CyberWire Daily - Cyber revolt or just digital ruckus?
Episode Date: August 27, 2024Hacktivists respond to the arrest of Telegram’s CEO in France. Stealthy Linux malware stayed undetected for two years. Versa Networks patches a zero-day vulnerability. Google has patched its tenth z...ero-day vulnerability of 2024. Researchers at Arkose labs document Greasy Opal. A flaw in Microsoft 365 Copilot allowed attackers to exfiltrate sensitive user data. Gafgyt targets crypto mining in cloud native environments. Microsoft investigates an Exchange Online message quarantine issue. Our guest is Bar Kaduri, research team leader at Orca Security talking about AI Goat, the first open source AI security learning environment based on the OWASP top 10 ML risks. Kentucky Prisoners Trick Tablets to Generate Fake Money. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Bar Kaduri, research team leader at Orca Security talking about AI Goat, the first open source AI security learning environment based on the OWASP top 10 ML risks. Available on GitHub, AI Goat is an intentionally vulnerable AI environment built in Terraform that includes numerous threats and vulnerabilities for testing and learning purposes. Learn more. Selected Reading Arrest of Telegram CEO sparks cyberattacks against French websites (SC Media) Unveiling sedexp: A Stealthy Linux Malware Exploiting udev Rules (AON) Stealthy 'sedexp' Linux malware evaded detection for two years (Bleeping Computer) Google tags a tenth Chrome zero-day as exploited this year (Bleeping Computer) Versa fixes Director zero-day vulnerability exploited in attacks (Bleeping Computer) Greasy Opal: Greasing the Skids for Cybercrime (Arkose Labs) Microsoft Copilot Prompt Injection Vulnerability Let Hackers Exfiltrate Personal Data (Cyber Security News) Gafgyt Botnet: Weak SSH Passwords Targeted For GPU Mining (Security Boulevard) Microsoft: Exchange Online mistakenly tags emails as malware (Bleeping Computer) Kentucky prisoners hack state-issued computer tablets to digitally create $1M. How’d they do it? (Union Bulletin) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash N2K, code N2K.
Activists respond to the arrest of Telegram's CEO in France.
Stealthy Linux malware stayed undetected for two years.
Versa Networks patched a zero-day vulnerability,
while Google has patched its 10th zero-day vulnerability of 2024.
Researchers at Arcos Labs document greasy Opal.
A flaw in Microsoft 365 Copilot allowed attackers to exfiltrate sensitive user data.
GafGit targets crypto mining in cloud-native environments.
Microsoft investigates an exchange online messaging quarantine issue.
Our guest is Bar Kadouri, research team leader at Orca Security, talking about AI GOAT,
the first open-source AI security learning environment based on the OWASP top 10 ML risks.
And Kentucky prisoners trick tablets to generate fake money.
It's Tuesday, August 27th, 2024. I'm Dave Bittner, and this is your CyberWire Intel Briefing.
Thanks for joining us. It is great to have you here with us today.
The arrest of Telegram CEO Pavel Durov in France sparked a wave of cyber attacks by hacktivists protesting his detention.
French authorities detained Durov over Telegram's lack of moderation, which they claimed facilitated criminal activities.
This move triggered backlash, with many viewing it as an attack on Internet privacy and free speech.
In response, hacktivist groups launched cyberattacks on French websites under the campaign OpDourov.
Key targets included government sites, media outlets, and health agencies, primarily through DDoS attacks.
Prominent groups involved include the Russian Cyber Army Team, linked to Russia-backed APT44,
and UserSec, both known for pro-Russian cyber activities.
The Malaysian group RipperSec also participated.
Despite these disruptions, many affected websites were back online by Monday afternoon,
though some remained inaccessible.
The attacks highlighted ongoing tensions over digital privacy
and the geopolitical dimensions of cyber warfare.
A quick program note, we have a detailed discussion on the arrest of Pavel Durov
on this week's Caveat podcast.
