Cloudflare Reports Almost 7% of Internet Traffic Is Malicious
The report also highlights the increased importance of application programming interface (API) security. With 60% of dynamic web traffic now API-related, these interfaces are a prime target for attackers. API traffic is growing twice as fast as traditional web traffic. What’s worrying is that many organizations appear not to be even aware of a quarter of their API endpoints. Organizations that don’t have a tight grip on their internet services or website APIs can’t possibly protect themselves from attackers. Evidence suggests the average enterprise application now uses 47 third-party scripts and connects to nearly 50 third-party destinations. Do you know and trust these scripts and connections? You should — each script of connection is a potential security risk. For instance, the recent Polyfill.io JavaScript incident affected over 380,000 sites.
Finally, about 38% of all HTTP requests processed by Cloudflare are classified as automated bot traffic. Some bots are good and perform a needed service, such as customer service chatbots, or are authorized search engine crawlers. However, as many as 93% of bots are potentially bad.
Read more of this story at Slashdot.
Rite Aid Says Breach Exposes Sensitive Details of 2.2 Million Customers
“On June 6, 2024, an unknown third party impersonated a company employee to compromise their business credentials and gain access to certain business systems,” the company said in a filing. “We detected the incident within 12 hours and immediately launched an internal investigation to terminate the unauthorized access, remediate affected systems and ascertain if any customer data was impacted.” Ars Technica’s Dan Goodin reports: RansomHub, the name of a relatively new ransomware group, has taken credit for the attack, which it said yielded more than 10GB of customer data. RansomHub emerged earlier this year as a rebranded version of a group known as Knight. According to security firm Check Point, RansomHub became the most prevalent ransomware group following an international operation by law enforcement in May that took down much of the infrastructure used by rival ransomware group Lockbit.
On its dark web site, RansomHub said it was in advanced stages of negotiation with Rite Aid officials when the company suddenly cut off communications. A Rite Aid official didn’t respond to questions sent by email. Rite Aid has also declined to say if the employee account compromised in the breach was protected by multifactor authentication.
Read more of this story at Slashdot.
Microsoft Unveils a Large Language Model That Excels At Encoding Spreadsheets
The first of these modules involves placing “structural anchors” throughout the spreadsheet to help the LLM understand what’s going on better. It then removes “distant, homogeneous rows and columns” to produce a condensed “skeleton” version of the table. Index translation addresses the challenge caused by spreadsheets with numerous empty cells and repetitive values, which use up too many tokens. “To improve efficiency, we depart from traditional row-by-row and column-by-column serialization and employ a lossless inverted index translation in JSON format,” Microsoft wrote. “This method creates a dictionary that indexes non-empty cell texts and merges addresses with identical text, optimizing token usage while preserving data integrity.” […]
After conducting a “comprehensive evaluation of our method on a variety of LLMs” Microsoft found that SheetCompressor significantly reduces token usage for spreadsheet encoding by 96%. Moreover, SpreadsheetLLM shows “exceptional performance in spreadsheet table detection,” which is the “foundational task of spreadsheet understanding.” The new LLM builds on the Chain of Thought methodology to introduce a framework called “Chain of Spreadsheet” (CoS), which can “decompose” spreadsheet reasoning into a table detection-match-reasoning pipeline.
Read more of this story at Slashdot.
Italy Reconsiders Nuclear Energy 35 Years After Shutting Down Last Reactor
The plan to introduce small modular reactors in Italy could add to the country’s history of failure in nuclear energy, a former Italian lawmaker and researcher argued in Italian outlet Il Fatto Quotidiano, writing that these reactors are expensive and produce too little energy to justify an investment in them.They could also become obsolete within the next decade, the timeline for the government to introduce them, Italian outlet Domani added, and be overtaken by nuclear fusion reactors, which are more efficient and have “virtually no environmental impact.” Italy’s main oil company, Eni, has signed a deal with MIT spinout Commonwealth Fusion System, with the goal of providing the first operational nuclear fusion plant by 2030.
Read more of this story at Slashdot.
OW2: ‘The European Union Must Keep Funding Free Software’
OW2 argues that discontinuing NGI funding would weaken Europe’s technological ecosystem, leaving many projects under-resourced and jeopardizing Europe’s position in the global digital landscape. The letter reads, in part: NGI programs have shown their strength and importance to support the European software infrastructure, as a generic funding instrument to fund digital commons and ensure their long-term sustainability. We find this transformation incomprehensible, moreover when NGI has proven efficient and economical to support free software as a whole, from the smallest to the most established initiatives. This ecosystem diversity backs the strength of European technological innovation, and maintaining the NGI initiative to provide structural support to software projects at the heart of worldwide innovation is key to enforce the sovereignty of a European infrastructure. Contrary to common perception, technical innovations often originate from European rather than North American programming communities, and are mostly initiated by small-scaled organizations.
Previous Cluster 4 allocated 27 millions euros to:
– “Human centric Internet aligned with values and principles commonly shared in Europe”;
– “A flourishing internet, based on common building blocks created within NGI, that enables better control of our digital life”;
– “A structured eco-system of talented contributors driving the creation of new internet commons and the evolution of existing internet commons.”
In the name of these challenges, more than 500 projects received NGI funding in the first 5 years, backed by 18 organizations managing these European funding consortia.
Read more of this story at Slashdot.
The World’s Population Is Projected To Peak At 10.3 Billion In the 2080s
The estimated world population at the end of the century (2100) is now expected to be 6% less than estimates from a decade ago.
However, calculating the number of future people is not a perfect science, with “many sources of uncertainty in estimating the global population,” according to the U.S. Census Bureau. It estimated the world reached 8 billion people last September, while the U.N. timed the milestone nearly one year earlier.
Read more of this story at Slashdot.