Security Bulletin: The Ubuntu ca-certificates have been updated in Watson Machine Learning Community Edition containers due to expiration.

Summary Ubuntu ca-certficates expire occasionally and need to be updated. The Ubuntu based containers for Watson Machine Learning Community Edition have been updated to recent ca-certificates. Vulnerability Details Third Party Entry: 192370 DESCRIPTION: ca-certificates package for Ubuntu spoofing...

Security Bulletin: Watson Machine Learning Community Edition docker containers have been updated to fix a security issue in libcurl

Summary Watson Machine Learning Community Edition docker containers have been updated to fix a security issue in libcurl. Users should repull the docker containers from dockerhub.com or issue an in-container update. Vulnerability Details CVEID: CVE-2020-8231 DESCRIPTION: cURL libcurl could allow ...

Security Bulletin: TensorFlow in Watson Machine Learning Community Edition 1.6.2 and 1.7.0 has been patched for various security issues.

Summary TensorFlow in Watson Machine Learning Community Edition 1.6.2 and 1.7.0 has had various CVE reported against it and have been patched. Users should update to the latest available TensorFlow package. Vulnerability Details CVEID: CVE-2020-15265 DESCRIPTION: Tensorflow is vulnerable to a...

Security Bulletin: TensorFlow in Watson Machine Learning 1.6.2 and 1.7.0 has been patched for various security issues in nanopb.

Summary TensorFlow in Watson Machine Learning 1.6.2 and 1.7.0 has had various secuirty issue published for nanopb. These have been patched in the latest versions of TensorFlow. Vulnerability Details Third Party Entry: 193026 DESCRIPTION: Nanopb pbencode buffer overflow CVSS Base score: 4.8 CVSS...

Security Bulletin: TensorFlow in Watson Machine Learning 1.6.2 and 1.7.0 has been patched for a security issue in nanopb.

Summary TensorFlow in Watson Machine Learning 1.6.2 and 1.7.0 has had various secuirty issue published for nanopb. These have been patched in the latest versions of TensorFlow. Vulnerability Details CVEID: CVE-2020-26243 DESCRIPTION: Nanopb is vulnerable to a denial of service, caused by a memory...

Security Bulletin: TensorFlow in Watson Machine Learning Community Edition 1.6.2 and 1.7.0 has been patched for various security issues.

Summary TensorFlow in Watson Machine Learning Community Edition 1.6.2 and 1.7.0 has had various reported CVEID's included below. These issues have been patched and users should update to the latest available versions. Vulnerability Details CVEID: CVE-2020-26270 DESCRIPTION: TensorFlow is vulnerab...

Incorporating machine learning in data mapping for improved results

By Owais Sultan Data mapping is a process in which different bits of data are organized into a manageable as well as easy-to-comprehend system. This is a post from HackRead.com Read the original post: Incorporating machine learning in data mapping for improved results...

Code Injection in tensorflow/tfx

Description TensorFlow Extended TFX is a Google-production-scale machine learning platform based on TensorFlow. It provides a configuration framework to express ML pipelines consisting of TFX components. Vulnerability Vulnerable to YAML deserialization attack caused by unsafe loading. Proof of...

Microsoft surpasses $10 billion in security business revenue, more than 40 percent year-over-year growth

I joined Microsoft a little more than six months ago—amid a global pandemic and a new norm of remote work, as well as one of the most rapidly evolving threat landscapes in history. We’ve witnessed more sophisticated attacks, like the recent SolarWinds incident, as well as an increase in attack...

Google FLoC puts ad trackers on a cookie-free diet

Cookie tracking is dying and Google needs a replacement. Its betting on FLoC, an ad tracking technology that lets it understand peoples behaviour while respecting their privacy. Google has announced that its tests show promising signs that FLoC is working. Is this a milestone on the road to more...

Batea - AI-based, Context-Driven Network Device Ranking

Batea is a context-driven network device ranking framework based on the anomaly detection family of machine learning algorithms. The goal of Batea is to allow security teams to automatically filter interesting network assets in large networks using nmap scan reports. We call those Gold Nuggets. F...

Security Bulletin: Vulnerabilities in IBM WebSphere Liberty affects IBM Waston Machine Learning Accelerator

Summary There are vulnerabilities in IBM WebSphere Liberty used by IBM Waston Machine Learning Accelerator 1.2.2, and IBM Waston Machine Learning Accelerator 2.2.0 have addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-4663 DESCRIPTION: IBM WebSphere Application Server - Liberty...

Code Injection in uber/petastorm

Description Petastorm is an open source data access library developed at Uber ATG. This library enables single machine or distributed training and evaluation of deep learning models directly from datasets in Apache Parquet format. Petastorm supports popular Python-based machine learning ML...

graduation_design

This is a Python script for a web intrusion detection system using machine learning. The script uses the scikit-learn library to implement a supervised learning approach. It collects and preprocesses normal requests and attack payloads, and uses a Support Vector Machine SVM to classify new reques...

Research & Academic

We introduce a novel machine learning approach that uses network flows to generate application-level representation of public and private cloud networks. This will greatly simplify the journey to a micro-segmented network...

How to Increase Your Security Posture with Fewer Resources

With the number of COVID-19 cases increasing, another round of attacks is looming over schools and universities as they move into holiday break and prepare for the spring semester. According to a recent article the Wall Street Journal, there have been “nearly three dozen ransomware attacks agains...

Lessons learned building supervised machine learning into DDoS Protection

Imperva’s Data Scientists trained a machine-learning model to auto-configure DDoS security policies and this blog shares some of the lessons learned along the way. Data scientists consider labeled data the gold standard and, despite having to filter out anomalies, there is an overall tendency to...

Collaborative innovation on display in Microsoft’s insider risk management strategy

The disrupted work environment, in which enterprises were forced to find new ways to enable their workforce to work remotely, changed the landscape for operations as well as security. One of the top areas of concern is managing insider risks, a complex undertaking even before the pandemic, and ev...

SoReL-20M: A Huge Dataset of 20 Million Malware Samples Released Online

Cybersecurity firms Sophos and ReversingLabs on Monday jointly released the first-ever production-scale malware research dataset to be made available to the general public that aims to build effective defenses and drive industry-wide improvements in security detection and response. "SoReL-20M"...

SoReL-20M: A Huge Dataset of 20 Million Malware Samples Released Online

Cybersecurity firms Sophos and ReversingLabs on Monday jointly released the first-ever production-scale malware research dataset to be made available to the general public that aims to build effective defenses and drive industry-wide improvements in security detection and response. "SoReL-20M"...