{"id":987,"date":"2021-12-16T20:55:40","date_gmt":"2021-12-16T18:55:40","guid":{"rendered":"https:\/\/ndaal.eu\/?page_id=987"},"modified":"2023-11-29T19:10:32","modified_gmt":"2023-11-29T17:10:32","slug":"alerts","status":"publish","type":"page","link":"https:\/\/ndaal.eu\/?page_id=987","title":{"rendered":"alerts"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"987\" class=\"elementor elementor-987\" data-elementor-post-type=\"page\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-531d560 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"531d560\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-4491a8c\" data-id=\"4491a8c\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-ecc7759 elementor-widget elementor-widget-text-editor\" data-id=\"ecc7759\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h3><a href=\"https:\/\/www.data2day.de\/\" target=\"_blank\" rel=\"noopener\"><strong>data<\/strong>2day 2023<\/a><\/h3><div class=\"col-sm-10 col-sm-offset-1\"><div class=\"row m-t-xs\"><h3><a href=\"https:\/\/www.data2day.de\"><img decoding=\"async\" class=\"alignnone wp-image-1386 size-medium\" src=\"https:\/\/ndaal.eu\/wp-content\/uploads\/2023\/10\/data2day-300x96.png\" alt=\"\" width=\"300\" height=\"96\" srcset=\"https:\/\/ndaal.eu\/wp-content\/uploads\/2023\/10\/data2day-300x96.png 300w, https:\/\/ndaal.eu\/wp-content\/uploads\/2023\/10\/data2day-600x192.png 600w, https:\/\/ndaal.eu\/wp-content\/uploads\/2023\/10\/data2day.png 637w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><\/h3><h3 class=\"subtitle-parallax text-center\"><b>Die Konferenz f\u00fcr Data Scientists,<br \/>Data Engineers und Data Teams<\/b><\/h3><\/div><\/div><div class=\"col-sm-10 col-sm-offset-1\"><div class=\"row m-t-lg\"><div class=\"date-parallax text-center\">11. und 12. Oktober 2023, Karlsruhe<\/div><div>\u00a0<\/div><div class=\"date-parallax text-center\"><strong>Watch our team performing live on stage<\/strong><\/div><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-152ba9b\" data-id=\"152ba9b\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3e34c2b elementor-widget elementor-widget-text-editor\" data-id=\"3e34c2b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h3><a href=\"https:\/\/www.data2day.de\/lecture.php?id=21132&amp;source=0\" target=\"_blank\" rel=\"noopener\">Integrating Data-Privacy Through Pipelines<\/a><\/h3><h4>Integrating Data-Privacy Through Pipelines<\/h4><p>All data stored on a filesystem has some metadata. Sometimes more and other times less. This can be a huge privacy breach, since the metadata can contain sensible data that can be used to identify persons, locations, or other interesting information.<br \/>To not leak any hidden sensitive information, it is crucial to ensure that all data that is stored and processed is clean. This task is predestined to automate.<br \/><br \/>This talk will focus on how to remove all the metadata and automate this procedure through data processing pipelines that can be used in an MLOps as well as the classical DevOps cycle.