Wednesday, October 28, 2020

NVIDIA DGX machine learning servers vulnerabilities

NVIDIA has published fixes for vulnerabilities in NVIDIA Machine learning servers with CVSS up to 9.8.

NVIDIA DGX-1, DGX-2, and DGX A100 Servers are affected and can be hacked via BMC OOB interfaces. 

Friday, October 9, 2020

Tuesday, August 18, 2020

Wind Turbines strikes again

 

Nice to see Nordex devices featured in SCADA StrangeLove "Too Smart Grid in da Cloud" talk back to 2014 available via SatCOM in 2020.

Saturday, July 25, 2020

Vulnerabilities in AI Healthcare pipelines

Must see if you use/develop Artificial Intelligence in Healthcare and care about Cybersecurity and Privacy.


Monday, July 13, 2020

How to make your own Internet Census

Simple writeup on the Internet-scale census with example or Artificial Intelligence and Machine Learning infrastructure assessment by Antony Nikolaev. Sample Lab of Cybersecurity of Machine Learning and Artificial Intelligence at Harbour.Space University.

Just in case if you need spare Tensorboard in Africa or Kubeflow elsewhere.


Monday, July 6, 2020

Hacking Odyssey at HITBLockdown002

How to Hack Medical Imaging Applications via DICOM by Maria Nedyak

DATE: July 25, 2020
TIME: 04:00 PM - 05:00 PM (GMT +8)

Monday, June 15, 2020

Hacking Kubeflow for fun and mining

Microsoft Azure Security Center (ASC) recently published detailed description of Kubeflow backdooring attack.

Tuesday, June 2, 2020

A practical guide to SD-WAN Evil

Good writeup by Marcel Gamma. A story about Silverpeak SD-WAN vulnerabilities discovery / fixing / disclosure.


Wednesday, May 13, 2020

Digital Lockdown: AI vs COVID-19


A free webinar series featuring industry leaders from Harbour.Space University’s faculty of practicing professionals, sharing valuable content and insiders’ knowledge that you don’t learn in traditional classrooms!

Registration

Tuesday, May 5, 2020

Malicious Portal SilverPeak REST API access

Details about new security vulnerabilities in SD-WAN solution. There is no authentication between cloud SilverPeak’s Portal on the Internet and customers’  EdgeConnect devices. EdgeConnect doesn’t authenticate Portal. Portal can execute any command on EdgeConnect via REST API.

Monday, April 20, 2020

SilverPeak’s IPsec UDP protocol implementation fails to provide forward secrecy

The IPsec UDP protocol implementation in SilverPeak EdgeConnect product fails to provide the claimed perfect forward secrecy property. Additionally, the product provides interfaces and has vulnerabilities that can be used to reconstruct the traffic encryption keys for all tunnels.


Tuesday, April 14, 2020

AI Finger 2020

New release of Internet census of Machine Learning and Artificial Intelligence Frameworks and Applications, April 2020.