In 2017, Equifax, one of the world’s largest credit reporting agencies suffered a  cyber breach  of unprecedented impact and scale.  More than 145 million records of personal identifiable information were stolen by cyber criminals.  Because of the nature of this breach, the CEO of Equifax resigned, a congressional investigation commenced, Equifax’s stock took a hit and a 50-state class action lawsuit was filed. The Breach On March 2nd 2017, a vulnerability in a  web application  called Apache Tomcat Struts 2 was discovered by a  security  researcher and identified as vulnerability CVE-2017-5638.  This web application was used by Equifax to allow consumers to submit credit report discrepancies. Days after the vulnerability was discovered a software patch was made available on March 7, 2017 and made public.  Within 24 hours of the patch, a blog post went up on a website on how to exploit this vulnerability to gain remote access to computer...

Domain Generation Algorithms (DGAs) are a class of algorithms that periodically and dynamically generate large numbers of domain names. Typically, the domains are used by malware and botnets as rendezvous points to facilitate callback to the malicious actor’s Command & Control servers. DGAs allow malware to generate tens of thousands of domains per day, the vast majority of them unregistered. The enormous numbers of unregistered domains are used to masquerade the registered ones, allowing the infected botnets to evade  detection  and deterrence by signature or IP-reputation based  security detection systems . The first known malware family to use a DGA was Kraken in 2008. Later that year, the Conflicker worm pushed the DGA tactic into notoriety. Even after 10 years, it is still possible to find Conflicker or one of its variants on some of today’s networks. In tandem with the increasing proliferation of malware, the usage of DGAs has become more pervasive. The Objectiv...

Artificial Intelligence  and Machine Learning are the technologies that are at the forefront of what is being called the world’s 4th industrial revolution.  Since the beginning of the human race, man has strived to improve how efficiently we live and work. At first humans relied on simple manual labor and ingenuity.  We believe this is how man has produced things like the Pyramids, the Great Wall of China and Stonehenge.  Then came the first industrial revolution, which introduced mechanization, steam, and water power and brought advances in production, travel, and urbanization.  The second revolution was sparked by the inventions of mass production and electricity. The introduction of electronic and digital technologies marked the third revolution and things like computers and the internet. Today we are entering a new era enabled by massive advances and practical application of  Artificial Intelligence  and Machine Learning. MAN vs. MACHINE Artificial...

Distributed Security Intelligence Artificial Intelligence  is radically transforming the  cybersecurity  industry. To successfully use A.I for security, the quality of the data is paramount. Security-related data must be collected from many different sources – network data from packets, server data from commands and processes, application data such as logs, and  threat intelligence  data from security researchers, among others. These disparate streams of information are fed into a centralized processer, wherein machine learning is conducted to detect  security threats . Data Challenges A few challenges appear in the data collection part of the process. Not enough data In some cases, the amount of data is insufficient for machine learning to generate an accurate output. When this happens, there may be too many false positives or false negatives. In general, the greater the volume of data, the more accurate the result. Too much data The downside of having a h...