Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

TED 2017 - Cathy O'Neils' 'The Era of Blind Faith in Big Data Must End' →

September 05, 2017 by Marc Handelman in All is Information, Data That Is Big, Data That Wants To Be Big
September 05, 2017 /Marc Handelman
All is Information, Data That Is Big, Data That Wants To Be Big

USENIX Enigma 2017 — Nestan Tsiskaridze's 'Leveraging the Power of Automated Reasoning in Security Analysis of Web Applications and Beyond' →

September 01, 2017 by Marc Handelman in All is Information, Alternate Attack Analysis, AI Security, Conferences, Data That Is Big, Data Driven Security, Education, Information Security, Machine Learning

This is a joint work with Clark Barrett (NYU/Stanford University), Morgan Deters (NYU), Tianyi Liang (The University of Iowa), Andrew Reynolds (The University of Iowa/EPFL), Cesare Tinelli (The University of Iowa) and Nestan Tsiskaridze, University of California, Santa Barbara.

September 01, 2017 /Marc Handelman
All is Information, Alternate Attack Analysis, AI Security, Conferences, Data That Is Big, Data Driven Security, Education, Information Security, Machine Learning

Macie the Discoverer →

August 21, 2017 by Marc Handelman in All is Information, Automation, DBMS Security, Database Security, Data Security, Data That Is Big, Data Loss Prevention, Data Driven Security, Information Security, Security Inventions, Security Architecture, Security Automation, Data Discovery

News that Macie The Discoverer has arrived in your S3 bucket... Data Security Automation - potentially - at it's finest? You be the judge.

August 21, 2017 /Marc Handelman
All is Information, Automation, DBMS Security, Database Security, Data Security, Data That Is Big, Data Loss Prevention, Data Driven Security, Information Security, Security Inventions, Security Architecture, Security Automation, Data Discovery

The Disingenuous →

August 15, 2017 by Marc Handelman in All is Information, Data That Is Big, Data Security, Data Leakage, Data Driven Security, Information Security

Do you unequivocally trust iRobot with your personal data, including internal mapping of your home? Read this post to learn more.

August 15, 2017 /Marc Handelman
All is Information, Data That Is Big, Data Security, Data Leakage, Data Driven Security, Information Security

NKOTBlockchain →

July 27, 2017 by Marc Handelman in Blockchain, Decentralization, DBMS Security, Database Security, Data Security, Data That Is Big, Information Security

Eh, wot? New Kids on the Blockchain? No - simply put, it's the proliferation of Blockhain technology (in this case distributed database schema) into industrial processes. via the UK's The Engineer, and writer Andrew Wade, comes the news of said blockhain spread. Today's MustRead!

July 27, 2017 /Marc Handelman
Blockchain, Decentralization, DBMS Security, Database Security, Data Security, Data That Is Big, Information Security

University of Washington's Bergstrom & West, 'Calling Bullshit, In the Age Of Big Data' - Lecture Series →

April 18, 2017 by Marc Handelman in Education, Data Science, Data That Is Big

via the University of Washington's Information School instructors Carl Bergstrom, Pd.D. and Jevin West, Ph.D., comes this superlative lecture series identifying bullshit within the scope of today's oft-used phrase 'Big Data'...

April 18, 2017 /Marc Handelman
Education, Data Science, Data That Is Big

SANS CTI 2017, Dave Herrald's and Ryan Kovar's 'The Threat Intel Victory Garden: Threat Intelligence Using Open Source Tools' →

April 10, 2017 by Marc Handelman in All is Information, Conferences, Education, Data Science, Data That Is Big, Intelligence, Threat Intelligence
April 10, 2017 /Marc Handelman
All is Information, Conferences, Education, Data Science, Data That Is Big, Intelligence, Threat Intelligence

Splunked, The Leak →

April 06, 2017 by Marc Handelman in All is Information, Analytics, Attack Analysis, Data That Is Big, Information Sciences, Information Security

via the eponymous Richard Chirgwin, whilst writing at El Reg, comes this unfortunate tale of security flaws within Splunk Enterprise (now, happily patched). First discovered by John Page (aka hyp3rlinx), and published via an advisory at Full Discosure. Here's hyp3rlinxs' source.

