RansomHub, which is speculated to have some connection to ALPHV, has stolen 4TB of sensitive data from the beleaguered healthcare company.

Source: Lenetstan via Shutterstock

Change Healthcare reportedly is facing another attack, this time by ransomware gang RansomHub, just weeks after it became a victim in an ALPHV/BlackCat cyberattack.

RansomHub is demanding an extortion payment for an alleged 4TB of data it stole from the company; otherwise, it's threatening to sell the data to the highest bidder in 12 days.

The stolen information contains the sensitive data of US military personnel and patients, as well as medical records and financial information, among other things.

"Change Healthcare and United Health, you have one chance in protecting your clients data," RansomHub reportedly said. "The data has not been leaked anywhere and any decent threat intelligence would confirm that the data has not been shared nor posted."

This puts Change Healthcare, a subsidiary of United Healthcare, in what likely is a difficult position in having to decide whether or not paying the ransom is its best option when it has only just gotten back on its feet from the last attack. 

According to Malachi Walker, security adviser at DomainTools, whose team has been following ALPHV/BlackCat's activity, "this new information supports a few theories that our team has suggested; but no matter the case, it's unfortunate that Change Healthcare is caught in the middle of this conflict between two rival gangs," he said in an emailed statement.

"Even if not connected to BlackCat, RansomHub could be claiming ties to their victims to scare them into making a payment," he added. "There is a vast underground economy booming around the ransomware scene today where affiliate programs recruit on hacker forums, initial access brokers sell footholds into organizational networks, and ransomware groups collaborate to share information."  

Though there is significant speculation regarding whether ALPHV rebranded to RansomHub, or if there is any connection at all, Walker said there is no confirmation, as it's too early to tell.

**About the Author(s)**

Round 2: Change Healthcare Targeted in Second Ransomware Attack

PRESS RELEASE

Washington, D.C. – Following a new report about how shambolic cybersecurity practices by a federal technology contractor enabled a massive hack of the U.S. government systems, Senator Ron Wyden, D-Ore., released draft legislation today to set mandatory cybersecurity standards, save taxpayers money, and break the anti-competitive lock-in effect caused by proprietary, walled-garden software. 

Multiple disastrous hacks of U.S. government systems have been enabled by poor cybersecurity practices by Big Tech companies providing services to the government. Most recently, the Department of Homeland Security Cyber Safety Review Board cited a “cascade” of errors by Microsoft, allowing Chinese hackers to breach federal email systems. 

The Secure and Interoperable Government Collaboration Technology Act would require the government to set new secure, open standards for collaboration software, which would also promote competition and save taxpayer dollars. 

“My bill will secure the U.S. government’s communications from foreign hackers, while protecting taxpayer wallets. Vendor lock-in, bundling, and other anticompetitive practices result in the government spending vast sums of money on insecure software,” said Wyden. “It’s time to break the chokehold of big tech companies like Microsoft on government software, set high cybersecurity standards and reap the many benefits of a competitive market.” 

While phone calls and email messages allow users to communicate no matter which mobile network or email provider they use, collaboration software is frustratingly walled off. Although video conferencing software like Zoom, Webex, and Microsoft Teams offer similar functionality, users cannot communicate across platforms. Similar barriers exist for chat services like Slack and document editors like Google Docs and Microsoft Office. As a result, agencies often become locked into expensive, insecure walled gardens that result in wasted time and taxpayer dollars as government employees switch constantly between different collaboration software products.

The Secure and Interoperable Government Collaboration Technology Act would –

Require the National Institute of Standards and Technology (NIST) to identify a set of interoperable standards, requirements, and guidance for each of these collaboration technology features, based on a set of required collaboration technology features identified by the General Services Administration (GSA).

Require that, to the fullest extent possible, the standards use end-to-end encryption and other technologies to protect U.S. government communications from foreign surveillance.

Require that collaboration technologies used by federal agencies enable those agencies to comply with federal record-keeping requirements.

Four years after NIST identifies the standards, require that collaboration technology procured by the federal government be capable of communicating using the NIST standards. 

Tasks the Department of Homeland Security with conducting cybersecurity reviews of collaboration technology products widely used by the federal government.

Create a GSA and Office of Management and Budget working group to produce biennial reviews of collaboration tech used by the federal government to suggest additions or improvements to the standards.

The draft legislation is endorsed by Accountable Tech, Demand Progress, Fight for the Future, Proton, Nym, the Matrix.org Foundation, and Cory Doctorow.

“Interoperability - the ability to plug something new into a technology, with or without permission from the manufacturer - is the key to defeating Big Tech,” said Doctorow. “This bill will require public funds to be spent on technology that anyone can fix, extend, or improve, preventing tech companies from locking in and ripping off the US government. The most amazing part is that this isn't already the way it's done.”

“Through this legislation, the federal government has the opportunity to set an example for workplaces, organizations, and institutions across the country on how to fundamentally improve online safety. Protecting digital communication with end-to-end encryption is essential to data privacy and security, and should be the standard across the board. Without it, messages can be intercepted and abused by hackers, repressive law enforcement agencies, foreign governments, or the company that owns the platform itself. Everyone from the former director of the NSA, to Big Tech companies, to human rights defenders working under authoritarian regimes have highlighted the life-saving importance of end-to-end encryption. The issue of data privacy has never been more urgent, and decisive lawmaker action is needed in this moment to bring about tech platform policies that truly center our privacy and needs as users—not corporate profits,” said Leila Nashashibi, campaigner at Fight for the Future. 

