How security teams in the region fortify their defenses amid short-staffing — and increased DDoS, phishing, and ransomware campaigns — during the Muslim holy month.

Source: MQ Naufal via Alamy Stock Photo

The holy month of Ramadan is a period where Middle East-based companies step up cybersecurity with extra vigilance and outsourced support amid shortened working hours and increased e-commerce activity.

The ninth month of the Muslim calendar is observed around the world as followers take the time to reflect and practice fasting, and cybersecurity teams often operate with skeletal staffing. Ramadan is also a period where Muslim shoppers tend to up their spending on speciality foods, gifts, and special offers.

All of this also creates a perfect storm for bad actors to conduct fraudulent activities and scams.

Endpoint protection firm Resecurity has observed a significant increase in cyber malevolence during Ramadan, which began on March 10. The company estimates the total financial impact from these cyberattacks and cyberscams against the Middle East has reached up to $100 million so far during this year's Ramadan. This figure accounts for fraud perpetrated against expatriates, residents, and foreign visitors and includes wire fraud, fraudulent campaigns, e-commerce fraud, and phishing. 

In particular, Resecurity notes a rising trend where cybercriminals impersonate local shipping companies like Aramex, SMSA Express, and Zajil Express to deceive Internet users. They target victims through SMS, iMessage, and WhatsApp with phony parcel delivery messages that pressure the victim to pay immediately for their "delivery."

"\[Users\] are strongly advised to refrain from sharing personal and payment information on questionable sites or with individuals posing as bank or government employees," Resecurity warned in its report.

Shilpi Handa, associate research director of security, Middle East, Turkey, and Africa (META) at IDC, agrees there is a "noticeable increase" in DDoS, phishing, and ransomware attempts during the holy month.

**Cyber Risk Preparation**

Even so, cybersecurity professionals in the region are well-versed on the cyber risk escalation during Ramadan. Security preparations typically begin well in advance of Ramadan, Handa notes.

"Many organizations proactively enhance their outsourced contracts during this period, particularly focusing on bolstering 24/7 security operations," she says, adding that deploying a remote and diverse workforce is particularly advantageous during Ramadan as around-the-clock security shifts can be fully covered by a mix of Muslim fasters and non-Muslim staff.

Organizations that expect to be short-staffed during Ramadan should prioritize their critical infrastructure to ensure operational continuity and lessen the frequency of active threat hunting if resources are stretched, Handa says. Companies also should enhance security measures for email and corporate networks because those historically have been targeted in the Middle East, she adds.

In the last few years, the UAE Cybersecurity Council has taken to issuing special advisories during Ramadan. On March 4 this year, the UAE launched its National Campaign for Cybersecurity, aimed at raising awareness and promoting cybersecurity best practices among the public.

Ezzeldin Hussein, regional senior director, solution engineering, META at SentinelOne, advises companies to prioritize cross-training within cybersecurity teams to ensure that essential tasks can be handled by multiple team members. And set clear protocols for incident response and escalation paths to streamline decision-making processes amid possible reduced staffing levels, he adds. 

Ali Haider, a New York-based senior security consultant at Secureworks, says companies should take extra steps to promote a culture of vigilance and awareness among employees and encourage them to report any suspicious activities or security concerns. 

Haider, who worked in the UAE and Saudi Arabia for over a decade, recommends that companies coordinate with the relevant law enforcement agencies. "Maintain open communication channels and coordinate security efforts as needed. Collaborating with authorities can enhance security effectiveness and facilitate a coordinated response to security incidents," he says.

**Ramadan and Year-Round**

Of course, robust cybersecurity measures should be deployed all-year round, not just for Ramadan, Haider cautions.

"Attackers may exploit potential vulnerabilities, such as reduced staffing or distracted teams. However, businesses should maintain vigilance and strengthen cybersecurity measures year-round," he says. "Ultimately, a proactive approach is key to safeguarding against cyberattacks, regardless of the time of year."

**About the Author(s)**

Alicia Buller is a London-based business and technology journalist with several years' experience working in Dubai. She specialises in cybersecurity and Middle Eastern affairs.

Cybersecurity Threats Intensify in the Middle East During Ramadan

Common Good Cyber is a global consortium connecting nonprofit, private sector, and government organizations to fund organizations focused on securing Internet infrastructure.

Source: Nico El Nino via Alamy Stock Photo

Much of our everyday lives, from banking to turning on the lights, would be impossible if the elaborate infrastructure underpinning the Internet were unavailable. However, unlike the electrical grid or financial institutions, there's no single entity responsible for maintaining and securing the Internet.

Instead, that task falls upon a diverse group of organizations and individuals that preserve this public utility with little funding or subsisting on tight budgets. The stakes are incredibly high, but the amount of resources available for keeping this infrastructure secure falls short.

