Attacks on critical infrastructure are ramping up — but organizations now have the knowledge and tools needed to defend against them.

Sean Tufts, Managing Partner for Critical Infrastructure, Optiv

April 12, 2024

4 Min Read

Source: Andrii Yalanskyi via Alamy Stock Photo

COMMENTARY

Recent headlines around Volt Typhoon, a state-sponsored Chinese threat actor targeting US critical infrastructure, have caused alarm over attacker dwell time and put critical infrastructure security in the spotlight. The group targets network infrastructure devices to gain access to critical infrastructure organizations and then uses living-off-the-land techniques to lurk on victims' environments to position themselves for future attacks. Volt Typhoon has been known to target the communications, energy, water, and transportation sectors.

There's no question that critical infrastructure threats such as what we're seeing from Volt Typhoon are concerning and need to be taken seriously. Attacks on critical industries have the potential to cause widescale damage and disruption and can even put people's lives at risk — compromised water sources, gas lines, utilities and healthcare devices, for example, could have a life-threatening impact. Given the high stakes, critical infrastructure organizations need to strengthen security to keep people safe and the global economy working.

However, as someone who works on the front lines of critical infrastructure security, I believe that, rather than panicking about Volt Typhoon and the threats the group represents, we should focus on several positives:

*   Malware activity targeting critical infrastructure is custom and challenging. It takes many hands to build an effective package. We know this because we are unfortunately finding complex builds. The positive here, however, is that we are now looking for malware activity.
    
*   Many of the 16 CISA-defined critical infrastructure industries have matured their security defenses and are in a better position to defend against advanced threats than they were a few years ago. There is a long path to "secure," but we have better prevention and detection than we did in 2020.
    
*   It's not uncommon for malware to sit dormant for years until the time is right to strike. Knowing this, security operations center (SOC) teams have focused on threat detection, advancing their method for absorbing critical infrastructure, industry control system (ICS), and operational technology (OT) alerts, which has lowered malware dwell time and improved security overall.
    

**Focus Areas for Critical Infrastructure Sectors**

One of the biggest takeaways of the Volt Typhoon activity is that it's crucial for critical infrastructure organizations to conduct risk assessments frequently to see how threats against their company are changing and then use that intelligence to adapt their cybersecurity and cyber resilience strategies accordingly.

If you don't know a threat is there, you can't defend against it. And not all organizations are targeted with the same threats. Additionally, your biggest threat today may not be the greatest source of risk tomorrow. For all these reasons, frequently identifying and quantifying the unique risks to your organization is the first step to staying secure and cyber resilient.

Once the risk assessment is complete, you can then develop or refine your security plan accordingly. Because threats and business needs change all the time, this should be a living strategy. That said, there are a few security fundamentals that should always be prioritized, including:

*   Network segmentation: Divides the network into separate zones for different types of users and services. This approach helps contain attacks and limits the lateral movement of threats within the network.
    
*   Intrusion detection systems (IDS): Monitors network traffic for suspicious activity. This is important because traditional endpoint security tools aren't able to be installed on all network infrastructure devices.
    
*   Identity security: The optimal combination is secure remote access with privileged access management (PAM). The former allows users to safely connect to networks and prevents unauthorized access. The latter secures privileged user accounts that have high-level access to individual controllers in a critical site, so cyber attackers can't exploit them to move across the victim's environment.
    

**From Past to Present**

Five years ago, critical infrastructure security had very limited awareness, and headlines on activity from threat actors like Volt Typhoon would be alarming. We've come a long way since then, though — not only in recognizing risks to these sectors but also establishing cybersecurity benchmarks for keeping critical infrastructure organizations secure.

So, while it's true that attacks on critical infrastructure are ramping up, it's also true that organizations now have the knowledge and tools needed to defend against them. Organizations no longer need to be caught off guard. With risk assessments, security fundamentals, and advanced security strategies that target unique threats to the business, critical infrastructure organizations can build strong security programs that are able to withstand any type of attack and keep the organization cyber resilient.

**About the Author(s)**

Managing Partner for Critical Infrastructure, Optiv

Sean Tufts is a former NFL linebacker turned cybersecurity leader with more than 10 years of cyber experience and 15 years of ICS experience. As the managing partner for critical infrastructure at Optiv, he heads a business unit responsible for identifying, modernizing and securing critical infrastructure clients' most vital business functions and operational assets. Optiv's IoT/OT team delivers strategic end-to-end security expertise, underscored by Sean’s hands-on knowledge of cybersecurity best practices for industrial and critical settings, including energy, oil and gas, and healthcare. Prior to Optiv, Sean had a hand in developing more than 3,500 MW of wind energy farms for a private EPC. His operations experience allowed for a smooth transition over to General Electric in 2015, where he joined the recently acquired Wurldtech Cybersecurity team. In this role, Sean embedded cybersecurity programs into the rotating machinery controls for GE Power, GE O&G (BakerHughes) and GE Renewables.

