Wednesday, May 13, 2020

Digital Lockdown: AI vs COVID-19

A free webinar series featuring industry leaders from Harbour.Space University’s faculty of practicing professionals, sharing valuable content and insiders’ knowledge that you don’t learn in traditional classrooms!


Tuesday, May 5, 2020

Malicious Portal SilverPeak REST API access

Details about new security vulnerabilities in SD-WAN solution. There is no authentication between cloud SilverPeak’s Portal on the Internet and customers’  EdgeConnect devices. EdgeConnect doesn’t authenticate Portal. Portal can execute any command on EdgeConnect via REST API.

Monday, April 20, 2020

SilverPeak’s IPsec UDP protocol implementation fails to provide forward secrecy

The IPsec UDP protocol implementation in SilverPeak EdgeConnect product fails to provide the claimed perfect forward secrecy property. Additionally, the product provides interfaces and has vulnerabilities that can be used to reconstruct the traffic encryption keys for all tunnels.

Tuesday, April 14, 2020

AI Finger 2020

New release of Internet census of Machine Learning and Artificial Intelligence Frameworks and Applications, April 2020.

Monday, December 30, 2019

Turbines, Simens, Vulnerabilities, Power

New release by Kaspersky team leaded by SCADA StrangeLove fellow Gleb Gritsai  "On the insecure nature of turbine control systems in power generation" as presented on Chaos Communication Congress 36C3.

Power plants everywhere...

Friday, December 6, 2019

Artificial Intelligence Security Census

In this paper, we present the results of Internet-wide security scans of publicly available AIML systems. We show that many different interfaces of AIML systems are not protected and accessible from the Internet, moreover, most of them don't even have basic security mechanisms. Also, we describe found the known vulnerabilities related to outdated software and insecure configurations. 

Thursday, November 14, 2019

Malign Machine Learning Models and bad DICOM

Zeronighs 2019 AISec releases: how to insert malware into TensorFlow and PyTorch models and hack NVIDIA Clara ML pipeline with DICOM image.