Researchers find 250 million artifacts and 65,000 container images exposed in registries and repositories scattered across the Internet.

Many organizations, including some of the world's largest companies, are at heightened risk of compromise and data theft from misconfigured and poorly secured software registries and artifact repositories, a new study has shown.

Research that cloud-security vendor Aqua Security recently conducted uncovered some 250 million software artifacts and more than 65,000 container images lying exposed and Internet-accessible in thousands of registries and repositories. Some 1,400 hosts allowed access to secrets, keys, passwords, and other sensitive data that an attacker could use to mount a supply chain attack, or to poison an enterprise software development environment.

**Wide Registry Exposure**

Aqua discovered 57 registries with critical misconfigurations, including 15 that enabled an attacker to gain admin privileges with just the default password; 2,100 artifact registries offered upload permissions, which potentially gave anonymous users a way to upload malicious code to the registry.

In all, Aqua found nearly 12,800 container image registries that were accessible over the Internet of which 2,839 permitted anonymous user access. On 1,400 hosts, Aqua researchers found at least one sensitive data element such as keys, tokens, and credentials; on 156 hosts the company found private addresses of endpoints such as MongoDB, Redis, and PostgreSQL.

Among the thousands of affected organizations were several Fortune 500 companies. One of them was IBM, which had exposed an internal container registry to the Internet and put sensitive data at risk of access. The company addressed the issue after Aqua's researchers informed it of their discovery. Other notable organizations that had potentially put their data at similar risk included Siemens, Cisco, and Alibaba. In addition, Aqua found software secrets in registries belonging to at least two cybersecurity firms exposed to the Internet. Aqua's data is based on an analysis of container images, Red Hat Quay container registries, JFrog Artifactory, and Sonatype Nexus artifact registries.

"It's critical that organizations of all sizes around the world take a moment to verify that their registries — whether public or private — are secure," advises Assaf Morag, lead threat intelligence and data analyst at Aqua Security. Organizations that have code in public registries or have connected their registries to the Internet and allow anonymous access should ensure their code and registries don't contain secrets, intellectual property, or sensitive information, he says.

"The hosts belonged to thousands of organizations around the world – ranging by industry, size, and geography," Morag notes. "That means the benefits for an attacker could also range."

**Risky Registries & Repositories**

Aqua's research is the latest to highlight the risks to businesses from data in software registries, repositories and artifact management systems. Development teams use software registries to store, manage, and distribute software, libraries, and tools and use repositories for centrally storing and maintaining specific software packages from within the registry. The function of artifact repositories is to help organizations store and manage the artifacts of a software project such as source code, binary files, documentation, and build artifacts. Artifact management systems can also include Docker images and packages from public repositories such as Maven, NPM, and NuGet.

Often, organizations using open source code in their projects — an almost ubiquitous practice at this point —connect their internal registries and artifact management systems to the Internet and allow anonymous access to certain portions of the registry. For instance, a software development team using JFrog Artifactory as an internal repository could configure external access so customers and partners can share its artifacts.

Threat actors seeking to compromise enterprise software development environments have increasingly begun targeting software registries and repositories in recent years. Some of the attacks have involved attempts by threat actors to introduce malicious code into development and build environments directly or via poisoned packages planted on NPM, PyPI, and other widely used public repositories. In other instances, threat actors have targeted these tools to gain access to the sensitive information such as credentials, passwords, and APIs stored in them.

Aqua's research showed that, in many cases, organizations are inadvertently making it easier for attackers to carry out these attacks by mistakenly connecting registries containing sensitive information to the Internet, posting secrets in public repositories, using default passwords for access control, and granting overly excessive privileges to users.

In one instance, Aqua uncovered a bank with an open registry featuring online banking applications. "An attacker could have pulled the container, then modified it and pushed it back," Morag says.

In another instance, Aqua discovered two misconfigured container registries belonging to the development and engineering team of a Fortune 100 technology company. Aqua found the registries to contain so much sensitive information and afford so much access and privileges for doing damage, that the company decided to halt its research and inform the technology company of the issue. In this case, the security snafu resulted from a development engineer opening up the environment while working on an unapproved side project.

Millions of Artifacts, Misconfigured Enterprise Software Registries Are Ripe for Pwning

Researchers are unraveling the threads connecting two separate, but in some ways overlapping, Russian-language APTs.

Certain campaigns previously connected to the Russian advanced persistent threat (APT) Turla were actually conducted by what appears to be an entirely separate group researchers have named "Tomiris."

Turla (aka Snake, Venomous Bear, or Ourobouros) is a notorious threat actor with ties to the Russian government. Over the years it has utilized zero-days, legitimate software, and other means to deploy backdoors in systems belonging to militaries and governments, diplomatic entities, and technology and research organizations. In one case, it was even linked, through its Kazuar backdoor, to the SolarWinds breach.

Not everything is Turla, though. In a new blog post, researchers from Kaspersky have published evidence that certain attacks previously correlated with Turla were carried out by Tomiris, an entirely different group with different tactics, techniques, and procedures (TTPs) and affiliations.

"We strongly believe Tomiris is separate," says Pierre Delcher, senior security researcher at Kaspersky's GReAT. "It's not the same targeting, not the same tools, not the same sophistication as Turla."

**Separating Turla and Tomiris**

Attribution in cyberspace is difficult. "Highly skilled actors use techniques that mask their origins, render themselves anonymous, or even misattribute themselves with false flags to other threat groups to throw researchers off the track," explains Adam Flatley, former director of operations at the National Security Agency and VP of intelligence at \[Redacted\]. "Often we can only rely on a threat actor's operational security mistakes to find leads on their true identities."

Tomiris is a case in point. Kaspersky began tracking what now appears to have been Tomiris activity three years ago, in a DNS hijacking campaign against a Commonwealth of Independent States (CIS) government. The culprits' hallmarks appeared to be a mix of Russian APT soup. The Tomiris backdoor was discovered on networks alongside Turla's Kazuar backdoor, which itself had parallels to the Sunburst malware used in SolarWinds' breach.

Yet the details connecting Tomiris and Turla never quite lined up. "The implants they deployed were ... well, they sounded off, compared to what we knew about Turla," Delcher says. "So really, there was basically nothing in common, and even the targets were actually not fitting what we knew of past Turla interests."