<\/p><h4>Previous knowledge<\/h4><ul><li>Fundamental Machine Learning and Data Science terms and practices<\/li><\/ul><h4>Learning objectives<\/h4><ul><li>Automation of removal of (sensitive) metadata in a wide variety of areas<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-66fa89e elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"66fa89e\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-ab3037a\" data-id=\"ab3037a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4921b44 elementor-widget elementor-widget-spacer\" data-id=\"4921b44\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-490dbc5 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"490dbc5\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;5281183&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-3962997\" data-id=\"3962997\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-55a7ad4 elementor-widget elementor-widget-text-editor\" data-id=\"55a7ad4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p data-testid=\"vuln-description-title\"><img decoding=\"async\" class=\"size-full wp-image-994 aligncenter\" src=\"https:\/\/ndaal.eu\/wp-content\/uploads\/2021\/12\/log4j.jpg\" alt=\"log4j\" width=\"200\" height=\"150\" \/><\/p><p data-testid=\"vuln-description-title\"><strong><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-44228\" target=\"_blank\" rel=\"noopener\"><span style=\"color: #7a0000;\">CVE-2021-44228<\/span><\/a><\/strong><\/p><p data-testid=\"vuln-description\">Apache Log4j2 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints.<\/p><p data-testid=\"vuln-description\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-4104\" target=\"_blank\" rel=\"noopener\"><span style=\"color: #7a0000;\"><strong>CVE-2021-4104<\/strong><\/span><\/a><\/p><p data-testid=\"vuln-description\">Versions 1.x, which are no longer maintained, have a similar vulnerability.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-62fc485\" data-id=\"62fc485\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-0450ea7 elementor-widget elementor-widget-text-editor\" data-id=\"0450ea7\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h3>summary<\/h3><div><p data-testid=\"vuln-description\">A zero-day remote code execution<br \/>vulnerability has been discovered, allowing attackers to take complete<br \/>control of systems without authentication.<br \/>The vulnerability was publicly disclosed via GitHub on <span style=\"color: #7a0000;\">9.12.2021<\/span>.<\/p><p data-testid=\"vuln-description\">According to the current status, the vulnerability has been exploited first on <span style=\"color: #7a0000;\">01.12.2021<\/span>, but mass attacks only became known with the release on <span style=\"color: #7a0000;\">9.12.2021<\/span>.<\/p><\/div><h3>reflection<\/h3><p>The <strong><span style=\"color: #7a0000;\">Log4j log output<\/span><\/strong> enables the inclusion of a wide field of possible variables. This cannot only be used internally from a system perspective but also from any remote location. Attackers can call external Java libraries via e.g. <span style=\"color: #7a0000;\">${jdni:ldap:\/\/<\/span> or <span style=\"color: #7a0000;\">${jndi:ldaps:\/\/<\/span>, which opens the possibility to perform shell dropping without much additional effort. In addition, attackers can use <span style=\"color: #7a0000;\">${jndi:rmi<\/span> to execute commands directly within the current environment.