Machine learning model files (e.g. .pkl, .pt, .onnx, .pb) can serve as stealthy malware carriers. When a serialized model is the root cause of a breach, incident responders face unique challenges in detection, analysis, and attribution.

Incidents involving malicious ML models reveal significant weaknesses in standard Digital Forensics and Incident Response (DFIR)...

Security Joes is a multi-layered incident response and MDR firm based out of Israel. It had been invited to investigate numerous...