**DENVER****,** **April 20, 2023** **/PRNewswire/ --** Red Canary, a leader in managed detection and response, launched Red Canary Readiness, a new portfolio of offerings that gives teams a whole new way to train and prepare for incidents. Now any company can improve their incident response preparedness by empowering their security teams to practice and validate the skills, processes, and playbooks required to quickly respond to cyber and business continuity threats.

The initial Readiness product is Readiness Exercises, a first-of-its-kind continuous learning platform that combines training, tabletops, and atomic tests in one experience. With Readiness Exercises available today, cybersecurity professionals get on-demand content and expert training at their fingertips, making it easy for companies to skill up employees, no matter where they are.

**Enterprises must maintain a skilled and ready workforce to face today's top cybersecurity threats**

Adversaries are becoming faster and more efficient at distributing and scaling cyberattacks. Rather than infrequent and one-size-fits-all training, continuous learning is critical to keep pace with the evolving threat landscape.

Readiness scenarios are ripped from the headlines and informed by Red Canary's leading threat intelligence and adversary research from its Managed Detection and Response (MDR) solution, which conducts millions of investigations per year. This expertise is mapped to industry-standard frameworks, such as NIST and MITRE ATT&CK®, to ensure teams are practicing the most critical scenarios. Training can be self-guided or facilitated, ranging from 20 minutes to 2 hours, and prepares teams to face incidents involving business email compromise, ransomware, and other threats including Qbot and Raspberry Robin.

"We have previously invested in cybersecurity training but have had mixed results. The exercises don't always relate to the threats that matter most to us, and the lessons are infrequent and don't always stick," said Michael Strong, Chief Security Officer, GCI. "This is why we are so excited about Readiness Exercises. Now our team can continuously train and benchmark our progress, learning from the Red Canary team who respond to real-world threats daily. It gives me confidence knowing that we're better prepared for the next threat that comes our way."

"Just having an incident response plan and a set of playbooks is no longer enough. That plan and those playbooks must be put to the test regularly and refined to keep up with evolving threats," wrote Jess Burn, Sr. Analyst, Forrester in an April 2022 blog post.

Readiness Exercises foster continuous learning, which drives both employee and business success through:

*   **Continuously improving your readiness:** Benchmark current skill levels against industry standards through frequent feedback and scoring. Onboard new team members and establish a culture of consistent skill improvement.
*   **Training for real-world threats:** Continuously practice and validate team preparedness against realistic scenarios based on trending adversary groups, tools, and MITRE ATT&CK® techniques.
*   **Get training, tabletops, and atomic tests in one experience:** Bring together disparate learning tools and run them in your environment to maximize their relevance and impact.

"We're excited to announce the launch of Readiness Exercises, a comprehensive solution that combines tabletop exercises, cybersecurity training, and atomic testing into a seamless, continuous learning experience," said Brian Beyer, CEO of Red Canary. "With this innovative product, we're reinventing the way organizations approach cybersecurity training and prepare for real-world threats."

**Learn more**

*   Learn more about Readiness
*   Watch the Readiness Exercises video
*   Register for the Readiness webinar

**Availability** 

Red Canary Readiness launched today, with Red Canary Readiness Exercises generally available now.

**About Red Canary**

Red Canary is a leader in managed detection and response (MDR). We serve companies of every size and industry, focusing on finding and stopping threats before they can have a negative impact. As the security ally for nearly 1,000 organizations, we provide MDR across our customers' cloud workloads, identities, SaaS applications, networks, and endpoints. For more information about Red Canary, visit: https://www.redcanary.com.

SOURCE Red Canary

Red Canary Announces Readiness

Mandiant found that North Korea's UNC4736 gained initial access on 3CX's network when an employee downloaded a weaponized but legitimately-signed app from Trading Technologies.

Turns out 3CX was not the original target in a recent supply chain compromise affecting customers of the video conferencing software maker: The attack came via a prior supply chain compromise involving Trading Technologies, a provider of high-performance trading software.

That makes the breach at 3CX one of the first known instances where an adversary used one supply chain attack to enable a second supply chain attack in an effort to try and breach multiple organizations. However, rather than being the victims of a targeted attack, 3CX and its customers appear to have become opportunistic victims for the threat actor, new research shows.

Researchers at Google Cloud's Mandiant discovered the chained attacks after 3CX hired the security vendor to investigate a March 2023 incident where a threat actor — now identified as North Koreas Lazarus group — used legitimate updates of 3CX's DesktopApp to deliver malware to downstream customers.

Multiple security vendors at the time reported observing legitimately signed Windows and Mac versions of the 3CX app landing on customer systems bundled with malicious installers. When users attempted to deploy the poisoned software, the malicious installers executed a sequence of actions that ended with an information stealer on their systems. Kaspersky later observed Lazarus actors dropping a second-stage backdoor, tracked as "Gopuram" on systems belonging to a small number of affected 3CX users.