Critical Infrastructure Security: Observations From the Front Lines

With stores of mega-corporate business intelligence, a Sisense compromise could potentially mushroom into supply chain cyberattack disaster, experts fear.

Source: GK Images via Alamy Stock Photo

While details are still emerging, the US federal government issued a password compromise warning to customers of business analytics platform Sisense and encouraged an immediate reset.

The advisory from the Cybersecurity and Infrastructure Security Agency (CISA) urges Sisense customers not only to reset credentials to the platform, but also for passwords to any other sensitive data potentially accessed through Sisense services.

The software-as-a-service (SaaS) platform uses what it calls "AI-driven analytics" to provide insights to more than 2,000 companies including Air Canada, Nasdaq, and ZoomInfo.

Sisense did not respond to Dark Reading's request for comment.

Sisense is an ideal target for threat hunters interested in launching advanced supply chain cyberattacks, according to Patrick Tiquet, vice president of security and architecture at Keeper Security.

"Attackers may seek to exploit their access to further infiltrate the connected networks of Sisense's customers, creating a ripple effect down the supply chain," Tiquet said, in a statement. "Customers of Sisense should follow CISA's guidance immediately and reset credentials and secrets that have been exposed to or used to access Sisense services."

**Sisense Supply Chain Attacks Possible**

The federal government's quick response is a sign the Sisense compromise is being taken very seriously, Sean Deuby, principal technologist with Semperis, explained in a statement, characterizing CISA's advisory as "ominous at best."

"As we know from recent breaches disclosed by MGM Resorts and Caesars Palace, the supply chain continues to be the most difficult arena to secure, and it's fertile ground for cyber adversaries," Deuby's statement continued. "And these two examples unfortunately pale in comparison to the damage caused by supply chain attacks such as WannaCry, SolarWinds, and Kaseya, which impacted tens of thousands of organizations and cost hundreds of millions in incident response and recovery costs."

In addition to password resets, Jason Soroko, senior vice president of product with Sectigo, recommends Sisense customers take a look at API password keys.

"The details around the Sisense breach are unknown; however, my recommendations for action would be to change passwords of any Sisense accounts, reset API keys used for services associated with Sisense, and look for any unusual activity from April 5 onwards," Soroko said in a statement.

Sisense Password Breach Triggers 'Ominous' CISA Warning

PRESS RELEASE

RESTON, Va. and TEL AVIV, Israel, April 11, 2024/PRNewswire-PRWeb/ -- Knostic, the world's first provider of need-to-know access controls for Generative AI, emerges today from stealth, having been named one of the top three finalists for the 2024 RSA Conference Launch Pad competition.

Organizations are rapidly adopting Large Language Models (LLMs) and tools such as Microsoft Copilot and Glean to create ChatGPT-like systems, but with their own institutional knowledge. Such systems also introduce business risks, primarily by exposing content outside of an employee's need-to-know, e.g., bonuses, sales revenue, and mergers and acquisition information. With Knostic, employees can access everything they need, but with answers shaped to just what they need to know in order to do their job per organizational policy.

"Microsoft Copilot, Glean, and other LLMs are akin to a race car engine. Data is the fuel. But who would want to drive fast without brakes? We are the brakes, giving enterprises the confidence to accelerate their adoption of LLMs, while ensuring the safety of their most valuable assets," said Sounil Yu, co-founder and CTO of Knostic.

Knostic's offering also helps organizations with the early adoption stage, understanding their exposure to need-to-know violations and the path towards safe implementation of LLM-based tools. Legacy approaches for data security such as permission-based access control fall short at the LLM age, and new approaches are needed.

Gadi Evron, co-founder and CEO of Knostic, further elaborated: "From a misfiled payroll spreadsheet and a sensitive presenter comment left in a template, or even secrets inferred from legitimately accessible content, LLMs accelerate the discovery of harmful, and potentially dangerous information to anyone who asks. Knostic goes beyond legacy permission models and shapes access based on actual user need-to-know."

