|
|
Loading ...
|
|
|
|
|
pages views since
05/19/2016 : 150004
· Members : 7
· News : 841
· Downloads : 0
· Links : 0
|
|
|
|
|
Breakthrough in Silicon Photonics the Last Missing Piece Now Exist
|
|
|
|
Posted by Okachinepa on 01/17/2025 @
Courtesy of SynEvol
Credit: Forschungszentrum Julich / Jhonny Tiscareno
Researchers from the Leibniz Institute for High Performance Microelectronics (IHP), the University of Stuttgart, Forschungszentrum Jülich (FZJ), and their French partner CEA-Leti have successfully created the first electrically pumped continuous-wave semiconductor laser composed solely of group IV elements, also known as the "silicon group" in the periodic table.
Germanium-tin and silicon-germanium-tin are stacked in ultrathin layers to create this novel laser. Its remarkable direct growth on a silicon wafer makes it the first laser of its kind, opening the door for further developments in on-chip integrated photonics. The esteemed publication Nature Communications has published the research findings.
The need for more potent, energy-efficient hardware is being driven by the Internet of Things' (IoT) and artificial intelligence's (AI) explosive expansion. With its capacity to transmit large volumes of data with minimal energy loss, optical data transmission is already the technique of choice for distances more than one meter and is showing benefits even for shorter distances.
Courtesy of SynEvol
Credit: Forschungszentrum Julich / Jhonny Tiscareno
This advancement suggests that low-cost photonic integrated circuits (PICs), which provide notable cost reductions and enhanced performance, may be found in future microchips.
Monolithically integrating optically active components on silicon chips has advanced significantly in recent years. Important parts have been developed, such as waveguides, photodetectors, and high-performance modulators. However, the absence of an effective electrically pumped light source that solely uses Group IV semiconductors has long been a problem.
Historically, these light sources have been based on III-V materials, which are costly and challenging to integrate with silicon. By filling that gap, this novel laser can be seamlessly integrated into current silicon production methods and is compatible with traditional CMOS technology for chip manufacture. Thus, it might be considered the "final missing piece" in the toolbox of silicon photonics.
The researchers have shown continuous-wave operation in an electrically pumped Group IV laser on silicon for the first time. This new laser uses a low current injection of only 5 milliamperes (mA) at 2 volts (V), which is equivalent to the energy consumption of a light-emitting diode, in contrast to earlier germanium-tin lasers that depended on high-energy optical pumping.
By reducing power consumption and heat generation through its sophisticated multi-quantum well structure and ring geometry, the laser can operate steadily up to 90 Kelvin (K), or minus 183.15 degrees Celsius (°C).
Courtesy of SynEvol
Credit: Forschungszentrum Julich / Jhonny Tiscareno
It is the first completely "usable" Group IV laser, grown on common silicon wafers similar to those used for silicon transistors, however more refinements are required to lower the lasing threshold even more and enable room-temperature operation. A clear route forward is suggested by the success of previous optically pumped germanium-tin lasers, which have transitioned from cryogenic to room-temperature operation in a matter of years.
Whereas an electrically pumped laser produces light when an electrical current flows through the diode, an optically pumped laser needs an external light source to produce the lasing light. Since electrical power is converted directly into laser light, electrically pumped lasers are typically more energy-efficient.
|
|
|
|
The Potential of Floating Solar Panels to Power 100 Million Homes
|
|
|
|
Posted by Okachinepa on 01/17/2025 @
Courtesy of SynEvol
Credit: U.S De;partment of Energy's National Renewable Energy Laboratory
According to a recent study published in Solar Energy, federal reservoirs have a great deal of potential to help meet the country's solar energy needs.
The first thorough analysis of the potential energy output of putting floating solar panel systems on federally owned or regulated reservoirs was carried out by geospatial scientists Evan Rosenlieb and Marie Rivers, as well as Aaron Levine, a senior legal and regulatory analyst at the U.S. Department of Energy's National Renewable Energy Laboratory (NREL). The AquaPV website provides developers with detailed information about each reservoir.
According to the findings, there is a huge potential for these lakes to hold enough floating solar panels to provide up to 1,476 terawatt-hours of electricity yearly, which is enough to light about 100 million households.
The maximum quantity of energy that might be produced if each reservoir contained as many floating solar panels as possible is known as "technical potential," according to Rosenlieb. "We are aware that we cannot develop all of this. However, it would be quite beneficial even if you could develop 10% of what we found.
Levine and Rosenlieb have not yet taken into account the potential effects of wildlife and human activity on the development of floating solar energy on particular reservoirs. However, they intend to overcome this constraint in subsequent research.
