Security Bulletin: vulnerabilities in Nimbus JOSE+JWT affect IBM Watson Machine Learning Accelerator 1.2.1

Summary Vulnerabilities existing in the Nimbus JOSE+JWT version used by IBM Watson Machine Learning Accelerator 1.2.1. An interim fix that provides instructions on upgrading the Nimbus JOSE+JWT package to version 7.9 which resolves these vulnerabilities, are available on IBM Fix Central...

VMware Carbon Black First to Block Hidden Malicious Commands in Obfuscated Scripts

For a long time now, our Threat Analysts have flagged the growing threat of script-based attacks, especially from Microsoft PowerShell and Windows Management Interface script commands, and their ability to escape notice in many antivirus solutions. Increasingly, these types of attacks have become...

Microsoft Security: How to cultivate a diverse cybersecurity team

Boost creative problem solving with a diverse cybersecurity team In cybersecurity, whether we are talking about cryptocurrency mining, supply chain attacks, attacks against IoT, or COVID-19-related phishing lures, we know that gaining the advantage over our adversaries requires greater diversity ...

Stopping Active Directory attacks and other post-exploitation behavior with AMSI and machine learning

When attackers successfully breach a target network, their typical next step is to perform reconnaissance of the network, elevate their privileges, and move laterally to reach specific machines or spread as widely as possible. For these activities, attackers often probe the affected network’s...

Dopple-Ganging Up on Facial Recognition

ARCHIVED STORY Dopple-ganging up on Facial Recognition Systems By Steve Povolny · August 25, 2020 Co-authored with Jesse Chick, OSU Senior and Former McAfee Intern, Primary Researcher. Special thanks to Dr. Catherine Huang, McAfee Advanced Analytics Team Special thanks to Kyle Baldes, Former McAf...

Repurposing Neural Networks to Generate Synthetic Media for Information Operations

FireEye’s Data Science and Information Operations Analysis teams released this blog post to coincide with our Black Hat USA 2020 Briefing, which details how open source, pre-trained neural networks can be leveraged to generate synthetic media for malicious purposes. To summarize our presentation,...

Security Bulletin: Watson Machine Learning Service is impacted by security vulnerabilities in OpenJDK 11

Summary Security vulnerabilities in OpenJDK impacts Watson Machine Learning Service. These vulnerabilities are now addressed. Vulnerability Details CVEID: CVE-2019-2964 DESCRIPTION: An unspecified vulnerability in Java SE related to the Concurrency component could allow an unauthenticated attacke...

Learn Machine Learning and AI – Online Training Program @ 93% OFF

Within the next decade, artificial intelligence is likely to play a significant role in our everyday lives. Machine learning already powers image recognition, self-driving cars, and Netflix recommendations. For any aspiring developer, learning how to code smart software is a good move. These skil...

Learn Machine Learning and AI – Online Training Program @ 93% OFF

Within the next decade, artificial intelligence is likely to play a significant role in our everyday lives. Machine learning already powers image recognition, self-driving cars, and Netflix recommendations. For any aspiring developer, learning how to code smart software is a good move. These skil...

Afternoon Cyber Tea: Peak, Plateau, or Plummet? Cyber security trends that are here to stay and how to detect and recover from ransomware attacks

The rapidity of change in the cyberthreat landscape can be daunting for today’s cyber defense teams. Just as they perfect the ability to block one attack method, adversaries change their approach. Tools like artificial intelligence and machine learning allow us to pivot quickly, however, knowing...

Seeing the big picture: Deep learning-based fusion of behavior signals for threat detection

The application of deep learning and other machine learning methods to threat detection on endpoints, email and docs, apps, and identities drives a significant piece of the coordinated defense delivered by Microsoft Threat Protection. Within each domain as well as across domains, machine learning...

Adversarial Machine Learning and the CFAA

I just co-authored a paper on the legal risks of doing machine learning research, given the current state of the Computer Fraud and Abuse Act: Abstract: Adversarial Machine Learning is booming with ML researchers increasingly targeting commercial ML systems such as those used in Facebook, Tesla,...

Security Bulletin: WML CE: TensorFlow: In SQLite before 3.32.3, select.c mishandles query-flattener optimization

Summary In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. TensorFlow in WML CE uses SQLite as its embedded SQL database engine. Vulnerability Details CVEID:...

Security Bulletin: WML CE Scikit-learn vulnerable to irresponsible usage

Summary WML containers include scikit-learn. Scikit-learn includes joblib and pickle to cache and load models. Pickle and joblib by extension, has some issues regarding maintainability and security. Because of this, usage of the joblib.load function in scikit-learn must be done in a responsible...

Security Bulletin: WML CE: Pillow before 7.1.0 has multiple out-of-bounds reads

Summary Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c. PyTorch and TensorFlow use Pillow. Vulnerability Details CVEID: CVE-2020-10177 DESCRIPTION: Pillow could allow a remote attacker to obtain sensitive information, caused by multiple out-of-bounds reads in...

Security Bulletin: WML CE: TensorBoard: Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack.

Summary Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. TensorBoard uses lodash. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the...

Security Bulletin: WML CE: libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read

Summary libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in getrgbrow in rdppm.c via a malformed PPM input file. Vulnerability Details CVEID: CVE-2020-13790 DESCRIPTION: Libjpeg-turbo is vulnerable to a denial of service, caused by heap-based buffer over-read in getrgbrow...

Cato MDR: Managed Threat Detection and Response Made Easy

Lately, we can't help noticing an endless cycle where the more enterprises invest in threat prevention; the more hackers adapt and continue to penetrate enterprises. To make things worse, detecting these penetrations still takes too long with an average dwell time that exceeds 100 ! days. To keep...

Experts Denounce Racial Bias of Crime-Predictive Facial-Recognition AI

More than 1,000 technology experts and academics from organizations such as MIT, Microsoft, Harvard and Google have signed an open letter denouncing a forthcoming paper describing artificial intelligence AI algorithms that can predict crime based only on a person’s face, calling it out for...

Modernizing the security operations center to better secure a remote workforce

The response to COVID-19 has required many security operations centers SOCs to rethink how they protect their organizations. With so many employees working remotely, IT groups are routing more traffic directly to cloud apps, rather than through the network. In this model, traditional network...