©Pixabay

Electric energy storage systems supply power to electric cars, electric bicycles and smartphones. With a new test center in Berlin of the German Federal Institute for Materials Research and Testing (BAM), the Federal Institute with cooperating institutions from science wants to focus more on the safety of batteries. For example, a so-called runaway can trigger a chain reaction followed by extremely high temperatures and fires.

"We selectively expose individual cells, entire batteries or battery-powered devices to mechanical, thermal or electrical stress. We derive conclusions for safety assessment and the state of safety from the data collected using multisensory and imaging techniques," says head Dr. Anita Schmidt.

The test facilities make it possible, for example, to charge batteries cyclically at high charge rates and thus simulate accelerated aging. These findings are particularly important for the future, as second-life scenarios are increasingly in demand. In the future, for example, it should be possible to recycle used batteries from electric cars so that they can also be used, for example, in photovoltaic systems, in private households or as large stationary storage units.

Research into energy materials is also being carried out in the special laboratories. For example, sodium-ion batteries could one day replace the raw material lithium as well as components such as copper or cobalt. A large-scale battery test bench at BAM's Technical Safety Test Site will also take account of large-scale storage systems.

Source: BAM Federal Office for Materials Testing and Research

On Wednesday morning, various Comparis IT systems were blocked, as the comparison portal writes in a statement. In the meantime, the Comparis.ch website is available again as normal. According to the state of knowledge, databases are also not affected by the incident.

The initial investigations had shown that the perpetrators were able to gain access to certain customer-relevant data of the sister company Credaris, whose systems are partly operated in the server environment. A possible data theft is currently the subject of further investigations. Credaris will inform any affected customers directly. The two portals have already called in the criminal prosecution authorities and are working closely with cybercrime specialists. A complaint has been filed against unknown persons.

@Comparis is online again since yesterday evening - after a #Ransomware - attack, 90% of our services are up and running again. We would like to apologize to our users for the inconvenience.

- comparis.ch (@Comparis) July 9, 2021

The work on the restoration of the subsystems is still in progress. The accessibility via e-mail and customer hotline could still be limited, as Comparis writes.

Source: Comparis

Pfizer and Biontech have conducted studies investigatesaccording to which a third dose of the vaccine six months after the second vaccination could result in a high neutralizing antibody formation against the new mutations. This would also have a "consistent tolerability profile". Antibody formation is said to be around five to ten times higher.

According to the data from the isral vaccination company, the effect of the vaccine decreases after just six months following the second vaccination. A third vaccination would provide greater protection and additional protection against the delta variant B.1.617.2.

New vaccine to protect against delta variant

Pfizer/Biontech is already developing a new mRNA vaccine version in which the complete spike protein of the delta variant is used. Vaccine protection against severe courses would remain high after the second dose. However, a decline in efficacy against symptomatic courses cannot be ruled out. In addition, further virus mutations can be expected over time, as Pfizer and Biontech write.

Pfizer and Biontech plan to submit the data obtained to the FDA, EMA and other regulatory authorities in the coming weeks. Further current preclinical and clinical studies are currently being conducted to confirm the hypotheses.

Sources: Heise/biontech.de

The EU has officially recognized the Swiss certificate. At the same time, Switzerland, for its part, has recognized the certificates issued in the EU and EFTA member states secured. The Swiss Covid certificate has been linked to the EU digital interface and is applicable throughout the EU/EFTA area since last night, July 8-9. International compatibility has been a high priority in the creation of the Swiss Covid Certificate since the beginning of its development."

The aim of the "EU Digital COVID Certificate" is to facilitate safe travel during the Covid 19 pandemic. How the certificate can be used is decided by the individual states. Each country determines its own entry regulations and has the sovereignty to adapt them depending on the development of the epidemiological situation. It is therefore important for travelers with the certificate to always be aware of the current entry regulations of the destination country.

