Archive for the ‘security’ category: Page 22

May 4, 2023

Finding XSS in a million websites (cPanel CVE-2023–29489)

Posted by in category: security

Application security issues found by Assetnote.

May 2, 2023

How To Use FinOps As A Tool In The Fight Against Rising Cloud Costs

Posted by in categories: economics, security

Scott Sellers is the co-founder and CEO of Azul, with 30 years of experience as an entrepreneur and executive in the technology industry.

For the first time in a decade, controlling cloud costs has surpassed security as the top cloud management challenge facing IT professionals, according to a survey by Flexera. An Andreessen Horowitz study also said that up to $1 trillion in market capitalization is weighed down by overspending in the cloud. Today, challenging economic conditions, rising costs, increasingly stringent performance SLAs and the need for more resources are squeezing organizations that want to remain in the cloud without overspending.

Many organizations still struggle to connect the dots between the value they deliver via the cloud and the costs required to deliver that value. Without a clear understanding of that basic relationship, it is difficult for teams to hold productive conversations about costs. Engineering departments don’t know what to prioritize; cloud architects lack a direction on designing, developing and managing solutions; product managers face difficulties pricing their solutions; and executives wonder where all the money is going.

Apr 27, 2023

Three ways AI chatbots are a security disaster

Posted by in categories: robotics/AI, security

Greshake hid a prompt on a website that he had created. He then visited that website using Microsoft’s Edge browser with the Bing chatbot integrated into it. The prompt injection made the chatbot generate text so that it looked as if a Microsoft employee was selling discounted Microsoft products. Through this pitch, it tried to get the user’s credit card information. Making the scam attempt pop up didn’t require the person using Bing to do anything else except visit a website with the hidden prompt.

In the past, hackers had to trick users into executing harmful code on their computers in order to get information. With large language models, that’s not necessary, says Greshake.

Apr 23, 2023

Task-driven Autonomous Agent Utilizing GPT-4, Pinecone, and LangChain for Diverse Applications

Posted by in categories: robotics/AI, security

NOTE: This article was written by GPT-4 based on the code base. For more info, read this.


In this research, we propose a novel task-driven autonomous agent that leverages OpenAI’s GPT-4 language model, Pinecone vector search, and the LangChain framework to perform a wide range of tasks across diverse domains. Our system is capable of completing tasks, generating new tasks based on completed results, and prioritizing tasks in real-time. We discuss potential future improvements, including the integration of a security/safety agent, expanding functionality, generating interim milestones, and incorporating real-time priority updates. The significance of this research lies in demonstrating the potential of AI-powered language models to autonomously perform tasks within various constraints and contexts.

Apr 19, 2023

Embracing variations: Physicists first to analyze noise in Lambda-type quantum memory

Posted by in categories: computing, particle physics, quantum physics, security

In the future, communications networks and computers will use information stored in objects governed by the microscopic laws of quantum mechanics. This capability can potentially underpin communication with greatly enhanced security and computers with unprecedented power. A vital component of these technologies will be memory devices capable of storing quantum information to be retrieved at will.

Virginia Lorenz, a professor of physics at the University of Illinois Urbana-Champaign, studies Lambda-type optical quantum , a promising technology that relies on light interacting with a large group of atoms. She is developing a device based on hot metallic vapor with graduate student Kai Shinbrough.

As the researchers work towards a practical device, they are also providing some of the first theoretical analyses of Lambda-type devices. Most recently, they reported the first variance-based sensitivity analysis describing the effects of experimental noise and imperfections in Physical Review A.

Apr 18, 2023

Solar-plus-storage is key to future-proofing the energy supply

Posted by in categories: futurism, security

The ‘power couple’ of solar-plus-storage, facilitated by AIoT, will be vital to safeguarding countries’ energy security and reducing geopolitical risks.

Apr 18, 2023

America’s Space Systems Should Be Officially Prioritized As ‘Critical’ U.S. Infrastructure

Posted by in category: security

U.S. needs NASA to play new role in overseeing protection of America’s national security, civil, and commercial space systems, says paper.

Apr 13, 2023

‘Faithful Unto Death’: Robotic dog set to make a comeback to NYPD task force

Posted by in categories: robotics/AI, security

Along with ‘Spot’ the Digidog, the New York Police Department has revealed other new security technologies to improve safety in New York.

The New York Police Department (NYPD) is taking crime control, and public security to the next level by introducing a variety of crime-fighting robots to patrol subway stations throughout New York.

Along with Digidog, the NYPD has revealed a few other new security technologies to improve safety in New York.

Continue reading “‘Faithful Unto Death’: Robotic dog set to make a comeback to NYPD task force” »

Apr 12, 2023

US begins study of possible rules to regulate AI like ChatGPT

Posted by in categories: education, policy, robotics/AI, security

WASHINGTON, April 11 (Reuters) — The Biden administration said Tuesday it is seeking public comments on potential accountability measures for artificial intelligence (AI) systems as questions loom about its impact on national security and education.

ChatGPT, an AI program that recently grabbed the public’s attention for its ability to write answers quickly to a wide range of queries, in particular has attracted U.S. lawmakers’ attention as it has grown to be the fastest-growing consumer application in history with more than 100 million monthly active users.

The National Telecommunications and Information Administration, a Commerce Department agency that advises the White House on telecommunications and information policy, wants input as there is “growing regulatory interest” in an AI “accountability mechanism.”

Apr 8, 2023

Researchers Discover Critical Remote Code Execution Flaw in vm2 Sandbox Library

Posted by in category: security

The maintainers of the vm2 JavaScript sandbox module have shipped a patch to address a critical flaw that could be abused to break out of security boundaries and execute arbitrary shellcode.

The flaw, which affects all versions, including and prior to 3.9.14, was reported by researchers from South Korea-based KAIST WSP Lab on April 6, 2023, prompting vm2 to release a fix with version 3.9.15 on Friday.

“A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox,” vm2 disclosed in an advisory.

Page 22 of 134First1920212223242526Last