Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Research. Show all posts
Research
AI regulations AI technology AI Tool AI Usage Cyber Security generative AI tools Research

AI Use Linked to Decline in Critical Thinking Skills Among Students, Study Finds

 

A recent study has revealed a concerning link between the increased use of artificial intelligence (AI) tools and declining critical thinking abilities among students. The research, which analyzed responses from over 650 individuals aged 17 and older in the UK, found that young people who heavily relied on AI for memory and problem-solving tasks showed lower critical thinking skills. This phenomenon, known as cognitive offloading, suggests that outsourcing mental tasks to AI may hinder essential cognitive development. 

The study, titled AI Tools in Society: Impacts on Cognitive Offloading and the Future of Critical Thinking, was published in Societies and led by Michael Gerlich of SBS Swiss Business School. The findings indicated a strong correlation between high AI tool usage and lower critical thinking scores, with younger participants being more affected than their older counterparts. Gerlich emphasized the importance of educational interventions to help students engage critically with AI technologies and prevent the erosion of vital cognitive skills.  

Participants in the study were divided into three age groups: 17-25, 26-45, and 46 and older, with diverse educational backgrounds. Data collection included a 23-item questionnaire to measure AI tool usage, cognitive offloading tendencies, and critical thinking skills. Additionally, semi-structured interviews provided further insights into participants’ experiences and concerns about AI reliance. Many respondents expressed worry that their dependence on AI was influencing their decision-making processes. Some admitted to rarely questioning the biases inherent in AI recommendations, while others feared they were being subtly influenced by the technology. 

One participant noted, “I sometimes wonder if AI is nudging me toward decisions I wouldn’t normally make.” The study’s findings have significant implications for educational institutions and workplaces integrating AI tools into daily operations. With AI adoption continuing to grow rapidly, there is an urgent need for schools and universities to implement strategies that promote critical thinking alongside technological advancements. Educational policies may need to prioritize cognitive skill development to counterbalance the potential negative effects of AI dependence. 

As AI continues to shape various aspects of life, striking a balance between leveraging its benefits and preserving essential cognitive abilities will be crucial. The study serves as a wake-up call for educators, policymakers, and individuals to remain mindful of the potential risks associated with AI over-reliance.
Read more »
Technology
GPS Military Quantum Navigation Research Technology

Navigating Without GPS: Quantum Breakthroughs and Their Impact

Navigating Without GPS: Quantum Breakthroughs and Their Impact

From everyday smartphone users to military operations, GPS plays a crucial role in determining precise locations. However, the dependency on GPS comes with its own set of vulnerabilities, including signal disruptions and potential spoofing. Enter the groundbreaking research from Sandia National Laboratories, which promises to revolutionize navigation through quantum technology.

The Quantum Leap in Navigation

Scientists at Sandia National Laboratories have achieved a significant milestone by developing ultra-compact optical chips that power quantum navigation sensors. These sensors utilize atom interferometers, a sophisticated technology that measures the interference patterns of atoms to track position and motion with unparalleled accuracy. Unlike traditional GPS, which relies on satellite signals, quantum navigation sensors operate independently, immune to external disruptions.

How Quantum Navigation Works

At the heart of this innovation lies the principle of quantum mechanics. Atom interferometers work by cooling atoms to near absolute zero temperatures, creating a state where they exhibit both particle and wave-like properties. When these atoms are subjected to laser pulses, they form interference patterns that can be precisely measured. By analyzing these patterns, the sensors can precisely determine changes in position and velocity.

The optical chips developed by Sandia National Laboratories are designed to be ultra-compact, making them suitable for integration into various devices and systems. These chips are capable of maintaining the delicate quantum states of atoms, ensuring accurate measurements even in challenging environments.

Applications and Implications

The potential applications of quantum navigation are vast and transformative. One of the most significant advantages is its ability to function in GPS-denied areas. This is particularly crucial for military operations, where GPS signals can be jammed or spoofed by adversaries. Quantum navigation ensures that military personnel and autonomous vehicles can navigate accurately without relying on external signals.

In addition to military applications, quantum navigation holds promise for the commercial sector. Autonomous vehicles, such as drones and self-driving cars, can benefit from this technology by achieving precise navigation in urban environments where GPS signals are often weak or obstructed. Furthermore, quantum navigation can enhance the accuracy of scientific research, particularly in fields like geology and archaeology, where precise location data is essential.

Overcoming Challenges

While the potential of quantum navigation is immense, there are challenges to overcome before it becomes mainstream. One of the primary challenges is the complexity of maintaining quantum states in real-world conditions. The ultra-cold temperatures required for atom interferometers are difficult to achieve and maintain outside of laboratory settings. However, the development of ultra-compact optical chips is a significant step towards addressing this challenge.

