In our increasingly interconnected digital world, the foundations of secure communication and data privacy are built upon cryptographic algorithms that have stood the test of time.
Discover how quantum computing threatens current API security and learn strategies to prepare your APIs for Q-Day by adopting post-quantum cryptography solutions.
Companies that own or operate critical infrastructure increasingly rely on artificial intelligence. Airports use A.I. in their security systems; water companies use it to predict pipe failures; and energy companies use it to project demand. On Thursday, the U.S. Department of Homeland Security will release new guidance for how such companies use the technology.
The document, a compilation of voluntary best practices, stems from an executive order that President Biden signed more than a year ago to create safeguards around A.I. Among other measures, it directed the Department of Homeland Security to create a board of experts from the private and public sectors to examine how best to protect critical infrastructure. The risks run the gamut from an airline meltdown to the exposure of confidential personal information.
Alejandro N. Mayorkas, the homeland security secretary, first convened the board in May. It includes Sam Altman, the chief executive of OpenAI; Jensen Huang, the chief executive of Nvidia; Sundar Pichai, the chief executive of Alphabet; and Vicki Hollub, the chief executive of Occidental Petroleum.
Google has quietly updated the description of one of Chrome’s security features, “Enhanced protection,” to confirm that it will be powered by AI in a future release.
It’s unclear what has changed, but as spotted by Leo on X, Google is updating its Enhanced protection mode in Chrome’s Safe Browsing feature to include AI-powered protection.
This feature now uses AI to provide real-time protection against dangerous sites, downloads, and extensions.
Discover how a new attack technique bypasses Microsoft’s security, enabling OS downgrade attacks on Windows.
WASHINGTON — The Defense Department should step up support of commercial space companies to take advantage of capabilities that might otherwise be lost, a new report concludes.
That recommendation is among several in a study called Space Agenda 2025 released Oct. 24 by The Aerospace Corporation and its Center for Space Policy and Strategy (CSPS). The report is intended to provide advice to the next administration on key topics in civil, commercial and national security space.
In a briefing held in advance of the report’s release, Sam Wilson, systems director at CSPS, said the Defense Department is benefitting from growing commercial capabilities in areas like commercial remote sensing, much of which was fueled by a boom in private investment in space companies several years ago. Private investment has dropped significantly since a peak in 2021, though, and investors say access to capital remains difficult for space companies today, especially those trying to raise larger, later rounds.
Australia has served up a Secure Innovation Placemat [PDF].
The wide variance in the documents is by design: each Five Eyes nation chose its own approach, although the campaign is a coordinated effort that is billed as “consistent and consolidated advice reflecting both the globalized and interconnected tech startup ecosystem as well as the global nature of the security threats startups face.” And everybody uses placemats.
Whether this advice will break through the “move fast and break things” culture that many startups nurture is anyone’s guess. The Register has reported on security and resilience troubles in the early years at Uber and Lyft, GitLab, and at OpenAI.
Google has announced that multi-factor authentication (MFA) will be mandatory on all Cloud accounts by the end of 2025 to enhance security.
Google Cloud is a product designed for businesses, developers, and IT teams to build, deploy, and manage applications and infrastructure in the cloud.
The mandatory MFA rollout will affect both admins and any users with access to Google Cloud services but not general consumer Google accounts.
Health Innovation For Prevention And Precision At Scale — Dr. Päivi Sillanaukee, MD, Ph.D. — Special Envoy, Health & Wellbeing, Ministry of Social Affairs and Health Finland.
Dr. Päivi Sillanaukee, MD, Ph.D. is Special Envoy for Health and Wellbeing, Ministry of Social Affairs and Health Finland (https://stm.fi/en/rdi-growth-programm…).
Dr. Sillanaukee has over 20 years of experience at highest civil servant administrative positions, both from government, including roles as Director General at Ministry of Social Affairs and Health, Ambassador for Health and Wellbeing at the Ministry for Foreign Affairs, as well as various additional roles in the public sector at the Municipalities and Special Health care district levels.
Can water be harvested from the air to help mitigate water scarcity across the globe? This is what a recent study published in Technologies hopes to address as a team of researchers from The Ohio State University have developed a novel device that can provide faster and more efficient methods for harvesting water from the air compared to longstanding devices, also called atmospheric water harvesting (AWH). This study holds the potential to help regions around the world mitigate the need for access to clean drinking water, as approximately 2 billion people suffer from lack of clean drinking water in their respective regions.
“You can survive three minutes without air, three weeks without food, but only three days without water,” said Dr. John LaRocco, who is a research scientist in the Department of Psychiatry and Behavioral Sciences at The Ohio State University and lead author of the study. “But with it, you can begin to solve a lot of problems, like national security, mental health or sanitation, just by improving the accessibility of clean drinking water.”
For the device, the researchers designed a nickel titanium-based dehumidifier with temperature-sensitive materials, resulting in harvesting greater amounts of water at 0.18 milliliters per watts per hour compared to 0.16 milliliters per watts per hour for traditional harvesters after 30 minutes. Additionally, the temperature-sensitive materials help regulate the amount of heat used during the harvesting process, resulting in approximately half the power needed to use the harvester. Finally, the reduced size of the harvester provides mobility to be used anywhere in the world, whereas traditional harvesters tend to be large and require significant amounts of energy to operate.
A security flaw impacting the Wi-Fi Test Suite could enable unauthenticated local attackers to execute arbitrary code with elevated privileges.
The CERT Coordination Center (CERT/CC) said the vulnerability, tracked as CVE-2024–41992, said the susceptible code from the Wi-Fi Alliance has been found deployed on Arcadyan FMIMG51AX000J routers.
“This flaw allows an unauthenticated local attacker to exploit the Wi-Fi Test Suite by sending specially crafted packets, enabling the execution of arbitrary commands with root privileges on the affected routers,” the CERT/CC said in an advisory released Wednesday.
