Daily NCSC-FI news followup 2019-09-14

Using Docker to Do Machine Learning at Scale

www.crowdstrike.com/blog/using-docker-to-do-machine-learning-at-scale/ One key building block we use for scaling our machine learning models at CrowdStrike® is Docker containers. Docker containers let us construct application environments with all the dependencies, tools and security our teams need in an easy to maintain pipeline. This ensures that everyone on the team is working on the exact same platform environment during development, data collection, feature extraction and training all the way to production. How

Sophos open-sources Sandboxie, an utility for sandboxing any application

www.zdnet.com/article/sophos-open-sources-sandboxie-an-utility-for-sandboxing-any-application/ UK cyber-security firm announced this week plans to open-source the Sandboxie project, a Windows utility that lets users run any application inside a secure sandbox.

LNK: A perfect vector for living-off-the-land attacks

medium.com/threat-intel/lnk-files-living-off-the-land-11c1e2218dc2 When carrying out a living off the land style attack, an attacker needs a way to execute at least one command or script on the target machine to kick off a string of follow-on activities. The initial step could be achieved using numerous techniques such as using a macro enabled document, a SMB vulnerability exploit, an RDP connection with brute forced access, or they could just use an LNK file that tricks the user into opening it, which then leads to

You might be interested in …

Daily NCSC-FI news followup 2021-02-21

Experian challenged over massive data leak in Brazil www.zdnet.com/article/experian-challenged-over-massive-data-leak-in-brazil Consumer rights body criticizes explanations from the credit bureau in relation to the data exposure of over 220 million citizens. After receiving feedback from Experian over a massive data leak in Brazil, São Paulo state consumer rights foundation Procon described the company’s explanations as “insufficient” and […]

Read More

Daily NCSC-FI news followup 2019-11-10

Tällaisilla viesteillä suomalaisilta yrityksiltä kalastellaan rahaa katso, olisitko itse haksahtanut yle.fi/uutiset/3-11026269?origin=rss Tässä jutussa näet esimerkkejä aidoista työpaikoille tulevista huijausviesteistä. The state of JavaScript frameworks security report 2019 snyk.io/wp-content/uploads/snyk-javascript_report_2019.pdf A security review of Angular and React with a sneak peek into Vue.js, Bootstrap and jQuery. Also www.i-programmer.info/news/167-javascript/13232-the-perils-of-jquery.html. ” Although the JavaScript library jQuery is no longer […]

Read More

Daily NCSC-FI news followup 2020-07-19

WSJ: Yhdysvaltalaistutkijat jäljittivät matkapuhelinten signaaleja lähellä venäläisiä sotilaskohteita yle.fi/uutiset/3-11455540 Kaupallisesti saatavilla olevaa paikannustietoa käytetään yhä enemmän myös valtiollisessa tiedustelussa. Amerikkalainen tutkijaryhmä Mississippin yliopistosta seurasi viime vuonna matkapuhelinten signaaleja lähellä Venäjän sotilasalueita, Wall Street Journal uutisoi. Lue myös: www.wsj.com/articles/academic-project-used-marketing-data-to-monitor-russian-military-sites-11595073601 iOS 13.6: Apple Just Gave iPhone Users 29 Security Reasons To Update Now www.forbes.com/sites/kateoflahertyuk/2020/07/19/ios-136-apple-just-gave-iphone-users-29-security-reasons-to-update-now/ Apple’s iOS 13.6 […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.