"Everybody thinks it's somebody else's responsibility," says Philip Reitinger, president and CEO of the Global Cyber Alliance. "We agree that cybersecurity requires a whole-of-society effort, but the challenge for us is that there's so little funding available to keep the Internet trustworthy and secure."

**Exploring a New Funding Model**

In an effort to combat this dilution of responsibility and dearth of financial support, global policymakers and representatives from nonprofits, philanthropy, and fundraising organizations recently launched Common Good Cyber, an initiative aimed at building sustainable funding models to support those that secure the Internet for everyone. These stakeholders also took part in a February workshop in Washington, DC, to discuss the critical role of under-resourced organizations that safeguard the Internet. The workshop emphasized the need for collaboration and alignment in funding efforts to sustain cybersecurity initiatives.

"Key components of the Internet are maintained by volunteers, nonprofits, and NGOs, and others who work with razor-thin budgets and resources," said Kemba Walden, president of Paladin Global Institute and former US acting national cyber director, in her keynote address at the workshop. "Consider this: The underpinnings of our digital infrastructure, the infrastructure that enables civil society to thrive in our economy today and to grow, rest on a network of volunteers, nonprofits, NGOs and others.

The goal of Common Good Cyber is to find new ways to build adequate funding into law and policy, business policies and government, and other funding vehicles sufficient to meet the common need for cybersecurity. Supporting organizations include the Cyber Civil Defense Initiative, the Global Cyber Alliance, the Cyber Threat Alliance, the CyberPeace Institute, the Forum of Incident Response and Security Teams, the Institute for Security and Technology, and the Shadowserver Foundation.

Craig Newmark, philanthropist and founder of Craigslist and the Cyber Civil Defense Initiative, says funding and supporting Internet security projects is a patriotic duty.

"So many people have sacrificed a lot to defend us all. I have been pushing people like the folks at Global Cyber Alliance, the folks at the Aspen cybersecurity group, and people at Consumer Reports," Newmark says, listing three organizations that are part of the Cyber Civil Defense Initiative. "The notion is that we work together — to fight the fight together — to complement what the government does, kind of like what my parents did during World War II, when everyone was expected to play a role."

While governments can do some things very well, there are some areas where the government can’t do the whole job and citizens have to step up, Newmark adds.

"People like me who think of ourselves as genuine patriots, we need to help out the people who are doing the actual work, who are sometimes sacrificing a lot," he says. "In my case, while I'm trying to figure out how to mobilize the whole country, it's time to fund some organizations that are going to be doing the hard, tedious work, figuring out how regular people can protect themselves."

For Newmark, the greatest challenge lies in getting the message out and making people take action.

"The message is the big hard part — working together to protect the country," he said. "We need to protect our water and power supplies and transportation. We need to work together on making those things really happen, and I think that's a big contribution of Common Good Cyber."

**Four Action Items to Take**

Four actionable ideas came out of the workshop, Reitinger says.

Participants will seek to create joint funding organizations that have the capacity to collect money from multiple organizations and distribute them through a governance mechanism to organizations in need. Funding sources could come from government or private entities, he says, and be modeled after organizations that fight infectious diseases like HIV or malaria.

In line with the joint fund concept, nonprofits could be connected for federated fundraising, "a little like the United Way," Reitinger says. The fund could then be divided among the nonprofit entities, giving each "a little more bang for your buck, and a little bit stronger of an overall message."

Common Good Cyber also wants organizations to work together to build its business case by collecting data on who is doing what to support the Internet's infrastructure. There is a genuine need to understand the size of the sector "and the value that all these organizations provide … I think that's going to be essential," Reitinger says. "The business case to say, this is what this infrastructure does."

The creation of a hub or accelerator to provide resources to the groups securing the Internet was the final piece of the puzzle discussed. "All of these nonprofits that do critical things have to sort of start up from ground zero," Reitinger says. "And there are some resources that they can pull on. But maybe we start to aggregate those so we can help nonprofits do things like fundraising. Everybody wants to use money in the most effective way possible. So let's make that a little easier to do."

Common Good Cyber's next steps include producing a report on the workshop and speaking at this year's RSA Conference in San Francisco and a workshop in Europe in October. The group hopes to have a set of implemented solutions people can rely on in about a year.

"This is a problem that really needs solving, because we're all suffering from inadequate funding for cybersecurity supporting the common good. Cybersecurity really needs to be a fundamental human right," Rettinger says. "It's just a problem that really requires solving, and I hope we can continue to get the focus from government, industry, and nonprofit stakeholders. It's not going to get better on its own. It's going to get worse."

