Though the company reports that data was exfiltrated in the breach, it has been remained tightlipped regarding the kind of data that was exposed.

Source: Kumar Sriskandan via Alamy Stock Photo

Avis Car Rental is notifying nearly 300,000 individuals of a data breach it fell victim to in early August.

According to the letter it is sending out to those who have been affected, a threat actor gained unauthorized access to its business applications. The company took steps to end the access and launched an investigation alongside third-party experts, as well as alerted the authorities and notified the Maine Attorney General's Office.

The investigation has led the company to believe that the access was gained between Aug. 3 and Aug. 6, and that some personal identifiable information (PII) was exfiltrated, though the scope of the breach remains unclear.

"While details of the recent Avis intrusion are scant and we're not privy to how disruptive this attack was to Avis corporate employees and the nearly 300,000 customers apparently impacted, I am encouraged by the company's quick response and its implementation of additional safeguards to its systems and customer data," Sean Deuby, principal technologist at Semperis, wrote in an emailed statement to Dark Reading.

Avis is providing complimentary one-year memberships to those who were affected, but they must enroll by Dec. 31. Still, the company recommends that its customers remain vigilant against fraud and identity theft and review their financial statements often, as it works to bolster its cybersecurity protections.

**About the Author**

300K Victims' Data Compromised in Avis Car Rental Breach

Endpoint security has been around for decades, but changes in device use and the quick evolution of new attacks have triggered the development of new security techniques.

Source: Dzmitry Skazau via Alamy Stock Photo

Because of their large attack surface made up of different sets — including laptops, desktops, mobile devices, and servers — endpoints are becoming the primary targets of increasingly sophisticated attacks. This diversity is further complicated by the variety of operating systems (OSs) being run on those devices. In addition, the location of these devices is often no longer tied only to company networks, due to the increase in hybrid and remote work, and more server workloads moving to the cloud.

To meet the growing needs of security teams, the endpoint security market is constantly evolving, albeit at an incremental rate recently. Endpoint security has been around for decades, but changes in device use and the quick evolution of new attacks have triggered the development of new security techniques.

Below are four areas for security professionals to focus on to establish and enhance their endpoint security. While not a comprehensive list, this should help security experts, both new and established, understand the core concepts around endpoint security.

**Baseline Security**

Endpoint protection starts with strong baseline security. Organizations must make optimal use of all of the features their OSes and applications provide that can help with endpoint protection. To do this, security experts should:

*   Use consistent application deployment methods: Restrict application deployments to known sources. Layer on a workflow for updating and maintaining approved applications.
    
*   Perform configuration management: Configure OSes and applications for security. For example, use hardening guidelines and manage browser add-ons and client applications' security capabilities.
    
*   Use auditing and logging: Understanding events on an endpoint starts with auditing and logging the right security events, and with having a process in place to monitor for security events. Aim to establish a single source of truth for endpoint status.
    

While providing a foundation for baseline security, this list is not exhaustive. Security leaders should also look into actions that include managing vulnerabilities for all OSs and managing backups.

**Endpoint Detection and Response**

Endpoint detection and response (EDR) tools store and monitor endpoint events to detect and hunt for suspicious behaviors, and also provide response capabilities to those events. Common events that are monitored include, but are not limited to, execution events, registry events, file events, and network events.

EDR, in its purest form, does not interrupt running processes; instead, it analyzes the resulting events to search for known indicators of compromise or patterns that indicate malicious behavior.

EDR tools can be likened to a data recorder, or "black box," for the endpoint devices on which they are installed. These tools gather telemetry data about the activity happening on those devices and make it available for examination later. Of course, storing the recorded data is not nearly enough — an EDR tool must also be able to present the data to an administrator in a way that enables further analysis using both automated and human-driven means.

**Automated Moving Target Defense**

Automated moving target defense (AMTD) is an emerging technology that focuses on constantly changing the attack surface of a system or network. AMTD makes it harder for attackers to identify and exploit vulnerabilities by dynamically modifying the process structure, memory space, system configurations, software stack, or network characteristics. This proactive approach helps to improve cyber defense and mitigate the risk of successful attacks.

Endpoint defense with AMTD can include:

*   Enhancing memory defense through morphing or enhanced randomization
    
*   Augmenting confidential computing enclaves with AMTD proactive defense
    
*   Enhancing runtime software hardening (polymorphism of code or inputs)
    
*   Automatic endpoint self-healing from known good files storage
    
*   Applying AMTD to file storage or storage access channels (command and storage polymorphing)
    

AMTD for endpoints and endpoint software is a set of technologies that make it harder for attackers to reverse engineer and exploit endpoint OSes and software technologies. AMTD works by introducing unpredictable and frequent changes in the attack surface of the applications and OSs on which it is used.

