Machine Learning for Cybersecurity

Sam Charrington, host of Machine Learning & Artificial Intelligence (TWiML & AI) podcast and Evan Wright Principal Data Scientist at Anomali discuss a number of topics surrounding the use of machine learning in cybersecurity. 

These topics include: 

  • ​ The three big problems in cybersecurity that Machine Learning can help with
  • The challenges of acquiring ground truth in cybersecurity and some ways to accomplish it
  • The use of decision trees, generative adversarial networks, and other algorithms in the field
 

For more TWiML podcasts visit https://twimlai.com/


Source: Honeypot Tech

Harry Potter and the Real-Life Wizard Duel

Walk around the commons of Cambridge and you’re bound to see one or more of the Cambridge University Quidditch Club players mounted upon sticks with a makeshift quaffle. But try as they might, their broomsticks will never send them soaring through the air.

The same faux-wizardry charge can’t be levelled at Allen Pan‘s Real-Life Wizard Duel. For when the wand-wielding witches or wizards cast one of four Harry Potter spells, their opponent is struck accordingly… as if by magic.

Real Life Wizard Duel with ELECTRICITY | Sufficiently Advanced

Body shocking wands with speech recognition…It’s indistinguishable from magic! Follow Sufficiently Advanced! https://twitter.com/AnyTechnology https://www.facebook.com/sufficientlyadvanced https://www.instagram.com/sufficientlyadvanced/ Check out redRomina: https://www.youtube.com/user/redRomina Watch our TENS unit challenge! https://youtu.be/Ntovn4N9HNs These peeps helped film, check them out too!

Real spells, real consequences

Harry Potter GIF

Allen uses Transcutaneous Electrical Nerve Stimulation (TENS) machines to deliver the mighty blows to both himself and his opponent, setting off various sticky pads across the body via voice recognition.

The Google Cloud Speech Recognition API recognises one of five spells – Expelliarmus, Stupefy, Tarantallegra, Petrificus Totalus, and Protego – via a microphone plugged into a Raspberry Pi.

Harry Potter GIF

When the spell is pronounced correctly and understood by the Pi, it tells an Arduino to ‘shoot’ the spell out of the wand via an infrared LED. If the infrared receiver attached to the opponent recognises the spell, it sets off the TENS machine to deliver an electric current to the appropriate body part. Expelliarmus, for example, sets off the TENS connected to the arm, while calling out a successful Petrificus Totalus renders the opponent near immobilised as every pad is activated. For a moment’s rest, calling out “Protego” toward your own infrared receiver offers a few moments of protection against all spells aimed in your direction. Phew.

“But people only die in proper duels, you know, with real wizards. The most you and Malfoy’ll be able to do is send sparks at each other. Neither of you knows enough magic to do any real damage. I bet he expected you to refuse, anyway.”
“And what if I wave my wand and nothing happens?”
“Throw it away and punch him on the nose,” Ron suggested.
Harry Potter and the Philosopher’s Stone

Defence Against the Dark Arts

Harry Potter Wizard Duel Raspberry Pi

To prevent abuse of the spells, each one has its own recharge time, with available spells indicated via LEDs on the wand.

In the realm of Harry Potter fan builds, this has to be a favourite. And while visitors to The Wizarding World of Harry Potter may feel the magical effect of reimagined Butterbeer as they wander around Hogsmead, I’d definitely prefer to play Real Life Wizard Duel with Allen Pan.

The post Harry Potter and the Real-Life Wizard Duel appeared first on Raspberry Pi.


