very_well_lost

A new investigation with NASA’s James Webb Space Telescope into K2-18 b, an exoplanet 8.6 times as massive as Earth, has revealed the presence of carbon-bearing molecules including methane and carbon dioxide. Webb’s discovery adds to recent studies suggesting that K2-18 b could be a Hycean exoplanet, one which has the potential to possess a hydrogen-rich atmosphere and a water ocean-covered surface.

Scientists have been working on models of planet formation since before we knew exoplanets existed. Originally guided by the properties of the planets in our Solar System, these models turned out to be remarkably good at also accounting for exoplanets without an equivalent in our Solar System, like super Earths and hot Neptunes. Add in the ability of planets to move around thanks to gravitational interactions, and the properties of exoplanets could usually be accounted for.

Today, a large international team of researchers is announcing the discovery of something our models can't explain. It's roughly Neptune's size but four times more massive. Its density—well above that of iron—is compatible with either the entire planet being almost entirely solid or it having an ocean deep enough to drown entire planets. While the people who discovered it offer a couple of theories for its formation, neither is especially likely.

In their jiggles and shakes, red giant stars encode a record of the magnetic fields near their cores.

A new NASA study offers an explanation of how quakes could be the source of the mysteriously smooth terrain on moons circling Jupiter and Saturn.

Astronomers have uncovered a link between Neptune's shifting cloud abundance and the 11-year solar cycle, in which the waxing and waning of the Sun's entangled magnetic fields drives solar activity.

Giant black holes were supposed to be bit players in the early cosmic story. But recent James Webb Space Telescope observations are finding an unexpected abundance of the beasts.

Magnetars are some of the most extreme objects we know about, with magnetic fields so strong that chemistry becomes impossible in their vicinity. They're neutron stars with a superfluid interior that includes charged particles, so it's easy to understand how a magnetic dynamo is maintained to support that magnetic field. But it's a little harder to fully understand what starts the dynamo off in the first place.

The leading idea, which benefits from its simplicity, is that the magnetar inherits its magnetic field from the star that exploded in a supernova to create it. The original magnetic field, when crushed down to match the tiny size of the resulting neutron star, would provide a massive kick to start the magnetar off. There's just one problem with this idea: we haven't spotted any of the highly magnetized precursor stars that this hypothesis requires.

It turns out that we have been observing one for years. It just looked like something completely different, and it took a more careful analysis, published today in Science, to understand what we've been observing.

New observations of a faraway rocky world that might have its own magnetic field could help astronomers understand the seemingly haphazard magnetic fields swaddling our solar system’s planets.

On Wednesday, researchers announced the discovery of a new astronomical enigma. The new object, GPM J1839–10, behaves a bit like a pulsar, sending out regular bursts of radio energy. But the physics that drives pulsars means that they'd stop emitting if they slowed down too much, and almost every pulsar we know of blinks at least once per minute.

GPM J1839–10 takes 22 minutes between pulses. We have no idea what kind of physics or what kind of objects can power that.

Hundreds of Internet-exposed devices inside solar farms remain unpatched against a critical and actively exploited vulnerability that makes it easy for remote attackers to disrupt operations or gain a foothold inside the facilities.

The devices, sold by Osaka, Japan-based Contec under the brand name SolarView, help people inside solar facilities monitor the amount of power they generate, store, and distribute. Contec says that roughly 30,000 power stations have introduced the devices, which come in various packages based on the size of the operation and the type of equipment it uses.

Searches on Shodan indicate that more than 600 of them are reachable on the open Internet. As problematic as that configuration is, researchers from security firm VulnCheck said Wednesday, more than two-thirds of them have yet to install an update that patches CVE-2022-29303, the tracking designation for a vulnerability with a severity rating of 9.8 out of 10. The flaw stems from the failure to neutralize potentially malicious elements included in user-supplied input, leading to remote attacks that execute malicious commands.

Security firm Palo Alto Networks said last month the flaw was under active exploit by an operator of Mirai, an open source botnet consisting of routers and other so-called Internet of Things devices. The compromise of these devices could cause facilities that use them to lose visibility into their operations, which could result in serious consequences depending on where the vulnerable devices are used.

“The fact that a number of these systems are Internet facing and that the public exploits have been available long enough to get rolled into a Mirai-variant is not a good situation,” VulnCheck researcher Jacob Baines wrote. “As always, organizations should be mindful of which systems appear in their public IP space and track public exploits for systems that they rely on.”

Baines said that the same devices vulnerable to CVE-2022-29303 were also vulnerable to CVE-2023-23333, a newer command-injection vulnerability that also has a severity rating of 9.8. Although there are no known reports of it being actively exploited, exploit code has been publicly available since February.

Incorrect descriptions for both vulnerabilities are one factor involved in the patch failures, Baines said. Both vulnerabilities indicate that SolarView versions 8.00 and 8.10 are patched against CVE-2022-29303 and CVE-2023-293333. In fact, the researcher said, only 8.10 is patched against the threats.

Palo Alto Networks said the exploit activity for CVE-2022-29303 is part of a broad campaign that exploited 22 vulnerabilities in a range of IoT devices in an attempt to spread a Marai variant. The attacks started in March and attempted to use the exploits to install a shell interface that allows devices to be controlled remotely. Once exploited, a device downloads and executes the bot clients that are written for various Linux architectures.

There are indications that the vulnerability was possibly being targeted even earlier. Exploit code has been available since May 2022. This video from the same month shows an attacker searching Shodan for a vulnerable SolarView system and then using the exploit against it.

While there are no indications that attackers are actively exploiting CVE-2023-23333, there are multiple exploits on GitHub.

There’s no guidance on the Contec website about either vulnerability and company representatives didn’t immediately respond to emailed questions. Any organization using one of the affected devices should update as soon as possible. Organizations should also check to see if their devices are exposed to the Internet and, if so, change their configurations to ensure the devices are reachable only on internal networks.