**Mobile Threat Defense**

The mobile attack landscape has continued to grow and change with the increase of smartphone and tablet sales, and with the proliferation of bring-your-own-device arrangements in enterprises. Every year, we see new statistics claiming hundreds of percentage points of growth in mobile malware.

The MTD market includes vendors that use some combination of the following mobile protection methods for Android and iOS:

*   Behavioral anomaly and configuration detection
    

*   Protection against device attacks, network attacks, and malicious and leaky apps
    
*   Mobile anti-phishing protection
    
*   OS-, hardware- and application-based vulnerability assessment, monitoring, and compliance
    
*   Crowdsourced threat intelligence
    

Baseline security, EDR, AMTD, and MTD are just a few crucial tools security leaders can use to improve their endpoints' resilience against attacks. There continue to be many other layers of security designed to contribute to the protection of endpoints, and security leaders must take a holistic approach, as this topic is foundational for enterprises who will need to adjust their strategy for changing and increased variation in devices, agile work environments, and increasingly sophisticated security threats.

**About the Author**

Director Analyst, Gartner

Eric Grenier is a Director Analyst at Gartner working in the Technical Professionals Security Technology and Infrastructure team, focusing on Endpoint Security including endpoint protection and endpoint detection and response.

How to Establish &amp; Enhance Endpoint Security

The Chinese-speaking group is launching sophisticated malware towards military and satellite targets globally.

Source: ZUMA Press, Inc. via Alamy Stock Photo

A threat actor dubbed "TIDrone" by researchers is actively going after military- and satellite-related industrial supply chains, particularly drone manufacturers in Taiwan.

That's according to Trend Micro, which linked TIDrone to other Chinese-speaking groups and noted that it uses enterprise resource planning (ERP) software or remote desktop tools to deploy advanced, proprietary malware.

"Since the beginning of 2024, we have been receiving incident response cases from Taiwan," according to an analysis from the firm. "\[However\], telemetry from VirusTotal indicates that the targeted countries are varied; thus, everyone should stay vigilant of this threat."

The specialized toolsets include "CXCLNT," which can upload and download files, collect victim information such as file listings and computer names, and comes complete with stealth capabilities. Another weapon is "CLNTEND," a remote access tool (RAT) first seen last April that supports a wide range of network protocols for communication.

Once TIDrone has compromised a target, it deploys user account control (UAC) bypass techniques, credential dumping, and hacktool usage to disable antivirus products, according to the analysis.

"The threat actors have consistently updated their arsenal and optimized the attack chain," the researchers noted. "Notably, anti-analysis techniques are employed in their loaders, such as verifying the entry point address from the parent process and hooking widely used application programming interfaces (APIs) like GetProcAddress to alter the execution flow."

**About the Author**

Tara Seals has 20+ years of experience as a journalist, analyst and editor in the cybersecurity, communications and technology space. Prior to Dark Reading, Tara was Editor in Chief at Threatpost, and prior to that, the North American news lead for Infosecurity Magazine. She also spent 13 years working for Informa (formerly Virgo Publishing), as executive editor and editor-in-chief at publications focused on both the service provider and the enterprise arenas. A Texas native, she holds a B.A. from Columbia University, lives in Western Massachusetts with her family and is on a never-ending quest for good Mexican food in the Northeast.

'TIDrone' Cyberattackers Target Taiwan's Drone Manufacturers

In the past, Putin's Unit 29155 has utilized malware like WhisperGate to target organizations, particularly those in Ukraine.

Source: vchal via Alamy Stock Photo

The United States, alongside several of its allies including the UK, are accusing the Russian military of attacking global critical infrastructure units through malicious cyber operations bent on espionage, sabotage, and reputational damage.

The FBI, NSA, and CISA have published a joint advisory assessing the cyber actors affiliated with the Russian GRU 161st Specialist Training Center, otherwise known as Unit 29155. The group has been active since 2020, but began deploying WhisperGate malware against Ukrainian organizations in January 2022.

In addition to leveraging the malware against Ukrainian victims, the group has also conducted network operations against numerous members of NATO in North America and Europe, as well as targets in Latin America and Central Asia. These operations include website defacements, infrastructure scanning, data exfiltration, and data leaking.

According to the advisory, "Unit 29155 cyber actors are known to target critical infrastructure and key resource sectors, including the government services, financial services, transportation systems, energy, and healthcare sectors."

Though overt attacks on critical infrastructure are concerning, the issue goes further than that.