Source: RaspberryPi – IOT Anonimo

Source: Privacy Online


Source: Zologic

HakTip 150 – Linux Terminal 201: Working with Storage Media, ISO Images, and MD5 Checksums

Today on HakTip we’re talking about dealing with flashdrives in the terminal.
——————————-
Shop: http://www.hakshop.com
Support: http://www.patreon.com/threatwire
Subscribe: http://www.youtube.com/hak5
Our Site: http://www.hak5.org
Contact Us: http://www.twitter.com/hak5
Threat Wire RSS: https://shannonmorse.podbean.com/feed/
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999

——————————

Commands used in this episode include:

mount

umount /dev/flashdrive1

mount -t filesystem type /dev/flashdrive /newdirectory

cd /dev/flashdrive

sudo fdisk /dev/flashdrive

sudo mkfs -t filesystem_type /dev/flashdrivename

sudo fsck /dev/flashdrive

dd if=the_file_you_wanna_copy of=/dev/flashdrive

dd if=lakka.iso of=/dev/sdb

md5sum file.iso

Make sure to subscribe to Hak5 at https://www.youtube.com/hak5

Source: Security news


Source: Zologic

Prioritizing Threats: Why Most Companies Get It Wrong

To stay safer, focus on multiple-threat attack chains rather than on individual threats.
Source: Cyber Monitoring

Pi Wars 2017 is just a few days away!

On 1-2  April, Cambridge Raspberry Jam will be hosting Pi Wars 2017, the latest iteration of their successful robotics challenge competition.

For those unfamiliar with the setup, Pi Wars contestants use home-brew Raspberry Pi-powered robots to compete across seven challenge courses. There’s also a host of other categories, including prizes for Artistic and Technical Merit, as well as an award for ‘Funniest Robot’!

With only a few days to go until the big weekend, we’ve wrangled Pi Wars 2017 hosts, Mike and Tim, to give us the lowdown on everything you need to know before the main event.

Pi Wars 2015 obstacle course Pi Wars 2017

Crowds gather around the Obstacle Course from the 2015 competition

Pi Wars 2017

This is the third time the competition has been run, and this time we’re running the event over two days:

  • Saturday – School teams.
  • Sunday – Beginner, Intermediate and Pro/Veteran teams.

With teams coming all the way from the USA, Germany, Switzerland, Wales and Scotland as well as England, it truly is an international competition! There are more than 65 teams competing across the weekend. Judging by some of the tweets we’ve been seeing, there’s likely to be some fierce competition!

Special guest and head judge

Doctor Lucy Rogers Pi Wars 2017

Lucy rightly running from House Robot, Sir Killalot, on the set of BBC Robot Wars

We are very fortunate to welcome BBC Robot Wars judge Dr. Lucy Rogers as our special guest and head judge. Away from Robot Wars, Lucy is an independent designer and maker, and famously introduced Raspberry Pi-controlled animatronics to the Blackgang Chine theme park on the Isle of Wight.

Get tickets, come along and watch the action

If you’re in the Cambridge area, or even if you’re further afield, you can come along and watch. Pi Wars 2017 spectator tickets are available from Eventbrite. Children aged 16 and under go free, as do volunteers, and it’s just £5 per day (or £7 for the whole weekend) for everyone else.

What else is happening?

In addition to the competing teams, there will be plenty of show-and-tell tables featuring robotics projects, plus an extensive marketplace featuring your favourite vendors.

Where is it?

The event takes place at the Cambridge Computer Laboratory (William Gates Building). There is free parking a (very) short walk away, and there is catering on site (or bring a packed lunch!). It’s a nice family-friendly day out. You can chat to the stall holders and teams (when they’re not running between challenges!), and generally find out what is possible with the Raspberry Pi, some robotics components, a healthy dose of programming and a maker’s mindset!

The William Gates Building Pi Wars 2017

The William Gates Building

What have we been doing to prepare?

Tim has been hard at work designing and building courses for our seven challenges, which are:

  • Straight-line speed test (autonomous) – get down the course as fast as possible without touching the walls.
  • The minimal maze (autonomous) – get around the maze without touching the walls.
  • The line follower (autonomous) – follow the black line for as many circuits as possible.
  • Slightly deranged golf (remote-controlled) – a beautiful, mystery course that will have a special component added to it by Pi Borg!
  • The obstacle course (remote-controlled) – who knows what’s in store this year?
  • Skittles (remote-controlled) – knock the pins down, score points.
  • Pi Noon – the robot vs robot duel (remote-controlled) – pop the other robot’s balloon before the time runs out.
Pi Wars 2015 Pi Noon competition Pi Wars 2017

2015’s Pi Noon competition

Find out more about the courses and the rules on the Pi Wars 2017 website.