Founded in late 2023 by cybersecurity veterans Gadi Evron (serial entrepreneur, previously from Citibank and PwC) and Sounil Yu (former Chief Security Scientist at Bank of America), Knostic raised a $3.3M pre-seed financing round, with participation from Shield Capital, Pitango First, DNX Ventures, and Seedcamp, as well as angel investors Kevin Mahaffey (Lookout), David Cross (Rain Capital), Bryson Bort (SCYTHE), Travis McPeak (Resourcely), Matthew Honea (Forward Networks), and others.

Raj Shah of Shield Capital: "Safety is a critical enabler for enterprise adoption of Large Language Models," said Raj Shah, Managing Partner at Shield Capital. "We are proud to be partnered with Gadi and Sounil who are building breakthrough solutions at Knostic.ai."

Admr. Mike Rogers(Ret.), former head of the NSA: "Knostic's unique approach around need-to-know personalization is what unlocks LLMs for enterprises, not to mention in the DoD space. I'm excited for the journey ahead."

About Knostic

Knostic is the world's first provider of need-to-know based access controls for Large Language Models (LLMs). With knowledge-centric capabilities, Knostic enables organizations to accelerate the adoption of LLMs and drive AI-powered innovation without compromising value, security, or safety.

For more details, visit https://www.knostic.ai/

Knostic Raises $3.3M for Enterprise GenAI Access Control

PRESS RELEASE

SAN JOSE, Calif. – April 11, 2024 – Cohesity today announced a deepening of its cyber resilience collaboration with IBM. The enhanced relationship will accelerate the development of essential cyber resilience capabilities to address organizations' critical need for increased data security and resilience across hybrid cloud environments. With this announcement, Cohesity completes its Series F financing, with IBM joining NVIDIA as a strategic investor.  

The most recent Cost of a Data Breach report sponsored by IBM Security shows the global average cost of a data breach in 2023 was $4.45 million, a 15% increase over the previous three years. To help clients tackle this issue head-on, IBM has delivered Cohesity capabilities into IBM’s end-to-end cyber resilience platform, IBM Storage Defender, strengthening our customers’ ability to recover from data breaches and cyber-attacks.  

“IBM is a powerful partner in the enterprise cloud and IT infrastructure market. They bring decades of expertise to our relationship, in addition to their investment in our business to help fund incremental research and development to offer customers even stronger cyber resilience,” said Sanjay Poonen, CEO and President, Cohesity. “We’re thrilled that IBM is working with us as we continue to help combined customers detect threats rapidly and maintain operations during an attack to avoid business interruptions.”

“Data breaches continue to be one of the biggest threats organizations face to advancing business outcomes,” said Ric Lewis, SVP, Infrastructure at IBM. “We’re excited to deepen our collaboration with Cohesity to bring clients innovative end-to-end software-defined solutions designed to increase their cyber resilience and help avoid business interruptions.”

Cohesity’s collaboration with IBM has brought Cohesity DataProtect together with IBM's Storage Defender Solution to help their joint customers protect, monitor, manage, and recover data. Cohesity DataProtect is a high-performance, secured backup and recovery solution. It is designed to safeguard your data against sophisticated cyber threats and offers comprehensive policy-based protection for your cloud-native, SaaS, and traditional data sources. DataProtect converges multiple-point products into a single multicloud platform deployed on-premises or consumed as a service.

IBM Storage Defender leverages AI and event monitoring across multiple storage platforms through a single pane of glass to help protect organizations' data layer from risks like ransomware, human error, and sabotage. Additionally, IBM Storage Defender is anticipated to include a cyber vault and clean room features with automated recovery functions designed to help companies restore business-critical data in hours or minutes from what used to take days.  
Statements regarding IBM's or Cohesity’s future direction and intent are subject to change or withdrawal without notice and represent goals and objectives only.

About Cohesity  
Cohesity is a leader in AI-powered data security and management. Aided by an extensive ecosystem of partners, Cohesity makes it easier to secure, protect, manage, and get value from data – across the data center, edge, and cloud. Cohesity helps organizations defend against cybersecurity threats with comprehensive data security and management capabilities, including immutable backup snapshots, AI-based threat detection, monitoring for malicious behavior, and rapid recovery at scale. Cohesity solutions can be delivered as a service, self-managed, or provided by a Cohesity-powered partner. Cohesity is headquartered in San Jose, CA, and is trusted by the world’s largest enterprises, including 44 of the Fortune 100.

Cohesity Extends Collaboration to Strengthen Cyber Resilience With IBM Investment in Cohesity

Project behind the Rust programming language asserted that any calls to a specific API would be made safe, even with unsafe inputs, but researchers found ways to circumvent the protections.

