Three newly discovered SMTP smuggling attack techniques can exploit misconfigurations and design decisions made by at least 50 email-hosting providers.

Source: Maksim Kabakou via Adobe Stock Photo

Three novel attack techniques that chain together vulnerabilities found in numerous email-hosting platforms are allowing threat actors to spoof emails from more than 20 million domains of trusted organizations.

The flaws — discovered by several security researchers at PayPal — allow attackers to use simple mail transfer protocol (SMTP) smuggling to bypass SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance) security protocols to deliver malicious emails from domains owned by reputable Fortune 500 companies and government agencies.

The findings include vulnerabilities in email verification processes used by numerous large email service providers, specifically domain-authentication issues, request for comments (RFC) violations, and the abuse of valid DKIM signatures and SPF records.

**Email-Hosting, Vulnerable by Default**

The researchers — Hao Wang, offensive security senior manager; Caleb Sargent, offensive security engineer; and Harrison Pomeroy, lead threat detection engineer — plan to disclose how chaining these vulnerabilities together creates the new attack patterns in a session at the forthcoming Black Hat USA conference during first week in August, entitled "Into the Inbox: Novel Email Spoofing Attack Patterns."

They also will reveal the affected vendors, which could number more than 50. The lag is due to the responsible disclosure timeline, as the researchers allow time for the issues to be addressed, Wang says.

"The issue we want to emphasize is that email gateway vendors remain vulnerable to SMTP smuggling in their default configuration," Wang tells Dark Reading in an interview. "This vulnerability can have a significant impact, especially if the outbound SMTP server of large email or hosting providers is permitted to send emails on behalf of multiple domains."

While some email gateway vendors include a setting to reject spoofed emails and thus mitigate the issue, enabling this feature may inadvertently block legitimate emails. "Consequently, many large customers continue to use the default, vulnerable setting," he says, creating a wide avenue for attacker abuse.

**Novel Attack Techniques**

The team's research was informed by two previous works from other researchers: a "SpamChannel" talk presented by Marcello Salvati at DefCon 2023, and an innovative SMTP smuggling attack unveiled by Timo Longin in December, Wang says.

The first attack technique involves SPF abuse and is due to the fact that several large email and hosting service providers fail to verify domains properly when sending emails, which violates RFC requirements.

"Their domains often have overly permissive SPF records, enabling attackers to bypass SPF/DMARC security controls and deliver fraudulent emails," Wang explains, adding that the attack has a "high success rate" due to the large number of affected domains and the broad reach of email spoofing.

The second attack pattern abuses DKIM due to improper domain verification when utilizing feedback loop (FBL) features from major mailbox providers, allowing large-scale email spoofing campaigns.

The third attack pattern is one that expands upon Longin's SMTP smuggling attack discovery, and will be revealed in more detail during the Black Hat USA session. Longin discovered that attackers can exploit SMTP on vulnerable servers to send scores of malicious emails with fake sender addresses based on the exploit of existing flaws on messaging servers from Microsoft, GMX, and Cisco.

"Most of the attacks do not directly circumvent SPF, DKIM, and DMARC controls in place, but instead leverage misconfigurations and design decisions made by the affected vendors," Wang says. "The result of these attacks are emails with valid SPF and DKIM records that will pass the DMARC check."

**SMTP Smuggling Detection and Mitigation **

As part of their session, the researchers plan to reveal a method for detecting SMTP smuggling attacks that involves the Message-ID identifier that email servers add when they send someone's email. The method correlates the difference between the Message-IDs added by the outbound and inbound SMTP servers when an attacker attempts to send multiple emails within a short period through a single SMTP connection.

"This difference would serve as a strong indicator of an SMTP smuggling attack, enabling the development of custom detection rules," Wang says. "At the very least, organizations can incorporate this technique as part of their compensating controls for mitigating this type of attack."

Indeed, while the attack patterns discovered can allow email spoofing by bypassing DMARC, DKIM, and SPF security controls, the researchers still highly recommended that organizations enforce these measures for their domains as a foundational security baseline.

"Implementing these controls significantly enhances email security by providing mechanisms for verifying the authenticity of email messages, reducing the risk of phishing and email spoofing attacks," Wang says.

Organizations also should use email-filtering solutions that leverage heuristic and content-based analysis in addition to validating messages through DMARC, DKIM, and SPF security controls for a multilayered approach that helps identify and block potential spoofing and phishing emails more effectively, he says.

Wang adds that enforcing RFC standards for authentication and authorization across all email service providers also "is critical for maintaining the security and reliability of email communications," and preventing various forms of email-based attacks."

**About the Author(s)**

Elizabeth Montalbano is a freelance writer, journalist, and therapeutic writing mentor with more than 25 years of professional experience. Her areas of expertise include technology, business, and culture. Elizabeth previously lived and worked as a full-time journalist in Phoenix, San Francisco, and New York City; she currently resides in a village on the southwest coast of Portugal. In her free time, she enjoys surfing, hiking with her dogs, traveling, playing music, yoga, and cooking.

