Headshot Pro Review: Generate 120+ Headshots in 2 Hours?

In today’s professional world, having a high-quality headshot is essential. Whether you’re an actor, corporate professional, doctor, or realtor and want to make an excellent first impression, your headshot is the first thing potential clients or employers see. It needs to capture your personality, professionalism, and…

The Hidden Influence of Data Contamination on Large Language Models

Data contamination in Large Language Models (LLMs) is a significant concern that can impact their performance on various tasks. It refers to the presence of test data from downstream tasks in the training data of LLMs. Addressing data contamination is crucial because it can lead to…

Log4Shell continues to threaten organizations… – CyberTalk

Log4Shell continues to threaten organizations… – CyberTalk

EXECUTIVE SUMMARY:

The notorious North Korea-linked hacking group known as Lazarus is believed to be the mastermind behind a new global hacking campaign.

The campaign involves opportunistic use of security flaws in Log4Shell, a security vulnerability identified several years ago that poses severe risk to organizations.

Cyber security researchers have discovered that this latest campaign deploys previously undocumented remote access trojans (RATs) on compromised hosts.

The latest: Log4Shell

Tracked under the name ‘Operation Blacksmith,’ the campaign began in March of this year, and continues to-date. The campaign relies on at least three new malware families, and through them (specifically, RATs), attackers can gain remote control of infected systems.

The malware was written in DLang, a less common programming language. Its use reflects a shift among North Korean hacking campaigns towards the adoption of more obscure programming languages. But that’s not why this campaign captured researchers’ attention…

This campaign stood out to researchers on account of hackers’ use of Telegram as a channel for command-and-control communications. Some campaign malware used Telegram as its primary channel for accepting commands, communicating outputs, and for file transfer – both inbound and outbound.

Affected organizations

After successfully infiltrating an organization, the attackers conduct reconnaissance, using an array of commands to collect system information, query logs, and to perform OS credential dumping. Thus far, ransomware attacks haven’t been reported, although that could change without warning.

These attacks appear opportunistic in nature. Known victims operate in the manufacturing, agricultural and physical security sectors. Tailored malware implants have been found on compromised systems.

Today’s Log4Shell statistics

If you believed that the Log4Shell threat had been gradually and quietly neutralized, the following statistics describe a different reality:

  • Over 20% of Log4j downloads continue to be for vulnerable versions, according to supply chain management company Sonatype
  • 8% of tested apps still have Log4Shell vulnerabilities, while 3.8% use a Log4j 2.x version susceptible to CVE-2021-44832
  • One-third of Log4j-inclusive apps rely on the outdated, unsupported Log4j 1.x series of the library, which has seven high and critical vulnerabilities within it that remain unresolved

Systems still vulnerable

In July of last year, the Cybersecurity and Infrastructure Security Agency (CISA) warned of hacker operations that are connected to this one. Worryingly, they resulted in ransomware attacks on hospitals and healthcare facilities.

The Log4Shell vulnerability was originally reported on December 9th of 2021 and exists in the popular Java library called Log4j. As you’ll recall, due to the code library’s widespread use, the vulnerability inherently affected millions of Java applications.

Although patches were released in a timely fashion, months passed before the vast majority of organizations updated their code, apps…etc.

The vulnerability received extensive attention at the time of disclosure, including on CyberTalk.org. However, two-years later, a number of systems remain vulnerable.

Log4Shell threat prevention

The persistent reliance on outdated library versions remains as a significant issue – one that’s often fueled by developers who want to avoid unnecessary complexity.

Log4Shell hasn’t served as the wake-up call anticipated by the security industry.

Organizations are strongly advised to proactively scan environments, pinpoint open-source library versions and to swiftly create emergency upgrade plans for comprehensive security advancement and enrichment purposes.

Hearing Amazônia: MIT musicians in Manaus, Brazil

On Dec. 13, the MIT community came together for the premiere of “We Are The Forest,” a documentary by MIT Video Productions that tells the story of the MIT musicians who traveled to the Brazilian Amazon seeking culture and scientific exchange.

The film features performances by Djuena Tikuna, Luciana Souza, Anat Cohen, and Evan Ziporyn, with music by Antônio Carlos Jobim. Fred Harris conducts the MIT Festival Jazz Ensemble and MIT Wind Ensemble and Laura Grill Jaye conducts the MIT Vocal Jazz Ensemble.