The Covid certificate - briefly explained: 

Source: BAG

According to random samples from the IT consulting firm IoT-Inspector in Bad Homburg, Germany, 50 percent of devices often have glaring vulnerabilities that would allow a hacker attack on the entire system infrastructure. Particular care should be taken when procuring printers, routers, security cameras and lighting options, he said. Hackers know the vulnerabilities and like to exploit them. According to IoT-Inspector, on average, each device contains software components from more than ten different manufacturers, so-called OEM producers. In a detailed checklist, the IT consulting firm advises the following security tips:

• First, a protection needs assessment and threat analysis should take place to establish clear guidelines for IoT security.
• Definition of concrete technical security requirements for procurement. These are recorded in a security specification and must be verifiably implemented by the manufacturer. International specifications such as ISA/IEC 62443 or ETSI 303 645 provide orientation for this. There are also security-focused procurement platforms from which concrete procurement texts can be taken.
• Testing of the manufacturer with regard to trustworthiness and diligence in the context of hardware and software development. Orientation is provided by established maturity models such as OWASP SAMM or BSIMM. The manufacturer must demonstrate that it implements the required level of maturity - depending on the protection needs of the device - for all development activities.
• Perform automated security testing of device firmware, both at acceptance and at fixed intervals, to detect any new vulnerabilities introduced by firmware updates.
• Whitebox audits are recommended based on the OWASP IoT Testing Guides.
  Requesting written assurance from the manufacturer that all defined safety requirements have been met.
• Review of security documentation created during software development (e.g., security architecture documentation, data flow analyses, results of vendor's internal security tests).
• If an IoT device gains access to sensitive information or is deployed in particularly vulnerable areas, a full security source code review of the firmware should be conducted, as well as a physical security review of the IoT device itself, focusing on hidden backdoors in the software and hardware.

For interested parties, IoT Inspector offers a Whitepaper download.

Source: IoT Inspector GmbH

Anyone who does not have supplementary insurance in the form of vacation or travel insurance usually has to pay a large part of the high treatment costs themselves in the event of an accident. According to Suva, around 70,000 accidents occur abroad every year. Vacationers often unknowingly end up with a private doctor or a private hospital. There, they are treated as well as they are used to in Switzerland, but often at much higher costs than in this country.

Expensive private clinics abroad

In principle, employees who work at least eight hours a week are also insured against non-occupational accidents through the employer's basic insurance. According to Suva, this accident insurance covers practically the same benefits in all EU and EFTA countries as if one were insured in one of the countries via corresponding social benefits. However, the insured amount is not sufficient for countries with high medical costs such as the USA, Canada, the United Arab Emirates or for Japan.

Suva also points out that many hotels in classic tourist areas make arrangements with private clinics and private doctors. "It can quickly happen that an insufficiently insured accident victim has to pay for services amounting to several 10,000 Swiss francs," says Roger Stalder, team leader abroad at Suva.

Check travel insurance before the vacations

People are therefore well advised to get an overview of their vacation and travel insurance before they go on vacation. All costs for emergency medical services, medicines or hospital stays are covered, and as a rule rescue operations or return transport to Switzerland are also guaranteed worldwide. "The benefits can vary greatly depending on the provider," says Roger Stalder. Before traveling, he recommends clarifying exactly how you are insured and always having the emergency number of your accident insurance ready when abroad.

According to Suva, it will pay the same medical costs as in the EU/EFTA countries as if you were covered by social insurance in the corresponding countries. In the case of medical expenses in other countries, Suva will pay at most twice the amount of the costs that would have been incurred for treatment in Switzerland.

Source: Suva

A new research group at BFH is looking at skills in machine learning, artificial intelligence, and how to deal with "digital ethics." The team aims to address all major aspects of machine learning, from scaling, data modeling, and testing to operations and maintenance, BFH said in a statement.

In collaboration with industry, academic research groups and non-profit organizations, the researchers are developing applications that will offer novel functionalities. Topics such as computer vision and inference are also mentioned, for example intelligent text applications as well as various search and recommendation systems.

Ongoing projects include, but are not limited to Burnout detection through computational linguistics. In this special project, the foundations for the future of digital media in psychology will be laid. Furthermore a virtual research lawyerbased on artificial intelligence (AI) and medical knowledge, find lawyers and locate relevant information ten times faster and more accurately than before.

Source: bfh.idas

A problem with the Windows Print service allows attackers to remotely execute code. Microsoft has since released emergency patches for the vulnerability called "Printnightmare". published. According to security researchers, the updates should prevent remote code execution, but there is still a possibility to exploit locally with admin privileges. exploit.

Attackers have so far been able to exploit the vulnerability to install additional programs remotely or to set up user and admin accounts. Although Windows 7 is no longer supplied with security updates, Microsoft also provided a patch for the old operating system version. However, no updates are yet available for operating systems like Windows Server 2016.

Source: Golem

People who protect themselves from UV radiation during their leisure time would do well to avoid sunbathing over lunchtime, for example, and always have sun cream in their luggage. How employees can be better protected when working in the sun was answered by Suva, the Cancer League of the Canton of Zurich and the Swiss Building Envelope Association and AEZ AG at a joint media event. But how can people protect themselves better?