Mike has been fiercely sending out emails to competitors, exhibitors, volunteers, vendors and our wonderful Pi Wars 2017 sponsors, without whom we would be unable to run the event. He’s also busy constructing individual timetables for each team, so everyone knows exactly where they need to be for their challenge runs.

We’re really looking forward to the weekend – it’s all coming together, and with the help of our volunteers, you can be assured of a warm welcome to the venue. So, grab your tickets and prepare for an epic showdown between dozens of robots, all powered by your favourite single-board computer!

The future of Pi Wars

There is an upcoming Pi Wars-style competition in Pennsylvania, USA on 3 June (The MagPi Magazine published a blog about this today), and we’re expecting another USA competition at some point, as well as a possible Pi Wars Scotland. As for the future of the Cambridge-based event? Let’s get this one out of the way first!

Any questions? The best way to contact us is via the Pi Wars 2017 website. Alternatively, give us a shout on Twitter!

Mike and Tim

The post Pi Wars 2017 is just a few days away! appeared first on Raspberry Pi.


Source: RaspberryPi – IOT Anonimo

Source: Privacy Online


Source: Zologic

TekThing 117 – Update WhatsApp Now! Lenovo Ideapad Y900 Gaming Laptop, Kano Raspberry Pi, Teach Kids To Code!

Update WhatsApp & Telegram Now! Lenovo Ideapad Y900 Gaming Laptop Review, Kano Raspberry Pi, Teach Kids To Code!
——
00:41 Kano Computer & Coding For Kids
Kano Computer & Coding For Kids @geoffreysperl tweets @TekThing “Hi! For his birthday, my soon to be 7 year-old wants a Kano (http://kano.me). What do you think of it? Any alternatives?” Fuze is similar, if less DIY, than the build it your self PC that runs the Kano OS. We talk up what computers Patrick’s kids use, and teaching kids to code with Code Combat, Hour of Code, and Scratch in the video! https://twitter.com/geoffreysperl/status/843990598210281472
http://developers.kano.me/downloads/
https://www.fuze.co.uk/store/c1/Featured_Products.html
https://codecombat.com/
https://hourofcode.com/us
https://scratch.mit.edu/

08:32 Lenovo Ideapad Y900 Gaming Laptop
A 17.3″ G-Sync screen and a mechanical keyboard on a laptop? Lenovo’s Y900 Ultimate Gaming Laptop is luxurious… and 9.8 pounds heavy, we talk performance in the video!
http://shop.lenovo.com/us/en/laptops/ideapad/y900-series/y900-17/

17:24 Update WhatsApp & Telegram Now!!!
Check Point found vulnerabilities in the web apps of both Telegram and WhatsApp last last week… found out what happened and how to fix them in the video, and get more Threat Wire security briefs at youtube.com/hak5!

21:47 Unlimited Data Is Unlimited!
@SteveKen takes exception to our belief that Data is Capped on unlimited plans… we talk it through in the show!
https://twitter.com/steveken/status/843617447341101056

27:05 Do Something Analog!
Like organizing and cable managing your editing workstation and desk!!! (The before and after shots in the video are… alarming.)
——
Thank You Patrons! Without your support via patreon.com/tekthing, we wouldn’t be able to make the show for you every week!
https://www.patreon.com/tekthing
——
EMAIL US!
ask@tekthing.com
——
Amazon Associates: http://amzn.to/2gm9Egf
Subscribe: https://www.youtube.com/c/tekthing
——
Website: http://www.tekthing.com
RSS: http://feeds.feedburner.com/tekthing
THANKS!
HakShop: https://hakshop.myshopify.com/
——
SOCIAL IT UP!
Twitter: https://twitter.com/tekthing
Facebook: https://www.facebook.com/TekThing
Reddit: https://www.reddit.com/r/tekthingers
——