**About the Author(s)**

Contributing Writer

Jennifer Lawinski is a writer and editor with more than 20 years experience in media, covering a wide range of topics including business, news, culture, science, technology and cybersecurity. After earning a Master's degree in Journalism from Boston University, she started her career as a beat reporter for The Daily News of Newburyport. She has since written for a variety of publications including CNN, Fox News, Tech Target, CRN, CIO Insight, MSN News and Live Science. She lives in Brooklyn with her partner and two cats.

Funding the Organizations That Secure the Internet

Microsoft adds tools to protect Azure AI from threats such as prompt injection, as well as to give developers the capabilities to ensure generative AI apps are more resilient to model and content manipulation attacks.

Source: Tada Images via Shutterstock

Microsoft has announced several new capabilities in Azure AI Studio that the company says should help developers build generative artificial intelligence (GenAI) apps that are more reliable and resilient against malicious model manipulation and other emerging threats.

In a March 29 blog post, Microsoft's chief product officer of responsible AI, Sarah Bird, pointed to growing concerns about threat actors using prompt injection attacks to get AI systems to behave in dangerous and unexpected ways as the primary driving factor for the new tools.

"Organizations are also concerned about quality and reliability," Bird said. "They want to ensure that their AI systems are not generating errors or adding information that isn’t substantiated in the application’s data sources, which can erode user trust."

Azure AI Studio is a hosted platform that organizations can use to build custom AI assistants, copilots, bots, search tools and other applications, grounded in their own data. Announced in November, the platform hosts Microsoft's machine learning models, as well as models from several other sources, including OpenAI, Meta, Hugging Face, and Nvidia. It allows developers to quickly integrate multimodal capabilities and responsible AI features into their models.

Other major players, such as Amazon and Google, have rushed to market with similar offerings over the past year to tap into the surging interest in AI technologies worldwide. A recent IBM-commissioned study found that 42% of organizations with more than 1,000 employees are already actively using AI in some fashion, with many of them planning to increase and accelerate investments in the technology over the next few years. And not all of them were telling IT beforehand about their AI use.

**Protecting Against Prompt Engineering**

The five new capabilities that Microsoft has added — or will soon add — to Azure AI Studio are Prompt Shields, groundedness detection, safety system messages, safety evaluations, and risk and safety monitoring. The features are designed to address some significant challenges that researchers have uncovered recently — and continue to uncover on a routine basis — with regard to the use of large language models (LLMs) and GenAI tools.

Prompt Shields, for instance, is Microsoft's mitigation for what are known as indirect prompt attacks and jailbreaks. The feature builds on existing mitigations in Azure AI Studio against jailbreak risk. In prompt-engineering attacks, adversaries use prompts that appear innocuous and not overtly harmful to try and steer an AI model into generating harmful and undesirable responses. Prompt engineering is among the most dangerous in a growing class of attacks that try to jailbreak AI models or get them to behave in a manner that is inconsistent with any filters and constraints that developers might have built into them.  

Researchers have recently shown how adversaries can engage in prompt-engineering attacks to get GenAI models to spill their training data, spew out personal information, generate misinformation, and potentially harmful content, such as instructions on how to hot-wire a car.

With Prompt Shields, developers can integrate capabilities into their models that help distinguish between valid and potentially untrustworthy system inputs, set delimiters to help mark the beginning and end of input text, and use data marking to mark input texts. Prompt Shields is currently available in preview mode in Azure AI Content Safety and will become generally available soon, according to Microsoft.

**Mitigations for Model Hallucinations and Harmful Content**

With groundedness detection, Microsoft has added a feature to Azure AI Studio that it says can help developers reduce the risk of their AI models "hallucinating." Model hallucination is a tendency by AI models to generate results that appear plausible but are completely made up and not based — or grounded — on the training data. LLM hallucinations can be hugely problematic if an organization were to take the output as factual and act on it in some way. In a software development environment, for instance, LLM hallucinations could result in developers potentially introducing vulnerable code into their applications.

Azure AI Studio's new groundedness-detection capability is basically about helping detect — more reliably and at greater scale — potentially ungrounded GenAI outputs.  The goal is to give developers a way to test their AI models against what Microsoft calls "groundedness metrics" before deploying the model into their products. The feature also highlights potentially ungrounded statements in LLM outputs, so users know to fact check the output before using it. Groundedness detection should be available in the near future, according to Microsoft.

The new system message framework offers a way for developers to clearly define their models' capabilities, profile, and limitations in their specific environments. Developers can use the capability to define the format of the output and provide examples of intended behavior, so it becomes easier for users to detect deviations from intended behavior. The feature isn't available yet but should be soon.

Azure AI Studio's newly announced safety evaluations capability and its risk and safety monitoring feature are both currently available in preview status. Organizations can use the former to assess the vulnerability of their LLM models to jailbreak attacks and generate unexpected content. The risk and safety monitoring capability allows developers to detect model inputs that are problematic and likely to trigger hallucinated or unexpected content, so they can implement mitigations against it.

