Google Bans 600 Android Apps for Obnoxious Ads

Google has removed nearly 600 Android apps from the Play Store for serving up obnoxious, invasive ads that aren’t easily “x’d” out of. The internet giant said the enforcement action was a strike against mobile ad fraud. Google said Thursday that the apps violated its disruptive ads policy – and a...

Microsoft Insider Risk Management and Communication Compliance in Microsoft 365 now generally available

Microsoft Insider Risk Management and Communication Compliance in Microsoft 365—now generally available—help organizations address internal risks, such as IP theft or code of conduct policy violations. The new Microsoft Insider Risk Management solution helps to quickly identify, detect, and act o...

Azure Sentinel uncovers the real threats hidden in billions of low fidelity signals

Cybercrime is as much a people problem as it is a technology problem. To respond effectively, the defender community must harness machine learning to compliment the strengths of people. This is the philosophy that undergirds Azure Sentinel. Azure Sentinel is a cloud-native SIEM that exploits...

Introduction and Application of Model Hacking

ARCHIVED STORY Introduction and Application of Model Hacking By Steve Povolny · Febraury 19, 2020 Catherine Huang, Ph.D., and Shivangee Trivedi contributed to this blog. The term “Adversarial Machine Learning” AML is a mouthful! The term describes a research field regarding the study and design o...

Model Hacking ADAS to Pave Safer Roads for Autonomous Vehicles

ARCHIVED STORY Model Hacking ADAS to Pave Safer Roads for Autonomous Vehicles Steve Povolny · FEB 19, 2020 The last several years have been fascinating for those of us who have been eagerly observing the steady move towards autonomous driving. While semi-autonomous vehicles have existed for many...

Model Hacking ADAS to Pave Safer Roads for Autonomous Vehicles

ARCHIVED STORY Model Hacking ADAS to Pave Safer Roads for Autonomous Vehicles Steve Povolny · FEB 19, 2020 The last several years have been fascinating for those of us who have been eagerly observing the steady move towards autonomous driving. While semi-autonomous vehicles have existed for many...

Introduction and Application of Model Hacking

ARCHIVED STORY Introduction and Application of Model Hacking By Steve Povolny · Febraury 19, 2020 Catherine Huang, Ph.D., and Shivangee Trivedi contributed to this blog. The term “Adversarial Machine Learning” AML is a mouthful! The term describes a research field regarding the study and design o...

PackWeb Formap E-learning 1.0 SQL Injection

Exploit Title: PackWeb Formap E-learning 1.0 - 'NumCours' SQL Injection Google Dork: intitle: "PackWeb Formap E-learning" Date: 2020-02-07 Exploit Author: Amel BOUZIANE-LEBLOND Vendor Homepage: https://www.ediser.com/ Software Link: https://www.ediser.com/98517-formation-en-ligne Version: v1.0...

How AI Is Tracking the Coronavirus Outbreak

Machine-learning programs are analyzing websites, news reports, and social media posts for signs of symptoms, such as fever or breathing problems...

Extreme Office 2019 has a buffer overflow vulnerability

Extreme Office is an independently controlled office learning software developed by Beijing Haiteng Times Technology Co. Extreme Office 2019 suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute code or cause a denial of service...

Extreme Office 2019 has a memory corruption vulnerability

Extreme Office is an independently controlled office learning software developed by Beijing Haiteng Times Technology Co. Extreme Office 2019 suffers from a memory corruption vulnerability that can be exploited by attackers to cause a denial of service...

PackWeb Formap E-learning 1.0 - (NumCours) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: PackWeb Formap E-learning 1.0 - 'NumCours' SQL Injection Google Dork: intitle: "PackWeb Formap E-learning" Exploit Author: Amel BOUZIANE-LEBLOND Vendor Homepage: https://www.ediser.com/ Software Link:...

PackWeb Formap E-learning 1.0 - NumCours SQL Injection

PackWeb Formap E-learning 1.0 - NumCours SQL Injection Exploit Title: PackWeb Formap E-learning 1.0 - 'NumCours' SQL Injection Google Dork: intitle: "PackWeb Formap E-learning" Date: 2020-02-07 Exploit Author: Amel BOUZIANE-LEBLOND Vendor Homepage: https://www.ediser.com/ Software Link:...

PackWeb Formap E-learning 1.0 - 'NumCours' SQL Injection

Exploit Title: PackWeb Formap E-learning 1.0 - 'NumCours' SQL Injection Google Dork: intitle: "PackWeb Formap E-learning" Date: 2020-02-07 Exploit Author: Amel BOUZIANE-LEBLOND Vendor Homepage: https://www.ediser.com/ Software Link: https://www.ediser.com/98517-formation-en-ligne Version: v1.0...

Nfstream - A Flexible Network Data Analysis Framework

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python...

PCFG Cracker - Probabilistic Context Free Grammar (PCFG) Password Guess Generator

PCFG = Probabilistic Context Free Grammar PCFG = Pretty Cool Fuzzy Guesser In short: A collection of tools to perform research into how humans generate passwords. These can be used to crack password hashes, but also create synthetic passwords honeywords, or help develop better password strength...

Mimir - Smart OSINT Collection Of Common IOC Types

Smart OSINT collection of common IOC types. Overview This application is designed to assist security analysts and researchers with the collection and assessment of common IOC types. Accepted IOCs currently include IP addresses, domain names, URLs, and file hashes. The title of this project is nam...

Security Bulletin: A security vulnerability has been identified in OpenCV shipped with PowerAI

Summary Multiple Vulnerabilities CVE-2019-14493, CVE-2019-14492 and CVE-2019-14491 were found in OpenCV package. Vulnerability Details CVEID: CVE-2019-14493 DESCRIPTION: An issue was discovered in OpenCV before 4.1.1. There is a NULL pointer dereference in the function cv::XMLParser::parse at...

Security Bulletin: A security vulnerability has been identified in lodash shipped with PowerAI.

Summary Vulnerability CVE-2019-10744 found in lodash package. Vulnerability Details CVEID: CVE-2019-10744 DESCRIPTION: Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype...

Security Bulletin: A security vulnerability has been identified in SQLite shipped with PowerAI

Summary Vulnerability CVE-2019-8457 in SqLite package Vulnerability Details CVEID: CVE-2019-8457 DESCRIPTION: SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode function when handling invalid rtree tables. CVSS Base score: 5.3 CVSS Temporal Score:...