20 Million Trusted Domains Vulnerable to Email Hosting Exploits

An official stamp of approval might give the impression that a purported "HotPage" adtech tool is not, in fact, a dangerous kernel-level malware — but that's just subterfuge.

Source: Bruno Rodrigues Baptista da Silva via Alamy Stock Photo

Researchers have stumbled upon a fake ad blocker marketed to Internet cafés in China that, in fact, conceals sophisticated, multifaceted, kernel-level malware.

"HotPage.exe," present on VirusTotal since at least late last year, was approved and signed by Microsoft and developed by what seemed to be a real corporation. Still, security products flag it as adware, and, in truth, it is even worse than that.

Instead of removing ads, it introduces many more of them by intercepting web traffic and redirecting and manipulating content in victims' browsers. Meanwhile, it drops a vulnerable system-level driver that could allow any attacker wandering by to execute malicious code with the highest possible privileges.

According to its new report, ESET reported HotPage to Microsoft on March 18. Microsoft removed it from the Windows Server Catalog on May 1.

**HotPage Can Be Weaponized Easily**

It's unclear as yet how HotPage is delivered to victims. Its product documentation indicates that it's marketed as a security product, which makes sense, seeing as it requires significant privileges to drop its vulnerable driver to the disk.

That driver is the source of all kinds of trouble. It injects libraries into targeted browser applications, and hooks network-based Windows API functions in order to intercept and modify browser activity, redirecting or opening new ad-stuffed web pages on the victim's screen. It connects with a command-and-control (C2) server to send back information about the victim, and retrieve relevant data for the attack.

Worse, though, is that this kernel-mode component lacks proper access restrictions, in effect allowing any running process to communicate with it. It's not clear whether this was designed intentionally or not, but either way, the result is the same: Any attacker could weaponize HotPage for their own purposes.

It's worth noting, then, how HotPage hooks the Windows API function "SetProcessMitigationPolicy," which is used for applying security policies to processes. In so doing, the malware blocks any security policies that might otherwise be applied to it, enabling arbitrary code injection at the system level.

**How HotPage Malware Got its Veneer of Legitimacy**

According to its official signature, HotPage was developed by Hubei Dunwang Network Technology Co. Ltd. The company was first registered on Jan. 6, 2022, with the stated purpose of providing technology-related services, including development, consulting, and advertising. Its website — a barebones form with three fields and a QR code — is no longer live.

How could Microsoft's code signing process be so lax as to allow through such a shady company and its blatant malware? Dark Reading reached out to Microsoft for comment on this point, but the reality is that code signing is regularly abused in any number of ways.

"In a rather simple scenario," explains Romain Dumont, malware researcher for ESET, "a shady company would develop a legitimate computer software, which would go through the driver-signing requirements. Later on, the editor could covertly introduce a backdoor, either through new functionalities or by intentionally introducing a vulnerability."

Similarly, he adds, "HotPage (or DWAdsafe), posed as a security product to block ads, and so possesses interception functionalities. Here, the problem lies in the way the software can be configured and misused."

Microsoft, for its part, can only do so much. "I don’t think a bulletproof process exists," Dumont says. "A naive approach would be to do a background check on companies and verify that the advertised functionalities correspond to the actual functionalities through a security assessment. Microsoft could ask for a certain level of transparency regarding the intended purpose of the software and the required functionalities to achieve it. The more functionalities an editor needs, the more tests they should pass. But let’s face it, it’s a difficult and time-consuming task."

Users, then, cannot blindly trust even the programs Microsoft deems trustworthy. Instead, Dumont says, "I think using computer software from renowned companies is a start. Also, turn to open source software and companies with bug-bounty programs, who are transparent about their functionalities and have history sharing security advisories or vulnerability announcements. ... If possible and as a rule of thumb, companies and users should isolate programs and restrict their privileges as much as possible."

**About the Author(s)**

Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.

Microsoft-Signed Chinese Adware Opens the Door to Kernel Privileges

Digital literacy and protective measures will be key to detecting disinformation and deepfakes as AI is used to shape public opinion and erode trust in the democratic processes, as well as identify nefarious content.

Source: Enrico01 via Alamy Stock Photo

COMMENTARY

Disinformation — information created and shared to mislead opinion or understanding — isn't a new phenomenon. However, digital media and the proliferation of open source generative artificial intelligence (GenAI) tools like ChatGPT, DALL-E, and DeepSwap, coupled with mass dissemination capabilities of social media, are exacerbating challenges associated with preventing the spread of potentially harmful fake content. 

Although in their infancy, these tools have begun shaping how we create digital content, requiring little in the way of skill or budget to produce convincing photo and video imitations of individuals or generate believable conspiratorial narratives. In fact, the World Economic Forum places disinformation amplified by AI as one of the most severe global risks over the next few years, including the possibilities for exploitation amid heightened global political and social tensions, and during critical junctures such as elections. 

In 2024, as more than 2 billion voters across 50 countries have already headed to the polls or await upcoming elections, disinformation has driven concerns over its ability to shape public opinion and erode trust in the media and democratic processes. But while AI-generated content can be leveraged to manipulate a narrative, there is also potential for these tools to improve our capabilities to identify and protect against these threats. 

