Daily NCSC-FI news followup 2019-09-14

Using Docker to Do Machine Learning at Scale

www.crowdstrike.com/blog/using-docker-to-do-machine-learning-at-scale/ One key building block we use for scaling our machine learning models at CrowdStrike® is Docker containers. Docker containers let us construct application environments with all the dependencies, tools and security our teams need in an easy to maintain pipeline. This ensures that everyone on the team is working on the exact same platform environment during development, data collection, feature extraction and training all the way to production. How

Sophos open-sources Sandboxie, an utility for sandboxing any application

www.zdnet.com/article/sophos-open-sources-sandboxie-an-utility-for-sandboxing-any-application/ UK cyber-security firm announced this week plans to open-source the Sandboxie project, a Windows utility that lets users run any application inside a secure sandbox.

LNK: A perfect vector for living-off-the-land attacks

medium.com/threat-intel/lnk-files-living-off-the-land-11c1e2218dc2 When carrying out a living off the land style attack, an attacker needs a way to execute at least one command or script on the target machine to kick off a string of follow-on activities. The initial step could be achieved using numerous techniques such as using a macro enabled document, a SMB vulnerability exploit, an RDP connection with brute forced access, or they could just use an LNK file that tricks the user into opening it, which then leads to

You might be interested in …

Daily NCSC-FI news followup 2020-04-20

Taiwan High-Tech Ecosystem Targeted by Foreign APT Group: medium.com/@cycraft_corp/taiwan-high-tech-ecosystem-targeted-by-foreign-apt-group-5473d2ad8730 – From what we found even those who use VPNs are at risk even more so than usual. Read below to see how and what to do about it. The main objective of these attacks was the exfiltration of intellectual property, such as documents on integrated […]

Read More

Daily NCSC-FI news followup 2020-10-04

Ttint is a new form of IoT botnet that also includes remote access tools-like (RAT) features, rarely seen in these types of botnets before www.zdnet.com/article/new-ttint-iot-botnet-caught-exploiting-two-zero-days-in-tenda-routers For almost a year, a threat actor has been using zero-day vulnerabilities to install malware on Tenda routers and build a so-called IoT (Internet of Things) botnet. Google offers up […]

Read More

Daily NCSC-FI news followup 2019-06-19

Apu: Kyberhyökkäys tietoverkkoihin voisi pimentää Suomen oletko varautunut? www.apu.fi/artikkelit/kyberhyokkays-tietoverkkoihin-voisi-pimentaa-suomen Kiinan tiedustelupalvelu värvää vakoilijoita LinkedInissä myös suomalaisia ulkopolitiikan asiantuntijoita lähestytty yle.fi/uutiset/3-10838995 Raportin on laatinut Ulkopoliittisen instituutin ohjelmajohtaja Mika Aaltola. Quick Detect: Exim “Return of the Wizard” Attack isc.sans.edu/forums/diary/Quick+Detect+Exim+Return+of+the+Wizard+Attack/25052/ =Thanks to our reader Alex for sharing some of his mail logs with the latest attempts to exploit […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.