University of Central Florida's A Team with A Dream wins the 2024 CyberForce Competition(r). The mission of the competition is to equip the next generation of cybersecurity professionals with hands-on experience defending critical infrastructure.

Japan-based startup SmartBank has announced the rise of a USD 26 million funding round, aimed at the development of its personal finance management app. 

UK Startup Naturbeads Secures Series A Round to Further Pioneering Technology That Addresses Worldwide Microplastic Pollution  Business Wire

Amsterdam-based startup Sympower has secured €21mn as it looks to scale its grid-balancing technology. Sympower partners with businesses that use a large amount of electricity. It gains access to some of their energy assets and can turn them on and off when the grid requires balancing — a process called demand response. Sympower’s software platform uses AI to analyse data and optimise when and how much power businesses can sell at any given time, making energy use adjustments more effective and profitable for all parties.  Grid operators pay Sympower to stabilise the energy supply. The company passes most of that…

This story continues at The Next Web

Republicans will maintain their slim majority in the House, surpassing the 218-member threshold and cementing GOP control in the House, Senate, and White House. Democrat Kirsten Engel conceded to Rep. Juan Ciscomani (R-AZ) on Wednesday, pushing Republicans past the 218 votes needed to secure the House majority, according to projections from multiple networks. The Associated Press has […]

The following article, House, Senate Leadership Fights Dominate The Week After GOP Secures Trifecta, was first published on Conservative Firing Line.

This week the U.S. Senate and House of Representatives are scheduled to choose their leadership after Republicans won majorities in the Senate and House in the 2024 elections and President-elect Donald Trump defeated Vice President Kamala Harris for the White House, securing the trifecta for the GOP for the first time since 2016. The Senate …

Continue reading House, Senate Leadership Fights Dominate The Week After GOP Secures Trifecta ...

TOKYO, Nov. 13, 2024 — NEC Corporation has received an order for a next-generation supercomputer system from Japan’s National Institutes for Quantum Science and Technology (QST), under the National Research […]

The post NEC Secures Order for Advanced Supercomputer to Drive Fusion Science Research at Japan’s National Institutes appeared first on HPCwire.

Sterlite Technologies to implement an automation-led fibre deployment approach, utilising drone surveys, GIS mapping, and AI-led network design

Ambani is the richest man in India and Asia with a net worth of USD 98 billion, as per Forbes.

Groov, an embedded lending platform, has raised GBP...

UK-based small business lender iwoca has...

Neo Financial has announced that it...

Electronics and Telecommunications Research Institute (ETRI) announced that they will develop new key technologies for wireless access and wireless backhauling to realize large-capacity and ultra-precision services in ultra-high frequency bands.

Can a NBFC issue unsecured NCD?

It may be surprising to know that there are international regulations for Forex Trading to be followed. Majority of forex traders do not follow the guidelines. It will be safe because maintaining records and compliant to rules and...

The shares of Kalpataru Projects International Limited (KPIL) were trading at ₹1,206.20 down by ₹35.45 or 2.86 per cent on the NSE today at 10.20 am

Lawrence's interpretation, however narrow and flawed, does highlight an indisputable element of Grazzini's tale of Dr. Manente: its cruelty and "monstrosity," traits that, I will argue, provide insight into the social structures of the mid-sixteenth century, particularly those that rely upon coersion and force. In Florence, how did one family--the Medici--secure their power after over a century of struggle, and how did they come to construct a myth of their own legitimacy? ... It is important to remember that, from 1494--when the friar himself gained widespread support and offered a major threat to the rule of the Medici family--until long after his execution in 1498, Savonarola bequeathed a powerful religious and political vision that was not dependent on his leadership for survival--a fact that fascinated the political theorist Niccolo Machiavelli. Savonarola's followers--called the Piagnoni first by their enemies and later, proudly, by themselves--remained politically active after his execution, through the Republic that lasted until 1513, when the first Medici pope, Leo X, used the considerable influence of this position to help his family and their allies to return to Florence, and again after the sack of Rome in 1527, which occurred during the pontificate of another Medici, Clement VII. The Piagnoni continued to be active even after the Medici, first Alessandro and then Cosimo I, openly turned Florence onto the path of absolutism [unlimited, centralized authority and absolute sovereignty] by accepting the [nobility] title of Duke. ... Lorenzo's manipulation of the Church comes into play in the next phase of the beffa. ... At this point, Grazzini emphasizes not only that many friars and priests were ignorant, but, more importantly, that the kind of people Lorenzo elevated to positions of power in the Florentine church hierarchy were either superstitious [occult] or corrupt, criticisms that Savonarola also often made of the Medici.