**Addressing AI-Generated Disinformation**

Governments and regulatory authorities have introduced various guidelines and legislation to protect the public from AI-generated disinformation. In November 2023, 18 countries — including the US and UK — entered into a nonbinding AI Safety agreement, while in the European Union, an AI Act approved in mid-March limits various AI applications. The Indian government drafted legislation in response to a proliferation of deepfakes during elections cycle that compels social media companies to remove reported deepfakes or lose their protection from liability for third-party content. 

Nevertheless, authorities have struggled to adapt to the shifting AI landscape, which often outpaces their ability to develop relevant expertise and reach consensus across multiple (and often opposing) stakeholders from government, civil, and commercial spheres. 

Social media companies have also implemented guardrails to protect users, including increased scanning and removal of fake accounts, and steering users toward reliable sources of information, particularly around elections. Amid financial challenges, many platforms have downsized teams dedicated to AI ethics and online safety, creating uncertainty as to the impact this will have on platforms' abilities and appetite to effectively stem false content in the coming years. 

Meanwhile, technical challenges persist around identifying and containing misleading content. The sheer volume and rate at which information spreads through social media platforms — often where individuals first encounter falsified content — seriously complicates detection efforts; harmful posts can "go viral" within hours as platforms prioritize engagement over accuracy. Automated moderation has improved capabilities to an extent, but such solutions have been unable to keep up. For instance, significant gaps remain in automated attempts to detect certain hashtags, keywords, misspellings and non-English words.  

Disinformation can be exacerbated when it is unknowingly disseminated by mainstream media or influencers who have not sufficiently verified its authenticity. In May 2023, the Irish Times apologized after gaps in its editing and publication process resulted in the publication of an AI-generated article. In the same month, while an AI-generated image on Twitter of an explosion at the Pentagon was quickly debunked by US law enforcement, it nonetheless prompted a 0.26% drop in the stock market. 

**What Can Be Done?**

Not all applications of AI are malicious. Indeed, leaning into AI may help circumvent some limitations of human content moderation, decreasing reliance on human moderators to improve efficiency and reduce costs. But there are limitations. Content moderation using large language models (LLMs) is often overly sensitive in the absence of sufficient human oversight to interpret context and sentiment, blurring the line between preventing the spread of harmful content and suppressing alternative views. Continued challenges with biased training data and algorithms and AI hallucinations (occurring most commonly in image recognition tasks) have also contributed to difficulties in employing AI technology as a protective measure. 

A further potential solution, already in use in China, involves "watermarking" AI-generated content to help identification. Though the differences between AI and human-generated content are often imperceptible to us, deep-learning models and algorithms within existing solutions can easily detect these variations. The dynamic nature of AI-generated content poses a unique challenge for digital forensic investigators, who need to develop increasingly sophisticated methods to counter adaptive techniques from malicious actors leveraging these technologies. While existing watermark technology is a step in the right direction, diversifying solutions will ensure continued innovation which can outpace, or at least keep up with, adversarial uses. 

**Boosting Digital Literacy**

Combating disinformation also requires addressing users' ability to critically engage with AI-generated content, particularly during election cycles. This requires improved vigilance in identifying and reporting misleading or harmful content. However, research shows that our understanding of what AI can do and our ability to spot fake content remains limited. Although skepticism is often taught from an early age in the consumption of written content, technological innovations now necessitate the extension of this practice to audio and visual media to develop a more discerning audience. 

**Testing Ground**

As adversarial actors adapt and evolve their use of AI to create and spread disinformation, 2024 and its multitude of elections will be a testing ground for how effectively companies, governments, and consumers are able to combat this threat. Not only will authorities need to double down on ensuring sufficient protective measures to guard people, institutions, and political processes against AI-driven disinformation, but it will also become increasingly critical to ensure that communities are equipped with the digital literacy and vigilance needed to protect themselves where other measures may fail.

**About the Author(s)**

Associate, Strategic Intelligence, S-RM

Erin Drake is an associate in S-RM’s Strategic Intelligence team, where she leads on case management of regular and bespoke consulting projects. She joined the firm in 2017 and has worked on a variety of projects ranging from threat assessments to security risk assessments across several markets. This often entails the development of client-specific approach and methodological framework for high-level and detailed bespoke projects, to support clients in understanding and monitoring the security, political, regulatory, reputational, geopolitical, and macroeconomic threats present in their operating environment. Erin’s expertise includes global maritime security issues, political stability concerns in the commercial sector, and conflict analysis. Erin holds a master's degree in international relations with a focus on global security issues like nuclear proliferation and multilateral diplomacy.

