Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog.

This issue affects Docker Desktop: before 4.12.0.



CVE-2023-0625: Docker Desktop release notes

Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL.

This issue affects Docker Desktop: before 4.23.0.



CVE-2023-5166: Docker Desktop release notes

Directory Traversal vulnerability in itechyou dreamer CMS v.4.1.3 allows a remote attacker to execute arbitrary code via the themePath in the uploaded template function.

**后台存在任意文件读取编辑漏洞**

使用模板管理功能时会拼接当前模板中的themePath,themePath来自于模板  
  
  

使用风格管理功能，上传新的主题包，并在theme.json中指定themePath为../../../../../../  
  

使用新主题包去访问模板管理功能，就可以造成目录穿越，并且可以编辑  

Java

1

https://gitee.com/iteachyou/dreamer\_cms.git

git@gitee.com:iteachyou/dreamer\_cms.git

iteachyou

dreamer\_cms

Dreamer CMS（梦想家CMS内容管理系统）

CVE-2023-43382: 后台存在任意文件读取编辑漏洞 · Issue #I821AI · www.iteachyou.cc/Dreamer CMS（梦想家CMS内容管理系统） - Gitee.com

Cross-Site Scripting (XSS) vulnerability in cmsmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload injected into the Database Name, DataBase User or Database Port components.

*   *   Actions
        
        Automate any workflow
        
    *   Packages
        
        Host and manage packages
        
    *   Security
        
        Find and fix vulnerabilities
        
    *   Codespaces
        
        Instant dev environments
        
    *   Copilot
        
        Write better code with AI
        
    *   Code review
        
        Manage code changes
        
    *   Issues
        
        Plan and track work
        
    *   Discussions
        
        Collaborate outside of code
        
    

*   *   GitHub Sponsors
        
        Fund open source developers
        
    
    *   The ReadME Project
        
        GitHub community articles
        
    
*   Pricing

**Search code, repositories, users, issues, pull requests...**

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

CVE-2023-43339: CVE-2023-43339-CMSmadesimple-Reflected-XSS---Installation/README.md at main · sromanhu/CVE-2023-43339-CMSmadesimple-Reflected-XSS---Installation

By Waqas
Stealth Falcon APT group is notorious for its cyber-espionage campaigns in the Middle East.
This is a post from HackRead.com Read the original post: Deadglyph: A New Backdoor Linked to Stealth Falcon APT in the Middle East

ESET warns that Deadglyph is a highly sophisticated backdoor that is mixed with different programming languages to add an extra layer of complexity.

The Middle East has once again found itself in the crosshairs of a new cybersecurity threat. Recent findings by experts at ESET Research have unveiled a highly sophisticated and previously unknown cyber-espionage tool they’ve dubbed “Deadglyph.”

This discovery is a significant development in the world of cybersecurity, as it’s the first time this secretive threat has been publicly analyzed. Even more concerning, Deadglyph has been traced back to the Stealth Falcon APT group, notorious for its cyber-espionage campaigns in the Middle East.

****What is Deadglyph?****

Deadglyph gets its name from distinctive artifacts found within the malicious software. These artifacts, such as “0xDEADB001,” and the use of homoglyph attacks (where similar-looking characters replace regular ones) indicate a high level of sophistication behind its design. It’s important to note that this isn’t your typical cyber threat; it’s a highly advanced and covert tool.

****Unusual Architecture Raises Concerns****

One of the standout features of Deadglyph is its unique architecture. Unlike most malware that relies on a single programming language, Deadglyph uses a combination of two: an x64 binary and a .NET assembly. This is quite unusual and suggests that the creators went to great lengths to make it harder to analyze. Mixing different programming languages also adds an extra layer of complexity.

What sets Deadglyph apart is that it doesn’t come with pre-set commands like traditional malware. Instead, it fetches its instructions from a remote server, giving it a flexible and adaptable nature.

****The Stealth Falcon APT Group****

The experts at ESET Research have connected Deadglyph to the Stealth Falcon APT group. This group has been active since 2012 and is believed to have ties to the United Arab Emirates. Its primary targets include political activists, journalists, and dissidents in the Middle East. The group’s activities were first exposed by Citizen Lab in 2016.

There are suggestions that Stealth Falcon and another group called Project Raven are one and the same, as they seem to have overlapping targets and tactics. The revelation of Deadglyph adds another layer of complexity to this enigmatic group’s toolkit.