Hamburg. German developer 4Players has launched ODIN Rooms, a secure, browser-based, decentralized video conferencing platform designed to challenge industry leaders like Microsoft Teams and Zoom. Aimed at corporations, educational institutions, and non-profits, ODIN Rooms offers easy access through a simple URL, with no need for accounts or app installations, and enhances social messaging with enhanced privacy and crystal-clear audio quality.

RxMapper Secures $5.7 Million SAFE Round to Revolutionize DNA-Guided Medication Benefits.

Swiss identity verification provider PXL Vision AG is responding to the growing demands on businesses. With the market launch of the software-as-a-service solution PXL Ident in April this year, the provider is expanding its AI-supported biometric identification process, which offers companies a secure way of verifying identity in online interactions.

Jennewein Biotechnologie GmbH, a worldwide leading manufacturer of human milk oligosaccharides (HMOs) announces today that the U.S. International Trade Commission (ITC) issued on May 19, 2020 a Final Determination finding that one of Jennewein's advanced bacterial production strains for producing 2'-fucosyllactose (2'-FL) does not infringe Complainant Glycosyn's US Patent No. 9,970,018.

Zug, Switzerland, 05.05.21 - 4ARTechnologies, the market leader in art security and digitization announces the next sensation: "We give art creators and collectors the exclusive opportunity to create the world's only secure NFT with our technology." - CEO Niko Kipouros.

Dwudziesta szósta edycja Secure za nami. „Bezpieczeństwo w dobie zmian” – to hasło przewodnie zakończonej właśnie konferencji.

Secure to dwudniowa konferencja poświęcona strategicznym wyzwaniom w cyberprzestrzeni. Wydarzenie odbędzie się w dniach 16-17 kwietnia w Muzeum Historii Polski w Warszawie. Tegoroczna edycja odbywa się pod hasłem "Horyzont cyberwyzwań".

Za nami 27. edycja konferencji Secure. Były to dwa dni wypełnione wiedzą i ważnymi dyskusjami, ale także znakomita okazja do nawiązania kontaktów z innymi specjalistami z dziedziny cyberbezpieczeństwa. Przestrzeń naszej konferencji to miejsce, w którym mogą się spotkać różne spojrzenia, podejścia i aspekty (cyber)bezpieczeństwa.

Published at LXer: Arch Linux has announced a new partnership with Valve, the company behind the Steam gaming platform and Steam Deck. Read More......

Published at LXer: Arch Linux announces a collaboration with gaming giant Valve, focusing on developing a robust build service infrastructure and a secure signing enclave. Read More......

SABRE has secured the first long-term location for SOTO Method, an emerging leader in fitness, solidifying its presence in the New York City market. [PR.com]

If you sell any product via ClickBank then the chances are that it's being stolen right this minute! That's crazy because it is easy to STOP Digital Theft. This is a simple solution for any ClickBank merchant or vendor.

Secure and Fast Downloads. PPC Optimized

Gotomyerp, a leading cloud hosting provider for QuickBooks, SAP, Sage Cloud applications, and other third-party ERP (enterprise resource planning) business applications across the United States, Canada, and Mexico is celebrating its 16th year of offering secure and reliable enterprise cloud hosting solutions for businesses with a special offer for new clientele.

