When designing and implementing a machine learning model, ensuring it is continually updated is a challenge that all engineers encounter. In this article, I explore the online machine learning technique that I used during a project and present how it was implemented for effective results. Choosing a machine learning method Machine learning solutions can be mainly split into offline and online methods. Online machine learning is a method in which data becomes available in a sequential order and is used to update the best predictor for future data at each step, as opposed to batch learning techniques which generate the best predictor by learning on the entire training data set at once. From this concept, the core components are the data in a sequential order and updating at each step. Online machine learning is necessary is based on the following reasons: Detection models...
JUMPSEC LABS
The JUMPSEC Lab is a place where the the technical team get creative and showcase their latest security research, publications, interesting news and general thoughts! We love what we do and are passionate about security, with some great upcoming projects planned, bookmark our site and stick around to see what we are working on.
QUEST KACE Desktop Authority Pre-Auth Remote Code Execution (CVE-2021-44031)
Software: QUEST KACE Desktop AuthorityAffected Versions: 11.1 and earlier. Vendor page: https://www.quest.com/products/kace-desktop-authority/CVE Reference:...
Abusing SharedUserData For Defense Evasion and Exploitation
Over the past few weeks, I have been working on a custom packer in my spare time. In doing so, I needed to create a method of delaying execution within the unpacker stub that...
PowerShell Jobs
JUMPSEC investigators recently observed an adversary weaponising PowerShell Jobs to schedule their attack whilst responding to an incident. We discuss what PowerShell Jobs are, how they can be leveraged for malicious purposes, and how defenders can protect, detect, and respond to neutralise the threat.
Burp Suite and Beyond: Exploring non-HTTP protocols using MITM_RELAY
In this article, Muhammet takes us on a deep technical journey to persevere beyond the limitations of the proxy tool Burpsuite, and explore non-HTTP, application-layer protocols using ‘MITM RELAY’.
Running Once, Running Twice, Pwned! Windows Registry Run Keys
The Windows registry is a vast and complex topic and cannot be understood and defended in one article. One particular area of interest from a security perspective is registry run keys. In this article, we discuss who uses them, how to uncover abuse, and how to eradicate evil from them.
Can Depix deobfuscate your data?
In this post, Caleb explores Depix and its potential to recover sensitive text from reports that were redacted by the original authors.
Car Hacking – Manual Bypass of Modern Rolling Code Implementations
Introduction I recently researched modern algorithms used by keyfobs to open cars. Since most of the blogs online talking about the topic are unfortunately quite old and in general and do not precisely describe the exact path followed in detail, nor the code used. I thought that talking about my experience could be interesting and inspiring for other researchers. I won’t go in depth on certain...
Obfuscating C2 During a Red Team Engagement
Command-and-Control (C2) infrastructure is one the most important tools in a red teamer’s arsenal. In this article, we introduce a few simple methods that red teams use to harden their C2 infrastructure.
PRINTNIGHTMARE NETWORK ANALYSIS
By Dray Agha The infosec community has been busy dissecting the PrintNightmare exploit. There are now variations of the exploit that can have various impacts on a target machine. When we at JUMPSEC saw that Lares had captured some network traffic of the PrintNightmare exploit in action, I wondered if there was an opportunity to gather network-level IoCs...
Securing against new offensive techniques abusing active directory certificate service
SpecterOps recently released an offensive security research paper that details techniques enabling an adversary to abuse insecure functionality in Active Directory Certificate Service. SpecterOps reports that abusing the legitimate functionality of Active Directory Certificate Service will allow an adversary to forge the elements of a certificate to authenticate as any user or administrator in...
GitHub Activity
Full information here: ➡️ https://t.co/jhp1fHIrR8
#vulnerability #cve #networkmonitoring @Mutiny https://t.co/MKbl9mQTdx
Get your ticket here: ➡️ https://t.co/wLBXA6LIiw
#cybersecurity #career @CRESTadvocate https://t.co/k15dI2DoHl
Read here: https://t.co/YPEYUO8U6c
#machinelearning #cybernews #labs #apache #apacheairflow https://t.co/kFYyHKX4iU
We have TWO tickets to give away.🎟️🎟️ Keep an eye 👀on our @JUMPSEC and @JumpsecLabs Twitter feed early next week to get your hands on them...🤲 Watch this space..................
#cyberSecurity #cybernews #giveaway https://t.co/lcHGSSoAiV
Read here ➡️ https://t.co/O9gafp9AOA
#Offsec #Exploits #DefenceEvasion @0xLegacyy @JUMPSEC https://t.co/E5JUu8NHth
#cybersecurity #vulnerabilities #SQL
@manageengine #cybernews https://t.co/wwv6HS8WPJ
Disclaimer
The information provided on this website is to be used for educational purposes only. The author is in no way responsible for any misuse of the information provided. Any actions and or activities related to the material contained within this website is solely your responsibility.