****Breaking Down Deadglyph’s Operation****

Deadglyph’s operation is a complex chain of events. It starts with a registry shellcode loader that’s used to load shellcode from the Windows registry. This shellcode, in turn, loads the main part of Deadglyph, known as the Executor. What’s unique is that only the initial loader exists as a file on the victim’s computer; the rest remains encrypted within a registry entry.

While the exact method of infection isn’t clear, it’s suspected that an installer component plays a role in getting the malicious code onto a victim’s system.

****The Role of the Orchestrator****

The Orchestrator, written in .NET, is the central component of Deadglyph. Its primary job is to communicate with a remote server and execute commands, often with the help of the Executor. The Orchestrator is highly obfuscated, making it even more challenging to analyze. In essence, it acts as the control center for Deadglyph’s operations.

****Communication and Commands****

According to ESET’s report, Deadglyph uses two embedded modules, Timer and Network, for communication with its remote server. These modules are obfuscated as well. The Timer module executes tasks at set intervals, while the Network module handles communication with the server. Deadglyph also has the ability to uninstall itself if it loses contact with the server for an extended period.

****Modules: The Heart of Deadglyph****

Deadglyph’s core capabilities are delivered through additional modules obtained from the server. ESET researchers managed to obtain three such modules, shedding light on Deadglyph’s potential. However, it’s believed that there could be as many as fourteen modules in total, each adding unique functionality.

*   **Process Creator (Module 0x69)**: This module can execute specific commands as new processes and provide the results back to Deadglyph’s control center.
*   **Info Collector (Module 0x6C)**: This module gathers extensive information about the infected system, including operating system details, installed software, network adapters, and more.
*   **File Reader (Module 0x64)**: This module reads specified files and shares their contents, with an option to delete the files afterward.

****Multistage Shellcode Downloader Chain****

While investigating Deadglyph, ESET researchers stumbled upon a complex multistage shellcode downloader chain. This chain is believed to be used in the installation process of Deadglyph and shares similarities with the main threat.

The chain involves multiple stages, starting with a CPL file designed to download shellcode. This shellcode is then injected into a host process, ultimately leading to the loading of a .NET assembly that serves as a shellcode downloader.

****In Conclusion: A Disturbingly Complex Threat****

The discovery of Deadglyph shines a spotlight on the ever-evolving tactics of APT groups, particularly those targeting the Middle East. Its intricate architecture, dynamic modules, and counter-detection mechanisms make it a formidable digital threat. Organizations and individuals in the region need to remain vigilant and ensure their cybersecurity measures are up to the task of defending against such advanced threats.

****RELATED ARTICLES****

Chinese APT Flax Typhoon uses legit tools for cyber espionage

Chinese APT Slid Fake Signal, Telegram Apps onto Official App Stores

Deadglyph: A New Backdoor Linked to Stealth Falcon APT in the Middle East

OPNsense versions 23.1.11_1, 23.7.3, and 23.7.4 suffer from cross site scripting vulnerabilities that can allow for privilege escalation.

Advisory X41-2023-001: Two Vulnerabilities in OPNsense  
===========================================================  
Highest Severity Rating: High  
Confirmed Affected Versions: 23.1.11_1, 23.7.3, 23.7.4  
Confirmed Patched Versions: Commit 484753b2abe3fd0fcdb73d8bf00c3fc3709eb8b7  
Vendor: Deciso B.V. / OPNsense  
Vendor URL: https://opnsense.org  
Credit: X41 D-Sec GmbH, Yasar Klawohn and JM  
Status: Public   
Advisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2023-001-opnsense

Summary and Impact  
------------------  
The OPNsense dashboard displays widgets with information about the system,  
running services, gateways and more. These widgets can be arranged in  
different orders and columns. The values for the number of columns and the  
order of widgets are stored server-side and are the same for all users of an  
OPNsense instance. They are reflected unmodified on every visit. This can be  
abused by a low-privileged attacker to inject their own content into the  
page, enabling a cross-site scripting (XSS) attack that can result in  
privilege escalation.

Product Description  
-------------------  
OPNsense is an open source, FreeBSD-based firewall and routing operating  
system. It includes many features of commercial firewalls and can be managed  
entirely via its web GUI.