Source: Monticello via Shutterstock

The Rust Project has issued an update for its standard library, after a vulnerability researcher discovered a specific function used to execute batch files on Windows systems could be exploited using an injection flaw.

The set of common functions included with Rust programming language, known as the standard library, offers the ability — among its many other capabilities — to execute Windows batch files through the Command API. The function, however, did not process the inputs to the API rigorously enough to eliminate the possibility of injecting code into the execution, according to a Rust Security Response Working Group advisory published April 9.

While Rust is well known for its memory-safety features, the incident underscores that the programming language is not proof against logic bugs, says Yair Mizrahi, a senior vulnerability researcher at application-security firm JFrog.

"Overall, Rust's memory safety is a notable advantage, but developers must also pay close attention to the potential for logical bugs to ensure the overall security and reliability of their Rust-based applications," he says. "To address such logical issues, Rust encourages a rigorous testing and code review process, as well as the use of static analysis tools to identify and mitigate logical bugs."

Rust has gained a reputation for being a very secure programming language, because it does not leave applications open to the often-severe class of flaws known as memory-safety vulnerabilities. Google has attributed a drop in memory-unsafe code to the shift to memory-safe languages, such as Rust and Kotlin, while Microsoft found that up until 2018, when it shifted to memory-safe language, such vulnerabilities regularly accounted for 70% of all security issues.

**Windows Poses a Batch of Issues**

The latest issue is not a memory-safety vulnerability, but a problem with the logic used to process untrusted input. Part of Rust's standard library allows the developer to call a function to send a batch file to the Windows machine for processing. There are reasons for submitting code to the host as a batch file, says Joel Marcey, director of technology at Rust Foundation, which supports the programming language's maintainers and the Rust ecosystem.

"Batch files are run for many reasons on systems, and Rust provides an API to allow you to execute those fairly easily," he says. "So while this is not necessarily the most common use case for Rust, the API, before the fixed patch was implemented, allowed for malicious actors to theoretically take over your system by running arbitrary commands, and this is definitely a critical vulnerability."

Typically, a developer can forward a workload to the Windows host to be executed as a batch process through the Command applications programming interface (API), part of the standard library. Typically, Rust guarantees the safety of any call to the Command API, but in this case, the Rust Project could not find a way to prevent the execution of all arguments, primarily because Windows does not adhere to any sort of standard, and that the API could allow an attacker to submit code that would then be executed.

"Unfortunately it was reported that our escaping logic was not thorough enough, and it was possible to pass malicious arguments that would result in arbitrary shell execution," according to the Rust Security Response WG.

**Rust Project Proves Responsive**

While dealing with any vulnerability can be a headache, the Rust Project has shown that the group quickly resolves issues, say experts. The standard library vulnerability, CVE-2024-24576, is ultimately an issue with the Windows batch-processing problem and affects other programming languages, if they do not adequately parse the arguments sent to the Windows batch process. The Rust Project appears to be the first out the door with a fix for passing arguments to the Windows CMD.exe process, says JFrog's Mizrahi.

The groups could not completely eliminate the issue, but the Command API will not return an error when any augments passed to the function could be unsafe, the Rust Project said. 

JFrog's Mizrahi urges Rust to broaden its use of static application security testing and expand the use of fuzzing and dynamic testing.

"Overall, Rust is on the right track by emphasizing memory safety and encouraging rigorous testing practices," he says. "Combining these efforts with continued advancements in static analysis and fuzzing can help the Rust community and the broader software industry make significant strides in addressing logical bugs and input validation flaws in the years to come."

**About the Author(s)**

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Critical Rust Flaw Poses Exploit Threat in Specific Windows Use Cases

North Korean hackers break ground with new exploitation techniques for Windows and macOS.

Source: Stuart Miles via Alamy Stock Photo

This month, MITRE will be adding two sub-techniques to its ATT&CK database that have been widely exploited by North Korean threat actors.

The first, not entirely new, sub-technique involves manipulation of Transparency, Consent, and Control (TCC), a security protocol that regulates application permissions on Apple's macOS.

The other — called "phantom" dynamic link library (DLL) hijacking — is a lesser-known subset of DLL hijacking, where hackers take advantage of referenced but nonexistent DLL files in Windows.

Both TCC manipulation and phantom DLL hijacking have allowed North Korean hackers to gain privileged access into macOS and Windows environments, respectively, from which they could perform espionage and other post-exploitation actions.