Targeting is a major clue. "Tomiris is very focused on government organizations in the CIS, including the Russian Federation," Delcher explains, "whereas in the cybersecurity scene, some vendors associate Turla as a Russian-backed actor. That wouldn't make a lot of sense, if a Russian-sponsored actor targeted the Russian Federation."

As recently as this year, Mandiant published research about a Turla campaign in which it admitted, at one point, that there were "some elements of this campaign that appear to be a departure from historical Turla operations." The Kaspersky researchers have, with "medium confidence," assigned these findings to Tomiris operations.

**Connecting Turla and Tomiris**

All this isn't to say there's no connection at all between Tomiris and Turla.

In attacks between 2021 and 2023, Tomiris made use of KopiLuwak and TunnusSched — two of Turla's malicious tools. Because they had Turla's goods, Delcher says, "we strongly believe they might have been cooperating at some point, or they might still be cooperating right now."

Exactly how the groups connect is up for grabs. "They could be running an operation together," Delcher speculates, "or they could rely on a similar supply chain. They could have, for example, asked an independent developer to develop a backdoor, and the independent developer provided it to both Turla and Tomiris."

A more definitive answer will be hard to come by. "The only way to reliably and consistently get accurate attribution," Flatley bemoans, "is to use computer network exploitation techniques that are only legally allowed for government agencies to employ."

**Why This Matters to Businesses**

Distinguishing between threat actors isn't simply an educational exercise, Delcher says. It can help organizations better defend themselves.

For example, an organization affected by or otherwise worried about Turla might see the Kazuar malware and assume it's the work of that group.

"So, you grab all of the Turla IoCs, the technical intelligence, and address it with that assumption," Delcher says. "Of course, this is misguided because if they are not the same actors they won't use the exact same techniques, or the same implants. From the defender's perspective, you don't want to end up confused."

Diligent defenders will do well to pay attention to the subtle differences between groups, but certain principles apply across APTs.

"Elite threat actors will still take the easy way in if it exists, so reducing attack surface with things such as aggressive patch management and implementing MFA on every account possible still goes a long way," Flatley says. Prevention isn't enough against groups like this, though, so advanced detection capabilities and a plan for the worst case scenario are also necessary. "Visibility, married with a well-constructed and regularly practiced incident response plan, can greatly reduce the risk associated with threat actors of all levels."

Tangled Up: 'Tomiris' APT Uses Turla Malware, Confusing Researchers

Two federal indictments were unsealed today in the District of Columbia charging a North Korean Foreign Trade Bank (FTB) representative for his role in separate money laundering conspiracies designed to generate revenue for the Democratic People’s Republic of Korea through the use of cryptocurrency.

“The charges announced today respond to innovative attempts by North Korean operatives to evade sanctions by exploiting the technological features of virtual assets to facilitate payments and profits, and targeting virtual currency companies for theft,” said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division. “We will continue to work to disrupt and deter North Korean actors and those who aid them by following the money on the blockchain and shining a light on their conduct.”

According to court documents, Sim Hyon Sop (Sim), 39, is charged with allegedly conspiring with over-the-counter (OTC) cryptocurrency traders to use stolen funds to buy goods for North Korea and for conspiring with North Korean IT workers to generate revenue through illegal employment at blockchain development companies in the United States.

The first indictment involves a conspiracy between Sim and three OTC traders to launder stolen funds from virtual currency exchange hacks to make payments in U.S. dollars for goods on behalf of the North Korean government. The second involves a conspiracy between Sim and various North Korean IT workers to launder proceeds of illegal IT development work, where the IT workers gained employment at U.S. blockchain development companies using fake identities, and then laundered their ill-gotten gains through Sim for the benefit of the North Korean regime, and in contravention of sanctions imposed against North Korea by the Department of the Treasury’s Office of Foreign Assets Control (OFAC) and the United Nations. Those sanctions were imposed to impede the development of North Korea’s ballistic missiles, weapons production, and research and development programs.

“Today’s indictments reveal North Korea’s continued use of various means to circumvent U.S. sanctions,” said U.S. Attorney Matthew M. Graves for the District of Columbia. “We can and will ‘follow the money,’ be it through cryptocurrency or the traditional banking system, to bring appropriate charges against those who would help to fund this corrupt regime.” 

According to court documents, North Korean national Sim, Chinese national Wu Huihu (Wu), Hong Kong British National (Overseas) Cheng Hung Man (Cheng), and the user of the online moniker live:jammychen0150 (“Jammy Chen”) conspired to launder stolen cryptocurrency and then used those funds to purchase goods through Hong Kong-based front companies on behalf of North Korea. Sim directed these payments, which were made in U.S. dollars, through “Jammy Chen.” “Jammy Chen” then recruited Wu and Cheng, both of whom were OTC traders, to find sham front companies and facilitate the payments to avoid U.S. sanctions against North Korea.

Sim also allegedly conspired to launder funds generated by North Korean IT workers who obtained illegal employment in the tech and crypto industry. These IT workers used fake personas to get jobs, including jobs at U.S.-based companies, and then asked to be paid in cryptocurrencies, such as stablecoins like USD Tether (USDT) and USD Coin (USDC), which are pegged to the U.S. dollar. After receiving payment, they funneled their earnings back to North Korea through Sim.

According to court documents, the Reconnaissance General Bureau (RGB) is North Korea’s primary intelligence and clandestine operations unit, known to have a cyber capability that has come to be known within the cybersecurity community as both Lazarus Group and Advanced Persistent Threat 38 (APT38). APT38 is a financially motivated North Korean regime-backed group responsible for conducting destructive cyber-attacks since at least 2014 to generate revenue for its ballistic missile and WMD programs. Specifically, these North Korean hackers have worked in concert to conduct cyber-attacks against victims located in the United States and around the world, including hacks against financial institutions and virtual asset service providers. North Korean actors have gained unauthorized access to these victim networks as part of their fraudulent scheme through a variety of means, including through spear-phishing messages designed to induce victims to download and execute malicious software developed by the hackers.  

