#networkintelligence — Public Fediverse posts

# Lunes 15/12 14hs - Seminario “Gathering Threat Intelligence from Encrypted Network Traffic” Prof. Ondřej Ryšavý, Brno University of Technology (BUT), República Checa.

Tenemos el agrado de invitarlos a la charla que brindará el Prof. Ondřej Ryšavý que nos visita desde la Brno University of Technology (BUT) de la República Checa.

Esta visita se da en el marco de una cooperación activa entre BUT y el DC/ICC en temas de seguridad informática (aunque no exclusivamente), con lo cual este seminario es también una oportunidad para aquellos investigadores, docentes y alumnos que deseen sumarse a las iniciativas en curso.

🗓 lunes 15 de diciembre

🕑 14:00 hs.

📍 Sala 1606, Pabellón 0+infinito, Ciudad Universitaria, Buenos Aires, Argentina. geo:-34.54396,-58.44038?z=16

🌐 Idioma: Inglés.

Título: Gathering Threat Intelligence from Encrypted Network Traffic

Abstract: Encrypted communication now dominates network environments, reducing the visibility of defenders and demanding new approaches that derive security intelligence without decrypting content. This presentation unifies three complementary research directions into a single, end-to-end framework for threat identification, behavior profiling, and malware attribution.

First, it introduces a privacy-preserving methodology for latent behavior modeling of TLS traffic. This methodology uses autoencoder-based profiling, extended flow-level metadata, and federated learning for distributed training across sites. The results demonstrate that encrypted traffic can be characterized statistically and semantically without access to the payload, enabling scalable anomaly detection while reducing the risk of data exposure. The second part focuses on threat detection through IoC-driven context enrichment. In this approach, Indicators of Activity (IoAs) extracted from hosts are matched against fuzzy IoC sets derived from malware. This enables family-level correlation, threshold-based scoring, and experimentation in semi-controlled infected environments. Lastly, the presentation explores JA3/JA4+ TLS fingerprinting as a higher-resolution layer for application and malware discrimination. An experimental evaluation using sandbox-generated datasets reveals patterns of uniqueness, coverage, and collisions across multiple malware families and benign applications. This demonstrates how fingerprinting can facilitate attribution and classification in encrypted networks.

Short Bio:
Ondřej Ryšavý is an associate professor at Brno University of Technology who specializes in network security monitoring, threat intelligence, and digital forensics. His research focuses on advanced methods for analyzing network telemetry, detecting cyber threats in encrypted traffic, and enhancing forensic readiness in modern infrastructures. He has served as both a principal and co-investigator on numerous international and national research initiatives, contributing to the development of innovative cybersecurity tools, threat hunting methodologies, and privacy-aware analytics

#FITVUT #FITBUT #VUTBrno #FITVUTBrno #FITBUTBrno #ThreatIntelligence #SeguridadInformática #NetworkIntelligence #NetworkSecurity #cybersecurity #ThreatHunting #UBA #DCUBA #ICCUBA #DCFCENUBA #FCENUBA #ComputaciónUBA #ICCFCENUBA #inteligencia #InteligenciaDeAmenazas #BuenosAires #Argentina #CiudadUniversitariaUBA #CiudadUniversitariaBuenosAires #seminario #charla #cooperaciónInternacional #investigación #CienciasDeLaComputación #ComputerScience

# Lunes 15/12 14hs - Seminario “Gathering Threat Intelligence from Encrypted Network Traffic” Prof. Ondřej Ryšavý, Brno University of Technology (BUT), República Checa.

Tenemos el agrado de invitarlos a la charla que brindará el Prof. Ondřej Ryšavý que nos visita desde la Brno University of Technology (BUT) de la República Checa.

Esta visita se da en el marco de una cooperación activa entre BUT y el DC/ICC en temas de seguridad informática (aunque no exclusivamente), con lo cual este seminario es también una oportunidad para aquellos investigadores, docentes y alumnos que deseen sumarse a las iniciativas en curso.

🗓 lunes 15 de diciembre

🕑 14:00 hs.

📍 Sala 1606, Pabellón 0+infinito, Ciudad Universitaria, Buenos Aires, Argentina. geo:-34.54396,-58.44038?z=16

🌐 Idioma: Inglés.

