Collaborate Disseminate
My organization wants to restrict all the plugins/tools like Netcraft and Builtwith to detect all the server side technologies for security reason like platform, operating system name and version, web server name and version…. Continue reading How to restrict plugins/tools like Netcraft and Builtwith to detect server side technologies?
Background:
First time user of libemu for shellcode detection and emulation, I was only able to find a few and limited resources on the web.
Used a simple loader shellcode to test, and the two instruction (pop ecx and ret)… Continue reading Lib Emu – how to simulate dummy input data/network data
Reading such posts as
How to confirm if a site is using Device Fingerprinting
and
Human or Bot: Behind the Scene Checks vs CAPTCHA
and following the links in them, I was wondering what newer methods, if any, I could use… Continue reading Detect a visitor is a browser without antagonising them in 2018?
As Augusto already announced awhile ago, we have updated our “how to SOC” paper for 2018. His post even includes our main guidance visual (!), made that much more awesome by our new co-author, Anna. The paper is still titled “How to P… Continue reading Our 2018 Update to “How to Plan, Design, Operate and Evolve a SOC” Publishes
Some viruses are encrypted so that the anti-virus can’t identify them, but what I don’t understand is: why wouldn’t the anti-virus detect them, considering they have to decrypt themselves before running? Wouldn’t the anti-virus understand … Continue reading Why don’t anti-viruses detect encrypted viruses in decryption?
The development fits a trend that sees threat actors turning to well-known, commodity malware, overcoming its easy detection with ever-better obfuscation methods. Continue reading PowerShell Obfuscation Ups the Ante on Antivirus
I wonder if machine learning method has already applied to security issues like IP spoofing detection.
Would like to see if you could offer some sources/journals that combine these two fields, thank you.
Continue reading Machine learning method that used in IP spoofing detection?
Getting computers to recognize objects has been a historically difficult problem in computer science, but with the rise of machine learning it is becoming easier to solve. One of the tools that can be put to work in object recognition is an open source library called TensorFlow, which [Evan] aka [Edje Electronics] has put to work for exactly this purpose.
His object recognition software runs on a Raspberry Pi equipped with a webcam, and also makes use of Open CV. [Evan] notes that this opens up a lot of creative low-cost detection applications for the Pi, such as setting up …read more
How do you help your SOC deal with internal attacks? Leveraging a big data-driven, user and entity behavior analytics solution (UEBA), security analysts can reduce mean-time-to-detection (MTTD) and extend its detection outreach to identify even the ste… Continue reading Watch the (Privileged) Watcher
I see this happening allot: developers need to test stuff, have a self-signed certificate that causes an error, and they just switch verification off globally (like in this example). The hack gets forgotten and then the code … Continue reading Is there an easy way to detect clients that ignore certificate validation errors (in production)?