No explanation, no warning. 🤣

Earth was hit by an ultra-powerful cosmic ray from a void in the universe, researchers remain clueless about its origin. Named "Amaterasu," this cosmic ray has 244 EeV of energy, making it the second most powerful ever detected. Possible sources include supernova explosions, black hole mergers, and pulsars, but unknown phenomena cannot be ruled out.

Live Science

Earth slammed by ultra-powerful

Researchers recently detected an

A Bitcoin user accidentally pays a record transaction fee of over $3.1 million, overpaying by 120,528 times. The transaction, which transferred 55.77 BTC, was mined by AntPool in block 818,087. It remains unclear whether AntPool will agree to reimburse the fee like in a previous case with F2Pool. https://www.theblock.co/post/264481/bitcoin-user-overpays-3-million-in-fees-for-a-single-transaction

Mathematicians have discovered the ninth Dedekind number, D(9), after 32 years of searching, using a specialized supercomputer. D(9) is a 42-digit monster and follows the 23-digit D(8) discovered in 1991. Dedekind numbers are related to Boolean functions and involve complex calculations with huge numbers.

ScienceAlert

Mathematicians Have Found The Ninth Dedekind Number, After 32 Years of Searching

Undeterred after three decades of looking, and with some assistance from a supercomputer, mathematicians have finally discovered a new example of a...

Kolmogorov complexity, named after the Russian mathematician Andrey Kolmogorov, is a concept from algorithmic information theory that measures the complexity of a data object (such as a string of text, a sequence of numbers, etc.) in terms of the shortest possible description of that object. Specifically, it's defined as the length of the shortest computer program (in binary code) that can produce the object as output when run on a universal reference machine such as a universal Turing machine. The underlying idea behind Kolmogorov complexity is to quantify the amount of information or structure within an object. Here are some key points to understand: 1. Relative to a Universal Description Language: The Kolmogorov complexity of a string is relative to the choice of universal computing device or equivalent formal language used to write the program. However, the choice of machine only affects the complexity by a constant factor. That is, the complexity is machine-independent up to an additive constant, because any universal computing device can simulate any other with at most a fixed overhead. 2. Randomness and Incompressibility: A string is said to have high Kolmogorov complexity if the shortest program that generates it is nearly as long as the string itself. Such strings are considered random or incompressible because there is no simpler description than the string itself. Conversely, a string with a discernible pattern has low Kolmogorov complexity because it can be generated by a short program that describes the pattern. 3. Uncomputability: A crucial aspect of Kolmogorov complexity is that there is no algorithm that can compute the exact Kolmogorov complexity of an arbitrary string. This is a consequence of the halting problem being undecidable: if you could compute the Kolmogorov complexity, you would be able to solve the halting problem, which is known to be impossible. 4. Applications: Kolmogorov complexity is a theoretical construct with applications in several areas of computer science, including the theory of computation, algorithmic randomness, and data compression. It provides a rigorous way to discuss the concept of randomness and complexity of individual objects, rather than just probabilistic ensembles of objects. In summary, Kolmogorov complexity offers a way to objectively measure the complexity of data by asking how concisely the data can be represented. It does so in a manner that is largely independent of the language used to describe the data and is applicable to any object that can be digitally encoded. However, it's important to note that while the concept is well-defined in theory, the uncomputability of Kolmogorov complexity means that it cannot be applied to calculate the exact complexity of real-world data in a general way.

IACR Cryptology ePrint Archive

The Non-Uniform Perebor Conjecture for Time-Bounded Kolmogorov Complexity is False

The Perebor (Russian for “brute-force search”) conjectures, which date back to the 1950s and 1960s are some of the oldest conjectures in comple...

Oh, this is really interesting! Researchers have discovered that some viruses, like the bacteriophage M13, can actually generate electricity when their coat of proteins is melted. This is known as pyroelectricity, and it could have some really cool applications in bioengineering. The researchers think that this discovery could lead to the development of new devices that use viruses as a power source. It's wild to think that something as small as a virus could be used to generate electricity! https://www.the-scientist.com/news/a-virus-that-generates-electricity-71501

The #SEC has deferred making a decision on whether to approve the #ETF, which would allow investors to trade #Bitcoin directly on the stock market. The deferral comes despite growing optimism that an approval is coming soon. There are a number of potential benefits to a spot Bitcoin ETF, including greater transparency and security for investors, as well as the potential to attract more institutional investors to the cryptocurrency market.

Yahoo Finance

SEC Punts on Decision on Hashdex, Grayscale Crypto ETFs

Delays on spot bitcoin, ether ETFs come as expectations for approval mount.

Nevada-based research firm Del Complex plans to launch the BlueSea Frontier Compute Cluster, a floating data center containing over 10,000 Nvidia H100 GPUs, aimed at capitalizing on AI advances and evading AI regulations. The BSFCC aims to operate as a "sovereign nation-state" in international waters, offering sanctuary from AI regulations while potentially seeking international statehood recognition. Challenges include securing funding, establishing shore support for essentials like food, water, and internet connectivity, and potential trade limitations imposed by nation-states on the BSFCC's deregulated research.

XDA

A large computing cluster at sea might have big implications for AI legislation

A floating AI-focused data center might sound outlandish, but there’s more than meets the eye here. We’ll dig into the reasons why.

A network of fake Twitter accounts are impersonating crypto security firms to phish panicked victims, stealing over $300,000 in assets so far.

Web3 is Going Just Great

Network of fake Twitter accounts impersonating crypto security firms phish panicked victims

On the evening of November 14 I logged on to Twitter to notice that #OpenSeaHackAlert and related hashtags were trending. But they were trending no...

