A novel technique to stump artificial intelligence (AI) text-based systems increases the likelihood of a successful cyberattack by 60%.

Source: Krot Studio via Alamy Stock Photo

A new jailbreak technique for OpenAI and other large language models (LLMs) increases the chance that attackers can circumvent cybersecurity guardrails and abuse the system to deliver malicious content.

Discovered by researchers at Palo Alto Networks' Unit 42, the so-called Bad Likert Judge attack asks the LLM to act as a judge scoring the harmfulness of a given response using the Likert scale. The psychometric scale, named after its inventor and commonly used in questionnaires, is a rating scale measuring a respondent's agreement or disagreement with a statement.

The jailbreak then asks the LLM to generate responses that contain examples that align with the scales, with the ultimate result being that "the example that has the highest Likert scale can potentially contain the harmful content," Unit 42's Yongzhe Huang, Yang Ji, Wenjun Hu, Jay Chen, Akshata Rao, and Danny Tsechansky wrote in a post describing their findings.

Tests conducted across a range of categories against six state-of-the-art text-generation LLMs from OpenAI, Azure, Google, Amazon Web Services, Meta, and Nvidia revealed that the technique can increase the attack success rate (ASR) by more than 60% compared with plain attack prompts on average, according to the researchers.

The categories of attacks evaluated in the research involved prompting various inappropriate responses from the system, including: ones promoting bigotry, hate, or prejudice; ones engaging in behavior that harasses an individual or group; ones that encourage suicide or other acts of self-harm; ones that generate inappropriate explicitly sexual material and pornography; ones providing info on how to manufacture, acquire, or use illegal weapons; or ones that promote illegal activities.

Other categories explored and for which the jailbreak increases the likelihood of attack success include: malware generation or the creation and distribution of malicious software; and system prompt leakage, which could reveal the confidential set of instructions used to guide the LLM.

**How Bad Likert Judge Works**

The first step in the Bad Likert Judge attack involves asking the target LLM to act as a judge to evaluate responses generated by other LLMs, the researchers explained.

"To confirm that the LLM can produce harmful content, we provide specific guidelines for the scoring task," they wrote. "For example, one could provide guidelines asking the LLM to evaluate content that may contain information on generating malware."

Once the first step is properly completed, the LLM should understand the task and the different scales of harmful content, which makes the second step "straightforward," they said. "Simply ask the LLM to provide different responses corresponding to the various scales," the researchers wrote.

"After completing step two, the LLM typically generates content that is considered harmful," they wrote, adding that in some cases, "the generated content may not be sufficient to reach the intended harmfulness score for the experiment."

To address the latter issue, an attacker can ask the LLM to refine the response with the highest score by extending it or adding more details. "Based on our observations, an additional one or two rounds of follow-up prompts requesting refinement often lead the LLM to produce content containing more harmful information," the researchers wrote.

**Rise of LLM Jailbreaks**

The exploding use of LLMs for personal, research, and business purposes has led researchers to test their susceptibility to generate harmful and biased content when prompted in specific ways. Jailbreaks are the term for methods that allow researchers to bypass guardrails put in place by LLM creators to avoid the generation of bad content.

Security researchers have already identified several types of jailbreaks, according to Unit 42. They include one called persona persuasion; a role-playing jailbreak dubbed Do Anything Now; and token smuggling, which uses encoded words in an attacker's input.

Researchers at Robust Intelligence and Yale University also recently discovered a jailbreak called Tree of Attacks with Pruning (TAP), which involves using an unaligned LLM to "jailbreak" another aligned LLM, or to get it to breach its guardrails, quickly and with a high success rate.

Unit 42 researchers stressed that their jailbreak technique "targets edge cases and does not necessarily reflect typical LLM use cases." This means that "most AI models are safe and secure when operated responsibly and with caution," they wrote.

**How to Mitigate LLM Jailbreaks**

However, no LLM matter is completely secure from jailbreaks, the researchers cautioned. The reason that they can undermine the security that OpenAI, Microsoft, Google, and others are building into their LLMs is mainly due to the computational limits of language models, they said.

"Some prompts require the model to perform computationally intensive tasks, such as generating long-form content or engaging in complex reasoning," they wrote. "These tasks can strain the model's resources, potentially causing it to overlook or bypass certain safety guardrails."

