Addressing the Cyber Security Skills Gap, Part 1

Operating in an adversarial driven world, cyber defenders are faced with many obstacles. In effort to keep pace with our adversarial counterpart, the cyber security skills gap has become the silent oppressor. In Part 1 of this multi-part blog series we will define the implications presented by th...

5 principles driving a customer-obsessed identity strategy at Microsoft

The cloud era has fundamentally changed the way businesses must think about security. For a long time, we built security around the perimeter. But today, the boundaryless landscape demands that we start with the individual. In our journey with customers co-designing our products and services,...

Inside out: Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection

While Windows Defender Antivirus makes catching 5 billion threats on devices every month look easy, multiple advanced detection and prevention technologies work under the hood to make this happen. Windows Defender Antivirus is the next-generation protection component of Microsoft Defender Advance...

Data, Surveillance, and the AI Arms Race

According to foreign policy experts and the defense establishment, the United States is caught in an artificial intelligence arms race with China -- one with serious implications for national security. The conventional version of this story suggests that the United States is at a disadvantage...

WordPress Plugin Insert or Embed Articulate Content into WordPress - Remote Code Execution

Exploit Title: Authenticated code execution in insert-or-embed-articulate-content-into-wordpress Wordpress plugin Description: It is possible to upload and execute a PHP file using the plugin option to upload a zip archive Date: june 2019 Exploit Author: xulchibalraa Vendor Homepage:...

Learning to Rank Strings Output for Speedier Malware Analysis

Reverse engineers, forensic investigators, and incident responders have an arsenal of tools at their disposal to dissect malicious software binaries. When performing malware analysis, they successively apply these tools in order to gradually gather clues about a binary’s function, design detectio...

Q&A with Ashley Fidler, Chief Product Officer at eSentire: Women in Cybersecurity

In a few short weeks, Carbon Black will be hosting our annual user conference, CBConnect19, in sunny San Diego. This year, we’re bringing together a group of powerhouse women from across a variety of industries for our annual Women in Cybersecurity Panel to share their knowledge and experience fr...

Visiting the NSA

Yesterday, I visited the NSA. It was Cyber Command's birthday, but that's not why I was there. I visited as part of the Berklett Cybersecurity Project, run out of the Berkman Klein Center and funded by the Hewlett Foundation. BERKman hewLETT -- get it? We have a web page, but it's badly out of...

Modern Database Security Buys Down More Risks for Enterprises

Pop quiz: how many data records are lost or stolen on an average day? 1 million? 3 million? 6 million? If you answered 6 million, you’re correct, according to the Breach Level Index. According to the Index, 14.7 billion records have been lost or stolen since 2013, or more than 2.2 billion per yea...

How Technology and Politics Are Changing Spycraft

Interesting article about how traditional nation-based spycraft is changing. Basically, the Internet makes it increasingly possible to generate a good cover story; cell phone and other electronic surveillance techniques make tracking people easier; and machine learning will make all of this...

Darktrace Enterpise Immune System 3.0.9 / 3.0.10 Cross Site Request Forgery

1 - Vulnerability Darktrace Enterpise Immune System 3.0.9 and 3.0.10 contains multiple cross site request forgery vulnerabilities. It is highly likely that older versions are affected as well, but this has not been confirmed. An attacker can whitelist domains and/or change core Darktrace...

DRUPAL-CONTRIB-2019-047

In certain configuration cases, when a learning path is configured as semi-private, anonymous users are allowed to join a learning path when they should not...

Opigno Learning path - Moderately critical - Access bypass - SA-CONTRIB-2019-047

In certain configuration cases, when a learning path is configured as semi-private, anonymous users are allowed to join a learning path when they should not...

Aerotech Ensemble QL/QLe Servo Drives Detection

Binary data 763921.prm...

What Does it Mean to Connect?

"Bring together or into contact so that a real or notional link is established." or "Join together so as to provide access and communication." -The Oxford English Dictionary I have been to too many security events. 🙂 So many, in fact, that sometimes they blend together. CB Connect, however, is no...

Flerken - Obfuscated Command Detection Tool

Command line obfuscation has been proved to be a non-negligible factor in fileless malware or malicious actors that are "living off the land". To bypass signature-based detection, dedicated obfuscation techniques are shown to be used by red-team penetrations and even APT activities. Meanwhile,...

Fooling Automated Surveillance Cameras with Patchwork Color Printout

Nice bit of adversarial machine learning. The image from this news article is most of what you need to know, but here's the research paper...

Weak Password Vulnerability in Learning to Pay App

Learn to Pay is an online payment tool that specializes in serving the training industry. Provides recharge, payment, cash withdrawal and guaranteed transaction services. A weak password vulnerability exists in the Learning to Pay APP, which can be exploited by attackers to obtain users' personal...

CVE-2019-2700

Vulnerability in the PeopleSoft Enterprise ELM component of Oracle PeopleSoft Products subcomponent: Enterprise Learning Mgmt. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

CVE-2019-2707

Vulnerability in the PeopleSoft Enterprise ELM Enterprise Learning Management component of Oracle PeopleSoft Products subcomponent: Application Search. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...