Security researchers surmised that the North Korean threat actor — whom Mandiant tracks as UNC4736 — would have needed extensive access to 3CX's build environment to pull off the attack. 3CX officials themselves merely noted the issue likely had to do with one of the bundled libraries compiled into the desktop app.

**Fortuitous Download for the Hackers**

Mandiant's investigation into how exactly UNC4736 might have compromised the 3CX environment showed the threat actor gained initial access when a 3CX employee downloaded a financial trading package called X\_TRADER from the website of the developer, Trading Technologies.

UNC4736 actors had previously breached Trading Technologies systems, according to Mandiant, and inserted a backdoor in the X\_TRADER app's installation file. When the 3CX user downloaded the app from the Trading Technologies website, the installer triggered actions that resulted in a modular, multi-stage backdoor called "VEILEDSIGNAL" landing on the individual's system.

The malware contained multiple functions, including those for sending implant data, executing shell code, and for terminating itself. VEILEDSIGNAL also included two other components: one for injecting the command-and-control module on Chrome, Firefox, or Edge, and the other for listening to incoming communications.

Marius Fodoreanu, principal consultant at Mandiant and the lead investigator in the 3CX compromise, says it's unclear how UNC4736/Lazarus actors introduced the malicious installer for X\_TRADER.

"Mandiant is not performing an incident response for Trading Technologies, so we don't have direct visibility into the Trading Technologies' environment," he says. But Mandiant has observed evidence of compromise of the Trading Technologies environment as far back as 2021, Fodoreanu says.

**Lazarus Used Backdoor to Steal Credentials, Compromise 3CX Build Systems**

Fodoreanu says that following the initial compromise of the 3CX employee's computer in 2022, the threat actor stole the employee's corporate credentials. The attackers then used the administrative-level access and persistence that VEILEDSIGNAL provided on the system to eventually compromise 3CX's Windows and macOS build environments and insert malware into finished 3CX software packages.

The breach at 3CX would not have happened in this instance if the employee hadn't downloaded the malicious X\_TRADER app. That means the company became a collateral and, therefore, an opportunistic victim of the North Korean group.

"If you were starting from scratch and trying to intentionally target a company like 3CX, you would not go to Trading Technologies as an initial attack vector," Fodoreanu concedes.

However, when the threat actor discovered they had snagged a high-value victim, it is likely they pressed forward more deliberately, he says.

"Yes, we believe it likely started off as \[an\] opportunistic attack," he says. "But once they figured out that they had access to a company that likely has a lot of customers, they decided to continue to move forward and compromise the environment and then compromise the software."

**3CX Not a Trading Technologies' Customer**

Interestingly, 3CX is neither a vendor nor a customer of Trading Technologies. So, it is not clear why an employee from the company would have wanted to download X\_TRADER, a spokeswoman from Trading Technologies said in an emailed statement to Dark Reading.

"Given that this only came to our attention last week, we have not had the ability to verify the assertions in Mandiant's report," the spokeswoman said. "What we do know with certainty is that 3CX is not a vendor or a customer of Trading Technologies. There is no business relationship between the two companies."

The statement went on to note that Trading Technologies discontinued the X\_TRADER app referenced in the Mandiant report in April 2020. Mandiant itself said its investigation showed, however, that the app was still available for download in 2022. "There was no reason for anyone to download the software given that TT stopped hosting, supporting, and servicing X\_TRADER after early 2020."

**Other Victims?**

Fodoreanu says there is potential that other organizations might have downloaded the poisoned X\_TRADER app during the two years it was available on Trading Technologies' website, after the company discontinued the product.

"We suspect there are a number of organizations that don't know they're compromised yet," he says. "We're hopeful that now that this information is out, it'll help accelerate the process for companies to determine that they're compromised and contain their incidents."

Meanwhile, in a separate development, security vendor Eset this week reported on a new Lazarus campaign it is currently tracking as Operation DreamJob, which it believes is linked to the 3CX attack for multiple reasons. Peter Kalnai, senior malware researcher at Eset, says the so-called "SimplexTea" Linux malware used in the DreamJob campaign shares the same C2 network infrastructure used in the 3CX attack.

The configuration of SimplexTea also bears the same name (apdl.cf) as SIMPLESEA the macOS malware reported in the 3CX attack, Kalnai says. There are also similarities in the manner in which messages are encrypted, he says.

3CX Supply Chain Attack Tied to Financial Trading App Breach

The sensitivity of the personal information involved in the breach has yet to be determined by agency officials, but it affects 256,000 consumers.

The Consumer Financial Protection Bureau (CFPB), an agency of the US government that protects consumers in the financial sector, announced that an employee committed a major breach in emailing the personal information of 256,000 consumers to a personal email account.