"Generative AI can be a force multiplier for every department, company, and industry," Microsoft's Bird said. "At the same time, foundation models introduce new challenges for security and safety that require novel mitigations and continuous learning."

**About the Author(s)**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

Microsoft Beefs Up Defenses in Azure AI

Had a Microsoft developer not spotted the malware when he did, the outcome could have been much worse.

Source: ozrimoz via Shutterstock

A newly discovered backdoor in XZ Utils, a data compression utility present in nearly all Linux distributions, has revived the ghosts of previous major software-supply chain security scares such as the Log4Shell vulnerability and the attack on SolarWinds.

The backdoor is embedded in an XZ library called liblzma and gives remote attackers a way to bypass secure shell (sshd) authentication and then gain complete access to an affected system. An individual with maintainer-level access to the code appears to have deliberately introduced the backdoor in a painstakingly executed, multiyear attack.

**A Shock to the OSS Community**

The backdoor affects XZ Utils 5.6.0 and 5.6.1, which are versions of the utility currently used only in unstable and beta releases of Fedora, Debian, Kali, open SUSE, and Arch Linux. As a result, the potential threat with this backdoor for now is considerably more limited than if the malware had found its way into a stable Linux distro.

Even so, the fact that someone managed to sneak a nearly undetectable backdoor into a trusted, widely used open source component — and the potential havoc it could have caused — has come as a painful wakeup call on how vulnerable organizations remain to attacks via the supply chain.

"This supply chain attack came as a shock to the OSS community, as XZ Utils was considered a trusted and scrutinized project," JFrog researchers said in a blog post. "The attacker built up a credible reputation as an OSS developer over the span of multiple years and used highly obfuscated code in order to evade detection by code reviews."

XZ Util is a command-line utility for compressing and decompressing data in Linux and other Unix-like operating systems. Microsoft developer Andres Freund discovered the backdoor in the software when investigating odd behavior in recent weeks around liblzma on some Debian installations. After initially thinking the backdoor was purely a Debian problem, Freund discovered the issue actually impacted the upstream XZ repository and associated tarballs or archive files. He publicly disclosed the threat on March 29.

Over the weekend, security teams associated with Fedora, Debian, openSUSE, Kali, and Arch issued urgent advisories alerting organizations running the affected Linux releases to immediately revert to earlier, more stable releases of their software to mitigate the potential risk of remote-code execution.

**Maximum Severity Vuln**

Red Hat, the primary sponsor and contributor to Fedora, assigned the backdoor a vulnerability identifier (CVE-2024-3094) and assessed it as a maximum severity risk (CVSS score of 10) to draw attention to the threat. The US Cybersecurity and Infrastructure Security Agency (CISA) joined the chorus of voices urging organizations using affected Linux distributions to downgrade their XZ Utils to an earlier version, and to hunt for any potential activity related to the backdoor and report any such findings to the agency.

All of the advisories offered tips for users on how to quickly check for the presence of the back-doored XZ versions in their code. Red Hat released an update that reverts XZ to previous versions, which the company will make available via its normal update process. But users concerned about potential attacks can force the update if they don't want to wait for the update to become available via the normal process, the company said.

Today Binarly released a free tool that organizations can use to look for backdoored XZs as well.

"Had this malicious code been introduced to stable OS releases in multiple Linux distributions, we could have seen in-the-wild exploitation en-masse," says Scott Caveza, staff research engineer at Tenable. "The longer this went unnoticed, the greater the potential for more malicious code from whomever this malicious actor might be."

In an FAQ, Tenable described the backdoor as modifying functions within liblzma in such a way as to allow attackers to intercept and modify data within the library. "In the example observed by Freund, under certain conditions, this backdoor could allow a malicious actor to 'break sshd authentication,' allowing the attacker to gain access to an affected system," noted the researchers.

**XZ Utils "Maintainer" Behind the Backdoor**

What makes the backdoor especially troublesome is the fact that someone using an account belonging to a maintainer of XZ Util embedded the malware in the package in what appears to have been a carefully planned multiyear operation. In a widely referenced blog post, security researcher Evan Boehs traced the malicious activity back to 2021 when an individual using the name Jia Tan created a GitHub account and almost immediately started making suspicious changes to some open source projects.

The blog post provides a detailed timeline of the steps Jia Tan and a couple of other individuals took to gradually build enough trust within the XZ community to make changes to the software and eventually introduce the backdoor.

"All the evidence points to social manipulation being used by a person with the sole end goal of inserting a backdoor," Boehs tells Dark Reading. "Basically, there was never a genuine effort to maintain the project, only to gain enough trust to insert \[the backdoor\] quietly."

Typically, gaining commit access to a repository requires an individual to establish a sense of trustworthiness. Often, projects give new commit access to individuals only when there is a need for it and after some risk assessment, Boehs says.

