Safeguarding Secrets From Quantum Spying

source: axios.com (contributed by FAN, Bill Amshey)  |  image: pexels.com

 

The National Institute of Standards and Technology has released its highly anticipated standards for protecting encrypted data from future quantum technologies.

Why it matters: China and other foreign foes are likely already collecting encrypted U.S. secrets with the hopes of breaking into them once quantum computing technology catches up.

What’s happening: NIST this week formally approved three post-quantum cryptography standards, marking an important first step in protecting government and critical services from encryption-breaking quantum.

  • IBM researchers developed two of the three standards in collaboration with industry and academic partners.
  • The third standard was developed by a researcher who has since joined IBM.
  • Apple, Meta, Google and some other companies are already implementing these standards.

What’s next: These standards will serve as a blueprint for governments and private-sector organizations around the world.

Go deeper.

U.S. Not Ready for Global War

source: axios.com (contributed by FAN, Bill Amshey) | image: pexels.com

The United States — its citizens, industry, decision-makers and military — is unprepared for a war that could kick off with Russia and China and later engulf the world, Axios’ Colin Demarest writes from a new study.

Why it matters: The Commission on the National Defense Strategy, a congressionally mandated group with members handpicked by Democratic and Republican lawmakers, isn’t known for hyperbole.

  • Its conclusion — that the U.S. “has not kept pace with a worsening situation” — should be a wakeup call.

Here are some of the top-line issues the commission laid out in a 100-plus-page document published this week:

  1. 🇨🇳 China has “largely negated the U.S. military advantage” in the Western Pacific after 20 years of investment.
  2. 🇷🇺 The Pentagon’s portrayal of Russia as an “acute threat” undersells the “ongoing and persistent” nature of the hazards it poses, especially in space and cyber.
  3. 🏭 Stateside production capacity is “grossly inadequate” — meaning a “World War II–style industrial mobilization” is off the table.

 

 

How Telegram Became a Destination for Criminals

source: axios.com (contributed by FAN, Bill Amshey)  |  image: pexels.com

 

Telegram has long been a hotbed for cybercriminal gangs boasting about their attacks and looking to recruit new members.

Why it matters: Billionaire Telegram CEO Pavel Durov’s arrest over the weekend has put a spotlight on what policies Telegram does — and doesn’t — have to deter cybercriminals and extremist groups who use its platform.

The big picture: Telegram’s relaxed content moderation policies and encrypted service offerings have made it an attractive destination for cybercriminals, terrorism organizations and drug dealers.

  • Terrorist organizations, including ISIS, have used Telegram to publicly claim responsibility for attacks.
  • Politically motivated hackers — including those tied to the war in Ukraine and the Israel-Hamas war — also post about their crimes in public Telegram forums.

Experts say Telegram has unique features that — taken in combination — hackers have been able to abuse in an effort to hide their activities.

  • Secret Chats allows users to turn on end-to-end encryption.
  • That means Telegram has no way of seeing what’s discussed in Secret Chat conversations. Users also can’t forward these messages, which can self-destruct — making it even harder for third parties to intercept their contents.
  • Apple Messages and WhatsApp messages are also encrypted by default, but neither allows users to sign up with a virtual phone number.
  • Telegram accounts don’t need to be linked to a SIM card, Taisiia Garkava, an intelligence analyst at Intel 471, told Axios.

Continue reading “How Telegram Became a Destination for Criminals”

Deploying Deepfake Detection

source: cnet.com  |  image: pexels.com

 

Deepfake video, photo and audio programs have benefited from the same AI boost as other software programs, which is … worrisome, to say the least. But security software company McAfee is hoping AI can play a role in solving the problem. The company unveiled the McAfee Deepfake Detector this week, and folks with Lenovo’s new Copilot-Plus PCs will be the first to get the chance to try out the tool. It scans audio in videos you come across online to alert you to potential deepfakes, but it won’t work if the sound is off. It also can’t determine if photos are deepfakes.

I don’t mind admitting that deepfakes are one of the consequences of AI that keep me up at night. We’ve seen a lot of AI-generated content used for jokes and memes — remember that one of the pope in a puffy white coat? — but it can also be used maliciously, such as to spread political disinformation. So, for my two cents, any effort to take a closer look at questionable material online is a good one.

Ticketmaster warns customers to take action after hack

source: bbc.com (contributed by FAN, Steve Page)  |  image: pixabay.com

 

Ticketmaster customers in North America have been sent emails warning them to take action after the company was hacked in May.

Emails were sent overnight to Canadian customers, urging them to “be vigilant and take steps to protect against identity theft and fraud.”

The company has not commented on the notification process – however similar emails have reportedly been sent to victims in the US and Mexico.

The personal details of 560 million Ticketmaster customers worldwide were stolen in the hack – with cyber criminals then attempting to sell that information online.

 

 

China and Russia, two sides of a vise

   

source: axios.com (contributed by FAN, Bill Amshey)  |  images: pixabay.com & pexels.com

 

The complementary scheming of Russia and China dominated discussions among some of the world’s highest-ranking military and political officials at the Aspen Security Forum.

Why it matters: To hear the national security brain trust tell it in Colorado, Western primacy is in a vise, with Moscow and Beijing together applying the pressure.