In briefings between lawmakers and the consumer bureau director, Rohit Chopra, the agency staff informed elected officials that they first learned of the breach on Feb. 14. Chair of the Financial Services Committee's investigation panel on the matter, Rep. Bill Huizenga, stated in a letter to Chopra that "the transfer of records could have possibly implicated more than 50 financial institutions' sensitive information" and requested a briefing before a deadline of April 25.

The employment of the individual who committed the breach has been terminated by the agency, and the person has been asked to delete the emails and provide proof of such, though the person has yet to comply with these requests.

"This unauthorized transfer of personal and confidential data is completely unacceptable. All CFPB employees are trained in their obligations under Bureau regulations and Federal law to safeguard confidential or personal information," the agency stated.

At this time, the agency has identified that the information included in the breach involves personal identifiable information (PII) of customers from seven institutions, though they are not yet sure of the degree of sensitivity of the PII and are still assessing the level of risk to the consumers involved.

"Unfortunately, this is an example of clumsy handling of sensitive data. Even if there was no ill intent by the individual concerned there are still huge risks to data privacy whether the email was encrypted, who else has access to that email account, and whether there's a strong password or MFA enabled on the personal email account," Darren James, senior product manager with Specops Software, said in an emailed statement. "The CFPB has a lesson to learn here in responsible data handling. Any training done has failed and more emphasis should be made on Cyber Aware Training in the future to prevent poor security hygiene like this instance."

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Major US CFPB Data Breach Caused by Employee

Vulnerable MS-SQL database servers have external connections and weak account credentials, researchers warn.

The Trigona ransomware threat actors are waging a campaign against Microsoft SQL database servers because many of them have external connections and weak passwords, leaving them open targets for brute force or dictionary attacks.

These vulnerable MS-SQL servers were designated as "poorly managed" by AhnLab Security's new alert about Trigona's nefarious activities.

"If a threat actor manages to log in, control over the system will be passed to them, allowing them to install malware or execute malicious commands," the report said.

    

The Trigona ransom note. Source: AhnLabs

They're popular repeat targets too, and not just for Trigona: In one instance observed by AhnLab researchers, credentials for a breached MS-SQL server were compromised by several threat actors, leaving traces of various ransomware strains, Remcos RAT, and coinminers, the report said.Additionally, MS-SQL can be installed on both Windows SQL servers and desktop environments. 

"For example, there are cases where MS-SQL is installed alongside certain enterprise resource planning (ERP) and work-purpose solutions during their installation process," the Trigona ransomware report added. "Because of this, Windows servers and Windows desktop environments can both be targeted for MS-SQL server attacks."

AhnLab Security noted Trigona is a relatively new ransomware group, first observed last October.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Trigona Ransomware Trolling for 'Poorly Managed' MS-SQL Servers

Today's LLMs pose too many trust and security risks.

_The Berryville Institute of Machine Learning (BIML) recently attended_ _Calypso AI’s Accelerate AI 2023_ _conference in Washington, DC. The meeting included practitioners from both government and industry, regulators, and academics. I participated in a very timely panel entitled "Emerging Risks and Opportunities of LLMs in the NATSEC and Beyond." That panel spurred this article._

_None of the content in this column was created by an LLM._

Large language models (LLMs) are a kind of machine learning system that has taken the world by storm. ChaptGPT (aka GPT-3.5), an LLM produced and fielded by OpenAI, is one of the most pervasive and popular of the many generative AI models for text. Other generative models include the image generators Dall-E, Midjourney, and Stable Diffusion, and the code generator Copilot.

LLMs and other generative tools present incredible opportunities for applications, and the rush to field such systems is in full gallop. LLMs have the potential to be lots of fun, solve hard problems in science, help with the thorny problems of knowledge management, create interesting content, and most importantly in my view, move the world a little closer to artificial general intelligence (AGI) and a theory of representation that produces massive cognitive science breakthroughs.

But using today's nascent LLMs — and any generative AI tools — comes with real risks.

**Of Parrots and Pollution**

LLMs are trained on massive corpuses of information (300 billion words, mostly scraped from the Internet) and use auto-association to predict the next word in a sentence. As such, most scientists agree that LLMs do not really "understand" anything or do any real thinking. Rather, they are "stochastic parrots," as some researchers call them. LLMs still do generate impressive streams of text, in context, and in an often useful and deeply surprising manner.

Feedback loops are an important class of problem in all kinds of ML models (and one that BIML introduced several years ago as “\[raw:8:looping\]”). Here is what we said at the time:

_Model confounded by subtle feedback loops. If data output from the model are later used as input back into the same model, what happens? Note that this is rumored to have happened to Google translate in the early days when translations of pages made by the machine were used to train the machine itself. Hilarity ensued. To this day, Google restricts some translated search results through its own policies_.

Imagine what will happen when a majority of what can be easily scraped from the Internet is generated by AI models of dubious quality, and then these LLMs start to eat their own tails. Talk about information pollution.

Some AI researchers and information security professionals are already deeply worried about information pollution today, but an infinite spewing information pollution pipeline sounds bad.

