Daily NCSC-FI news followup 2019-09-14

Using Docker to Do Machine Learning at Scale

www.crowdstrike.com/blog/using-docker-to-do-machine-learning-at-scale/ One key building block we use for scaling our machine learning models at CrowdStrike® is Docker containers. Docker containers let us construct application environments with all the dependencies, tools and security our teams need in an easy to maintain pipeline. This ensures that everyone on the team is working on the exact same platform environment during development, data collection, feature extraction and training all the way to production. How

Sophos open-sources Sandboxie, an utility for sandboxing any application

www.zdnet.com/article/sophos-open-sources-sandboxie-an-utility-for-sandboxing-any-application/ UK cyber-security firm announced this week plans to open-source the Sandboxie project, a Windows utility that lets users run any application inside a secure sandbox.

LNK: A perfect vector for living-off-the-land attacks

medium.com/threat-intel/lnk-files-living-off-the-land-11c1e2218dc2 When carrying out a living off the land style attack, an attacker needs a way to execute at least one command or script on the target machine to kick off a string of follow-on activities. The initial step could be achieved using numerous techniques such as using a macro enabled document, a SMB vulnerability exploit, an RDP connection with brute forced access, or they could just use an LNK file that tricks the user into opening it, which then leads to

You might be interested in …

Daily NCSC-FI news followup 2020-11-13

Sote-alalla on huolta siitä, miten pienet yritykset kestävät tietoturvan parantamisen kustannukset — valtiolta toivotaan tukea yle.fi/uutiset/3-11646290 Hanna-Maija Kause sanoo, että tietoturvajärjestelmiin fokusoimisen lisäksi vähintään yhtä tärkeää on kehittää tietoturvakulttuuria. “Se tarkoittaa sitä, että tarvitaan enemmän koulutusta turvallisista tietosuojakäytännöistä ja tietosuojakulttuurista, joka kaikissa organisaatioissa on.” Australian government warns of possible ransomware attacks on health sector www.zdnet.com/article/australian-government-warns-of-possible-ransomware-attacks-on-health-sector/#ftag=RSSbaffb68 […]

Read More

Daily NCSC-FI news followup 2020-11-12

Two New Chrome 0-Days Under Active Attacks Update Your Browser thehackernews.com/2020/11/two-new-chrome-0-days-under-active.html Google has patched two more zero-day flaws in the Chrome web browser for desktop, making it the fourth and fifth actively exploited vulnerabilities addressed by the search giant in recent weeks. Lisäksi: chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html. Lisäksi: www.zdnet.com/article/google-patches-two-more-chrome-zero-days/. Lisäksi: us-cert.cisa.gov/ncas/current-activity/2020/11/12/google-releases-security-updates-chrome. Lisäksi: threatpost.com/2-zero-day-bugs-google-chrome/161160/ DNS cache poisoning, the Internet […]

Read More

Daily NCSC-FI news followup 2019-06-20

Waterbug: Espionage Group Rolls Out Brand-New Toolset in Attacks Against Governments www.symantec.com/blogs/threat-intelligence/waterbug-espionage-governments Waterbug may have hijacked a separate espionage groups infrastructure during one attack against a Middle Eastern target.. The Waterbug espionage group (aka Turla) has continued to attack governments and international organizations over the past eighteen months in a series of campaigns that have […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.