**TCC Manipulation**

"North Korea is opportunistic," says Marina Liang, threat intelligence engineer at Interpres Security. "They have a dual purpose of espionage and also revenue generation, so they're going to look to be where their targets are. And because macOS is increasing in popularity, that's where they started to pivot."

One way North Korean advanced persistent threats (APTs) have been breaching Macs lately is via TCC, an essential framework for controlling application permissions.

TCC has a user- and system-level database. The former is protected with permissions — a user would require Full Disk Access (FDA), or something similar — and the latter by System Integrity Protection (SIP), a feature first introduced with macOS Sierra. Theoretically, privileges and SIP are guards against malicious TCC access.

In practice, however, there are scenarios where each can be undermined. Administrators and security apps, for example, might require FDA to properly function. And there are times when users circumvent SIP.

"When developers need flexibility on their machine, or they're being blocked by the operating system, they might decrease those controls that Apple has in place to allow them to code and create software," Liang explains. "Anecdotally, I've seen that developers troubleshooting will try to figure out what's in place \[on the system\], and disable it to see if that solves their issue."

When SIP is switched off, or FDA on, attackers have a window to access the TCC database and grant themselves permissions without alerting the user.

There are a number of other ways to potentially get through TCC, too. For example, some sensitive directories such as /tmp fall outside of TCC's domain entirely. The Finder app has FDA enabled by default, and it's not listed in the user's Security & Privacy window, meaning that a user would have to be independently aware and manually revoke its permissions. Attackers can also use social engineering to direct users in disabling security controls.

A number of malware tools have been designed to manipulate TCC, including Bundlore, BlueBlood, Callisto, JokerSpy, XCSSET, and other unnamed macOS Trojans recorded on VirusTotal. Liang identified Lazarus Group malware, which attempts to dump the access table from the TCC database, and CloudMensis by APT37 (aka InkSquid, RedEyes, BadRAT, Reaper, or ScarCruft) doggedly tries to identify where SIP is disabled in order to load its own malicious database.

Dark Reading contacted Apple for a statement regarding TCC abuses and received no reply.

To block attackers taking advantage of TCC, the most important thing is keeping SIP enabled. Short of that, Liang highlights the need to know which apps have what permissions in your system. "It's being aware of what you're granting permissions to. And then — obviously it's easier said than done — exercising \[the principle of\] least privileged \[access\]. If certain apps don't necessarily need certain permissions to function, then remove them," she says.

Besides TCC vulnerabilities, APAC-area threat actors have been exploiting an even stranger flaw in Windows. For some reason, the operating system references a number of DLL files that don't actually exist.

"There are a ton of them," Liang marvels. "Maybe someone was working on a project to create specific DLLs for specific purposes, and maybe it got shelved, or they didn't have enough resources, or just forgot about it."

Dark Reading has reached out to Microsoft for clarification on this point.

To a hacker, a so-called "phantom" DLL file is like a blank canvas. They can simply create their own malicious DLLs with the same name, and write them to the same location, and they'll be loaded by the operating system with nobody the wiser.

The Lazarus Group and APT 41 (aka Winnti, Barium, Double Dragon) have used this tactic with IKEEXT, a service necessary for authentication and key exchange within Internet protocol security. When IKEEXT triggers, it attempts to load the nonexistent "wlbsctrl.dll." APT41 has also targeted other phantom DLLs like "wbemcomn.dll," loaded by the Windows Management Instrumentation (WMI) provider host.

Until Windows rids itself of phantom DLLs, Liang highly recommends companies run monitoring solutions, deploy proactive application controls, and automatically block remote loading of DLLs, a feature included by default in Windows Server.

**About the Author(s)**

Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.

DPRK Exploits 2 MITRE Sub-Techniques: Phantom DLL Hijacking, TCC Abuse

Led by industry veterans Gadi Evron and Sounil Yu, the new company lets organizations adjust how much information LLMs provide based on the user's role and responsibilities.

Source: Deemerwha Studio via Shutterstock

Security startup Knostic is the latest company to address the various challenges organizations face as they adopt generative artificial intelligence (AI) tools. This week Knostic emerged from stealth with $3.3 million in pre-seed funding to bring "need-to-know" access controls to large language models (LLMs).

Enterprises in their AI transformation journey are sprinkling AI capabilities throughout their workflows and processes to boost productivity, reduce costs, and increase efficiency, says Gadi Evron, co-founder and CEO of Knostic. Enterprises are adopting LLMs to build ChatGPT-like enterprise search systems based on their own data sources or by enabling capabilities that are bundled into the applications and platforms they are already using. Data privacy is one of the biggest barriers to AI adoption, Evron says, noting that AI without controls potentially exposes the organization to increased risk, primarily by exposing information to the wrong people.

