Every day we scan the tech world for interesting news in the world of technology and sometimes from outside the world of technology. Every Wednesday, we feature news articles that grabbed our attention over the past week. We hope you find this week’s\u00a0 ‘Wednesday Newsbytes’ informative and interesting!<\/span><\/p>\n Microsoft January 2023 Patch Tuesday fixes 98 flaws, 1 zero-day<\/span><\/strong><\/a><\/p>\n Today (yesterday) is Microsoft’s January 2023 Patch Tuesday, and with it comes fixes for an actively exploited zero-day vulnerability and a total of 98 flaws.<\/span><\/p>\n This is the first Patch Tuesday of 2023, and it fixes a whopping 98 vulnerabilities, with eleven of them classified as ‘Critical.’<\/span><\/p>\n Microsoft gave the vulnerabilities this severity rating as they allow remote code execution, bypass security features, or elevate privileges.<\/span><\/p>\n The number of bugs in each vulnerability category is listed below:<\/span><\/p>\n 39 Elevation of Privilege Vulnerabilities<\/span> Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available…<\/span><\/p><\/blockquote>\n Read more at Bleeping Computer.<\/span><\/strong><\/span><\/a><\/p>\n A fifth of passwords used by federal agency cracked in security audit<\/span><\/strong><\/a><\/p>\n 89% of the department’s high-value assets didn’t use multi-factor authentication.<\/span><\/strong><\/span><\/p>\n More than a fifth of the passwords protecting network accounts at the US Department of the Interior\u2014including Password1234, Password1234!, and ChangeItN0w!\u2014were weak enough to be cracked using standard methods, a recently published security audit of the agency found.<\/span><\/p>\n The audit was performed by the department\u2019s inspector general, which obtained cryptographic hashes for 85,944 employee active directory (AD) accounts. Auditors then used a list of more than 1.5 billion words that included:<\/span><\/p>\n Dictionaries from multiple languages<\/span> The results weren\u2019t encouraging. In all, the auditors cracked 18,174\u2014or 21 percent\u2014of the 85,944 cryptographic hashes they tested; 288 of the affected accounts had elevated privileges, and 362 of them belonged to senior government employees. In the first 90 minutes of testing, auditors cracked the hashes for 16 percent of the department\u2019s user accounts.<\/span><\/p>\n The audit uncovered another security weakness…<\/span><\/p><\/blockquote>\n Read more at Ars Technica.<\/span><\/strong><\/span><\/span><\/a><\/p>\n Microsoft’s New AI Tool Just Needs to Hear Three Seconds of Your Voice to Mimic You<\/span><\/strong><\/span><\/a><\/p>\n VALL-E can preserve the original speaker’s emotional tone and even simulate their acoustic environment.<\/span><\/strong><\/span><\/p>\n Despite how far advancements in AI video generation have come, it still requires quite a bit of source material, like headshots from various angles or video footage, for someone to create a convincing deepfaked version of your likeness. When it comes to faking your voice, that\u2019s a different story, as Microsoft researchers recently revealed a new AI tool that can simulate someone\u2019s voice using just a three-second sample of them talking.<\/span><\/p>\n The new tool, a \u201cneural codec language model\u201d called VALL-E, is built on Meta\u2019s EnCodec audio compression technology, revealed late last year, which uses AI to compress better-than-CD quality audio to data rates 10 times smaller than even MP3 files, without a noticeable loss in quality. Meta envisioned EnCodec as a way to improve the quality of phone calls in areas with spotty cellular coverage, or as a way to reduce bandwidth demands for music streaming services, but Microsoft is leveraging the technology as a way to make text to speech synthesis sound more realistic based on a very limited source sample.<\/span><\/p>\n Current text to speech systems are able to produce very realistic sounding voices, which is why smart assistants sound so authentic despite their verbal responses being generated on the fly. But they require high-quality and very clean training data, which is usually captured in a recording studio with professional equipment…<\/span><\/p><\/blockquote>\n Read more at<\/span> Gizmodo.<\/span><\/strong><\/span><\/a><\/p>\n ChatGPT Writes Well Enough to Fool Scientific Reviewers<\/span><\/strong><\/span><\/a><\/p>\n OpenAI’s text generator repeatedly wrote academic abstracts convincing enough to get past human readers. It could mean trouble for scientific publishing.<\/span><\/strong><\/span><\/p>\n The internet\u2019s new favorite toy, ChatGPT, accomplishes some things better than others. The machine learning-trained chatbot from OpenAI can string together sentences and paragraphs that flow smoothly on just about any topic you prompt it with. But it cannot reliably tell the truth. It can act as a believable substitute for a text-based mental health counselor. But it cannot write a passable Gizmodo article.<\/span><\/p>\n On the list of concerning things the AI text generator apparently can do, though, is fool scientific reviewers\u2014at least some of the time, according to a pre-print study released Tuesday from Northwestern University and University of Chicago researchers. Published academic science relies on a process of article submission and review by human experts in relevant fields. If AI can routinely fool those reviewers, it could fuel a scientific integrity crisis, the new study authors warn.<\/span><\/p>\n In the pre-print, researchers began by picking 50 real, published medical articles. They took the title from each and fed it to ChatGPT with the prompt, \u201cPlease write a scientific abstract for the article [title] in the style of [journal] at [link].