Hearing Amazônia: MIT musicians in Manaus, Brazil

Play video

“We Are The Forest”
Video: MIT Video Productions

The impact of ecological devastation in the Amazon reflects the climate crisis worldwide. During the Institute’s spring break in March 2023, nearly 80 student musicians became only the second student group from MIT to travel to the Brazilian Amazon. Inspired by the research and activism of Talia Khan ’20, who is currently a PhD candidate in MIT’s Department of Mechanical Engineering, the trip built upon experiences of the 2020-21 academic year when virtual visiting artists Luciana Souza and Anat Cohen lectured on Brazilian music and culture before joining the November 2021 launch of Hearing Amazônia — The Responsibility of Existence.

This consciousness-raising project at MIT, sponsored by the Center for Art, Science and Technology (CAST), began with a concert featuring Brazilian and Amazonian music influenced by the natural world. The project was created and led by MIT director of wind and jazz ensembles and senior lecturer in music Frederick Harris Jr.

The performance was part eulogy and part praise song: a way of bearing witness to loss, while celebrating the living and evolving cultural heritage of Amazonia. The event included short talks, one of which was by Khan. As the first MIT student to study in the Brazilian Amazonia (via MISTI-Brazil), she spoke of her research on natural botanical resins and traditional carimbó music in Santarém, Pará, Brazil. Soon after, as a Fulbright Scholar, Khan continued her research in Manaus, setting the stage for the most complex trip in the history of MIT Music and Theater Arts.

“My experiences in the Brazilian Amazon changed my life,” enthuses Khan. “Getting to know Indigenous musicians and immersing myself in the culture of this part of the world helped me realize how we are all so connected.”

“Talia’s experiences in Brazil convinced me that the Hearing Amazônia project needed to take a next essential step,” explains Harris. “I wanted to provide as many students as possible with a similar opportunity to bring their musical and scientific talents together in a deep and spiritual manner. She provided a blueprint for our trip to Manaus.”

An experience of a lifetime

A multitude of musicians from three MTA ensembles traveled to Manaus, located in the middle of the world’s largest rainforest and home to the National Institute of Amazonian Research (Instituto Nacional de Pesquisas da Amazônia, or INPA), the most important center for scientific studies in the Amazon region for international sustainability issues.

Tour experiences included cultural/scientific exchanges with Indigenous Amazonians through Nobre Academia de Robótica and the São Sebastião community on the Tarumã Açu River, INPA, the Cultural Center of the Peoples of the Amazon, and the Museu da Amazônia. Musically, students connected with local Indigenous instrument builders and performed with the Amazonas State Jazz Orchestra and renowned vocalist and Indigenous activist Djuena Tikuna.

“Hearing Amazônia: Arte ê Resistência,” a major concert in the famed 19th century opera house Teatro Amazonas, concluded the trip on March 31. The packed event featured the MIT Wind EnsembleMIT Festival Jazz EnsembleMIT Vocal Jazz Ensemble, vocalist Luciana Souza, clarinetist Anat Cohen, MIT professor and composer-clarinetist Evan Ziporyn, and local musicians from Manaus. The program ended with “Nós Somos A Floresta (We Are The Forest) — Eware (Sacred Land) — Reflections on Amazonia, a large-scale collaborative performance with Djuena Tikuna. The two songs were composed by Tikuna, with Eware newly arranged by Israeli composer-bassist Nadav Erlich for the occasion. It concluded with all musicians and audience members coming together in song: a moving and beautiful moment of mediation on the sacredness of the earth.

“It was humbling to see the grand display of beauty and diversity that nature developed in the Amazon rainforest,” reflects bass clarinetist and MIT sophomore Richard Chen. “By seeing the bird life, sloths, and other species and the flora, and eating the fruits of the region, I received lessons on my harmony and connection to the natural world around us. I developed a deeper awareness of the urgency of resolving conflicts and stopping the destruction of the Amazon rainforest, and to listening to and celebrating the stories and experiences of those around me.”

Indigenous musicians embodying the natural world

“The trip expanded the scope of what music means,” MIT Vocal Jazz Ensemble member and biomedical researcher Autumn Geil explains. “It’s living the music, and you can’t feel that unless you put yourself in new experiences and get yourself out of your comfort zone.”

Over two Indigenous music immersion days, students spent time listening to, and playing and singing with, musicians who broadened their scope of music’s relationship to nature and cultural sustainability. Indigenous percussionist and instrument builder Eliberto Barroncas and music producer-arranger César Lima presented contrasting approaches with a shared objective — connecting people to the natural world through Indigenous instruments.

Barroncas played instruments built from materials from the rainforest and from found objects in Manaus that others might consider trash, creating ethereal tones bespeaking his life as one with nature. Students had the opportunity to play his instruments and create a spontaneous composition playing their own instruments and singing with him in a kind of “Amazonia jam session.”