Since 2017, as part of its cyber campaign, North Korean hackers have also executed virtual currency-related thefts to generate revenue for the regime, including through the hacking of virtual asset services providers, such as virtual currency exchanges. A portion of the proceeds from those virtual currency theft and fraud schemes was sent to virtual currency address 1G3Qj4Y4trA8S64zHFsaD5GtiSwX19qwFv, which Sim and his OTC trader coconspirators used to fund payments for goods for North Korea.

To generate revenue for the regime, North Korea also deploys IT workers to obtain illegal employment in the cryptocurrency industry. According to court documents, North Koreans apply for jobs in remote IT development work without disclosing that they are North Korean. These IT workers bypass security and due diligence checks through the false or fraudulent use of identity documents and other obfuscation strategies, such as virtual private networks to hide their true location from online payment facilitators and hiring platforms. The IT workers request payment for their services in virtual currency and then send their earnings back to North Korea via, among other methods, FTB representatives such as Sim.

A third indictment also unsealed today in the District of Columbia separately charges Wu with operating an unlicensed money transmitting business. According to court documents, Wu operated as an OTC trader on a U.S.-based virtual currency exchange and conducted over 1,500 trades for U.S. customers without obtaining the necessary licenses.

The FBI Chicago Field Office and FBI’s Virtual Assets Unit (VAU) are investigating the cases.

The charge of conspiring to launder monetary instruments is punishable by a maximum of 20 years in prison. The charge of operating an unlicensed money transmitting business is punishable by a maximum of five years in prison.

Trial Attorney Jessica Peck of the Justice Department’s National Cryptocurrency Enforcement Team (NCET) and Computer Crime and Intellectual Property Section, Assistant U.S. Attorneys Steven Wasserman and Christopher Tortorice for the District of Columbia, and Trial Attorney Emma Ellenrieder of the National Security Division’s Counterintelligence and Export Control Section are prosecuting the cases. Paralegal Specialists Brian Rickers and Angela De Falco and Legal Assistant Jessica McCormick provided valuable assistance. Significant assistance was also provided by the U.S. Attorney’s Office for the Central District of California, FBI Los Angeles Field Office, Criminal Division’s Money Laundering and Asset Recovery Section, former Special Agent Chris Janczewski of the IRS Criminal Investigation, and former FBI analyst Nick Carlsen.

The NCET was created in October 2021 to combat the growing illicit use of cryptocurrencies and digital assets. Under the supervision of the Criminal Division, the NCET conducts and supports investigations into individuals and entities that enable the use of digital assets to commit and facilitate a variety of crimes, with a particular focus on virtual currency exchanges, mixing and tumbling services, and infrastructure providers. The NCET also sets strategic priorities regarding digital asset technologies, identifies areas for increased investigative and prosecutorial focus, and leads the department’s efforts to collaborate with domestic and foreign government agencies as well as the private sector to aggressively investigate and prosecute crimes involving cryptocurrency and digital assets.

_An indictment is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law._

North Korean Foreign Trade Bank Representative Charged in Crypto Laundering Conspiracies

To protect its Confidential Computing cloud infrastructure and gain critical insights, Google leans on its relationships with chipmakers.

Google Cloud and Intel released results today from a nine-month audit of Intel's new hardware security product: Trust Domain Extensions (TDX). The analysis revealed 10 confirmed vulnerabilities, including two that researchers at both companies flagged as significant, as well as five findings that led to proactive changes to further harden TDX's defenses. The review and fixes were all completed before the production of Intel's fourth-generation Intel Xeon processors, known as “Sapphire Rapids,” which incorporate TDX. 

Security researchers from Google Cloud Security and Google's Project Zero bug-hunting team collaborated with Intel engineers on the assessment, which initially turned up 81 potential security issues that the group investigated more deeply. The project is part of Google Cloud's Confidential Computing initiative, a set of technical capabilities to keep customers' data encrypted at all times and ensure that they have full access controls.

The security stakes are incredibly high for massive cloud providers that run much of the world's digital infrastructure. And while they can refine the systems they build, cloud companies still rely on proprietary hardware from chip manufacturers for their underlying computing power. To get deeper insight into the processors they're depending on, Google Cloud worked with AMD on a similar audit last year and leaned on the longtime trusted relationship between Intel and Google to launch the initiative for TDX. The goal is to help chipmakers find and fix vulnerabilities before they create potential exposure for Google Cloud customers or anyone else.

“It's not trivial because companies, we all have our own intellectual property. And in particular, Intel had a lot of IP in the technologies that they were bringing to this,” says Nelly Porter, group product manager of Google Cloud. “For us to be able to be incredibly open and trusting each other is valuable. The research that we're doing will help everybody because Intel Trusted Domain Extension technology is going to be used not only in Google, but everywhere else as well.”

Researchers and hackers can always work on attacking hardware and online systems from the outside—and these exercises are valuable because they simulate the conditions under which attackers would typically be looking for weaknesses to exploit. But collaborations like the one between Google Cloud and Intel have the advantage of allowing outside researchers to conduct black box testing and then collaborate with engineers who have deep knowledge about how a product is designed to potentially uncover even more about how a product could be better secured.

After years of scrambling to remediate the security fallout from design flaws in the processor feature known as “speculative execution,” chipmakers have invested more in advanced security testing. For TDX, Intel's in-house hackers conducted their own audits, and the company also put TDX through its security paces by inviting researchers to vet the hardware as part of Intel's bug bounty program.

Anil Rao, Intel's vice president and general manager of systems architecture and engineering, says the opportunity for Intel and Google engineers to work as a team was particularly fruitful. The group had regular meetings, collaborated to track findings jointly, and developed a camaraderie that motivated them to bore even deeper into TDX.

Of the two vulnerabilities the researchers found that Rao called “critical,” one related to loose ends from a cryptographic integrity feature that had been dropped from the product. “It was a leftover thing that we didn’t catch, but the Google team caught it,” he says. The other major vulnerability uncovered by the project was in Intel's Authenticated Code Modules, which are cryptographically signed chunks of code that are built to run in the processor at a particular time. The vulnerability involved a small window in which an attacker could have hijacked the mechanism to execute malicious code.  

“For me, that was something which was surprising. I wasn't expecting that we had such a vulnerability in our internal system,” Rao says. “But I was super happy that this team caught it. It's not that these are easy vulnerabilities for someone to tap into, but the fact that it's there is not a good thing. So at least once we fix it then we can sleep better at night.”