Global Cyber Threat Intelligence Lead, S-RM

Melissa DeOrio is Global Cyber Threat Intelligence Lead at S-RM, supporting clients on a variety of proactive cyber and cyber-threat intelligence services. Before joining S-RM, Melissa worked on US Federal Law Enforcement cyber investigations as a cyber targeter. In this role, Melissa utilized numerous cyber-investigative techniques and methodologies to investigate cyber threat actors and groups including open source intelligence techniques, cryptocurrency asset tracing as well as identifying and mapping threat actor tactics, techniques, and procedures (TTPs) to provide tactical and strategic intelligence reports. Melissa began her career in corporate intelligence, where she specialized in Turkish regional investigations, managed a global team of researchers, and played a role in the development and implementation of a new compliance program at a leading management consulting firm.

AI Remains a Wild Card in the War Against Disinformation

The group — which has targeted Israel, Saudi Arabia, and other nations — often uses spear-phishing and legitimate remote management tools but is developing a brand-new homegrown tool set.

Source: Muhammad Toqeer via Shutterstock

Iranian cyber-espionage group MuddyWater is pivoting from controlling infected systems with legitimate remote-management software to instead dropping a custom-made backdoor implant.

As recently as April, the group infected systems by targeting Internet-exposed servers or through spear phishing, ending with the installation of the SimpleHelp or Atera remote management platforms, security-operations provider Sekoia said in an advisory. Yet, in June, the group switched to a different attack chain: sending out a malicious PDF file with an embedded link leading to a file on stored on the Egnyte service, which installs the new backdoor, dubbed MuddyRot by Sekoia.

Check Point Software noted the shift to the new tool as well. MuddyWater has been using the backdoor implant, which the firm calls BugSleep, since May, and has quickly been improving it with new features and bug fixes, says Sergey Shykevich, threat intelligence group manager at Check Point Software.

Often, they also introduce new bugs into the malware, however. "They likely realized that their tactic of utilizing remote management tools as a backdoor was not effective enough and decided to swiftly transition to homemade malware," Shykevich says. "Probably due to pressure for a rapid change, they released an incomplete version."

Iran has become a significant cyber-threat actor in the Middle East. Since at least 2018, the MuddyWater threat group has targeted a variety of government agencies and critical industries with malicious attacks, stated a 2022 advisory published jointly by US and UK government agencies. The MuddyWater group is part of the Iranian Ministry of Intelligence and Security (MOIS), with other cybersecurity firms referring to the group as Earth Vetala, MERCURY, Static Kitten, Seedworm, and TEMP.Zagros, according to the joint advisory.

**An Attack Tool Under Construction**

The BugSleep backdoor uses typical anti-analysis tactics, such as delaying execution — that is, going to "sleep" — to avoid being detected or running in a sandbox. The backdoor also employs encryption, but in many instances the encryption was not properly executed.

The encryption issues are not the only bugs in the code. In other samples, the program creates a file — "a.txt" — and then later deletes it, apparently for no reason. These issues, plus the frequent updates, suggests the code is still under development, stated Check Point Software's advisory.

MuddyWater previously had created its own backdoor programs, such as one called Powerstats, written in PowerShell, but later shifted to using remote management (RMM) software, Sekoia's advisory noted.

"We don’t yet know why MuddyWater operators have reverted to using a homemade implant for their first infection stage in at least one campaign," the advisory stated. "It is likely that the increased monitoring of RMM tools by security vendors, following their rise in abuse by malicious threat actors, has influenced this change."

The use of a file sharing service such as Egnyte to host malicious documents has become more popular among attackers. The trial period is often sufficient enough time to give the attackers a platform to use during an attack, Check Point Software's Shykevich says.

"Numerous file-sharing platforms are utilized by attackers within their infection chains," he says. "In theory, emulating and scanning the uploaded files can reduce the malicious use, but it is quite complicated from operational and cost perspectives for the file-sharing services operators."

**"Umbrella of APTs" in the Middle East**

The lures used in the group's phishing campaigns have become simpler — focusing on "generic themes such as webinars and online course," which allows them to send out a higher volume of attacks, Check Point Software's advisory stated.

"Their sophistication level is medium, but they are a highly persistent and aggressive group from the standpoint of phishing campaigns and targeting of specific sectors or organizations," Shykevich says. "They send hundreds of malicious emails to multiple recipients in the same organization or the same sector, also doing it across different days."

MuddyWater may not be a single group, however. In 2022, Cisco's threat intelligence group, Talos, described them as an "umbrella of APT groups." The US Cybersecurity and Infrastructure Security Agency (CISA) describes the group as "a group of Iranian government-sponsored advanced persistent threat (APT) actors," in its advisory.

The group employs "spearphishing, exploiting publicly known vulnerabilities, and leveraging multiple open-source tools to gain access to sensitive government and commercial networks," CISA stated, adding, "MuddyWater actors are positioned both to provide stolen data and accesses to the Iranian government and to share these with other malicious cyber actors."

While the group focuses on attacking organizations in Israel and Saudi Arabia, they have also hit other nations, including India, Jordan, Portugal, Turkey, and even Azerjaiban, the advisories said.

**About the Author(s)**

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Iranian Cyber-Threat Group Drops New Backdoor, 'BugSleep'

The tactic is not new, but there has been a steady increase in its use as of this spring.

