Google releases monthly security patches for Android with fixes for 37 vulnerabilities in various components.
Category: security – Page 70
NASA’s Swift Observatory Tracks Potential Magnetic Flip of Monster Black Hole A rare and enigmatic outburst from an active galaxy 236 million light-years away may have been sparked by a magnetic reversal, a spontaneous flip of the magnetic field surrounding its central black hole. In a comprehen.
A device, created at Stevens Institute of Technology, uses millimeter-wave imaging — the same technology used in airport security scanners — to scan a patient’s skin to detect if they have skin cancer. Millimeter-wave rays harmlessly penetrate about 2mm into human skin, so the team’s imaging technology provides a clear 3D map of scanned skin lesions.
A device, created at Stevens Institute of Technology, uses millimeter-wave imaging — the same technology used in airport security scanners — to scan a patient’s skin to detect if they have skin cancer. Millimeter-wave rays harmlessly penetrate about 2mm into human skin, so the team’s imaging technology provides a clear 3D map of scanned skin lesions.
WASHINGTON — Sierra Space says it is making good progress on its first Dream Chaser spaceplane as the company looks ahead to versions of the vehicle that can carry crews and perform national security missions.
The company provided SpaceNews with images of the first Dream Chaser, named Tenacity, being assembled at its Colorado headquarters. The vehicle’s structure is now largely complete, but there is still more work to install its thermal protection system and other components.
“We have the wings on now. It really looks like a spaceplane,” said Janet Kavandi, president of Sierra Space, during a panel at the AIAA ASCENDx Texas conference in Houston April 28, where she played a video showing work building the vehicle.
Builder of infrastructure for drone delivery and eVTOL air taxi vehicles, Urban-Air Port opens its first fully functional vertiport.
Urban-Air Port, the London-based developer of vertiports for delivery drones and electronic takeoff and landing (eVTOL) vehicles like air taxis, has opened the doors of its first functional aerial hub – one of 200 terminals it plans to build around the globe in the near future.
Awaiting those, Urban-Air Port will open the hub to visitors for a look at what future urban air travel will be like (complete with screens listing departing flights and destinations it expects to host). The facility includes off-grid hydrogen eVTOL vehicle charging stations; an elevated takeoff and landing platform; security checks and passenger waiting zones; a cargo drone area; and spaces for its host of retail brand partners.
Renting space and IP addresses on a public server has become standard business practice, but according to a team of Penn State computer scientists, current industry practices can lead to “cloud squatting,” which can create a security risk, endangering sensitive customer and organization data intended to remain private.
Cloud squatting occurs when a company, such as your bank, leases space and IP addresses—unique addresses that identify individual computers or computer networks—on a public server, uses them, and then releases the space and addresses back to the public server company, a standard pattern seen every day. The public server company, such as Amazon, Google, or Microsoft, then assigns the same addresses to a second company. If this second company is a bad actor, it can receive information coming into the address intended for the original company—for example, when you as a customer unknowingly use an outdated link when interacting with your bank—and use it to its advantage—cloud squatting.
“There are two advantages to leasing server space,” said Eric Pauley, doctoral candidate in computer science and engineering. “One is a cost advantage, saving on equipment and management. The other is scalability. Leasing server space offers an unlimited pool of computing resources so, as workload changes, companies can quickly adapt.” As a result, the use of clouds has grown exponentially, meaning almost every website a user visits takes advantage of cloud computing.
GitHub can now block and alert you of pull requests that introduce new dependencies impacted by known supply chain vulnerabilities.
This is achieved by adding the new Dependency Review GitHub Action to an existing workflow in one of your projects. You can do it through your repository’s Actions tab under Security or straight from the GitHub Marketplace.
It works with the help of an API endpoint that will help you understand the security impact of dependency changes before adding them to your repository at every pull request.
CSIS will host a public event on responsible AI in a global context, featuring a moderated discussion with Julie Sweet, Chair and CEO of Accenture, and Brad Smith, President and Vice Chair of the Microsoft Corporation, on the business perspective, followed by a conversation among a panel of experts on the best way forward for AI regulation. Dr. John J. Hamre, President and CEO of CSIS, will provide welcoming remarks.
Keynote Speakers:
Brad Smith, President and Vice Chair, Microsoft Corporation.
Julie Sweet, Chair and Chief Executive Officer, Accenture.
Featured Speakers:
Gregory C. Allen, Director, Project on AI Governance and Senior Fellow, Strategic Technologies Program, CSIS
Mignon Clyburn, Former Commissioner, U.S. Federal Communications Commission.
Karine Perset, Head of AI Unit and OECD.AI, Digital Economy Policy Division, Organisation for Economic Co-Operation and Development (OECD)
Helen Toner, Director of Strategy, Center for Security and Emerging Technology, Georgetown University.
This event is made possible through general support to CSIS.
A nonpartisan institution, CSIS is the top national security think tank in the world.
Visit www.csis.org to find more of our work as we bring bipartisan solutions to the world’s greatest challenges.
Want to see more videos and virtual events? Subscribe to this channel and turn on notifications: https://cs.is/2dCfTve.
MILLIONS of owners of the Samsung Galaxy smartphone face a security threat.
Those with an Android version 9 through 12 are at risk.
Researchers at Kryptowire published a report detailing how they discovered a serious vulnerability in the pre-installed Phone app across multiple models that could enable a hacker to take control of someone’s phone, Forbes reported.