“Eliberto expressed that making music is visceral; it’s best when it comes from the gut and is tangible and coming from one’s natural environment. When we cannot understand each other using language, using words, logic and thinking, we go back to the body,” notes oboist and ocean engineer Michelle Kornberg ’20. “There’s a difference between teaching music as a skill you learn and teaching music as something you feel, that you experience and give — as a gift.”

Over the pandemic, César Lima developed an app, “The Roots VR,” as a vehicle for people to discover over 100 Amazonia instruments. Users choose settings to interact with instruments and create pieces using a variety of instrumental combinations; a novel melding of technology with nature to expand the reach of these Indigenous instruments and their cultural significance.

At the Cultural Center of the Peoples of the Amazon, students gathered around a tree, hand-in-hand singing with Djuena Tikuna, accompanied by percussionist Diego Janatã. “She spoke about being one of the first Indigenous musicians ever to sing in the Teatro Amazonas, which was built on the labor and blood of Indigenous people,” recalls flutist and atmospheric engineer Phoebe Lin, an MIT junior. “And then to hold hands and close our eyes and step back and forth; a rare moment of connection in a tumultuous world — it felt like we were all one.”

Bringing the forest back to MIT

On April 29, Djuena Tikuna made her MIT debut at “We Are the Forest — Music of Resilience and Activism,” a special concert for MIT President Sally Kornbluth’s inauguration, presenting music from the Teatro Amazonas event. Led and curated by Harris, the performance included new assistant professor in jazz and saxophonist-composer Miguel Zenón, director of the MIT Vocal Jazz Ensemble; Laura Grill Jaye; and vocalist Sara Serpa, among others. 

“Music unites people and through art we can draw the world’s attention to the most urgent global challenges such as climate change,” says Djuena Tikuna. “My songs bring the message that every seed will one day germinate to reforest hearts, because we are all from the same village.”

Hearing Amazônia has set the stage for the blossoming of artistic and scientific collaborations in the Amazon and beyond.

“The struggle of Indigenous peoples to keep their territories alive should concern us all, and it will take more than science and research to help find solutions for climate change,” notes President Kornbluth. “It will take artists, too, to unite us and raise awareness across all communities. The inclusivity and expressive power of music can help get us all rowing in the same direction — it’s a great way to encourage us all to care and act!”

AI meets climate: MIT Energy and Climate Hack 2023

AI meets climate: MIT Energy and Climate Hack 2023

The MIT Energy and Climate Hack brought together participants from myriad fields and disciplines to develop rapid, innovative solutions to one of the most complex challenges facing society today: the global energy and climate crisis. Hundreds of students from MIT and colleges across the globe convened on MIT’s campus and virtually for this year’s event, which was held Nov. 10-12.

Established in 2013, the MIT Energy and Climate Hack has been the launchpad for innovative and sustainable solutions for a decade; an annual reminder that exciting new ideas are always just around the corner.

According to Claire Lorenzo, an MIT student organizer and communications director for this year’s Energy and Climate Hack, “There were a lot of people from a lot of places who showed up; both virtually and in person. It was encouraging to see how driven everyone was. How passionate they were about finding great solutions. You could see these ideas starting to form immediately.”

On the first day, representatives from companies across numerous industries presented participants with their most pressing energy and climate-related challenges. Once the gathering broke into teams, participants had two days to “hack the challenge” they were assigned and present their solution to company representatives, fellow hackers, and judges.  

The focus areas at this year’s event were energy markets, transportation, and farms and forests. Participating corporate sponsors included Google, Crusoe, Ironwood, Foothill Ventures, Koidra, Mitra Chem, Avangrid, Schneider Electric, First Solar, and Climate Ledger. 

This year’s event also marked the first time that artificial intelligence emerged as a viable tool for developing creative climate solutions. Lorenzo observed, “I’m studying computer science, so exploring how AI could be harnessed to have a positive impact on the climate was particularly exciting for me. It can be applicable to virtually any domain. Like transportation, [with emissions] for example. In agriculture, too.”

Energy and Climate Hack organizers identified the implementation of four core AI applications for special consideration: the acceleration of discovery (shortening the development process while simultaneously producing less waste), optimizing real-world solutions (utilizing automation to increase efficiency), prediction (using AI to improve prediction algorithms), and processing unstructured data (using AI to analyze and scale large amounts of data efficiently).

“If there was a shared sentiment among the participants, it would probably be the idea that there isn’t a singular solution to climate change,” says Lorenzo, “and that requires cooperation from various industries, leveraging knowledge and experience from numerous fields, to make a lasting impact.”