Here are a few examples, laid bare at last week’s conference, where the U.S. and its allies are being challenged:

  • In space, China aims to “displace the United States as the global leader” and exploit it “in a way that is to our detriment,” said Lt. Gen. Jeffrey Kruse, the Defense Intelligence Agency director.
  • When China blew up a satellite in 2007, “they put us on notice,” and “we have only seen their development of counter-space weapons just rapidly, breathtakingly, increase,” said U.S. Space Command boss Gen. Stephen Whiting.
  • Online, Russia peddles disinformation that influences elections. China absconds with sensitive information that springboards its weapons development and broader economy.
  • “If Xi Jinping were sitting on this stage, he would say, ‘Thank you very much for allowing us to cherry-pick, to pick your pocket, of leading technologies and IP,'” said Jon Huntsman Jr., a former U.S. ambassador to China and Russia.
  • On the ground and at sea, Russia and China use their troops to muddle borders. Those nearby document the belligerence, but denunciations have done little to stop them.
  • “If we allow it to become the norm, that a larger state can change its smaller neighbors’ borders with force, then which border remains secure?” said Jonatan Vseviov, the secretary general of Estonia’s Ministry of Foreign Affairs. Continue reading “China and Russia, two sides of a vise”

The new defense disruptors

source: axios.com (contributed by FAN, Bill Amshey) | image: pixabay.com

 

A global technology race, supercharged by a combative China and daily innovation on the Ukrainian front line, is fostering a fresh crop of companies capable of reshaping the U.S. military-industrial complex.

Why it matters: A flood of investment is fueling these artificial intelligence, autonomy, cyber and space specialists at a time when weapons-buying orthodoxy is being questioned.

  • The entrants are feeding a pool of Defense Department suppliers that has for decades consolidated, posing “serious consequences for national security,” according to a 2022 review of industrial base competition.
  • Some of the standouts are dubbed dual-use, serving both commercial and defense markets.

Continue reading “The new defense disruptors”

The biggest data breaches in 2024: 1 billion stolen records… and rising

source: techcrunch.com (contributed by FAN, Steve Page)  |  image: pixabay.com

 

We’re over halfway through 2024, and already this year we have seen some of the biggest, most damaging data breaches in recent history. And just when you think that some of these hacks can’t get any worse, they do.

From huge stores of customers’ personal information getting scraped, stolen and posted online, to reams of medical data covering most people in the United States getting stolen, the worst data breaches of 2024 to date have already surpassed at least 1 billion stolen records and rising. These breaches not only affect the individuals whose data was irretrievably exposed, but also embolden the criminals who profit from their malicious cyberattacks.

Travel with us to the not-so-distant past to look at how some of the biggest security incidents of 2024 went down, their impact, and in some cases, how they could have been stopped. 

Mystery AT&T data leak exposed 73 million customer accounts

Some three years after a hacker teased a published sample of allegedly stolen AT&T customer data, a data breach broker in March dumped the full cache of 73 million customer records online to a known cybercrime forum for anyone to see. The published data included customers’ personal information, including names, phone numbers and postal addresses, with some customers confirming their data was accurate

But it wasn’t until a security researcher discovered that the exposed data contained encrypted passcodes used for accessing a customer’s AT&T account that the telecoms giant took action. The security researcher told TechCrunch at the time that the encrypted passcodes could be easily unscrambled, putting some 7.6 million existing AT&T customer accounts at risk of hijacks. AT&T force-reset its customers’ account passcodes after TechCrunch alerted the company to the researcher’s findings. 

One big mystery remains: AT&T still doesn’t know how the data leaked or where it came from. Continue reading “The biggest data breaches in 2024: 1 billion stolen records and rising”

They Are Using Lab-Grown Human Brains Called “Organoids” To Run Computers

source: zerohedge.com (contributed by FAN, Robert Keach)  |  image: pixabay.com

 

When I first started researching this, I could hardly believe that it was true. A company in Switzerland known as “Final Spark” has constructed a bizarre hybrid biocomputer that combines lab-grown miniature human brains with conventional electronic circuits.  This approach saves an extraordinary amount of energy compared to normal computers, but there is a big problem.  The lab-grown miniature human brains keep wearing out and dying, and so scientists have to keep growing new ones to replace them. 

Stem cells that are derived from human skin tissue are used to create the 16 spherical brain “organoids” that the system depends upon.  I realize that this sounds like something straight out of a really bad science fiction movie, but it is actually happening.

Continue reading “They Are Using Lab-Grown Human Brains Called “Organoids” To Run Computers”

Listening is so last year — Meta’s new tech wants to feel your voice

source: media.hubspot.com (contributed by Artemus founder, Bob Wallace)  |  image: pixabay.com

 

Great news for the vocal fry community: Your vocal cord vibrations could soon be put to good use protecting your data.

Seriously. Meta filed a patent application for user authentication using a “combination of vocalization and skin vibration,” per Patent Drop.

That title is a mouthful, so let’s break it down:
  • Meta wants to replace the need for passwords or fingerprint scanning with voice authentication for accessing systems like its AR headset or smart glasses.
  • But AI has made impersonating someone’s voice really easy, with convincing voice cloning and deep fakes already swirling.
  • So Meta is taking voice authentication one step further by scanning the “vibration of tissue” during speech in addition to one’s voice.
  • When a user says a wake word, a “vibration measurement assembly” picks up the vibrations of their skin and the acoustic waves of their voice to authenticate them.

The combined dataset would create a unique audio fingerprint and, when built into headsets and glasses, would let users access their systems with a single word.

And while no one likes their password getting hacked, the stakes are getting a hell of a lot higher, with new tech poised to start harvesting data directly from our brains.

Sounds interesting

This patent is just the latest of Meta’s voice authentication tech. A separate “user identification with voice prints” patent application would see voice prints integrated into the two-factor authentication process for the company’s social media apps.

And Meta is far from the only company thinking about voice biometrics — the market is projected to hit 11.1B by 2032.

It will only become more important as AI companies crank out new voice generation tools, like OpenAI’s Voice Engine, which can clone someone’s voice using only a 15-second clip of them speaking, or ElevenLabs’ Reader App, which can clone celebrity voices.