Tag: machine learning

5 Attack Reports | 0 Vulnerabilities

Attack reports

Real-Time Anti-Phishing: Essential Defense Against Evolving Cyber Threats

Phishing remains a prevalent cybersecurity threat, causing financial loss, data theft, and malware deployment. Attackers are expanding targets across platforms and using AI to refine techniques, making detection more challenging. Real-time anti-phishing (RTAP) solutions using AI and machine learnin…
phishing
social engineering
ai
cybersecurity
machine learning
2025-03-21
real-time anti-phishing
employee awareness
Published: March 21, 2025
Downloadable IOCs: 11

Malicious ML models discovered on Hugging Face platform

RL researchers have identified a novel attack technique called nullifAI on the Hugging Face platform, which abuses Pickle file serialization to distribute malware. Two malicious models were found containing reverse shell code, bypassing Hugging Face's security scanning mechanisms. The attack exploi…
reverse shell
machine learning
2025-02-07
pytorch
ai security
hugging face
pickle serialization
nullifai
picklescan
Published: February 7, 2025
Downloadable IOCs: 0

Malicious PyPI crypto pay package aiocpa implants infostealer code

ReversingLabs detected a malicious package named 'aiocpa' on PyPI, engineered to compromise cryptocurrency wallets. Unlike typical attacks, the actors published their own crypto client tool to attract users before compromising them through a malicious update. The package appeared legitimate, with m…
obfuscation
infostealer
cryptocurrency
pypi
machine learning
software supply chain
2024-11-29
threat hunting
Published: November 29, 2024
Downloadable IOCs: 0

Automatically Detecting DNS Hijacking in Passive DNS

This article describes a machine learning-based pipeline for detecting DNS hijacking using passive DNS data. The system processes an average of 167 million new DNS records daily, extracting 74 features from over 169 terabytes of data. Between March and September 2024, it identified 6,729 hijacking …
cybersecurity
machine learning
2024-11-05
dns hijacking
passive dns
network security
threat detection
domain compromise
Published: November 5, 2024
Downloadable IOCs: 37

Detecting Vulnerability Scanning Traffic From Underground Tools Using Machine Learning

Researchers discovered an automated scanning tool called Swiss Army Suite (S.A.S) used for vulnerability scans on web services. The tool generates unusual SQL injection patterns that could potentially bypass web application firewalls. It offers features like Dork-based checker, generator, and SQL v…
sql injection
2024-10-01
2024-10-02
machine learning
vulnerability scanning
telemetry analysis
swiss army suite
underground tools
dork-based checker
s.a.s
web application security
Published: October 2, 2024
Downloadable IOCs: 8
Click here to see more Attack Reports