Stored XSS in the OPNsense Dashboard via the column_count Parameter  
===================================================================  
Severity Rating: High  
Vector: Network  
CWE: 79  
CVSS Score: 8.0  
CVSS Vector: 3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H  
Credit: X41 D-Sec GmbH, Yasar Klawohn

Analysis  
--------  
The number of columns displayed in the dashboard is set via an HTTP POST  
request to /index.php, using the column_count request parameter. This  
parameter is not properly escaped when returned to the client. To exploit  
this issue, the payload "><script>alert(1)</script> is submitted as part of  
the column_count parameter. This input is reflected unmodified in the  
response and on any subsequent visit to the dashboard by any user. Only the  
"Lobby: Login / Logout / Dashboard" permission is required to abuse this  
issue.

Once the server receives the POST request, the column_count parameter is  
written unmodified into the configuration:

} elseif ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_POST['origin'])  
            && $_POST['origin'] == 'dashboard') {  
    // ...  
    if (!empty($_POST['column_count'])) {  
        $config['widgets']['column_count'] = $_POST['column_count'];  
    } elseif(isset($config['widgets']['column_count'])) {  
        unset($config['widgets']['column_count']);  
    }  
    write_config('Widget configuration has been changed');  
    header(url_safe('Location: /index.php'));  
    exit;  
}  
// from:  
// https://github.com/opnsense/core/blob/2306449329e462364c07317b23a1f257779a4fc8/src/www/index.php#L66-L79

If the column_count parameter is not empty, it is used unmodified: 

// ...  
if ($_SERVER['REQUEST_METHOD'] === 'GET') {  
    $pconfig = $config['widgets'];  
    // ...  
    $pconfig['column_count'] =  
       !empty($pconfig['column_count']) ? $pconfig['column_count'] : 2;  
    // ...  
// from:  
// https://github.com/opnsense/core/blob/306449329e462364c07317b23a1f257779a4fc8/src/www/index.php#L42

Below, the unmodified value is written:

  
<section class="page-content-main">  
  <form method="post" id="iform">  
    <input type="hidden" value="dashboard" name="origin" id="origin" />  
    <input type="hidden" value="" name="sequence" id="sequence" />  
    <input type="hidden" value="<?= $pconfig['column_count'];?>"  
        name="column_count" id="column_count_input" />  
  </form>  
  


Proof of Concept  
----------------  
Log in as root. On the left side, go to System -> Access -> Users, and add a  
new user. For "Effective Privileges", only select "Lobby: Login / Logout /  
Dashboard". The user is now only able to view the dashboard and the help  
pages.

Log in as that newly created user and open your browser's network monitor.  
In the OPNsense dashboard, select "1 column" from the top right and then  
press "save settings". Repeat the POST request and replace the column_count  
variable with

column_count=1"><script>alert(1)</script>

Now, log in as admin again, you should see an alert box resulting from the  
following HTML response:

<form method="post" id="iform">  
      
    <input type="hidden" value="1">  
        <script>alert(1)</script>"  
        name="column_count" id="column_count_input" />  
</form>

This is the stored XSS and can result in privilege escalation. The OPNsense  
developers did apply a Content-Security-Policy, but unfortunately allow  
unsafe-inline and unsafe-eval for scripts, which does not prevent the  
exploitation of this vulnerability.

Stored XSS in the OPNsense Dashboard via the sequence Parameter  
===============================================================  
Severity Rating: High   
Vector: Network  
CWE: 79  
CVSS Score: 8.0  
CVSS Vector: 3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H  
Credit: X41 D-Sec GmbH, JM and Yasar Klawohn

Analysis  
--------  
The order in which the widgets are displayed in the Dashboard is set via an  
HTTP POST request to /index.php, using the sequence request parameter. This  
parameter is not properly escaped when returned to the client. To exploit  
this issue, the payload "><script>alert(1)</script> is submitted as part of  
the sequence parameter. This input is reflected unmodified in the response  
and on any subsequent visit to the dashboard by any user. Only the "Lobby:  
Login / Logout / Dashboard" permission is required to abuse this issue.

