3rd International Conference on Computing and Machine Intelligence (ICMI 2024)

"The 3rd International Conference on Computing and Machine Intelligence (ICMI) aims to bring together researchers and professionals to exchange ideas on the advancement of Computing and Machine Intelligence and its applications in various fields."

Topics of interest include, but are not limited to security and privacy.

"Imperial Opens First Overseas Research and Innovation Center in Singapore"

"Imperial Opens First Overseas Research and Innovation Center in Singapore"

The first research program at Imperial College London's first overseas research and innovation center in Singapore, is a major $20 million grant in collaboration with Nanyang Technological University, Singapore (NTU Singapore), to improve the cybersecurity of medical devices and health data. The IN-CYPHER program will use Imperial's expertise in this area to help Singapore become a global leader in health cybersecurity and Artificial Intelligence (AI) for healthcare.

Submitted by Gregory Rigby on

"Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows"

"Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows"

The Guardio Labs research team discovered a security flaw, dubbed MyFlaw, in the Opera web browser for Microsoft Windows and Apple macOS, which could be used to execute any file on the underlying operating system. The Remote Code Execution (RCE) vulnerability involves My Flow, a feature that allows users to sync messages and files between mobile and desktop devices. According to the company, this is possible through a controlled browser extension, evading the browser's sandbox and the entire browser process. The vulnerability affects both the Opera browser and Opera GX.

Submitted by Gregory Rigby on

"Windows SmartScreen Bug Exploited to Deliver Powerful Info-Stealer"

"Windows SmartScreen Bug Exploited to Deliver Powerful Info-Stealer"

A vulnerability, tracked as CVE-2023-36025, that Microsoft fixed in November 2023, is being used by threat actors to deliver Phemedrone Stealer. By exploiting the vulnerability, attackers can bypass Windows Defender SmartScreen checks and associated prompts. If the victim is tricked into downloading and opening a malicious file, Windows will not warn them if the service finds the file or website potentially malicious.

Submitted by Gregory Rigby on

"Atlassian Warns of Critical RCE Flaw in Older Confluence Versions"

"Atlassian Warns of Critical RCE Flaw in Older Confluence Versions"

Atlassian Confluence Data Center and Confluence Server are vulnerable to a critical Remote Code Execution (RCE) flaw that affects all versions released before December 5, 2023, including out-of-support releases. The vulnerability, tracked as CVE-2023-22527 with a CVSS v3 score of 10.0, is a template injection vulnerability that allows unauthenticated attackers to carry out RCE on impacted Confluence endpoints. The many potential entry points and ability to use the flaw in chained attacks widen its scope to the point where it is difficult to identify definitive exploitation signs.

Submitted by Gregory Rigby on

"Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins"

"Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins"

Security researchers at threat intelligence and incident response firm Volexity have started seeing widespread exploitation of the recently disclosed Ivanti Connect Secure VPN appliance vulnerabilities. The researchers warned on January 10 that they had seen threat actors, a group tracked as UTA0178 and likely linked to China, exploiting two Ivanti VPN zero-day vulnerabilities in an attempt to gain access to internal networks and steal information. The vulnerabilities are an authentication bypass flaw tracked as CVE-2023-46805 and a command injection issue tracked as CVE-2024-21887.

Submitted by Adam Ekwall on

"Email Nightmare: 94% of Firms Hit by Phishing Attacks in 2023"

"Email Nightmare: 94% of Firms Hit by Phishing Attacks in 2023"

According to security researchers at Egress, email security remained top of mind for cybersecurity professionals in 2023 as over nine in ten (94%) cyber decision-makers had to deal with a phishing attack.  This is up 2% from the previous year.  The researchers found that the top three phishing techniques used throughout 2023 were malicious URLs, malware or ransomware attachments, and attacks sent from compromised accounts.

Submitted by Adam Ekwall on

"New Material Found by AI Could Reduce Lithium Use in Batteries"

"New Material Found by AI Could Reduce Lithium Use in Batteries"

Security researchers at Microsoft and the Pacific Northwest National Laboratory (PNNL) have used artificial intelligence (AI) and supercomputing to discover a brand new substance which could reduce lithium use in batteries.  The researchers say that the material could potentially reduce lithium use by up to 70%.  Since its discovery, the new material has been used to power a lightbulb.

Submitted by Adam Ekwall on

"Over 178K SonicWall Firewalls Vulnerable to DoS, Potential RCE Attacks"

"Over 178K SonicWall Firewalls Vulnerable to DoS, Potential RCE Attacks"

Security researchers at Bishop Fox have found over 178,000 SonicWall next-generation firewalls (NGFW) with the management interface exposed online are vulnerable to denial-of-service (DoS) and potential remote code execution (RCE) attacks.  The researchers noted that these appliances are affected by two DoS security flaws tracked as CVE-2022-22274 and CVE-2023-0656, the former also allows attackers to gain remote code execution.

Submitted by Adam Ekwall on

"Juniper Networks Patches Critical Remote Code Execution Flaw in Firewalls, Switches"

"Juniper Networks Patches Critical Remote Code Execution Flaw in Firewalls, Switches"

Juniper Networks has recently published more than two dozen security advisories to inform customers about well over 100 vulnerabilities affecting its products, with a majority of the flaws impacting third-party components.  The company has released patches and mitigations for the vulnerabilities, most of which affect its Junos operating system.  The most serious of the flaws is CVE-2024-21591, which affects Junos OS on SRX series firewalls and EX series switches.

Submitted by Adam Ekwall on
Subscribe to