**Mansplaining-as-a-Service**

LLMs are very good B.S. artists. These models regularly express incorrect opinions and alternative facts with great confidence, and often make up information to justify their answers in a conversation (including pretend scientific references). Imagine what happens when average knowledge as scraped from the Internet — which includes lots of wrong things — is used to create new content.

The ultimate "reply guy" is not who we need writing news stories for us in the future. Facts actually do matter.

**Mirroring Broken Security**

LLMs are often trained on data that is biased in many ways. Sexist, racist, xenophobic, and misogynistic systems can and will be modeled from data sets originally collected when society was less progressive. Bias is a serious issue in LLMs, and one that operational Band-Aids are unlikely to fix.

**Trusting Deepfakes**

Deepfakes are a side effect of generative AI that has been discussed for some time. Fakes or spoofing are always a risk in security, but the capacity to make higher-quality fakes that are easy to believe is here. There are some obvious worst-case scenarios: moving markets, causing wars, inflaming cultural divides, and so on. Careful where that video came from.

**Automating Everything**

Generative models like LLMs have the capacity to replace lots of jobs, including low-level white collar jobs. Millions of people get plenty of satisfaction out of their jobs, but what if all of those jobs are willy-nilly replaced by ML systems that are cheaper to operate? We already see this with some writing content-creation jobs in local sports stories and marketing copy, for example. Should LLMs be writing our articles? Should they be practicing law? How about doing medical diagnosis?

**Using a Tool for Evil**

Generative AI can create some fun stuff. If you haven’t played with ChapGPT, you should give it a shot. I haven’t had this much fun with new technology since I got my first Apple \]\[+ in 1981, or since Java applets came out in 1995.

But the power of generative AI can be used for evil as well. For example, what if we put ML to the task of designing a novel virus with the propagation capability of COVID and the delayed onset parameters of rabies? Or how about the task of creating a plant with pollen that is also a neurotoxin. If I can think up these dastardly things in my kitchen, what happens when a real evil person starts brainstorming with ML?

Tools have no intrinsic morality or ethics. And for the record, the idea of "protecting prompts" is a pretend solution akin to protecting supercomputer access with command-line filtering.

**Holding Information in a Broken Cup**

Data moats are a thing now. That’s because if an ML model (with the help of humans) can get to your data and learn how to profitably parrot what you do by training on your data, it will. This leads to multiple risks best solved by carefully protecting your data sets instead of cramming them unto an ML model and fielding the model to the general public. In the gold rush world of ML, the gold is data.

Protecting data is harder than it sounds. Think how the government's current information classification system can't always protect classified information. Clearly, protecting sensitive and confidential information is already a huge challenge, so imagine what happens when we intentionally train up our ML systems on confidential information and set them out into the world.

Extraction and transfer attacks exist today, so be careful what you pour in your ML cup.

**What Should We Do About LLM Risk?**

So should we put some kind of magic moratorium on ML research for a few months as some technologists have self-servingly suggested? No, that's just silly. What we need to do is recognize these risks and face them directly.

The good news is that an entire industry is being built around securing ML systems, which I call machine learning security or MLsec. Check out what these new hot startups are building to control ML risk — but do so with a skeptical and well-informed eye.

Expert Insight: Dangers of Using Large Language Models Before They Are Baked

Overcoming the limitations of consumer MFA with a new flavor of passwordless.

Twitter recently disabled SMS-based two-factor authentication (2FA) except for Twitter Blue subscribers. While the intended results may be cost-savings and boosting the number of subscribers, the decision is likely to have unintended security consequences. Even some tech-savvy people who know and care about security find Twitter's 2FA alternatives awkward enough to delay until they are forced into it, so Twitter's new policy will likely result in fewer accounts using 2FA. Educating users about how to set up authenticator apps and security keys is one solution. But that's analogous to building a faster horse.

Fundamentally, the enterprise 2FA playbook cannot be applied to consumer scenarios in equal measure because consumers can vote with their feet. Any added step will send them galloping into the arms of the competition. Thus, the Twitter news should be a call for disruption, and for solutions that protect consumer identities without introducing friction. I believe that technology is passkeys when available uniformly across the digital landscape.

**The State of Consumer MFA**

It’s broadly accepted that any multifactor authentication (MFA) is better than no MFA (I’ll use MFA here to mean authenticating your identity with two or more factors). MFA solutions prevent bad actors from accessing resources using only a victim's primary credentials. Our CISO once observed that MFA and adaptive authentication would have prevented 95% of the breaches she has seen.

But not all MFA is created equal. Some factors are weaker than others, particularly against targeted attacks. Security questions, SMS, voice, and email-based one-time passwords are considered low-assurance factors. All these factors are vulnerable to phishing. Attackers can bypass weaker factors by "guessing" the authenticator code; intercepting the code-containing SMS; or creating "alert fatigue" by bombarding the user with messages until they complete the MFA challenge.