This study offers much more precise information about the possibility of floating solar electricity in the US. Additionally, such precision may make it easier for developers to plan projects on U.S. reservoirs and for researchers to evaluate how these technologies align with the nation's larger energy objectives.
The advantages of floating solar panels, or floating PV, are numerous. These buoyed power plants not only produce electricity but also do so without vying for scarce land. Additionally, they chill and shade water bodies, reducing evaporation and conserving precious water resources.
However, Levine stated, "we haven't seen any large-scale installations, like at a large reservoir." "There isn't a single project in the US that is larger than 10 megawatts."
Prior research has attempted to estimate the amount of electricity that the nation could produce using floating solar panels. However, Levine and Rosenlieb are the first to think about which water sources are suitable for these kind of power plants.
For instance, maritime activity creates wakes in some reservoirs that may harm the float infrastructure or mooring lines. Others have sloping bottoms that are too steep, are too chilly, or are too shallow to hold solar panels in place.
However, some hydropower reservoirs might make perfect sites for solar power facilities that float. The power grid may get more dependable and robust electricity from a hybrid energy system that uses both hydropower and solar energy. For instance, solar panels could produce electricity while a hydropower facility pauses to allow the water to replenish if a drought depletes the reservoir.
Additionally, some developers construct completely new bodies of water in order to construct new pumped storage hydropower plants, which move water from one reservoir to another at a higher elevation in order to store and produce energy as needed. Neither humans nor animals rely on these new reservoirs for recreation, habitat, or food (at least not yet), and they are not connected to naturally flowing rivers.
Future research will examine which sites are near transmission lines or power demand, the potential costs of development at particular places, if a site should be avoided to preserve the local environment, and how developers might comply with local, state, and federal regulations. Additionally, the team wants to assess even more possible sites, such as smaller reservoirs, estuaries, and even coastal locales.
|
|
|
|
Malvertising Scam Targets Google Ads Users.
|
|
|
|
Posted by Okachinepa on 01/16/2025 @
Courtesy of SynEvol
Credit: Malwarebytes
Researchers studying cybersecurity have warned of a new malvertising effort that aims to phish for users' credentials through phoney Google ads, targeting both individuals and companies that use Google Ads.
Jérôme Segura, senior head of threat intelligence at Malwarebytes, told The Hacker News that the plan is to "steal as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to fake login pages."
It is believed that the campaign's ultimate objective is to sell the credentials to other criminal actors on underground forums and use them again to continue the activities. Posts on Google's support forums, Bluesky, and Reddit indicate that the threat has been active since at least mid-November 2024.\
The activity cluster has a striking resemblance to operations that use stealer malware to obtain information about Facebook business and advertising accounts, then use the accounts to launch push-out malvertising campaigns that spread the malware.
In order to deliver fake Google Ads advertisements that, when clicked, link visitors to fraudulent websites hosted on Google Sites, the recently discovered effort explicitly targets people who search for Google Ads on Google's own search engine.
Following that, these websites work as landing pages that direct users to external phishing websites that are made to obtain their login credentials and two-factor authentication (2FA) codes using a WebSocket and exfiltrate them to a distant server that is controlled by the attacker.
"The fake ads for Google Ads come from a variety of individuals and businesses (including a regional airport), in various locations," Segura stated. "Some of those accounts already had hundreds of other legitimate ads running."
Courtesy of SynEvol
Credit: Malwarebytes
One clever feature of the campaign is that it makes use of the fact that, provided the domains match, Google Ads does not require the final URL—the page that people see after clicking on the ad—to match the display URL.
This enables the threat actors to maintain the display URLs as ads.google[.]com while hosting their intermediate landing pages on sites.google[.]com. Furthermore, the method involves hiding the phishing infrastructure through cloaking, obfuscation, fingerprinting, anti-bot traffic detection, and a lure modeled after CAPTCHA.
According to Malwarebytes, the stolen login credentials are then misused to access the victim's Google Ads account, create a new administrator, and use their spending funds for phony Google advertisements.
To put it another way, the threat actors are using Google Ads accounts to promote their own advertisements in an effort to increase the number of victims in the expanding number of compromised accounts that are used to further spread the scam.
"There appears to be several individuals or groups behind these campaigns," Segura stated. Interestingly, most of them speak Portuguese and are probably based in Brazil. The intermediary domains used by the phishing infrastructure use the Portuguese top-level domain (TLD),.pt.
"Google's ad guidelines are not broken by this malicious ad activity. In their advertisements, threat actors are permitted to display phony URLs that are identical to authentic ones. Until their security is restored, Google has not yet demonstrated that it takes decisive action to freeze such accounts.
"We specifically forbid advertisements that seek to deceive people in order to steal their information or scam them," a Google representative told The Hacker News in a statement. Our teams are working swiftly to resolve this issue and are currently looking into it."
