Cisco Talos Smells a RAT
The company selling the software claims it will only sell it for legal uses. But the RAT gives buyers everything they need to build a botnet.
Getting To The Root Of Security With Trusted Silicon
The increasingly distributed nature of computing and the rapid growth in the number of the small connected devices that make up the Internet of Things (IoT) are combining with trends like the rise of silicon-level vulnerabilities highlighted by Spectre, Meltdown, and more recent variants to create an expanding and fluid security landscape that’s difficult for enterprises to navigate. …
Getting To The Root Of Security With Trusted Silicon was written by Jeffrey Burt at .
Cohesity’s Helios Uses Machine Learning to Manage Secondary Data
The cloud service gives companies visibility and mobility across all of their secondary data and applications from a single dashboard. It also uses machine learning and analytics to power a bunch of new infrastructure management features.
Foundries.io Tightens Edge, IoT Integration to Boost Security
The firm sees constant and long-term updates as key to maintaining edge and IoT security.
Arista Taps VMware, Zscaler to Create Consistent Cloud Security
VMware’s software will bring common security policy enforcement to virtual and physical workloads. Zscaler brings its north-south traffic security.
Microsoft Foils Russian Security Threat, Seizes Fake Political Websites
Microsoft said it has used this approach 12 times in two years to shut down 84 fake websites associated with the state-sponsored hacking group called Fancy Bear.
DeGrasse Tyson: Make Truth Great Again
Neil deGrasse Tyson tweets the following:I’m okay with a US Space Force. But what we need most is a Truth Force — one that defends against all enemies of accurate information, both foreign & domestic.— Neil deGrasse Tyson (@neiltyson) August 20, 2018
When people make comparisons with Orwell's "Ministry of Truth", he obtusely persists:
A good start: The National Academy of Sciences, which “…provides objective, science-based advice on critical issues affecting the nation."— Neil deGrasse Tyson (@neiltyson) August 20, 2018
Given that Orwellian dystopias were the theme of this summer's DEF CON hacker conference, let's explore what's wrong with this idea.
Truth vs. "Truth"
I work in a corrupted industry, variously known as the "infosec" community or "cybersecurity" industry. It's a great example of how truth is corrupted into "Truth".
At a recent government policy meeting, I pointed out how vendors often downplay the risk of bugs (vulnerabilities that can be exploited by hackers). When vendors are notified of these bugs and release a patch to fix them, they often give a risk rating. These ratings are often too low, in order to protect the corporate reputation. The representative from Oracle claimed that they didn't do Continue reading
Securing The Server, Inside And Out
Computing is hard enough, but the sophistication and proliferation of attacks on IT infrastructure, from the firewall moat surrounding the corporate network all the way down into the guts of the operating system kernel and deep into the speculative execution units on the physical processor, make the task of computing – with confidence – doubly difficult. …
Securing The Server, Inside And Out was written by Timothy Prickett Morgan at .
How Cloudflare protects customers from cache poisoning
A few days ago, Cloudflare — along with the rest of the world — learned of a "practical" cache poisoning attack. In this post I’ll walk through the attack and explain how Cloudflare mitigated it for our customers. While any web cache is vulnerable to this attack, Cloudflare is uniquely able to take proactive steps to defend millions of customers.
In addition to the steps we’ve taken, we strongly recommend that customers update their origin web servers to mitigate vulnerabilities. Some popular vendors have applied patches that can be installed right away, including Drupal, Symfony, and Zend.
How a shared web cache works
Say a user requests a cacheable file, index.html. We first check if it’s in cache, and if it’s not not, we fetch it from the origin and store it. Subsequent users can request that file from our cache until it expires or gets evicted.
Although contents of a response can vary slightly between requests, customers may want to cache a single version of the file to improve performance:
(See this support page for more info about how to cache HTML with Cloudflare.)
How do we know it’s the same file? We create something Continue reading
Security in the New World of Containers and Serverless
This eBrief from SDxCentral takes a look at some of the security issues facing serverless and containers and delves into some of the tools and methodologies available to overcome these challenges.
VMware Cloud on AWS: Advanced Networking and Security with NSX-T SDDC
Announced in AWS Summit in New York last month and also briefly mentioned on the prior blog, Announcing General Availability of VMware NSX-T Data Center 2.2.0, NSX-T networking and security is now available in Preview Mode for new SDDC deployments on VMware Cloud on AWS. Please reach out to your sales/SE contact for more information. In this blog post, I give an overview of the advanced networking and security functionality provided by NSX-T within VMware Cloud on AWS. Continue reading
Classic Rock and Cloud-Native Attacks Collide at Black Hat
Leading cloud access security broker (CASB) vendors McAfee and Bitglass talk security and cloud-native attacks at Black Hat.
Alibaba Cloud Eyes Expansion Into Southeast Asia With New Products, Partners
At the Alibaba Cloud Summit this week, the cloud provider launched a wide breadth of products that span serverless, data, search and analytics, IoT, and machine learning.
Cisco’s Security Business, Service Provider Wins Propel Fiscal 4Q Results
The company’s service provider business was up 6 percent year over year. But 5G isn’t the reason for the turnaround.
IoT Attacks Doubled in Two Months, Check Point Says
While IoT malware made its top-three debut in July, cryptomining malware remained the top two offenders, according to the monthly report.
Three new ways teams are using Cloudflare Access
Since leaving beta three weeks ago, Cloudflare Access has become our fastest-growing subscription service. Every day, more teams are using Access to leave their VPN behind and connect to applications quickly and securely from anywhere in the world.
We’ve heard from a number of teams about how they’re using Access. Each team has unique needs to consider as they move away from a VPN and to a zero trust model. In a zero trust framework, each request has to prove that a given application should trust its attempt to reach a secure tool. In this post, we’re highlighting some of the solutions that groups are using to transition to Cloudflare Access.
Solution 1: Collaborate with External Partners
Cloudflare Access integrates with popular identity providers (IdPs) so that your team can reach internal applications without adding more credentials. However, teams rarely work in isolation. They frequently rely on external partners who also need to reach shared tools.
How to grant and manage permissions with external partners poses a security risk. Just because you are working with a third-party doesn’t mean they should have credentials to your IdP. They typically need access to a handful of tools, not all of your internal Continue reading
Dell Technologies, Others Invest $33M in Twistlock Series C
The container-focused vendor has now hauled in more than $63 million in funding.
Intel Discloses New Sprectre-Like Bugs Called Foreshadow
The flaws could allow hackers to access data that is supposed to be secured in protected areas on Intel’s Core chips or in the cloud. AMD says it's immune.
Obfuscated gradients give a false sense of security: circumventing defenses to adversarial examples
Obfuscated gradients give a false sense of security: circumventing defenses to adversarial examples Athalye et al., ICML’18
There has been a lot of back and forth in the research community on adversarial attacks and defences in machine learning. Today’s paper examines a number of recently proposed defences and shows that most of them rely on forms of gradient masking. The authors develop attack techniques to overcome such defences, and 9 analyse defences from ICLR 2018 claiming to protect against white-box attacks. 7 of these turn out to rely on obfuscated gradients, and 6 of these fall to the new attacks (and the other one partially succumbs). Athalye et al. won a best paper award at ICML’18 for this work.
One of the great things about work on adversarial attacks and defences, as we’ve looked at before, is that they illuminate the strengths and weaknesses of current technology. Depending on the threat model you choose, for my own part I’m currently of the opinion that we’re unlikely to find a robust adversarial defence without a more radical re-think of how we’re doing image classification. If we’re talking about the task of ‘find an image that doesn’t fool a human, but Continue reading