Hacktivists respond to the arrest of Telegram’s CEO in France. Stealthy Linux malware stayed undetected for two years. Versa Networks patches a zero-day vulnerability. Google has patched its tenth zero-day vulnerability of 2024. Researchers at Arkose labs document Greasy Opal. A flaw in Microsoft 365 Copilot allowed attackers to exfiltrate sensitive user data. Gafgyt targets crypto mining in cloud native environments. Microsoft investigates an Exchange Online message quarantine issue. Our guest is Bar Kaduri, research team leader at Orca Security talking about AI Goat, the first open source AI security learning environment based on the OWASP top 10 ML risks. Kentucky Prisoners Trick Tablets to Generate Fake Money.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
Our guest is Bar Kaduri, research team leader at Orca Security talking about AI Goat, the first open source AI security learning environment based on the OWASP top 10 ML risks. Available on GitHub, AI Goat is an intentionally vulnerable AI environment built in Terraform that includes numerous threats and vulnerabilities for testing and learning purposes. Learn more.
Selected Reading
Arrest of Telegram CEO sparks cyberattacks against French websites (SC Media)
Unveiling sedexp: A Stealthy Linux Malware Exploiting udev Rules (AON)
Stealthy 'sedexp' Linux malware evaded detection for two years (Bleeping Computer)
Google tags a tenth Chrome zero-day as exploited this year (Bleeping Computer)
Versa fixes Director zero-day vulnerability exploited in attacks (Bleeping Computer)
Greasy Opal: Greasing the Skids for Cybercrime (Arkose Labs)
Microsoft Copilot Prompt Injection Vulnerability Let Hackers Exfiltrate Personal Data (Cyber Security News)
Gafgyt Botnet: Weak SSH Passwords Targeted For GPU Mining (Security Boulevard)
Microsoft: Exchange Online mistakenly tags emails as malware (Bleeping Computer)
Kentucky prisoners hack state-issued computer tablets to digitally create $1M. How’d they do it? (Union Bulletin)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices
(upbeat music) You're listening to the Cyberwire Network, powered by N2K. - How do stop losses work on Kraken? Let's say I have a birthday party on Wednesday night, but an important meeting Thursday morning. So sensible me free books a taxi for 10 p.m. with alerts. Voila, I won't be getting carried away and staying out until two, that stop loss orders on Kraken. An easy way to plan ahead, go to Kraken.com and see what crypto can be. None invest in advice, crypto trading involves risk of loss. Crypto currency services are provided to US and US territory customers by Payward Interactive Inc. PWI, DPA Kraken. You PWI's disclosures at Kraken.com/legal/disclosures. (upbeat music) - The IT world used to be simpler. You only had to secure and manage environments that you controlled. Then came new technologies and new ways to work. Now, employees, apps and networks are everywhere. This means poor visibility, security gaps and added risk. That's why CloudFlare created the first ever Connectivity Cloud. Visit cloudflare.com to protect your business everywhere you do business. (upbeat music) (upbeat music) Activists respond to the arrest of Telegram CEO in France Stealthy Linux malware state I'm detected for two years. VersaNetworks patched a zero-day vulnerability while Google has patched its 10th zero-day vulnerability of 2024. Researchers at Archos Labs document Greasy Opel, a flaw in Microsoft 365 co-pilot allowed attackers to exfiltrate sensitive user data, GAFGIT targets crypto mining in cloud native environments. Microsoft investigates an exchange online messaging quarantine issue. Our guest is Bar Kaduri, research team leader at Orca Security talking about AI Goat, the first open-source AI security learning environment based on the OWASP top 10 ML risks. And Kentucky prisoners trick tablets to generate fake money. (upbeat music) It's Tuesday, August 27th, 2024. I'm Gabe Bittner and this is your Cyberwire Intel briefing. (upbeat music) Thanks for joining us. It is great to have you here with us today. The arrest of Telegram CEO Pavel Durov in France sparked a wave of cyber attacks by hacktivists protesting his detention. French authorities detained Durov over telegrams lack of moderation, which they claimed facilitated criminal activities. This move triggered backlash with many viewing it as an attack on internet privacy and free speech. In response, hacktivists groups launched cyber attacks on French websites under the campaign Op Durov. Key targets included government sites, media outlets and health agencies primarily through DDoS attacks. Prominent groups involved include the Russian cyber army team linked to Russia backed APT-44 and user sec, both known for pro-Russian cyber activities. The Malaysian group Ripper Sec also participated. Despite these disruptions, many affected websites were back online by Monday afternoon, though some remained inaccessible. The attacks highlighted ongoing tensions over digital privacy and the geopolitical dimensions of cyber warfare. A quick program note, we have a detailed discussion on the arrest of Pavel Durov on this week's caveat podcast. That episode drops this coming Thursday. Risk management firm Straz Friedberg uncovered a malware named Sadex that has been actively