Google also acknowledged the existence of these malicious ad campaigns and stated that it is constantly monitoring its ad network for misuse and taking enforcement action against advertisers who use their ads to deceive users by hiding or misrepresenting information about their company, goods, or services.
Additionally, it reported that in 2023, it suspended more than 5.6 million advertising accounts, limited more than 5.7 billion ads, and eliminated more than 3.4 billion ads. Its Misrepresentation Policy resulted in the blocking of 206.5 million of these ads.
The revelation follows Trend Micro's discovery that hackers are leveraging websites like SoundCloud and YouTube to spread links to phony installers for pirated versions of well-known software, which eventually results in the spread of several malware families including Amadey and Lumma Vidar Stealer, PrivateLoader, Penguish, Mars Stealer, and Stealer.
"Threat actors often use reputable file hosting services like Mediafire and Mega.nz to conceal the origin of their malware and make detection and removal more difficult," the business stated. "Many malicious downloads are password-protected and encoded, which complicates analysis in security environments such as sandboxes and allows malware to evade early detection."
|
|
|
|
With New Technology, You Can Find Hazardous Gases in Seconds
|
|
|
|
Posted by Okachinepa on 01/12/2025 @
Courtesy of SynEvol
Credit: Florian Sterl
A novel technique for quickly and accurately detecting and identifying tiny levels of gases has been revealed by researchers. This novel technique, called coherently regulated quartz-enhanced photoacoustic spectroscopy, may open the door for extremely sensitive, real-time sensors that are employed in fields such as chemical process control, medical breath analysis, and environmental monitoring.
According to Simon Angstenberger, the research team leader from the University of Stuttgart in Germany, "since most gases are present in small amounts, detecting gases at low concentrations is important in a wide variety of industries and applications." "Our method is not restricted to any particular gas and does not require prior knowledge of the gas that might be present, in contrast to other trace gas detection techniques that rely on photoacoustics."
In just three seconds, the researchers showcased their approach by recording the entire methane spectrum (3050 to 3450 nanometers), which normally takes about half an hour.
"By identifying greenhouse gases like methane, which is a powerful contributor to climate change, this new technology could be used for climate monitoring," Angstenberger added. "It also has potential applications in chemical production plants for process control and the detection of toxic or flammable gas leaks, as well as in early cancer detection through breath analysis."
By examining each gas's distinct light absorption properties, spectroscopy may identify compounds, including gases, by creating a "fingerprint" for each one. Nevertheless, rapid detection of low gas concentrations necessitates not only a fast-tuning laser but also a very sensitive detection mechanism and accurate electrical control of the laser timing.
The researchers employed a laser with a very fast controllable wavelength in the new study that was created recently by partners at Stuttgart Instruments GmbH, a university spin-off. Additionally, they used QEPAS, or quartz-enhanced photoacoustic spectroscopy, as the sensitive detection method. By electronically detecting the vibrations of a quartz tuning fork at a resonance frequency of 12,420 Hz, which is caused by a laser pulsed at the same frequency, this spectroscopy method detects gas absorption. The fork's prongs move as a result of the laser's quick pulses heating the gas between them, producing a detectable piezoelectric voltage.
Although the tuning fork's high quality factor, which causes it to ring for a long time, enables us to detect tiny concentrations using what scientists refer to as resonant improvement, it restricts the rate of acquisition," Angstenberger clarified. This is because the fork continues to move when we switch wavelengths to get the molecule's fingerprint. We must somehow halt the movement in order to measure the next feature.
The researchers came up with a method known as coherent control to get around this issue. This required keeping the laser output power constant while adjusting the pulse time by precisely half a fork oscillation cycle. As a result, when the prongs of the fork move inward, the laser pulse reaches the gas between them. By acting against the prongs' movement as the gas heats up and expands, this method reduces the fork oscillation. The fork stops shaking after a few hundred microseconds of laser light flashing, at which point the subsequent measurement can be taken.
Angstenberger stated, "Ultra-fast identification of gases using their vibrational and rotational fingerprints is made possible by adding coherent control to QEPAS." "We can achieve real-time monitoring with a broad laser tuning range of 1.3 to 18 µm, making it capable of detecting virtually any trace gas, unlike traditional setups limited to specific gases or single absorption peaks."
Using a commercially available QEPAS gas cell and a laser created by Stuttgart Instruments, the researchers tested the new technique by analyzing a pre-calibrated methane mixture that had 100 parts per million of methane in the gas cell. They demonstrated that while the spectral fingerprint is blurred by scanning too quickly with standard QEPAS, it remains distinct and unaltered when using the coherent control approach.