Wyden is accepting feedback on the draft legislation at \[email protected\]

The text of the draft bill is available here. 

A one-page summary of the bill is here.

Wyden Releases Draft Legislation to End Federal Dependence on Insecure, Proprietary Software

PRESS RELEASE

DALLAS – April 9, 2024 – StrikeReady, the AI-pioneer advancing the way modern security teams operate, today announced $12 million in funding. The Series A round was led by 33N Ventures, with participation from Hitachi Ventures, Monta Vista Capital and industry luminaries Brian NeSmith, executive chairman and former CEO at Arctic Wolf; and Rod Beckstrom, former CEO of ICANN and Founding Director of U.S. National Cybersecurity Center (now CISA). 

StrikeReady is revolutionizing cybersecurity with its groundbreaking, vendor-neutral AI security operations platform. This one-of-a-kind solution seamlessly integrates with organizations existing security tools, unifying the entire tech stack. StrikeReady’s command center makes SOC teams more efficient and effective by uniting, centralizing and operationalizing security, fostering smarter, faster decision-making and proactive security defense.

SOC environments are complex and the tools traditionally used to manage security have proven ineffective and inefficient in bringing disparate technologies together and keeping companies ahead of threats. Further complicating the issue is the perpetual shortage of skilled security professionals, which hampers the ability to manage and respond to security incidents, leaving organizations vulnerable to cyber threats.

These challenges are driving the growth of StrikeReady, which is transforming the way modern security teams operate by reinventing how everything works together, while delivering a comprehensive, trustworthy view of security threats.

“Our security management platform up-levels and scales the capability of any SOC by making best-of-breed AI automation accessible and affordable for everyone,” Founder and CEO Yasir Khalid said. “The platform leverages AI to streamline and automate the routine and empower better, faster response to complex threats. Until now, our customers have referred to StrikeReady as a ‘well-kept secret’, but this funding will accelerate market awareness and growth.”

StrikeReady has secured Series A funding amidst challenging investment conditions, a testament to the sophistication of its AI solution and the pressing cybersecurity challenges it addresses. Despite turbulent times, StrikeReady’s innovative approach to how security teams work has garnered significant investor confidence, positioning the company as a leader in cybersecurity. StrikeReady intends to use its new funding to extend its product leadership in AI-based SOC technology, ramp its global go-to-market team, and continue scaling its infrastructure.

"StrikeReady is breaking the mold of conventional security solutions. We refuse to believe that security-centric companies should be confined to one platform. Instead, we champion the idea that teams should have the freedom to utilize the best-of-breed technology available,” said Carlos Moreira da Silva, co-founder and partner at 33N Ventures. “StrikeReady turns this belief into reality through its dedication to seamless integrations, ensuring compatibility with the diverse array of tools utilized by SOC teams today and tomorrow.”

“StrikeReady pioneers a groundbreaking AI-powered Security Command Center. Their hybrid model augments human intuition with cutting-edge AI and ML technologies. The mission: Streamlining tool sprawl, bridging the cybersecurity skills gap, all while placing humans – equipped with unparalleled guidance and automation – firmly at the helm of the cyber defense arsenal,” said Galina Sagan, Principal at Hitachi Ventures.

About StrikeReady:

Founded in 2019, StrikeReady is an AI pioneer in cybersecurity. StrikeReady introduces the first unified, vendor-agnostic, AI-powered security command center, purpose-built for modern SOC teams to optimize, centralize and accelerate a company’s threat response.

StrikeReady remains at the forefront of advancing beyond traditional AI and large language model (LLM) to a proprietary large action model (LAM), which takes actions across the technology stack based on a user’s prompts. The company’s forward-thinking AI technology has earned several external accolades, including validation from Gartner, which called the company out as the only Virtual Security Assistant in its Gartner Emerging Technologies: Tech Innovators in Advanced Virtual Assistants report.

The platform’s user-centric approach uplevels the entire security team into a proactive AI-powered cyber task force by dynamically centralizing, informing and advising security teams with a smarter, holistic and actionable defense against an ever-evolving threat landscape.

StrikeReady helps companies simultaneously reduce cyber threats and overcome the cyber talent deficit. For CISOs and security leaders who want more information on StrikeReady’s unified AI-powered security platform:

 Request a demo or Learn more.

About 33N:

33N is a specialized cybersecurity and infrastructure software European venture capital fund investing globally in €1-€10M ARR companies. 33N is made up of an experienced and established international team investing in the space for the last 10 years. The fund is supported by a strong Strategic Committee and Advisory Board encompassing +40 top entrepreneurs, experts and decision-makers spread worldwide and across the industry. Find more about 33N at https://33n.vc

StrikeReady Raises $12M for AI Security Command Platform

As manufacturers sprint to add software-defined features for vehicles, the ability for third-party maintenance and repair falls behind, leaving businesses with few choices to manage their cybersecurity.