Another challenge is the integration of quantum navigation sensors into existing systems. This requires advancements in both hardware and software to ensure seamless compatibility. Researchers are actively developing robust algorithms and interfaces to facilitate the integration process.

Read more »
User Security
Cyber Attacks Cyber Safety Data Leak Data Privacy Ransom Research School Targets Schools Student Data User Data User Safety User Security

Schools: Prime Targets for Hackers Amid Poor Cybersecurity and Ransom Payments

 

New data indicates that school districts have become highly susceptible to online exploitation, emerging as the primary target for hackers. According to a recent global survey conducted by the British cybersecurity company 

Sophos, a staggering 80% of schools experienced ransomware attacks last year, representing a significant increase from the 56% reported in 2021. This doubling of the victimization rate over two years has led researchers to label ransomware as the most significant cyber risk faced by educational institutions today.

Comparing various industries, schools fared the worst in terms of victimization rates, surpassing even sectors like healthcare, technology, financial services, and manufacturing. 

The survey, which included responses from 400 education IT professionals worldwide, revealed that United States institutions are particularly attractive targets for hacking groups, especially since the events surrounding Russia's invasion of Ukraine.

Two factors have made schools especially vulnerable to cyber threats in the United States. First, the cybersecurity measures in educational settings often lag behind those in major businesses, such as banks and technology companies. Second, schools prove to be easy targets for exploitation due to their willingness to pay ransoms. 

Last year, nearly half of the attacks on schools resulted in ransom payments, further enticing threat actors. Unfortunately, this combination of weak defenses and a readiness to pay has made schools a "double whammy" for hackers, according to Chester Wisniewski, the field chief technology officer of applied research at Sophos.

The motivation to pay ransoms seems to be influenced by insurance coverage. In districts with standalone cyber insurance, 56% of victims paid the ransom, while those with broader insurance policies covering cybersecurity saw a payment rate of 43%. Insurance companies often cover ransom demands, giving them significant sway over which districts comply with the extortion demands.

Elder, a school representative, acknowledges the difficult decisions schools face when dealing with ransomware attacks. While it is essential to safeguard confidential information and protect people, the pressure to manage resources and finances can make the choice challenging.

Ultimately, the data suggests that schools must prioritize and strengthen their cybersecurity practices to avoid falling prey to hackers and ransom demands. 

Relying on insurance alone may not provide a comprehensive solution, as hackers continue to exploit vulnerabilities, and insurance companies struggle to keep pace with evolving threats.
Read more »
Safety
Apps Attack Vectors Cloud Security Cyber Security Data Research Safety

Three Commonly Neglected Attack Vectors in Cloud Security

 

As per a 2022 Thales Cloud Security research, 88% of companies keep a considerable amount (at least 21% of sensitive data) in the cloud. That comes as no surprise. According to the same survey, 45% of organisations have had a data breach or failed an audit involving cloud-based data and apps. This is less surprising and positive news. 

The majority of cloud computing security issues are caused by humans. They make easily avoidable blunders that cost businesses millions of dollars in lost revenue and negative PR. Most don't obtain the training they need to recognise and deal with constantly evolving threats, attack vectors, and attack methods. Enterprises cannot avoid this instruction while maintaining control over their cloud security.

Attacks from the side channels

Side-channel attacks in cloud computing can collect sensitive data from virtual machines that share the same physical server as other VMs and activities. A side-channel attack infers sensitive information about a system by using information gathered from the physical surroundings, such as power usage, electromagnetic radiation, or sound. An attacker, for example, could use statistics on power consumption to deduce the cryptographic keys used to encrypt data in a neighbouring virtual machine.  

Side-channel attacks can be difficult to mitigate because they frequently necessitate careful attention to physical security and may involve complex trade-offs between performance, security, and usability. Masking is a common defence strategy that adds noise to the system, making it more difficult for attackers to infer important information.

In addition, hardware-based countermeasures (shields or filters) limit the amount of data that can leak through side channels.

Your cloud provider will be responsible for these safeguards. Even if you know where their data centre is, you can't just go in and start implementing defences to side-channel assaults. Inquire with your cloud provider about how they manage these issues. If they don't have a good answer, switch providers.

Container breakouts

Container breakout attacks occur when an attacker gains access to the underlying host operating system from within a container. This can happen if a person has misconfigured the container or if the attacker is able to exploit one of the many vulnerabilities in the container runtime. After gaining access to the host operating system, an attacker may be able to access data from other containers or undermine the security of the entire cloud infrastructure.

Securing the host system, maintaining container isolation, using least-privilege principles, and monitoring container activities are all part of defending against container breakout threats. These safeguards must be implemented wherever the container runs, whether on public clouds or on more traditional systems and devices. These are only a few of the developing best practices; they are inexpensive and simple to apply for container developers and security experts.

