Lauri Palkmets

116 Added | 1 Magazine | 4 Following | 7 Followers | @LauriPalkmets | Keep up with Lauri Palkmets on Flipboard, a place to see the stories, photos, and updates that matter to you. Flipboard creates a personalized magazine full of everything, from world news to life’s great moments. Download Flipboard for free and search for “Lauri Palkmets”

From AI to Russia, Here’s How Estonia’s President Is Planning for the Future

At 48 years old, Kersti Kaljulaid is Estonia’s youngest president ever, and its first female president. A marathon runner with degrees in genetics …

Cyber-attacks

What is Mitre's ATT&CK framework? What red teams need to know

The ATT&CK framework, developed by Mitre Corp., has been around for five years and is a living, growing document of threat tactics and techniques …

Cybersecurity

A Cyberattack in Saudi Arabia Had a Deadly Goal. Experts Fear Another Try.

In August, a petrochemical company with a plant in Saudi Arabia was hit by a new kind of cyberassault. The attack was not designed to simply destroy data or shut down the plant, investigators believe. It was meant to sabotage the firm’s operations and trigger an explosion.<p>The attack was a dangerous …

Cybersecurity

Air Force security hackathon leads to record payout

The US Air Force's second security hackathon has paid dividends... both for the military and the people finding holes in its defenses. HackerOne has revealed the results of the Hack the Air Force 2.0 challenge from the end of 2017, and it led to volunteers discovering 106 vulnerabilities across …

Windows security: Microsoft issues Adobe patch to tackle Flash zero-day

Microsoft is protecting Windows users from a Flash Player flaw exploited by suspected North Korean hackers.<p><i>Video: Job-offer malware linked to North</i> …

Understanding the Attack Vectors of CVE-2018-0101

Cisco is committed to responsible coordinated disclosure about vulnerabilities, and maintains a very open relationship with the security research community. On January 29, 2018, the Cisco PSIRT learned about public knowledge of a remote code execution and denial of service vulnerability affecting …

Threat or menace? “Autosploit” tool sparks fears of empowered “script kiddies” | Ars Technica

400 lines of Python code + Shodan + Metasploit equals a whole heap of hand-wringing.<p>The tools used by security researchers, penetration testers, and …

Exploit Development: How to Write Specific Values to Memory with Format String Exploitation

During our last adventure into the realm of format string exploitation, we learned how we can manipulate format specifiers to rewrite a program's …

Vulnerable industrial controls directly connected to Internet? Why not? | Ars Technica

Even some devices with patches available are connected to the naked Internet.<p>Yesterday, Siemens issued an update to a year-old product vulnerability …

Information Security

Schneider Electric: TRITON/TRISIS Attack Used 0-Day Flaw in its Safety Controller System, and a RAT

ICS/SCADA vendor discloses in-depth analysis of a recent targeted attack against one of its customers.<p><i>[UPDATED 12:50pmET with information from</i> …

Information Security

What Really Happened with Vista: An Insider’s Retrospective

“Experience is something you don’t get until just after you need it.” — Steven Wright.<p>[Author’s Note: Originally published here, this blog has …

Bill Gates

Processor flaw exposes 20 years of devices to new attack

Chipocalypse now<p>All week, the tech world has been piecing through rumors of a potentially catastrophic flaw in an entire generation of processors — but with all developers subject to a non-disclosure agreement, there were few hard facts to go on.<p>Now, new details have emerged on how severe and far …

Information Security

Avast launches open-source decompiler for machine code

Keeping up with the latest malware and virus threats is a daunting task, even for industry professionals. Any device connected to the Internet is a …

What’s new in SSMS 17.4: SQL Vulnerability Assessment

<i>This post is authored by Ronit Reger, Senior Program Manager, SQL Data Security and Alan Yu, Program Manager, SQL Server</i><p><b>We are excited to announce</b> …

Script Recovers Event Logs Doctored by NSA Hacking Tool

Security researchers have found a way to reverse the effects of an NSA hacking utility that deletes event logs from compromised machines. [...]

Information Security

PESCO: EU army one step closer after defense pact agreement

The prospect of a European army has gained momentum following a historic agreement by 25 member states. The new defense cooperation PESCO could …

Geopolitics

NIST Releases Updated Draft of Cybersecurity Framework

On December 5, 2017, the National Institute of Standards and Technology (“NIST”) announced the publication of a second draft of a proposed update to …

Nonprofits

'Janus' vulnerability allows attackers to modify APKs without changing signature, APKMirror already protected

Since the first release, Android has required developers to sign their applications. When you update an app, Android will compare the update's …

There is a war for elite tech talent raging in Europe

A "Battle Royale" for the very best tech talent is raging across Europe, according to a report published on Thursday by venture capital firm Atomico.<p>There are now 5.5 million software developers across Europe, which is 500,000 more than there were last year. Germany has the most with 837,000, while …

Startups

Mr.SIP – SIP Attack And Audit Tool

Mr.SIP was developed in Python as a SIP Attack and audit tool which can emulate SIP-based attacks. Originally it was developed to be used in academic …

Information Security

Set up TensorFlow with Docker + GPU in Minutes

Along with Jupyter and OpenCV<b>Docker is the best platform to easily install Tensorflow with a GPU</b>. This tutorial aims demonstrate this and test it on …

Machine Learning

Microsoft unveils Azure Government Secret to help U.S. agencies handle classified data

More and more government agencies are realizing the benefits of cloud computing, and Microsoft is poised to unveil several new updates to its cloud …

IDG Contributor Network: NIST Cybersecurity Framework not just for large organizations

The National Institute of Standards and Technology (NIST) has been dedicating a lot of time and effort to help organizations improve their …

Cybersecurity

Senate approves self-driving cars for US roadways

The US Senate today announced it had reached an agreement internally concerning self-driving car technology. The Senate is expected to pass legislation on October 4th that would clear regulations and restrictions for manufacturers, in essence providing a clear path to putting driverless cars on the …

IDG Contributor Network: The rise of the cheap information security officer

Almost two years ago, I wrote in "Prospective security employees see too many low-ball offers" that much of so-called shortage of information …

New Jersey

Rapid7 Nexpose Community Edition – Free Vulnerability Scanner

Rapid7 Nexpose Community Edition is a free vulnerability scanner & security risk intelligence solution designed for organizations with large …

Scanners

Huge security flaw in macOS lets hackers steal your passwords

Apple’s new macOS High Sierra was released yesterday to glowing reviews, but a concerning security vulnerability is wrecking the crucial software …

High Sierra

Want to be a better programmer? Try Microsoft's 'code-writing', question-answering Stack Overflow Bot

The bot answers English language queries about programming, drawing upon the information in the millions of questions and answers available via Stack …

CCleaner backdoor infecting millions delivered mystery payload to 40 PCs | Ars Technica

Samsung, Asus, Fujitsu, Sony, and Intel among those infected.<p>At least 40 PCs infected by a backdoored version of the CCleaner disk-maintenance …

Eastern Europe