Attackers also can manipulate the model's understanding of the conversation's context by "strategically crafting a series of prompts" that "gradually steer it toward generating unsafe or inappropriate responses that the model's safety guardrails would otherwise prevent," they wrote.

To mitigate the risks from jailbreaks, the researchers recommend applying content-filtering systems alongside LLMs for jailbreak mitigation. These systems run classification models on both the prompt and the output of the models to detect potentially harmful content.

"The results show that content filters can reduce the ASR by an average of 89.2 percentage points across all tested models," the researchers wrote. "This indicates the critical role of implementing comprehensive content filtering as a best practice when deploying LLMs in real-world applications."

**About the Author**

Elizabeth Montalbano is a freelance writer, journalist, and therapeutic writing mentor with more than 25 years of professional experience. Her areas of expertise include technology, business, and culture. Elizabeth previously lived and worked as a full-time journalist in Phoenix, San Francisco, and New York City; she currently resides in a village on the southwest coast of Portugal. In her free time, she enjoys surfing, hiking with her dogs, traveling, playing music, yoga, and cooking.

'Bad Likert Judge' Jailbreak Bypasses Guardrails of OpenAI, Other Top LLMs

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Tuesday leveled sanctions against two entities in Iran and Russia for their attempts to interfere with the November 2024 presidential election.
The federal agency said the entities – a subordinate organization of Iran's Islamic Revolutionary Guard Corps and a Moscow-based affiliate of Russia's Main Intelligence

Iranian and Russian Entities Sanctioned for Election Interference Using AI and Cyber Tactics

The fast growing region has its own unique cyber issues — and it needs its own talent to fight them.

Source: Panther Media via Alamy Stock Photo

COMMENTARY

The Middle East is undergoing a digital transformation that is as rapid as it is remarkable. Tech multinationals are investing big in the region as Dubai, Riyadh, and Abu Dhabi strive to establish themselves as global innovation hubs.   

But this increased digitization comes with an increased risk of cyberattacks — and businesses throughout the Middle East are at risk of being caught with their guard down.

The pace of digital growth in countries throughout the Middle East has far outstripped cybersecurity talent in the region, leaving organizations fatally exposed. While some businesses resort to outsourcing their cybersecurity measures to tech giants and their tools, this hands-off approach is risk-prone.

The Middle East now sits squarely in the firing line. With cyberattacks emboldened by AI, robust cybersecurity defenses are more crucial than ever. Businesses must move away from outsourcing and focus on building strong in-house defenses by investing in tool-based approaches and heavily leveraging in-house hiring, upskilling, and talent retention practices.

**Victims of Their Own Success?**

The commercial success of locations like Dubai, Abu Dhabi, and Saudi Arabia has transformed them into potential hotbeds for cybercrime. Distributed denial-of-service (DDoS) attacks on Middle Eastern countries have risen 75% in the past year, with the UAE and Saudi Arabia taking the brunt of the blow. 

Related:Iranian APT Group Targets IP Cameras, Extends Attacks Beyond Israel

The UAE alone falls victim to around 50,000 cyberattacks a day. And it comes at a cost: in 2023, cyberattacks cost businesses, organizations, and public bodies more than $8 million per incident.

The uptick in cyberattacks is only exacerbated by changing patterns in the cybercrime landscape. The rise of AI has lowered the barrier to entry for would-be hackers, allowing those with even the most novice skills to carry out a full-scale attack. Meanwhile, the proliferation of cybercrime as a service (CaaS), offering services like DDoS-for-hire, means threat actors now need little more than an intention to launch a cyberattack. In this new era of cybercrime, where there's a will, there's a way.

The current cybersecurity skills gap seen throughout the Middle East is leaving companies exposed and vulnerable to bad actors. Over half the companies in the EMEA region have attributed cybersecurity breaches to a lack of skills and training, while 70% of business leaders believe that skills shortages create a whole host of additional cybersecurity risks for companies to address.

**AI Muddles Outsourced Security Equation**

Related:DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks

Too many businesses attempt to remedy this lack of talent by outsourcing their cybersecurity to third parties. While this might have been effective when countries like the US were the main target for threat actors, that's no longer the case.   

The rise of AI-enhanced cyberattacks presents a new host of threats that businesses outsourcing cybersecurity won't necessarily be able to tackle. Not only has AI made it easier for threat actors to carry out cyberattacks, it's also made the attacks themselves more sophisticated and more malicious.

