Blog Posts
Cat and Mouse in the Age of .NET
Penetration testers have long exploited the PowerShell scripting language to gain a foothold in systems and execute an attack. Eventually, changes in the PowerShell landscape caused the toolsets to shift …
• By Brandon Marzik
In CERT/CC Vulnerabilities
Adversarial ML Threat Matrix: Adversarial Tactics, Techniques, and Common Knowledge of Machine Learning
My colleagues, Nathan VanHoudnos, April Galyardt, Allen Householder, and I would like you to know that today Microsoft and MITRE are releasing their Adversarial Machine Learning Threat Matrix. This is …
• By Jonathan Spring
In CERT/CC Vulnerabilities
Three Places to Start in Defending Against Ransomware
This blog post, the second of three dealing with ransomware and defending against it, covers three initial efforts that will make it more difficult for attackers and less costly to …
• By Tim Shimeall
In CERT/CC Vulnerabilities
Ransomware as a Service (RaaS) Threats
This blog post explores the economics behind why ransomware remains a top tool for cybercrime and presents the current active ransomware variants that utilize ransomware as a service (RaaS), a …
• By Marisa Midler
In CERT/CC Vulnerabilities
Snake Ransomware Analysis Updates
In January 2020, Sentinel Labs published two reports on Snake (also known as Ekans) ransomware.[1][2] The Snake ransomware gained attention due to its ability to terminate specific industrial control system …
• By Kyle O'Meara
In CERT/CC Vulnerabilities
Bridging the Gap Between Research and Practice
A fundamental goal for a federally funded research and development center (FFRDC) is to bridge the gap between research and practice for government customers....
• By Leigh Metcalf
In CERT/CC Vulnerabilities
Security Automation Begins at the Source Code
Hi, this is Vijay Sarvepalli, Information Security Architect in the CERT Division. On what seemed like a normal day at our vulnerability coordination center, one of my colleagues asked me....
• By Vijay Sarvepalli
In CERT/CC Vulnerabilities
Comments on NIST IR 8269: A Taxonomy and Terminology of Adversarial Machine Learning
The U.S. National Institute of Standards and Technology (NIST) recently held a public comment period on their draft report on proposed taxonomy and terminology of Adversarial Machine Learning (AML)....
• By Jonathan Spring
In CERT/CC Vulnerabilities
Prioritizing Vulnerability Response with a Stakeholder-Specific Vulnerability Categorization
We've just released a follow-up paper in our research agenda about prioritizing actions during vulnerability management, Prioritizing Vulnerability Response: A Stakeholder-Specific Vulnerability Categorization....
• By Allen Householder
In CERT/CC Vulnerabilities
Machine Learning in Cybersecurity
Our technical report provides an overview of the relevant parts of an ML lifecycle--selecting the right problem, the right data, and the right math and summarizing the model output for …