In order to ascertain the new technology's maximum speed and lowest sensing concentration, the researchers intend to investigate its limitations in the future. Additionally, they hope to utilize it to sense several gasses simultaneously.
|
|
|
|
Microsoft Files Lawsuit Against Hacking Group Using Azure AI
|
|
|
|
Posted by Okachinepa on 01/12/2025 @
Courtesy of SynEvol
Credit: Ravie Lakshmanan
A "foreign-based threat–actor group" is being sued by Microsoft for using a hacking-as-a-service infrastructure to purposefully circumvent the security measures of its generative artificial intelligence (AI) services and create offensive and damaging content.
The threat actors "developed sophisticated software that exploited exposed customer credentials scraped from public websites," according to the tech giant's Digital Crimes Unit (DCU), and "sought to identify and unlawfully access accounts with certain generative AI services and purposely alter the capabilities of those services."
After using these services, like Azure OpenAI Service, the enemies made money by selling the access to other malevolent actors and giving them comprehensive instructions on how to utilize these specialized tools to produce damaging content. According to Microsoft, the behavior was identified in July 2024.
In order to stop such conduct from happening again, the Windows manufacturer claimed it has since removed the threat-actor group's access, strengthened its security, and put additional countermeasures in place. Additionally, it claimed to have secured a court order to take control of a website ("aitism[.]net") that was essential to the group's illegal activity.
The widespread use of AI technologies such as OpenAI ChatGPT has also resulted in threat actors misusing them for nefarious purposes, such as creating malware or illegal content. Microsoft and OpenAI have consistently revealed that their services are being used for disinformation campaigns, translation, and reconnaissance by nation-state entities from China, Iran, North Korea, and Russia.
According to court filings, the operation was carried out by at least three unidentified persons who used customer Entra ID authentication details and stolen Azure API credentials to hack Microsoft servers and exploit DALL-E to produce malicious photos in violation of the company's acceptable use policy. Their services and tools are thought to have been employed for similar reasons by seven other parties.
Although it is currently unknown how the API keys are obtained, Microsoft said that the defendants committed "systematic API key theft" from a number of clients, including a number of American businesses, some of which are based in Pennsylvania and New Jersey.
"Using stolen Microsoft API Keys that belonged to U.S.-based Microsoft customers, defendants created a hacking-as-a-service scheme – accessible via infrastructure like the 'rentry.org/de3u' and 'aitism.net' domains – specifically designed to abuse Microsoft's Azure infrastructure and software," according to the filing.
A GitHub project that has since been deleted claims that de3u is a "DALL-E 3 frontend with reverse proxy support." The aforementioned GitHub account was established on November 8, 2023.
Following the capture of "aitism[.]net," the threat actors allegedly attempted to "cover their tracks, including by attempting to delete certain Rentry.org pages, the GitHub repository for the de3u tool, and portions of the reverse proxy infrastructure."
Microsoft saw that in order to illegally create thousands of damaging images using text prompts, the threat actors used de3u and a custom reverse proxy service known as the oai reverse proxy to conduct Azure OpenAl Service API requests using the stolen API keys. What kind of offensive imagery was produced is unknown.
The purpose of the server-based oai reverse proxy service is to route user computer connections into the Azure OpenAI Service via a Cloudflare tunnel, then return the replies to the user's device.
"The de3u software allows users to issue Microsoft API calls to generate images using the DALL-E model through a simple user interface that leverages the Azure APIs to access the Azure OpenAI Service," Redmond stated.
In order to send queries that are intended to resemble authentic Azure OpenAPI Service API calls, the defendants' de3u application uses undocumented Microsoft network APIs to interface with Azure servers. Additional authenticating information and stolen API keys are used to validate these requests.
The use of proxy services to gain unauthorized access to LLM services was brought to light by Sysdig in May 2024 in relation to an LLMjacking attack campaign that used stolen cloud credentials to target AI offerings from Anthropic, AWS Bedrock, Google Cloud Vertex AI, Microsoft Azure, Mistral, and OpenAI. The actors then sold the access to other parties.
In order to accomplish their shared illicit goals, defendants have carried out the operations of the Azure Abuse Enterprise through a coordinated and ongoing pattern of illegal action," Microsoft stated.
"The defendants' illicit behavior pattern extends beyond their attacks on Microsoft. Other AI service providers have been the target and victims of Azure Abuse Enterprise, according to evidence Microsoft has discovered so far.
|
|
Page : ...« 6 7 8 9 [10] 11 12 13 14 »...
|
|
|
 Members
· Admins : 4
· Members : 3 [List]
· Last : MortaBlack
 Who is on-line?
· Guest : 1
· Member : 0
· Admin : 0
|
|
|
|
| Latest wars : | | | | There are yet no matches |
|
|
|
|