AI-enhanced malware is stealthier, making it harder to detect a breach of IT infrastructure. Automated phishing attacks enable bad actors to target a larger number of potential victims, while the phishing attacks themselves are highly tailored to their targets.

It is crucial that Middle Eastern businesses — particularly those in the UAE and Saudi Arabia — are on top of their cybersecurity measures. They cannot sit back and outsource cybersecurity with the assumption that the risk is also transferred. Instead, they must take an active approach to their cybersecurity measures by building up a strong in-house cybersecurity team that can identify, respond to, and deal with threats in an effective and timely manner. 

Related:South Korean APT Exploits 1-Click WPS Office Bug, Nabs Chinese Intel

Bringing cybersecurity in-house mitigates the risks that can crop up when relying on outsourced defenses, such as slow response times. Instead, in-house cybersecurity teams will have their fingers on the pulse of the business's security framework, as well as a thorough understanding of business specifics, enabling them to react quickly to threats.

But to achieve this, businesses must invest heavily in new and pre-existing IT talent to close the Middle East's skills gap — and this should be done with a particular focus on hiring and retention practices.

**Retention Is Tough in Smaller Talent Pool**

Over half of organizations globally say they struggle to recruit candidates with cybersecurity experience. Difficulties in hiring cybersecurity talent are compounded by trouble retaining cybersecurity staff, throwing employers into a vicious cycle of hiring and re-hiring. In the Middle East, where the digital economy is still young, this is of particular concern — the talent pool is finite, and companies cannot afford to lose out on promising employees.   

To combat this, corporations in the Middle East should turn their attention to the fresh talent coming out of universities throughout the Middle East and around the world. By forming partnerships with universities and offering attractive graduate schemes, businesses can tap into dense talent pools brimming with promising cybersecurity talent.

Graduates are eager to learn and willing to mold to the company ethos, making them the ideal choice for corporations looking to build up a dedicated in-house cybersecurity team.

Investing in apprenticeship schemes is another option for companies. Although more hands-on, companies will be able to train candidates from the ground up, ensuring the candidate's skills and knowledge are strongly aligned with the business's cybersecurity needs.

**Learning & Development Must Be Fostered**

Retaining this talent is just as crucial as bringing them on board in the first place.  Alongside the usual retention tactics, such as competitive pay packets and desirable benefits, companies must invest heavily in continuous learning and development (L&D) opportunities throughout the employee's career.  

Poor training — or a lack of training altogether — is a surefire way to lose employees. Conversely, 94% of employees say they would stay longer with an employer that invested in L&D. In a fast-changing, continually developing industry like cybersecurity, L&D is especially vital.

Investing in training sessions and development courses for cybersecurity employees will ensure they're kept up to date with any changes in the threat and security landscape. And, in the process, employees will feel as if the company is giving them opportunities to develop their skills and abilities, rounding them out into highly experienced cybersecurity professionals.

Investing in staff as a cybersecurity tactic shouldn't begin and end with cybersecurity staff. Deploying a company-wide cybersecurity upskilling program is a vital first step — and a simple way of ruling out one of the greatest causes behind cybersecurity breaches: human error. Negligence, a lack of awareness, or simple mistakes can lead to vulnerabilities and breaches, even in the most robust systems. Upskilling is a vital step companies must take to mitigate this risk.

With the rising rate of cyberattacks in the Middle East, corporations cannot afford to sit back and wait until they become the next big victim of a data breach or DDoS attack.

Companies can't rely solely on third-party cybersecurity measures — they must build up comprehensive in-house defenses. Businesses need to act now and double their investments in cybersecurity talent, paying particular mind to up-and-coming graduate talent.

**About the Author**

Founder, PG Advisors Ltd.

Partha Gopalakrishnan is a leading business transformation expert with more than 25 years of experience directing global teams to drive digital growth. He also has his own firm, PG Advisors, which offers board advisory and non-executive director services for prominent analysts and PE Firms. 

Partha has served in executive leadership positions with some of the world’s largest technology firms and global systems Integrators, including 17 years with Infosys, followed by a tenure at Tech Mahindra. He has completed executive education programs at the Stanford University Graduate School of Business and The Wharton School of the University of Pennsylvania.

Cybersecurity Lags in Middle East Business Development

AI tools will enable significant productivity and efficiency benefits for organizations in the coming year, but they also will exacerbate privacy, governance, and security risks.

