search menu icon-carat-right cmu-wordmark

Archive: 2020

Snake Ransomware Analysis Updates

Snake Ransomware Analysis Updates

• CERT/CC Blog
Kyle O'Meara

In January 2020, Sentinel Labs published two reports on Snake (also known as Ekans) ransomware.[1][2] The Snake ransomware gained attention due to its ability to terminate specific industrial control system (ICS) processes. After reading the reports, I wanted to expand the corpus of knowledge and provide OT and IT network defenders with increased defense capabilities against Snake. The key takeaways from the Sentinel Labs’ reports for additional analysis were the hash of the ransomware and...

Read More
Bridging the Gap Between Research and Practice

Bridging the Gap Between Research and Practice

• CERT/CC Blog
Leigh Metcalf

A fundamental goal for a federally funded research and development center (FFRDC) is to bridge the gap between research and practice for government customers. At the CERT Division of the Software Engineering Institute (SEI), we've taken a step beyond that and decided that, in cybersecurity, we should be bridging the gap for all researchers and practitioners. To help achieve this goal, I decided that a journal would be an important step. The Association for Computing...

Read More
Security Automation Begins at the Source Code

Security Automation Begins at the Source Code

• CERT/CC Blog
Vijay Sarvepalli

Hi, this is Vijay Sarvepalli, Information Security Architect in the CERT Division. On what seemed like a normal day at our vulnerability coordination center, one of my colleagues asked me to look into a vulnerability report for pppd, an open source protocol. At first glance, this vulnerability had the potential to affect multiple vendors throughout the world. These widespread coordination cases usually have a prolonged coordination timeline. They typically involve multiple vendors on the one...

Read More
Comments on NIST IR 8269: A Taxonomy and Terminology of Adversarial Machine Learning

Comments on NIST IR 8269: A Taxonomy and Terminology of Adversarial Machine Learning

• CERT/CC Blog
Jonathan Spring

The U.S. National Institute of Standards and Technology (NIST) recently held a public comment period on their draft report on proposed taxonomy and terminology of Adversarial Machine Learning (AML). AML sits at the intersection of many specialties of the SEI. Resilient engineering of Machine Learning (ML) systems requires good data science, good software engineering, and good cybersecurity. Our colleagues have suggested 11 foundational practices of AI engineering. In applications of ML to cybersecurity, we have...

Read More