Rao and Porter also point out that the finding was significant because ACM is used in other Intel security products beyond TDX.

Additionally, as part of the collaboration, Google worked with Intel to open source the TDX firmware, low-level code that coordinates between hardware and software. This way, Google Cloud customers and Intel TDX users around the world will have more insight into the product.

“Confidential computing is an area where we are opening up and telling customers, ‘bring your most sensitive applications, bring your most sensitive data, and operate it on shared infrastructure in the cloud,’” Rao says. “So we want to make sure that we follow a rigorous process in ensuring that the key handlers of that sensitive data are rugged. Whether we like it or not, establishment of trust takes a long time, and you can break it very easily.”

Intel Let Google Cloud Hack Its New Secure Chips and Found 10 Bugs

Businesses can now standardize their end-to-end cybersecurity programs on the industry's most secure infrastructure, while retaining choice and vendor optionality.

**SUNNYVALE, Calif.****,** **April 24, 2023** **/PRNewswire/ --** Announced today at RSA Conference, Google Cloud and Mandiant are combining their cybersecurity partner ecosystems to offer the industry's most open, comprehensive, and intelligent platform for customers' end-to-end cybersecurity needs.

The combined ecosystem brings together expertise and technology from Google Cloud, Mandiant, and integrations with more than 100 leading cybersecurity vendors. From incident response through proactive defense, Google Cloud gives organizations the choice and breadth to stay ahead of security threats and eliminate common gaps that plague legacy networks, infrastructure, and tools. Google Cloud is expanding these capabilities even further with new partner integrations that help customers better protect against breaches across cloud environments, and respond more quickly to cybersecurity events when they occur.

"Google Cloud remains fundamentally committed to growing its open cloud ecosystem, ensuring that customers on any cloud platform can protect their businesses with the industry's most advanced security tools," said Sunil Potti, VP and GM of security, Google Cloud. "With Mandiant, we can now build end-to-end security programs that unify our leading threat intelligence and technology with the capabilities of our partners, providing customers with comprehensive solutions that are tailored to their security needs."

"As an organization that's been on the frontlines of some of the most impactful breaches, we recognize that the fight against persistent, global adversaries requires a united defense," said Kevin Mandia, CEO of Mandiant, Google Cloud. "Working alongside our combined, growing network of elite security partners accelerates our ability to help customers around the world to strengthen their security posture and proactively defend against emerging threats."  

**Extending generative AI to partners with Google Cloud Security AI Workbench**  
Google Cloud today announced Security AI Workbench, an industry-first platform that enables security partners to extend generative AI to their products. The platform combines a new, security-specific large language model (LLM) from Google Cloud, Sec-PaLM, with Mandiant's leading frontline intelligence and encompasses vulnerabilities, malware, threat indicators, and more. Partners can easily integrate with the platform via an API (application programming interface) to bring threat intelligence, workflows, and other critical functionality to customers, while retaining enterprise-grade data protections and sovereignty. Security AI Workbench will power new partner offerings that help customers address key security challenges across threats, toilsome tools, and the talent gap.

Learn more about Google Cloud Security AI Workbench here.

**Announcing Accenture managed security services for enterprises**

Google Cloud's ecosystem of global consulting partners provide implementation and managed cybersecurity services for enterprise customers. At RSA, **Accenture** announced that its managed detection and response (MxDR) security service will be enhanced by technologies from Google Cloud, bringing customers a comprehensive security service inclusive of Chronicle security operations and Mandiant Intelligence and Consulting offerings, delivered by thousands of Accenture specialists with expertise building end-to-end security programs for enterprise customers. Accenture will also be the first partner to utilize Security AI Workbench.

**Enhancing incident response and detection with Mandiant and partners**

Mandiant offers the world's most advanced threat intelligence, with industry-leading expertise to help businesses and governments quickly detect, understand, and address security breaches. Now, customers can easily accompany Mandiant's capabilities with purpose-built security solutions from partners including **Crowdstrike**, **SentinelOne**, and**Trellix**, which are fully integrated with Google Cloud. As a result, organizations can deploy the right technology for their needs to proactively protect critical assets after a cybersecurity event.

**Strengthening threat-informed defense across the Mandiant partner ecosystem**

Today, Mandiant also introduced the next phase of its Cyber Alliance program. **Corelight, Nozomi Networks**, **SentinelOne**, and **SnapAttack** are all expanding their capabilities through deeper integrations and unified offerings, enabling Mandiant's security experts to offer the most comprehensive security solutions to customers and help them proactively defend against threats critical to their organization. **Crowdstrike** also announced the general availability of CrowdStrike Falcon for Mandiant Incident Response, which will operationalize endpoint detection to help customers stop and defend against breaches.

**Bringing enterprise-grade identity and device management to Google Workspace**

Google Workspace enables organizations to securely collaborate with embedded, invisible security through client-side encryption, data privacy controls, and integrations with BeyondCorp Enterprise and Chronicle SecOps that automatically block the vast majority of cyber threats. Now, Google Workspace is adding new identity and device management support from **Okta** and **VMware**, enabling large-scale and public sector organizations to adopt FedRAMP-authorized collaboration solutions in a single offering. **JumpCloud** is also offering customers an alternative to Microsoft Active Directory, with centralized identity, access, and device management.

**About Google Cloud**

Google Cloud accelerates every organization's ability to digitally transform its business. We deliver enterprise-grade solutions that leverage Google's cutting-edge technology – all on the cleanest cloud in the industry. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.

SOURCE Google Cloud

Google Cloud Announces New Security AI Workbench and Ecosystem Expansion at RSAC 2023

Code property graphs and a threat feed powered by artificial narrow intelligence help developers incorporate AppSec into DevOps.

RSA CONFERENCE 2023 – San Francisco – Application security company Qwiet AI has announced a new threat intelligence feed for its real-time code security analysis tool PreZero to help security teams focus on remediating the fixes that will have the most impact on application security.

The data feed, called Blacklight, analyzes information about exploits that are deployed in the wild. Developers can use the data to see which vulnerabilities to address right away and which ones can wait. Just like a physical black light can reveal where that smell is coming from, Blacklight "exposes what you can't see visually," says Qwiet AI CEO Stuart McClure.