The order in which widgets are displayed on the dashboard can be set in the  
same POST request, via the sequence parameter. The sequence parameter has the  
following format:

sequence=services_status-container:00000000-col3:show,  
    interface_list-container:00000001-col4:show,  
    gateways-container:00000002-col4:show

Once the server receives the POST request, the sequence parameter is written  
unmodified into the configuration:

} elseif ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_POST['origin'])  
            && $_POST['origin'] == 'dashboard') {  
    if (!empty($_POST['sequence'])) {  
        $config['widgets']['sequence'] = $_POST['sequence'];  
    } elseif (isset($config['widgets']['sequence'])) {  
        unset($config['widgets']['sequence']);  
    }  
    // ...  
    write_config('Widget configuration has been changed');  
    header(url_safe('Location: /index.php'));  
    exit;  
}  
// from:  
// https://github.com/opnsense/core/blob/cbaf7cee1f0a6fabd1ec4c752a5d169c402976dc/src/www/index.php#L66-L80

When serving a GET request, the sequence parameter is returned unmodified,  
starting with a read of its value from the configuration:

// ...  
$pconfig = $config['widgets'];  
// set default dashboard view  
$pconfig['sequence'] = !empty($pconfig['sequence']) ?  
    $pconfig['sequence'] : '';  
// ...  
// from:  
// https://github.com/opnsense/core/blob/2306449329e462364c07317b23a1f257779a4fc8/src/www/index.php#L39-L41

sequence is then split by comma and further split by colon into name,  
sortKey, and state. The list of widgets is sorted on the server side using  
the sortKey.

$widgetSeqParts = explode(",", $pconfig['sequence']);  
foreach (glob('/usr/local/www/widgets/widgets/*.widget.php') as $php_file) {  
    $widgetItem = array();  
    // [...]  
    foreach ($widgetSeqParts as $seqPart) {  
        $tmp = explode(':', $seqPart);  
        if (count($tmp) == 3 &&  
            explode('-', $tmp[0])[0] == $widgetItem['name']  
        ) {  
            $widgetItem['state'] = $tmp[2];  
            $widgetItem['sortKey'] = $tmp[1];  
        }  
    }  
    $widgetCollection[] = $widgetItem;  
}  
// sort widgets  
usort($widgetCollection, function ($item1, $item2) {  
    return strcmp(strtolower($item1['sortKey']),  
        strtolower($item2['sortKey']));  
});  
// from:  
// https://github.com/opnsense/core/blob/2306449329e462364c07317b23a1f257779a4fc8/src/www/index.php#L44-L65

Finally, the sortKey is written unescaped into an HTML attribute:

<section  
    class="widgetdiv"  
    data-sortkey="<?=$widgetItem['sortKey'] ?>"  
    id="<?=$widgetItem['name'];?>"  
    style="display:<?=$divdisplay;?>;"  


Proof of Concept  
----------------  
Log in as root. On the left side, go to System -> Access -> Users, and add a  
new user. For "Effective Privileges", only select "Lobby: Login / Logout /  
Dashboard". The user is now only able to view the dashboard and the help  
pages.

Log in as that newly created user and open your browser's network monitor. In  
the OPNsense dashboard, reorder the widgets via drag-and-drop, then press  
"save settings".

Repeat the POST request and replace the sequence variable with

sequence=gateways-container:1"><script>alert(1)</script>-col4:show

Now, log in as admin again, you should see an alert box resulting from the  
following HTML response:

<div class="container-fluid">  
      
        <section class="widgetdiv" data-sortkey="1">  
            <script>alert(2)</script>  
            -col4" id="gateways"  style="display:block;">

This is the stored XSS and can result in privilege escalation.

The OPNsense developers did apply a Content-Security-Policy, but  
unfortunately allow unsafe-inline and unsafe-eval for scripts, which does not  
prevent the exploitation of this vulnerability.

Workarounds  
===========

Remove all effective privileges for /index.php* of low-privilege users.

Timeline  
========  
2023-09-13: Problem discovered

2023-09-14: Write-up and discovery of second finding

2023-09-19: Disclosure to Deciso B.V. / OPNsense

2023-09-19: Issue fixed upstream by Deciso B.V. / OPNsense

2023-09-20: CVE requested

2023-09-20: Informed Deciso B.V. / OPNsense that we will make the issues  
public the following day, since the patch is public

2023-09-21: Release of advisory

About X41 D-Sec GmbH  
====================  
X41 is an expert provider for application security services.  
Having extensive industry experience and expertise in the area of information  
security, a strong core security team of world class security experts enables  
X41 to perform premium security services.