"While cyberattacks against critical infrastructure are certainly concerning, it is even more concerning to imagine that adversaries could gain access to systems without our knowledge and remain hidden until an issue occurred, and could then be used to take down critical tools, utilities, or communication systems," said Erich Kron, security awareness advocate at KnowBe4. Kron cited "vendors providing services to these critical infrastructure partners" as being at high risk for related attacks as well.

Organizations can mitigate against these kinds of threats by prioritizing routine system updates and remediating known exploited vulnerabilities; segmenting networks to prevent the spread of malware or malicious activity; and enabling phishing-resistant multifactor authentication, especially for webmail, VPNs, and critical system accounts.

Feds Warn on Russian Actors Targeting Critical Infrastructure

The vulnerabilities affect industrial control tech used across the healthcare and critical manufacturing sectors.

Source: PopTika via Shutterstock

This week the US Cybersecurity and Infrastructure Security Agency (CISA) warned about two new industrial control systems (ICS) vulnerabilities in products widely used in healthcare and critical manufacturing — sectors prone to attract cybercrime.

The vulnerabilities affect Baxter's Connex Health Portal and Mitsubishi Electric’s MELSEC line of programmable controllers. Both vendors have issued updates for the vulnerabilities and recommended mitigations that customers of the respective technologies can take to further mitigate risk.

**Baxter Connex Vulnerabilities**

CISA's advisory contained information on two vulnerabilities in Baxter's Connex Health Portal (formerly Hillrom and Welch Allyn) that it described as remotely exploitable and involving low attack complexity. One of the vulnerabilities, assigned as CVE-2024-6795, is a maximum severity (CVSS score of 10.0) SQL injection issue that an unauthenticated attacker can leverage to run arbitrary SQL queries on affected systems. CISA described the flaw as giving attackers the ability to access, modify, and delete sensitive data and take other admin level actions, including shutting down the database.

The other vulnerability in Baxter's Connex Health Portal, tracked as CVE-2024-6796, has to do with improper access control and has a CVSS severity rating of 8.2 on 10. The flaw gives attackers a way to potentially access sensitive patient and clinician information and to modify or delete some of the data. As with CVE-2024-6795, the improper access vulnerability in Baxter Connex Health Portal is also remotely exploitable, involves low attack complexity, and does not require the threat actor to have any special privileges.

Baxter has fixed the issues, but CISA has recommended that affected organizations also minimize network exposure for all control system devices and to make sure they are not accessible from the Internet. CISA also wants organizations to stick firewalls in front of control system networks and to use secure remote access methods such as VPNs where remote access is a requirement.

So far, there is no sign of exploit activity targeting either vulnerability, CISA said. But healthcare technologies have become a major target for cybercriminals in recent years. This year alone, there have been multiple incidents involving major healthcare players. Among the most notable of them was a ransomware attack on health insurance firm Change Healthcare earlier this year that knocked critical-claims-related services offline for days. Though Change Healthcare paid a $22 million ransom to the BlackCat ransomware group following the attack, the threat actor leaked sensitive health information on millions of Americans on the Dark Web anyway. In another incident, attackers — believed to be the Rhysida ransomware group — knocked systems offline at Chicago’s Lurie Children's Hospital and compromised records belonging to more than 790,000 patients.

Multiple factors have contributed to the healthcare sector becoming a major target for cybercriminals. These include the fact that healthcare organizations usually hold a lot of valuable data and are particularly vulnerable to any kind of operational disruptions and degradation in their ability to serve patients.

**Mitsubishi MELSEC Flaws**

Meanwhile CISA's advisory on Mitsubishi Electric's MELSEC programmable controllers for industrial automation and control applications have to do with vulnerabilities the vendor announced previously. One of the advisories involves a #denial of service of vulnerability that Mitsubishi first disclosed in 2020 (CVE-2020-5652) and has kept updating through the years as new issues related to the flaw have continued to crop up. The latest advisory adds more Mitsubishi MELSEC products to the list of affected technologies and provides new information on mitigating against the threat. The other vulnerability, identified as CVE-2022-33324, is also a denial-of-service issue, but one resulting from what CISA described as improper resource shutdown or release. Mitsubishi first disclosed the flaw in December 2022 and has kept updating its advisory with new information. The latest update, which adds new products to the list of affected technologies and provides new mitigation advice, is the company's third just this year for CVE-2022-33324.

Vulnerabilities in ICS and other Information technology products in the manufacturing sector are a particular concern for two reasons: More than 75% of manufacturing companies have unpatched high-severity vulnerabilities in their environment; and attacks against manufacturing companies have surged in recent years. A report that Armis released earlier this year showed a 165% increase in attacks on manufacturing companies in 2023, making it the second-most targeted sector after utilities.

**About the Author**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

CISA Flags ICS Bugs in Baxter, Mitsubishi Products

Vendors of mercenary spyware tools used by nation-states to track citizens and enemies have gotten savvy about evading efforts to limit their use.