Narrowing the scope of patching is vital, considering the sheer volume of vulnerabilities reported. There were 3,239 high-severity vulnerabilities found in 2022, according to NIST's National Vulnerability Database, putting security teams in the position of having to remediate about 10 a day, every calendar day, to fix just the most serious vulnerabilities. But past research has shown that not all vulnerabilities need to be fixed right away. Only 15% of vulnerabilities get loaded into memory, which suggests 85% aren't reachable by an attacker, according to Sysdig. And of those reachable vulnerabilities, even less are exploitable in practice. In 2022 Qwiet AI, then called ShiftLeft, announced that only 3% of open source vulnerabilities were attackable.

The trick, of course, lies in identifying the 3%. PreZero asks a series of questions to whittle down vulnerabilities to a shorter list of those requiring immediate action: Does the application load the package containing the CVE? Is that package in use by the application? Can an attacker reach that package? And how can the developer mitigate the vulnerability?

A survey of PreZero users found that the new threat feed reduces the average cost per finding by nearly 25%, according to the company.

**Putting Artificial Narrow Intelligence to Work**

PreZero builds a deep neural net out of code property graphs (CPGs), which analyze JavaScript — 58 billion lines of it so far, according to McClure. The CPG is made up of three kinds of data graphs: abstract syntax trees that classify code according to syntax, data flow graphs that map variables from input through to the outputs to see how the data changes, and control flow graphs that track who controls the data and what changes are made.

The artificial narrow intelligence system uses those CPGs to build a model of what good code looks like versus vulnerable code, which it then can apply to new code that's entered into the tool.

"We're gonna go through the typical path, which is the code property graph based on these human-written policies, but we're also going to send that same code sample through our AI model and be able to determine if there's an additional vulnerability in there that the humans didn't catch or the signatures didn't catch," McClure says. "And so that's what really differentiates us."

Qwiet AI shared with Dark Reading a screenshot of a report Blacklight generated on Log4j 2.9.1, one of many versions of the logging utility affected by the Log4Shell vulnerability, to demonstrate the kind of information the feed provides. Potentially the most useful section is remediation advice, which counsels, "Users who want to avoid attacker-controlled JNDI lookups but cannot upgrade to 2.16.0 must ensure that no such lookups resolve to attacker-provided data and ensure that the JndiLookup class is not loaded."

"I've spent my time in the trenches," says Bruce Snell, Qwiet AI director of technical and product marketing. "There's something more visceral about attaching an actual exploit or a threat actor to a vulnerability."

Another interesting feature in PreZero is security insights, which flags code that would open the door to vulnerabilities if it were deployed. That's clearly useful for developers trying to write more secure code, but McClure says the security side also benefits from PreZero.

"The AppSec, cybersecurity, and CISOs would use \[PreZero\] to understand the current state of risk to the business, but then developers use it to actually get the line of code that they need to go fix," he says.

**AI Is Good Business**

Competition does abound. For example, Snyk uses AI in vulnerability scanning, as does GitHub — although the Spider Artificial Intelligence Vulnerability Scanner (SAIVS) falls into the machine learning category.

"We've had this skill shortage for as long as I can remember now, and I think it's actually worse on the AppSec side than it is in the InfoSec side," Snell says. "So having this AI that can, instead of trying to find the needle in a haystack, just produce a stack of needles and say, 'Here's the things that you need to deal with' is going to be huge. And it's really going to be the only way I think that the industry can keep up."

Getting away from signatures is something McClure has been working on since he co-founded Cylance, which he sold to BlackBerry for $1.4 billion in 2018; he's been planning out his vision of the future of AI since at least 2016. To demonstrate his hacking philosophy in action, McClure is co-presenting a technical session "Hacking Exposed — Hacking the Sec into DevOps" with Qwiet AI CTO Chetan Conikee on Wednesday April 26 at 1:15 p.m.

Qwiet AI Builds a Neural Net to Catch Coding Vulnerabilities

Deal strengthens ZeroFox's External Cybersecurity Platform with attack surface management (EASM) and threat intelligence capabilities.

**WASHINGTON, April 17, 2023 (GLOBE NEWSWIRE) --** Today, ZeroFox (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity announced a definitive agreement to acquire LookingGlass Cyber Solutions, Inc., a leader in external attack surface management and global threat intelligence. In today's digital-first world, the rapidly expanding external attack surface has become a veritable playground for cybercriminals and nation-state actors alike, posing an ever-growing threat to enterprise and public sector organizations worldwide. Integrating LookingGlass’s industry-leading attack surface and threat intelligence capabilities into the ZeroFox External Cybersecurity Platform will enable our customers to build a robust security posture by providing world-class visibility into external attack surface assets and vulnerabilities, including improved actionable intelligence to disrupt emergent threats.

As organizations embrace digital transformation, the same externally-available digital platforms these organizations use to do business are equally available to malicious actors, creating new opportunities for exploitation. This escalating threat landscape underscores the urgent need for organizations to adopt comprehensive security strategies emphasizing proactive monitoring, continuous assessment, and remediation of their public attack surface vulnerabilities to defend against the mounting challenges of persistent cyber adversaries.

“The acquisition of LookingGlass is a natural extension of our strategy to provide our customers with a single end-to-end platform for protecting their external attack surface from increasingly sophisticated cyberattacks,” said James C. Foster, Chairman and CEO of ZeroFox. “We are bringing together passionate teams that have been partners for years, and proven world-class capabilities across attack surface management, digital risk protection, threat intelligence and breach response to continue our leadership in external cybersecurity.”

With one of the most comprehensive internet-facing attack surface intelligence data lakes, LookingGlass empowers public sector organizations, large enterprises, and industry security alliances at scale by providing extensive discovery, intelligence and cyber defense capabilities. These unique capabilities allow organizations to identify and assess threats in support of remediation strategies against the most sophisticated cyberattacks. The combination of intelligence and action enables some of the world’s largest organizations to inform their security teams about cyber risks ahead of full-fledged attacks.

“The mission at LookingGlass is to protect our customers by providing unmatched attack surface intelligence for global threat visibility and cyberattack disruption,” said Bryan Ware, CEO of LookingGlass. “Joining ZeroFox allows us to expand the capabilities we provide security teams to defend against cybercriminals and nation-state actors.” Ware, a cybersecurity industry veteran, former Assistant Director of CISA at the Department of Homeland Security, the Nation’s cyber defense operations lead, will join the ZeroFox executive team as part of the transaction.

