Lifeboat Foundation

Image: Business Wire

Over half of the 415 vulnerabilities found in industrial control systems (ICS) were assigned CVSS v.3.0 base scores over 7 which are designated to security issues of high or critical risk levels, with 20% of vulnerable ICS devices being impacted by critical security issues.

As detailed in Kaspersky’s “Threat landscape or industrial automation systems H2 2018”, “The largest number of vulnerabilities affect industrial control systems that control manufacturing processes at various enterprises (115), in the energy sector (110), and water supply (63).”

Continue reading “20% of Industrial Control Systems Affected by Critical Vulnerabilities” »

Deep Science AI made its debut on stage at Disrupt NY 2017, showing in a live demo how its computer vision system could spot a gun or mask in CCTV footage, potentially alerting a store or security provider to an imminent crime. The company has now been acquired in a friendly merger with Defendry, which is looking to deploy the tech more widely.

It’s a great example of a tech-focused company looking to get into the market, and a market-focused company looking for the right tech.

The idea was that if you have a chain of 20 stores, and 3 cameras at each store, and people can only reliably keep an eye on 8–10 feeds at a time, you’re looking at a significant personnel investment just to make sure those cameras aren’t pointless. If instead you used Deep Science AI’s middle layer that highlighted shady situations like guns drawn, one person could conceivably keep an eye on hundreds of feeds. It was a good pitch, though they didn’t take the cup that year.

Continue reading “Deep Science AI joins Defendry to automatically detect crimes on camera” »

SETI for Bracewell probes? Yes please. Years ago Jill Tarter commented that looking for such probes would be worthwhile. These days we hear about Starshot, sending a fleet of lightweight probes to the nearest star within decades which brings into mind the obvious idea that maybe someone else did so long ago.

One objection to SETI is that it is not falsifiable — there is no point at which a lack of signals can prove that extraterrestrial civilizations do not exist. But there are some aspects of SETI that can be falsifiable. Consider a class of objects near enough for us to investigate not only with listening efforts but with probes, one small enough to be thoroughly covered, and one most people know almost nothing about. Could these offer a listening post for ‘Bracewell probes,’ a way of watching the development of our culture and reporting home to ETI? And if so, could we combine SETI with METI to advance both disciplines without compromising our own security?

Continue reading “A SETI Search of Earth’s Co-orbitals” »

We’re used to the security risks posed by someone hacking into our computers, tablets, and smartphones, but what about pacemakers and other implanted medical devices? To help prevent possible murder-by-hacker, engineers at Purdue University have come up with a watch-like device that turns the human body into its own network as a way to keep personal technology private.

Someone could hack into your pacemaker or insulin pump and potentially kill you, just by intercepting and analyzing wireless signals. This hasn’t happened in real life yet, but researchers have been demonstrating for at least a decade that it’s possible.

Before the first crime happens, Purdue University engineers have tightened security on the “internet of body.” Now, the network you didn’t know you had is only accessible by you and your devices, thanks to technology that keeps communication signals within the body itself.

Continue reading “Your body has internet—and now it can’t be hacked” »

Scientists at the University of Rochester’s Laboratory for Laser Energetics have achieved a plasma research first. They were able to convert the liquid metal deuterium to the plasma state and directly observe the interaction threshold.

For the first time, researchers at the University of Rochester’s Laboratory for Laser Energetics (LLE) have found a way to turn a liquid metal into a plasma and to observe the temperature where a liquid under high-density conditions crosses over to a plasma state. Their observations, published in Physical Review Letters, have implications for better understanding stars and planets and could aid in the realization of controlled nuclear fusion — a promising alternative energy source whose realization has eluded scientists for decades. The research is supported by the US Department of Energy and the National Nuclear Security Administration.

What is a Plasma?

Plasmas consist of a hot soup of free moving electrons and ions — atoms that have lost their electrons — that easily conducts electricity. Although plasmas are not common naturally on Earth, they comprise most of the matter in the observable universe, such as the surface of the sun. Scientists are able to generate artificial plasmas here on Earth, typically by heating a gas to thousands of degrees Fahrenheit, which strips the atoms of their electrons. On a smaller scale, this is the same process that allows plasma TVs and neon signs to “glow”: electricity excites the atoms of a neon gas, causing neon to enter a plasma state and emit photons of light.

More and more security holes are appearing in cryptocurrency and smart contract platforms, and some are fundamental to the way they were built.

In field trials, colonies fed mycelium extract from amadou and reishi fungi showed a 79-fold reduction in deformed wing virus and a 45,000-fold reduction in Lake Sinai virus compared to control colonies.

Though it’s in the early stages of development, the researchers see great potential in this research.

“Our greatest hope is that these extracts have such an impact on viruses that they may help varroa mites become an annoyance for bees, rather than causing huge devastation,” said Steve Sheppard, a WSU entomology professor and one of the paper’s authors. “We’re excited to see where this research leads us. Time is running out for bee populations and the safety and security of the world’s food supply hinges on our ability to find means to improve pollinator health.”

Researchers at IBM have recently devised a new technique to virtually patch security vulnerabilities before they are found. Their approach, presented at the International Workshop on Information and Operational Technology, co-located with RAID18, leverages testing techniques for supervised learning-based data generation.

“While researching a solution to find security vulnerabilities in popular software, we paused to think about the following problem: We know practically and theoretically that it is impossible to find all vulnerabilities in an application, and the security community is in a constant race to discover those vulnerabilities in the hope of finding them before the bad guys do,” Fady Copty, lead researcher of the study, told TechXplore. “This means enforcing regulations and constantly deploying security patches to systems.”

Deploying a security patch on an application is a tedious and time-consuming task, which entails a series of steps: identifying the vulnerable version of the application, managing this vulnerability, delivering the patch, deploying it and then restarting the application. Often, patches are deployed over long periods of time, hence applications can remain vulnerable for a period after a vulnerability has been discovered. To speed up this process, researchers have recently introduced virtual patches, which are enforced using intrusion detection and prevention systems.

Continue reading “IBM researchers develop a technique to virtually patch vulnerabilities ahead of threat” »