Source: Open Studio via Shutterstock

When Israel-based REE Automotive designed its P7 electric vehicle chassis, it worked from the software out: The flat vehicle chassis is totally configurable with four independent modules near each tire for steering, braking, suspension, and power train, each driven by an electronic control unit (ECU) customizable through software.

It has drive-by-wire, steer-by-wire, and brake-by-wire — and data collection as a service — giving the company the ability to tailor the vehicle to the customer's application, but also potentially making the platform a hacker's dream.

Securing a vehicle fleet is a major effort, requiring cybersecurity for the design and development teams, the factory floor, and the connected vehicles themselves, says Yaron Edan, CISO for the automotive technology company. Cybersecurity teams not only have to monitor cyber threats, but also manage the security of the supply chain, the operation technology (OT) in the factory, and the vehicle network used to monitor and update the platform.

"My headache, my concern, is basically divided in two: our network \[which supports the creation of the platform\], but that is not enough," he says. "We need to figure out what are the threats, and monitor \[for those\] all day long for each vehicle through our SOC."

Such security efforts, however, have another challenge: The success of "right to repair" efforts to open up all kinds of consumer and enterprise technology to allow customers to fix the devices that they buy. The passage of a Massachusetts law, for instance, calls for auto manufacturers and automotive-technology makers to share information and data produced by vehicles to allow consumers and third parties to maintain, repair, and even modify their vehicles.

While the National Highway Traffic Safety Administration (NHTSA) initially ruled that existing federal safety regulations preempted the laws — saying, "\[f\]ederal law does not allow a manufacturer to sell vehicles that it knows contains a safety defect" — the state and federal governments eventually came to an agreement over implementation: Automakers would be required to give third parties the ability to locally access data and systems to the vehicles they own, but the remote diagnostic and update networks can remain closed, the regulators ruled.

**EVs Bring Great Flexibility and Risk**

Whether the agreement will help companies with large fleets of vehicles, especially electric vehicles, remains an open question. Software-defined vehicles really took off with EVs — and the example of Tesla's success — and the most significant software-based capabilities will likely remain with electric vehicles.

EV makers can build their platforms starting with initial design using software that can be updated to change the configuration and performance of the vehicles all the way through deployment and beyond, says Alex Oyler, director for North America at SBD Automotive, an auto supply chain consultancy.

The ability to effectively and quickly respond to cybersecurity events will likely remain with those manufacturers, not third parties, he says.

"If there's a really critical zero-day, and that needs to be patched as soon as possible, those product cybersecurity teams \[at auto manufacturers\] are running the show, coordinating stakeholders across the business and accelerating timelines to patch things," he says. "It's not an easy process today, that's for sure."

Some manufacturers may outsource the cybersecurity function, however. The United Nations passed an amendment for product safety requiring the countries which are part of the UN Economic Commission for Europe have regulatory approval of the cybersecurity management systems used in vehicles.

**Connectivity Will Only Grow**

Vehicles have been connected for decades, whether as part of an in-vehicle maintenance system or driver assistance. Yet, software-defined vehicles have expanded that connectivity, such as remote start via a smartphone app and tracking limited diagnostics for the consumer — essentially turning cars into Internet-of-things (IoT) devices. As automobile manufacturers offer more accessibility through APIs, more risk will follow, says Shira Sarid-Hausirer, a vice president at Upstream, an automotive cybersecurity and data management firm.

"Opening up to the ecosystem is what has probably introduced the most risk," she says, pointing to various cybersecurity hacks of Tesla vehicles. "What happens when OEMs started to open up their APIs to other third-party apps that can now send commands into your vehicle? ... The vehicle is becoming a hub for technology."

Giving companies access to some of that data to allow fleet management may be enough, while the agreement in the Massachusetts Right to Repair law allows some third parties to offer vehicle maintenance services — although, probably at great cost. Whether those restrictions will ameliorate in the future, as the fast pace of SDV innovation slows, remains to be seen, SBD Automotive's Oyler says.

"It's somewhat fair for both NHTSA and automakers to raise some flags, but that said, there is a secure way to share diagnostic information, and the software defined vehicle actually provides a way to do that through those secure channels," he says.

**Cyberattacks Unlikely to be Catastrophic, Mostly**

Automakers' recent focus on cybersecurity has resulted in much more secure platforms over the past decade. But the focus for the future needs to be on delivering that security and safety, while offering more transparency to customers, Oyler says. As enterprise customers and individual vehicle owners demand more maintainability and reusability in their devices, automakers will need to follow.

Properly designed platforms can also drastically reduce the risk of a widespread cyberattack, says Upstream's Sarid-Hausirer. The company already handles threat intelligence and incident response for some manufacturers and most incidents are not safety-related, but the company does classify half of all incidents as massive or high severity, according to the company's "2024 Automotive Cybersecurity Report."

"I can tell you that the vast majority of incidents that we see do not necessarily jeopardize safety, because there needs to be a reason to jeopardize your safety, and attackers don't work that way — they're out there to make money," she says. Instead, the company has seen a lot of attacks on availability. "They manipulate the app, so that you cannot start your trucks or get into your trucks in the morning. It could be ransomware, it could be other forms, but availability and fleets is something that has to be discussed."