Source: Robert Brown via Alamy Stock Photo

Efforts by the US and other governments to curb the development, use, and proliferation of powerful spyware tools like NSO Group's Pegasus and Intellexa Consortium's Predator have largely been unsuccessful. Rather, they appear to have encouraged these espionage retailers to improve their ability to evade detection and do business in the shadows.

Spyware could arguably have some legitimate law enforcement or intelligence gathering use case, however, human-rights-abuse watchers have soundly established tools like Pegasus and Predator as tools employed by authoritarian governments to spy on journalists, dissidents, and citizens, and to police their activity. Western governments (including the US, the UK, and others across Europe) recognize these spyware tools as a threat to human rights and basic freedoms, and have joined to try and stop their use through sanctions and other enforcement actions.

In 2021, the US Department of Commerce sanctioned NSO Group, Candiru Ltd., and two suppliers. In 2023, it added Intellexa Consortium to the list for "trafficking in cyber exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide," according to a Sept. 4 report from The Atlantic Council DFRLab.

Further in 2023, the US proposed blocking government agencies from using commercial spyware and joined with several other countries to pledge to work against the misuse and spread of commercial spyware, DFRLab's report noted. In March of 2024, the US Department of the Treasury also levied sanctions against seven spyware entities. And the following month, the US government also issued Visa restrictions to "promote the accountability for the misuse of commercial spyware," the report added.

It worked for a time. But the market for governments who want to use spyware against their citizens proved too big of a prize for these vendors to miss out on: the Atlantic Council report also highlighted the subsequent return of sanctioned spyware sellers.

"Most available evidence suggests that spyware sales are a present reality and likely to continue," the Atlantic Council admitted. "Proliferation heedless of its potential human rights harms and national security risks, however, is not a stable status quo."

**Predator Spyware Claws Back With Location Obfuscation**

Take Predator as an example. In 2024 Predator spyware use dropped sharply after the company was sanctioned, according to researchers at Insikt Group. But recently, new and improved Predator infrastructure has been detected in more countries, including the Democratic Republic of Congo and Angola.

Updates to the new and improved Predator tool anonymizes customer operations, which obscures which countries are using the spyware, Insikt Group reported in a Sept. 5 report on Predator.

"This change makes it more difficult for researchers and cybersecurity defenders to track the spread of Predator," the report added.

But Predator is hardly the only spyware tool gaming its location to evade oversight. The Atlantic Council's report identifies several ways spyware vendors have adapted to take advantage of jurisdictional gaps, including simply by structuring their businesses with subsidiaries, partners, and other relationships scattered across different areas. Spyware vendors also play games with naming and re-naming their companies and legal entities in an effort to get around sanctions and other regulation.

"The most persistently shifting identity is that of the firm originally known as Candiru Ltd., which changed its name four times over the ensuing nine years, and is known at the time of this writing as Saito Tech Ltd," the Atlantic Council's report noted.

The strategy goes beyond business operations; this jurisdictional shell game also allows these vendors to court investors from a wider range of countries.

"These relocations may offer a variety of location-specific benefits, from facilitating sales to the EU market with an EU-domiciled firm to situating branches in states with more forgiving laws," the Atlantic Council report said.

The good news is, these loopholes could be closed, according to the Atlantic Council, with more controls and scrutiny on spyware investment.

"Improving corporate transparency requirements, such as the US’ recent move to compel companies to report their beneficial owners in line with policies in other countries, will support improved investor due diligence and deal review inside the United States," according to the report. "For vendors located outside the US, a recent notice of proposed rulemaking to extend US security review over some forms of outbound investment could provide the basis to catalog and potentially block investment."

**Spyware Vendors Concentrated in Three Countries**

The Atlantic Council report said the current spyware vendor landscape is heavily concentrated in three areas: Israel, India, and Italy. While there has been a lot of focus on Israeli spyware firms like NSO Group, the Atlantic Council report encourages Western governments to expand their sanctions focus to companies working out of India and Italy as well, two countries that were recently left out of the high-profile international sanctions from the UK and France against cyber intrusion tools, called the Pall Mall Process.

India is home to five prolific spyware vendors, including Aglaya Scientific Aerospace Technology Systems Private Limited and Appin Security Group, and Italy has six, including Memento Labs, Movia SPA, the report points out.

More needs to be done to bring transparency to the spyware market, the Atlantic Council report urged.

"Nascent steps by a handful of countries demonstrate that a more vigorous approach to shape the behavior of spyware vendors, their supply chain, and their investors is possible," its report said. "However, much more remains to be done."