Source: Anggalih Prasetya via Shutterstock

Most industry analysts expect organizations will accelerate efforts to harness generative artificial intelligence (GenAI) and large language models (LLMs) in a variety of use cases over the next year.

Typical examples include customer support, fraud detection, content creation, data analytics, knowledge management, and, increasingly, software development. A recent survey of 1,700 IT professionals conducted by Centient on behalf of OutSystems had 81% of respondents describing their organizations as currently using GenAI to assist with coding and software development. Nearly three-quarters (74%) plan on building 10 or more apps over the next 12 months using AI-powered development approaches.

While such use cases promise to deliver significant efficiency and productivity gains for organizations, they also introduce new privacy, governance, and security risks. Here are six AI-related security issues that industry experts say IT and security leaders should pay attention to in the next 12 months.

**AI Coding Assistants Will Go Mainstream — and So Will Risks**

Use of AI-based coding assistants, such as GitHub Copilot, Amazon CodeWhisperer, and OpenAI Codex, will go from experimental and early adopter status to mainstream, especially among startup organizations. The touted upsides of such tools include improved developer productivity, automation of repetitive tasks, error reduction, and faster development times. However, as with all new technologies, there are some downsides as well. From a security standpoint these include auto-coding responses like vulnerable code, data exposure, and propagation of insecure coding practices.

"While AI-based code assistants undoubtedly offer strong benefits when it comes to auto-complete, code generation, re-use, and making coding more accessible to a non-engineering audience, it is not without risks," says Derek Holt, CEO of Digital.ai. The biggest is the fact that the AI models are only as good as the code they are trained on. Early users saw coding errors, security anti-patterns, and code sprawl while using AI coding assistants for development, Holt says. "Enterprises users will continue to be required to scan for known vulnerabilities with \[Dynamic Application Security Testing, or DAST; and Static Application Security Testing, or SAST\] and harden code against reverse-engineering attempts to ensure negative impacts are limited and productivity gains are driving expect benefits."

**AI to Accelerate Adoption of xOps Practices**

As more organizations work to embed AI capabilities into their software, expect to see DevSecOps, DataOps, and ModelOps — or the practice of managing and monitoring AI models in production — converge into a broader, all-encompassing xOps management approach, Holt says. The push to AI-enabled software is increasingly blurring the lines between traditional declarative apps that follow predefined rules to achieve specific outcomes, and LLMs and GenAI apps that dynamically generate responses based on patterns learned from training data sets, Holt says. The trend will put new pressures on operations, support, and QA teams, and drive adoption of xOps, he notes.

"xOps is an emerging term that outlines the DevOps requirements when creating applications that leverage in-house or open source models trained on enterprise proprietary data," he says. "This new approach recognizes that when delivering mobile or web applications that leverage AI models, there is a requirement to integrate and synchronize traditional DevSecOps processes with that of DataOps, MLOps, and ModelOps into an integrated end-to-end life cycle." Holt perceives this emerging set of best practices will become hyper-critical for companies to ensure quality, secure, and supportable AI-enhanced applications.

**Shadow AI: A Bigger Security Headache**

The easy availability of a wide and rapidly growing range of GenAI tools has fueled unauthorized use of the technologies at many organizations and spawned a new set of challenges for already overburdened security teams. One example is the rapidly proliferating — and often unmanaged — use of AI chatbots among workers for a variety of purposes. The trend has heightened concerns about the inadvertent exposure of sensitive data at many organizations.

Security teams can expect to see a spike in the unsanctioned use of such tools in the coming year, predicts Nicole Carignan, vice president of strategic cyber AI at Darktrace. "We will see an explosion of tools that use AI and generative AI within enterprises and on devices used by employees," leading to a rise in shadow AI, Carignan says. "If unchecked, this raises serious questions and concerns about data loss prevention as well as compliance concerns as new regulations like the EU AI Act start to take effect," she says. Carignan expects that chief information officers (CIOs) and chief information security officers (CISOs) will come under increasing pressure to implement capabilities for detecting, tracking, and rooting out unsanctioned use of AI tools in their environment.

**AI Will Augment, Not Replace, Human Skills**

AI excels at processing massive volumes of threat data and identifying patterns in that data. But for some time at least, it remains at best an augmentation tool that is adept at handling repetitive tasks and enabling automation of basic threat detection functions. The most successful security programs over the next year will continue to be ones that combine AI's processing power with human creativity, according to Stephen Kowski, field CTO at SlashNext Email Security+.