"In this case, Jia created a \[seemingly\] legitimate need for more maintainers ... and then began building trust. Our society is built on trust, and occasionally some crafty people exploit it," he notes. "Gaining permission requires trust. Trust takes time to establish. Jia was in it for the long game."

Boehs says it's unclear when exactly Jia Tan became a trusted member of the repository. But soon after his first commit in 2022, Jia Tan became a regular contributor and is currently the second-most active on the project. GitHub has since suspended Jia Tan's account.

Saumitra Das, vice president of engineering at Qualys, says what happened with XZ Util can happen elsewhere.

"Many critical libraries in open source are being maintained by volunteers in the community who are not paid for it and can be under pressure due to their personal issues," Das says.

Maintainers who are under pressure often welcome contributors who are willing to spend even a little bit of time on their projects. "Over, time, such folks can gain more control over the code," as was the case with XZ Utils, he says.

**About the Author(s)**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

XZ Utils Backdoor Implanted in Carefully Executed, Multiyear Supply Chain Attack

Cybersecurity analysts use playbooks as a guide to quickly investigate and respond to incidents, but regularly neglect to keep the process documents up to date.

Source: Ivelin Radkov via Alamy Stock Photo

Every company should have a general incident response plan that establishes an incident response team, designates the members, and outlines their strategy for reacting to any cybersecurity incident.

To consistently act on that strategy, however, companies need playbooks — tactical guides that walk responders through investigation, analysis, containment, eradication, and recovery for attacks such as ransomware, a malware outbreak, or business email compromise. Organizations that do not follow a playbook for security will frequently suffer more serious incidents, says John Hollenberger, senior security consultant with Fortinet's Proactive Services group. In nearly 40% of the global incidents Fortinet handles, the lack of adequate playbooks was a contributing factor that led to the intrusion in the first place.

"Quite often we have found that while the company may have the right tools to detect and respond, there was no, or inadequate, processes around said tools," Hollenberger says. Even with playbooks, he says, analysts still have complex decisions to make based on the details of the compromise. He adds, "Without knowledge and forethought by an analyst, the wrong approach may be taken or ultimately hinder response efforts."

Unsurprisingly, companies and researchers are increasingly trying to apply machine learning and artificial intelligence to playbooks — such as getting recommendations on what steps to take while investigating and responding to an incident. A deep neural network can be trained to outperform current heuristic-based schemes, recommending next steps automatically based on the features of an incident and playbooks represented as a series of steps in a graph, according to a paper published in early November by a group of researchers from Ben-Gurion University of the Negev and technology giant NEC.

The BGU and NEC researchers argue that manually managing playbooks can be untenable in the long run.

"Once defined, playbooks are hard-coded for a fixed set of alerts and are fairly static and rigid," the researchers stated in their paper. "This may be acceptable in the case of investigative playbooks, which may not need to be changed frequently, but it is less desirable in the case of response playbooks, which may need to be changed in order to adapt to emerging threats and novel, previously unseen alerts."

**Proper Reactions Require Playbooks**

Automating the detection, investigation, and response to events are the domains of security orchestration, automation, and response (SOAR) systems, which — among other roles — have become the repositories of playbooks to use in the variety of circumstances firms face during a cybersecurity event.

"The world of security is dealing with probabilities and uncertainties — playbooks are a way to reduce further uncertainty by applying a rigorous process to gain predictable final outcomes," says Josh Blackwelder, deputy chief information security officer at SentinelOne, adding that repeatable outcomes requires the automated application of playbooks through SOAR. "There's no magical way to go from uncertain security alerts to predictable outcomes without a consistent and logical process flow."

SOAR systems are becoming increasingly automated, as their name suggests, and adopting AI/ML models to add intelligence to the systems is a natural next step, according to experts.

Managed detection and response firm Red Canary, for example, currently uses AI to identify patterns and trends that are useful in detecting and responding to threats and reducing the cognitive load on analysts to make them more efficient and effective. In addition, generative AI systems can make it easier to communication both a summary and the technical details of incidents to customers, says Keith McCammon, chief security officer and co-founder of Red Canary.

"We don't use AI to do things like make more playbooks, but we are using it extensively to make execution of playbooks and other security operations processes faster and more effective," he says.

Eventually, playbooks may be fully automated through deep learning (DL) neural networks, the BGU and NEC researchers wrote. "\[W\]e aim at extending our method to support complete end-to-end pipeline where, once an alert is received by the SOAR system, a DL-based model handles the alert and deploys appropriate responses automatically — dynamically and autonomously creating on-the-fly playbooks — and thus reducing the burden on security analysts," they wrote.