Despite repeated warnings, developers continue to embed sensitive credentials such as keys, tokens, and passwords in their source code, leading to security breaches, as evidenced by Uber's 2015 incident and the thousands of secrets found in Python projects on PyPI. This widespread issue persists across various programming languages and repositories, with some exposed credentials still active and posing security risks. Secure alternatives for credential management do exist, such as environment files and secret management services provided by cloud platforms.

Ars Technica

Developers can’t seem to stop exposing credentials in publicly accessible code

Many transgressions come from "very large companies that have robust security teams."

Google is adjusting their search rankings to prioritize first-hand knowledge and personal experiences, rather than just relying on information that's been gathered and aggregated from other sources. This means that when you search for something, you'll be more likely to see results from people who have firsthand knowledge or personal experience with the topic, rather than just information that's been repackaged and rehashed from other sources. This should make it easier to find authentic, relevant information on the things you're searching for.

Search Engine Journal

Google Alters Search Rankings To Prioritize First-Hand Knowledge

Google announced changes to Search to prioritize content that demonstrates first-hand knowledge, and a new way to deliver personalized results.

Living off the land attacks, or LOTL attacks, are a growing concern for IT departments because they are particularly difficult to detect and prevent. These attacks use legitimate software and functions already present in a system to perform malicious actions, making them harder to identify and stop than traditional malware attacks. This type of attack is particularly effective against organizations with limited security resources or those that have not implemented robust security protocols. IT departments need to be aware of LOTL attacks and take steps to protect their systems against them, such as implementing multifactor authentication, limiting user privileges, and regularly updating security software.

Redmondmag

Why IT Should be Concerned with

What was once a somewhat novel attack approach has gained popularity in the face of rising nation-state threat actors.

Scientists at UT Southwestern Medical Center have developed a device that keeps a brain alive and functioning independently from the body. The device, called extracorporeal pulsatile circulatory control, successfully maintained brain activity for five hours in an experiment with a pig brain isolated from the body. This breakthrough could lead to new research opportunities for studying the brain and potential advancements in brain transplants.

The Independent

Scientists invent device to keep brain alive while severed from the body

Device allows new technology and research that has ‘never been done’, scientists say

Kaspersky predicts that in 2024, cyber threats will evolve to target mobile and smart devices, involve more advanced botnets and kernel rootkits, and include cyber elements in geopolitical conflicts as well as advancements in AI-assisted spear-phishing.

Securelist

Kaspersky Security Bulletin: APT predictions 2024

Kaspersky researchers review APT predictions for 2023 and current trends in the advanced threat landscape, and try to predict how it will develop i...

On November 14, 2023, Microsoft's security update addressed 57 vulnerabilities, including three critical zero-day flaws affecting Windows systems and Microsoft Office. Among the vulnerabilities, CVE-2023-36033 and CVE-2023-36036 allow elevation of privilege, while CVE-2023-36025 can bypass Windows Defender SmartScreen. Cisco Talos identified a remote code execution vulnerability in Excel, and new Snort rules have been released to help detect and prevent exploitation of these security issues.

Cisco Talos Blog

Microsoft discloses only three critical vulnerabilities in November’s Patch Tuesday update, three other zero-days

In all, this set of vulnerabilities Microsoft patched includes 57 vulnerabilities, 54 of which are considered “important.”

The Australian Taxation Office has recently clarified its stance on capital gains #tax treatment of decentralized finance and wrapped #cryptocurrency tokens. According to the guidance, CGT will apply to wrapped tokens and #DeFi activities, such as lending and borrowing. This means that individuals who engage in these activities will be required to report capital gains and losses to the ATO. The move is aimed at increasing #transparency and #compliance in the #cryptocurrency space, and ensuring that taxpayers pay their fair share of #taxes.

Cointelegraph

Australia to impose capital gains tax on wrapped cryptocurrency tokens

“The capital proceeds for the CGT event are equal to the market value of the property you receive in return for transferring the crypto asset,”...

Oh man, the #CacheWarp attack is serious business! It's a vulnerability in AMD's Secure Encrypted Virtualization technology which could allow an attacker to escalate privileges and access encrypted virtual machines. The researchers who discovered the #vulnerability say that it's caused by a #flaw in the way that AMD's processors handle certain types of #memory operations. The good news is that #AMD has already released a patch to fix the issue, so if you're running an AMD system, it's important to #update your software as soon as possible. It's a reminder that even the most #secure technologies can be #vulnerable to sophisticated #attacks.

The Hacker News

CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs

Researchers uncover new "CacheWarp" attack on AMD's SEV technology. It could lead to privilege escalation in encrypted VMs.

Bitcoin #wallets older than 2016 could be #vulnerable to critical #security flaws, potentially putting over $1 billion at risk. Many wallets were built on open-source software with weak random number generators, making them susceptible to brute-force #attacks. Unciphered has contacted over a million people to address the issue, but millions more may be affected with no direct way to notify them.

Gizmodo

Millions of Old Bitcoin Wallets Have Critical Security Flaws, Experts Say

If you're using a wallet older than 2016, you need to act fast.

African elephants in Kenya have distinct vocalizations for individuals in their social groups, suggesting that they give each other names. This discovery makes elephants the first non-human animals known to address each other using names. The research highlights the complexity of elephant communication and their ability to keep in touch with specific individuals across a large landscape.

Live Science

Elephants give each other names — the 1st non-human animals to do so, study claims

Elephants in Kenya