<br \/>For any cloud service, the Log4j log output could be used to read credentials &#8211; such as access tokens &#8211; potentially allowing wide-ranging access to cloud services. The following guide contains ndaal\u2018s expert <strong>information,<\/strong> and measures to handle the ongoing <span style=\"color: #7a0000;\"><strong>Log4Shell<\/strong><\/span> cybersecurity incident and attack wave caused by a critical vulnerability in the Apache <span style=\"color: #7a0000;\"><strong>Log4j<\/strong><\/span> logging library v2.x.<\/p><p>The document will be updated frequently and is available here:<\/p><p><strong><span style=\"color: #7a0000;\"><a style=\"color: #7a0000;\" href=\"https:\/\/gitlab.com\/vPierre\/ndaal_vulnerabilities_log4j\/-\/blob\/e59ce7eeca8e11fd99104f07d214e12cdcc1354b\/documentation\/build\/latex\/ndaal-vulnerabilities-log4j.pdf\" target=\"_blank\" rel=\"noopener\">https:\/\/gitlab.com\/vPierre\/ndaal_vulnerabilities_log4j\/-\/blob\/e59ce7eeca8e11fd99104f07d214e12cdcc1354b\/documentation\/build\/latex\/ndaal-vulnerabilities-log4j.pdp<\/a><\/span><\/strong><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<div class=\"shariff shariff-align-left shariff-widget-align-left\" data-url=\"https:\/\/ndaal.eu\/?page_id=987\" data-timestamp=\"1701285032\" data-hidezero=\"1\" data-backendurl=\"?rest_route=\/shariff\/v1\/share_counts&\"><ul class=\"shariff-buttons theme-round orientation-horizontal buttonsize-small\"><li class=\"shariff-button xing shariff-nocustomcolor\" style=\"background-color:#29888a\"><a href=\"https:\/\/www.xing.com\/spi\/shares\/new?url=https%3A%2F%2Fndaal.eu%2F%3Fpage_id%3D987\" title=\"Bei XING teilen\" aria-label=\"Bei XING teilen\" role=\"button\" rel=\"noopener nofollow\" class=\"shariff-link\" style=\"; background-color:#126567; color:#fff\" target=\"_blank\"><span class=\"shariff-icon\" style=\"\"><svg width=\"32px\" height=\"20px\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 25 32\"><path fill=\"#126567\" d=\"M10.7 11.9q-0.2 0.3-4.6 8.2-0.5 0.8-1.2 0.8h-4.3q-0.4 0-0.5-0.3t0-0.6l4.5-8q0 0 0 0l-2.9-5q-0.2-0.4 0-0.7 0.2-0.3 0.5-0.3h4.3q0.7 0 1.2 0.8zM25.1 0.4q0.2 0.3 0 0.7l-9.4 16.7 6 11q0.2 0.4 0 0.6-0.2 0.3-0.6 0.3h-4.3q-0.7 0-1.2-0.8l-6-11.1q0.3-0.6 9.5-16.8 0.4-0.8 1.2-0.8h4.3q0.4 0 0.5 0.3z\"\/><\/svg><\/span><\/a><\/li><li class=\"shariff-button linkedin shariff-nocustomcolor\" style=\"background-color:#1488bf\"><a href=\"https:\/\/www.linkedin.com\/sharing\/share-offsite\/?url=https%3A%2F%2Fndaal.eu%2F%3Fpage_id%3D987\" title=\"Bei LinkedIn teilen\" aria-label=\"Bei LinkedIn teilen\" role=\"button\" rel=\"noopener nofollow\" class=\"shariff-link\" style=\"; background-color:#0077b5; color:#fff\" target=\"_blank\"><span class=\"shariff-icon\" style=\"\"><svg width=\"32px\" height=\"20px\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 27 32\"><path fill=\"#0077b5\" d=\"M6.2 11.2v17.7h-5.9v-17.7h5.9zM6.6 5.7q0 1.3-0.9 2.2t-2.4 0.9h0q-1.5 0-2.4-0.9t-0.9-2.2 0.9-2.2 2.4-0.9 2.4 0.9 0.9 2.2zM27.4 18.7v10.1h-5.9v-9.5q0-1.9-0.7-2.9t-2.3-1.1q-1.1 0-1.9 0.6t-1.2 1.5q-0.2 0.5-0.2 1.4v9.9h-5.9q0-7.1 0-11.6t0-5.3l0-0.9h5.9v2.6h0q0.4-0.6 0.7-1t1-0.9 1.6-0.8 2-0.3q3 0 4.9 2t1.9 6z\"\/><\/svg><\/span><\/a><\/li><li class=\"shariff-button whatsapp shariff-nocustomcolor\" style=\"background-color:#5cbe4a\"><a href=\"https:\/\/api.whatsapp.com\/send?text=https%3A%2F%2Fndaal.eu%2F%3Fpage_id%3D987%20alerts\" title=\"Bei Whatsapp teilen\" aria-label=\"Bei Whatsapp teilen\" role=\"button\" rel=\"noopener nofollow\" class=\"shariff-link\" style=\"; background-color:#34af23; color:#fff\" target=\"_blank\"><span