Título: Gathering Threat Intelligence from Encrypted Network Traffic

Abstract: Encrypted communication now dominates network environments, reducing the visibility of defenders and demanding new approaches that derive security intelligence without decrypting content. This presentation unifies three complementary research directions into a single, end-to-end framework for threat identification, behavior profiling, and malware attribution.

First, it introduces a privacy-preserving methodology for latent behavior modeling of TLS traffic. This methodology uses autoencoder-based profiling, extended flow-level metadata, and federated learning for distributed training across sites. The results demonstrate that encrypted traffic can be characterized statistically and semantically without access to the payload, enabling scalable anomaly detection while reducing the risk of data exposure. The second part focuses on threat detection through IoC-driven context enrichment. In this approach, Indicators of Activity (IoAs) extracted from hosts are matched against fuzzy IoC sets derived from malware. This enables family-level correlation, threshold-based scoring, and experimentation in semi-controlled infected environments. Lastly, the presentation explores JA3/JA4+ TLS fingerprinting as a higher-resolution layer for application and malware discrimination. An experimental evaluation using sandbox-generated datasets reveals patterns of uniqueness, coverage, and collisions across multiple malware families and benign applications. This demonstrates how fingerprinting can facilitate attribution and classification in encrypted networks.

Short Bio:
Ondřej Ryšavý is an associate professor at Brno University of Technology who specializes in network security monitoring, threat intelligence, and digital forensics. His research focuses on advanced methods for analyzing network telemetry, detecting cyber threats in encrypted traffic, and enhancing forensic readiness in modern infrastructures. He has served as both a principal and co-investigator on numerous international and national research initiatives, contributing to the development of innovative cybersecurity tools, threat hunting methodologies, and privacy-aware analytics

#FITVUT #FITBUT #VUTBrno #FITVUTBrno #FITBUTBrno #ThreatIntelligence #SeguridadInformática #NetworkIntelligence #NetworkSecurity #cybersecurity #ThreatHunting #UBA #DCUBA #ICCUBA #DCFCENUBA #FCENUBA #ComputaciónUBA #ICCFCENUBA #inteligencia #InteligenciaDeAmenazas #BuenosAires #Argentina #CiudadUniversitariaUBA #CiudadUniversitariaBuenosAires #seminario #charla #cooperaciónInternacional #investigación #CienciasDeLaComputación #ComputerScience

# Lunes 15/12 14hs - Seminario “Gathering Threat Intelligence from Encrypted Network Traffic” Prof. Ondřej Ryšavý, Brno University of Technology (BUT), República Checa.

Tenemos el agrado de invitarlos a la charla que brindará el Prof. Ondřej Ryšavý que nos visita desde la Brno University of Technology (BUT) de la República Checa.

Esta visita se da en el marco de una cooperación activa entre BUT y el DC/ICC en temas de seguridad informática (aunque no exclusivamente), con lo cual este seminario es también una oportunidad para aquellos investigadores, docentes y alumnos que deseen sumarse a las iniciativas en curso.

🗓 lunes 15 de diciembre

🕑 14:00 hs.

📍 Sala 1606, Pabellón 0+infinito, Ciudad Universitaria, Buenos Aires, Argentina. geo:-34.54396,-58.44038?z=16

🌐 Idioma: Inglés.

Título: Gathering Threat Intelligence from Encrypted Network Traffic

Abstract: Encrypted communication now dominates network environments, reducing the visibility of defenders and demanding new approaches that derive security intelligence without decrypting content. This presentation unifies three complementary research directions into a single, end-to-end framework for threat identification, behavior profiling, and malware attribution.

First, it introduces a privacy-preserving methodology for latent behavior modeling of TLS traffic. This methodology uses autoencoder-based profiling, extended flow-level metadata, and federated learning for distributed training across sites. The results demonstrate that encrypted traffic can be characterized statistically and semantically without access to the payload, enabling scalable anomaly detection while reducing the risk of data exposure. The second part focuses on threat detection through IoC-driven context enrichment. In this approach, Indicators of Activity (IoAs) extracted from hosts are matched against fuzzy IoC sets derived from malware. This enables family-level correlation, threshold-based scoring, and experimentation in semi-controlled infected environments. Lastly, the presentation explores JA3/JA4+ TLS fingerprinting as a higher-resolution layer for application and malware discrimination. An experimental evaluation using sandbox-generated datasets reveals patterns of uniqueness, coverage, and collisions across multiple malware families and benign applications. This demonstrates how fingerprinting can facilitate attribution and classification in encrypted networks.