Many organizations will continue to require human expertise to identify and respond to real-world attacks that evolve beyond the historical patterns that AI systems use. Effective threat hunting will continue to depend on human intuition and skills to spot subtle anomalies and connect seemingly unrelated indicators, he says. "The key is achieving the right balance where AI handles high-volume routine detection while skilled analysts investigate novel attack patterns and determine strategic responses."

AI's ability to rapidly analyze large datasets will heighten the need for cybersecurity workers to sharpen their data analytics skills, adds Julian Davies, vice president of advanced services at Bugcrowd. "The ability to interpret AI-generated insights will be essential for detecting anomalies, predicting threats, and enhancing overall security measures." Prompt engineering skills are going to be increasingly useful as well for organizations seeking to derive maximum value from their AI investments, he adds.

**Attackers Will Leverage AI to Exploit Open Source Vulns**

Venky Raju, field CTO at ColorTokens, expects threat actors will leverage AI tools to exploit vulnerabilities and automatically generate exploit code in open source software. "Even closed source software is not immune, as AI-based fuzzing tools can identify vulnerabilities without access to the original source code. Such zero-day attacks are a significant concern for the cybersecurity community," Raju says.

In a report earlier this year, CrowdStrike pointed to AI-enabled ransomware as an example of how attackers are harnessing AI to hone their malicious capabilities. Attackers could also use AI to research targets, identify system vulnerabilities, encrypt data, and easily adapt and modify ransomware to evade endpoint detection and remediation mechanisms.

**Verification, Human Oversight Will Be Critical**

Organizations will continue to find it hard to fully and implicitly trust AI to do the right thing. A recent survey by Qlik of 4,200 C-suite executives and AI decision-makers showed most respondents overwhelmingly favored the use of AI for a variety of uses. At the same time, 37% described their senior managers as lacking trust in AI, with 42% of mid-level managers expressing the same sentiment. Some 21% reported their customers as distrusting AI as well.

"Trust in AI will remain a complex balance of benefits versus risks, as current research shows that eliminating bias and hallucinations may be counterproductive and impossible," SlashNext's Kowski says. "While industry agreements provide some ethical frameworks, the subjective nature of ethics means different organizations and cultures will continue to interpret and implement AI guidelines differently." The practical approach is to implement robust verification systems and maintain human oversight rather than seeking perfect trustworthiness, he says.

Davies from Bugcrowd says there's already a growing need for professionals who can handle the ethical implications of AI. Their role is to ensure privacy, prevent bias, and maintain transparency in AI-driven decisions. "The ability to test for AI’s unique security and safety use cases is becoming critical," he says.

**About the Author**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

6 AI-Related Security Trends to Watch in 2025

Treasury says hackers accessed “certain unclassified documents” in a “major” breach, but experts believe the attack’s impacts could prove to be more significant as new details emerge.

A disclosure notice to the United States Congress on Monday revealed that the US Treasury Department suffered a breach earlier this month that allowed hackers to remotely access some Treasury computers and “certain unclassified documents.”

The attackers exploited vulnerabilities in remote tech support software provided by the identity and access management firm BeyondTrust, and Treasury said in its letter to lawmakers that “the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor.” Reuters first reported the disclosure and its contents.

In the notice, Treasury officials said that BeyondTrust notified the agency of the incident on December 8 after attackers were able to steal an authentication key and use it to bypass system defenses and gain access to Treasury workstations.

“The compromised BeyondTrust service has been taken offline and at this time there is no evidence indicating the threat actor has continued access to Treasury information,” Treasury assistant secretary for management Aditi Hardikar wrote the lawmakers. “In accordance with Treasury policy, intrusions attributable to an APT are considered a major cybersecurity incident.”

The disclosure says that Treasury has been collaborating with the FBI, the Cybersecurity and Infrastructure Security Agency, and the intelligence community broadly as well as private “forensic investigators” to evaluate the situation. The Treasury and FBI did not immediately return WIRED's request for additional information about the breach. CISA referred questions back to the Treasury Department. BeyondTrust was not immediately available for comment about the situation.

On December 8, BeyondTrust published an alert that it has continued to update about “a security incident that involved a limited number of Remote Support SaaS customers.” (SaaS stands for “software as a service.”) Though the notification does not say that the US Treasury was one of the impacted customers, the timeline and details appear to line up with the Treasury disclosure, including acknowledgment from BeyondTrust that attackers compromised an application programming interface key.