Source: Security news


Source: Zologic

7 Steps to Transforming Yourself into a DevSecOps Rockstar

Security practitioners at one education software firm offer lessons learned from merging DevOps with security.
Source: Vulnerabilitys & Threats

Doing Threat Intel The Hard Way – Part 6: Threat Intelligence Maintenance

This is the sixth and final post in a series on manual IOC management for threat intelligence. See the previous posts:

Part 1: Manual IOC Management
Part 2: Capturing Threat Intelligence
Part 3: Processing Threat Intelligence
Part 4: Operationalizing Threat Intelligence
Part 5: Analyze Threat Intelligence

Threat intelligence Maintenance

Once an analyst has decided on the validity of the threat, the output of that decision must be captured and stored, preferably within the system. If it was determined that an indicator was not a threat, that should be documented accordingly. If instead it was determined to be a threat, additional output could include notes, reports, recommendations or other documentation. It could also include additional information gathered about the indicators themselves. All this information should be easily accessible for future reference.

Indicators must also be maintained over time, meaning that some method of incorporating new information about existing indicators while retaining the previous information is required. Although today an IP may be actively engaged in brute force attacks, next week it might be cleaned up and reimaged. That same IP might be clean for two years before getting compromised again and put into service as a botnet C&C IP. Analysts need to be able to see these changes over time in order to avoid confusion in analysis. Additionally, if integration content, such as SIEM alert rules, is based on categories or other elements that change over time, automated monitoring may fail to detect new threats and may identify threats incorrectly.

Conclusion

Threat intelligence can offer concrete benefits to organizations, making security analysts more efficient and effective, but only if that intelligence has been managed correctly. Poorly managed threat intelligence can lead to incorrect decisions that may have lasting consequences for the business or organization.

I have attempted to lay out the steps necessary to create a manual threat intelligence management process. As you can see, it is a complex undertaking, that may require a significant investment of resources. Some organizations have the necessary resources and skill in-house to develop such a program. Many do not.

Given the level of ongoing effort required, even those capable of building their own may opt for a commercial threat intelligence management platform. It is important that you do an honest assessment of your own organization before starting this kind of project.


Source: Honeypot Tech

European Astro Pi Challenge winners

In October last year, with the European Space Agency and CNES, we launched the first ever European Astro Pi challenge. We asked students from all across Europe to write code for the flight of French ESA astronaut Thomas Pesquet to the International Space Station (ISS) as part of the Proxima mission. Today, we are very excited to announce the winners! First of all, though, we have a very special message from Thomas Pesquet himself, which comes all the way from space…

Thomas Pesquet congratulates Astro Pi participants from space

French ESA astronaut Thomas Pesquet floats in to thank all participants in the European Astro Pi challenge. In October last year, together with the European Space Agency, we launched the first ever European Astro Pi challenge for the flight of French ESA astronaut Thomas Pesquet to the International Space Station (ISS) as part of mission Proxima.

Thomas also recorded a video in French: you can click here to see it and to enjoy some more of his excellent microgravity acrobatics.

A bit of background

This year’s competition expands on our previous work with British ESA astronaut Tim Peake, in which, together with the UK Space Agency and ESA, we invited UK students to design software experiments to run on board the ISS.

Astro Pi Vis (AKA Ed) on board the ISS. Image from ESA.

In 2015, we built two space-hardened Raspberry Pi units, or Astro Pis, to act as the platform on which to run the students’ code. Affectionately nicknamed Ed and Izzy, the units were launched into space on an Atlas V rocket, arriving at the ISS a few days before Tim Peake. He had a great time running all of the programs, and the data collected was transmitted back to Earth so that the winners could analyse their results and share them with the public.

The European challenge provides the opportunity to design code to be run in space to school students from every ESA member country. To support the participants, we worked with ESA and CPC to design, manufacture, and distribute several hundred free Astro Pi activity kits to the teams who registered. Further support for teachers was provided in the form of three live webinars, a demonstration video, and numerous free educational resources.

Image of Astro Pi kit box

The Astro Pi activity kit used by participants in the European challenge.