Source: Chim via Shutterstock

Secure email gateways (SEG) do a lot to protect organizations from malware, spam, and phishing email. For some threat actors though, they also offer an attractive option for sneaking malicious mail past other SEGs.

Security researchers from Cofense this week reported observing a recent surge in attacks, where threat actors have used SEGs to encode or to rewrite malicious URLs embedded in their emails to potential victims. In many cases, when the emails arrived at their destination, SEGs allowed the malicious URLs to go through without properly vetting the link.

**The SEG Versus SEG Threat**

The reason, says Max Gannon, threat intelligence manager at Cofense, is that some secure email gateway products appear not to be handling SEG-encoded URLs properly and assume them to be always safe, when in reality they are not.

"We do not have access to the internals of SEGs, so I can't say for certain," Gannon says. "But they likely either implicitly trust the URLs or they attempt to scan them, but the domain of the SEG that encodes the URL is trusted, so the \[receiving\] SEG assumes the URL itself is legitimate."

In SEG encoding, a secure email gateway product essentially rewrites every URL in an outgoing email into a link that points to its own infrastructure. When a recipient clicks on the encoded link, the user is first directed to the sender's SEG system, which checks if the URL is safe before redirecting the user to the intended destination. The checks usually involve assessing the URL using reputation, blacklists, signatures, and other mechanisms, which means sometimes it might take an SEG days and even weeks before it designates a URL as malicious.

In these situations, problems can arise if the recipient's secure email gateway technology does not recognize an already encoded URL as needing scanning, or if the recipient's SEG scans the URL, but only sees the sending email gateway's domain and not the final destination.

"Oftentimes when SEGs detect URLs in emails that are already SEG-encoded they do not scan the URLs, or the scanning shows only the security tool's scanning page and not the actual destination," Cofense wrote in its report this week. "As a result, when an email already has SEG-encoded URLs, the recipient's SEG often allows the email through without properly checking the embedded URLs."

**A Substantial Increase**

Attackers have abused SEG encoding previously to sneak malicious emails into target environments. But there has been a substantial increase in use of the tactic in the second quarter of this year, May in particular. Cofense said.

According to the security vendor, the four email security gateways that threat actors have abused the most to encode URLs and sneak them past email defense mechanisms are VIPRE Email Security, Bitdefender LinkScan, Hornet Security Advanced Threat Protection URL Rewriting, and Barracuda Email Gateway Defense Link Protection.

Cofense said its researchers had observed attackers using these SEGs to encode malicious URLs in variously themed campaigns targeted at users protected by SEGs from a variety of vendors.

Gannon says some SEG encodings would require the threat actor to run their URL through the SEG. "Other encodings like Barracuda Link Protect would let you simply prepend their URL to the malicious URL you are trying to bypass with," he says. "For example, to use Barracuda Link Protect to bypass SEGs with the URL hxxp\[:\]//badplace\[.\]com/, I would simply add the Barracuda Link Protect URL and make it: hxxps://linkprotect\[.\]cudasvc\[.\]com/url?a=hxxp\[:\]//badplace\[.\]com/."

Gannon says one reason why threat actors likely aren't using the tactic on a much broader scale is because it involves additional work. "The biggest thing it comes down to is effort," he says. If a threat actor can take an hour to encode all the URLs in a campaign and reach 500 more inboxes, they could take the same hour and just find an additional 1,000 email addresses to send the campaign to."

Protecting against the tactic can be relatively difficult, as most SEGs don't have tuning methods for ignoring other SEG encodings, Gannon says. Therefore, the best way to combat the tactic remains user awareness and training. "A vigilant and informed employee is not going to click a link in a suspect email, even if the URL is encoded by a SEG."

**About the Author(s)**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

Threat Actors Ramp Up Use of Encoded URLs to Bypass Secure Email

PRESS RELEASE

REDWOOD SHORES, Calif., July 16, 2024 /PRNewswire/ -- Tumeryk Inc., a leader in AI security solutions, proudly announces the launch of the Tumeryk AI Security Studio to enable organizations to simulate and enhance generative AI (gen AI) security. The large language model (LLM) vulnerability scanner can be run by security professionals against their gen AI API inference endpoints. The Tumeryk LLM Safety Report generated allows enterprises to discover potential gen AI risks and protect against them by building security policies in the Tumeryk Gen AI Firewall. The Gen AI Firewall is built using NVIDIA NeMo Guardrails and other state-of-the-art tools and research.

Tumeryk is also hosting a free webinar - Generative AI Security and Risk Mitigation - featuring Rohit Valia, CEO and founder of Tumeryk, and Christopher Parisien, senior manager of applied research at NVIDIA, to share how organizations can leverage Tumeryk's technologies to safely deploy gen AI-based applications into production. Sign up for the webinar enables access to the free gen AI LLM vulnerability scanner service and the Tumeryk Gen AI Security Studio.

"By making the gen AI LLM vulnerability scanner service available for free, Tumeryk is allowing organizations to get an understanding of their risk profile while using these innovative technologies and ensuring that they stay secure and compliant," said Valia. "Artificial intelligence, particularly Gen AI, holds immense transformative potential – and demand for the best security tools." 

