Siphons cookies, exposes internal router & installs web backdoor on locked computers

Cisco Talos recently discovered a new campaign targeting Lebanon and the United Arab Emirates (UAE) affecting .gov domains, as well as a private Lebanese airline company. Based on our research, it's clear that this adversary spent time understanding the victims' network infrastructure in order to remain under the radar and act as inconspicuous as possible during their attacks.

Machine learning has seen a remarkable rate of adoption in recent years across a broad spectrum of industries and applications. Many applications of machine learning techniques are adversarial in nature, insofar as the goal is to distinguish instances which are ``bad'' from those which are ``good''. Indeed, adversarial use goes well beyond this simple classification example: forensic analysis of malware which incorporates clustering, anomaly detection, and even vision systems in autonomous vehicles could all potentially be subject to attacks. In response to these concerns, there is an emerging literature on adversarial machine learning, which spans both the analysis of vulnerabilities in machine learning algorithms, and algorithmic techniques which yield more robust learning.

This page lists some good books recommended by current and past students for a variety of subjects related to the degree. Feel free to add books as you read them if they are relevant!

Here's an overview of the various breaches that have been consolidated into this Have I Been Pwned. These are accessible programmatically via the HIBP API and also via the RSS feed.

HackerOne Bounty is a continuous security program in which trusted hackers are incentivized to find critical vulnerabilities before they fall into the wrong hands. A Bounty program can be run privately (invite-only) or publicly (open for all) and is perfect for organizations looking for a security solution that keeps pace with an agile software development lifecycle.

README

Welcome to lagout.org !
If you want to make a copy of this website, go ahead, the server can handle the load !
If you think that the library should have new documents, tell us !

In most cryptographic functions, the key length is an important security parameter. Both academic and private organizations provide recommendations and mathematical formulas to approximate the minimum key size requirement for security. Despite the availability of these publications, choosing an appropriate key size to protect your system from attacks remains a headache as you need to read and understand all these papers.
This web site implements mathematical formulas and summarizes reports from well-known organizations allowing you to quickly evaluate the minimum security requirements for your system. You can also easily compare all these techniques and find the appropriate key length for your desired level of protection. The lengths provided here are designed to resist mathematic attacks; they do not take algorithmic attacks, hardware flaws, etc. into account.

Computoser uses an algorithm to generate music. Each generated track is a unique combination of tones, rhythm and instruments.
The algorithm is currently experimental - it may generate both good and bad pieces. Feel free to mark the ones you like and the ones you dislike, so that I know how to improve the algorithm.
The performance may sound a bit artificial - that's because it's synthesized music - a computer can hardly have the performance of a human musician.

The Zero Day Initiative (ZDI), founded by TippingPoint, is a program for rewarding security researchers for responsibly disclosing vulnerabilities. Depending on who you are, here are a few links to get you started:
Researchers: Learn how we pay for your vulnerability discoveries, register for the ZDI or login.
Vendors: Read our disclosure policy or join our security partner program
Press, Curiosity Seeker: Learn more about ZDI or read answers to some frequently asked questions
Please contact us at zdi [at] trendmicro [dot] com with any questions or queries. For sensitive e-mail communications, please use our PGP key.