (OS).

Aug 13, 2022

Hydrophobic Ice More Common than Thought

Posted by in categories: biotech/medical, finance, mobile phones, robotics/AI, security

Researchers have observed the formation of 2D ice on gold surfaces that were thought to be too hydrophilic and too rough to support this type of ice.


Mobile devices use facial recognition technology to help users quickly and securely unlock their phones, make a financial transaction or access medical records. But facial recognition technologies that employ a specific user-detection method are highly vulnerable to deepfake-based attacks that could lead to significant security concerns for users and applications, according to new research involving the Penn State College of Information Sciences and Technology.

Aug 13, 2022

Deepfakes expose vulnerabilities in certain facial recognition technology

Posted by in categories: biotech/medical, finance, mobile phones, robotics/AI, security

Mobile devices use facial recognition technology to help users quickly and securely unlock their phones, make a financial transaction or access medical records. But facial recognition technologies that employ a specific user-detection method are highly vulnerable to deepfake-based attacks that could lead to significant security concerns for users and applications, according to new research involving the Penn State College of Information Sciences and Technology.

The researchers found that most that use facial liveness verification—a feature of that uses computer vision to confirm the presence of a live user—don’t always detect digitally altered photos or videos of individuals made to look like a live version of someone else, also known as deepfakes. Applications that do use these detection measures are also significantly less effective at identifying deepfakes than what the app provider has claimed.

“In recent years we have observed significant development of facial authentication and verification technologies, which have been deployed in many security-critical applications,” said Ting Wang, associate professor of information sciences and technology and one principal investigator on the project. “Meanwhile, we have also seen substantial advances in deepfake technologies, making it fairly easy to synthesize live-looking facial images and video at little cost. We thus ask the interesting question: Is it possible for malicious attackers to misuse deepfakes to fool the facial verification systems?”

Aug 10, 2022

Off-grid desalination system Wave2O is ready to quench the world’s thirst

Posted by in categories: security, sustainability

Water scarcity is a major global crisis that already affects every continent. Around 1.2 billion people, or almost one-fifth of the world’s population, lack access to safe drinking water. Desalination is the answer to long-term water security, but it’s also expensive, energy-intensive, and often inaccessible to isolated regions. This is why sustainable off-grid desalination systems powered by renewable energy are essential.

But thanks to the innovative microbial desalination cell (MDC) technology that follows a green, low-energy process with electro-active bacteria to desalinate and sterilize seawater, desalination is becoming a viable low-cost solution for water resources in many areas of the world and is putting an end to water scarcity even in isolated regions.

Now, researchers from the EU-funded W20 project have developed an off-grid innovative solution – the world’s first wave-driven desalination system – called Wave2O. The new system can be deployed quickly, operate completely off-grid, and supply large quantities of fresh water at a competitive cost. The technology uses the power of the ocean waves, a consistent and inexhaustible renewable energy source.

Aug 9, 2022

Digital security dialogue: Leveraging human verification to educate people about online safety

Posted by in categories: education, engineering, ethics, internet, security

Online safety and ethics are serious issues and can adversely affect less experienced users. Researchers have built upon familiar human verification techniques to add an element of discrete learning into the process. This way users can learn about online safety and ethics issues while simultaneously verifying they are human. Trials show that users responded positively to the experience and felt they gained something from these microlearning sessions.

The internet is an integral part of modern living, for work, leisure, shopping, keeping touch with people, and more. It’s hard to imagine that anyone could live in an affluent country, such as Japan, and not use the internet relatively often. Yet despite its ubiquity, the internet is far from risk-free. Issues of safety and security are of great concern, especially for those with less exposure to such things. So a team of researchers from the University of Tokyo including Associate Professor Koji Yatani of the Department for Electrical Engineering and Information Systems set out to help.

Continue reading “Digital security dialogue: Leveraging human verification to educate people about online safety” »

Aug 2, 2022

Metaverse Headsets and Smart Glasses are the Next-gen Data Stealers

Posted by in categories: augmented reality, biotech/medical, internet, media & arts, privacy, robotics/AI, security, virtual reality

View insights.