Cloud service provider vulnerabilities

Similarly to a side-channel attack, cloud service providers can be exposed, which can have serious ramifications for their clients. An attacker could gain access to customer data or launch a denial-of-service attack by exploiting a cloud provider's infrastructure weakness. Furthermore, nation-state actors can attack cloud providers in order to gain access to sensitive data or destroy essential infrastructure, which is the most serious concern right now.

Again, faith in your cloud provider is required. Physical audits of their infrastructure are rarely an option and would almost certainly be ineffective. You require a cloud provider who can swiftly and simply respond to inquiries about how they address vulnerabilities:

Read more »
Research
Ads Data Safety data security Mobile Phones Research

Research Says, Mobile Phones are Listening to Your Conversations

 

You're not alone if you've felt paranoid after your phone displayed an advertisement for a random item you just discussed. If you've recently been discussing it with a friend, seeing an advertisement for the same product can leave you feeling uncomfortable. 

And, while social media platforms have long denied spying on their users, recent studies indicate that businesses are employing a sneaky type of data monitoring system that takes advantage of the devices' microphone systems. According to NordVPN research, businesses are using ultrasonic cross-device tracking to listen to background noise and serve up personalized ads, while charging the company for the privilege.

As per NordVPN, the cross-device tracking method involves apps using ultrasonic "audio beacons" that cannot be heard by the human ear to "link all the devices you own to track your behavior and location." These high-pitched signals can be concealed in TV commercials or online videos.

When your device's microphone picks them up, advertisers can identify what you've been watching or talking about. Different apps on your phone can hear for these beacons to keep track of what you're doing, which is why some apps request access to your microphone.

According to NordVPN's research, nearly half of Brits (45%) claim to have seen an ad for something show up on their phones shortly after talking about it or watching it on TV, without ever searching for it online. Meanwhile, 62% of consumers said they had no idea how to avoid this, and 1 in 8 said the advertisements 'scared' them.

NordVPN’s Adrianus Warmenhoven said: "While it’s impossible to stop the ultrasonic beacons working, you can reduce the chance of your smartphone listening for them by simply restricting unnecessary permissions you have granted the apps on your device."

According to NordVPN, turning off microphone access for apps that don't require it may help. To change the permissions that apps have, go to the Settings menu on your phone and look for a 'Privacy' option. You should be able to see which apps have access to your microphone here and limit it as needed. You can also use a secure browser, such as Brave, Tor, or DuckDuckGo, or get a VPN, which encrypts all of your online activity.
Read more »
Vulnerabilities and Exploits
Data Safety Flaws Rasnomware Research Security Vulnerabilities and Exploits

Rapid7 Report: Attackers are Launching Exploits Faster Than Ever Before

 

Rapid7 has released its latest Vulnerability Intelligence Report, which examines 50 of the most significant security vulnerabilities and high-impact cyberattacks in 2022. The report examines attacker use cases and highlights exploitation trends, as well as provides a framework for understanding new security threats as they emerge. 

According to the report, attackers are developing and deploying exploits faster than ever before. The report includes 45 vulnerabilities that were exploited in the wild, 44% of which were caused by zero-day exploits. In contrast, 56% of the vulnerabilities in the report were exploited within seven days of their public disclosure, a 12% increase over 2021 and an 87% increase over 2020. 

Furthermore, the median time for exploitation in 2022 was only one day. As per the Rapid7 report, only 14 of the vulnerabilities have been exploited to carry out ransomware attacks. Despite ongoing ransomware activity, it is a 33% decrease from 2021.

The decline could imply that ransomware operations have become less reliant on security flaws, but it could also be due to other factors, such as lower reporting of ransomware incidents. Other vulnerability and exploit trends covered in this report include ransomware ecosystem complexity, network perimeter privilege escalation, and the long tail of exploitation across older vulnerabilities.

Caitlin Condon, Rapid7 vulnerability research manager and lead author of the Vulnerability Intelligence Report stated, “Rapid7’s team of vulnerability researchers work around the clock to thoroughly investigate and provide critical context into emergent threats. We produce the annual Vulnerability Intelligence Report to help organizations understand attack trends and proactively address the unique and shared threats they face. The ransomware ecosystem and the cybercrime economy have continued to mature and evolve. As a result, we saw many more ransomware families actively compromising organizations in 2022, which naturally creates challenges for threat tracking and reporting."

Security, IT, and other teams tasked with vulnerability management and risk reduction work in high-pressure, high-stakes environments where separating signal from noise is critical. When a new potential threat arises, information security professionals often need to translate vague descriptions and unproven research artefacts into actionable intelligence for their particular risk models.