Other attacks have used ride-hailing apps to cause traffic jams in Moscow and hacks for remote start apps. Those availability issues are less to do with diagnostic systems, such as the information necessary for right to repair, and more to do with the management systems, she says.

**About the Author(s)**

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Software-Defined Vehicle Fleets Face a Twisty Road on Cybersecurity

Investing in cybersecurity skills creates a safer digital world for everyone.

Source: Mopic via Alamy Stock Photo

COMMENTARY

The recent movie The Beekeeper begins with a cyberattack against a victim unfamiliar with the tactics and techniques attackers use in today's technology-driven world. The film's protagonist, Adam Clay, played by Jason Statham, then goes on a digital vendetta to find the responsible adversaries and ensure they can't continue extorting victims through common cybercrimes.

As much as our security teams would love to do threat hunting like Clay, we lack the physical physique and combat skills. And we know spreading awareness is a far more effective approach. Keeping the workforce fully educated can be a monumental task. However, it's the one thing that can entirely mitigate threats that target individuals. Some of the new ways of training involve old techniques.

**Adaptable > Repeatable**

In cybersecurity, technology operates predictably, but humans do not. As security professionals, we need help remembering this. The distinction underscores the need for person-led training during an employee's onboarding. Interactive training acknowledges human complexity, emphasizing the importance of adaptability in response to new threats and individual learning styles. Unlike automated training, person-led approaches can quickly adjust to address unique challenges and learner needs, making them more effective in promoting a deep understanding of security practices.

How quickly can your organization adapt to AI-based threats? Since human error accounts for almost 90% of all data breaches, organizations that prioritize their work and resources on risk will have a difficult time finding anything more important than an educated workforce. Train people with people. Use security champions if your team needs more resources or has time zone constraints. But overall, try to do something other than automate the process. 

**Build Storytellers**

Creating a solid cybersecurity culture involves enabling employees to share their personal experiences with security issues openly. Most people have learned their most valuable security lessons based on stories from other people. Sharing security stories may not come naturally to employees, and we need to teach and promote this behavior. During training, ask employees to discuss how cybersecurity has personally affected them in the past. Ask them about their familiarity with safe password hygiene or social media posts. This open-discussion initiative can help them feel at ease with the topic and understand that the organization encourages it. 

**Test the Response**

Implementing specific tests and monitoring employee behavior is essential to gauge the effectiveness of a security program. We know new employees will receive the fake text message from the CEO requesting gift card purchases. Try a simple smishing or phishing simulation with new employees to see if they proactively reach out after detecting the attempt. If employees actively communicate with each other about phishing campaigns, share security-related news, or discuss various security topics, it shows they have a sense of confidence and proper education in cybersecurity. This level of engagement and vigilance among staff members highlights the program's effectiveness in fostering a proactive security culture. When you see it, be quick to reward it. 

**Conclusion**

Unlike The Beekeeper, we won't be able to hunt down the adversaries and kick some butt. Instead, developing a robust security culture through awareness is our fight against cybercrime. Encouraging employees to share their experiences with security enables a sense of community and vigilance. Personalized training plays a critical role in this ecosystem. It's not just about delivering information; it's about tailoring the learning process to meet diverse needs and respond to emerging threats. We can assess how prepared our employees are to identify and counteract potential threats through testing.

The benefits of these strategies extend beyond the office walls. We're not merely educating our workforce; we're equipping them with knowledge that transcends the professional environment. This empowerment boosts their confidence, making them safer and more adept Internet users, at work and in their personal lives. By investing in their cybersecurity skills, we're contributing to a safer digital world for everyone.

The Fight for Cybersecurity Awareness

An ongoing cyberattack campaign with apparent ties to China uses a new version of sophisticated JavaScript remote access Trojan JSOutProx and is now targeting banks in the Middle East.

Source: Irina Shi via Shutterstock

The sophisticated threat group behind a complex JavaScript remote access Trojan (RAT) known as JSOutProx has released a new version of the malware to target organizations in the Middle East.

Cybersecurity services firm Resecurity analyzed technical details of multiple incidents involving the JSOutProx malware targeting financial customers and delivering either a fake SWIFT payment notification if targeting an enterprise, or a MoneyGram template when targeting private citizens, the company wrote in a report published this week. The threat group has targeted government organizations in India and Taiwan, as well as financial organizations in the Philippines, Laos, Singapore, Malaysia, India — and now Saudi Arabia.

The newest version of JSOutProx is a very flexible and well-organized program from a development perspective, allowing the attackers to tailor is functionality for the victim's specific environment, says Gene Yoo, CEO of Resecurity.

"It's a malware implant with multiple stages, and it has multiple plug-ins," he says. "Depending on the victim's environment, it goes right in and then actually bleeds them or poisons the environment, depending on what plug-ins are enabled."

The attacks are the latest campaign by a cybercriminal group known as Solar Spider, which appears to be the only group using the JSOutProx malware. Based on the group's targets — typically organizations in India, but also in the Asia-Pacific, Africa, and Middle East regions — it's likely linked to China, Resecurity stated in its analysis.

"By profiling the targets, and some of the details that we obtained in the infrastructure, we suspect that it's related to China," Yoo says.