Yet giving AI/ML models the ability to manage and update playbooks should be done with care, especially in sensitive or regulated industries, says Andrea Fumagalli, senior director of orchestration and automation for Sumo Logic. The cloud-based security management company uses AI/ML-driven models in its platform and for finding and highlighting threat signals in the data.

"Based on multiple surveys that we've conducted with our customers over the years, they are not comfortable yet having AI adapting, amending, and creating playbooks autonomously, either for security reasons or for compliance," he says. "Enterprise customers want to have full control over what is implemented as incident management and response procedures."

Automation needs to be fully transparent, and one way to do that is by showing all the queries and data to the security analysts. "This allows the user to sanity-check the logic and data that is returned and validate the results before moving to the next step," says SentinelOne's Blackwelder. "We feel this AI-assisted approach is the appropriate balance between the risks of AI and the need to accelerate efficiencies to match the rapidly changing threat landscape."

**About the Author(s)**

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Enhancing Incident Response Playbooks With Machine Learning

PRESS RELEASE

Seattle, Wash., December 4, 2023 – Just two months after Zatik Security opened its doors, it’s announcing its third founding partner and CTO, as well as a curated network of trusted industry partners. Zatik provides top-tier product security guidance for small to medium-sized businesses leveraging a fractional model to make world class expertise accessible.

Today, Zatik is announcing Zack Glick as its third founder and CTO, joining Kymberlee Price (CEO) and Jon Callas (Distinguished Engineer). Glick was previously at Amazon Web Services and brings strong cloud security expertise to the Zatik Security leadership team.

“I am excited to be a founder of Zatik,” said Glick. “Zatik brings flexibility and experience and is able to go in, learn the business, and tailor a security program for each client. I’m looking forward to bringing my background and experience to be part of that.” 

Additionally, Zatik is proud to announce several partnerships to help protect small and medium-sized businesses:

Here is what some of Zatik's partners had to say: 

“When we heard of the highly experienced, innovative, and quality focused team at Zatik we realized it was the security management version of ourselves at IncludeSec! We share the same values of ultra-high quality industry expertise and client service excellence. The partnership between IncludeSec and Zatik is a natural fit as we share the goal of helping companies who are serious about operating securely as they bring products to market.” – Erik Cabetas Founder + Managing Director at Include Security

“We’re happy to partner with Zatik on building security development lifecycle programs that enhance Luta Security’s end-to-end managed vulnerability disclosure and bug bounty programs. Improving security ROI is best with a strong ongoing integration between vulnerability reports and the SDLC.”  – Katie Moussouris, Founder & CEO, Luta Security

“We've been seeing a growing need for best-in-class security maturity at mid-size companies and startups. Appsec as a service, with a seasoned, professional team that would be difficult for an enterprise to recruit and build, let alone mid-size companies and startups, is an incredible value. Zatik is an excellent complement to SideChannel's offerings and we're excited to be partnering together to bring best-in-class security tools to the midmarket.” - David Chasteen, COO of SideChannel

“The future of augmented security teams looks an awful lot like Zatik. We're both proud and excited to be their partner and look forward to the great synergies to come.” - Frank Heidt, CEO of Leviathan Security  
For more information on Zatik Security services, visit https://www.zatik.io. 

About Zatik Security

Founded in 2023, Zatik Security is an employee-owned cooperative. We believe effective cybersecurity should not be out of reach for any company. Zatik Security’s collective of industry experts build high performing security organizations and provide pragmatic world class security guidance for companies of all sizes.  Committed to quality, inclusion, and trust, Zatik Security democratizes access to expert security guidance, making the world a safer, more trustworthy place for generations to come.

Zatik Security Gains Momentum, Announces Co-Founder, CTO, Partner Network

Researchers at Lasso Security found 1,500+ tokens in total that gave them varying levels of access to LLM repositories at Google, Microsoft, VMware, and some 720 other organizations.

Source: Robert Way via Shutterstock

Researchers recently were able to get full read and write access to Meta's Bloom, Meta-Llama, and Pythia large language model (LLM) repositories, in a troubling demonstration of the supply chain risks to organizations using these repositories to integrate LLM capabilities into their applications and operations.

The access would have allowed an adversary to silently poison training data in these widely used LLMs, steal models and data sets, and potentially execute other malicious activities that would heighten security risks for millions of downstream users.

**Exposed Tokens on Hugging Face**

That's according to researchers at AI security startup Lasso Security, who were able to access the Meta-owned model repositories using unsecured API access tokens they discovered on GitHub and the Hugging Face platform for LLM developers.

The tokens they discovered for the Meta platforms were among over 1,500 similar tokens they found on Hugging Face and GitHub that provided them with varying degrees of access to repositories belonging to a total of 722 other organizations. Among them were Google, Microsoft, and VMware.

