177 matches found
The science behind Microsoft Threat Protection: Attack modeling for finding and stopping evasive ransomware
The linchpin of successful cyberattacks, exemplified by nation state-level attacks and human-operated ransomware, is their ability to find the path of least resistance and progressively move across a compromised network. Determining the full scope and impact of these attacks is one the most...
Security Bulletin: IBM Watson Studio - Local allows mounting glusterFS without security check
Summary Watson Studio Local was allowing glusterFS mounting without any authorization. As long as the user had access to the same network, they could mount gluster volumes in any cluster. Internal implementation has been changed to check for permission before glusterFS mounting is allowed...
Cloudera Data Science Workbench Privilege Check Bypass Vulnerability
Cloudera Data Science Workbench CDSW is a suite of data science platforms from Cloudera. A security vulnerability exists in Cloudera CDSW versions 1.4.0 through 1.4.2. The vulnerability stems from the system not properly restricting access to resources from unauthorized roles. An attacker can...
CVE-2018-20090
An issue was discovered in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder...
CVE-2018-20090
An issue was discovered in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder...
Design/Logic Flaw
An issue was discovered in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder...
CVE-2018-20090
An issue was discovered in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. Authenticated users can bypass project permission checks and gain read-write access to any project folder...
CVE-2018-20090
CVE-2018-20090 affects Cloudera Data Science Workbench (CDSW) versions 1.4.0–1.4.2. The issue is an access-control flaw that allows authenticated users to bypass project permission checks and gain read/write access to any project folder. Root cause: improper enforcement of project-level permissio...
Building a New Language for Data Processing
Building a New Language for Data Translation In previous posts, we’ve talked about the plan for and implementation of EQR Event Query Router—a system we created to solve the problem of querying large quantities of disparate data by end-user analysts in real-time. As with any major project, we fac...
Open Sourcing StringSifter
Malware analysts routinely use the Strings program during static analysis in order to inspect a binary's printable characters. However, identifying relevant strings by hand is time consuming and prone to human error. Larger binaries produce upwards of thousands of strings that can quickly evoke...
Why is learning Python important in Data Science?
By Owais Sultan The field of data science is growing at a rapid pace, offering many job opportunities to people. If you want to enter the industry of data science, you must take a Python course. This is a post from HackRead.com Read the original post: Why is learning Python important in Data...
HELK - The Hunting ELK
The Hunting ELK or simply the HELK is one of the first open source hunt platforms with advanced analytics capabilities such as SQL declarative language, graphing, structured streaming, and even machine learning via Jupyter notebooks and Apache Spark over an ELK stack. This project was developed...
Cloudera Data Science Workbench Code Execution Vulnerability
Cloudera Data Science Workbench CDSW is a suite of data science platforms from Cloudera. The platform provides organizations with fast, easy and secure self-service data science support. A security vulnerability exists in Cloudera CDSW 1.3.0 and prior versions. An attacker could exploit the...
CVE-2018-11215
Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors...
CVE-2018-11215
Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors...
Remote code execution
Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors...
CVE-2018-11215
CVE-2018-11215 concerns Cloudera Data Science Workbench (CDSW) versions 1.3.0 and earlier. The connected records consistently state a remote code execution vulnerability in CDSW, caused by unspecified attack vectors. The sources do not disclose the exact root cause, affected software components b...
CVE-2018-11215
Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors...
Cloudera Data Science Workbench Information Disclosure Vulnerability
Cloudera Data Science Workbench CDSW is a suite of data science platforms from Cloudera. The platform provides organizations with fast, easy and secure self-service data science support. An information disclosure vulnerability exists in CDSW versions 1.2.x through 1.4.0. The vulnerability stems...
CVE-2018-15665
An issue was discovered in Cloudera Data Science Workbench CDSW 1.2.x through 1.4.0. Unauthenticated users can get a list of user accounts...