Researchers
-
Blog
Are ‘ghost engineers’ stunting productivity in software development? Researchers claim nearly 10% of engineers do “virtually nothing” and are a drain on enterprises
Just under a tenth (9.5%) of software engineers do almost no work, according to new research from academics at Stanford University. One researcher, Yegor Denisov-Blanch, posted the findings to his X account, dubbing the staff who work less than 10% as hard as the median engineer as ‘ghost’ engineers. These engineers do “virtually nothing,” Denisov-Blanch said, and it’s possible that…
Read More » -
Blog
Researchers discover first UEFI bootkit malware for Linux
The first UEFI bootkit specifically targeting Linux systems has been discovered, marking a shift in stealthy and hard-to-remove bootkit threats that previously focused on Windows. Named ‘Bootkitty,’ the Linux malware is a proof-of-concept that works only on some Ubuntu versions and configurations rather than a fully fledged threat deployed in actual attacks. Bootkits are malware designed to infect a computer’s…
Read More » -
Blog
Researchers sound alarm over hackers exploiting critical ProjectSend vulnerability
Researchers have warned that threat actors are actively exploiting a critical vulnerability in a widely-used open source file sharing app. A report from vulnerability intelligence platform VulnCheck warned that potentially thousands of instances of ProjectSend are impacted by a serious flaw rated 9.8 on the CVSS. ProjectSend is an open source file sharing web application used by businesses to securely…
Read More » -
Blog
Researchers claim Fortinet’s FortiJump patch was ‘incomplete’ and left users vulnerable
Fortinet’s patch for FortiJump, a critical missing authentication RCE flaw in FortiManager, left new vulnerabilities on the table for threat actors to exploit, according to new research. A new report from watchTowr Labs described how when trying to recreate the initial FortiJump vulnerability, researchers discovered a series of additional flaws, and one they considered particularly worrying. “[We] stumbled upon a…
Read More » -
Blog
Germany drafts law to protect researchers who find security flaws
The Federal Ministry of Justice in Germany has drafted a law to provide legal protection to security researchers who discover and responsibly report security vulnerabilities to vendors. When security research is conducted within the specified boundaries, those responsible will be excluded from criminal liability and the risk of prosecution. “Those who want to close IT security gaps deserve recognition—not a…
Read More » -
Blog
Data centers will be critical to UK economic growth in the coming decade – but researchers have warned of a ‘data doomsday’ unless energy infrastructure is improved
The UK’s data center industry could grow tenfold by 2035, according to new analysis from techUK, but only if the government takes action on energy supply and planning reforms. A new report from the trade body found data centers are already contributing £4.7 billion in Gross Value Added (GVA) annually to the UK economy, £640 million in tax revenue, and…
Read More » -
Blog
Apple creates Private Cloud Compute VM to let researchers find bugs
Apple created a Virtual Research Environment to allow public access to testing the security of its Private Cloud Compute system, and released the source code for some “key components” to help researchers analyze the privacy and safety features on the architecture. The company also seeks to improve the system’s security and has expanded its security bounty program to include rewards…
Read More » -
Blog
AI isn’t really that smart yet, Apple researchers warn – Computerworld
Not-so-smart smart bots The research does show some strength in the models that are available today. For example, ChatGPT-4o still achieved a 94.9% accuracy rate in tests, though that rate dropped significantly when researchers made the problem more complex. That’s good so far as it goes, but the success rate nearly collapsed — down as much as 65.7% — when…
Read More » -
Blog
Chinese researchers break RSA encryption with a quantum computer
“Many cryptographic algorithms that enterprises rely on today, such as RSA and ECC, are based on mathematical problems that are computationally difficult for classical computers to solve efficiently,” said Prabhjyot Kaur, senior analyst at Everest Group. “However, the advent of quantum computing threatens the security of these algorithms. The need for robust quantum-safe or post-quantum cryptographic solutions becomes increasingly evident…
Read More » -
Blog
Researchers Are Creating AI Scientists, and It’s Going Better Than Expected
Key Takeaways AI scientists can independently develop hypotheses, perform experiments, and write research papers. AI scientists can have bias and make clumsy conclusions due to lack of intuition and experience. The true potential of AI scientists lies in collaboration with human scientists to guide research productively. Researchers are developing an AI that can come up with hypotheses, perform experiments, and…
Read More »