After the initial round of presentations concluded, one team from each challenge advanced from the preliminary presentation judging session to the final presentation round, where they pitched their solutions to a crowded room of attendees. Once the semi-finalists had pitched their solutions, the judges deliberated over the entries and selected team Fenergy, which worked in the energy markets sector, as the winners. The team, consisting of Alessandro Fumi, Amal Nammouchi, Amaury De Bock, Cyrine Chaabani, and Robbie Lee V, said, “Our solution, Unbiased Cathode, enables researchers to assess the supply chain implications of battery materials before development begins, hence reducing the lab-to-production timeline.”

“They created a LLM [large language model]-powered tool that allows innovative new battery technologies to be iterated and developed much more efficiently,” Lorenzo added.

When asked what she will remember most about her first experience at the MIT Energy and Climate Hack, Lorenzo replied, “Having hope for the future. Hope from seeing the passion that so many people have to find a solution. Hope from seeing all of these individuals come so far to tackle this challenge and make a difference. If we continue to develop and implement solutions like these on a global level, I am hopeful.”

Students interested in learning more about the MIT Energy and Climate Hackathon, or participating in next year’s Hack, can find more information on the event website.

2.009 gets “Wild!”

2.009 gets “Wild!”

Things got “WILD!” in Kresge auditorium on Monday night — that was the theme for this year’s class 2.009 (Product Engineering Processes) senior capstone course, and it’s also a great word to describe of the energy of the capacity crowd gathered for the course’s annual product prototype launch event.

The popular mechanical engineering course, known on campus as “two-double-oh-nine,” is designed to emulate what engineers might experience as part of a design team at a modern product development firm. Working with mentors, teams of students are challenged to design, build, and draft a business plan for a product prototype. They’re given a budget of $7,500 and just three months to bring their concepts to fruition before pitching to a live audience on MIT’s largest stage. The event also attracts a global audience of thousands watching live online.

This year’s theme invited teams to imagine products that could help end users with a diversity of “wild” experiences — from enabling them to engage more safely in risky sports or activities to creating more freedom from physical constraints. The six teams, each represented by a color, delivered with products that ranged from a health-care solution to a home crafting system to a track cleaner for mass transit systems.

Throughout the night, spectators in Kresge cheered and waved colorful pompoms as teams demonstrated their prototypes and shared business plans, pitching their products with stories and elaborate sets, backdrops, and props.

Between presentations, animated shorts entertained viewers, video montages showed the “wild” events of the semester, and a live band performed pun-filled renditions of popular songs like Dua Lipa’s “Dance the Night,” but with lyrics substituted to reflect 2.009 concepts, like “watch us build!” and “we design, we design, we design!”

In one special musical interlude, the band played Neil Diamond’s “Sweet Caroline” to celebrate longtime 2.009 and Pappalardo Lab staff member Stephen Haberek, who is retiring after 29 years at MIT. Haberek and course instructor Professor David Wallace (who donned several costumes throughout the evening, but was then dressed as Max from Maurice Sendak’s classic children’s book “Where the Wild Things Are”) danced as the crowd sang along. Wallace returned as event emcee following a sabbatical last year. He has instructed 2.009 since 1995.

Purple Team

In the first pitch of the night, the Purple Team presented their prototype for “Sway,” a medical bed attachment and sheet system designed to aid nurses in patient repositioning. The students explained that nurses in nursing homes, hospitals, and skilled care facilities reposition patients as frequently as every two hours to prevent pressure sores, which are painful for the patient and can become infected, leading to added complications or even death. Although necessary, the process can be difficult and time-intensive. Lifting patients can lead to injuries for nurses and the experience, which can take up to 30 minutes, can be invasive for patients.

Sway, a remote-controlled bed sheet and roller system that is connected to the hospital bed, cradles and lifts the patient to prevent lifting strain on nurses and can cut the time to about two minutes. The remote control can be operated with one hand, freeing the nurse’s other hand to maintain contact with the patient and guide positioning. The team next plans to pilot Sway in nursing homes around the Cambridge area and apply for FDA approval.

Green Team

The Green Team was up next, presenting “Wake Buddy,” a water skiing handle and monitoring system that enables two-way communication between a water skier and boat driver.

Traditionally, water skiers use hand signals to communicate with drivers but this requires taking one hand off the bar, a process that the team said can be incredibly difficult, for novice skiers especially. Buttons on the handle allow the skier to indicate to the driver that they’d like to slow down or go faster, and a vibration system lets the driver alert the skier when there’s reason to pay extra attention, like rough water ahead. When the skier falls and the handle is dropped, a “force sensitive resister” senses the change in grip pressure and alerts the driver.