"Gen AI presents a powerful opportunity for innovation, and organizations must approach implementations with safety in mind, especially for regulated industries. As CISOs, we need to adapt our security capabilities and operations to be inclusive of Gen AI solutions," said Puneet Thapliyal, ex-CISO at Hippocratic.ai. "Tumeryk provides the tools for enterprises to enhance gen AI security."

The Gen AI Security Studio is designed for security analysts, providing a comprehensive platform to scan LLMs and build and test gen AI Firewall policies. This proactive approach helps identify vulnerabilities and strengthens AI defenses prior to deployment. 

The Gen AI Firewall enables centralized controls over gen AI access. Security and governance teams can collaborate with developers to build sophisticated guardrails using the Gen AI Security Studio and deploy them to the Gen AI Firewall. Utilizing NVIDIA NeMo Guardrails, the Gen AI Firewall leverages heuristics to block jailbreak attempts, score hallucinations, moderate content, and orchestrate dialogs. It enables the creation of virtual silos for LLMs using role-based access control (RBAC) and enhances security through an API key vault. This firewall is crucial for maintaining the integrity and reliability of AI systems by helping ensure interactions remain within predefined security parameters.

The AI Security Monitoring Dashboard offers a single pane of glass for monitoring LLMs across cloud providers. This allows operations teams to monitor the performance of gen AI applications and review comprehensive logs and alerts to ensure any deviations from expected behavior are promptly addressed. 

The free LLM scanner and Gen AI Security Studio can be accessed from the AWS Marketplace or https://tumeryk.com/, providing easy access for organizations looking to enhance their AI security posture. Tumeryk AI solutions represent a significant advancement in AI security, offering a holistic approach to managing the complexities of gen AI. As AI continues to integrate deeper into business operations, Tumeryk Inc. remains at the forefront of ensuring these systems are secure, reliable, and aligned with organizational policies.

About Tumeryk Inc.

Tumeryk Inc. is a pioneering company in AI security solutions, dedicated to developing innovative technologies that safeguard AI systems. With a focus on proactive risk management and comprehensive protection strategies, Tumeryk Inc. enables organizations to deploy AI with confidence and integrity.

You May Also Like

Tumeryk Inc. Launches With Free Gen AI LLM Vulnerability Scanner

PRESS RELEASE

CHICAGO, July 16, 2024 /PRNewswire/ -- Research from MxD (Manufacturing x Digital), the digital manufacturing institute and the National Center for Cybersecurity in Manufacturing supported by the Department of Defense, has revealed an urgent need for the U.S. manufacturing sector to strengthen its cybersecurity posture.

The report, titled Behind the Firewall, establishes the sector's cybersecurity preparedness and finds that manufacturers are overestimating their capabilities.  

Securing U.S. manufacturing has emerged as an economic and national security priority as the manufacturing sector remains the most targeted sector worldwide for cyber-attacks. Faced with unique challenges in securing business operations against geopolitical threats, the report shares insights and strategies for manufacturers to enhance their cyber resilience.

The survey found:

*   76% of manufacturers are confident their organization can prevent cyber risks and respond to cyber-attacks
    
*   Only 34% of manufacturers have comprehensive system security plans (SSPs) in place - a fundamental cybersecurity requirement and often required for compliance
    
*   Just 43% of all manufacturers have a dedicated cybersecurity leader, such as a Chief Information Security Officer (CISO) or Director of Cybersecurity
    
    *   The disparity is stark when compared by size: 88% of large manufacturers (500+ employees) have such leaders, compared to 35% of small- and medium-sized manufacturers (fewer than 500 employees)
        
    
*   Encouragingly, 82% of manufacturers are planning to raise cybersecurity spending in the upcoming budget cycle
    

"The supply chains which support U.S. manufacturing are only as strong as their weakest link. We must strengthen at every level to ensure a resilient domestic manufacturing capability, including within the defense industrial base," said MxD CEO Berardino Baratta. "We see a sense of overconfidence in our research results, which is concerning given that everyone is at risk, from the largest multinational to small- and medium-sized manufacturers who often lack the proper resources to protect themselves from cyber-attacks."

"Manufacturing sector cyber-attacks are no longer rare, one-off events," said MxD Director of Cybersecurity Michael Tanji. "The rise in incidents shows repeated and concerted efforts to steal IP or other company data, resulting in production shutdowns, logistical delays, and more. Our manufacturing sector must stay ahead of these growing threats – and we can only do that by updating and upgrading cyber capabilities across the industry."

This survey identifies key areas where manufacturers can benefit from additional resources to strengthen their cybersecurity infrastructure. Research results were segmented by vertical sector and manufacturer size, which allows for a deeper understanding of needs and insights at all levels of the manufacturing sector. In turn, this enables MxD to develop tools, like cyber playbooks and training guides, which more effectively address sector needs. 

This report launches as MxD reaches its 10-year anniversary and underscores the imperative for strengthening U.S. manufacturing competitiveness and resiliency. As a public-private partnership, MxD convenes and collaborates with manufacturers to prepare and protect domestic supply chains against cybersecurity threats.