**"Highly Obfuscated ... Modular Plug-in"**

JSOutProx is well known in the financial industry. Visa, for example, documented campaigns using the attack tool in 2023, including one pointed at several banks in the Asia-Pacific region, the company stated in its Biannual Threats Report published in December.

The remote access Trojan (RAT) is a "highly obfuscated JavaScript backdoor, which has modular plugin capabilities, can run shell commands, download, upload, and execute files, manipulate the file system, establish persistence, take screenshots, and manipulate keyboard and mouse events," Visa stated in its report. "These unique features allow the malware to evade detection by security systems and obtain a variety of sensitive payment and financial information from targeted financial institutions.

JSOutProx typically appears as a PDF file of a financial document in a zip archive. But really, it's JavaScript that executes when a victim opens the file. The first stage of the attack collects information on the system and communicates with command-and-control servers obfuscated via dynamic DNS. The second stage of the attack downloads any of some 14 plug-ins to conduct further attacks, including gaining access to Outlook and the user's contact list, and enabling or disabling proxies on the system.

The RAT downloads plugins from GitHub — or more recently, GitLab — to appear legitimate.

"The discovery of the new version of JSOutProx, coupled with the exploitation of platforms like GitHub and GitLab, emphasizes these malicious actors’ relentless efforts and sophisticated consistency," Resecurity said in its analysis.

**Monetizing Data From Middle East Financials**

Once Solar Spider compromises a user, the attackers collect information, such as primary account numbers and user credentials, and then conduct a variety of malicious actions against the victim, according to Visa's threat report.

"The JSOutProx malware poses a serious threat to financial institutions around the world, and especially those in the AP region as those entities have been more frequently targeted with this malware," the Visa report stated.

Companies should educate employees about how to handle unsolicited, suspicious correspondence to mitigate the threat of the malware, Visa stated. In addition, any instance of the malware must be investigated and completely remediated to prevent reinfection.

Bigger companies and government agencies are more likely to be attacked by the group because Solar Spider has its sights on the most successful firms, Resecurity's Yoo says. For the most part, however, companies don't have to take threat-specific steps but instead focus on defense-in-depth strategies, he says.

"The user should focus on not looking at the shiny object in the sky, like the Chinese are attacking, but on what they need to do is create a better foundation," Yoo says. "Having good patching, network segmentation, and vulnerability management. If you do that, then none of this would" likely impact your users.

**About the Author(s)**

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Solar Spider Spins Up New Malware to Entrap Saudi Arabian Financial Firms

One issue would have allowed cross-tenant attacks, and another enabled access to a shared registry for container images; exploitation via an insecure Pickle file showcases emerging risks for AI-as-a-service more broadly.

Source: Barry Mason via Alamy Stock Photo

Two critical security vulnerabilities in the Hugging Face AI platform opened the door to attackers looking to access and alter customer data and models.

One of the security weaknesses gave attackers a way to access machine learning (ML) models belonging to other customers on the Hugging Face platform, and the second allowed them to overwrite all images in a shared container registry. Both flaws, discovered by researchers at Wiz, had to do with the ability for attackers to take over parts of Hugging Face's inference infrastructure.

Wiz researchers found weaknesses in three specific components: Hugging Face's Inference API, which allows users to browse and interact with available models on the platform; Hugging Face Inference Endpoints — or dedicated infrastructure for deploying AI models into production; and Hugging Face Spaces, a hosting service for showcasing AI/ML applications or for working collaboratively on model development.

**The Problem With Pickle**

In examining Hugging Face's infrastructure and ways to weaponize the bugs they discovered, Wiz researchers found that anyone could easily upload an AI/ML model to the platform, including those based on the Pickle format. Pickle is a widely used module for storing Python objects in a file. Though even the Python software foundation itself has deemed Pickle as insecure, it remains popular because of its ease of use and the familiarity people have with it.

"It is relatively straightforward to craft a PyTorch (Pickle) model that will execute arbitrary code upon loading," according to Wiz.

Wiz researchers took advantage of the ability to upload a private Pickle-based model to Hugging Face that would run a reverse shell upon loading. They then interacted with it using the Inference API to achieve shell-like functionality, which the researchers used to explore their environment on Hugging Face's infrastructure.

That exercise quickly showed the researchers their model was running in a pod in a cluster on Amazon Elastic Kubernetes Service (EKS). From there the researchers were able to leverage common misconfigurations to extract information that allowed them to acquire the privileges required to view secrets that could have allowed them to access other tenants on the shared infrastructure.

With Hugging Face Spaces, Wiz found an attacker could execute arbitrary code during application build time that would let them examine network connections from their machine. Their review showed one connection to a shared container registry containing images belonging to other customers that they could have tampered with.

"In the wrong hands, the ability to write to the internal container registry could have significant implications for the platform's integrity and lead to supply chain attacks on customers’ spaces," Wiz said.

Hugging Face said it had completely mitigated the risks that Wiz had discovered. The company meanwhile identified the issues as at least partly having to do with its decision to continue allowing the use of Pickle files on the Hugging Face platform, despite the aforementioned well-documented security risks associated with such files.  

