Microsoft’s January 2025 update addresses 161 vulnerabilities, including 3 zero-days and 5 critical flaws.
Category: security – Page 2
A weakness in Google’s OAuth “Sign in with Google” feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to various software-as-a-service (SaaS) platforms.
The security gap was discovered by Trufflesecurity researchers and reported to Google last year on September 30.
Google initially disregarded the finding as a “fraud and abuse” issue and not an Oauth or login issue. However, after Dylan Ayrey, CEO and co-founder of Trufflesecurity, presented the issue at Shmoocon last December, the tech giant awarded a $1337 bounty to the researchers and re-opened the ticket.
In today’s AI news, this year coding might go from one of the most sought-after skills on the job market to one that can be fully automated. Mark Zuckerberg said that Meta and some of the biggest companies in the tech industry are already working toward this on an episode of the Joe Rogan Experience on Friday.
In other advancements, NovaSky, a team of researchers based out of UC Berkeley’s Sky Computing Lab, released Sky-T1-32B-Preview, a reasoning model that’s competitive with an earlier version of OpenAI’s o1. “Remarkably, Sky-T1-32B-Preview was trained for less than $450,” the team wrote in a blog post, “demonstrating that it is possible to replicate high-level reasoning capabilities affordably and efficiently.”
And, no company has capitalized on the AI revolution more dramatically than Nvidia. The world’s leading high-performance GPU maker has used its ballooning fortunes to significantly increase investments in all sorts of startups but particularly in AI startups.
Meanwhile, Sir Keir Starmer has green-lit a plan to use the immigration system to recruit a new wave of AI experts and loosen up data mining regulations to help Britain lead the world in the new technology. The recruitment of thousands of new AI experts by the government and private sector is part of a 50-point plan to transform Britain with the new technology.
In videos, newly deployed at Lawrence Livermore National Laboratory, El Capitan — the National Nuclear Security Administration’s (NNSA) first exascale supercomputer, is setting new benchmarks in computing power. At 2.79 exaFLOPs of peak performance El Capitan’s unprecedented capabilities are already impacting scientific computing and making the previously unimaginable a reality.
Exploring the most important questions we face as we age.
Dr. Debra Whitman, Ph.D. is Executive Vice President and Chief Public Policy Officer, at AARP (https://www.aarp.org/) where she leads policy development, analysis and research, as well as global thought leadership supporting and advancing the interests of individuals age 50-plus and their families. She oversees AARP’s Public Policy Institute, AARP Research, Office of Policy Development and Integration, Thought Leadership, and AARP International.
Dr. Whitman is an authority on aging issues with extensive experience in national policy making, domestic and international research, and the political process. An economist, she is a strategic thinker whose career has been dedicated to solving problems affecting economic and health security, and other issues related to population aging.
Improving Global Resilience Against Emerging Infectious Threats — Dr. Nahid Bhadelia, MD — Founding Director, Center on Emerging Infectious Diseases (CEID), Boston University.
Dr. Nahid Bhadelia, MD, MALD is a board-certified infectious diseases physician who is the Founding Director of BU Center on Emerging Infectious Diseases (https://www.bu.edu/ceid/about-the-cen…) as well an Associate Professor at the BU School of Medicine. She served the Senior Policy Advisor for Global COVID-19 Response for the White House COVID-19 Response Team in 2022–2023, where she coordinated the interagency programs for global COVID-19 vaccine donations from the United States and was the policy lead for Project NextGen, $5B HHS program aimed at developing next generation vaccines and treatments for pandemic prone coronaviruses. She also served as the interim Testing Coordinator for the White House MPOX Response Team. She is the Director and co-founder of Biothreats Emergence, Analysis and Communications Network (BEACON), an open source outbreak surveillance program.
Between 2011–2021, Dr. Bhadelia helped develop and then served as the medical director of the Special Pathogens Unit (SPU) at Boston Medical Center, a medical unit designed to care for patients with highly communicable diseases, and a state designated Ebola Treatment Center. She was previously an associate director for BU’s maximum containment research program, the National Emerging Infectious Diseases Laboratories. She has provided direct patient care and been part of outbreak response and medical countermeasures research during multiple Ebola virus disease outbreaks in West and East Africa between 2014–2019. She was the clinical lead for a DoD-funded viral hemorrhagic fever clinical research unit in Uganda, entitled Joint Mobile Emerging Disease Intervention Clinical Capability (JMEDICC) program between 2017 and 2022. Currently, she is a co-director of Fogarty funded, BU-University of Liberia Emerging and Epidemic Viruses Research training program. She was a member of the World Health Organization(WHO)’s Technical Advisory Group on Universal Health and Preparedness Review (UHPR). She currently serves as a member of the National Academies Forum on Microbial Threats and previously served as the chair of the National Academies Workshop Committee for Potential Research Priorities to Inform Readiness and Response to Highly Pathogenic Avian Influenza A (H5N1) and member of the Ad Hoc Committee on Current State of Research, Development, and Stockpiling of Smallpox Medical Countermeasures.
The security of applications is not just a technical issue but a cornerstone of business integrity and continuity.
The aurora borealis, or northern lights, is known for a stunning spectacle of light in the night sky, but this near-Earth manifestation, which is caused by explosive activity on the sun and carried by the solar wind, can also interrupt vital communications and security infrastructure on Earth. Using artificial intelligence, researchers at the University of New Hampshire have categorized and labeled the largest-ever database of aurora images that could help scientists better understand and forecast the disruptive geomagnetic storms.
The research, recently published in the Journal of Geophysical Research: Machine Learning and Computation, developed artificial intelligence and machine learning tools that were able to successfully identify and classify over 706 million images of auroral phenomena in NASA’s Time History of Events and Macroscale Interactions during Substorms (THEMIS) data set collected by twin spacecrafts studying the space environment around Earth. THEMIS provides images of the night sky every three seconds from sunset to sunrise from 23 different stations across North America.
“The massive dataset is a valuable resource that can help researchers understand how the solar wind interacts with the Earth’s magnetosphere, the protective bubble that shields us from charged particles streaming from the sun,” said Jeremiah Johnson, associate professor of applied engineering and sciences and the study’s lead author. “But until now, its huge size limited how effectively we can use that data.”
On Monday, the United Nations’ International Civil Aviation Organization (ICAO) announced it was investigating what it described as a “reported security incident.”
Established in 1944 as an intergovernmental organization, this United Nations agency works with 193 countries to support the development of mutually recognized technical standards.
“ICAO is actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations,” ICAO said in a statement.
A recent campaign targeting browser extensions illustrates that they are the next frontier in identity attacks. Learn more about these attacks from LayerX Security and how to receive a free extension audit.