334 matches found
Algorithms, Alerts, and Akamai Threat Intelligence
Let me start by posing a question: If in one week security solution A produces 120 alerts and security solution B produces 45 alerts, which solution is providing you with more effective protection? The answer is: It depends. On the face of it, solution A appears to be more effective because it's...
A Deep Learning Approach for Password Guessing: PassGAN
State-of-the-art password guessing tools, such as HashCat and John the Ripper JTR, enable users to check billions of passwords per second against password hashes. In addition to straightforward dictionary attacks, these tools can expand dictionaries using password generation rules. Although these...
What to expect for this year's Black Friday and Cyber Monday
Last year during holidays, US online sales surpassed $122 billion. This represented a 12 percent increase over the previous year. But beyond the overall growth, what's more interesting is that sales at physical stores dropped by 10 percent, the result of ongoing consumer comfort with and adoption...
InfoSec Pros Must Fasten Their Seatbelts for Digital Transformation Ride
The IT industry has gone through multiple revolutions – client-server computing, the Internet’s rise, virtualization, mobility – but none rivals the unprecedented impact of today’s digital transformation. The implications for InfoSec professionals are broad, requiring that they adapt quickly to t...
Dangerous liaisons
It seems just about everyone has written about the dangers of online dating, from psychology magazines to crime chronicles. But there is one less obvious threat not related to hooking up with strangers – and that is the mobile apps used to facilitate the process. We're talking here about...
Partner Perspectives: Operationalizing Data With the Carbon Black and Splunk Integration (Part 1)
Editor's Note: this blog originally appeared on RedCanary.com Over the last 5 years I have grown very close to Splunk. The product has evolved so much over the years, but the core architecture has always been easy to deploy and understand. Splunk is known for the speed at which it can search for...
Deep-Learning PassGAN Tool Improves Password Guessing
Artificial intelligence and deep learning are creeping into information security, and one of the early applications of those approaches has emerged and is focused on passwords. Researchers from the Stevens Institute of Technology and the New York Institute of Technology have recently published so...
'sysObjectID' Response Detection
Binary data 700173.prm...
Akamai Is Named A Leader In Gartner's Magic Quadrant For Web Application Firewalls
"Don't work for recognition, but do work worthy of recognition" - H. Jackson Brown. A friend sent this quote to me after I explained to her my ambivalence about being recognized by Gartner as a "Leader" in their Web Application Firewall Magic Quadrant. I had mixed feelings because I wanted to...
[SECURITY] Fedora 26 Update: pspp-0.10.2-5.fc26
PSPP is a program for statistical analysis of sampled data. It interprets commands in the SPSS language and produces tabular output in ASCII, PostScript, or HTML format. PSPP development is ongoing. It already supports a large subset of SPSS's transformation language. Its statistical procedure...
CyberChef - The Cyber Swiss Army Knife [A Web App For Encryption, Encoding, Compression And Data Analysis]
The Cyber Swiss Army Knife CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression an...
Design/Logic Flaw
DISPUTED An issue was discovered in SMA Solar Technology products. An attacker can change the plant time even when not authenticated in any way. This changes the system time, possibly affecting lockout policies and random-number generators based on timestamps, and makes timestamps for data analys...
CVE-2017-9864
An issue was discovered in SMA Solar Technology products. An attacker can change the plant time even when not authenticated in any way. This changes the system time, possibly affecting lockout policies and random-number generators based on timestamps, and makes timestamps for data analysis...
CVE-2017-9864
An issue was discovered in SMA Solar Technology products. An attacker can change the plant time even when not authenticated in any way. This changes the system time, possibly affecting lockout policies and random-number generators based on timestamps, and makes timestamps for data analysis...
Faraday v2.6 - Collaborative Penetration Test and Vulnerability Management Platform
Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time , letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time...
Clustering and Dimensionality Reduction: Understanding the “Magic” Behind Machine Learning
These days we hear about machine learning and artificial intelligence AI in all aspects of life. We see machines that learn and imitate the human brain in order to automate human processes. There are autonomous cars that learn the road conditions to drive, personal assistants we can converse with...
OT Device Detection
Binary data 7276.pasl...
5 Ways to Use Log Data to Analyze System Performance
Analyzing System Performance Using Log Data Recently we examined some of the most common behaviors that our community of 25,000 users looked for in their logs, with a particular focus on web server logs. In fact, our research identified the top 15 web server tags and alerts created by our...
Data vs. Analysis in Counterterrorism
This article argues that Britain's counterterrorism problem isn't lack of data, it's lack of analysis...
Faraday v2.5 - Collaborative Penetration Test and Vulnerability Management Platform
Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time...