"Pickle files have been at the core of most of the research done by Wiz and other recent publications by security researchers about Hugging Face," the company noted. Allowing Pickle use on Hugging Face is "a burden on our engineering and security teams and we have put in significant effort to mitigate the risks while allowing the AI community to use tools they choose."

**Emerging Risks With AI-as-a-Service**

Wiz described its discovery as indicative of the risks that organizations need to be cognizant about when using shared infrastructure to host, run and develop new AI models and applications, which is becoming known as "AI-as-a-service." The company likened the risks and associated mitigations to those that organizations encounter in public cloud environments and recommended they apply the same mitigations in AI environments as well.

"Organizations should ensure that they have visibility and governance of the entire AI stack being used and carefully analyze all risks," Wiz said in a blog this week. This includes analyzing "usage of malicious models, exposure of training data, sensitive data in training, vulnerabilities in AI SDKs, exposure of AI services, and other toxic risk combinations that may exploited by attackers," the security vendor said.

Eric Schwake, director of cybersecurity strategy at Salt Security, says there are two major issues related to the use of AI-as-a-service that organizations need to be aware of. "First, threat actors can upload harmful AI models or exploit vulnerabilities in the inference stack to steal data or manipulate results," he says. "Second, malicious actors can try to compromise training data, leading to biased or inaccurate AI outputs, commonly known as data poisoning."

Identifying these issues can be challenging, especially with how complex AI models are becoming, he says. To help manage some of this risk it’s important for organizations to understand how their AI apps and models interact with API and find ways to secure that. "Organizations might also want to explore Explainable AI (XAI) to help make AI models more comprehensible," Schwake says, "and it could help identify and mitigate bias or risk within the AI models."

**About the Author(s)**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

Critical Bugs Put Hugging Face AI Platform in a 'Pickle'

The restaurant chain hasn't provided any information regarding what led to a widespread IT outage, and customers and employees are asking for answers.

Source: Judith Collins via Alamy Stock Photo

Panera Bread customers and employees reported experiencing outages with the restaurant chain's ordering system, mobile apps, loyalty programs, and more on March 22.

Although the IT disruption slowed operations for a time, Panera Bread stores were able to remain open. Two weeks later, systems, websites, and customer service lines are back online.

Though some employees reportedly complained about the lack of transparency regarding the situation, Panera has not released any further information regarding the outage on its website. The company also did not respond to Dark Reading's request for comment.

Some customers, those with personal information linked to Panera loyalty accounts, are concerned about a data leak.

"My biggest concern hasn't been losing free drinks and a gift card balance, but personal data in a hack," a user with the handle "bartolish" wrote in the r/Panera subreddit.

Cybersecurity expert Sean Deuby, principal technologist, Semperis, said he wouldn't rule out ransomware as the cause of the Panera outages.

"While the details on the countrywide IT outage experienced by Panera Bread are coming in slowly, it wouldn't surprise me to find out they've been hit with a ransomware attack," Deuby said in a statement. "Hopefully, Panera store backup data offline and has a robust response and recovery plan in place to deal with this threat."

Panera Bread Fuels Ransomware Suspicions With Silence

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Dealing with a Ramadan cyber spike; funding Internet security; and Microsoft's Azure AI changes.

Welcome to CISO Corner, Dark Reading's weekly digest of articles tailored specifically to security operations readers and security leaders. Every week, we'll offer articles gleaned from across our news operation, The Edge, DR Technology, DR Global, and our Commentary section. We're committed to bringing you a diverse set of perspectives to support the job of operationalizing cybersecurity strategies, for leaders at organizations of all shapes and sizes.

**In this issue of CISO Corner:**

*   How CISOs Can Make Cybersecurity Awareness a Long-Term Priority for Boards
    
*   Global: Cybersecurity Threats Intensify in the Middle East During Ramadan
    
*   Funding the Organizations That Secure the Internet
    
*   How Soccer's 2022 World Cup in Qatar Was Nearly Hacked
    
*   Microsoft Beefs Up Defenses in Azure AI
    
*   Ivanti Pledges Security Overhaul the Day After 4 More Vulns Disclosed
    
*   Why Cybersecurity Is a Whole-of-Society Issue
    

**How CISOs Can Make Cybersecurity Awareness a Long-Term Priority for Boards**

Commentary by Shaun McAlmont, CEO, NINJIO Cybersecurity Awareness Training

Cybersecurity is far more than a check-the-box exercise. To create companywide buy-in, CISOs need to secure board support, up their communication game, and offer awareness-training programs to fight social engineering and help employees apply what they've learned.

CISOs play a vital role in building stakeholder support for cybersecurity across the company — including when it comes to earning long-term support for awareness training from their boards. Winning strategies include communicating cybersecurity concepts in an engaging and non-technical way, and showing board members that cybersecurity programs offer significant ROI.

This column lays out five ways that CISOs can show boards that it's time to prioritize cybersecurity:

1.  Know how to communicate with non-technical audiences. Cybersecurity is an intimidating subject for non-technical audiences, but it doesn't have to be. CISOs can make a comprehensible and convincing case for cybersecurity by pointing to the devastating real-world consequences of successful cyberattacks, for instance.
    