In a paper distributed via ArXiv, titled “Exploring the Unprecedented Privacy Risks of the Metaverse,” boffins at UC Berkeley in the US and the Technical University of Munich in Germany play-tested an “escape room” virtual reality (VR) game to better understand just how much data a potential attacker could access. Through a 30-person study of VR usage, the researchers – Vivek Nair (UCB), Gonzalo Munilla Garrido (TUM), and Dawn Song (UCB) – created a framework for assessing and analyzing potential privacy threats. They identified more than 25 examples of private data attributes available to potential attackers, some of which would be difficult or impossible to obtain from traditional mobile or web applications. The metaverse that is rapidly becoming a part of our world has long been an essential part of the gaming community. Interaction-based games like Second Life, Pokemon Go, and Minecraft have existed as virtual social interaction platforms. The founder of Second Life, Philip Rosedale, and many other security experts have lately been vocal about Meta’s impact on data privacy. Since the core concept is similar, it is possible to determine the potential data privacy issues apparently within Meta.

There has been a buzz going around the tech market that by the end of 2022, the metaverse can revive the AR/VR device shipments and take it as high as 14.19 million units, compared to 9.86 million in 2021, indicating a year-over-year increase of about 35% to 36%. The AR/VR device market will witness an enormous boom in the market due to component shortages and the difficulty to develop new technologies. The growth momentum will also be driven by the increased demand for remote interactivity stemming from the pandemic. But what will happen when these VR or metaverse headsets start stealing your precious data? Not just headsets but smart glasses too are prime suspect when it comes to privacy concerns.

Continue reading “Metaverse Headsets and Smart Glasses are the Next-gen Data Stealers” »

Jul 30, 2022

A self-healing and self-concealing silicon chip ‘fingerprint’ for stronger, hardware security

Posted by in categories: computing, engineering, security

A team of researchers from the National University of Singapore (NUS) has developed a novel technique that allows Physically Unclonable Functions (PUFs) to produce more secure, unique ‘fingerprint’ outputs at a very low cost. This achievement enhances the level of hardware security even in low-end systems on chips.

Traditionally, PUFs are embedded in several commercial chips to uniquely distinguish one from another by generating a secret key, similar to an individual fingerprint. Such a technology prevents hardware piracy, chip counterfeiting and physical attacks.

The research team from the Department of Electrical and Computer Engineering at the NUS Faculty of Engineering has taken silicon chip fingerprinting to the next level with two significant improvements: firstly, making PUFs self-healing; and secondly, enabling them to self-conceal.

Jul 30, 2022

Mission Possible: Securing remote access for classified networks

Posted by in categories: government, security

The two are worlds apart – and that’s a big problem when it comes to recruitment and retainment. On one side is the need to protect American citizens and data from cyber attackers looking to disrupt our way of life by keeping networks and access locked away in a building. On the other side is the best and brightest talent that will bring innovative solutions to our nation’s defense and security organizations who expect flexible remote access – and can easily find it in the private sector.

To maintain our status as a global world power and stay one step ahead of our adversaries, we are going to have to find a balance between the two. To do that, the way we work across the DoD and IC must change.

The Federal government understands the significance of remote access on meeting mission objectives now and in the future. Agency leaders are looking to the private sector for technology that helps them maintain the highest security levels while meeting the ease-of-access demands of today’s worker – and can be implemented quickly. To support this, the National Security Agency developed the Commercial Solutions for Classified (CSfC) program.

Jul 30, 2022

Detecting Deepfake Video Calls Through Monitor Illumination

Posted by in categories: privacy, security

A new collaboration between a researcher from the United States’ National Security Agency (NSA) and the University of California at Berkeley offers a novel method for detecting deepfake content in a live video context – by observing the effect of monitor lighting on the appearance of the person at the other end of the video call.

Jul 29, 2022

Social Media Accounts Hijacked to Post Indecent Images

Posted by in category: security

UK police urges users to switch on two-factor authentication.

Page 47 of 142First4445464748495051Last