Researchers
-
Blog
Researchers claim Fortinet’s FortiJump patch was ‘incomplete’ and left users vulnerable
Fortinet’s patch for FortiJump, a critical missing authentication RCE flaw in FortiManager, left new vulnerabilities on the table for threat actors to exploit, according to new research. A new report from watchTowr Labs described how when trying to recreate the initial FortiJump vulnerability, researchers discovered a series of additional flaws, and one they considered particularly worrying. “[We] stumbled upon a…
Read More » -
Blog
Germany drafts law to protect researchers who find security flaws
The Federal Ministry of Justice in Germany has drafted a law to provide legal protection to security researchers who discover and responsibly report security vulnerabilities to vendors. When security research is conducted within the specified boundaries, those responsible will be excluded from criminal liability and the risk of prosecution. “Those who want to close IT security gaps deserve recognition—not a…
Read More » -
Blog
Data centers will be critical to UK economic growth in the coming decade – but researchers have warned of a ‘data doomsday’ unless energy infrastructure is improved
The UK’s data center industry could grow tenfold by 2035, according to new analysis from techUK, but only if the government takes action on energy supply and planning reforms. A new report from the trade body found data centers are already contributing £4.7 billion in Gross Value Added (GVA) annually to the UK economy, £640 million in tax revenue, and…
Read More » -
Blog
Apple creates Private Cloud Compute VM to let researchers find bugs
Apple created a Virtual Research Environment to allow public access to testing the security of its Private Cloud Compute system, and released the source code for some “key components” to help researchers analyze the privacy and safety features on the architecture. The company also seeks to improve the system’s security and has expanded its security bounty program to include rewards…
Read More » -
Blog
AI isn’t really that smart yet, Apple researchers warn – Computerworld
Not-so-smart smart bots The research does show some strength in the models that are available today. For example, ChatGPT-4o still achieved a 94.9% accuracy rate in tests, though that rate dropped significantly when researchers made the problem more complex. That’s good so far as it goes, but the success rate nearly collapsed — down as much as 65.7% — when…
Read More » -
Blog
Chinese researchers break RSA encryption with a quantum computer
“Many cryptographic algorithms that enterprises rely on today, such as RSA and ECC, are based on mathematical problems that are computationally difficult for classical computers to solve efficiently,” said Prabhjyot Kaur, senior analyst at Everest Group. “However, the advent of quantum computing threatens the security of these algorithms. The need for robust quantum-safe or post-quantum cryptographic solutions becomes increasingly evident…
Read More » -
Blog
Researchers Are Creating AI Scientists, and It’s Going Better Than Expected
Key Takeaways AI scientists can independently develop hypotheses, perform experiments, and write research papers. AI scientists can have bias and make clumsy conclusions due to lack of intuition and experience. The true potential of AI scientists lies in collaboration with human scientists to guide research productively. Researchers are developing an AI that can come up with hypotheses, perform experiments, and…
Read More » -
Blog
Researchers Develop AI Model That Can Fool CAPTCHA With 100% Accuracy
There’s no doubt that CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) puzzles can get super annoying, especially if you’re trying to book that last-minute plane ticket or are simply trying to log into a website. Yes, the ones where you have to mark stairs, bikes, buses, and crosswalks from a series of grids. Well, that…
Read More » -
Blog
/cdn.vox-cdn.com/uploads/chorus_asset/file/23249791/VRG_ILLO_STK001_carlo_cadenas_cybersecurity_virus.jpg)
Researchers say a bug let them add fake pilots to rosters used for TSA checks
A pair of security researchers say they discovered a vulnerability in login systems for records that the Transportation Security Administration (TSA) uses to verify airline crew members at airport security checkpoints. The bug let anyone with a “basic knowledge of SQL injection” add themselves to airline rosters, potentially letting them breeze through security and into the cockpit of a commercial…
Read More » -
Blog
Researchers find SQL injection to bypass airport TSA security checks
Security researchers have found a vulnerability in a key air transport security system that allowed unauthorized individuals to potentially bypass airport security screenings and gain access to aircraft cockpits. Researchers Ian Carroll and Sam Curry discovered the vulnerability in FlyCASS, a third-party web-based service that some airlines use to manage the Known Crewmember (KCM) program and the Cockpit Access Security…
Read More »