used since at least 2022 yet has remained undetected in online sandboxes. This malware employs an unusual persistence technique using UDev rules, a device management system in Linux to execute malicious code every time a specific device event occurs, ensuring it runs on every reboot. The technique used is not documented by MITRE ATTACK making it particularly stealthy. Sadex includes features like a reverse shell for remote control and memory manipulation to conceal its presence. This malware has been linked to a financially motivated threat actor who used it for activities like credit card scraping on compromised web servers. Google has patched its 10th zero day vulnerability of 2024 reported by a researcher known as the dog. The high severity flaw was caused by a bug in the compiler backend during just-in-time compilation in Chrome's V8 JavaScript engine. This vulnerability allowed remote attackers to exploit heap corruption via a crafted HTML page. Versa networks has patched a zero day vulnerability in its Versa director GUI which allowed attackers to upload malicious files via an unrestricted file upload flaw. This high severity vulnerability found in the change favicon feature could be exploited by users with admin privileges to disguise malicious files as PNG images. The flaw affected customers who failed to implement recommended system hardening and firewall guidelines. The vulnerability exploited by an advanced persistent threat actor in at least one attack has prompted Versa to urge customers to upgrade their systems and apply hardening measures. Versa has added this zero day to its known exploited vulnerabilities catalog requiring federal agencies to secure vulnerable instances by September 13th. Researchers at Arco's Labs have documented greasy opal and online business providing tools that enable cyber attacks particularly through sophisticated capture solving software operated since 2009 from the Czech Republic. It offers solutions to a wide range of customers including malicious actors. Its advanced machine learning models allow for rapid adaptation to new capture challenges making it a significant threat in cybersecurity. Greasy opals tools are used in large scale bot attacks such as credential stuffing and fake account creation. Despite being highly efficient the tools are limited by their CPU based architecture which affects scalability. Sold at low prices these tools are easily accessible contributing to the rise of cyber crime. Companies targeted by greasy opals should ensure robust bot management and modern capture solutions to mitigate these threats. Researchers uncovered a critical security flaw in Microsoft 365 co-pilot that allowed attackers to exfiltrate sensitive user data through a sophisticated exploit chain. Discovered by security researcher Johann Reberger the vulnerability combined several techniques including prompt injection, automatic tool invocation and ASCII smuggling. The attack began with a malicious email or document containing a prompt injection payload instructing co-pilot to retrieve additional emails and documents without user interaction. The most innovative aspect was ASCII smuggling which used invisible Unicode characters to hide exfiltrated data within clickable hyperlinks. When a user clicked the link sensitive information such as MFA codes or sales figures would be sent to an attacker controlled server. Microsoft patched the vulnerability in January of this year although specific details of the fix remain unclear. The original proof of concept exploits no longer work. A new variant of the GAFGIT botnet also known as bashlight has been discovered. Now targeting machines with weak SSH passwords for crypto mining in cloud native environments. Historically GAFGIT exploits weak or default credentials to control devices like routers and cameras. The latest variant uses brute force attacks on SSH servers to deploy XM rig a Monero cryptocurrency miner leveraging GPU power for mining. Additionally, it includes a warming module to scan and propagate the malware across vulnerable servers. This evolution reflects GAFGIT's shift from DDoS attacks to crypto mining particularly targeting environments with strong CPU and GPU capabilities. Microsoft is investigating an issue with Exchange online that incorrectly flagged emails containing images as malicious leading to their quarantine. The problem has affected both outbound and internal emails including replies and forwards of previously external messages. System administrators reported that the issue also impacted messages with image signatures. Microsoft is reviewing service telemetry to identify the root cause and develop a fix. The company has already implemented a mitigation strategy successfully unblocking and replaying over 99% of affected emails. This follows a similar incident in October of 2023 where a faulty anti-spam rule caused outbound emails to be wrongly flagged as spam. (upbeat music) Coming up after the break, our guest, Bar Kadori, research team leader at ORCA Security, introduces AI GOAT. Stay with us. (upbeat music) When it comes to ensuring your company has top-notch security practices, things can get complicated fast. Vanta automates compliance for SOC2, ISO 27001, HIPAA and more, saving you time and money. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing trust center. Over 7,000 global companies like Atlassian, Flow Health and Quora use Vanta to manage risk and prove security in real time. Our listeners can claim a special offer of $1,000 off Vanta at vanta.com/cyber. That's v-a-n-t-a.com/cyber for $1,000 off Vanta. (upbeat music) And now, a word from our sponsor, Multigo. Cyber physical fraud and foreign influence threats are evolving as we speak. Automation alone can't catch them all, making human insights indispensable. The Multigo platform lets your analysts connect and analyze seemingly unrelated data by bringing OSINT, internal logs, threat feeds and more into one place. Visit www.maltego.com to discover how Multigo supercharges analysts with real-time intelligence to identify and mitigate threats, keeping businesses and the public safe. That's www.maltego.com. You're all in one platform for OSINT and investigations. (upbeat music) (upbeat music) Bar Kadori is research team leader at ORCA Security. I recently sat down to chat with her about AI Goat, the first open source AI security learning environment based on the OWASP top 10 ML risks. - I think it's very hard to ignore the fact that AI has become one of the main things that everybody's talking about it. Like, it's became like a common interest from, you know, from my mom to my niece. So it's like generations over generations are making interest of the same thing. So we saw the same interest in a very specific manner, right? Also within the security community. So people are asking, how can I protect my AI models, infrastructure, everything that is related to AI, ML and so on. And many people also were asking, what are actually the risks? So two amazing researchers from my team were having the same thoughts and said, okay, well, the best way to learn stuff is by doing it like yourself. So they really love in general, the concepts of goats, like the kube goats, the tarot goats and all the cool goats that there are in the wild. And are free in the internet and the set. And they said, okay, why not making one of our own? And that would be like, first of all, our learning method of what are these misconfigurations and how to exploit them, but also to help other people to do the same, to learn, to experience these things with their own hands. So that was basically the thing that started the entire project. - Right, well, let me describe it for us. I mean, what exactly is this project and how do people go about using it? - This project is an open source project. You can go to our GitHub repository and actually fork this project. All you need to do is to provide some AWS credentials to our GitHub, the action. And the entire thing is being built automatically in your environment. What you get there is a vulnerable environment with multiple AI models in the background that could be attacked in multiple ways. So the main theme that Ophir, Yacobi and Sheer Sadon that came with this idea thought about is creating some store, like an online store where you can buy stuff. So I believe that it's a very common scenario for many online stores at the moment. People are using some AI for commendations for many cool stuff, like maybe to filter out offensive comments, which is one of our scenarios. And the user's scenarios and the Terraform that you get from our repo is just building the entire thing for you. - What you talk about having three missions that are included in AI Goat for the users to complete, can you describe those for us? What can folks expect to gain from them? - Yes, so we try to adhere to OWASP top 10 for machine learning, because we see that many organizations are using OWASP to set some kind of a standard of what do we need to know and what do we need to be protected from. So we took, I think it's around four of those risks and I'm not sure how much I should deep dive in it because I don't want to spoil anybody, but let's say few very common risks that are listed in the OWASP top 10 are there and maybe I can give an example. We talked about, for example, filtering of comments with offensive words. Let's say you could be attacking this specific model. So there are many ways to do that, right? So that's one of the things, one of the scenarios. - I understand that AI Goat is built on Amazon SageMaker. Are there any particular advantages that come with building on that platform? - We mainly chose Amazon because these specific researchers were very familiar with this infrastructure. But generally speaking, it was very easy for us to get the notebook, the Jupyter Notebook and develop everything from there. And it was very easy to combine everything with three buckets and all the other services with Amazon. You can find very similar services in every provider, probably even with the same, let's say, simple deployment like Google and Azure. I believe you can achieve the same goal, just from our strength and knowledge of working with Amazon. - I see. So have you had any feedback so far of people who have made use of this? How does it seem to be going? So we've talked with a few. Some people that are security experts and some that are not. People that are not security experts were very excited to see how a bunch of code that they might not think about deeply enough actually can create such a