Fields of expertise in the area of application security are security centered  
code reviews, binary reverse engineering and vulnerability discovery.  
Custom research and IT security consulting and support services are core  
competencies of X41.

OPNsense 23.1.11_1 / 23.7.3 / 23.7.4 Cross Site Scripting / Privilege Escalation

An issue in Gevent Gevent before version 23.9.1 allows a remote attacker to escalate privileges via a crafted script to the WSGIServer component.

**Gevent allows remote attacker to escalate privileges**

Moderate severity GitHub Reviewed Published Sep 25, 2023 to the GitHub Advisory Database • Updated Sep 25, 2023

GHSA-x7m3-jprg-wc5g: Gevent allows remote attacker to escalate privileges

By Owais Sultan
When setting up an E-commerce store, keep two things in mind: website design and mobile friendliness Remember the…
This is a post from HackRead.com Read the original post: E-commerce Website Design: How to Build a Successful Online Store in 2023

When setting up an E-commerce store, keep two things in mind: website design and mobile friendliness

Remember the feeling you had when holding the desk globe? The whole world seemed to be at the tips of your fingers and you could easily reach any desirable point. Well, that’s how E-commerce works 一 regardless of location, it is possible to develop influence and reach clients anywhere in the world provided you build a smart online presence.

If you are on your way to establishing an E-commerce store, let’s define the major steps to take to make your enterprise visible among the competitors. 

****How to Build an E-commerce Website?****

The main objective of E-commerce is to create an enjoyable and seamless journey for every customer through the sales funnel and turn them into loyal clients. 

1.  **Define the business model**

There are four basic business models that define the direction of your enterprise:

*   B2C 一 Business-to-customer 一 business sells products to customers.
*   B2B 一 Business-to-business 一 business sells products to other businesses.
*   C2C 一 Customer-to-customer 一 a marketplace where customers sell or exchange goods.
*   C2B 一 Customer-to-business 一 individuals sell their products and services to businesses. 

2.  **Choose an E-commerce website builder**

A website is the foundation of the online store, as it attracts customers and leads to sales improvements. A transfer from a brick-and-mortar shop to an E-commerce may take time and a great deal of knowledge regarding the construction of the website. Therefore, there is a better and faster solution to follow 一 the  E-commerce platforms, which offer a wide range of options to cover various needs and requests of the customers regarding the E-commerce websites. 

The well-known platforms are _Wix, Amazon, WordPress, Magento, BigCommerce, Shopify,_ etc. They all offer different modes of functioning:

*   If an owner of a website has no knowledge of programming and has no intention to hire a team of programmers, they can be offered simple and non-customizable options, which will help them process the sales, yet the identity of the company may suffer.
*   If an owner is willing to create the whole environment of the company, and set its tone of voice and brand identity, it’s worth choosing the customizable solution and entrusting all the adjustments to professionals like web development company Emerline, as such an approach will make you visible is the endless ocean of E-commerce shops. 

3.  **Engaging web design**

When considering the features of a site for the E-commerce industry, it is important to keep the user experience as the priority, as they are the force behind your success. If the website offers its clients a seamless and non-obstructive shopping experience, they will be back in the sales funnel when they need your service or goods. 

****What Are the Most Important Things to Consider?****

1.  **Responsiveness of the website**

An average shopper will spend approximately 3-3.18 minutes for an E-commerce store, that’s the amount of time given to grasp one’s attention and engage in active shopping. When the website loads slowly (which can be the result of a poor hosting service), the user gets irritated, and will not even proceed to product search. Moreover, poor website performance will ruin the positive image of the brand. 

2.  **Call to action (CTA)**

When customizing the website to users’ needs, it is vital to walk the whole way to the ‘submit’ button in their shoes. An E-commerce store is typically full of items on the page, and not all users can quickly figure out what to do next. The majority of the users will just leave, if the procedure isn’t clear, and only a few will stay if you offer very low pricing compared to competitors. Hence, use the “click here,” “choose the item,” “proceed to the next stage,” etc. verbal and visual clues to let them complete the purchase. 

3.  **Shopping cart and check-out**

What is the worst nightmare for users who dedicated their priceless time to an E-commerce store? Registration of a new user. Make sure the developers add the ‘quick registration,’ otherwise, the customer is gone. There should be a few registration options 一 for loyal (registered) clients, and newcomers (non-registered). The quick options are typically through social networks, phones, or e-mails.