class=\"shariff-icon\" style=\"\"><svg width=\"32px\" height=\"20px\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 32 32\"><path fill=\"#34af23\" d=\"M17.6 17.4q0.2 0 1.7 0.8t1.6 0.9q0 0.1 0 0.3 0 0.6-0.3 1.4-0.3 0.7-1.3 1.2t-1.8 0.5q-1 0-3.4-1.1-1.7-0.8-3-2.1t-2.6-3.3q-1.3-1.9-1.3-3.5v-0.1q0.1-1.6 1.3-2.8 0.4-0.4 0.9-0.4 0.1 0 0.3 0t0.3 0q0.3 0 0.5 0.1t0.3 0.5q0.1 0.4 0.6 1.6t0.4 1.3q0 0.4-0.6 1t-0.6 0.8q0 0.1 0.1 0.3 0.6 1.3 1.8 2.4 1 0.9 2.7 1.8 0.2 0.1 0.4 0.1 0.3 0 1-0.9t0.9-0.9zM14 26.9q2.3 0 4.3-0.9t3.6-2.4 2.4-3.6 0.9-4.3-0.9-4.3-2.4-3.6-3.6-2.4-4.3-0.9-4.3 0.9-3.6 2.4-2.4 3.6-0.9 4.3q0 3.6 2.1 6.6l-1.4 4.2 4.3-1.4q2.8 1.9 6.2 1.9zM14 2.2q2.7 0 5.2 1.1t4.3 2.9 2.9 4.3 1.1 5.2-1.1 5.2-2.9 4.3-4.3 2.9-5.2 1.1q-3.5 0-6.5-1.7l-7.4 2.4 2.4-7.2q-1.9-3.2-1.9-6.9 0-2.7 1.1-5.2t2.9-4.3 4.3-2.9 5.2-1.1z\"\/><\/svg><\/span><\/a><\/li><li class=\"shariff-button mailto shariff-nocustomcolor\" style=\"background-color:#a8a8a8\"><a href=\"mailto:?body=https%3A%2F%2Fndaal.eu%2F%3Fpage_id%3D987&subject=alerts\" title=\"Per E-Mail versenden\" aria-label=\"Per E-Mail versenden\" role=\"button\" rel=\"noopener nofollow\" class=\"shariff-link\" style=\"; background-color:#999; color:#fff\"><span class=\"shariff-icon\" style=\"\"><svg width=\"32px\" height=\"20px\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 32 32\"><path fill=\"#999\" d=\"M32 12.7v14.2q0 1.2-0.8 2t-2 0.9h-26.3q-1.2 0-2-0.9t-0.8-2v-14.2q0.8 0.9 1.8 1.6 6.5 4.4 8.9 6.1 1 0.8 1.6 1.2t1.7 0.9 2 0.4h0.1q0.9 0 2-0.4t1.7-0.9 1.6-1.2q3-2.2 8.9-6.1 1-0.7 1.8-1.6zM32 7.4q0 1.4-0.9 2.7t-2.2 2.2q-6.7 4.7-8.4 5.8-0.2 0.1-0.7 0.5t-1 0.7-0.9 0.6-1.1 0.5-0.9 0.2h-0.1q-0.4 0-0.9-0.2t-1.1-0.5-0.9-0.6-1-0.7-0.7-0.5q-1.6-1.1-4.7-3.2t-3.6-2.6q-1.1-0.7-2.1-2t-1-2.5q0-1.4 0.7-2.3t2.1-0.9h26.3q1.2 0 2 0.8t0.9 2z\"\/><\/svg><\/span><\/a><\/li><\/ul><\/div>","protected":false},"excerpt":{"rendered":"<p>data2day 2023 Die Konferenz f\u00fcr Data Scientists,Data Engineers und Data Teams 11. und 12. Oktober 2023, Karlsruhe\u00a0Watch our team performing live on stage Integrating Data-Privacy Through Pipelines Integrating Data-Privacy Through Pipelines All data stored on a filesystem has some metadata. Sometimes more and other times less. This can be a huge privacy breach, since the [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_jet_sm_ready_style":"","_jet_sm_style":"","_jet_sm_controls_values":"","_jet_sm_fonts_collection":"","_jet_sm_fonts_links":"","footnotes":""},"class_list":["post-987","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/ndaal.eu\/index.php?rest_route=\/wp\/v2\/pages\/987","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ndaal.eu\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/ndaal.eu\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/ndaal.eu\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ndaal.eu\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=987"}],"version-history":[{"count":24,"href":"https:\/\/ndaal.eu\/index.php?rest_route=\/wp\/v2\/pages\/987\/revisions"}],"predecessor-version":[{"id":1415,"href":"https:\/\/ndaal.eu\/index.php?rest_route=\/wp\/v2\/pages\/987\/revisions\/1415"}],"wp:attachment":[{"href":"https:\/\/ndaal.eu\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=987"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}