Commercial Spyware Use Roars Back Despite Sanctions

The Biden administration launches an initiative to encourage careers in cybersecurity, as businesses try new tactics to get unfilled IT security roles staffed.

Source: Prisma by Dukas Presseagentur GmbH via Alamy Stock Photo

With more than half a million cybersecurity jobs unfilled nationwide in the US, private enterprise and the federal government alike are focusing efforts to help fill the gap by changing hiring strategies and encouraging careers in IT security.

This week, the White House Office of the National Cyber Director (ONCD), in collaboration with the Office of Management and Budget (OMB), announced the "Service for America" initiative, which is part of the National Cyber Workforce and Education Strategy (NCWES).

The main directive is to recruit and prepare Americans for jobs in cybersecurity, technology, and artificial intelligence (AI). The initiative focuses on creating accessible career pathways by removing degree requirements, and emphasizing skills-based hiring.

To that end, the program promotes work-based learning, such as registered apprenticeships, which allow individuals to earn while they gain new skills. And on the AI front, while it is seen as having the potential to fill some of the perceived workforce gaps, human cybersecurity does not appear to be a role that is going away any time soon — for most AI and related tools, a human element is still vital to decision making.

The announcement comes as the US faces a significant cybersecurity talent shortage, with 225,200 more workers needed to fill nearly 470,000 job openings, according to a June report from CyberSeek.

Despite growing education and training programs, "many Americans do not realize that a cyber career is available to them," National Cyber Director Harry Coker Jr. said in a blog post about the initiative. "There is a perception that you need a computer science degree and a deeply technical background to get a job in cyber."

Federal initiatives are also underway to support neurodivergent candidates and those who are blind and visually impaired. And earlier this year, the administration announced a $244 million investment in apprenticeships for growing industries, including cybersecurity. The initiative also supports community-driven efforts to address local workforce needs through collaboration between employers, educational institutions, and government.

**Cyber Pros With Unconventional Backgrounds**

Erich Kron, security awareness advocate at KnowBe4, said he agreed that many people who work in roles that are not highly technical or related to computer science believe there is no path for them in cybersecurity, even if they have the interest and passion to be great at it. 

"Some of the most amazing cybersecurity talent that I am aware of has come from nontraditional paths, including those in insurance, arts and theater, as well as other seemingly unrelated trades," he said.

Kron added that tapping this well of talent to fill positions in the cybersecurity world has the benefit of infusing nontraditional thought processes and experience into the industry.

"This helps round out defenses and develop ways to defend against cybercriminals through a fresh perspective," he explained.

Meanwhile Shane Fry, CTO of RunSafe Security, said businesses, especially large organizations, tend to favor highly skilled cyber workers with a college degree.

"This can lead to some great candidates, but it also ostracizes a large group of folks that are so passionate about cyber that they picked up the skills on their own and don't have a degree to put on a resume," he said.

He added some of the smartest cyber security professionals he's worked with in his career never even stepped foot on a university campus, let alone finished a degree.

"There's a ton of opportunities for businesses to provide on the job training and external training courses to get people from the fringes of cybersecurity into the cybersecurity fold," Fry said.

That could be changing: a May survey report from the SANS Institute and GIAC found a growing emphasis on certification-based training over traditional degrees, with cybersecurity and HR managers favoring certifications by a 2:1 margin.

**Apprenticeships, Community Engagement**

Recent surveys have also indicated that the so-called "workforce shortage" may be in part to unrealistic demands for qualifications and low salaries — added to the systemic problem of persistently high burnout rates among IT security professionals.

Indicative of the issues is the fact that broke, burned out, or laid-off cybersecurity pros are turning to cybercrime side hustles to make ends meet.

The SANS report for instance found that the cybersecurity talent shortage numbers are driven by headcount gaps, and don't reflect the number of available candidates that have appropriate skills.

And indeed, while most respondents (71%) in the SANS survey said they are committed to recruiting diverse candidates, hiring efforts are hindered by internal confusion, a lack of standardized career paths, and misaligned skill sets, particularly for mid-level roles.

Survey results also indicated many organizations lack alignment between HR and cybersecurity teams, with 37% of managers suggesting HR needs a deeper understanding of cyber roles, and 46% calling for better collaboration.

**Cyber: A Rewarding Profession, But Be Realistic**

Kron noted that for those who understand that cybersecurity can be a stressful, but also incredibly rewarding, type of career field, checking out programs to help accelerate education and a career change is critical.

"It is important that people considering a career in cybersecurity understand some of the challenges of this career path, including the potential to be on call and a requirement to react quickly when incidents occur, even on weekends or in the evenings," Kron explained.

From Fry's perspective, far too many businesses have been apprehensive to spend money on training or skills development; but that's likely an untenable position.