The payment option should also be based on all the available options nowadays 一 PayPal, traditional debit/credit cards, digital wallets, etc., as the inconvenience with payment will force the clients to look for more convenient options. 

4.  **About us**

While the owners of an E-commerce store consider this page as “the last on the list”, it is an important part of the user’s research. The customer of today is showered with shopping options, which makes them quite finicky, they don’t just want to buy the goods, they want to see the story behind the company, as it creates its value. It is important to elaborate on the text, be respectful to the customers, and not give too many details, yet manage to keep their attention. 

5.  **Mobile-friendly website**

Our society lives at hyper-speed, and people do everything on the go. Therefore, they will rather order something using their smartphone, than wait till they switch on the laptop or PC. A mobile-friendly option shows care for the customer and respect for their time. 

****The Bottom Line****

Having an E-commerce store is a cornerstone of business development. It opens up new opportunities and makes the store visible to the whole world. However, you are noticeable, when you show the individualism of your store. Make sure you choose the professionals to help you make a difference and thus, win the customers’ attention. 

****RELATED ARTICLES****

1.  Google Vertex AI Vision: Revolutionizing E-Commerce?
2.  The Benefits of Dedicated Server Hosting for Online Retail
3.  5 essential steps needed to set up a secure e-commerce website
4.  Fortifying Customer Connections: Cybersecurity in Client-Centric Tech
5.  Buy-Now-Pay-Later (BNPL) is Revolutionising the E-Commerce Landscape

E-commerce Website Design: How to Build a Successful Online Store in 2023

Corporations are using software to monitor employees on a large scale. Some experts fear the data these tools collect could be used to automate people out of their jobs.

You’ve probably heard the story: A young buck comes into a new job full of confidence, and the weathered older worker has to show them the ropes—only to find out they’ll be unemployed once the new employee is up to speed. This has been happening among humans for a long time—but it may soon start happening between humans and artificial intelligence.

Countless headlines over the years have warned that automation isn’t just coming for blue-collar jobs, but that AI would threaten scores of white-collar jobs as well. AI tools are becoming capable of automating tasks and sometimes entire jobs in the corporate world, especially when those jobs are repetitive and rely on processing data. This could affect everyone from workers at banks and insurance companies to paralegals and beyond.

Carl Frey, an economist at Oxford University, coauthored a landmark study in 2013 that claimed AI could threaten nearly 50 percent of US jobs in the coming decades. Frey says that he doesn’t think new AI tools like ChatGPT are going to automate jobs in this way because they still require human involvement and are often unreliable. Still, many of the underlying factors that were outlined in that paper remain pertinent today. Considering the rapid pace at which AI is advancing, it’s hard to predict how it could soon be utilized and what it will be capable of.

Then there’s the issue of how it’s being incorporated into daily work and how it’s being trained. Enter corporate spyware, invasive monitoring apps that allow bosses to keep close tabs on everything their employees are doing—collecting reams of data that could come into play here in interesting ways. Corporations, which are monitoring their employees on a large scale, are now having workers utilize AI tools more frequently, and many questions remain regarding how the many AI tools that are currently being developed are being trained.

Put all of this together and there’s the potential that companies could use data they’ve harvested from workers—by monitoring them and having them interact with AI that can learn from them—to develop new AI programs that could actually replace them. If your boss can figure out exactly how you do your job, and an AI program is learning from the data you’re producing, then eventually your boss might be able to just have the program do the job instead.

“When it comes to monitoring workflows, I do think that’s going to be a way we automate a lot of this stuff,” Frey says. “What you might be able to do is take some of those foundational models and train them on some of the data you have internally and fine-tune them, or you could train a model from scratch just with your internal data.”

David Autor, a professor of economics at MIT, says he also thinks AI could be trained in this way. While there is a lot of employee surveillance happening in the corporate world, and some of the data that’s collected from it could be used to help train AI programs, simply learning from how people are interacting with AI tools throughout the workday could help train those programs to replace workers.

“They will learn from the workflow in which they’re engaged,” Autor says. “Often people will be in the process of working with a tool, and the tool will be learning from that interaction.”

Whether you’re training an AI tool directly by interacting with it throughout the day, or the data you’re producing while you work is simply being used to create an AI program that can do the work you’re doing, there are multiple ways in which a worker could inadvertently end up training an AI program to replace them. Even if the program doesn’t end up being incredibly effective, a lot of companies might be happy with an AI program that’s good enough because it doesn’t require a salary and benefits.