"Organizations and developers should understand Hugging Face and other likewise platforms aren't working \[to secure\] their users exposed tokens," says Bar Lanyado, a security researcher at Lasso. It's up to developers and other users of these platforms to take the necessary steps to protect their access, he says.

"Training is required while working and integrating generative AI- and LLM-based tools in general," he notes. "This research is part of our approach to shine a light on these kinds of weaknesses and vulnerabilities, to strengthen the security of these types of issues."

Hugging Face is a platform that many LLM professionals use as a source for tools and other resources for LLM projects. The company's main offerings include Transformers, an open source library that offers APIs and tools for downloading and tuning pretrained models. The company hosts — in GitHub-like fashion — more than 500,000 AI models and 250,000 data sets, including those from Meta, Google, Microsoft, and VMware. It lets users post their own models and data sets to the platform and to access those from others for free via a Hugging Face API. The company has raised some $235 million so far from investors that include Google and Nvidia.

Given the platform's wide use and growing popularity, researchers at Lasso decided to take a closer look at the registry and its security mechanisms. As part of the exercise, the researchers in November 2023, tried to see if they could find exposed API tokens that they could use to access data sets and models on Hugging Face. They scanned for exposed API tokens on GitHub and on Hugging Face. Initially, the scans returned only a very limited number of results, especially on Hugging Face. But with a small tweak to the scanning process, the researchers were successful in finding a relatively large number of exposed tokens, Lanyado says.

**Surprisingly Easy to Find Exposed Tokens**

"Going into this research, I believed we would be able to find a large amount of exposed tokens," Lanyado says. "But I was still very surprised with the findings, as well as the simplicity \[with\] which we were able to gain access to these tokens."

Lasso researchers were able to access tokens belonging to several top technology companies — including those with a high level of security — and gain full control over some of them, Lanyado says.

Lasso security researchers found a total of 1,976 tokens across both GitHub and Hugging Face, 1,681 of which turned out to be valid and usable. Of this, 1,326 were on GitHub and 370 on Hugging Face. As many as 655 of the tokens that Lasso discovered had write permissions on Hugging Face. The researchers also found tokens that granted them full access to 77 organizations using Meta-Lama, Pythia, and Bloom. "If an attacker had gained access to these API tokens, they could steal companies' models which in some cases are their main business," Lanyado says. An attacker with write privileges could replace the existing models with malicious ones or create an entirely new malicious model in their name.  Such actions would have allowed an attacker to gain a foothold on all systems using the compromised models, or steal user data, and/or spread manipulated information, he notes.

According to Lanyado, Lasso researchers found several tokens associated with Meta, one of which had write permissions to Meta Llama, and two each with write permissions to Pythia and Bloom. The API tokens associated with Microsoft and VMware had read only privileges, but they allowed Lasso researchers to view all of their private data sets and models, he says.

Lasso disclosed its findings to all impacted users and organizations with a recommendation to revoke their exposed tokens and delete them from their respective repositories. The security vendor also notified Hugging Face about the issue.

"Many of the organizations (Meta, Google, Microsoft, VMware and more) and users took very fast and responsible actions," according to Lasso's report. "They revoked the tokens and removed the public access token code on the same day of the report."

**About the Author(s)**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

Meta AI Models Cracked Open With Exposed API Tokens

Aeroblade flew under the radar, slicing through detection checks on a quest to steal sensitive commercial data.

Source: Phil McDonald via Alamy Stock Photo

A US aerospace company was recently subjected to a nearly yearlong commercial cyberespionage campaign, carried out by a seemingly new threat actor researchers have named "AeroBlade."

Unlike the high-stakes aerospace espionage carried out by major nation-state and ransomware groups in recent years, this latest bout, documented last week by Blackberry, follows a characteristically old script: a phishing bait-and-switch, template injection, VBA macro code, and so on.

Though old hat, the campaign — split into a testing (September 2022) and execution phase (July 2023) — managed to remain undetected for the better part of a year thanks to thorough anti-analysis protections.

The ultimate success of the campaign, and the nature of any data which might have been accessed, is not yet known.

**Aerospace Espionage, via Word**

The two attacks began, as so many before it have, with lure documents encased in phishing emails.

Once clicked, the attachments revealed Microsoft Word documents with scrambled text. The documents also contained a suspicious header: "SOMETHING WENT WRONG Enable Content to load the document."

Mimicking the macros notifications of old, the false flag lured victims into clicking and, unwittingly, retrieving and executing a malicious Microsoft Word template (DOTM) file. Injected in the template was a legible decoy document, as well as the instructions for a second-stage infection.

The final payload at the end of this chain was a dynamic link library (DLL) file acting as a reverse shell. The payload collected and exfiltrated system information and directories, and established persistence by creating a task in Windows Task Scheduler, to trigger every morning at 10:10 AM local time.

**Developing Stealth Techniques**

After its initial "test" attack, AeroBlade returned for real with a series of more advanced stealth techniques built into its payload.