"The impact to those organizations, and the customers of those organizations is that they will continue to fall prey to cybersecurity attacks," he said. "The longer those organizations wait to prioritize cybersecurity and build a cybersecurity pipeline, the farther behind the power curve they will be."

Thus, business' hands may be forced, and the time is right to embrace some of the federal initiatives.

**About the Author**

Nathan Eddy is a freelance journalist and award-winning documentary filmmaker specializing in IT security, autonomous vehicle technology, customer experience technology, and architecture and urban planning. A graduate of Northwestern University’s Medill School of Journalism, Nathan currently lives in Berlin, Germany.

Cybersecurity Talent Shortage Prompts White House Action

The funds from Germany's Sovereign Tech Fund will be used to integrate zero-trust capabilities, tools for software bill of materials, and other security features.

Source: Les Polders via Alamy Stock Photo

The health of the global Internet and digital infrastructure relies heavily on volunteer-maintained open source projects. Various organizations and initiatives now provide funding to make security fixes or improve features for some of these projects.

Last week, the FreeBSD Foundation announced a €686,400 (approximately $762,540) investment from Germany's Sovereign Tech Fund. The foundation drives development and maintenance of the FreeBSD operating system, a Unix-based operating system similar to Linux. The funding from STF is intended to cover work for the rest of 2024 and extend into 2025 and will focus on security features and improvements.

STF is supported by the German Federal Ministry for Economic Affairs and Climate Action (BMWK) and is hosted by the German Federal Agency for Disruptive Innovation (SPRIND). The fund has actively supported open source projects that are important components of the global digital infrastructure, such as €1 million ($1.1 million) for GNOME (a widely used desktop application for Linux operating systems) development at the end of last year and €203,000 ($225,487) to GStreamer (a multimedia framework used widely in streaming apps, embedded devices, and browsers) earlier this year. Several of STF's recent investments are tied to security improvements, such as making the encrypted home directory a GNOME feature and rewriting GStreamer's various Web and networking protocols (RTP/RTCP, RTSP, and WebRTC) from C to Rust to eliminate recurring memory-based vulnerabilities.

The FreeBSD investment will also focus on several security initiatives, such as zero-trust builds, continuous integration/continuous delivery (CI/CD) automation, reducing technical debt, enhancing security controls, and improving tools related to the software bill of materials. Reducing technical debt is important since many vulnerabilities linger on in years-old components that are no longer being maintained or even looked at.

Zero-trust builds refer to the ability to prove where all the source code and tooling used in FreeBSD came from and are trusted. This is necessary to ensure that the tools used (such as compilers) are not introducing backdoors or malware into the code.

The focus on CI/CD automation is necessary to streamlining software delivery and operations. It will allow for constantly running security tests to ensure that changes have not introduced vulnerabilities and fixing them as they are found.

"This investment in critical digital infrastructure will accelerate modernization of FreeBSD, enhance security hygiene, and improve developer experiences," said Fiona Krakenbürger, co-founder of STF, in a statement.

STF has supported a slew of other open source projects, including curl, FFmpeg, Rustls (a TLS library written in Rust), and Coreutils uutils (the coreutils library with basic file, shell, and text functions rewritten in Rust).

FreeBSD Gets €686,400 to Boost Security Features

At Black Hat USA, security researcher Michael Bargury released a "LOLCopilot" ethical hacking module to demonstrate how attackers can exploit Microsoft Copilot — and offered advice for defensive tooling.

Source: Marcos Alvarado via Alamy Stock Photo

BLACK HAT USA – Las Vegas – Thursday, Aug. 8 – Enterprises are implementing Microsoft's Copilot AI-based chatbots at a rapid pace, hoping to transform how employees gather data and organize their time and work. But at the same time, Copilot is also an ideal tool for threat actors.

Security researcher Michael Bargury, a former senior security architect in Microsoft's Azure Security CTO office and now co-founder and chief technology officer of Zenity, says attackers can use Copilot to search for data, exfiltrate it without producing logs, and socially engineer victims to phishing sites even if they don't open emails or click on links.

Today at Black Hat USA in Las Vegas, Bargury demonstrated how Copilot, like other chatbots, is susceptible to prompt injections that enable hackers to evade its security controls.

The briefing, Living off Microsoft Copilot, is the second Black Hat presentation in as many days for Bargury. In his first presentation on Wednesday, Bargury demonstrated how developers could unwittingly build Copilot chatbots capable of exfiltrating data or bypassing policies and data loss prevention controls with Microsoft's bot creation and management tool, Copilot Studio.