“I think there are a lot of discretionary white-collar jobs where you’re kind of using a mixture of hard information and soft information and trying to make advanced decisions,” Autor says. “People aren’t that good at that, machines aren’t that good at that, but probably machines can be pretty much as good as people.”

Autor says he doesn’t see a “labor market apocalypse” coming. Many workers won’t be entirely replaced but will simply have their jobs changed by AI, Autor says, while some workers will certainly be made redundant by advancements in AI. The problem there, he says, is what happens to those workers after they’re no longer able to find a well-paying job with the education and skill sets they have.

“It’s not that we’re going to run out of work. It’s much more that people are doing something they’re good at, and that thing goes away. And then they end up doing a kind of generic activity that everybody’s good at, which means it pays very little—food service, cleaning, security, vehicle driving,” Autor says. “These are low-paying activities.”

Once someone’s automated out of a well-paying job, they can end up slipping through the cracks. Autor says we’ve seen this happen in the past.

“The hollowing out of manufacturing and office work over the past 40 years has definitely put downward pressure on the wages of people who would do that type of work, and it’s not because they’re doing it now at a lower rate of pay. It’s because they’re not doing it,” Autor says.

Frey says politicians will need to offer solutions to those who fall through the cracks to prevent the destabilization of the economy and society. That would likely include offering social safety net programs to those affected. Frey has written extensively on the effects of the first Industrial Revolution, and he says there are lessons to be learned there. In Britain, for example, there was a program called the Poor Laws, where people who were harmed by automation were given financial relief.

“What you see back then is a lot of social unrest. Wages are stagnant or falling for a large part of the population. You have riots,” Frey says. “If you look at the places where the Poor Laws were more generous, there was less social unrest and less upheaval. Using welfare systems to compensate people who lose out is something we’ve done for a long time and should continue to do.”

Many people would also benefit from being retrained for other work, but Autor says the US has never been very good at retraining people, so there’d have to be some work done to create effective retraining programs. He says technology might actually be able to help there because people could be retrained using helpful new digital tools.

There was a lot of hype surrounding ChatGPT and similar AI tools when they came out. That hype has since died down a bit, suggesting to some that maybe these tools won’t be as useful as they were promised to be. Perhaps they won’t be taking everybody’s jobs. However, at the rate at which AI is advancing, there’s no saying where things could be in five to 10 years—or even next year.

Vincent Conitzer, a professor of computer science at Carnegie Mellon University, says people shouldn’t underestimate what these AI tools may soon be capable of. They may be somewhat limited in their use now, but that could change relatively rapidly and end up being as disruptive as some have warned it could be.

“I worry about this being a ‘boiling frog’ kind of scenario, where we see amazing advances in AI but then don’t immediately see them take over people’s jobs, and \[people\] conclude there wasn’t all that much to worry about, and we accept the new technology as the new normal but not all that impressive after all,” Conitzer says. “Meanwhile, gradually but quickly, the world and the job market do adjust to the new technologies in complex ways, and at some point we realize large societal problems have emerged.”

Your Boss’s Spyware Could Train AI to Replace You

Fun facts about Rocco:
Microsoft MVR: Rocco is a 2023 Microsoft Most Valuable Researcher.
Fitness fanatic: Inspired by old-school body building and countless hours of chopping and carrying wood in the mountains during his youth, Rocco remains a fitness enthusiast, setting himself challenges and pushing his limits.
Old-school cinema enthusiast: Rocco’s favorite movies are the “Rocky” series, especially “Rocky 2,” and he also has a deep appreciation for the mafia film series “The Godfather.

**Fun facts about Rocco:**

**Microsoft MVR:** Rocco is a 2023 Microsoft Most Valuable Researcher.

**Fitness fanatic:** Inspired by old-school body building and countless hours of chopping and carrying wood in the mountains during his youth, Rocco remains a fitness enthusiast, setting himself challenges and pushing his limits.

**Old-school cinema enthusiast**: Rocco’s favorite movies are the “Rocky” series, especially “Rocky 2,” and he also has a deep appreciation for the mafia film series “The Godfather."