Short Bio:
Ondřej Ryšavý is an associate professor at Brno University of Technology who specializes in network security monitoring, threat intelligence, and digital forensics. His research focuses on advanced methods for analyzing network telemetry, detecting cyber threats in encrypted traffic, and enhancing forensic readiness in modern infrastructures. He has served as both a principal and co-investigator on numerous international and national research initiatives, contributing to the development of innovative cybersecurity tools, threat hunting methodologies, and privacy-aware analytics

#FITVUT #FITBUT #VUTBrno #FITVUTBrno #FITBUTBrno #ThreatIntelligence #SeguridadInformática #NetworkIntelligence #NetworkSecurity #cybersecurity #ThreatHunting #UBA #DCUBA #ICCUBA #DCFCENUBA #FCENUBA #ComputaciónUBA #ICCFCENUBA #inteligencia #InteligenciaDeAmenazas #BuenosAires #Argentina #CiudadUniversitariaUBA #CiudadUniversitariaBuenosAires #seminario #charla #cooperaciónInternacional #investigación #CienciasDeLaComputación #ComputerScience

# Lunes 15/12 14hs - Seminario “Gathering Threat Intelligence from Encrypted Network Traffic” Prof. Ondřej Ryšavý, Brno University of Technology (BUT), República Checa.

Tenemos el agrado de invitarlos a la charla que brindará el Prof. Ondřej Ryšavý que nos visita desde la Brno University of Technology (BUT) de la República Checa.

Esta visita se da en el marco de una cooperación activa entre BUT y el DC/ICC en temas de seguridad informática (aunque no exclusivamente), con lo cual este seminario es también una oportunidad para aquellos investigadores, docentes y alumnos que deseen sumarse a las iniciativas en curso.

🗓 lunes 15 de diciembre

🕑 14:00 hs.

📍 Sala 1606, Pabellón 0+infinito, Ciudad Universitaria, Buenos Aires, Argentina. geo:-34.54396,-58.44038?z=16

🌐 Idioma: Inglés.

Título: Gathering Threat Intelligence from Encrypted Network Traffic

Abstract: Encrypted communication now dominates network environments, reducing the visibility of defenders and demanding new approaches that derive security intelligence without decrypting content. This presentation unifies three complementary research directions into a single, end-to-end framework for threat identification, behavior profiling, and malware attribution.

First, it introduces a privacy-preserving methodology for latent behavior modeling of TLS traffic. This methodology uses autoencoder-based profiling, extended flow-level metadata, and federated learning for distributed training across sites. The results demonstrate that encrypted traffic can be characterized statistically and semantically without access to the payload, enabling scalable anomaly detection while reducing the risk of data exposure. The second part focuses on threat detection through IoC-driven context enrichment. In this approach, Indicators of Activity (IoAs) extracted from hosts are matched against fuzzy IoC sets derived from malware. This enables family-level correlation, threshold-based scoring, and experimentation in semi-controlled infected environments. Lastly, the presentation explores JA3/JA4+ TLS fingerprinting as a higher-resolution layer for application and malware discrimination. An experimental evaluation using sandbox-generated datasets reveals patterns of uniqueness, coverage, and collisions across multiple malware families and benign applications. This demonstrates how fingerprinting can facilitate attribution and classification in encrypted networks.

Short Bio:
Ondřej Ryšavý is an associate professor at Brno University of Technology who specializes in network security monitoring, threat intelligence, and digital forensics. His research focuses on advanced methods for analyzing network telemetry, detecting cyber threats in encrypted traffic, and enhancing forensic readiness in modern infrastructures. He has served as both a principal and co-investigator on numerous international and national research initiatives, contributing to the development of innovative cybersecurity tools, threat hunting methodologies, and privacy-aware analytics

#FITVUT #FITBUT #VUTBrno #FITVUTBrno #FITBUTBrno #ThreatIntelligence #SeguridadInformática #NetworkIntelligence #NetworkSecurity #cybersecurity #ThreatHunting #UBA #DCUBA #ICCUBA #DCFCENUBA #FCENUBA #ComputaciónUBA #ICCFCENUBA #inteligencia #InteligenciaDeAmenazas #BuenosAires #Argentina #CiudadUniversitariaUBA #CiudadUniversitariaBuenosAires #seminario #charla #cooperaciónInternacional #investigación #CienciasDeLaComputación #ComputerScience

# Lunes 15/12 14hs - Seminario “Gathering Threat Intelligence from Encrypted Network Traffic” Prof. Ondřej Ryšavý, Brno University of Technology (BUT), República Checa.