The BeyondTrust alert mentions two exploited vulnerabilities involved in the situation—the critical command injection vulnerability "CVE-2024-12356" and the medium-severity command injection vulnerability "CVE-2024-12686." CISA added the former CVE to its “Known Exploited Vulnerabilities Catalog” on December 19. Command injection vulnerabilities are common application flaws that can be easily exploited to gain access to a target's systems.

“I cannot believe that we're seeing command injection vulnerabilities in 2024 in any products, let alone a secure remote access product that's supposed to have additional vetting for use by the US government,” says Jake Williams, vice president of research and development at the cybersecurity consultancy Hunter Strategy and a former NSA hacker. “They are some of the easiest bugs to identify and remediate at this point.”

BeyondTrust is an accredited “Federal Risk and Authorization Management Program” vendor, but Williams speculates that it is possible that the Treasury was using a non-FedRAMP version of the company's Remote Support and Privileged Remote Access cloud products. If the breach actually affected FedRAMP-certified cloud infrastructure, though, Williams says, “it might be the first breach of one and almost certainly the first time FedRAMP cloud tools were abused to facilitate remote access to a customer's systems.”

The breach comes as US officials have been scrambling to address a massive espionage campaign compromising US telecoms that has been attributed to the China-backed hacking group known as Salt Typhoon. White House officials told reporters on Friday that Salt Typhoon breached nine US telecoms.

“We wouldn’t leave our homes, our offices, unlocked and yet our critical infrastructure—the private companies owning and operating our critical infrastructure—often do not have the basic cybersecurity practices in place that would make our infrastructure riskier, costlier, and harder for countries and criminals to attack,” Anne Neuberger, deputy national security adviser for cyber and emerging technology, said on Friday.

Treasury, CISA, and FBI officials did not respond to WIRED's questions about whether the actor that breached the Treasury was specifically Salt Typhoon. Treasury officials said in the disclosure to Congress that they would provide more information about the incident in the Department's mandated 30-day supplemental notification report. As details continue to emerge, Hunter Strategy's Williams says that the scale and scope of the breach may be even larger than it currently appears.

“I expect the impact to be more significant than access to just a few unclassified documents,” he says.

US Treasury Department Admits It Got Hacked by China

The ABB Cylon Aspect BMS/BAS controller suffers from an unauthenticated shell command execution vulnerability through the deployStart.php script. This allows any user to trigger the execution of 'rundeploy.sh' script, which initializes the Java deployment server that sets various configurations, potentially causing unauthorized server initialization and performance issues.

Title: ABB Cylon Aspect 3.08.02 (deployStart.php) Unauthenticated Command Execution  
Advisory ID: ZSL-2024-5891  
Type: Local/Remote  
Impact: Security Bypass, DoS  
Risk: (5/5)  
Release Date: 30.12.2024

**Summary**

ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices.

**Description**

The ABB Cylon Aspect BMS/BAS controller suffers from an unauthenticated shell command execution vulnerability through the deployStart.php script. This allows any user to trigger the execution of 'rundeploy.sh' script, which initializes the Java deployment server that sets various configurations, potentially causing unauthorized server initialization and performance issues.

**Vendor**

ABB Ltd. - https://www.global.abb

**Affected Version**

NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio  
Firmware: <=3.08.02

**Tested On**

GNU/Linux 3.15.10 (armv7l)  
GNU/Linux 3.10.0 (x86\_64)  
GNU/Linux 2.6.32 (x86\_64)  
Intel(R) Atom(TM) Processor E3930 @ 1.30GHz  
Intel(R) Xeon(R) Silver 4208 CPU @ 2.10GHz  
PHP/7.3.11  
PHP/5.6.30  
PHP/5.4.16  
PHP/4.4.8  
PHP/5.3.3  
AspectFT Automation Application Server  
lighttpd/1.4.32  
lighttpd/1.4.18  
Apache/2.2.15 (CentOS)  
OpenJDK Runtime Environment (rhel-2.6.22.1.-x86\_64)  
OpenJDK 64-Bit Server VM (build 24.261-b02, mixed mode)  
ErgoTech MIX Deployment Server 2.0.0

**Vendor Status**

\[21.04.2024\] Vulnerability discovered.  
\[22.04.2024\] Vendor contacted.  
\[22.04.2024\] Vendor responds.  
\[02.05.2024\] Working with the vendor.  
\[03.12.2024\] Vendor releases version 3.08.03 to address this issue.  
\[30.12.2024\] Coordinated public security advisory released.

