Archives

COMMSEC: Shaping The Future of The 0Day Market

The 0-day vulnerability market developed over the years in a “bottom-up” way that is unsafe, chaotic and rather inefficient. Bad business practices, lack of professionalism and low levels of trust are still spread in this market even today, and can seriously hamper the ability of Law Enforcement and Intelligence Agencies to acquire and maintain strategic […]

COMMSEC: Exploitation with Shell Reverse and Infection with PowerShell

The purpose of this presentation, it was to execute several efficiency and detection tests in our lab environment protected with an endpoint solution, provided by CrowdStrike, this document brings the result of the defensive security analysis with an offensive mindset using reverse shell techniques to gain the access inside the victim’s machine and after that […]

COMMSEC: Breaking Siemens SIMATIC S7 PLC Protection Mechanism

Siemens SIMATIC PLCs are widely used worldwide, and account for a high share of the market. These PLCs are used in control scenarios for critical information infrastructures, such as energy, water, power, oil and gas, and other industries. To protect user’s logical program and to prevent unauthorized operation, Siemens has designed the PLC protection mechanism, […]

COMMSEC: 5G Networks and Interconnect Threats

Roaming N32 interconnect between 5G SA (Standalone) core networks is one of the crucial external interfaces connecting carriers on which security by design was one of the key aspects by 3GPP standardization. Despite the confidentiality, integrity and authenticity protection of 5G interconnects, there is still need for application-level filtering by 5G signalling firewall on the […]

COMMSEC: One Stop Anomaly Shop

One Stop Anomaly Shop (OSAS) is a complete machine learning framework aimed to discovered anomalies in a given dataset. The open source project represents an implementation of several Adobe’s Security Intelligence Team Patents and White papers. The project aims to enable the user to create a custom pre-processing pipeline, using predefined recipes for numerical, categorical, text and combined datatypes. The output […]

COMMSEC: Model Robustness Will Hurt Data Privacy?

Artificial Intelligence (AI) technology has been widely deployed and made human lives much more convenient. It has become the cornerstone of many technologies, such as object detection, automatic speech recognition (ASR), natural language processing, and autonomous driving, etc. However, prior work has shown that most AI algorithms based on deep neural networks are easy to […]

COMMSEC: JARM Randomizer: Evading JARM Fingerprinting

JA3 was introduced in 2017 by Salesforce to fingerprint client Hello packets in a TLS/SSL handshake. This simple idea stirred up the real-world possibilities of using TLS fingerprinting to identify anomalous client applications in a network environment. This is quite useful when identifying unusual binaries and executables that conduct Command and Control operations using encrypted […]

COMMSEC: The History of Adversarial AI

AI is worth the hype. Deep learning particularly has proved its wide practical implementation in different areas, especially in the field of new interfaces between users and programs. If you look at technologies retrospectively, it becomes clear that each decade was marked by the development of certain technology, subsequently the advent of attacks and then […]