**MFA Bypass Attacks**

Recent research found more than 113 million MFA bypass (registration required) attempts against consumer and SaaS applications over a 90-day period, representing the highest baseline level of attacks of any year on record. Given what we know about weaker factors, you'd be forgiven for thinking Twitter's decision to disable text-based authentication is a good one. But as with most things in identity, there is more complexity that meets the eye, particularly when we look at MFA adoption issues.

**The Trouble With MFA Adoption**

The challenge of getting users to sign up for any form of MFA lies in the technology's origin story. Passwords predate modern online services by thousands of years (just think about "Open, Sesame" in "Ali Baba and the 40 Thieves"). Two-factor authentication entered the picture much later as a way for enterprises and governments to protect their internal systems with something you know (password) and something you have (device, code, or security key).

Technologies developed in an enterprise context have historically prioritized security. The administrator has the power to enforce security measures across the employee base to protect the company's interests. When organizations try to use the same playbook with consumers, they fail, because consumers can vote with their feet. And the impact can quickly become existential.

So, what about authenticator apps? For us in the industry, this might look like the obvious technical alternative to SMS-based methods. But few end users are this digitally savvy. The more likely result of forcing something like an authenticator app or security key at scale is that people just won't use it.

**Phishing-Resistant Authentication**

The transition to phishing-resistant factors offers one potential solution to consumer MFA woes. FIDO and WebAuthn rely on public key cryptography and biometrics to significantly improve both security and the user experience. When using public key cryptography, there are no codes or secrets to be stolen. Users go through a biometric check on their device to unlock access to their private key, which is way faster than entering an SMS code. There are nuances in how biometric data is validated that can make a big difference for data privacy and security.

**The Passkeys Opportunity**

Despite exciting progress toward more secure and usable factors, the best MFA mechanism for consumers really isn't MFA at all — it's passkeys. Passkeys are a FIDO authenticator with the advantage of being backed up to the cloud, so if you lose your device or buy a new one, all you must do is sign into your iCloud or Google Play account to recover your passkeys. Passkeys use public key cryptography and device biometrics, making them resistant to many known attacks, and are easy for the user.

Should passkeys have been used on Twitter? Absolutely, but they may not have been a clear option at the time. Supporting something new is always expensive from the engineering perspective. If passkeys had been an option, the experience for the user might have looked something like this:

1.  The user signs into Twitter on their mobile device with username and password;
2.  They are asked if they would like to use a passkey to authenticate next time; and
3.  The user receives a biometric prompt from then on without needing to install anything. They can even go to their Mac and open Twitter in Safari, and the passkey will be automatically synced to that device.

Offering passkey authentication currently requires some reworking, but it's easier and more cost-effective than SMS. Unfortunately, passkeys are not yet uniformly distributed. Apple added support early on, followed by Android and Chrome. Windows currently supports passkeys on a single device.

Whenever you're asking people to change, you need to take concrete steps to make the transition easier. In the case of Twitter, that would be explaining to users what they can do to change their second factor, to avoid them dropping MFA entirely. This would be an amazing passkey adoption opportunity if the industry were ready. We're already in a fantastic position to encourage people to use this flavor of passwordless. What comes next is making it easier for developers to implement the necessary changes in their apps and websites. A future with fewer passwords may not be so far away after all.

Twitter's 2FA Policy Is a Call for Passkey Disruption

Attackers are using custom malware to exploit drivers and terminate security processes so they can deploy ransomware.

The "AuKill" cybercrime tool has emerged, which threat actors are using to disable endpoint detection and response (EDR) defenses used by enterprises before deploying ransomware. It makes use of malicious device drivers to infiltrate systems.

In two recent incidents, researchers from Sophos observed an adversary using AuKill prior to deploying Medusa Locker ransomware; another time, the security vendor discovered an attacker using the EDR killer on an already compromised system before installing the LockBit ransomware.

Christopher Budd, senior manager of threat research at Sophos, says the trend is a response to the growing effectiveness of EDR tools. "Threat actors are starting to recognize that EDR agents provide security vendors a significant advantage in spotting attacks," he says. "Threat actors are targeting the tools causing them the most trouble."

The attacks are similar to a flurry of incidents that Sophos, Microsoft, Mandiant, and SentinelOne reported in December, where threat actors used custom-built drivers to disable security products on already compromised systems, leaving them open to other exploits.

In those attacks, threat actors used malicious drivers that they tricked Microsoft into digitally signing, therefore making them appear legitimate. In other driver attacks, threat actors have exploited a vulnerability in a legitimate device driver to execute ransomware, escalate privileges, and bypass security controls. Some security vendors and researchers commonly refer to the technique as a "bring your own vulnerable driver" or BYOVD attack.

Aukill itself is a tool that falls into the BYVOD category. It takes advantage of a legitimate but outdated and exploitable version of a driver that Microsoft's Process Explorer 16.32 uses, to disable EDR processes.

