Aggregator

Beware of the Shadowbunny - Using virtual machines to persist and evade detections

Embrace The Red
5 years 3 months ago

This was also presented at BSides Singapore 2020. The slides are here and YouTube link is here.

The origins of the Shadowbunny

A few years ago, around 2016, I went on a relaxing two weeklong vacation. It was great to disconnect from work. I traveled to Austria, enjoying hiking in the mountains, and exploring Vienna.

When I came back to the office, the team had placed a giant bunny teddy into my chair. In retrospect, it seemed a legitimate replacement for the manager, as hardly anyone seemed to have noticed my absence.

JWT: A How Not to Guide

F5 Labs
5 years 3 months ago
JWT brings performance to identity assertion and is being widely adopted, but it’s also garnering the attention of cybercriminals.

JWT: A How Not to Guide

F5 Labs
5 years 3 months ago
JWT brings performance to identity assertion and is being widely adopted, but it’s also garnering the attention of cybercriminals.

开源信息收集周报#58

情报小蜜蜂
5 years 3 months ago
本报告部分引自Week in OSINT栏目,每周推荐好玩实用的工具,站点,技巧,文章等,适用于任何领域的研究人员,分析测试人员。

开源信息收集周报#58

情报小蜜蜂
5 years 3 months ago
本报告部分引自Week in OSINT栏目,每周推荐好玩实用的工具,站点,技巧,文章等,适用于任何领域的研究人员,分析测试人员。

Participating in the Microsoft Machine Learning Security Evasion Competition - Bypassing malware models by signing binaries

Embrace The Red
5 years 3 months ago

This year one of my goals was to learn about machine learning and artificial intelligence.

I wrote about my journey before - including what classes I took and books I read, the models and systems I built and operationalized, threat modeling it to learn about practical attacks and defenses. My goal is to be knowledge enough in the AI/ML space enough to be able to help bridge the gap between research and operational red teaming - by doing practical things with life systems.

Smart DNS for the New Network Edge

The Akamai Blog
5 years 3 months ago
People depend on the internet for just about everything: interacting, learning, transacting, traveling, working, and more. At the same time, the wireless evolution to 4G -- and soon 5G and Wi-Fi everywhere -- has given birth to an era of connected cars, smart sensors, and a multitude of other "things" that are growing rapidly and expanding in utility and scope. Leading network providers see new market opportunities with new business models to monetize new services that combine networks and commerce, including:
Bruce Van Nice

New and improved Security Update Guide!

Microsoft Update Tuesday
5 years 3 months ago
We’re excited to announce a significant update to the Security Update Guide, our one-stop site for information about all security updates provided by Microsoft. This new version will provide a more intuitive user experience to help protect our customers regardless of what Microsoft products or services they use in their environment.

How to Start Growing and Never Stop

The Akamai Blog
5 years 3 months ago
My heritage is Sri Lankan. But, at the age of 15 I moved to France as a refugee, fleeing a civil war. Starting a new life from scratch in France, without speaking French, was certainly an interesting journey. But I was lucky enough to have support from my parents. They lived by the mantra of "when there's a will, there's a way". And that helped get me into the French education system, where I completed high school and University, before moving to the UK to start my professional career in IT.
Akamai

Machine Learning Attack Series: Backdooring models

Embrace The Red
5 years 3 months ago

This post is part of a series about machine learning and artificial intelligence. Click on the blog tag “huskyai” to see related posts.

  • Overview: How Husky AI was built, threat modeled and operationalized
  • Attacks: The attacks I want to investigate, learn about, and try out
  • Mitigations: Ways to prevent and detect the backdooring threat

During threat modeling we identified that an adversary might tamper with model files. From a technical point of view this means an adversary gained access to the model file used in production and is able overwrite it.

腾讯代码安全检查Xcheck

腾讯代码安全检查Xcheck
5 years 3 months ago
Xcheck是一个由腾讯公司CSIG质量部代码安全检查团队自研的静态应用安全测试(SAST,Static application security testing)工具,致力于挖掘代码中隐藏的安全风险,提升代码安全质量。

腾讯代码安全检查Xcheck

腾讯代码安全检查Xcheck
5 years 3 months ago
Xcheck是一个由腾讯公司CSIG质量部代码安全检查团队自研的静态应用安全测试(SAST,Static application security testing)工具,致力于挖掘代码中隐藏的安全风险,提升代码安全质量。

腾讯代码安全检查Xcheck

腾讯代码安全检查Xcheck
5 years 3 months ago
Xcheck是一个由腾讯公司CSIG质量部代码安全检查团队自研的静态应用安全测试(SAST,Static application security testing)工具,致力于挖掘代码中隐藏的安全风险,提升代码安全质量。

Machine Learning Attack Series: Perturbations to misclassify existing images

Embrace The Red
5 years 3 months ago

This post is part of a series about machine learning and artificial intelligence. Click on the blog tag “huskyai” to see related posts.

  • Overview: How Husky AI was built, threat modeled and operationalized
  • Attacks: The attacks I want to investigate, learn about, and try out

The previous post covered some neat smart fuzzing techniques to improve generation of fake husky images.

The goal of this post is to take an existing image of the plush bunny below, modify it and have the model identify it as a husky.

Managed ad