626 matches found
A Deepfake Deep Dive into the Murky World of Digital Imitation
About a year ago, top deepfake artist Hao Li came to a disturbing realization: Deepfakes, i.e. the technique of human-image synthesis based on artificial intelligence AI to create fake content, is rapidly evolving. In fact, Li believes that in as soon as six months, deepfake videos will be...
Blind Spots in AI Just Might Help Protect Your Privacy
Researchers have found a potential silver lining in so-called adversarial examples, using it to shield sensitive data from snoops...
New machine learning model sifts through the good to unearth the bad in evasive malware
We continuously harden machine learning protections against evasion and adversarial attacks. One of the latest innovations in our protection technology is the addition of a class of hardened malware detection machine learning models called monotonic models to Microsoft Defender ATP's Antivirus...
Addressing the Cyber Security Skills Gap, Part 1
Operating in an adversarial driven world, cyber defenders are faced with many obstacles. In effort to keep pace with our adversarial counterpart, the cyber security skills gap has become the silent oppressor. In Part 1 of this multi-part blog series we will define the implications presented by th...
Fooling Automated Surveillance Cameras with Patchwork Color Printout
Nice bit of adversarial machine learning. The image from this news article is most of what you need to know, but here's the research paper...
Adversarial Machine Learning against Tesla's Autopilot
Researchers have been able to fool Tesla's autopilot in a variety of ways, including convincing it to drive into oncoming traffic. It requires the placement of stickers on the road. Abstract: Keen Security Lab has maintained the security research work on Tesla vehicle and shared our research...
Breaking the Bank: Weakness in Financial AI Applications
Currently, threat actors possess limited access to the technology required to conduct disruptive operations against financial artificial intelligence AI systems and the risk of this targeting type remains low. However, there is a high risk of threat actors leveraging AI as part of disinformation...
RSAC 2019: The Dark Side of Machine Learning
SAN FRANCISCO – The same machine-learning algorithms that made self-driving cars and voice assistants possible can be hacked to turn a cat into guacamole or Bach symphonies into audio-based attacks against a smartphone. These are examples of “adversarial attacks” against machine learning systems...
Cybersecurity for the Public Interest
The Crypto Wars have been waging off-and-on for a quarter-century. On one side is law enforcement, which wants to be able to break encryption, to access devices and communications of terrorists and criminals. On the other are almost every cryptographer and computer security expert, repeatedly...
SANS THIR Summit Wrap Up – “We Have 15 Minutes”
Heading back to San Diego before I get on another flight 30 hours later. Lots of people say "what are you crazy? Why do that?"…to which I say: "we cannot achieve any mission without sacrifice." Going to events like the SANS Threat Hunting IR summit remind just how many dedicated people we have on...
Protecting the protector: Hardening machine learning defenses against adversarial attacks
Harnessing the power of machine learning and artificial intelligence has enabled Windows Defender Advanced Threat Protection Windows Defender ATP next-generation protection to stop new malware attacks before they can get started often within milliseconds. These predictive technologies are central...
This Week in Security News: Facebook and Feds
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Facebook’s chief security officer resigned as Facebook steps up its cybersecurity efforts. Also, Feds indicted three Ukrainians charged with...
Apply MITRE’s ‘ATT&CK’ Model to Check Your Defenses
ARCHIVED STORY Apply MITRE’s ‘ATT&CK’ Model to Check Your Defenses By Trellix · June 18, 2018 Every week we read about adversaries attacking their targets as part of online criminal campaigns. Information gathering, strategic advantage, and theft of intellectual property are some of the...
Apply MITRE’s ‘ATT&CK’ Model to Check Your Defenses
ARCHIVED STORY Apply MITRE’s ‘ATT&CK’ Model to Check Your Defenses By Trellix · June 18, 2018 Every week we read about adversaries attacking their targets as part of online criminal campaigns. Information gathering, strategic advantage, and theft of intellectual property are some of the...
Adversarial Robustness Toolbox: ART
The Adversarial Robustness Toolbox ART, an open source software library, supports both researchers and developers in defending deep neural networks against adversarial attacks, making AI systems more secure. Its purpose is to allow rapid crafting and analysis of attack and defense methods for...
The AI’ker’s Guide to the (cybersecurity) Galaxy
As a security veteran I find myself from time to time having to explain to newbies the importance of adopting a ‘hacker’s way of thinking’, and the difference between hacker’s and builder’s thinking. If you can’t think like an attacker, how are you going to build solutions to defend against them?...
Invoke-ATTACKAPI - A PowerShell Script To Interact With The MITRE ATT& CK Framework Via Its Own API
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API in order to gather information about techniques, tactics, groups, software and references provided by the MITRE ATT&CK Team @MITREattack. Goals Provide an easy way to interact with the MITRE ATT&CK Framework via its o...
Metta - An Information Security Preparedness Tool To Do Adversarial Simulation
Metta is an information security preparedness tool. This project uses Redis/Celery, python, and vagrant with virtualbox to do adversarial simulation. This allows you to test mostly your host based instrumentation but may also allow you to test any network based detection and controls depending on...
List of Adversary Emulation Tools
PenTestIT RSS Feed Every once in a while, the security industry brings forth a new buzz word and introduces terminologies that sound über cool and generate lot's of interest. One such word going around now-a-days is automated "adversary emulation". Let's first understand what this really means...
Information Security Preparedness Tool: Metta
Metta is an open-source information security preparedness tool for adversarial simulation. As an emerging concept, the industry has yet to settle on a definitive definition of adversarial simulation, but it involves simulating components of targeted attacks in order to test both an organization’s...