**A Red-Team Hacking Tool for Copilot**

Thursday's follow-up session focused on various risks associated with the actual chatbots, and Bargury released an offensive security toolset for Microsoft 365 on GitHub. The new LOLCopilot module, part of powerpwn, is designed for Microsoft Copilot, Copilot Studio, and Power Platform.

Bargury describes it as a red-team hacking tool to show how to change the behavior of a bot, or "copilot" in Microsoft parlance, through prompt injection. There are two types: A direct prompt injection, or jailbreak, is where the attacker manipulates the LLM prompt to alter its output. With indirect prompt injections, attackers modify the data sources accessed by the model.

Using the tool, Bargury can add a direct prompt injection to a copilot, jailbreaking it and modifying a parameter or instruction within the model. For instance, he could embed an HTML tag into an email to replace a correct bank account number with that of the attacker, without changing any of the reference information or altering the model with, say, white text or a very small font.

"I'm able to manipulate everything that Copilot does on your behalf, including the responses it provides for you, every action that it can perform on your behalf, and how I can personally take full control of the conversation," Bargury tells Dark Reading.

Further, the tool can do all of this undetected. "There is no indication here that this comes from a different source," Bargury says. "This is still pointing to valid information that this victim actually created, and so this thread looks trustworthy. You don't see any indication of a prompt injection."

**RCE = Remote "Copilot" Execution Attacks**

Bargury describes Copilot prompt injections as tantamount to remote code-execution (RCE) attacks. While copilots don't run code, they do follow instructions, perform operations, and create compositions from those actions.

"I can enter your conversation from the outside and take full control of all of the actions that the copilot does on your behalf and its input," he says. "Therefore, I'm saying this is the equivalent of remote code execution in the world of LLM apps."

During the session, Bargury demoed what he describes as remote Copilot executions (RCEs) where the attacker:

*   Exfiltrates data in advance of an earnings report to trade on that information
    
*   Makes Copilot a malicious insider that directs users to a phishing site to harvest credentials
    

Bargury isn't the only researcher who has studied how threat actors could attack Copilot and other chatbots with prompt injection. In June, Anthropic detailed its approach to red team testing of its AI offerings. And for its part, Microsoft has touted its red team efforts on AI security for some time.

**Microsoft's AI Red Team Strategy**

In recent months, Microsoft has addressed newly surfaced research about prompt injections, which come in direct and indirect forms.

Mark Russinovich, Microsoft Azure’s CTO and technical fellow, recently discussed various AI and Copilot threats at the annual Microsoft Build conference in May. He emphasized the release of Microsoft's new Prompt Shields, an API designed to detect direct and indirect prompt injection attacks.  

"The idea here is that we're looking for signs that there are instructions embedded in the context, either the direct user context or the context that is being fed in through the RAG \[retrieval-augmented generation\], that could cause the model to misbehave," Russinovich said.

Prompt Shields is among a collection of Azure tools Microsoft recently launched that are designed for developers to build secure AI applications. Other new tools include Groundedness Detection to detect hallucinations in LLM outputs, and Safety Evaluation to detect an application's susceptibility to jailbreak attacks and creating inappropriate content.

Russinovich also noted two other new tools for security red teams: PyRIT (Python Risk Identification Toolkit for generative AI), an open source framework that discovers risks in generative AI systems. The other, Crescendomation, automates Crescendo attacks, which produce malicious content. Further, he announced Microsoft’s new partnership with HiddenLayer, whose Model Scanner is now available to Azure AI to scan commercial and open source models for vulnerabilities, malware or tampering.

**The Need for Anti-"Promptware" Tooling**

While Microsoft says it has addressed those attacks with safety filters, AI models are still susceptible to them, according to Bargury.

He says in specific, there's a need for more tools that scan for what he and other researchers call "promptware," i.e., hidden instructions and untrusted data. "I'm not aware of anything you can use out of the box today \[for detection\]," Bargury says.

"Microsoft Defender and Purview don't have those capabilities today," he adds. "They have some user behavior analytics, which is helpful. If they find the copilot endpoint having multiple conversations, that could be an indication that they're trying to do prompt injection. But actually, something like this is very surgical, where somebody has a payload, they send you the payload, and \[the defenses\] aren't going to spot it."

Bargury says he regularly communicates with Microsoft's red team and notes they are aware of his presentations at Black Hat. Further, he believes Microsoft has moved aggressively to address the risks associated with AI in general and its own Copilot specifically.

"They are working really hard," he says. "I can tell you that in this research, we have found 10 different security mechanisms that Microsoft's put in place inside of Microsoft Copilot. These are mechanisms that scan everything that goes into Copilot, everything that goes out of Copilot, and a lot of steps in the middle."

