Partner Perspectives: Creating Your Own Threat Hunting Army

Idan Bellayev is the head of security research for empow. Cyber intelligence is one of the strongest tools that can be used to combat a potential attacker. Accessing the information needed to build cyber intelligence from a reliable source is typically difficult and very expensive - but it doesn’...

This Week in Security News: Facebook and Faxploits

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Facebook removed 652 fake accounts originating from Russia and Iran. Also, Microsoft identified and removed fake internet domains that...

Security and Artificial Intelligence: Hype vs. Reality

While artificial intelligence and machine learning are far from new, many in security suddenly believe these technologies will transform their business and enable them to detect every cyber threat that comes their way. But instead, the hype may create more problems than it solves. Recently,...

AI and Machine Learning: Boosting Compliance and Preventing Spam

Some of the most advanced strategies in the current technology and analytics spaces include artificial intelligence and machine learning. These innovative approaches can hold nearly endless possibilities for technological applications: from the ability to eliminate manual work and enable software...

Subdomain Enumeration Tool: Amass

Amass is the subdomain enumeration tool with the greatest number of disparate data sources that performs analysis of the resolved names in order to deliver the largest number of quality results. Amass performs scraping of data sources, recursive brute forcing, crawling of web archives, permuting...

James Mickens on the Current State of Computer Security

James Mickens gave an excellent keynote at the USENIX Security Conference last week, talking about the social aspects of security -- racism, sexism, etc. -- and the problems with machine learning and the Internet. Worth watching...

Identifying Programmers by their Coding Style

Fascinating research de-anonymizing code -- from either source code or compiled code: Rachel Greenstadt, an associate professor of computer science at Drexel University, and Aylin Caliskan, Greenstadt's former PhD student and now an assistant professor at George Washington University, have found...

Black Hat 2018: Voice Authentication is Broken, Researchers Say

LAS VEGAS – We live in a world increasingly dominated by voice-enabled smart digital assistants. More and more we rely on Amazon’s Alexa to tell us if we have any new messages. We ask Google Home smart speakers to remind us of calendar appointments. Some banks even allow users to use their voice ...

This Week in Security News: Hijacks and Healthcare

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Singapore looks into the effectiveness of virtual browsers in an attempt to reduce cyberattacks on healthcare systems. Also, cybercriminals...

Protecting the protector: Hardening machine learning defenses against adversarial attacks

Harnessing the power of machine learning and artificial intelligence has enabled Windows Defender Advanced Threat Protection Windows Defender ATP next-generation protection to stop new malware attacks before they can get started often within milliseconds. These predictive technologies are central...

Detecting Phishing Sites with Machine Learning

Really interesting article: A trained eye or even a not-so-trained one can discern when something phishy is going on with a domain or subdomain name. There are search tools, such as Censys.io, that allow humans to specifically search through the massive pile of certificate log entries for sites...

Podcast: enSilo CEO on Black Hat USA 2018 Trends

Las Vegas – Threatpost’s Lindsey O’Donnell sits down with enSilo CEO Roy Katmor to talk about the top trends that we are seeing this week at Black Hat USA 2018 – from machine learning to connected-car security. Download here:...

Protecting the modern workplace from a wide range of undesirable software

Security is a fundamental component of the trusted and productive Windows experience that we deliver to customers through modern platforms like Windows 10 and Windows 10 in S mode. As we build intelligent security technologies that protect the modern workplace, we aim to always ensure that...

ThreatList: Financial Services Firms Lag in Patching Habits

Almost half 45 percent of financial services firms in a recent survey have reported a data breach in the last two years – with many of those attacks being completely avoidable if known vulnerabilities were patched. In a Ponemon Institute survey of nearly 3,000 cybersecurity professionals at...

Identifying People by Metadata

Interesting research: "You are your Metadata: Identification and Obfuscation of Social Media Users using Metadata Information," by Beatrice Perez, Mirco Musolesi, and Gianluca Stringhini. Abstract: Metadata are associated to most of the information we produce in our daily interactions and...

This Week in Security News: Scams and Security Risks

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the EU and Japan finalized an agreement enabling the cross-border transfer of data. Also, businesses are turning to machine learning to comb...

What’s the real value—and danger—of smart assistants?

You've heard them called virtual assistants, digital personal assistants, voice assistants, or smart assistants. Operated by artificial intelligence, technologies such as Siri, Alexa, Google Assistant, and Cortana have become ubiquitous in our culture. But what exactly do they do? And how serious...

How To Leverage Data Access Analytics for Effective Breach Detection

Detecting and preventing data breaches is a challenge for most, if not all, enterprises. In fact, according to a study released in 2017, 78% of all CISOs are concerned that data breaches go undetected, while only 19% admit they are effective at breach prevention. Simply put, breaches happen almos...

Android Gets New Anti-Spoofing Feature to Make Biometric Authentication Secure

Google just announced its plan to introduce a new anti-spoofing feature for its Android operating system that makes its biometric authentication mechanisms more secure than ever. Biometric authentications, like the fingerprint, IRIS, or face recognition technologies, smoothen the process of...

Clustering App Attacks with Machine Learning Part 2: Calculating Distance

In our previous post in this series we discussed our motivation to cluster attacks on apps, the data we used and how we enriched it by extracting more meaningful features out of the raw data. We talked about the many features that can be extracted from IP and URL. In this blog post we’ll discuss...