Condon further concluded, “Rapid7 is known for its ongoing research initiatives that keep its customers and the broader business community safer. The company is on a mission to create a safer digital world by making cybersecurity simpler and more accessible. We empower security professionals to manage a modern attack surface through our best-in-class technology, leading-edge research, and broad, strategic expertise. Rapid7’s comprehensive security solutions help more than 10,000 global customers unite cloud risk management and threat detection to reduce attack surfaces and eliminate threats with speed and precision. The Rapid7 Insight Platform collects data from across your environment, making it easy for teams to manage vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate your operations.”
Read more »
Security
Cyber Fraud Data Fraud Research Safety Security

One-fifth of British Folks Have Fallen Victim to Online Fraudsters

 

As per F-Secure, millions of UK adults have been victims of digital scammers in the past, but a quarter has no security controls in place to safeguard their online activity. As part of a global Living Secure study into cybersecurity awareness and behavior, the Finnish security vendor polled 1000 Britons. 

It discovered that 19%, or approximately 12.6 million British citizens, had previously been duped by online fraud such as a phishing attack. According to F-Secure, the consequences of these incidents ranged from identity theft to data and password loss and even the theft of life savings. 

Despite spending an average of eight hours per day on the internet, a significant minority still do not protect themselves online, based on a report. One reason could be that many people are scared of the prospect: 60% of respondents said cybersecurity is too complicated.

The report also emphasized a disparity in respondents' attitudes and awareness. While more than three-quarters (77%) said they could spot a scam, nearly two-thirds said they are concerned about their own and their families' online safety, and half (48%) said they have no idea if their devices are secure or not.

According to the FBI, phishing was the most common type of cybercrime in 2021, with identity theft, romance fraud, tech support scams, and investment fraud also ranking among the top ten.

“Our research has highlighted a clear disconnect between what we do online and how vulnerable we feel online, versus the concrete actions we take to reduce that vulnerability,” argued F-Secure CEO, Timo Laaksonen.

“Despite many Britons often feeling unsafe online they still aren’t putting adequate security measures in place. In the physical world you wouldn’t willingly give out passwords and personal data to strangers, so why go online and do it, and risk being a target for online criminals?”

According to the same report, investment and romance fraud cost cybercriminals a total of $2.4 billion that year. The conclusions of the F-Secure report appear to indicate a risk for businesses if employees exhibit the same low levels of security awareness in the workplace as they do at home.
Read more »
security goals
Cyber Security Exabeam IT Industry IT Security IT security experts Prevebtion over Detection Research security goals

A Majority of Security Experts Prioritize Prevention Over Detection


As per a recent report finding, a majority of organizations prefer prevention over detection when it comes to safeguarding their systems. However, a large number of businesses are consequently witnessing data breaches and other cyberattacks, with the severity of these incidents worsening day by day. 

In a survey of 500 IT security experts, Exabeam researchers discovered that nearly two-thirds of their respondents (65%) prioritize prevention over detection as their number one endpoint security objective. For the remaining third (33%), detection remained their utmost priority. 

Late to the Party 

To make the situation worse, the businesses actually act on this idea. The majority (59%) allocate the same amount to detection, investigation, and response, while nearly three-quarters (71%) spend between 21% and 50% of their IT security resources on prevention. 

According to Steve Moore, chief security strategist at Exabeam, the issue with this strategy is that the businesses concentrate on prevention while threat actors are already there, rendering their efforts useless. 

“As is well known, the real question is not whether attackers are on the network, but how many there are, how long they have had access and how far they have gone[…]Teams need to raise awareness of this question and treat it as an unwritten expectation to realign their investments and where they need to perform, paying due attention to adversary alignment and response to incidents. Prevention has failed,” says Moore. 

The majority of responders said yes when asked if they are confident, they can prevent attacks. In fact, 97% of respondents indicated they felt confident in the ability of their tools and processes to detect and stop attacks and data breaches. 

Only 62% of respondents agreed when asked if they could easily inform their boss that their networks were not compromised at the time, implying that over a third were still unsure. 

Exabeam explains that security teams are overconfident and have data to support it. The company claims that 83% of organizations experienced more than one data breach last year, citing industry reports. 

Among the many approaches implemented in order to combat security affairs, most organizations appear to be inclined towards the prevention-based strategy. The reason is, it strives to make systems more resistant to attack. Contrary to detection-based security, this approach is more effective in a variety of situations. 

Implementing a preventive approach could aid a company in significantly reducing the risk of falling prey to a potential cyberattack if it applies appropriate security solutions like firewalls and antivirus software and patches detected vulnerabilities.

Read more »
Subscribe to: Posts (Atom)