**Transaction Details**

Under the terms of the agreement, ZeroFox will acquire LookingGlass for approximately $26 million, primarily in stock (9.4 million shares), combined with convertible debt and cash, subject to purchase price adjustments and performance earnouts. The acquisition is expected to close within the next 30 days. ZeroFox will provide additional guidance during the Q1 FY24 earnings call.

Stifel Financial Corp. served as exclusive financial advisor to ZeroFox on the transaction.

**Investor Conference Call Information**

ZeroFox will host a conference call to discuss the acquisition today April 17, 2023 at 8:30 a.m. Eastern Time. To access this call via webcast, please use this link: 

**Learn More**

To learn more about ZeroFox solutions, visit our website. Bookmark the ZeroFox Blog to keep up with our expert coverage on the latest in External Cybersecurity.

**About ZeroFox**

ZeroFox (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity, has redefined security outside the corporate perimeter on the internet, where businesses operate, and threat actors thrive. The ZeroFox platform combines advanced AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust portfolio of breach, incident and takedown response capabilities to expose and disrupt phishing and fraud campaigns, botnet exposures, credential theft, impersonations, data breaches, and physical threats that target your brands, domains, people, and assets. Join thousands of customers, including some of the largest public sector organizations as well as finance, media, technology and retail companies to stay ahead of adversaries and address the entire lifecycle of external cyber risks. ZeroFox and the ZeroFox logo are trademarks or registered trademarks of ZeroFox, Inc. and/or its affiliates in the U.S. and other countries. Visit www.zerofox.com for more information.

**About LookingGlass Cyber Solutions, Inc.**

LookingGlass is the global cybersecurity leader enabling national, industrial, and enterprise-scale decisions with unparalleled, curated intelligence on critical assets, risks, and sectors. For more than a decade, the most advanced organizations in the world have trusted LookingGlass to help them protect their economic and national security interests. Find out how we can help your organization at https://lookingglasscyber.com. 

**Forward-Looking Statements**

Certain statements in this press release are “forward-looking statements” under the Private Securities Litigation Reform Act of 1995. All statements, other than statements of historical fact, that address activities, events or developments that we expect, believe or anticipate will or may occur in the future, including statements related to benefits from the transaction, including expected from revenues and accretiveness of the transaction, and the ability of ZeroFox to achieve its objectives and plans with the acquisition of LookingGlass are forward-looking statements. Forward-looking statements involve risks and uncertainties that could cause actual results to differ materially from those anticipated by these forward-looking statements. The inclusion of any statement in this press release does not constitute an admission by ZeroFox or any other person that the events or circumstances described in such statement are material. These risks and uncertainties include, but are not limited to, the following: our ability to recognize the anticipated benefits of the transaction; the ability of ZeroFox and LookingGlass to consummate the transaction as expected; defects, errors, or vulnerabilities in the ZeroFox platform, the failure of the ZeroFox platform to block malware or prevent a security breach, misuse of the ZeroFox platform, or risks of product liability claims that would harm our reputation and adversely impact our business, operating results, and financial condition; if our enterprise platform offerings do not interoperate with our customers’ network and security infrastructure, or with third-party products, websites or services, our results of operations may be harmed; we may not timely and cost-effectively scale and adapt our existing technology to meet our customers’ performance and other requirements; our ability to introduce new products and solutions and features is dependent on adequate research and development resources and our ability to successfully complete acquisitions; our success depends, in part, on the integrity and scalability of our systems and infrastructure; we rely on third-party cloud providers to host and operate our platform, and any disruption of or interference with our use of these offerings may negatively affect our ability to maintain the performance and reliability of our platform which could cause our business to suffer; we rely on software and services from other parties; we have a history of losses, and we may not be able to achieve or sustain profitability in the future; if organizations do not adopt cloud, and/or SaaS-delivered external cybersecurity solutions that may be based on new and untested security concepts, our ability to grow our business and our results of operations may be adversely affected; we have experienced rapid growth in recent periods, and if we do not manage our future growth, our business and results of operations will be adversely affected; we face intense competition and could lose market share to our competitors, which could adversely affect our business, financial condition, and results of operations; competitive pricing pressure may reduce revenue, gross profits, and adversely affect our financial results; adverse general and industry-specific economic and market conditions and reductions in customer spending, in either the private or public sector, including as a result of inflation and geopolitical uncertainty such as the ongoing conflict between Russia and Ukraine, may reduce demand for our platform or products and solutions, which could harm our business, financial condition and results of operations; the COVID-19 pandemic could adversely affect our business, operating results, and financial condition; if we fail to adapt to rapid technological change, evolving industry standards and changing customer needs, requirements or preferences, our ability to remain competitive could be impaired; one U.S. government customer accounts for a substantial portion of our revenues; and we rely heavily on the services of our senior management team.

Additional information concerning these, and other risks, is described under the “Risk Factors,” “Management’s Discussion and Analysis of Financial Condition and Results of Operations of ZeroFox”, and “Management’s Discussion and Analysis of Financial Condition and Results of Operations of IDX” sections of our final prospectus filed with the Securities and Exchange Commission (the “SEC”) pursuant to Rule 424(b) under the Securities Act of 1933 on April 12, 2023, in connection with our registration statement on Form S-1 and in subsequent reports that we file with the SEC. We expressly disclaim any obligation to update any of these forward-looking statements, except to the extent required by applicable law.

ZeroFox to Acquire LookingGlass, Broadening Global Attack Surface Intelligence Capabilities

Consider adding some security-through-obscurity tactics to your organization's protection arsenal to boost protection. Mask your attack surface behind additional zero-trust layers to remove AI's predictive advantage.

If you read articles about how threat actors can use artificial intelligence (AI), you've probably noticed they fall into two categories: improving deception capabilities and automating malicious coding.

The first case argues that generative AI using large language models (LLMs) can create phishing and smishing lures that are more believable (registration required). Given that 90% of successful cyberattacks begin with phishing, AI improving deceptive lures is cause for major concern. Imagine the convincing communications the new GPT-4 model, which hired people to solve Captcha challenges for it, might write.