**About the Author**

Jeffrey Schwartz is a journalist who has covered information security and all forms of business and enterprise IT, including client computing, data center and cloud infrastructure, and application development for more than 30 years. Jeff is a regular contributor to Channel Futures. Previously, he was editor-in-chief of Redmond magazine and contributed to its sister titles Redmond Channel Partner, Application Development Trends, and Virtualization Review. Earlier, he held editorial roles with CommunicationsWeek, InternetWeek, and VARBusiness. Jeff is based in the New York City suburb of Long Island.

How to Weaponize Microsoft Copilot for Cyberattackers

Microsoft execs detailed the company's reaction to the CrowdStrike incident and emphasized the value of a collective identity.

Ann Johnson, Corporate Vice President and Deputy CISO at Microsoft, and Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft, on the main stage at Black Hat USA.Source: Kristina Beek

BLACK HAT USA – Las Vegas – Wednesday, Aug. 7 – This week at Black Hat, Ann Johnson, corporate vice president and deputy chief information security officer (CISO) at Microsoft, and Sherrod DeGrippo, Microsoft's director of threat intelligence strategy, took to the main stage for their talk, "From the Office of the CISO: Smarter, Faster, Stronger, Security in the Age of AI." While attendees may have expected a discussion focused on ways that AI can help the effectiveness of cybersecurity tools, one could say that Johnson and DeGrippo decided to go off script.

"Does anyone remember a couple of weeks ago, there was like a little glitch?" DeGrippo asked the crowd, referring to the recent global CrowdStrike outage and earning a laugh in response.

The fault sensory configuration update to CrowdStrike's Falcon platform on July 19 triggered Microsoft outages for millions, and "blue screens of death" as far as the eye could see. As the days passed, the fallout continued to grow, with the estimated monetary loss amounting to roughly $5.4 billion, excluding Microsoft's own losses.

Johnson went on to give the audience the lowdown from someone who was there and witnessed the effects of the outage firsthand. The evening before the incident, Microsoft found itself dealing with a limited scope package in Azure in one of its US regions. 

"At 11:30 that night, it was remediated, was resolved, and I went to bed," Johnson said. "I was like 'OK, we're good.' At 1 in the morning, maybe 1:15, my phone rang with a customer \[who\] said 'Hey, I’m getting this blue screen of death.'"

Other calls started coming in, and she realized this wasn't connected to the Azure outage. Johnson explained that Microsoft then "rallied the troops" to face the problem.

"The pride I had, not just in Microsoft but those people that were literally working in shifts … these folks were working around the clock," she says. "The industry was working around the clock. And even though it was the operations folks that were most impacted, not the cyber folks, the resilience, the community, the things I saw in the industry were so powerful that yet again, it renews my faith that we all can win together."

Johnson’s take on the event is that the response to it from professionals was "incredible" to witness. However, what is the lesson to be learned?

**Community Is No. 1**

As DeGrippo detailed, the Microsoft Threat Intelligence Center (MSTIC) is focused on working closely with customers regarding intelligence briefings, and is "embedded" in its community of independent researchers, fellow vendors, and even colleagues at healthcare organizations and in other verticals.

For instance, Scattered Spider, a group responsible for a significant number of ransomware events in the past 18 months, is a persistent group that Microsoft has paid close attention to. Microsoft's community, from MSTIC to its Digital Crimes Unit (DCU), DeGrippo says, is eager to combat the group, helping law enforcement efforts. And it's not just Microsoft that does this, Johnson insists — its peers in the industry are also working with the public sector to defend people from the threat actor, sharing tactics and defense strategies. 

"For everything you see in the news, there are thousands of \[malicious\] things that haven’t happened because all the people in this room stopped it from happening," Johnson told Black Hat attendees. "Take a victory lap and a round of applause. Yeah, there’s bad things that are going to continue to happen. But all you stop the thousands of other things from happening, and that’s what community does."

**AI in the Hands of Threat Actors & Defenders**

Part of improving the community going forward is embracing technologies that make defenders' lives easier. For instance, as GenAI continues to grow in popularity, threat actors will use it to their advantage. According to Johnson, they'll use it to become more effective and efficient at what they do, making them more difficult to combat. What should defenders do in response? The exact same thing. 

"We want to use technology like AI or whatever the latest technology is to make you more effective, so you can take that time off," she said, referencing how new strategies and tools are needed to ensure that cyber defenders have less burnout. Events like the CrowdStrike Falcon update snafu and the resulting Microsoft outage should not require people to sacrifice their health or time with family while "working hours on end to combat the issues we’re collectively facing," Johnson said.

She added, "AI does have a very meaningful role in the world of the CISO and in the world of cyber defenders, but … we want to talk about the human beings, the community, the defenders."

Source

DARKReading