That episode drops this coming Thursday. Risk management firm Strauss-Friedberg uncovered a
malware named SEDEX that has been actively used since at least 2022, yet has remained undetected
in online sandboxes. This malware employs an unusual persistence technique using UDEV rules,
a device management system in Linux,
to execute malicious code every time a specific device event occurs,
ensuring it runs on every reboot.
The technique used is not documented by MITRE ATT&CK, making it particularly stealthy.
used is not documented by MITRE ATT&CK, making it particularly stealthy. SEDEX includes features like a reverse shell for remote control and memory manipulation to conceal its presence.
This malware has been linked to a financially motivated threat actor
who used it for activities like credit card scraping on compromised web servers.
on compromised web servers.
Google has patched its 10th zero-day vulnerability of 2024.
Reported by a researcher known as The Dog,
the high-severity flaw was caused by a bug in the compiler backend during just-in-time compilation in Chrome's V8 JavaScript engine.
This vulnerability allowed remote attackers to exploit heap corruption
via a crafted HTML page. Versa Networks has patched a zero-day vulnerability in its Versa
Director GUI, which allowed attackers to upload malicious files via an unrestricted file upload
flaw. This high-severity vulnerability, found in the Change Favicon feature could be exploited by users with admin privileges to disguise malicious files as PNG images.
The flaw affected customers who failed to implement recommended system hardening and firewall guidelines.
Vulnerability, exploited by an advanced persistent threat actor in at least one attack,
has prompted Versa to urge customers to upgrade their systems and apply hardening measures.
CISA has added this zero-day to its known exploited vulnerabilities catalog,
requiring federal agencies to secure vulnerable instances by September 13th.
Researchers at Arcos Labs have documented Greasy Opal,
an online business providing tools that enable cyberattacks,
particularly through sophisticated CAPTCHA-solving software.
Operated since 2009 from the Czech Republic,
it offers solutions to a wide range of customers,
including malicious actors.
Its advanced machine learning models allow for rapid adaptation to new CAPTCHA challenges, making it a significant threat in
cybersecurity. Greasy Opal's tools are used in large-scale bot attacks, such as credential
stuffing and fake account creation. Despite being highly efficient, the tools are limited by their CPU-based architecture,
which affects scalability. Sold at low prices, these tools are easily accessible,
contributing to the rise of cybercrime. Companies targeted by Greasy Opal should
ensure robust bot management and modern CAPTCHA solutions to mitigate these threats.
and modern CAPTCHA solutions to mitigate these threats.
Researchers uncovered a critical security flaw in Microsoft 365 Copilot that allowed attackers to exfiltrate sensitive user data through a sophisticated exploit chain.
Discovered by security researcher Johann Reberger,
the vulnerability combined several techniques, including prompt injection,
automatic tool invocation, and ASCII smuggling.
The attack began with a malicious email or document containing a prompt injection payload, instructing Copilot to retrieve additional emails and documents without user interaction.
The most innovative aspect was ASCII smuggling, which used invisible Unicode characters to hide exfiltrated data within clickable hyperlinks.
When a user clicked the link, sensitive information, such as MFA codes or sales figures,
would be sent to an attacker-controlled server.
Microsoft patched the vulnerability in January of this year,
although specific details of the fix remain unclear.
The original proof-of-concept exploits no longer work.
A new variant of the GafGit botnet, also known as BashLite, has been discovered,
now targeting machines with weak SSH passwords for crypto mining in cloud-native environments.
SSH passwords for crypto mining in cloud-native environments.
Historically, GafGit exploits weak or default credentials to control devices like routers and cameras.
The latest variant uses brute force attacks on SSH servers to deploy XMRig, a Monero
cryptocurrency miner, leveraging GPU power for mining.
Additionally, it includes a worming module to scan and propagate the malware across vulnerable servers.
This evolution reflects Gafget's shift from DDoS attacks to crypto mining,
particularly targeting environments with strong CPU and GPU capabilities.
Microsoft is investigating an issue with Exchange Online
that incorrectly flagged emails containing images as malicious,
leading to their quarantine.
