The Specter of MS17-010

The vulnerability MS17-010, patched on 14 March 2017 but rising to prominence with the Shadow Brokers leak of an exploit called ETERNALBLUE in mid-April 2017, has fueled multiple information security headaches. First and among the most prominent was the global WannaCry ransomware event in May 2017 (two months after the Read more…

Adversary Attribution: It’s ‘Complicated’

Recently Juan Andreas Guerrero-Saade and Silas Cutler presented new research on the cluster of activity encompassing Stuxnet, Duqu, and Flame at the Kaspersky Lab-sponsored Security Analyst Summit. (Note for those reading this from US, Canadian, and related government networks: accessing the research link previously will display potentially leaked, non-public information Read more…

The Devil’s in the Algorithm

I attended an interesting presentation at the EnergySec Pacific Rim summit discussing the role of machine learning and artificial intelligence (ML/AI) in network security and ICS operations. The talk was mostly an overview of potential applications and niches for ML/AI within these spaces, which in itself is refreshing as ML/AI Read more…