For the Record: We have always been pleased with Splunk products, and, most importantly, they are fast and focused when fixing issues.

The takeway? Make an effort to be extraordinarily cognizant of the threats posed by log and machine generated data aggregation in the enterprise. That is all.

April 06, 2017 /Marc Handelman
All is Information, Analytics, Attack Analysis, Data That Is Big, Information Sciences, Information Security

Machine-Based Investigation: Fully →

March 14, 2017 by Marc Handelman in All is Information, Analytics, Computation, Data That Is Big, Exploration, Fingerprinting, Information Sciences, Intelligence, Robots, Machine Learning

via Motherboard writer Michael Byrne, comes this well-wrought piece on the apparent proliferation of 'bots on Twitter, ie., the implications of algorithm-driven entities on the Twitterverse. The fascinating component to this study by Onur Varol, Emilio Ferrara, Clayton A. Davis, Filippo Menczer and Alessandro Flammini, was the utilization of a machine-learning apparatus (and the feature-sets therein) to tease out the truth. Additional documentation (in the form of the paper) is available on arXIv. Today's MustRead.

"Part of what makes the new research interesting is the sheer number of features used in the classification model..." - Motherboard's Michael Byrne

March 14, 2017 /Marc Handelman
All is Information, Analytics, Computation, Data That Is Big, Exploration, Fingerprinting, Information Sciences, Intelligence, Robots, Machine Learning

Shmoocon 2017, Matt Blaze - The Metadata is the Message →

February 14, 2017 by Marc Handelman in All is Information, Conferences, Education, Information Security, Data That Is Big
February 14, 2017 /Marc Handelman
All is Information, Conferences, Education, Information Security, Data That Is Big

33c3, Lisa Charlotte Rost's 'A Data Point Walks Into a Bar' →

January 31, 2017 by Marc Handelman in All is Information, Conferences, Data That Is Big, Data Mining, Data Security
January 31, 2017 /Marc Handelman
All is Information, Conferences, Data That Is Big, Data Mining, Data Security

33c3, Wolfie Christl's 'Corporate Surveillance, Digital Tracking, Big Data & Privacy' →

January 26, 2017 by Marc Handelman in All is Information, Conferences, Data That Is Big, Big Data, Data Leakage, Demise of Privacy, Corporate Evil, Surveillance, Bulk Data Collection, Information Security
January 26, 2017 /Marc Handelman
All is Information, Conferences, Data That Is Big, Big Data, Data Leakage, Demise of Privacy, Corporate Evil, Surveillance, Bulk Data Collection, Information Security

DBMS Attacks Target CouchDB and Hadoop Deployments →

January 24, 2017 by Marc Handelman in All is Information, DBMS Security, Database Security, Data That Is Big, Data Security, Information Security

...and now - just when you thought it was safe to turn out the lights on your datacenter, and let all that Data That Is Big percolate up through your Enterprise, comes news of more vectored ransomware attacks targeting Hadoop and CouchDB instances. Today's Must Read, indeed.

Hat Tip

January 24, 2017 /Marc Handelman
All is Information, DBMS Security, Database Security, Data That Is Big, Data Security, Information Security

33c3, Axel Naumann's 'CERN: How Physicists Analyze Massive Data: LHC + Brain + ROOT = Higgs' →

January 20, 2017 by Marc Handelman in All is Information, Conferences, Science, Physics, Data That Is Big
January 20, 2017 /Marc Handelman
All is Information, Conferences, Science, Physics, Data That Is Big

33c3, James Bridle's 'A New Dark Age' →

January 15, 2017 by Marc Handelman in Conferences, Information Security, Accountability, Big Data, Data That Is Big
January 15, 2017 /Marc Handelman
Conferences, Information Security, Accountability, Big Data, Data That Is Big