The problem has affected both outbound and internal emails,
including replies and forwards of previously external messages.
System administrators reported that the issue also impacted messages with image
signatures. Microsoft is reviewing service telemetry to identify the root cause and develop
a fix. The company has already implemented a mitigation strategy, successfully unblocking
and replaying over 99% of affected emails. This follows a similar incident in October of 2023,
where a faulty anti-spam rule caused outbound emails to be wrongly flagged as spam.
Coming up after the break, our guest, Bar Kadori, research team leader at Orca Security, introduces AI Goat. Stay with us.
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for security,
but when it comes to our GRC programs, we rely on point-in-time checks.
But get this. More than 8,000 companies like Atlassian and Quora
have continuous visibility into their controls with Vanta.
Here's the gist.
Vanta brings automation to evidence collection across 30 frameworks, like SOC 2 and ISO 27001.
They also centralize key workflows like policies, access reviews, and reporting,
and helps you get security questionnaires
done five times faster with AI. Now that's a new way to GRC. Get $1,000 off Vanta when you go to
vanta.com slash cyber. That's vanta.com slash cyber for $1,000 off.
And now, a message from Black Cloak.
Did you know the easiest way for cyber criminals to bypass your company's defenses is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform
secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk.
In fact, over one-third of new members discover they've already been breached.
Protect your executives and their families 24-7, 365 with Black Cloak.
Learn more at blackcloak.io.
Bar Keduri is research team leader at Orca Security.
I recently sat down to chat with her about AI Goat,
the first open source AI security learning environment
based on the OWASP top 10 ML risks.
I think it's very hard to ignore the fact
that AI has become one of the main thing
that everybody's talking about it.
Like it became like a common interest
from my mom to my uh
to my niece so it's like generations over generations are making interest of the same
thing so we saw the same interest in in a very specific manner right also within the security community. So people are asking, how can I protect my AI models, infrastructure,
everything that is related to AI, ML, and so on.
And many people also were asking, what are actually the risks?
So two amazing researchers from my team were having the same thoughts and
said, okay, well, the best way to learn stuff is by doing it like yourself. So they really love,
in general, the concepts of goats, like the cube goat goats the ptero goats and all the cool goats
that uh there are in the wild um and are free in the internet and they said and they said
okay why not making one of our own and that would be like um first of all our learning method of what are these misconfigurations and how to exploit them,
but also to help other people to do the same, to learn, to experience these things with their own hands.
So that was basically the thing that started the entire project.
basically the thing that started the entire project.
Right. Well, describe it for us.
I mean, what exactly is this project and how do people go about using it?
This project is an open source project. You can go to our GitHub repository and actually fork this project.
and actually fork this project.
All you need to do is to provide some AWS credentials to our GitHub action,
and the entire thing is being built automatically
in your environment.
What you get there is a vulnerable environment
with multiple AI models in the background
that could be attacked in multiple ways.
So the main theme that Ophir, Jacobi and Shir Sadon
that came with this idea thought about
is creating some store,
like an online store where you can buy stuff.
So I believe that it's a very common scenario for many online um
stores at the moment people are using some ai for recommendations for for many cool stuff uh like
maybe to filter out offensive comments uh which is one of our scenarios.
And they use these scenarios,
and the Terraform that you get from our repo is just building the entire thing for you.
Well, you talk about having three missions
that are included in AI Goat for the users to complete.
Can you describe those for us?
What can folks expect to gain from them?
Yes.
So we tried to adhere to OWASP top 10 for machine learning
because we see that many organizations are using OWASP
to set some kind of a standard of what do we need to know
and what do we need to be protected from.
So we took, I think it's around four of those risks.
And I'm not sure how much I should deep dive in it because I don't want to spoiler anybody.
Right.
But let's say a few very common risks
that are listed in the OWASP Talk 10 are there.
And maybe I can give an example.
We talked about, for example,
filtering of comments with offensive words.
Let's say you could be attacking this specific model.
So there are many ways to do that.
Right?
So that's one of the things, one of the scenarios.