**Bring Your Own Vulnerable Driver**

The vulnerable Process Explorer driver that AuKill leverages — like other drivers — has privileged access on installed systems and can interact with and terminate running processes.

It's a free tool that allows users to get detailed information on all running processes on a system, their executable paths, performance metrics, and other information. It offers multiple features for monitoring real-time system activity, prioritizing processes and identity, terminating processes, and executing other functions.

Budd says that in the recent ransomware attacks that Sophos observed, the threat actor injected the tool into systems on which they had already gained access. Once on a system, AuKill drops a driver named PROCEXP.SYS from release version 16.32 of Process Explorer into the same location as the legitimate version of the Process Explorer driver (PROCEXP152.sys).

"The \[legitimate\] Process Explorer driver v.16.32 does not limit its functionality to working with the main Process Explorer executable," Budd says. "So other programs may send API calls to the driver to take advantage of its functionality." In AuKill's case, the tool abuses the legitimate driver to execute instructions to shut down EDR and other security controls on the compromised computer. "They leverage the existing functionality in the Process Explorer driver that permits Process Explorer to terminate running programs," he says.

Sophos has so far analyzed six different versions of AuKill and noticed some substantial changes with each new version. Newer versions, for instance, now target more EDR processes and services for termination. They also include a feature that continuously probes EDR processes and services to ensure that terminated processes remain that way through restart attempts. The malware authors have also added features to make AuKill more robust by having AuKill run multiple threads at once to protect itself from being terminated in response, Budd says.

Sophos' analysis of AuKill showed it to contain similarities in code with BackStab, an open source tool that surfaced in June 2021 that also abused the Process Explorer driver to kill EDR tools. The company's researchers spotted a LockBit actor using BackStab to disable EDR on systems as recently as last November.

'AuKill' Malware Hunts & Kills EDR Processes

Campaigns that wielded NSO Group's Pegasus against high-risk users over a six-month period demonstrate the growing sophistication and relentless nature of spyware actors.

Attackers have been targeting iPhone users around the globe in ongoing Pegasus spyware attacks. They show that cyber-threat actors are targeting both new exploits and older, unupdated devices to circumvent new preventative measures from Apple, researchers have found.

One of the multiple targeted campaigns observed over the last six months involved an iPhone user in the Middle East, and another a journalist in Europe using an iPhone 6 that is not supported by the latest iOS updates, researchers at Jamf Threat Labs reported in a recent blog post. Those updates include new threat "Lockdown Mode" notifications by Apple that can help warn someone if there is unusual activity that could be related to spyware on their devices.

The attacks demonstrate how threat actors continue to evolve and grow in sophistication even as there is more awareness about spyware and prevention against these attacks, which are often used with malicious intent by governments to target dissidents or others who investigate or are unsupportive of policies or regimes, the researchers said.

"Modern spyware is very advanced and, as evidenced by the continued evolution of commercial spyware, continues to leverage zero-day vulnerabilities in both old and new devices to ensure any user can be effectively targeted," the researchers wrote in the post.

They also indicate that though the researchers were able to take a deep dive into devices involved in some of the recent attacks, there is no consistency in terms of how the individuals or organizations targeted investigate attacks after the fact. This makes it difficult to respond or prevent further attacks in a timely or comprehensive way, the researchers said.

Moreover, "not all users impacted by spyware have been contacted by Apple, illustrating the challenges with maintaining a comprehensive list of indicators of compromise (IoCs) and with extracting relevant data remotely," they wrote.

**Mideast Activist Targeted**

Researchers specifically detailed two separate attacks that demonstrate how no iPhone is safe from being targeted, despite Apple's bolstering of preventative measures in its most recent updates to iOS.

One attack targeted an iPhone 12 Pro Max user in the Middle East who eventually was notified by Apple of suspicious activity on the device, which showed IoCs that Pegasus — the notorious spyware from Israel's NSO Group — was running.

Subsequent analysis from Jamf Threat Labs revealed traces of the "libtouchregd" process on the device, which Amnesty International has identified as an IoC associated with Pegasus spyware, the researchers said.

The device also yielded additional IoCs via subsequent analysis of the com.apple.CrashReporter.plist file, which is located within a root folder on iOS and serves as a configuration file for the system daemon, ReportCrash, according to the researchers.

"Under normal operating conditions, applications are not granted permission to access or modify this file," the researchers wrote. "Alteration of this file could potentially impede the reporting of crash report logs to Apple. Additionally, the existence of the file is rare for normal users."

Apple sent a threat notification to the Middle East user late last year that a potential attack was occurring on the device and recommended updating it to iOS 16.2. The user subsequently engaged with security researchers to better understand the attack timeline and details, which resulted in a determination that Pegasus was used in the attack.

"These findings have allowed Jamf Threat Labs to build a more robust profile on a device with 'proven' compromise status," the researchers wrote.

