Microsoft tells Exchange admins to revert previously recommended antivirus exclusions

Read Time:39 Second

Microsoft is advising Exchange Server administrators to remove some of the endpoint antivirus exclusions that the company’s own documentation recommended in the past. The rules are no longer needed for server stability and their presence could prevent the detection of backdoors deployed by attackers.

“Times have changed, and so has the cybersecurity landscape,” the Exchange Server team said in a blog post. “We’ve found that some existing exclusions — namely the Temporary ASP.NET Files and Inetsrv folders, and the PowerShell and w3wp processes — are no longer needed, and that it would be much better to scan these files and folders. Keeping these exclusions may prevent detections of IIS webshells and backdoor modules, which represent the most common security issues.”

To read this article in full, please click here

Read More

chromium-110.0.5481.177-1.el7

Read Time:18 Second

FEDORA-EPEL-2023-29b054d297

Packages in this update:

chromium-110.0.5481.177-1.el7

Update description:

update to 110.0.5481.177. Fixes the following security issues:

CVE-2023-0927 CVE-2023-0928 CVE-2023-0929 CVE-2023-0930 CVE-2023-0931 CVE-2023-0932 CVE-2023-0933 CVE-2023-0941

Update to 110.0.5481.100

Read More

Putting Undetectable Backdoors in Machine Learning Models

Read Time:2 Minute, 4 Second

This is really interesting research from a few months ago:

Abstract: Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. Delegation of learning has clear benefits, and at the same time raises serious concerns of trust. This work studies possible abuses of power by untrusted learners.We show how a malicious learner can plant an undetectable backdoor into a classifier. On the surface, such a backdoored classifier behaves normally, but in reality, the learner maintains a mechanism for changing the classification of any input, with only a slight perturbation. Importantly, without the appropriate “backdoor key,” the mechanism is hidden and cannot be detected by any computationally-bounded observer. We demonstrate two frameworks for planting undetectable backdoors, with incomparable guarantees.

First, we show how to plant a backdoor in any model, using digital signature schemes. The construction guarantees that given query access to the original model and the backdoored version, it is computationally infeasible to find even a single input where they differ. This property implies that the backdoored model has generalization error comparable with the original model. Moreover, even if the distinguisher can request backdoored inputs of its choice, they cannot backdoor a new input­a property we call non-replicability.

Second, we demonstrate how to insert undetectable backdoors in models trained using the Random Fourier Features (RFF) learning paradigm (Rahimi, Recht; NeurIPS 2007). In this construction, undetectability holds against powerful white-box distinguishers: given a complete description of the network and the training data, no efficient distinguisher can guess whether the model is “clean” or contains a backdoor. The backdooring algorithm executes the RFF algorithm faithfully on the given training data, tampering only with its random coins. We prove this strong guarantee under the hardness of the Continuous Learning With Errors problem (Bruna, Regev, Song, Tang; STOC 2021). We show a similar white-box undetectable backdoor for random ReLU networks based on the hardness of Sparse PCA (Berthet, Rigollet; COLT 2013).

Our construction of undetectable backdoors also sheds light on the related issue of robustness to adversarial examples. In particular, by constructing undetectable backdoor for an “adversarially-robust” learning algorithm, we can produce a classifier that is indistinguishable from a robust classifier, but where every input has an adversarial example! In this way, the existence of undetectable backdoors represent a significant theoretical roadblock to certifying adversarial robustness.

Turns out that securing ML systems is really hard.

Read More

perl-HTTP-Daemon-6.16-1.fc38

Read Time:33 Second

FEDORA-2023-748e811334

Packages in this update:

perl-HTTP-Daemon-6.16-1.fc38

Update description:

6.16 2023-02-24 03:07:14Z

Bump LWP::UserAgent to 6.37 in TestSuggests (GH#65) (Olaf Alders)

6.15 2023-02-22 22:02:46Z

Fix CVE-2022-31081: Inconsistent Interpretation of HTTP Requests
Correctly handle multiple Content-Length headers and its variants
(Theo van Hoesel)
Closes “Discrepancies in the Parsing of Content Length header …” (GH#56)
(blessingcharles)
kill test server with KILL rather than QUIT (GH#63) (Graham Knop)
Create TestServer test lib for running daemon process (GH#62) (Graham Knop)
Clean up tests (GH#61) (Graham Knop)

Read More

Edgio adds advanced DDoS protection with other WAAP enhancements

Read Time:29 Second

Content delivery network (CDN) service provider Edgio has added a new Distributed Denial of Service (DDoS) scrubbing ability along with improved Web Application and API Interface (WAAP) to its network security offering.

Designed to reduce severe damages from sophisticated DDoS attacks, Edgio’s scrubbing solution impersonates the customer’s network by routing the customer’s IP traffic through its scrubbing point-of-presence (PoP) and only sending the “clean” traffic back to the customer’s infrastructure, according to Richard Yew, senior director, product management for Security at Edgio.

To read this article in full, please click here

Read More

perl-HTTP-Daemon-6.15-1.fc37

Read Time:27 Second

FEDORA-2023-5bf9d886d9

Packages in this update:

perl-HTTP-Daemon-6.15-1.fc37

Update description:

6.15 2023-02-22 22:02:46Z

Fix CVE-2022-31081: Inconsistent Interpretation of HTTP Requests Correctly handle multiple Content-Length headers and its variants (Theo van Hoesel) Closes “Discrepancies in the Parsing of Content Length header …” (GH#56) (blessingcharles)
kill test server with KILL rather than QUIT (GH#63) (Graham Knop)
Create TestServer test lib for running daemon process (GH#62) (Graham Knop)
Clean up tests (GH#61) (Graham Knop)

Read More