Tenemos el agrado de invitarlos a la charla que brindará el Prof. Ondřej Ryšavý que nos visita desde la Brno University of Technology (BUT) de la República Checa.

Esta visita se da en el marco de una cooperación activa entre BUT y el DC/ICC en temas de seguridad informática (aunque no exclusivamente), con lo cual este seminario es también una oportunidad para aquellos investigadores, docentes y alumnos que deseen sumarse a las iniciativas en curso.

🗓 lunes 15 de diciembre

🕑 14:00 hs.

📍 Sala 1606, Pabellón 0+infinito, Ciudad Universitaria, Buenos Aires, Argentina. geo:-34.54396,-58.44038?z=16

🌐 Idioma: Inglés.

Título: Gathering Threat Intelligence from Encrypted Network Traffic

Abstract: Encrypted communication now dominates network environments, reducing the visibility of defenders and demanding new approaches that derive security intelligence without decrypting content. This presentation unifies three complementary research directions into a single, end-to-end framework for threat identification, behavior profiling, and malware attribution.

First, it introduces a privacy-preserving methodology for latent behavior modeling of TLS traffic. This methodology uses autoencoder-based profiling, extended flow-level metadata, and federated learning for distributed training across sites. The results demonstrate that encrypted traffic can be characterized statistically and semantically without access to the payload, enabling scalable anomaly detection while reducing the risk of data exposure. The second part focuses on threat detection through IoC-driven context enrichment. In this approach, Indicators of Activity (IoAs) extracted from hosts are matched against fuzzy IoC sets derived from malware. This enables family-level correlation, threshold-based scoring, and experimentation in semi-controlled infected environments. Lastly, the presentation explores JA3/JA4+ TLS fingerprinting as a higher-resolution layer for application and malware discrimination. An experimental evaluation using sandbox-generated datasets reveals patterns of uniqueness, coverage, and collisions across multiple malware families and benign applications. This demonstrates how fingerprinting can facilitate attribution and classification in encrypted networks.

Short Bio:
Ondřej Ryšavý is an associate professor at Brno University of Technology who specializes in network security monitoring, threat intelligence, and digital forensics. His research focuses on advanced methods for analyzing network telemetry, detecting cyber threats in encrypted traffic, and enhancing forensic readiness in modern infrastructures. He has served as both a principal and co-investigator on numerous international and national research initiatives, contributing to the development of innovative cybersecurity tools, threat hunting methodologies, and privacy-aware analytics

#FITVUT #FITBUT #VUTBrno #FITVUTBrno #FITBUTBrno #ThreatIntelligence #SeguridadInformática #NetworkIntelligence #NetworkSecurity #cybersecurity #ThreatHunting #UBA #DCUBA #ICCUBA #DCFCENUBA #FCENUBA #ComputaciónUBA #ICCFCENUBA #inteligencia #InteligenciaDeAmenazas #BuenosAires #Argentina #CiudadUniversitariaUBA #CiudadUniversitariaBuenosAires #seminario #charla #cooperaciónInternacional #investigación #CienciasDeLaComputación #ComputerScience

New AI tool from IBM aims to provide automated analysis of cross-domain network issues
https://www.admin-magazine.com/News/IBM-Offers-Agentic-AI-Based-Network-Intelligence?utm_source=mam
#IBM #ArtificialIntelligence #automation #network #NetworkIntelligence

Google opens access to 2 million context window of Gemini 1.5 Pro https://www.infoworld.com/article/3715707/google-opens-access-to-2-million-context-window-of-gemini-15-pro.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #CTO #5G #NetworkIntelligence #DataDriven #IoT

Google opens access to 2 million context window of Gemini 1.5 Pro https://www.infoworld.com/article/3715707/google-opens-access-to-2-million-context-window-of-gemini-15-pro.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #CTO #5G #NetworkIntelligence #DataDriven #IoT

