This week, we look at API vulnerabilities in Kubernetes and 3Fun, upcoming API Specification Conference, and slides from EIN 2019 conference presentation.
Vulnerabilities: Kubernetes
Kubernetes has fixed the API vulnerability CVE-2019-11247.
This week, we look at API vulnerabilities in Kubernetes and 3Fun, upcoming API Specification Conference, and slides from EIN 2019 conference presentation.
Kubernetes has fixed the API vulnerability CVE-2019-11247.
This week, we take a look into API vulnerabilities found in Tinder and Axway SecureTransport. In other news, FTC and Equifax have reached a settlement related to the 2017 breach, and the slides for an API security talk have been posted.
Sanskar Jethi has found that Tinder enforces its premium features (such as unblurred images of those who like you) to be available for premium membership only in the app, not in the API. Their API actually delivers regular, unblurred images to everyone.
Millions of repositories are hosted on GitHub, and lots of projects hosted there make their way into your project as dependencies. Developers can just look for modules that cover their use-case and import it into their project, which is actually great! The not-so-great part about importing third-party code is that developers usually just ignore the security aspects of it altogether.
According to GitHub, its security scan for vulnerabilities in Ruby and JavaScript unearthed more than four million bugs, which sparked a significant clean-up effort by project owners. As demonstrated by Equifax’s massive data breach, vulnerable open-source software libraries may contain significant security repercussions. GitHub has made some improvements in terms of notifying the user about the security issues in their code, but the users are required to opt into their security alerts.
Microsoft recently published a blog post announcing a new competition for data scientists. It calls for participants to use machine learning to predict, given the current state of a device, when (or if) it is likely to get infected with malware.
"The competition provides academics and researchers with varied backgrounds a fresh opportunity to work on a real-world problem using a fresh set of data from Microsoft," the blog post states. "Results from the contest will help us identify opportunities to further improve Microsoft’s layered defenses, focusing on preventative protection. Not all machines are equally likely to get malware; competitors will help build models for identifying devices that have a higher risk of getting malware so that preemptive action can be taken."
Want to know what is SNI and how it works? Well, you’ve come to the right place (not sure about the right time though). Quite often, this great technology goes under the radar, and that’s somewhat understandable. So, here we are doing what we always do – unscrambling the “technical” stuff.
Let’s get under the hood of the technology that is Server Name Indication.
The considerable number of articles cover Machine Learning for cybersecurity and the ability to protect us from cyber attacks. Still, it’s important to scrutinize how actually Artificial Intelligence (AI), Machine Learning (ML), and Deep Learning (DL) can help in cybersecurity right now and what this hype is all about.
First of all, I have to disappoint you. Unfortunately, Machine Learning will never be a silver bullet for cybersecurity compared to image recognition or natural language processing, two areas where Machine Learning is thriving. There will always be a man trying to find weaknesses in systems or ML algorithms and to bypass security mechanisms. What’s worse, now hackers are able to use Machine Learning to carry out all their nefarious endeavors.
There is no denying the fact that we are more connected than ever today and this connectivity only seems to increase by the day. The world today has shrunk within a small handheld mobile device, hasn’t it? Smarter technology is bringing not only the world but the future closer.
Alongside, this trend has exponentially increased the rate of data generation. Servers are not the only high-volume data-sources anymore. Mobile devices and internet of things (IoT) are churning out a copious amount of information each second. As the number of smartphones and connected devices grows, this inflow of data multiplies too. It should be noted that this data is multiplying with each second and getting more and more massive in size.
En continuant à naviguer sur le site, vous acceptez que nous utilisions quelques cookies.
OKPlus d'infoNous utilisons les cookies pour nous faire savoir quand vous visitez nos sites Web, comment vous interagissez avec nous, pour enrichir votre expérience utilisateur et pour personnaliser votre relation avec notre site Web.
Cliquez sur les différents titres de catégories pour en savoir plus. Vous pouvez également modifier certaines de vos préférences. Notez que le blocage de certains types de cookies peut avoir un impact sur votre expérience sur nos sites Web et les services que nous sommes en mesure d'offrir.
These cookies are strictly necessary to provide you with services available through our website and to use some of its features.
Because these cookies are strictly necessary to deliver the website, you cannot refuse them without impacting how our site functions. You can block or delete them by changing your browser settings and force blocking all cookies on this website.
Ces cookies recueillent des renseignements qui sont utilisés sous forme agrégée pour nous aider à comprendre comment notre site Web est utilisé ou l'efficacité de nos campagnes de marketing, ou pour nous aider à personnaliser notre site Web et notre application pour vous afin d'améliorer votre expérience.
Si vous ne voulez pas que nous suivions votre visite sur notre site, vous pouvez désactiver le suivi dans votre navigateur ici :
Nous utilisons également différents services externes comme Google Webfonts, Google Maps et les fournisseurs externes de vidéo. Comme ces fournisseurs peuvent collecter des données personnelles comme votre adresse IP, nous vous permettons de les bloquer ici. Veuillez noter que cela pourrait réduire considérablement la fonctionnalité et l'apparence de notre site. Les changements prendront effet une fois que vous aurez rechargé la page.
.
Paramètres de Google Webfont Settings :
Google Map :
Vimeo et Youtube :
Vous pouvez lire nos cookies et nos paramètres de confidentialité en détail sur la page suivante