Secure the software development lifecycle with machine learning

Every day, software developers stare down a long list of features and bugs that need to be addressed. Security professionals try to help by using automated tools to prioritize security bugs, but too often, engineers waste time on false positives or miss a critical security vulnerability that has...

Inhale - A Malware Analysis And Classification Tool

Inhale is a malware analysis and classification tool that is capable of automating and scaling many static analysis operations. This is the beta release version, for testing purposes, feedback, and community development. Background Inhale started as a series of small scripts that I used when...

Update changes the game rating systems in Windows 7

Update changes the game rating systems in Windows 7 INTRODUCTION This article describes an update that enables the game rating systems in Windows 7 to reflect the changes to the game rating systems in Windows 8. After you install this update, the game rating systems in Windows 7 will be compliant...

CVE-2019-20634

An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails tha...

Machine learning classifiers trained via gradient descent are vulnerable to arbitrary misclassification attack

Overview Machine learning models trained using gradient descent can be forced to make arbitrary misclassifications by an attacker that can influence the items to be classified. The impact of a misclassification varies widely depending on the ML model's purpose and of what systems it is a part...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Content Classification

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Java™ Version 6 and Java™ Version 7 that is used by IBM eDiscovery Analyzer. These issues were disclosed as part of the IBM Java SDK updates in Oct 2019. Vulnerability Details CVEID: CVE-2019-2989 DESCRIPTION: An...

PT-2020-6664 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem, leading to a use-after-free condition. This issue allows unprivileged...

New Research Paper: Prevalence and impact of low-entropy packing schemes in the malware ecosystem

Detection of malware is a constant battle between the technologies designed to detect and prevent malware and the authors creating them. One common technique adversaries leverage is packing binaries. Packing an executable is similar to applying compression or encryption and can inhibit the abilit...

Приглашаем на вебинар!

Всем привет! Приглашаем Вас на презентацию новой версии Zecurion DLP 10, которая состоится в четверг 13 февраля, в 12:00 GMT+3 Регистрация: https://attendee.gotowebinar.com/register/2238015640962285325?source=rdot В течение часа технический директор Роман Васильев и заместитель генерального...

IotShark - Monitoring And Analyzing IoT Traffic

IoTShark is a IOT monitoring service that allows users to monitor their IOT devices for trends in data sent/received. Ordinarily, setting up a man in the middle attack with proper configurations can take up quite a bit of time, and may seem dauntingly impossible for those with little to no...

Command Execution Vulnerability in the Backend of the Qibo Classification Information System

Zibo classification information system is an open source content management system. A command execution vulnerability exists in the backend of Qibo Classified Information System. An attacker can exploit the vulnerability to execute commands and gain server privileges...

SQL Server 2019 Security Tool Inadvertently Reveals Where Sensitive Data is Stored

The first step in protecting your data and ensuring your database is compliant with security benchmarks and privacy regulations such as SOX, PCI, HIPAA, and GDPR is to understand what sensitive information resides in that database. Microsoft’s SQL Server 2019 introduces a new tool SQL Data...

Android Security Bulletin—December 2019Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2019-12-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the D-Link DSL-6740U gateway Rev. H1 allow remote attackers to hijack the authentication of administrators for requests that change administrator credentials or enable remote management services to 1 Custom Services in Port Forwarding, 2...

CVE-2013-6811

Multiple cross-site request forgery CSRF vulnerabilities in the D-Link DSL-6740U gateway Rev. H1 allow remote attackers to hijack the authentication of administrators for requests that change administrator credentials or enable remote management services to 1 Custom Services in Port Forwarding, 2...

Don’t Skip Data Discovery During Your Compliance Program

If your business collects customer data of any kind, it’s safe to assume you’re also aware of the multitude of new privacy and security mandates. While these regulations are an ideal driver of investment for bolstering your security programs, it’s important not to forget about one of the most...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Content Classification

Summary There are multiple vulnerabilities in IBM® SDK Java Technology Edition, Version 6 and IBM® Runtime Environment Java Version 7 used by IBM Content Classification. These issues were disclosed as part of the IBM Java SDK updates in Jul 2019. Vulnerability Details CVEID: CVE-2019-11775...

Definitive Dossier of Devilish Debug Details – Part Deux: A Didactic Deep Dive into Data Driven Deductions

In Part One of this blog series, Steve Miller outlined what PDB paths are, how they appear in malware, how we use them to detect malicious files, and how we sometimes use them to make associations about groups and actors. As Steve continued his research into PDB paths, we became interested in...

Security Bulletin: Multiple vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Jan 2017 - Includes Oracle Jan 2017 CPU affect IBM Content Classification

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Java™ Version 6 and Java™ Version 7 that is used by Content Collector for IBM Content Classification. These issues were disclosed as part of the IBM Java SDK updates in Jan 2017. Vulnerability Details CVEID:...

Security Bulletin: Open Source Apache PDFBox Vulnerabilities in IBM Content Classification

Summary Apache PDFBox could allow a remote authenticated attacker to obtain sensitive information, caused by a XML external entity XXE error when processing XML data by the XML parser. A remote attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of...