"How can we curate personalized information and actually give you value — answer with what you need to know instead of just saying stuff?" Evron says.

**Access Control for LLMs Is Necessary**

With Knostic, employees can access what they need and receive answers that align with the information they require to perform their jobs.

For example, an organization can have a system that answers questions such as features expected in the next product release, the latest sales numbers and revenue figures, bonus structure, due diligence results in a merger-and-acquisition scenario, or the status of an infrastructure project. But not everyone should get the same answer to every question. While the CFO and CTO needs to know the quarterly sales revenue, the marketing intern probably does not, Evron notes.

Knostic's access control engine considers whether the answer is appropriate for the questioner's role; if it is not, it answers with, "I'm sorry, that is confidential information," Evron says. Or instead of just saying no, the system can respond that even though the answer is confidential, the marketing campaigns that the intern worked on boosted sales over the quarter. That's where personalization and curation comes in.

Evron made it a point to emphasize that access control is binary — either the person can have access or they cannot. Knostic's focus on "need to know" makes it possible to provide some information even when the answer is no.

"When we say no, we are not enabling the business," Evron says, noting that providing information in a different format or with related context helps business users more than just being told no. "Once you figure out what you are allowed to know, you can solve DLP \[data loss prevention\] and IAM \[identity access management."

**What 'Need to Know' Looks Like**

When thinking about access control, organizations need to consider factors such as whether the system is internal or public-facing, whether the data used to generate responses is sensitive, and the role of the person asking the questions, says Sounil Yu, Knostic's co-founder and CTO.

There has been much discussion about how organizations need to build guardrails into AI systems to prevent abuse and not provide answers that could cause harm. However, this approach tend to be one-size-fits-all and doesn't account for a person's specific circumstances, Yu says. Consider how many publicly available chatbots would not provide medical information because they are not medical professionals and should not be used for diagnostics. But if it's a physician trying to access information as part of an investigation, that particular restriction is not helpful. Access control, unlike guardrails, take into account factors such as time, sensitivity of data, and person's role to determine how to shape the answers.

For example, a company may have a customer service chatbot that troubleshoots and assists in fixing common issues. That chatbot will have access to the same internal knowledgebase articles that the customer service representative would have. But what happens if there is information about a product that is not yet available on the market? The customer service representative needs that information to be ready when the product is available and even beforehand for training purposes. But there could be a lot of problems for that company if the customer learns details about the product from the chatbot before launch.

Instead of creating two systems — one for internal use and the other public-facing — the company can conceivably use Knostic's approach to provide different answers to the customer and to the customer service representative.

**Company Details**

Evron and Yu have deep industry expertise. Evron founded cyber deception company Cymmetria and previously held roles at Citibank and PwC. Yu is the former chief security scientist at Bank of America and former CISO and head of research at JupiterOne.

Knostic, founded in 2023, has raised $3.3 million in pre-seed financing from Shield Capital, Pitango First, DNS Ventures, Seedcamp, and several angel investors. Retired Admiral Mike Rogers, former head of the National Security Agency and a member of Knostic's advisory board, said in a statement that the startup will "unlock LLMs for enterprises."

Knostic has customers across a range of industries, including retail and financial services. It is also one of the top three finalists for the 2024 RSA Conference Launch Pad, where founders of companies incorporated for two years or less get to pitch ideas and products "on the cusp of being the next big thing" to a panel of venture capitalists. This year's Launch Pad will be on Tuesday, May 7.

**About the Author(s)**

As Dark Reading’s managing editor for features, Fahmida Y Rashid focuses on stories that provide security professionals with the information they need to do their jobs. She has spent over a decade analyzing news events and demystifying security technology for IT professionals and business managers. Prior to specializing in information security, Fahmida wrote about enterprise IT, especially networking, open source, and core internet infrastructure. Before becoming a journalist, she spent over 10 years as an IT professional -- and has experience as a network administrator, software developer, management consultant, and product manager. Her work has appeared in various business and test trade publications, including VentureBeat, CSO Online, InfoWorld, eWEEK, CRN, PC Magazine, and Tom’s Guide.

Knostic Brings Access Control to LLMs

Attackers have compromised an 8-year-old version of the cloud platform to distribute various malware that can take over infected systems.

Source: Age Foto Stock via Alamy Stock Photo

Attackers are using an 8-year-old version of the Redis open-source database server to maliciously use Metasploit's Meterpreter module to expose exploits within a system, potentially allowing for takeover and distribution of a host of other malware.