**Travel trailblazer**: Rocco’s passport boasts stamps from over 25 countries. From the historic streets of Prague to the bustling cities of South Korea, Rocco’s work has taken him around the world.

Rocco’s journey into the world of computers and hacking began during his childhood, in an old-school Italian household in Australia. Embracing the traditions and warmth of family time, Rocco spent a lot of time at home, providing the opportunity to explore the digital realm.

In his early school years, around Grades 3 and 4, Rocco stumbled upon IRC, a popular chat program of the era, which connected him to fellow hackers. By Grades 4 and 5, his nascent skill manifested when he unintentionally exploited his primary school’s system using an old “Cain and Abel” tool and CVE-2000-0884. These flaws saw young Rocco accessing confidential school data, which drew the school’s attention in a memorable assembly. 

Rocco eventually finished university and discovered an online offensive security course in 2009, which acted as a catalyst, further reinforcing his passion. But what truly opened his eyes to the potential of this field was a security breach at his family’s business. By his early 20s, Rocco was entrenched in the world of hacking. He became a prominent member of a hacking group Corelan Team, where he specialized in writing Windows and web exploits and integrating them into the Metasploit framework. At the time, Rocco didn’t realize how cutting edge this work was, and assumed everyone else was doing similar work.

Rocco’s experience set the stage for a thriving career in Melbourne, Australia, where he landed a job in a leading consulting firm, working his way up to senior penetration tester for BAE Systems Applied Intelligence after an acquisition of the consulting firm. A brief stint at a boutique company led him to lucrative contracting roles, earning 3x more than his previous salary.

Rocco’s journey into the world of vulnerabilities was marked by a fervent obsession with identifying bugs and crafting exploits. To his surprise, this R&D passion quickly turned profitable, with his first monetary award for a bounty coming from ZDI. The fuzzing gained traction, Rocco harnessed its power, identifying significant vulnerabilities in various high-profile software products. This achievement opened doors to collaborate with Microsoft, particularly performing C++ and C# code reviews. He further expanded his skills by undertaking projects at the Mayo Clinic, focusing on medical equipment testing such as infusion pumps to building access controls.

Rocco’s skills caught the interest of a firm based in the United Arab Emirates. Originally planned as a brief stint, Rocco spent seven years in the UAE. Here, he transitioned into management roles, leading both a groundbreaking test and validation software lab and a research center, immersing himself in their pioneering efforts. However, the global changes brought about by the COVID-19 pandemic saw him returning to Australia. This homecoming was marked by a more hands-on technical approach and the creation of his new company named Tec Security, which focuses on vulnerabilities in widely deployed products. Additionally, he has a robust network of hacker friends, specializing in various cyber domains. Together, they harness their collective technical prowess to advance vulnerability research. This collaborative spirit not only showcases his dedication to the craft but also his belief in the collective power of the cybersecurity community.

Rocco’s home is a testament to his passion, with computers populating his entire basement and a hardware hacking lab for his IoT research. Reflecting on his Australian roots, Rocco mentions how the nation’s geographical remoteness inadvertently sheltered him from global perspectives. It was only when he stepped into the professional domain that he realized the cutting-edge nature of his work. This self-driven learning, he believes, was a cornerstone in shaping his expertise.

Rocco’s acumen for assembly language, even before mastering C, equipped him with a distinctive edge in the field. He advocates for simplification in the face of the current information overload, urging aspiring hackers to understand language pitfalls at a granular level.

While his professional life flourished, Rocco’s personal trajectory was shaped by a keen business acumen inherited from his family’s business. If not for the alluring world of hacking, Rocco might have been deep in the family trade.

Rocco remains a force to be reckoned with in the cybersecurity world. While he employs a range of techniques, coverage guided fuzzing remains one of his go-to strategies, especially with binaries and drivers written in C or C++. He has turned his basement into a technophile’s paradise, filled with computers designed for bug hunting. However, it’s not just about his dynamic and static analysis tooling for Rocco; his meticulous approach to old-school manual code review and reverse engineer across multiple platforms including Android. Additionally, his competitive spirit has led him to participate in numerous hacking competitions, consistently ranking high on various leaderboards, setting him apart from many in the field.

Follow Rocco and his company on social media:

Twitter / X:  Rocco Calvi (@TecR0c) / X (twitter.com)

LinkedIn: Rocco Calvi | LinkedIn

Website: TecSecurity.io

Tag

#git