horrible misconfiguration, something that actually could be served to customers to clients. And they were very shocked about that. Security people really liked that, that they can really experience the risks that everybody are talking about. So these are the main feedbacks that we got so far. - And what sort of future plans do you have for AI Goed and any additional features or missions that you plan on introducing in the future? - Yes, definitely. So our main goal is to cover all, if not most, most of the OASP top 10 ML risks. And we also plan to maybe experiment like deploying it locally. So you will not need a cloud environment to run the entire environment to do something that is more local like with a Docker or local, other local containers or something like that. That's the main plan. - That's Bar Kadori Research Team Leader at ORCA Security. You can find out more about AI Goed through the links in our show notes. (upbeat music) (upbeat music) - This episode is brought to you by JIRA. JIRA is the only project management tool you need to plan and track work across any team. So if you're a team of developers, JIRA better connects you with teams like marketing and design so you have all the information you need in one place. Plus their AI helps you knock out the small stuff so you can focus on delivering your best work. Get started on your next big idea today in JIRA. - This episode is brought to you by CarMax. Searching for your next car? Tense settle, thrive. At CarMax, it's easy to shop online or in person with upfront pricing and tools designed to help. Finding a car you love has never been easier. Plus you can sell or treat in your current vehicle with an online offer in minutes. No strings attached. Start shopping now to find a car you'll love at CarMax.com. CarMax, the way it should be. (upbeat music) - And finally, our Law and Order desk tells us the tale of the clever inmates of the Kentucky Department of Corrections. Inmates are routinely charged for services like email, video visits, games, music and other digital media through their commissary accounts which are funded by money deposited by their loved ones. These accounts allow inmates to purchase tangible items from prison cantines as well as digital products offered by companies like Securus Technologies which provides the tablets and digital services in many prisons. Email and video visits which are relatively low-cost services in the outside world are sold at marked up rates and inmates. This practice has been criticized as exploitative, especially given the limited financial resources of many prisoners and their families. The money collected from these transactions typically results in profits for both the service providers and the prison system as contracts often include revenue sharing agreements. In this case, hundreds of inmates hacked their state issued tablets creating over $1 million in fake money. Using a simple trick, placing a minus sign before a dollar amount, they magically added funds to their commissary and digital accounts allowing them to splurge on email stamps, video visits, games and music. The scheme went unnoticed until an anonymous tip came in by which time nearly $88,000 had been spent. The inmate's digital shopping spree was so successful that officials struggled for months to recover the losses with some prisoners even walking out of jail with cash in their pockets. The fiasco has raised eyebrows and questions about who the real crooks are, those behind bars or the company's profiting off them, as one critic put it. At some point, you have to ask yourself who's really committed the crime here. (upbeat music) And that's The Cyberwire. For links to all of today's stories, check out our daily briefing at TheCyberwire.com. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com. We are privileged that N2K Cyberwire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world's preeminent intelligence and law enforcement agencies. N2K makes it easy for companies to optimize your biggest investment, your people. We make you smarter about your teams while making your teams smarter. Learn how at N2K.com. This episode was produced by Liz Stokes, our mixer is Trey Hester with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Eiben. Our executive editor is Brandon Karp. Simone Petrella is our president. Peter Kilby is our publisher, and I'm Dave Bitner. Thanks for listening. We'll see you back here tomorrow. [MUSIC PLAYING] [MUSIC PLAYING] [MUSIC PLAYING] Now a word from our sponsor, the Johns Hopkins University Information Security Institute, currently seeking qualified applicants for its innovative Master of Science in Security Informatics degree program. Study alongside world-class interdisciplinary experts and gain unparalleled educational research and professional experience in information security and assurance. Interested US citizens should consider the National Science Foundation's Cyber Corps Scholarship for Service program, which covers tuition, required fees, university sponsored health insurance, and a $6,000 annual professional development allowance, as well as providing a $37,000 additional annual stipend. Apply for the scholarship and the spring semester by November 15. Learn more at cs.jhu.edu/mssi. [MUSIC PLAYING] (gentle music)