About MxD  
MxD (Manufacturing x Digital) advances economic prosperity and national security by strengthening U.S. manufacturing competitiveness through technology innovation, workforce development, and cybersecurity preparedness. In partnership with the Department of Defense, we convene an ecosystem to solve critical manufacturing challenges by accelerating digital adoption, empowering a skilled workforce, and modernizing supply chains. MxD is also the National Center for Cybersecurity in Manufacturing as designated by DoD. Visit mxdusa.org to learn more.

You May Also Like

MxD Research Reveals Major Disconnect Between Perceived and Actual Cybersecurity Capabilities in US Manufacturing

PRESS RELEASE

BETHESDA, Md., July 16, 2024 /PRNewswire-PRWeb/ -- As organizations continue to fortify their cybersecurity strategies in response to an ever-evolving threat landscape, many are turning to Zero Trust architectures to safeguard their data. However, implementing Zero Trust is not without its challenges. According to a new strategy guide from the SANS Institute, "Navigating the Path to a State of Zero Trust in 2024," businesses often stumble over key obstacles in their journey towards Zero Trust adoption.

"The path to achieving a true state of Zero Trust isn't straightforward. Organizations often encounter several fundamental challenges when attempting to implement end-to-end Zero Trust principles across their environment," said Ismael Valenzuela, SANS Senior Instructor and author of the Cyber Defense and Blue Team Operations course, SANS SEC530: Defensible Security Architecture and Engineering. "By understanding and addressing these common mistakes, businesses can make better strategic and tactical decisions and increase their resiliency in the face of evolving threats."

Here are the top five mistakes identified:

● Overlooking the Importance of Organizational Culture: Zero Trust is more than just a technological shift; it requires a fundamental change in organizational culture. Chief Information Security Officers (CISOs) must align security with strategic, operational, and financial priorities. As the strategy guide states, "Effective security is driven by people, processes, and technology." Failure to secure stakeholder buy-in from the outset can doom Zero Trust initiatives to fail.

● Underestimating Human Risk: Employee error and negligence account for over 80% of data breaches. Hybrid work environments blur the lines between personal and professional spaces, increasing the complexity of monitoring user activity. "A Zero Trust architecture is an important line of defense against human risk," the strategy guide emphasizes. Organizations must implement continuous monitoring and real-time assessment of user behavior to mitigate these risks.

● Neglecting the Supply Chain: Recent high-profile supply chain attacks have underscored the vulnerabilities within interconnected systems. According to Gartner, by 2025, 45% of organizations worldwide will have experienced attacks on their supply chains. Zero Trust principles help limit the impact of these breaches by ensuring continuous verification and deeper visibility into user activity.

● Failing to Plan for Sustainable Success: Implementing Zero Trust is a long-term commitment that requires continuous improvement and adaptation. The SANS strategy guide highlights the importance of effective change management practices: "Effective change management ensures stakeholder buy-in, facilitates user adoption, minimizes disruption, promotes continuous improvement, and enhances collaboration."

● Inadequate Measurement of Success: Measuring the effectiveness of a Zero Trust framework is crucial for maintaining stakeholder support. The guide suggests several metrics, including authentication success rates, policy compliance rates, and the time to detect and respond to incidents. These metrics provide a clear picture of the framework's impact and highlight areas for improvement.

"Adopting the Zero Trust 'never trust, always verify' mindset is essential for modern cybersecurity," said Valenzuela. "However, the real challenge lies in having a realistic understanding of what a Zero Trust architecture looks like and avoiding common pitfalls during implementation. From cultural shifts to technical deployments, this offers vital guidance to help organizations successfully navigate the complexities of Zero Trust and enhance their cybersecurity resilience."

For more information on implementing Zero Trust and to download the full strategy guide, visit: https://www.sans.org/u/1xo2

Top 5 Mistakes Businesses Make When Implementing Zero Trust

PRESS RELEASE

NEW YORK, July 16, 2024 /PRNewswire/ -- Today QBE Insurance, a global insurer operating in 27 countries, unveiled QCyberProtect, a comprehensive and globally consistent cyber policy designed to enhance cyber resilience for a broad range of clients worldwide.

QCyberProtect provides tailored coverage for losses arising from current and emerging cyber risks, including, but not limited to, network security, privacy liability, IT and non-IT business interruptions and reputational loss.

"Strategic investments in our cyber capabilities have strengthened our ability to shield our clients from the most pressing cyber threats," said Andrew Horton, Group CEO of QBE Insurance. "This offering highlights our commitment to delivering globally consistent and practical solutions that address the ever-evolving cyber risks our customers face around the world."

QCyberProtect provides cyber insurance for a range of organizations, from mid-sized companies relying on fully outsourced IT departments to global corporations with complex large-scale IT systems.

"QBE's global cyber policy is supported by a network of highly skilled cyber experts and strategic partners to ensure world-class coverage and service," said Serene Davis, QBE Global Head of Cyber. "We are providing our customers with the comprehensive coverage and services they need to navigate end-to-end cybersecurity issues."

