Picklescan is missing detection when calling built-in python ensurepip._run_pip

Summary Using ensurepip.runpip function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to ensurepip.runpip function in reduce method Then when the victim after...

AI Industry is Trying to Subvert the Definition of “Open Source AI”

The Open Source Initiative has published news article here its definition of "open source AI," and it's terrible. It allows for secret training data and mechanisms. It allows for development to be done in secret. Since for a neural network, the training data is the source code--it's how the model...

New Attack Technique 'Sleepy Pickle' Targets Machine Learning Models

The security risks posed by the Pickle format have once again come to the fore with the discovery of a new "hybrid machine learning ML model exploitation technique" dubbed Sleepy Pickle. The attack method, per Trail of Bits, weaponizes the ubiquitous format used to package and distribute machine...

SharpML - Machine Learning Network Share Password Hunting Toolkit

SharpML is a proof of concept file share data mining tool using Machine Learning in Python and C. The tool is discussed in more detail on our blog here, but is summarised below also: SharpML is C and Python based tool that performs a number of operations with a view to mining file shares, queryin...

Avoid Alert Fatigue: How to Automatically Get Rid of WAF False Positive

Alert fatigue - introducing false positives in WAF All WAF experts know what it’s like handling massive amounts of alerts. They’re also very likely wasting a lot of time fishing false positives out of all these alerts. The WAF’s purpose is to block attacks and let legitimate traffic through. Fals...