The challenge

Thomas Pesquet assigned two missions to the teams:

  • A primary mission, for which teams needed to write code to detect when the crew are working in the Columbus module near the Astro Pi units.
  • A secondary mission, for which teams needed to come up with their own scientific investigation and write the code to execute it.

The deadline for code submissions was 28 February 2017, with the judging taking place the following week. We can now reveal which schools will have the privilege of having their code uploaded to the ISS and run in space.

The proud winners!

Everyone produced great work and the judges found it really tough to narrow the entries down. In addition to the winning submissions, there were a number of teams who had put a great deal of work into their projects, and whose entries have been awarded ‘Highly Commended’ status. These teams will also have their code run on the ISS.

We would like to say a big thank you to everyone who participated. Massive congratulations are due to the winners! We will upload your code digitally using the space-to-ground link over the next few weeks. Your code will be executed, and any files created will be downloaded from space and returned to you via email for analysis.

In no particular order, the winners are:

France

  • Winners
    • @stroteam, Institut de Genech, Hauts-de-France
    • Wierzbinski, École à la maison, Occitanie
    • Les Marsilyens, École J. M. Marsily, PACA
    • MauriacSpaceCoders, Lycée François Mauriac, Nouvelle-Aquitaine
    • Ici-bas, École de Saint-André d’Embrun, PACA
    • Les Astrollinaires, Lycée général et technologique Guillaume Apollinaire, PACA
  • Highly Commended
    • ALTAÏR, Lycée Albert Claveille, Nouvelle Aquitaine
    • GalaXess Reloaded, Lycée Saint-Cricq, Nouvelle Aquitaine
    • Les CM de Neffiès, École Louis Authie, Occitanie
    • Équipe Sciences, Collège Léonce Bourliaguet, Nouvelle Aquitaine
    • Maurois ICN, Lycée André Maurois, Normandie
    • Space Project SP4, Lycée Saint-Paul IV, Île de la Réunion
    • 4eme2 Gymnase Jean Sturm, Gymnase Jean Sturm, Grand Est
    • Astro Pascal dans les étoiles, École Pascal, Île-de-France
    • les-4mis, EREA Alexandre Vialatte, Auvergne-Rhône-Alpes
    • Space Cavenne Oddity, École Cavenne, Auvergne-Rhône-Alpes
    • Luanda for Space, Lycée Français de Luanda, Angola
      (Note: this is a French international school and the team members have French nationality/citizenship)
    • François Detrille, Lycée Langevin-Wallon, Île-de-France

Greece

  • Winners
    • Delta, TALOS ed-UTH-robotix, Magnesia
    • Weightless Mass, Intercultural Junior High School of Evosmos, Macedonia
    • 49th Astro Pi Teamwork, 49th Elementary School of Patras, Achaia
    • Astro Travellers, 12th Primary School of Petroupolis, Attiki
    • GKGF-1, Gymnasium of Kanithos, Sterea Ellada
  • Highly Commended
    • AstroShot, Lixouri High School, Kefalonia
    • Salamina Rockets Pi, 1st Senior High School of Salamina, Attiki
    • The four Astro-fans, 6th Gymnasio of Veria, Macedonia
    • Samians, 2nd Gymnasio Samou, North Eastern Aegean

United Kingdom

  • Winners
    • Madeley Ad Astra, Madeley Academy, Shropshire
    • Team Dexterity, Dyffryn Taf School, Carmarthenshire
    • The Kepler Kids, St Nicolas C of E Junior School, Berkshire
    • Catterline Pi Bugs, Catterline Primary, Aberdeenshire
    • smileyPi, Westminster School, London
  • Highly Commended
    • South London Raspberry Jam, South London Raspberry Jam, London

Italy

  • Winners
    • Garibaldini, Istituto Comprensivo Rapisardi-Garibaldi, Sicilia
    • Buzz, IIS Verona-Trento, Sicilia
    • Water warmers, Liceo Scientifico Galileo Galilei, Abruzzo
    • Juvara/Einaudi Siracusa, IIS L. Einaudi, Sicilia
    • AstroTeam, IIS Arimondi-Eula, Piemonte