Along with its global cyber insurance coverage, QBE is also implementing QCyberPrepare. Available in many locations around the world, QCyberPrepare is a cyber saferoom where cyber customers can launch their incident response plan in a secure platform with secure messaging. This risk management tool empowers organizations to be connected, confident and in control before, during and after a cyber crisis.

QCyberProtect is currently available in Australia, Hong Kong, Malaysia, Netherlands, Singapore, Sweden, UAE, United Kingdom, United States and Vietnam and will be launching in additional countries throughout the year.

For more information about QCyberProtect visit Cyber | QBE US. Contact your regional underwriter for more information regarding appetite.

About QBE North America

QBE North America is a global insurance leader helping customers solve unique risks, so they can stay focused on their future. Part of QBE Insurance Group Limited, QBE North America reported Gross Written Premiums in 2023 of $7.6 billion. QBE Insurance Group's results can be found at qbe.com. Headquartered in Sydney, Australia, QBE operates out of 27 countries around the globe, with a presence in every key insurance market. The North America division, headquartered in New York, conducts business primarily through its insurance company subsidiaries. The actual terms and conditions of any insurance coverage are subject to the language of the policies as issued. Additional information can be found at qbe.com/us or follow QBE North America on LinkedIn, Facebook and Instagram.

QBE Insurance Launches Global Cyber Coverage With QCyberProtect

PRESS RELEASE

BOSTON, July 16, 2024 /PRNewswire/ -- Cybercrimes like dealer system hacks, identity theft, and breaches are wreaking havoc on the auto industry. As the industry becomes more technology-driven, increasingly sophisticated cybercriminals are finding more opportunities to strike. In fact, the auto sector is now the third most targeted behind healthcare and financial services. The recent attacks against Findlay Auto Group and CDK Global are just two of many examples that have brought attention to the industry's vulnerabilities.

A number of regulations have been issued to ensure dealers adequately protect consumer data. In particular, the Red Flags Rule requires dealers to implement programs to protect customers from potential identity theft and fraud.

That's why Aura, the all-in-one consumer online safety solution, today announced its partnership with Mosaic Compliance Services to provide identity protection to anyone who gives dealers personally identifiable information (PII) during the car-buying process.

Mosaic is a leader in helping dealerships nationwide implement legally defensible and insurable compliance systems. By combining Aura's award-winning identity theft protection services with Mosaic's industry-leading fully managed compliance solutions, this partnership helps dealers adhere to the Red Flags Rule regulations, mitigate risk, and provide proactive protection from cybercrime for their roofs, shoppers, and buyers.

"We partnered with Aura so that every consumer, shopper, or buyer gets identity theft protection simply because they gave the dealer their non-public personal information," said James S. Ganther, Esq., CEO at Mosaic Compliance Services. "Through this collaboration, we're able to both provide peace of mind to buyers whose information is collected and ease the compliance burden for dealers–providing everything from counsel on policies to operational improvements, audits, and consumer online protections."

Aura plays a crucial role in the mitigation piece of compliance with the Red Flags Rule. With these regulations, auto dealers are now obligated to protect the personal information provided to them. By offering Aura to consumers, dealers help proactively mitigate fraudby monitoring for instances of identity theft, credit misuse, and financial fraud.

"With cyber attacks, scams, and breaches happening every day, car buyers are aware of the risk associated with providing their personal information to companies," said Scott Hudson, Senior Vice President of Sales at Aura. We know that 84% of customers say they would not buy another vehicle from a dealership if a breach compromised their data. By offering Aura's identity protection solution to every consumer who provides personally identifiable information, dealers can earn trust upfront in the car-buying process."

Aura works with hundreds of dealerships across the U.S. to offer identity and fraud protection to hundreds of thousands of consumers. If you're interested in partnering with Aura and Mosaic Compliance Services, contact \[email protected\].

ABOUT AURA   
Aura is one of the fastest growing online safety solutions for individuals and families. Whether you're protecting yourself, your kids, or your aging loved ones, Aura can meet your needs at every stage of life. Customers trust Aura's simple interface to effortlessly safeguard the things they care about most. Through real-time monitoring and alerts, Aura helps detect and mitigate emerging online threats, such as scams, predators and cyberbullying. To discover how Aura is reshaping online safety for people everywhere, visit www.aura.com.

ABOUT MOSAIC COMPLIANCE SERVICES   
Mosaic Compliance Services was founded in 2006 by automotive attorneys who saw the need to make compliance more approachable and effective for dealerships. Today, Mosaic is a leading provider of compliance solutions for dealers. Serving over 150,000 active users, we help dealerships across the country implement a culture of compliance that includes processes, training, policies, certifications, safeguards, audits, and more. Our web-based legal compliance training has received the Dealers' Choice Diamond Award eight years in a row, including 2023. In everything we do Mosaic strives to provide the most knowledgeable service and tailored guidance in the industry. As your dedicated compliance partner, our goal is your success.

Source

DARKReading