The second topic, AI writing malware (which it has done), strikes me as less disturbing. In this case, experts argue that LLMs may write polymorphic malware or make it easier for less-skilled adversaries to create malicious code. However, we live in a world where over 450,000 new variants of malware and potentially unwanted applications (PUAs) are registered every day. It's hard to see how low-skilled users adding to that number would significantly change the threatscape. Simply creating more malware is an easily automated task. AI must create better malware to pose a greater threat.

**Adversarial AI Threat Potential**

I think the threat potential of adversarial AI is far greater than today's double whammy of _better phishing_ and _more malware_. Take a moment to put on your threat actor hat and envision what malicious AI might soon achieve. What tools do adversaries typically use, and can well-trained AI improve their effectiveness?

**Training AI to Hack**

Consider the untapped AI training potential of vulnerability scanning tools such as Acunetix or exploitation frameworks such as Metasploit. These tools automate the reconnaissance and exploitation stages of the cyber kill chain. Today, these tools require human guidance and direction. Advanced persistent threats (APTs) using them to target organizations are focused on the environment of a single victim. The tools do much of the lifting, but people must interpret the results and react accordingly. What if these programs simply supplied their information to a larger data lake for AI to ingest?

We can see how LLMs use massive data sets to create effective, generative AI. The GPT-3 model is advanced enough to predict syllable and word combinations, then construct seemingly intelligent responses to queries. AI can write an essay, haiku, or report on any topic with a simple prompt. Of course, the model doesn't actually know what it's saying. It has simply trained on language data long enough to accurately predict which word should come next in a response.

Imagine an AI that trains on security exploitation as deeply as LLMs train on language. Picture an AI training on all known CVEs, the NIST Cybersecurity Framework, and the OWASP Top 10 as part of its core data set. To truly make this AI dangerous, it should also train on data lakes generated by popular hacking tools. For example, use Nmap for a few million networks and train the AI to recognize correlations between open ports, OS versions, and domains. Run Nessus vulnerability scans in thousands of environments and feed the results to the AI to "learn" patterns of enterprise security flaws. This approach may be beyond the reach of small-time hackers but is certainly within the grasp of state-sponsored threat groups and governments.

Once this malicious AI is well-trained, it may predict vulnerable software and hardware combinations as accurately as ChatGPT chooses words. It may scan an environment, detect several problems, and return a ranked list of possible exploitation techniques. Or it could compromise the environment, then hand access over to threat actors. While better phishing and more malware present immediate problems, they are negligible compared with the potential dangers of a fully weaponized AI.

**Security Through Obscurity**

Fortunately, organizations can mitigate much of the threat posed by malicious AIs by hiding business infrastructure. As defined by Gartner, zero-trust network access (ZTNA) solutions offer a resilient defense. Think of a cloud-based zero-trust environment as a proxy between users and business resources. Using this configuration, apps, data, and services are hosted on a network separate from users. To access business resources, users must go through an app connector that performs extensive identity analysis. Once a user passes identity and context verifications, the proxy architecture connects them directly to the resource in the cloud.

It's important to note that users are never granted access to the network that hosts the apps, data, and services. They're only connected to the single resource requested in the verified transaction. This approach hides the rest of the network infrastructure and available resources from the secured session. There is no opportunity for an initiator to perform lateral movement, or larger reconnaissance of the environment.

This approach hamstrings adversarial AI trained to discover vulnerabilities in an enterprise environment. With business infrastructure hidden behind a secure cloud-proxy service, the AI cannot see the environment, or know what is exploitable. The AIs ability to find exploitation opportunities relies upon it having an extensive overview of the hardware and software running the business infrastructure.

What about users? An adversarial AI may crack an individual endpoint, such as a laptop or home router. However, controlling these devices does little to offer AI access to the larger business environment. Compromised devices and identities must still pass context analysis before connecting to resources. Access requests will be denied if they come at an odd time or display other suspicious features. If the AI can reasonably mimic a legitimate request from a compromised identity, it is limited to accessing the handful of resources available to that user.

This identity-level ZTNA approach to access eliminates much of an organization's attack surface and minimizes the danger of what remains — moving organizational infrastructure behind a cloud-based zero trust exchange strips adversarial AI of its predictive and knowledge-based advantage. Organizations can achieve security through obscurity by hiding everything malicious AI knows how to exploit.

Cybersecurity Survival: Hide From Adversarial AI

As email attackers move to more targeted and sophisticated attacks, email security needs to understand the organization, not past attacks, to keep up with attacker innovation and stop novel threats on the first encounter.

In an evolving threat landscape email remains the primary target for cyberattacks, and traditional methods of email security are no longer adequate. Solutions that rely on historical attack data can only catch what they've seen before and remain inevitably on the back foot, racing to match the pace of innovation of cybercriminals — in fact, they take an average of 13 days to recognize novel attacks.\*

**An Escalating Threat Landscape**

Phishing attacks are advancing in frequency and sophistication as attackers experiment with two key ingredients: malware delivery and social engineering. Regarding delivery, there is a surge in cybercriminals "hitching a ride" off legitimate infrastructure like OneDrive and SharePoint to conceal malware, exploiting their trusted reputations to bypass security tools. On the human side, attackers are using generative AI technologies to impersonate trusted contacts — including damaging business email compromises and realistic spear-phishing. Worryingly, Darktrace found that the average linguistic complexity of phishing emails has increased by 17% since the release of ChatGPT.  

These trends demonstrate a shift in the attack landscape: from high-frequency, low-impact, generic phishing tactics to more targeted, sophisticated, and higher-impact attacks that can evade security tools relying on rules and signatures.

    

Figure 1: The progression of attacks and relative coverage of email security tools.

What's more, email security for the digital age needs to stretch beyond the inbox, for a full picture of every user across their email, account, and apps. Effectively, tools that only focus on blocking known threats from the inbox are no longer enough.

**The Industry Picture**

Traditional gateways and many modern integrated cloud email security (ICES) providers have something in common: They look to previous threat intelligence in order to predict the next attack. Some newer vendors apply AI to this flawed approach, looking for direct matches and using "data augmentation" to identify similar-looking emails. Despite leveraging AI, this approach is still historically focused and therefore blind to novel threats.

