Pardon the Intrusion # 5: In AI, we trust

Subscribe to this bi-weekly newsletter here!

Welcome to the latest issue of Pardon The Intrusion, TNW's fortnightly newsletter in which we explore the wilderness of security.

In the last newsletter, we talked about using artificial intelligence to combat malware.

This has led me to think about how to design effective machine learning models to detect malicious content, especially because of their constant evolution.

You know how it goes: cyber-saviors find a way to attack malware on computers and security managers build defense systems to prevent them. The bad guys then find another way to slip in, a new defense is built.

Enter, defend, repeat. And it continues, again and again.

I interviewed Adrien Gendre, chief architect of solutions at Vade Secure, a predictive email defense company, about it. Ultimately, this requires understanding the threats you are likely to face as a business and modeling an appropriate solution.

"When malware signatures change frequently, machine learning patterns designed to detect them lose their predictability," says Gendre. "It is essential to define malicious behavior for ML models to be effective."

But it also means that models are trained not only in the right datasets, but also in contradictory inputs, he warns.

Here's the problem: having huge amounts of training data means nothing. Appropriate data quality controls should also be put in place.

"What we need is a strong, supervised ML model based on quality data," says Gendre.

So, what does all this translate? Before adopting artificial intelligence for cybersecurity, companies must understand how they are used, whether they are effective and whether they have been applied correctly.


Do you have an urgent cyber security issue or privacy issue that you need help with? Send them to me by e-mail and I will discuss them in the next newsletter! Now, more news on security.

What is the trend in security?

  • A new parody website generates random excuses for why businesses have been hacked and apologize to their users. (Why was I raped?)

  • Privacy-driven search engine DuckDuckGo has deployed smarter encryption, which automatically directs you to encrypted versions of websites. (DuckDuckGo)

  • Looking back on the story of 2015 regarding a hacker and a modern hacker: Hamza Bendelladj was convicted in the United States for using a computer virus to steal money from more than 200 banks and institutions to donate millions of dollars to Palestinian charities. (Al Jazeera)

  • A small minority of Robinhood users have played a bug in the free trading platform to get infinite money for trade. (Bloomberg)

  • Talk about becoming a thug. An employee of TrendMicro, a cyber security company, sold data from 68,000 customers – less than 1% of the company's 12 million customers – to technical support fraudsters. (Ars Technica)
  • This new attack uses obscuration strings to evade antivirus protection and steal user passwords, track online habits and hack the personal information of Google Chrome, Safari and Firefox. (Cisco Talos)

  • Ransomware attacks have broken out in various cities in Louisiana and Boston, targeting government entities and hospitals. Another project was for a large web hosting company, SmarterASP.NET.

  • At a glance in Microsoft ATP, the team that tracks the most dangerous hackers in the world. (MIT Technology Review)

  • Google had an independent cybersecurity subsidiary called Chronicle. Here is the chronicle of how he burned. (Motherboard)

  • Apple is working on a fix for a bug in macOS that stores encrypted email messages in plain text format. (Bob Gendler)

  • This new variant of MegaCortex Ransomware has been found to encrypt your files, change your password and threaten to publish your files if you do not pay. In a separate discovery, the researchers detected an unusual form of ransomware deployed during targeted attacks against enterprise servers.

  • Finally, an iOS app can check if your iPhone has been hacked. (IVĂ©rifier)

  • Security researchers have discovered weaknesses in the baseband software underlying Android phones, which could be exploited to cause vulnerable phones to abandon their unique credentials – such as their IMEI and IMSI numbers – degrading the connection of A target to intercept phone calls, transfer calls to another phone or block all phone calls and internet access altogether. (TechCrunch)

  • Amazon corrected a flaw in Ring, which exposed the passwords of Wi-Fi networks to which they were connected in plain text, thus allowing hackers to intercept the Wi-Fi password and password. access the network to launch larger attacks or monitor. (TechCrunch)

  • 2019 is officially the worst year for data breach – 5,183 data breaches were reported, with 7.9 billion records exposed in the first nine months of this year. (Risk-based security)

  • The ZombieLoad flaw came back from the dead as a new version that could allow any hacker who successfully executes code on a target computer to force Intel chips to leak sensitive data – something that the company neglected to fix for 14 months. (Wired)

  • A hacking group linked to the Iranian government – dubbed "APT33" – is using botnets for highly targeted malware campaigns against organizations in the Middle East, the United States, and Asia. (Trend Micro)

  • The IT provider InfoTrax Systems has detected a security breach only after one of its servers has exploited its storage capacity to the maximum, result of the creation by a hacker of an archive file of Data so large that a hard disk no longer has enough disk space. (FTC)

Data point

New statistics released by APWG revealed that phishing attacks are at the highest level in 3 years. The total number of phishing sites detected between July and September 2019 was 266,387. This represents a 46% increase over the 182,465 observed in the second quarter of 2019 and almost double the 138,328 recorded in the fourth quarter of 2018.