**PoC**

abb\_aspect\_rce19.txt

**Credits**

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk\>

**References**

\[1\] https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497&LanguageCode=en&DocumentPartId=&Action=Launch  
\[2\] https://www.cve.org/CVERecord?id=CVE-2024-48840  
\[3\] https://packetstorm.news/files/id/183307/

**Changelog**

\[30.12.2024\] - Initial release  
\[02.01.2025\] - Added reference \[3\]

**Contact**

Zero Science Lab

Web: https://www.zeroscience.mk  
e-mail: lab@zeroscience.mk

ABB Cylon Aspect 3.08.02 (deployStart.php) Unauthenticated Command Execution

The ABB Cylon controller suffers from an authenticated path traversal vulnerability. This can be exploited through the 'devName' POST parameter in the ethernetUpdate.php script to write partially controlled content, such as IP address values, into arbitrary file paths, potentially leading to configuration tampering and system compromise including denial of service scenario through ethernet configuration backup file overwrite.

Title: ABB Cylon Aspect 3.08.02 (ethernetUpdate.php) Authenticated Path Traversal  
Advisory ID: ZSL-2024-5890  
Type: Local/Remote  
Impact: Manipulation of Data, DoS, Security Bypass  
Risk: (4/5)  
Release Date: 30.12.2024

**Summary**

ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices.

**Description**

The ABB Cylon controller suffers from an authenticated path traversal vulnerability. This can be exploited through the 'devName' POST parameter in the ethernetUpdate.php script to write partially controlled content, such as IP address values, into arbitrary file paths, potentially leading to configuration tampering and system compromise including denial of service scenario through ethernet configuration backup file overwrite.

**Vendor**

ABB Ltd. - https://www.global.abb

**Affected Version**

NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio  
Firmware: <=3.08.02

**Tested On**

GNU/Linux 3.15.10 (armv7l)  
GNU/Linux 3.10.0 (x86\_64)  
GNU/Linux 2.6.32 (x86\_64)  
Intel(R) Atom(TM) Processor E3930 @ 1.30GHz  
Intel(R) Xeon(R) Silver 4208 CPU @ 2.10GHz  
PHP/7.3.11  
PHP/5.6.30  
PHP/5.4.16  
PHP/4.4.8  
PHP/5.3.3  
AspectFT Automation Application Server  
lighttpd/1.4.32  
lighttpd/1.4.18  
Apache/2.2.15 (CentOS)  
OpenJDK Runtime Environment (rhel-2.6.22.1.-x86\_64)  
OpenJDK 64-Bit Server VM (build 24.261-b02, mixed mode)  
ErgoTech MIX Deployment Server 2.0.0

**Vendor Status**

\[21.04.2024\] Vulnerability discovered.  
\[22.04.2024\] Vendor contacted.  
\[22.04.2024\] Vendor responds.  
\[02.05.2024\] Working with the vendor.  
\[03.12.2024\] Vendor releases version 3.08.03 to address this issue.  
\[30.12.2024\] Public security advisory released.

**PoC**

abb\_aspect\_dir2.txt

**Credits**

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk\>

**References**

\[1\] https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A7497&LanguageCode=en&DocumentPartId=&Action=Launch  
\[2\] https://packetstorm.news/files/id/183306/

**Changelog**

\[30.12.2024\] - Initial release  
\[02.01.2025\] - Added reference \[2\]

**Contact**

Zero Science Lab

Web: https://www.zeroscience.mk  
e-mail: lab@zeroscience.mk

ABB Cylon Aspect 3.08.02 (ethernetUpdate.php) Authenticated Path Traversal

SUMMARY A recent report from the German news outlet Spiegel has revealed a significant security breach impacting hundreds…

****SUMMARY****

*   Sensitive data for 800,000 Volkswagen Group EVs was exposed on an unsecured cloud server.

*   The data leak, discovered by a whistle-blower, included GPS data and vehicle status, enabling owner tracking.

*   Affected users included politicians, police, and intelligence employees, with most vehicles in Europe.

*   The data leak revealed personal routines and locations, posing serious privacy risks.