Google Cloud’s Vertex AI gets new grounding options https://www.infoworld.com/article/3715706/google-cloud-s-vertex-ai-gets-new-grounding-options.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #BusinessStrategy #CloudComputing #NetworkIntelligence #ITDirector #BigDataAnalytics

Google Cloud’s Vertex AI gets new grounding options https://www.infoworld.com/article/3715706/google-cloud-s-vertex-ai-gets-new-grounding-options.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #BusinessStrategy #CloudComputing #NetworkIntelligence #ITDirector #BigDataAnalytics

OpenAI acquires Rockset to enhance ChatGPT real-time data processing https://www.infoworld.com/article/3715564/openai-acquires-rockset-to-enhance-chatgpt-real-time-data-processing.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #DataDriven #CIO #NetworkIntelligence #ITDirector #DataAnalytics

OpenAI acquires Rockset to enhance ChatGPT real-time data processing https://www.infoworld.com/article/3715564/openai-acquires-rockset-to-enhance-chatgpt-real-time-data-processing.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #DataDriven #CIO #NetworkIntelligence #ITDirector #DataAnalytics

AI is in the tire-kicking phase https://www.infoworld.com/article/3715623/ai-is-in-the-tire-kicking-phase.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #CIO #DataScience #NetworkIntelligence #AI #CloudComputing

AI is in the tire-kicking phase https://www.infoworld.com/article/3715623/ai-is-in-the-tire-kicking-phase.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #CIO #DataScience #NetworkIntelligence #AI #CloudComputing

JetBrains AI Assistant to integrate Google Gemini AI models https://www.infoworld.com/article/3715624/jetbrains-ai-assistant-to-integrate-google-gemini-ai-models.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #CTO #NetworkIntelligence #CIO #DataDriven #Cloud

JetBrains AI Assistant to integrate Google Gemini AI models https://www.infoworld.com/article/3715624/jetbrains-ai-assistant-to-integrate-google-gemini-ai-models.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #CTO #NetworkIntelligence #CIO #DataDriven #Cloud

Amazon Q Developer review: Code completions, code chat, and AWS skills https://www.infoworld.com/article/3715664/amazon-q-developer-review-code-completions-code-chat-and-aws-skills.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #IoT #InfrastructureIntelligence #NetworkIntelligence #IIot #BusinessStrategy

Amazon Q Developer review: Code completions, code chat, and AWS skills https://www.infoworld.com/article/3715664/amazon-q-developer-review-code-completions-code-chat-and-aws-skills.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #IoT #InfrastructureIntelligence #NetworkIntelligence #IIot #BusinessStrategy

Oracle APEX adds generative AI assistant https://www.infoworld.com/article/3715700/oracle-apex-adds-generative-ai-assistant.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #CIO #NetworkIntelligence #BigDataAnalytics #CloudComputing #IIot

Oracle APEX adds generative AI assistant https://www.infoworld.com/article/3715700/oracle-apex-adds-generative-ai-assistant.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #CIO #NetworkIntelligence #BigDataAnalytics #CloudComputing #IIot

Does AI make us dependent on Big Tech? https://www.infoworld.com/article/3715509/does-ai-make-us-dependent-on-big-tech.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #ITDirector #DataInsights #NetworkIntelligence #Cloud #ITManager

Does AI make us dependent on Big Tech? https://www.infoworld.com/article/3715509/does-ai-make-us-dependent-on-big-tech.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #ITDirector #DataInsights #NetworkIntelligence #Cloud #ITManager

Databricks expands Mosaic AI support for generative AI apps https://www.infoworld.com/article/3715542/databricks-expands-mosaic-ai-support-for-generative-ai-apps.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #AI #NetworkIntelligence #CTO #ITDirector #DataInsights

Databricks expands Mosaic AI support for generative AI apps https://www.infoworld.com/article/3715542/databricks-expands-mosaic-ai-support-for-generative-ai-apps.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #AI #NetworkIntelligence #CTO #ITDirector #DataInsights

Meta’s Meditron LLM suite to fill gap in low-resource healthcare https://www.infoworld.com/article/3715245/metas-meditron-llm-suite-to-fill-gap-in-low-resource-healthcare.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #ITDirector #DataInsights #NetworkIntelligence #CloudComputing #ITManager