Article warning: If you are paranoid about everything, you should avoid reading this article or it may ruin the Internet for you.

I started converting the Behold Forum over to bbPress. The first thing I had to do was convert all the registered users. To my horror, I discovered that my old Forum stored the passwords as plain text.

That actually was terrible for three reasons. First, if I was a dishonest guy, I could take your password, assume you used the same one at other sites you use, and login as you and do malicious things. Second, since I'm honest and don't even want to know what your password is, if there was someone working for me who had access to the database, they might be dishonest and use your password. Third, since I don't have anyone working for me, if there was a hacker out there who could get into my database, they could use your password.

So I'm not talking here about the "quality" of your password. It doesn't matter if you use a simple 3 letter password, or a complex 29 character password with lower and uppercase and numbers and special characters. If someone can find it out, it doesn't matter how well crafted it is.

WordPress and bbPress are different. They do not store the password in the database. Instead they "hash" the password using the MD5 algorithm and store that hashed value. This is not encryption which makes the password retrievable again. This is a hash which hides the password from everyone, including the owners of the database.

Now I know there have been vulnerabilities found to MD5 and WordPress and others are working to block them, but even so, hashing the password is infinitely safer than leaving it in plain text for the three reasons above.

So that got me wondering. I have about a dozen different passwords at several hundred different sites I use. I wonder how many of them are not hashed but are insecure in plain text in the databases.

In most cases, there actually is an easy way of finding out. Go to a site you've registered with and click on the "lost my password" link. If they email you back your actual password, then they are storing it in text or in some accessible way. If they instead send you a message with a new random password and say your password is reset, then they probably don't have access to it, and all they can do is give you a new one.

Unfortunately, you can't find this out until you've already registered for the site. For people paranoid about this, I guess the trick would be to use a dummy e-mail address and dummy password and register with that, do a lost password request and see what they send back. Then you can decide whether to trust them and register for real.

Credit card information could have the same problem. You can't do the same thing here, since I've never seen a "lost my credit card information" link on a site. You can follow the policy of only giving your credit card to companies you totally trust. That's why PayPal is so popular. You can buy from thousands of companies, but PayPal will be the only one with your number. But do you trust PayPal? I'd trust them more than the various kids working at the corner gas station who get my card number all the time. This is not really a worry though, because credit cards have lots of levels of security and are actually very safe. The credit card companies will protect you from credit card fraud.

But giving out passwords you use can be much worse. What if your userid and password were the same for your PayPal account? That could be very bad.

For those of you who signed up to my Behold Forum, I apologise. I didn't know about this before. I'm transferring your account and an MD5 hash of your current password to the new bbPress forum I am creating, and they'll now be safe.

Version 1.6. The new command line parameter -s (Silent - no errors or warnings) has been added.

[Capital FM] Baku, Azerbaijan -- UN Secretary-General António Guterres declared that securing a climate finance deal at COP29 is critical for developing nations, emphasizing that they "must not leave Baku empty-handed."

February 10, 2006 – Yesterday, the Transportation Security Administration suspended work on Secure Flight; the agencies long awaited and very expensive airline passenger screening system. Development work on the system has been plagued with trouble for the past four years. And the system has faced stiff opposition from consumers concerned about privacy. But if Secure Flight has proven anything, it’s been that it has more lives than most cats. So is this the end of the program? Unfortunately the answer is, “Probably not.”

(Telecompaper) Swisscom has submitted a second set of remedies with a view to securing the approval of the Italian Competition Authority (AGCM) for its intended...

(Telecompaper) Cisco is publicising a deal with consulting firm LTIMindtree to deploy secure edge technology for its hybrid workforce and global consulting client base...

(Telecompaper) SpaceX's Starlink announced that its satellite internet service is now available in Chad, making it the latest African country to approve Starlink's low-Earth orbit (LEO) satellite internet services. Elon Musk announced on his X feed that Chad approved the licensing of Starlink on 11 November to...