I understand that AI Goat is built on Amazon SageMaker.
Are there any particular advantages that come with building on that platform?
We mainly chose Amazon because these specific researchers were very familiar with this infrastructure.
But generally speaking, it was very easy for us to get the notebook, the Jupyter notebook, and develop everything from there. And it was very
easy to combine everything with S3 buckets and all the other services with Amazon. You can find very similar services in every provider, probably even with the same, let's say, simple deployment
like Google and Azure.
I believe you can achieve the same goal
just from our strength and knowledge of working with Amazon.
I see.
So have you had any feedback so far
of people who have made use of this?
How does it seem to be going?
So we've talked with a few,
some people that are security experts
and some that are not.
People that are not security experts
were very excited to see
how a bunch of code that they might not think about deeply enough actually can create
such a horrible misconfiguration, something that actually could be served to customers, to clients.
And they were very shocked about that.
Security people really liked that, that they can really experience the risks that everybody are talking about.
So these are the main feedbacks that we got so far.
And what sort of future plans do you have for AI Goat?
Any additional features
or missions that you plan on introducing in the future? Yes, definitely. So our main goal is to
cover all, if not most, most of the OWASP top 10 ML risks. And we also plan to maybe experiment deploying it
locally. So you will not need a cloud environment
to run the entire environment, to do something that is
more local, like with
Docker or other local containers or something like that.
That's the main plan.
That's Bar Kodori, research team leader at Orca Security.
You can find out more about AI Goat through the links in our show notes. Thank you. cybersecurity solution trusted by businesses worldwide. ThreatLocker is a full suite of
solutions designed to give you total control, stopping unauthorized applications, securing
sensitive data, and ensuring your organization runs smoothly and securely. Visit ThreatLocker.com
today to see how a default deny approach can keep your company safe and compliant.
And finally, our Law & Order desk tells us the tale of the clever inmates of the Kentucky Department of Corrections. Inmates are routinely charged for services like email, video visits, games, music,
and other digital media through their commissary accounts,
which are funded by money deposited by their loved ones.
These accounts allow inmates to purchase tangible items from prison canteens,
as well as digital products offered by companies like Securus Technologies,
which provides the tablets and digital services in many prisons.
Email and video visits, which are relatively low-cost services in the outside world,
are sold at marked-up rates to inmates.
This practice has been criticized as exploitative,
especially given the limited financial resources of many prisoners and their families. The money collected from these transactions
typically results in profits for both the service providers and the prison system,
as contracts often include revenue-sharing agreements. In this case, hundreds of inmates hacked their state-issued tablets, creating over
$1 million in fake money. Using a simple trick, placing a minus sign before a dollar amount,
they magically added funds to their commissary and digital accounts, allowing them to splurge
on email stamps, video visits, games, and music. The scheme went unnoticed until an
anonymous tip came in, by which time nearly $88,000 had been spent. The inmates' digital
shopping spree was so successful that officials struggled for months to recover the losses,
with some prisoners even walking out of jail with cash in their pockets.
The fiasco has raised eyebrows and questions about who the real crooks are,
those behind bars or the companies profiting off them.
As one critic put it,
at some point you have to ask yourself who's really committed the crime here.
And that's The Cyber Wire.
For links to all of today's stories, check out our daily briefing at thecyberwire.com.
We'd love to know what you think of this podcast.
Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity.
If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an
email to cyberwire at n2k.com. We're privileged that N2K Cyber Wire is part of the daily routine
of the most influential leaders and operators in the public and private sector, from the Fortune
500 to many of the world's preeminent intelligence and law enforcement agencies. N2K makes it easy Thank you. This episode was produced by Liz Stokes. Our mixer is Trey Hester, with original music and sound design by Elliot Peltzman.
Our executive producer is Jennifer Iben.
Our executive editor is Brandon Karp.
Simone Petrella is our president.
Peter Kilby is our publisher.
And I'm Dave Bittner.
Thanks for listening.
We'll see you back here tomorrow. Your business needs AI solutions that are not only ambitious, Thank you.