Clustering App Attacks with Machine Learning Part 2: Calculating Distance

In our previous post in this series we discussed our motivation to cluster attacks on apps, the data we used and how we enriched it by extracting more meaningful features out of the raw data. We talked about the many features that can be extracted from IP and URL. In this blog post we’ll discuss...

Machine learning vs. social engineering

Machine learning is a key driver in the constant evolution of security technologies at Microsoft. Machine learning allows Microsoft 365 to scale next-gen protection capabilities and enhance cloud-based, real-time blocking of new and unknown threats. Just in the last few months, machine learning h...

Clustering App Attacks with Machine Learning Part 1: A Walk Outside the Lab

A lot of research has been done on clustering attacks of different types using machine learning algorithms with high rates of success. Much of it from the comfort of a research lab, with specific datasets and no performance limitations. At Imperva, our research is done for the benefit of real...

Reverse Engineering the Analyst: Building Machine Learning Models for the SOC

Many cyber incidents can be traced back to an original alert that was either missed or ignored by the Security Operations Center SOC or Incident Response IR team. While most analysts and SOCs are vigilant and responsive, the fact is they are often overwhelmed with alerts. If a SOC is unable to...

Automatic Machine Learning Penetration Test Tool: Deep Exploit

DeepExploit is fully automated penetration tool linked with Metasploit. It identifies the status of all opened ports on the target server and executes the exploit at pinpoint using Machine Learning. DeepExploit consists of the machine learning model A3C and Metasploit . The A3C executes exploit t...

Adversarial Robustness Toolbox: ART

The Adversarial Robustness Toolbox ART, an open source software library, supports both researchers and developers in defending deep neural networks against adversarial attacks, making AI systems more secure. Its purpose is to allow rapid crafting and analysis of attack and defense methods for...

A week in security (May 21 – May 27)

Last week we told you about a Mac cryptominer using XMRig, an overview of Dreamcast related scams, part 1 of decoding Emotet, and what to do about bad coding habits that die hard. We also published the results of our second CrackMe contest. Other news How a pioneer of machine learning became one ...

GyoiThon - A Growing Penetration Test Tool Using Machine Learning

GyoiThon is a growing penetration test tool using Machine Learning. GyoiThon identifies the software installed on web server OS, Middleware, Framework, CMS, etc... based on the learning data. After that, it executes valid exploits for the identified software using Metasploit. Finally, it generate...

Sit-down with Wallarm CTO, Alex Golovko

I have had a chance to pose a few questions to Alexander Golovko, one of the co-founders of Wallarm and our CTO. Here are Alex’s reflections on Wallarm and some technology trends. How did Wallarm get its start? Ivan Wallarm’s founder has involved me in various projects on and off since 2010. By...

Healthcare IT Leaders Most Concerned about Ransomware and Insider Threats: Survey

Just over a year ago, the WannaCry ransomware attack wreaked havoc on the UK National Health Service NHS, ultimately disrupting a third of its facilities and causing a rash of canceled appointments and operations. Breaches are always a concern in healthcare, but this incident brought to light its...

A week in security (May 14 – May 20)

Last week, we looked at the deluge of incoming policies caused by GDPR, tackled Adobe Reader zero days, and ran through some iPhone security tips. We also caught some helpline scammers in the act, explored advergaming, got our Senate Bill game face on, and deep dived into Drupal vulnerabilities...

Learn How Trillions of DNS Requests Help Improve Security

Akamai's global platform is comprised of 240,000 servers in 3,750 locations within 134 countries. Additionally, our platform interacts with 1.3 billion client devices every day and we ingest 2.5 exabytes of data a year. So why are these stats important? The answer is that this visibility provides...

Enhancing Office 365 Advanced Threat Protection with detonation-based heuristics and machine learning

Email, coupled with reliable social engineering techniques, continues to be one of the primary entry points for credential phishing, targeted attacks, and commodity malware like ransomware and, increasingly in the last few months, cryptocurrency miners. Office 365 Advanced Threat Protection ATP...

Securing the modern workplace with Microsoft 365 threat protection – part 1

This post is authored by Debraj Ghosh, Senior Product Marketing Manager, Microsoft 365 Security. The roots of Microsoft 365 threat protection Over the next few weeks, well introduce you to Microsoft 365s threat protection services and demonstrate how Microsoft 365s threat protection leverages...

Teaming up in the war on tech support scams

Editors note: Erik Wahlstrom spoke about the far-reaching impact of tech support scams and the need for industry-wide cooperation in his RSA Conference 2018 talk Tech Scams: Its Time to Release the Hounds. Social engineering attacks like tech support scams are so common because theyre so effectiv...

Facebook Plans to Build Its Own Chips For Hardware Devices

A new job opening post on Facebook suggests that the social network is forming a team to build its own hardware chips, joining other tech titans like Google, Apple, and Amazon in becoming more self-reliant. According to the post, Facebook is looking for an expert in ASIC and FPGA—two custom silic...

Facebook Plans to Build Its Own Chips For Hardware Devices

A new job opening post on Facebook suggests that the social network is forming a team to build its own hardware chips, joining other tech titans like Google, Apple, and Amazon in becoming more self-reliant. According to the post, Facebook is looking for an expert in ASIC and FPGA—two custom silic...

Elastic Stack 6.2.4 and 5.6.9 security update

X-Pack Machine Learning XSS vulnerability ESA-2018-06 X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a cross-site scripting XSS vulnerability. Users with manageml permissions could create jobs containing malicious data as part of their configuration that could allow the attacker to...

Trojanized BitTorrent Software Update Hijacked 400,000 PCs Last Week

A massive malware outbreak that last week infected nearly half a million computers with cryptocurrency mining malware in just a few hours was caused by a backdoored version of popular BitTorrent client called MediaGet. Dubbed Dofoil also known as Smoke Loader, the malware was found dropping a...

How artificial intelligence and machine learning will impact cybersecurity

Artificial intelligence AI and machine learning ML are hot topics in technology. New use cases and applications are discussed daily—from search results recommendations to smart cars. But what are cybersecurity organizations doing with this tech? What does it take to render additional security out...