These tools are also resource-intensive, requiring continuous policy maintenance and manual triage of held-but-legitimate emails. The stage is set for email security that autonomously separates bad from good and continuously adapts to every organization — technology that fits the definition of "set and forget".

**The Shift Toward Behavioral AI**

The industry is experiencing a seismic shift from "secure" email gateways to intelligent AI-driven approaches.

Only a complex understanding of each employee's everyday interactions can accurately determine whether or not an email belongs in their inbox. This approach understands behaviors — how each person uses their inbox and what constitutes 'normal' for each user — in order to detect what's not normal.

Within the threat landscape, this approach builds on native email security to tackle the high-level attacks that use novel or seemingly legitimate infrastructure.

    

Figure 2: Native email security plus AI covers more types of attacks.

Full confidence in detection allows for a precise and targeted response — action that removes only the riskiest parts of an email rather than taking a blanket ban out of caution — to minimize risk without disrupting normal business operations.

**A Full Picture for Every User**

Existing email tools focus solely on inbound email, which doesn't take into consideration the significant potential damage of an account compromise. Today's email security can't be limited to the inbox alone — it needs to comprise a full understanding of a user's behavior across email and beyond.

To have complete context of a single user, it's crucial to understand their activity on apps, networks, and devices for a full-picture view of identity-based attacks. Understanding a user in the context of their organization — including network, cloud, and endpoint data — connects email security with the enterprise and external attack surface for a richer picture of potential attacks.

**Bringing the End User Into the Loop**

In the digital age, security is everyone's responsibility. Email security needs to educate and engage employees at the right level, giving them the context they need to make the right decisions, without overwhelming them or giving them too much control.

The tools that succeed best will be those that can leverage AI to improve employees' security consciousness — with contextual banners, explainable digests, and bespoke actions to neutralize risky elements — bringing the end user into the loop to harden defenses. By empowering employees with information, while still leaving critical decisions to the security team, organizations can further strengthen their security posture, while lifting security teams out of firefighting mode towards higher-level more strategic decision-making .

The new frontline of email security fights cybercrime with intelligent AI, and organizations that fail to get ahead of the curve may end up paying the price. For CISOs, the question is not if they should upgrade their email protections, but when – how much longer can they risk depending on email security that's stuck in the past?

**About the Author**

    

As VP of Product at Darktrace, Dan Fein has helped customers quickly achieve a complete and granular understanding of Darktrace's product suite. Dan has a particular focus on Darktrace email, ensuring that it is effectively deployed in complex digital environments, and works closely with the development, marketing, sales, and technical teams. Dan holds a bachelor's degree in computer science from New York University.

\*Thirteeen days mean average of phishing payloads active in the wild between the response of Darktrace/email compared to the earliest of 16 independent feeds submitted by other email security technologies. (https://darktrace.com/news/darktrace-email-defends-organizations-against-evolving-cyber-threat-landscape)

The New Frontier in Email Security: Goodbye, Gateways; Hello, Behavioral AI

The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia, fresh findings from Kaspersky reveal.
"Tomiris's endgame consistently appears to be the regular theft of internal documents," security researchers Pierre Delcher and Ivan Kwiatkowski said in an analysis published today. "The threat actor targets government and

The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia, fresh findings from Kaspersky reveal.

"Tomiris's endgame consistently appears to be the regular theft of internal documents," security researchers Pierre Delcher and Ivan Kwiatkowski said in an analysis published today. "The threat actor targets government and diplomatic entities in the CIS."

The Russian cybersecurity firm's latest assessment is based on three new attack campaigns mounted by the hacking crew between 2021 and 2023.

Tomiris first came to light in September 2021 when Kaspersky highlighted its potential connections to Nobelium (aka APT29, Cozy Bear, or Midnight Blizzard), the Russian nation-state group behind the SolarWinds supply chain attack.

Similarities have also been unearthed between the backdoor and another malware strain dubbed Kazuar, which is attributed to the Turla group (aka Krypton, Secret Blizzard, Venomous Bear, or Uroburos).

Spear-phishing attacks mounted by the group have leveraged a "polyglot toolset" comprising a variety of low-sophistication "burner" implants that are coded in different programming languages and repeatedly deployed against the same targets.

Besides using open source or commercially available offensive tools, the custom malware arsenal used by the group falls into one of the three categories: downloaders, backdoors, and information stealers -

*   **Telemiris** - A Python backdoor that uses Telegram as a command-and-control (C2) channel.
*   **Roopy** - A Pascal-based file stealer that's designed to hoover files of interest every 40-80 minutes and exfiltrate them to a remote server.
*   **JLORAT** - A file stealer written in Rust that gathers system information, runs commands issued by the C2 server, upload and download files, and capture screenshots.

Kaspersky's investigation of the attacks has further identified overlaps with a Turla cluster tracked by Google-owned Mandiant under the name UNC4210, uncovering that the QUIETCANARY (aka TunnusSched) implant had been deployed against a government target in the CIS by means of Telemiris.

"More precisely, on September 13, 2022, around 05:40 UTC, an operator attempted to deploy several known Tomiris implants via Telemiris: first a Python Meterpreter loader, then JLORAT and Roopy," the researchers explained.

UPCOMING WEBINAR

Zero Trust + Deception: Learn How to Outsmart Attackers!

Discover how Deception can detect advanced threats, stop lateral movement, and enhance your Zero Trust strategy. Join our insightful webinar!

Save My Seat!

"These efforts were thwarted by security products, which led the attacker to make repeated attempts, from various locations on the filesystem. All these attempts ended in failure. After a one-hour pause, the operator tried again at 07:19 UTC, this time using a TunnusSched/QUIETCANARY sample. The TunnusSched sample was blocked as well."

That said, despite the potential ties between the two groups, Tomiris is said to be separate from Turla owing to differences in their targeting and tradecrafts, once again raising the possibility of a false flag operation.

On the other hand, it's also highly probable that Turla and Tomiris collaborate on select operations or that both the actors rely on a common software provider, as exemplified by Russian military intelligence agencies' use of tools supplied by a Moscow-based IT contractor named NTC Vulkan.

"Overall, Tomiris is a very agile and determined actor, open to experimentation," the researchers said, adding "there exists a form of deliberate cooperation between Tomiris and Turla."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Tag

#intel