**Targeting an Outdated Device**

Another spyware attack targeted an iPhone 6 — currently unsupported by the latest version of iOS — used by a journalist in Europe working for a global news agency, the researchers reported. The device also showed evidence of system crashes, similar to the phone in the Middle East scenario, that indicated it had been compromised.

However, even more suspiciously, investigators discovered files at an atypical location within iPhone’s strict file system, with one that was "clearly masquerading as a built-in binary," the researchers wrote.

"Based on this path and filename, we have strong reason to believe this may be a new indicator that can be used to assess if a device has been targeted," by a specific threat actor, they wrote. Though they could not conclusively identify the threat actor or the use of Pegasus, they said they notified Apple of a potential new IoC by the actor.

Moreover, an attack on an older device that's clearly unsupported by the latest Apple updates — including its enhanced threat-notification program — demonstrates the relentless nature of spyware actors, the researchers said.

"The continued targeting of older devices, such as the iPhone 6s, serves as a reminder that malicious threat actors will exploit any vulnerabilities in an organization's infrastructure, attacking wherever possible," they wrote.

**Mitigations & Prevention**

Given the advanced and evolving knowledge base around spyware, there are numerous ways that organizations can protect users from being attacks. The latest campaigns demonstrate the most basic mitigation tactic, which is to ensure that all devices are running the most current OS and have all available security patches applied, the researchers said.

At the same time, organizations should practice similar hygiene on the corporate network, keeping all applications — both business oriented and personal — up to date and fully patched, as "mobile application vulnerabilities are easily exploited and frequently overlooked by security teams," the researchers wrote.

Jamf also recommends running security software to monitor for suspicious activity on mobile devices and reporting it alongside all other endpoint monitoring dashboards to ensure they are treated with the same attention and urgency as desktops, laptops, and servers.

Other steps organizations can take to protect users include: monitoring communications for suspicious downloads, command-and-control (C2) indicators, and data exfiltration, and utilizing automated policy controls to block known bad activity before it can cause further damage.

High-risk users also should receive separate education about the symptoms of spyware — such as performance issues and frequent crashes — and be encouraged to use an iPhone's Lockdown Mode if necessary, the researchers said. This protects devices against these extremely rare and highly sophisticated cyberattacks.

Global Spyware Attacks Spotted Against Both New & Old iPhones

As is typical with emerging technologies, both innovators and regulators struggle with developments in generative AI, much less the rules that should govern its use.

It has been a busy time in the world of large language models. In late March, OpenAI disclosed a breach of users' personal data. ChatGPT does not appear to have issued an independent apology. As a mere algorithm, how could it? "Right" and "wrong" are only known to it by the artifice of its content filters.

OpenAI has reasserted its commitment to protecting users' privacy and keeping their data safe; however, it has since been reported that Samsung employees exposed confidential meeting minutes and source code via prompts sent to ChatGPT. OpenAI warns against the use of sensitive information in conversations, but there are clearly significant risks that the AI industry needs to address in the development of models and services. Garante, the Italian data protection authority, issued a ruling to prevent use of ChatGPT at the end of March, and the Office of the Privacy Commissioner of Canada has launched its own investigation into ChatGPT's privacy implications. The eventual consequences for OpenAI and the AI community remain to be seen.

Soon after reporting of the initial OpenAI breach came the Future of Life Institute's open letter, calling for a six-month halt to what they termed "giant AI experiments." The letter was signed by many of the signatories to a 2015 Future of Life Institute open letter, warning of the dangers of autonomous weapons equipped with AI to cause harm. The sentiments expressed in the letter are not universally held, with two doyens of the AI industry, Andrew Ng and Yann LeCun, jointly communicating their disagreement with calls for a pause in research.

With the Future Life Institute's open letter establishing a development threshold of AI systems "more powerful than GPT-4," there must have be some degree of anxiety among those working on Google's Bard and Microsoft's Copilot systems, which were overlooked. While it is fortunate that the generative pretrained transformer (GPT) class of models are, as yet, without ego, given the coverage they are receiving within the technical community and the popular press; it is appropriate to reflect on the ChatGPT data breaches, alongside the new capabilities announced in GPT-4.

**Wider Concerns**

The data breach reported by OpenAI occurred against a background of wider concern about the societal implications, regulatory oversight, governance, and practical application of powerful AI systems. Analysis from Goldman Sachs suggested that generative AI systems could deliver a 7% increase in global GDP over a 10-year period, while simultaneously affecting the jobs of 300 million people. The UK government's recent white paper (PDF) has also been contrasted to the interventionist approach reflected in the proposed EU Artificial Intelligence Act.

In OpenAI's disclosure of the ChatGPT data breach, it is important to note their observation that the bug "allowed some users to see titles from another active user's chat history," and, possibly, "the first message of a newly-created conversation was visible in someone else's chat history if both users were active around the same time."