Employers' duty to protect

Good protection from UV radiation starts with clothing, because clothing protects not only from UV radiation, but also from the heat. Ideally, sunscreen, headgear and forehead shields should also be used. In principle, employers are obliged to equip their employees appropriately to prevent accidents and occupational illnesses. For example, the Krebsliga Zürich (Zurich Cancer League) already devotes time to learning objectives with apprentices and visits vocational schools in Zurich to educate them about skin cancer prevention.

For workers, Suva visits various construction sites in Switzerland during the summer months. Using a special UV filter and a camera, it is possible to see, for example, where skin cancers have already developed and how effective optimal UV protection should be.

Information pages of Suva:

• Information page "Sun, heat, UV rays and ozone". 
• Information page "Don't blush 
• Technical article "UV rays get under your skin". 
• Professional article "What to do in case of sunstroke?" 

Source: Suva

As the Confederation writes in a media release, individual cantons are currently planning to resume trials of the future Swiss Post e-voting system. That is why the Confederation is now launching an independent audit of the system. However, this is likely to take several months and is intended to serve as a basis for the resumption.

More responsibility is to fall to the federal government as a result. The assessment of the risks and the responsibility for a deployment therefore also remain with the federal government. The test reports of the experts will be published once the test has been completed. The legal basis for the operation of the e-voting system provides for a number of further audits.

For example, cantons generally must ensure that the system vendor operates an open bug bounty program or discloses the system code and rewards the gap finders who discover a bug.

Source: Federal Chancellery

©Pixabay

Last year, there were more fatalities and serious injuries compared to 2019. According to the safety barometer of the Advisory Office for Accident Prevention (BFU), the number of fatalities rose last year from 40 to 227, and those seriously injured by 154 to 3793. Senior citizens were particularly at risk.

Accidents had increased particularly among people aged 65 and over. Last year, there were 97 fatalities and 791 serious injuries in this age group. Most of the accidents occurred when seniors were traveling on foot, by bicycle or by e-bike.

Medium security for children

The Safety Barometer 2021 also indicates that children are particularly at risk on Swiss roads. For every 1 million children, 6.4 die in Switzerland every year.

Children in this country are particularly at risk when they are on foot. Statistically, this changes at the age of 12: From this age on, more children are injured on bicycles.

Switzerland must not let up

The BFU therefore wants to campaign for consistent adherence to a "30 km/h" speed limit in built-up areas, as this would prevent at least one third of serious accidents. The preventive effect of police checks with regard to speed, alcohol and drugs is still too little used. Road users are often not prepared for police checks. Therefore, more holistic accident prevention on the part of the AAIB would be desirable.

Source: AAIB

Bug Bounty programs are used to identify, document and fix any vulnerabilities in IT systems and applications in collaboration with ethical hackers. A total of 15 federally contracted ethical hackers participated in this pilot project. From May 10 to 21, 2021, the National Cyber Security Center (NCSC) conducted a Bug Bounty pilot project in collaboration with Bug Bounty Switzerland GmbH, the Federal Department of Foreign Affairs (FDFA), and the Parliamentary Services (PD).

Ten security vulnerabilities discovered

For the Implementation of the pilot project a total of six IT systems of the FDFA and the parliamentary services were scanned by ethical hackers for possible security vulnerabilities. A total of ten security vulnerabilities were reported to the NCSC. Of these, one vulnerability turned out to be "critical", seven vulnerabilities were classified as "medium" and two as "low".

All gaps were closed immediately by the responsible service providers. The successful closure of the gaps was subsequently verified and confirmed by the ethical hackers.

Positive conclusion

The pilot project had shown that vulnerabilities in IT systems and applications can be efficiently identified and remedied by means of bug bounty programs. The "return on investment" was identified as high. A bug bounty program for the federal administration, operated by the NCSC, makes an important contribution to reducing the federal government's cyber risk.

Through the experience gained from the pilot and the lessons learned by all stakeholders, NCSC envisions continually expanding the Bug Bounty program to as many federal government systems as possible.

The procurement process should therefore be started as quickly as possible. In the meantime, other companies in Switzerland offer Bug Bounty programs in addition to Bug Bounty Switzerland GmbH. In order to ensure neutrality in the procurement process, Florian Schütz, the federal government's delegate for cybersecurity, is therefore withdrawing from the advisory board of Bug Bounty Switzerland.

Source: NCSC