OpenAI ramps up enterprise support with a focus on security, control, and cost https://www.infoworld.com/article/3715241/openai-ramps-up-enterprise-support-with-a-focus-on-security-control-and-cost.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #BusinessStrategy #DataDriven #CIO #CloudComputing #NetworkIntelligence

Microsoft unveils Phi-3 family of small language models https://www.infoworld.com/article/3715387/microsoft-unveils-phi-3-family-of-small-language-models.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #AI #5G #DataDriven #NetworkIntelligence #BigData

Visual Studio update brings smoother Copilot integration https://www.infoworld.com/article/3715220/visual-studio-update-brings-smoother-copilot-integration.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #NetworkIntelligence #ML #BusinessStrategy #DataScience #5G

Google unveils open source projects for generative AI https://www.infoworld.com/article/3715123/google-unveils-open-source-projects-for-generative-ai.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #NetworkIntelligence #CTO #DeepLearning #DataAnalytics #IoT

Google’s Gemini Cloud Assist helps manage cloud apps https://www.infoworld.com/article/3715140/googles-gemini-cloud-assist-helps-manage-cloud-apps.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #NetworkIntelligence #InfrastructureIntelligence #IIot #DataScience #5G

How to talk to machines: 10 secrets of prompt engineering https://www.infoworld.com/article/3714930/how-to-talk-to-machines-10-secrets-of-prompt-engineering.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #NetworkIntelligence #DataAnalytics #BigDataAnalytics #IIot #ITManager

Progress in AI requires thinking beyond LLMs https://www.infoworld.com/article/3715062/progress-in-ai-requires-thinking-beyond-llms.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #DataAnalytics #CIO #NetworkIntelligence #CloudComputing #SaaS

How to test large language models https://www.infoworld.com/article/3714929/how-to-test-large-language-models.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #BigDataAnalytics #DataInsights #NetworkIntelligence #CTO #ITManager

Snowflake’s Data Clean Room promises to ease analysis of PII data https://www.infoworld.com/article/3714927/snowflakes-data-clean-room-promises-to-ease-analysis-of-pii-data.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #DataInsights #CloudComputing #NetworkIntelligence #5G #InfrastructureIntelligence

Microsoft unveils Copilot for Azure SQL Database https://www.infoworld.com/article/3714822/microsoft-unveils-copilot-for-azure-sql-database.html?utm_source=dlvr.it&utm_medium=mastodon#tk.rss_machinelearning #MachineLearning #ArtificialIntelligence #DrivenByData #IoT #IIot #NetworkIntelligence #CIO #5G

ДЕЩО ПРО МЕРЕЖЕВІ З'ЄДНАННЯ WHATSAPP...

Приклад того як мобільний додаток WhatsApp Messenger лізе на нестандартні (5022) і незахищені (80) мережеві порти (в ідеалі має бути лише 443).

З'єднання відбуваються з інфраструктури Facebook і серверів Amazon.

З tcp 5022 впринципі зрозуміло - це XMPP, тобто Джаббер (завдяки якому WhatsApp такий швидкий в плані миттєвого обміну повідомленнями - https://isc.sans.edu/data/port/5222). А от 80-й, незахищений порт, навіщо? Про нього в довідці щось нічого не сказано: https://developers.facebook.com/docs/whatsapp/guides/network-requirements/

Цікаво, що деякі з цих IP-адрес мають шкідливі індикатори і б'ються по VirusTotal... Де гарантія того, що через них не пролізе бекдор...? Ми, звичайно, відфільтруємо подібні з'єднання фаєрволом і зашифруємось vpn'ом. А звичайний користувач? У нього усі "брами" відкриті по дефолту...

Виявляється, в інтернеті є мапа індикаторів, які були якось пов'язані з WhatsApp: https://www.virustotal.com/graph/embed/gc884e1c5d9b84730b3b00a90f2f4a73cc145436e48ae438794e2a7dd053993a1

Ось так, ведемо слідство над WhatsApp, щоб знати що поробляє жук Цук за спиною юзера... )

Далі буде.

#whatsapp #reverse #cybersecurity #messenger #messengers #audit #webappsec #appsec #network #networksecurity #networkintelligence #threatintel