2.  Focus on the entire cyber-impact chain. Cyberattacks can lead to severe reputational damage, disrupted operations, legal and regulatory consequences, and crippling effects on the health of the company's workforce.
    
3.  Stress the human element. CISOs stress that 74% of all breaches involve a human element — an alarming reminder that social engineering remains one of the most powerful weapons in the cybercriminal arsenal.
    
4.  Outline how awareness-training programs can be measured. CISOs need to make accountability a central pillar of their case for awareness training. When board members see that cybersecurity spending is paying off, CISOs will be able to maintain support.
    
5.  Secure long-term support. Because the cyber threat landscape is always shifting, companies have to keep employees updated on the latest cybercriminal tactics — such as the use of AI to craft convincing and targeted phishing messages at scale.
    

Read more: How CISOs Can Make Cybersecurity a Long-Term Priority for Boards

Related: CISOs Struggle for C-Suite Status Even as Expectations Skyrocket

**Cybersecurity Threats Intensify in the Middle East During Ramadan**

By Alicia Buller, Contributing Writer, Dark Reading

How security teams in the region fortify their defenses amid short-staffing — and increased DDoS, phishing, and ransomware campaigns — during the Muslim holy month.

The ninth month of the Muslim calendar is observed around the world, as followers take the time to reflect and practice fasting, and cybersecurity teams often operate with skeletal staffing. Ramadan is also a period where Muslim shoppers tend to up their spending on specialty foods, gifts, and special offers.

All of this also creates a perfect storm for bad actors to conduct fraudulent activities and scams. Endpoint-protection firm Resecurity has observed a significant increase in cyber malevolence during Ramadan, which began on March 10. The company estimates the total financial impact from these cyberattacks and cyberscams against the Middle East has reached up to $100 million so far during this year's Ramadan.

Middle East-based companies can step up cybersecurity with extra vigilance and outsourced support amid shortened working hours and increased ecommerce activity.

"Many organizations proactively enhance their outsourced contracts during this period, particularly focusing on bolstering 24/7 security operations," says Shilpi Handa, associate research director of security, Middle East, Turkey, and Africa (META) at IDC, adding that deploying a remote and diverse workforce is particularly advantageous during Ramadan as around-the-clock security shifts can be fully covered by a mix of Muslim fasters and non-Muslim staff.

Read more: Cybersecurity Threats Intensify in the Middle East During Ramadan

Related: Middle East Leads in Deployment of DMARC Email Security

**Funding the Organizations That Secure the Internet**

By Jennifer Lawinski, Contributing Writer, Dark Reading

Common Good Cyber is a global consortium connecting nonprofit, private sector, and government organizations to fund organizations focused on securing Internet infrastructure.

There's no single entity responsible for maintaining and securing the Internet. Instead, that task falls upon a diverse group of organizations and individuals that preserve this public utility with little funding, or by subsisting on tight budgets. The stakes are incredibly high, but the amount of resources available for keeping this infrastructure secure falls short.

"Key components of the Internet are maintained by volunteers, nonprofits, and NGOs, and others who work with razor-thin budgets and resources," said Kemba Walden, president of Paladin Global Institute and former US acting national cyber director. "Consider this: The underpinnings of our digital infrastructure, the infrastructure that enables civil society to thrive in our economy today and to grow, rest on a network of volunteers, nonprofits, NGOs and others."

An initiative called Common Good Cyber is finding new ways to build adequate funding into law and policy, business policies and government, and other funding vehicles sufficient to meet the common need for cybersecurity. Ideas include creating joint funding organizations; federated fundraising for nonprofits; inventorying who is doing what to support the Internet's infrastructure; and a hub or accelerator to provide resources to the groups securing the Internet.

Read more: Funding the Organizations That Secure the Internet

Related: Neglecting Open Source Developers Puts the Internet at Risk

**How Soccer's 2022 World Cup in Qatar Was Nearly Hacked**

By Jai Vijayan, Contributing Writer, Dark Reading

A China-linked threat actor had access to a router configuration database that could have completely disrupted coverage, a security vendor says.

About six months before the 2022 FIFA World Cup soccer tournament in Qatar, a threat actor — later identified as China-linked BlackTech — quietly breached the network of a major communications provider for the games and planted malware on a critical system storing network device configurations.

The breach remained undetected until six months after the games, during which the cyber-espionage group gathered up an unknown volume of data from targeted customers of the telecommunications provider — including those associated with the World Cup and vendors providing services for it.

But it's the "what else could have happened" that's the really scary part: The access that BlackTech had on the telecom provider's system would have allowed the threat actor to completely disrupt key communications — including all streaming services associated with the game. The fallout from such a disruption would have been substantial in terms of geopolitical implications, brand damage, national reputation, and potentially hundreds of millions of dollars in losses from the licensing rights and ads negotiated prior to the World Cup.

Read more: How Soccer's 2022 World Cup in Qatar Was Nearly Hacked

Related: NFL, CISA Look to Intercept Cyber Threats to Super Bowl LVIII

**Microsoft Beefs Up Defenses in Azure AI**

By Jai Vijayan, Contributing Writer, Dark Reading

Microsoft adds tools to protect Azure AI from threats such as prompt injection, as well as to give developers the capabilities to ensure generative AI apps are more resilient to model and content manipulation attacks.