In perhaps the evening’s most notable use of the term “beachhead market” (a term that describes a market with specific characteristics that makes it an ideal target for the launch of a new product or service), the team announced plans to first launch Wake Buddy by partnering with marinas, resorts, and sporting goods stores in Florida, after engaging in another period of product testing.

Pink Team

The Pink Team followed, launching “Contour,” a software-free laser-powered cutting machine that cuts user-created outline drawings out of organic materials. Rolled out with the tagline, “sketch, scan, create,” the students introduced Contour as an option for crafters with designs that are “too complex for scissors or X-Acto knives,” who may not have space for or interest in working with power tools, or who may not have an interest in learning complex software.

The machine, which is slightly bigger than a breadbox, employs a camera with 120-degree view to identify the design, and a 10-watt diode laser to perform the cutting. It can cut pieces of wood, cardboard, or paper up to one-eighth-inch thick. The team said the tool not only has applications for artist and hobbyists, but also in classrooms or for rapid prototyping in engineering workplaces.

Blue Team

For their pitch, the Blue Team opened with data from a survey they conducted of MIT students where they asked a question the team members, themselves, said they dreaded being asked: “How often do you wash your reusable water bottle?” More than half of the 264 MIT students they surveyed reported performing that task “less than once per month.”

Enter “nami,” an automated water bottle cleaner designed to be installed on college campuses alongside existing water bottle filling stations to make washing easier and more convenient. Named for the Japanese word for wave, nami uses nozzles to directly target the places the team identified as the dirtiest parts of the water bottle with hot, soapy, pressurized water drawn from plumbing supply lines and its onboard detergent tank.

An MIT staff member watching from home submitted a question asking if the system could also be used for washing travel coffee mugs and lids and the team answered, “yes;” as long as the coffee mug fit the size specifications, it could also be cleaned using the system. A young audience member in Kresge asked if the team might consider installing units in elementary schools in the future. Yes, they said, that’s also a possibility.

Yellow Team

Healthy water is important for animals, too. Next to present was the Yellow Team. Their product, “Feedback,” is an automated fish food dispensing control and monitoring system for commercial fish farmers that works with the farmers’ existing fish feeder to maximize fish growth while minimizing food waste.

Through a sensor placed in the tank to monitor oxygen and temperature, and using information inputted by the farmers, the system calculates and dispenses an optimal amount of food, while also tracking and livestreaming data. The team estimates use of the tool could save individual farmers up to $50,000 per year on food waste and labor costs.

Red Team

There was no slowing down for the last presentation of the evening, as the Red Team took the stage. Their product, “On Track,” is an automated, electric-powered device that scrubs contaminants off of railroad tracks to improve rail safety and minimize travel delays.

Black precipitate, also dubbed “slime,” builds up as heavy train cars compress fallen leaves on the track under their weight, the students explained. This build-up can lead to accidents, or “slip-slide” incidents, on tracks, forcing added maintenance or the creation of slow zones on train lines until cleaning can occur.

Measuring 66 x 75 x 25 inches and weighing about 600 pounds, On Track units are small enough to be stored on-site at train stations throughout a transit network, and can be quickly deployed by maintenance teams. Steel-wire brushes polish the tracks to a shine that the team said makes the rails look almost new and, with a cleaning speed of 6 mph, the units can cover a lot of track during off-hours.

The team also factored in safety measures. On Track is equipped with a “smart obstruction avoidance system” and stops the when it senses something in its path — a feature demonstrated by one student who hopped on to the tracks behind the moving car. The move drew gasps, followed by applause from the crowd when the vehicle sensed him and halted.

Thanks, and goodnight

Concluding the night, Wallace thanked the many behind-the-scenes people who worked to make the evening a success, including lab instructors, teaching assistants, staff members, technicians, mentors, and show producers. He also extended his thanks to the students, and offered some parting thoughts.

“Above all, please feel the potential of your inner wild,” says Wallace. “Be free to dream. Be a bit untamed. Move boundaries, and don’t accept good enough. Know that you can take action, and that the thrill is really in the effort of trying, isn’t it? Imagine the stories that you have yet to write and, in time, even if everything doesn’t work out as hoped, in time you’ll be able to look back and think ‘wow! That was wild.’”

A replay of the 2.009 webcast is available on the course website. Products and final presentations from previous years, along with project milestone presentations, are available in the 2.009 gallery.