Researchers from AhnLab Security Intelligence Center (ASEC) said in a blog post that attackers likely are exploiting inappropriate settings or a vulnerability present in an implementation of Redis to distribute Meterpreter for nefarious use.

"Such malware strains attack Redis servers open to the public on the Internet with the authentication feature disabled," ASEC researcher Sanseo wrote in the post. "After gaining access to Redis, threat actors can install malware through known attack methods."

Meterpreter is an aspect of the legitimate Metasploit pen-testing tool that allows threat actors to fetch various Metasploit modules, or working exploits for known bugs, and then use them on the targeted system, according to ASEC. Metasploit is a tool similar to Cobalt Strike that also is oft-abused by threat actors to execute attacks.

"When Metasploit is installed, the threat actor can take control of the infected system and also dominate the internal network of an organization using the various features offered by the malware," Senseo explained.

**How It's Done**

Redis is an open source, in-memory data structure storage service that is increasingly being used in various ways in cloud environments; its primary purpose is typically for session management, message broker, and queues, according to ASEC. This increased prevalence also is making it a more popular target for attackers, who have abused vulnerable Redis servers to spread a host of malware, including Kinsing, P2PInfect, Skidmap, Migo, and HeadCrab.

By using Metasploit Meterpreter, there are two main attacks methods that actors can employ to spread malware once they've gained access to Redis. One is to register the malware-executing command as a Cron task, and the other is using the SLAVEOF command to set the command as the Slave server of the Redis server that has the malware.

ASEC witnessed an attack targeting a system that used Windows, along with version Redis 3.x, which was developed in 2016. The age of the abused platform means "it was likely vulnerable to attacks that abuse misconfiguration or attacks on known vulnerabilities," Senseo noted.

In the attack, the threat actor first downloaded PrintSpoofer, a privilege escalation tool, in the installation path for Redis. Attackers often use this tool against vulnerable services that are not managed properly or have not been patched to the recent version; in fact, ASEC has witnessed a flurry of these attacks against Redis since the second half of last year.

"The difference between the cases from the past and the cases now is that PrintSpoofer is installed using the CertUtil tool instead of PowerShell," Senseo explained.

**Meterpreter As Malicious Backdoor**

After installing PrintSpoofer, the threat actor installed Meterpreter Stager — one of two types of the module, the difference between which depends on the way it is installed. Meterpreter is to the Metasploit tool as Beacon is to Cobalt Strike.

When an attacker uses Stager, it means the installation is via the staged version, which downloads Meterpreter directly from the attacker's command-and-control (C2) server. This decreases its footprint version downloading it in a "stageless" way within a payload, according to ASEC.

Once this process is complete, Meterpreter is executed in the memory, which allows the threat actor to take control over the infected system and "also dominate the internal network of an organization using the various features offered by the malware," Senseo wrote.

**Update Now**

ASEC included a list of files, behaviors, and indicators of compromise of the attack in its post to help network administrators identify evidence of the threat on a system.

To avoid being compromised by the attack vector, ASEC advised that administrators of environments with Redis 3.x installed should, at the very least, update the server immediately with available patches to ensure that known vulnerabilities can't be exploited. The best-case scenario, however, would be to update V3 to the latest version of the server.

Administrators should also install security-protection software that restricts external access to Redis servers open to the Internet so they can't be identified and abused, ASEC advised.

**About the Author(s)**

Elizabeth Montalbano is a freelance writer, journalist, and therapeutic writing mentor with more than 25 years of professional experience. Her areas of expertise include technology, business, and culture. Elizabeth previously lived and worked as a full-time journalist in Phoenix, San Francisco, and New York City; she currently resides in a village on the southwest coast of Portugal. In her free time, she enjoys surfing, hiking with her dogs, traveling, playing music, yoga, and cooking.

Expired Redis Service Abused to Use Metasploit Meterpreter Maliciously

In new threat notification information, Apple singled out Pegasus vendor NSO Group as a culprit in mercenary spyware attacks.

Source: nk Drop via Shutterstock

Apple this week updated its spyware threat notification system to alert and assist users it identifies as targeted by mercenary spyware attacks.

To date, Apple has spotted and alerted users in more than 150 countries that they were targeted in these attacks.

Such spyware attacks target individuals largely because of who they are and what they do, Apple said. While most people will never be targeted by these types of attacks, a small number of people — journalists, activists, politicians, and the like — will potentially be victimized. 

Apple said once it detects spyware it notifies the user within two days. The vendor does provide threat actor attribution, however.