Amid growing concerns about threat actors using prompt injection attacks to get generative AI (GenAI) systems to behave in dangerous and unexpected ways, Microsoft's AI Studio is rolling out resources for developers to build GenAI apps that are more resilient to those threats.

Azure AI Studio is a hosted platform that organizations can use to build custom AI assistants, copilots, bots, search tools, and other applications, grounded in their own data.

The five new capabilities that Microsoft has added — or will soon add — are Prompt Shields, groundedness detection, safety system messages, safety evaluations, and risk and safety monitoring. The features are designed to address some significant challenges that researchers have uncovered recently — and continue to uncover on a routine basis — with regard to the use of large language models (LLMs) and GenAI tools.

"Generative AI can be a force multiplier for every department, company, and industry," said Microsoft's chief product officer of responsible AI, Sarah Bird. "At the same time, foundation models introduce new challenges for security and safety that require novel mitigations and continuous learning."

Read more: Microsoft Beefs Up Defenses in Azure AI

Related: Forget Deepfakes or Phishing: Prompt Injection is GenAI's Biggest Problem

**Ivanti Pledges Security Overhaul the Day After 4 More Vulns Disclosed**

By Jai Vijayan, Contributing Writer, Dark Reading

So far this year, Ivanti has disclosed a total of 10 flaws — many of them critical — in its remote access products, and one in its ITSM product.

Ivanti CEO Jeff Abbott this week said his company will completely revamp its security practices even as the vendor disclosed another fresh set of bugs in its vulnerability-riddled Ivanti Connect Secure and Policy Secure remote access products.

In an open letter to customers, Abbott committed to a series of changes the company will make in the coming months to transform its security operating model following a relentless barrage of bug disclosures since January. The promised fixes include a complete do-over of Ivanti's engineering, security, and vulnerability management processes and implementation of a new secure-by-design initiative for product development.

How much these commitments will help stem growing customer disenchantment with Ivanti remains unclear given the company's recent security track record. In fact, Abbot's comments came one day after Ivanti disclosed four new bugs in its Connect Secure and Policy Secure gateway technologies and issued patches for each of them.

Read more: Ivanti Pledges Security Overhaul the Day After 4 More Vulns Disclosed

Related: Feds to Microsoft: Clean Up Your Cloud Security Act Now

**Why Cybersecurity Is a Whole-of-Society Issue**

Commentary by Adam Maruyama, Field CTO, Garrison Technology

Working together and integrating cybersecurity as part of our corporate and individual thinking can make life harder for hackers and safer for ourselves.

We are drowning in vulnerabilities: Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), at a recent Congressional hearing on Chinese cyber operations, said simply that "we've made it easy on" attackers through poor software design. But it will take a whole-of-society effort to reshape the market for cybersecurity to create technologies that are both high-performing and secure.

As CISA articulated in its Secure by Design initiative, secure coding by vendors is the first step to creating technologies that are both secure and usable. But businesses must realize, as Easterly put it, that "cyber-risk is business risk" by incorporating cybersecurity into all their business practices. In particular, by increasing the stature of CISOs and giving them holistic cybersecurity oversight of the entire business, particularly procurement decisions, companies can incorporate cybersecurity as an organic step in business processes.

Meanwhile, cybersecurity and IT professionals — two closely related but often clashing groups — must come together to build networks that are both secure and functional for their users. And, the final piece of a whole-of-society approach to cybersecurity is both the most difficult and the most critical: integrating cybersecurity into the day-to-day lives of citizens through things like multifactor authentication.

Read more: Why Cybersecurity Is a Whole-of-Society Issue

Related: NIST Wants Help Digging Out of Its NVD Backlog

CISO Corner: Ivanti's Mea Culpa; World Cup Hack; CISOs &amp; Cyber Awareness

The infamous payment-skimmer cybercrime organization is exploiting CVE-2024-20720 in Magento for a novel approach to stealing card data.

Source: Tawan Chaisom via Alamy Stock Photo

Magecart attackers have a new trick: Stashing persistent backdoors within e-commerce websites that are capable of pushing malware automatically.

According to researchers at Sansec, the threat actors are exploiting a critical command injection vulnerability in the Adobe Magento e-commerce platform (CVE-2024-20720, CVSS score of 9.1), which allows arbitrary code execution without user interaction.

The executed code is a "cleverly crafted layout template" in the layout\_update database table, which contains XML shell code that automatically injects malware into compromised sites via the controller for the Magento content management system (CMS).

"Attackers combine the Magento layout parser with the beberlei/assert package (installed by default) to execute system commands," Sansec said in an alert. "Because the layout block is tied to the checkout cart, this command is executed whenever <store>/checkout/cart is requested."

Sansec observed Magecart (a long-running umbrella organization for cybercrime groups that skim payment card data from e-commerce sites) using this technique to inject a Stripe payment skimmer, which captures and exfiltrates payment data to an attacker-controlled site.

Adobe resolved the security bug in February in both Adobe Commerce and Magento, so e-tailers should upgrade their versions to 2.4.6-p4, 2.4.5-p6, or 2.4.4-p7 to be protected from the threat.

**About the Author(s)**

Source

DARKReading