While the bug is resolved, the risks to privacy and confidentiality in centralized AI systems have been exposed along with users' data. GPT-4's reported performance data is impressive, and the prospect of multi-modal prompts, comprising images and text, extends the scope of potential applications. But what happens to all that prompt data? What does it say about the user? What might that prompt data disclose? And, what are the implications of all that generated probabilistic output for the veracity of tomorrow's information domain?

**Questions Raised**

Important questions are also raised about the source of the massive volumes of training data required for initial development. Has informed consent been obtained for the use of this data? Are copyrights and other intellectual property protections respected? How is the veracity of training data established and the accuracy of predictions evaluated? None of these questions are easily answered by the current state of the art for predictive text sequencing, where their ethical foundation is at best opaque and the risk of future self-reference looms large as all the probabilistic and erroneous responses churned out by ChatGPT and GPT-4 enter the corpus of training data.

OpenAI openly states on the ChatGPT FAQs page that user conversations are retained for training and users should avoid including sensitive data in prompts, to avoid the problems experienced by Samsung. But what constitutes sensitive data, beyond the obvious information that is subject to regulatory control or that explicitly identifies the user? Well, every prompt discloses some information about the user sand their unique interests. The language, phraseology, and tone of prompts point to the personal characteristics and preferences of the user. Such characterizations can be used to finetune responses to either individual users or derived subsets of the overall user population.

Eventually, imperceptibly unique characteristics contained in the spelling and punctuation tics, image geometry, or source documentation of inputs to GPT services could discern sensitive information, or, worse, enable simulation of a human response that cannot be discriminated by either machine or human judgement.

In parallel, Ilya Sutskever, co-founder and chief scientist of OpenAI, caused another recent stir when he stated that the closed-source stance taken with respect to the architecture of GPT-4 was necessary in response to competitive threats and potential safety implications associated with disclosure of the technology. As is typically the case with processes of innovation, the regulatory environment today is disjointed and in a losing race to catch up with developments in the field. The new capabilities of GPT-4 and services based on the prior generation of GPT technology are imbued with significant risks, many of which remain unforeseen and unimagined. Reduced transparency in model development will not help.

**Risky Business**

While the risk to data privacy and confidentiality is evident at the implementation level, those risks are an intrinsic component of ChatGPT, GPT-4, and other centralized AI systems. How we address these risks as a society, to exploit the welcome benefits of AI without the sacrifice of cherished human rights, is one of the many questions posed by accelerating advancements in machine intelligence. If we are not sufficiently concerned about the information our human-machine conversations disclose about us today, we might worry more when, as a team of AI researchers have already demonstrated, one day soon, machines will possess the capability to actually read our minds. There is much for humanity and GPT-4 to ponder.

GPT-4 Provides Improved Answers While Posing New Questions

Organizations are planning on newer multifactor authentication methods, such as invisible MFA and passwordless, says SecureAuth in its "State of Authentication" report.

Authentication is one of the top priorities for organizations, as 84% of respondents in SecureAuth’s inaugural "State of Authentication" report placed authentication and access management in their top three to five security priorities.

SecureAuth grouped verification factors, such as one-time passwords and PINs transmitted over SMS text messages, emails, or phone calls, as “traditional multifactor authentication.” Organizations are increasingly exploring newer multifactor authentication (MFA) methods, such as invisible MFA and passwordless technologies, according to the report.

The biggest focus appears to be single sign-on (45%), followed by invisible MFA (38%), two-factor authentication (36%), and continuous authentication (35%). Invisible MFA refers to silently collecting information needed for verification without requiring any user action, such as entering a one-time password or approving a push notification on an app. Invisible MFA combines behavioral, environmental, and contextual signals to determine whether the user is logging in from an authorized device.

The major trend in security nowadays is consolidation. Organizations are trying to reduce the number of security tools in order to minimize integration challenges and reduce complexity. But that is not the case with identity when it comes to identity provider products. Three-quarters of the respondents (76%) say their organizations rely on multiple identity provider products for various reasons, including failover and use-case requirements (such as users on different operating systems). Failover makes a lot of sense – the last thing security teams want is users being unable to access the services and applications they need because the primary identity product is unexpectedly offline or compromised by an attack.

    

Source: State of Authentication, SecureAuth

Identity provider products named in the report include Microsoft (E3 and E5), Okta, Ping Identity, ForgeRock, and SecureAuth.

Most respondents have some form of MFA in their organizations, according to the report. This reflects the security team’s reality; The growing volume of credentials-based attacks means organizations cannot rely on passwords alone for authentication. Cyber insurance also plays a role, as many carriers make using MFA as a requirement for having a policy.

Nearly a third of respondents said they have plans to implement passwordless technologies in the next six months, while another third have plans within the next 12 to 24 months. The biggest barrier to implementation is having too many competing priorities (55%), lack of knowledge about the technology (46%), and budgetary constraints (24%).

Source

DARKReading