In its notice, Apple pointed fingers at the NSO Group, one of the private companies that develops the mercenary spyware Pegasus that is used in such attacks. "According to public reporting and research by civil society organizations, technology firms, and journalists, individually targeted attacks of such exceptional cost and complexity have historically been associated with state actors, including private companies," stated the notice on Apple's support page. 

Should an individual receive a threat notification, Apple recommends that they seek the help of either Apple or a third party. Apple's notifications never ask the user to click on any link or install an application; the threat notification can be verified simply by signing into applied.apple.com, where the notification will be at the top of the page. 

**About the Author(s)**

Apple Warns Users in 150 Countries of Mercenary Spyware Attacks

A machine learning bill of materials (MLBOM) framework can bring transparency, auditability, control, and forensic insight into AI and ML supply chains.

Source: Cagkan Sayin via Alamy Stock Photo

COMMENTARY

The days of large, monolithic apps are withering. Today's applications rely on microservices and code reuse, which makes development easier but creates complexity when it comes to tracking and managing the components they use. 

This is why the software bill of materials (SBOM) has emerged as an indispensable tool for identifying what's in a software app, including the components, versions, and dependencies that reside within systems. SBOMs also deliver deep insights into dependencies, vulnerabilities, and risks that factor into cybersecurity.

An SBOM allows CISOs and other enterprise leaders to focus on what really matters by providing an up-to-date inventory of software components. This makes it easier to establish and enforce strong governance and spot potential problems before they spiral out of control.

Yet in the age of artificial intelligence (AI), the classic SBOM has some limitations. Emerging machine learning (ML) frameworks introduce remarkable opportunities, but they also push the envelope on risk and introduce a new asset to organizations: the machine learning model. Without strong oversight and controls over these models, an array of practical, technical, and legal problems can arise. 

That's where machine learning bills of materials (MLBOMs) enter the picture. The framework tracks names, locations, versions, and licensing for assets that comprise an ML model. It also includes overarching information about the nature of the model, training configurations embedded in metadata, who owns it, various feature sets, hardware requirements, and more.

**Why MLBOMs Matter**

CISOs are realizing that AI and ML require a different security model — and the underlying training data and models that run them are frequently not tracked or governed. An MLBOM can help an organization avoid security risks and failures. It addresses critical factors like model and data provenance, safety ratings, and dynamic changes that extend beyond the scope of SBOM.

Because ML environments are in a constant state of flux and changes can take place with little or no human interaction, issues related to data consistency — including where it originated, how it was cleaned, and how it was labeled — are a constant concern.

For example, if a business analyst or data scientist determines that a data set is poisoned, the MLBOM simplifies the task of finding all the various touch points and models that were trained with that data. 

**MLBOMs Can Elevate Protection**

Transparency, auditability, control, and forensic insight are all hallmarks of an MLBOM. With a comprehensive view of the "ingredients" that go into an ML model, an organization is equipped to manage its ML models safely.

Here are some ways to build a best practice framework around an MLBOM:

*   Recognize the need for an MLBOM: It's no secret that ML fuels business innovation and even disruption. Yet it also introduces significant risks that can extend to reputation, regulatory compliance, and legal issues. Having visibility into ML models is critically important.
    

*   Conduct essential due diligence: An MLBOM should integrate with the CI/CD pipeline and deliver a high level of clarity. Support for standard frameworks like JSON or OWASP's CycloneDX can unify SBOM and MLBOM processes.
    

*   Analyze policies, processes, and governance: It's essential to sync an MLBOM with an organization's workflows and business processes. This increases the odds that ML pipelines will work as intended, while minimizing risks related to cybersecurity, data privacy, compliance, and other risk-associated areas.
    

*   Use an MLBOM with machine learning gates: Rigorous controls and gateways lead to essential AI and ML guardrails. In this way, the business and the CSO can build on successes and harness ML to unlock greater cost savings, performance gains, and business value.
    

Machine learning is radically changing the business and IT landscape. By extending proven SBOM methodologies to ML through MLBOMs, it's possible to take a giant step toward boosting machine learning performance and protecting data and assets.

**About the Author(s)**

CISO, Protect AI

Diana Kelley is CISO for Protect AI. She was Cybersecurity Field CTO for Microsoft, Global Executive Security Advisor at IBM Security, GM at Symantec, VP at Burton Group (now Gartner), a Manager at KPMG, CTO and co-founder of SecurityCurve, and Chief vCISO at SaltCybersecurity.

Source

DARKReading