\u201d Then, they pooled the real and fake abstracts together for a total of 100 samples. The researchers randomly assigned four medical professionals 25 abstracts to review, ensuring that none of the researchers were given samples with duplicate titles. The study researchers told the subjects that some of the abstracts were fake and some genuine…<\/span><\/p><\/blockquote>\n Read more at Gizmodo.<\/span><\/strong><\/span><\/a><\/p>\n Improved voice typing in Google Docs is coming to more browsers<\/span><\/strong><\/span><\/a><\/p>\n Google Docs\u2019 voice-typing feature, which lets you \u201ctype\u201d and edit text using your voice and a microphone rather than your hands and a keyboard, is getting a couple of key upgrades.<\/span><\/p>\n First is that the feature is expanding to \u201cmost major browsers.\u201d Currently, Google\u2019s support page notes that it\u2019s \u201conly available in Chrome browsers.\u201d Second is that it is being upgraded to \u201creduce transcription errors and minimize lost audio during transcription.\u201d<\/span><\/p>\n As 9to5Google notes, voice typing has been available in Google Docs for over half a decade, allowing users to get words on the (virtual) page even if their hands are full or otherwise not in a position to be able to traditionally type. It can also work as a handy transcription tool in a pinch, though as our guide explains you might be better off with a dedicated piece of transcription software in most cases.<\/span><\/p>\n Frustratingly, although Google\u2019s announcement says the feature is coming to \u201cmost major browsers,\u201d it doesn\u2019t specify exactly which browsers these are…<\/span><\/p><\/blockquote>\n Read more at The Verge<\/span><\/strong><\/span>.<\/span><\/strong><\/span><\/a><\/p>\n Series of Mysterious Antennas Found Throughout Foothills of Salt Lake City<\/span><\/strong><\/a><\/p>\n Authorities in Utah are trying to get to the bottom of a strange mystery involving a series of puzzling antennas that have been discovered throughout the foothills of Salt Lake City. According to a local media report, the peculiar case began approximately a year ago when a handful of the peculiar devices were first found. Since that time and particularly over the last few months, several more of the gadgets have been stumbled upon to the point that Salt Lake City recreational trails manager Tyler Fonarow indicated that “now it might be as much as a dozen.” In addition to sporting an antenna, the curious contraptions also feature a solar panel and a locked battery box.<\/span><\/p>\n Upon being discovered “bolted into different peaks and summits and ridges around the foothills,” Fonarow said, the devices are promptly removed by city officials, who are now hoping to not only figure out their purpose, but also determine who keeps installing them, which is also a mystery. “We just don’t leave things on public lands anymore,” he lamented, “you have to ask for permission.” While one antenna was found on property belonging to the University of Utah, officials there say that they are unaware of any connection to the devices which keep appearing in the area…<\/span><\/p><\/blockquote>\n Read more at Coast to Coast AM.<\/span><\/strong><\/span><\/a><\/p>\n Thanks for reading this week’s Wednesday Newbytes. We hope you found these articles informative, interesting, fun, and helpful. Darcy & TC<\/span><\/em><\/strong><\/span><\/p>\n Wednesday Newsbytes: Microsoft’s January Patch fixes 98 flaws, A Fifth of Gov. Agency’s Passwords Cracked, Microsoft’s AI Tool Can Mimic Your Voice, ChatGPT Fools Scientific Researchers…and more! Every day we scan the tech world for interesting news in the world of technology and sometimes from outside the world of technology. Every Wednesday, we feature news articles\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":23363,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4421,2247,1678,1669,2509,1,1426,2942,1656,1674,4372,4353,4221,10,2366],"tags":[],"_links":{"self":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/24813"}],"collection":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/comments?post=24813"}],"version-history":[{"count":2,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/24813\/revisions"}],"predecessor-version":[{"id":24815,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/posts\/24813\/revisions\/24815"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media\/23363"}],"wp:attachment":[{"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/media?parent=24813"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/categories?post=24813"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thundercloud.net\/infoave\/new\/wp-json\/wp\/v2\/tags?post=24813"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\n
\n4 Security Feature Bypass Vulnerabilities<\/span>
\n33 Remote Code Execution Vulnerabilities<\/span>
\n10 Information Disclosure Vulnerabilities<\/span>
\n10 Denial of Service Vulnerabilities<\/span>
\n2 Spoofing Vulnerabilities<\/span>
\nOne zero-day fixed<\/span>
\nThis month’s Patch Tuesday fixes one zero-day vulnerability, one actively exploited and the other publicly disclosed.<\/span><\/p>\n\n
\n
\nUS government terminology<\/span>
\nPop culture references<\/span>
\nPublicly available password lists harvested from past data breaches across both public and private sectors<\/span>
\nCommon keyboard patterns (e.g., \u201cqwerty\u201d)<\/span><\/p>\n
\n
\n
\n
\n
\n![\"Help](\"https:\/\/thundercloud.net\/infoave\/images\/2017\/goodfight2017.png\")
<\/a><\/p>\n![\"\"](\"https:\/\/www.thundercloud.net\/infoave\/new\/wp-content\/uploads\/2022\/11\/ny23.png\")
<\/p>\n","protected":false},"excerpt":{"rendered":"