Poland

  • Winners
    • Birnam, Zespół Szkoły i Gimnazjum im. W. Orkana w Niedźwiedziu, Malopolska
    • TechnoZONE, Zespół Szkół nr 2 im. Eugeniusza Kwiatkowskiego, Podkarpacie
    • DeltaV, Gimnazjum nr 49, Województwo śląskie
    • The Safety Crew, MZS Gimnazjum nr 1, Województwo śląskie
    • Warriors, Zespół Szkół Miejskich nr 3 w Jaśle, Podkarpackie
  • Highly Commended
    • The Young Cuiavian Astronomers, Gimnazjum im. Stefana Kardynała Wyszyńskiego w Piotrkowie Kujawskim, Kujawsko-pomorskie
    • AstroLeszczynPi, I Liceum Ogolnokształcace w Jasle im. Krola Stanislawa Leszczynskiego, Podkarpackie

Portugal

  • Winners
    • Sampaionautas, Escola Secundária de Sampaio, Setúbal
    • Labutes Pi, Escola Secundária D. João II, Setúbal
    • AgroSpace Makers, EB 2/3 D. Afonso Henriques, Cávado
    • Zero Gravity, EB 2/3 D. Afonso Henriques, Cávado
    • Lua, Agrupamento de Escolas José Belchior Viegas, Algarve

Romania

  • Winners
    • AstroVianu, Tudor Vianu National High School of Computer Science, Bucharest
    • MiBus Researchers, Mihai Busuioc High School, Iași
    • Cosmos Dreams, Nicolae Balcescu High School, Cluj
    • Carmen Sylva Astro Pi, Liceul Teoretic Carmen Sylva Eforie, Constanța
    • Stargazers, Tudor Vianu National High School of Computer Science, Bucharest

Spain

  • Winners
    • Papaya, IES Sopela, Vizcaya
    • Salesianos-Ubeda, Salesianos Santo Domingo Savio, Andalusia
    • Valdespartans, IES Valdespartera, Aragón
    • Ins Terrassa, Institut Terrassa, Cataluña

Ireland

  • Winner
    • Moonty1, Mayfield Community School, Cork

Germany

  • Winner
    • BSC Behringersdorf Space Center, Labenwolf-Gymnasium, Bayern

Norway

  • Winner
    • Skedsmo Kodeklubb, Kjeller Skole, Akershus

Hungary

  • Winner
    • UltimaSpace, Mihaly Tancsics Grammar School of Kaposvár, Somogy

Belgium

  • Winner
    • Lambda Voyager, Stedelijke Humaniora Dilsen, Limburg

FAQ

Why aren’t all 22 ESA member states listed?

  • Because some countries did not have teams participating in the challenge.

Why do some countries have fewer than five teams?

  • Either because those countries had fewer than five teams qualifying for space flight, or because they had fewer than five teams participating in the challenge.

How will I get my results back from space?

  • After your code has run on the ISS, we will download any files you created and they will be emailed to your teacher.

The post European Astro Pi Challenge winners appeared first on Raspberry Pi.


Source: RaspberryPi – IOT Anonimo

Source: Privacy Online


Source: Zologic

Hak5 2202 – Concealed Exfiltration – Pocket Network Attacks with the Bash Bunny

Check out the SMB Exfiltrator payload from the Bash Bunny github:
https://github.com/hak5/bashbunny-payloads/tree/master/payloads/library/smb_exfiltrator

Bash Bunny: http://www.bashbunny.com
Hack Across The Planet: http://www.hackacrosstheplanet.com

——————————-
Shop: http://www.hakshop.com
Support: http://www.patreon.com/threatwire
Subscribe: http://www.youtube.com/hak5
Our Site: http://www.hak5.org
Contact Us: http://www.twitter.com/hak5
Threat Wire RSS: https://shannonmorse.podbean.com/feed/
Threat Wire iTunes: https://itunes.apple.com/us/podcast/threat-wire/id1197048999
——————————

Source: Security news


Source: Zologic