(Telecompaper) Rivada announced it has secured new spectrum rights to support its planned satellite constellation and services. In the past year Rivada secured market access for its Outernet constellation in 18 countries and on every continent, including the UK, the Netherlands, Denmark, Finland, Colombia and...

Summary: I'm fairly certain that what I write here won't change the minds that need changing. But I feel like I need to make a statement anyway: your vote is secure.

There's a lot of fear mongering about the security of elections. I've wanted to discuss this for a while. I have several things in my background that have given me insight into how elections work. I was the CIO for the State of Utah. I was a member of the Lt Governor of Utah's voting equipment selection committee. And I've been involved in identity and security for several decades.

Let me give you the headline up front: committing election fraud in a way that changes the result is difficult, nearly impossible. Let's examine how elections are run and how fraud could happen to see why.

First a caveat: there is no single way that US elections are run. Elections in the US are quite decentralized. Each state has different election laws and in most cases the mechanics of running an election are given over to county clerks who must follow state law, but also have freedom to create their own workflows and processes within that law. There are 3244 counties in the US. The analysis that follows is generalized and likely more true of Utah, which I'm very familiar with, than other places. Still, I think the big ideas are largely the same everywhere.

The process of voting is divided into two parts: (1) voter registration and (2) voting. This is important because most people who make up scenarios to convince you that voting is insecure usually ignore voter registration. Registration requires that you provide an address. This is an important piece of information because if you're voting by mail, it's where the ballot will be mailed. If you're voting in person, you need to vote at a specific polling place depending on your address.

When you vote, you either mail back the ballot that was mailed to you at the address you provided or you go to your assigned polling place and fill out a ballot (usually via a voting machine). In either case, the ballot presented to you depends on your address since the candidates listed on your ballot depend on your voting precinct. Also, as of 2024, 35 states require voters to present identification at the polling place in order to vote. Of those that don't, many require it for voters who are voting for the first time after their registration.

Now, let's examine voting fraud and how it might work. One important factor is scale. You need to commit fraud at a scale necessary to impact the outcome. For small elections (say a single state legislative race or a small school board election) you don't need to change a lot of votes to change the outcome in a tight race—hundreds of votes might do it. For larger elections, like the presidential election, scale is a significant issue. I'm going to focus on presidential elections since they are the most consequential. Less consequential elections are not likely to attract the kind of money and talent necessary to commit election fraud.

A second factor is stealth. You have to keep the fraud from being discovered so that it's not reversed. Proving consequential fraud would likely result in the election being challenged and rerun. You don't have to identify who did it, just prove that it was done. So election fraud is much more dependent on not being discovered than commercial transaction fraud where the loss is likely to only be recoverable if the identity of the perpetrator is known.

The nature of presidential elections is greatly influenced by the electoral college system. You need to influence the votes in enough states to swing that state's electoral votes to the candidate you favor. You don't want to commit fraud where it's not needed because you'll waste money while increasing your chances of discovery. So, selecting the states where you want to commit fraud is critical. Each of those states will have different requirements, so you'll have to tailor your attack to each of them. Furthermore, you'll have to tailor your attack to each voting precinct within the counties you determine are the most likely to impact the election.

There are a few ways to attack an election:

• Sending your people to vote—for this to work, your fake voters have to have been registered and, in most cases, provide some form of ID. To register, they need a plausible address. The election office might not notice if one or two extra people with different last names are registered at a specific address, but they might if this is systematic or if an unreasonable number of people register at the same address. Remember that elections are run at the county level, so you have to assume that the election workers have a good understanding of the local environment. These fake voters now have to go to many different polling locations and cast a vote. They can't easily cast multiple ballots at the same polling location since the poll workers might remember them. So, you need lots of people going to lots of different polling locations.
• Intercepting mail-in ballots—for this to work, you have to register at someone else's home address and then get to the mail before they do or steal their ballots after they've filled them in and change the vote. This requires lots of people. You can't do this remotely. It requires "boots on the ground" as the saying goes. Furthermore, those people are exposed since they're looking in mailboxes in neighborhoods where they don't live. Doable, but not very stealthy.
• Paying people to vote—for this to work, you have to contact a lot of people, convince them to commit fraud, and then be satisfied with the fact that you'll never know if they voted for your candidate or not because ballots are secret. They could take your money and vote for whoever they want. Or just not vote at all unless you're supervising them, an activity that will call attention to you and your agents.
• Replacing real ballots with fake ones—for this to work, you have to create realistic facimiles of real ballots for many different polling places (remember they're different because of overlapping jurisdictions), intercept the ballots somewhere in transit or on delivery, and replace the real ballots with ones that you've filled out for your candidate. This likely involves subverting county election workers. Not just one, but many. Again, the risk of discovery goes up with each contact.
• Destroying ballots—for this to work, you need to destroy ballots that are for the candidate you don't want to win. You could simple destroy ballots without regard to how they're filled, but this won't assure you'll meet your goal. To be effective, you have to just destroy the ones for the other candidate and leave the ones for your candidate. Again, you will have to subvert election workers to get your hands on the ballots and determine who the ballot is for.
• Changing the results after the ballots are counted—for this to work, you have to either hack the machines that record the vote or hack the machines that are tabulating the vote. Hacking the machines won't work if the machines keep a paper audit trail and it's used to audit results. Hacking the tabulators means getting access to those machines. Recall those are kept at the county level, so you have to hack many in different locations unless a single county can swing the election your way.

I hope all of this has at least given you a feel for the scale and scope of the problem. Pulling it off successfully without anyone knowing it happened is a difficult problem. Each method involves many people being let in on the secret—in some cases a lot of people. This isn't an operation that a small group of hackers can reliably pull off. Having lots of people involved increases the chances that you'll be discovered. The decentralized and distributed nature of how elections are run is a feature and makes elections more secure and trustworthy.

On top of all this, election officials aren't stupid, lazy, or inept. Sure, you're going to find a few who are. But as a rule the elections officials I've interacted with at the state and county level are professionals who are attuned to these dangers and take active steps to protect against them. They are usually happy to talk about how they operate and will respond to polite requests for information about how they audit systems and the processes they have in place to protect the vote.

As an aside, do you know what's easier than committing election fraud? Using social media to convince people that election fraud is happening to reduce confidence in the election and sow discontent. Then you can use that discontent to challenge a legitimate election and maybe change the outcome. Ask yourself which is more likely.

Successfully changing the results of a presidential election isn't impossible. But the odds of doing so and not leaving any evidence—the perfect crime—are vanishingly small. I have confidence in the security of the US election system.

Photo Credit: Voting from DALL-E (public domain) Prompt: Draw a horizontal picture of a woman casting a ballot with a ballot box

Tags: voting identity security government

As organizations increasingly adopt AI capabilities, the most common and dangerous attacks often go undetected by static code scanning or traditional security methods. The only effective way to stop common AI attacks, such as prompt injection and zero-day vulnerabilities, is through active runtime detection and defense. Operant AI is launching a new 3D Runtime Defense Suite aimed at protecting live cloud applications, including AI models and APIs in their native environments. Because AI applications don't operate in isolation, they need to be secured in the full context of the modern cloud application stack. The 3D Runtime Defense Suite is designed… [Continue Reading]

If you've looked into search engine optimization as a promotional technique for your website, you have likely come across the advice to make your website secure (having an https:// appear in front of your URLs instead of http://). Google has been very vocal in pushing for all websites to make the move to being secure,…

The post How to Make Your WordPress Website Secure (SSL) in 6 Steps appeared first on Sugarrae.

Ding Junhui beats Xu Si 9-6 to set up a final against Chris Wakelin at the International Championship in Nanjing.

Australia claim a Pacific Cup double as their men and women both win the tournament.

A first win in the Premier League for 22 years lifts Town out of the relegation zone.

A sailing club thanks supporters after raising £30,000 towards the cost of a new slipway.