The group's staying power may be at least partly attributed to how careful it was in, for example, diligently checking for characteristic signs of a sandbox environment or antivirus software, and also the many ways in which it obfuscated its malicious code.

For example, the executable used custom encoding for each string, and API hashing with MurmurHash to conceal how it used Windows functions. It also came fitted with a number of anti-disassembly techniques including control flow obfuscation, splicing data into code, and using dead-code executed instructions — code which gets executed, but whose result has no bearing on the rest of the program — to throw off analysts.

Given all of the facts of the case, the researchers concluded "with a high degree of confidence that this was a commercial cyberespionage campaign. Its purpose was most likely to gain visibility over the internal resources of its target in order to weigh its susceptibility to a future ransom demand."

**About the Author(s)**

Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.

'AeroBlade' Group Hacks US Aerospace Company

The DNA testing company believes that the attack has now been contained and is notifying impacted individuals.

Source: MichelMond via Alamy Stock Photo

DNA testing company 23andMe has released further details surrounding an October data breach, where user profile information had been accessed and downloaded at the hands of a threat actor.

On Oct. 1, a threat actor made a post on the Dark Web claiming to possess profile information of 23andMe users; later, the perpetrators released 4 million more records they alleged to be stolen from the company. This led the company to launch an investigation alongside third-party experts. In light of the investigation, 23andMe now reports that the information that was accessed without authorization is a small percentage of user accounts (0.1%).

It also confirmed that the incident was a credential-stuffing attack in which usernames and passwords used for the 23andMe website were the same credentials used for other websites, from which they were stolen.

The compromised information varies from user to user but includes ancestry and health information. The threat actor also accessed user files related to 23andMe's DNA Relatives feature and proceeded to post this information online. 

23andMe now believes that the activity of the threat actor has been contained and is providing notice to impacted individuals. It also requires password changes from its users and implemented a two-step authentication login process for its website. 

Multiple class action claims have been filed against the company, and it expects to spend anywhere between $1 million to $2 million in expenses related to the breach in its third fiscal quarter. 

"The recent breach at 23andMe is a sobering reminder of the sensitivity of genetic data and the need for robust cybersecurity measures. The data accessed is not just a collection of email addresses or passwords but intimate details of an individual's genetic makeup — information that could have serious implications for privacy and could potentially be misused," Javvad Malik, lead security awareness advocate at KnowBe4, wrote in an emailed statement. "Credential stuffing is a known threat and relies on the reuse of passwords across multiple services, highlighting the importance of unique passwords and the use of multifactor authentication to protect accounts — but this incident also shows that the responsibility doesn't end with the end-user. Companies holding such sensitive data must constantly evaluate their security posture and educate users about the best security practices."

23andMe: Data Breach Was a Credential-Stuffing Attack

Multiple agencies warn that attackers have been active since Nov. 22, targeting operational technology (OT) across the US.

Source: roibu via Alamy Stock Photo

Critical infrastructure in multiple US states may have been compromised by Iran-affiliated attackers targeting programmable logic controllers (PLCs).

A warning from the FBI, Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), the Environmental Protection Agency (EPA), and the Israel National Cyber Directorate comes after an attack was detected on a Pennsylvania water authority last week, where the CyberAv3ngers threat group hacked Unitronics Vision Series PLCs.

Researchers believe that the CyberAv3ngers are affiliated with Iranian Government Islamic Revolutionary Guard Corps (IRGC), and are politically motivated to go after the Unitronics PLCs, which have components that are Israeli-owned.

The national intelligence and security agencies are now warning that the attacks extend beyond the Keystone State; beginning on Nov. 22, the cyber actors accessed multiple US-based facilities that utilize Unitronic PLCs with human machine interfaces (including water and wastewater installations), likely by compromising Internet-accessible devices with default passwords. Worse, the attackers may have had access for more than 10 days.

These compromised devices are often exposed to external Internet connectivity due to the remote nature of their control and monitoring functionalities, and by default are on TCP port 20256. Any compromise could render the PLC inoperative, which could lead to the shutdown of the operational technology (OT) responsible for the physical workings of utilities and other industrial control facilities.

The agencies say it is not known whether attackers dug deeper into these PLCs, but warned any organizations running these controllers to evaluate their systems.

**About the Author(s)**

With more than 20 years experience of B2B journalism, including 12 years covering cybersecurity, Dan Raywood brings a wealth of experience and information security knowledge to the table. He has covered everything from the rise of APTs, nation-state hackers, and hacktivists, to data breaches and the increase in government regulation to better protect citizens and hold businesses to account. Dan is based in the U.K., and when not working, he spends his time stopping his cats from walking over his keyboard and worrying about the (Tottenham) Spurs’ next match.

Source

DARKReading