*   The issue stemmed from Cariad’s system misconfiguration, which has since been addressed.

A recent report from the German news outlet Spiegel has revealed a significant security breach impacting hundreds of thousands of Volkswagen Group electric vehicle owners. The investigation found that sensitive location data for 800,000 vehicles, including those from Volkswagen, Audi, SEAT, and Skoda, was left exposed on an unsecured cloud server for months. 

The vulnerability was discovered by an anonymous whistle-blower and reported to the Chaos Computer Club (CCC), a prominent European hacker association. The exposure included personal data, including GPS coordinates and vehicle status, including detailed information about VW ID.3 and ID.4 owners stored on an unsecured Amazon cloud server. This allowed anyone with the right know-how to track the movements and habits of affected owners. 

https://berlin-ak.ftp.media.ccc.de//congress/2024/h264-hd/38c3-598-deu-Wir\_wissen\_wo\_dein\_Auto\_steht\_-\_Volksdaten\_von\_Volkswagen.mp4

Reportedly, the impacted EVs were located worldwide with the majority found in Germany and other parts of Europe. The affected owners not just include ordinary citizens but also prominent figures like German politicians, police officers, and even suspected intelligence service employees just like in October 2023 when a third-party contractor exposed over 500,000 Irish Police vehicle seizure records.  

This exposure extended far beyond simple vehicle location tracking. By linking vehicle data with other personal information, the researchers were able to gain unprecedented insights into the daily lives of affected owners.

For example, according to Spiegel’s report, it was able to track the movements of two German politicians with alarming precision, pinpointing their locations at various locations including a retirement home and military barracks, and profiling a mayor with her car tracking her movements from her work to her physical therapist.

That’s not all! Spiegel discovered terabytes of data on Amazon cloud storage, including the precise location of 460,000 vehicles, which could reveal crucial details of their owners. Moreover, the data also included information about the Hamburg police department’s electric cars, politicians, business leaders, Federal Intelligent Services employees, and the US Air Force’s Ramstein Air Base drivers.

The root of this security failure lies within Cariad, the Volkswagen Group’s software division. The company confirmed that a misconfiguration within their systems allowed unauthorized access to the sensitive data.

While Cariad insists that no financial or personally identifiable information was compromised, the potential for misuse of the exposed location data remains a significant threat. Cybercriminals could exploit this information for a variety of malicious purposes, including targeted stalking, blackmail, and even physical attacks.  

The CCC promptly contacted Lower Saxony’s State Data Protection Officer, Federal Ministry of the Interior, and other security bodies, and gave VW Group and Cariad 30 days to address the issue before going public. Cariad’s technical team promptly and responsibly blocked unauthorized access to customer data.

1.  **Cicada3301 Ransomware Hits French Peugeot Dealership**
2.  **Fuel Industry Software Provider Exposes SSNs and PII Data**
3.  **Builder.ai Database Exposes 1.29 TB of Unsecured Records**
4.  **Microsoft Power Pages Expose Millions of Records Globally**
5.  **13GB Data of Automobile Insurance Giant AA Exposed Online**

Exposed Cloud Server Tracks 800,000 Volkswagen, Audi, and Skoda EVs

From Elon Musk and Donald Trump to state-sponsored hackers and crypto scammers, this was the year the online agents of chaos gained ground.

For its entire existence as a global medium, the internet's evolution has been caught in a tug of war, pulled by opposing forces: on one side, moderation and control; on the other, disruption and anarchy.

This year, the most prominent actors weighing in on the side of disruption were familiar faces: The reckless oligarchs, cybercriminals, scammers, and state-sponsored hackers who made the internet feel particularly dangerous in 2024 were, to some degree, the same forces destabilizing the online world in 2023. But perhaps more than in any other recent year, those agents of chaos seemed to persist in the face of opposition, to grow in their influence—and to win.

From Elon Musk's completed remake of X in his own tech-bro image to Trump's disinformation-fueled campaign, to Russia's ongoing cyberattacks against Ukraine, to China's relentless onslaught of digital intrusions and crypto scammers' global spread, the online experience of 2024 was messy, hazardous, and Hobbesian. And for the most part, the people who made it that way are poised to exert even more influence over the year to come.

As we do every year, WIRED has assembled a list of the most dangerous people, groups, and organizations on the internet. Here are our picks for 2024.

**Elon Musk**

After years of evolution from entrepreneur to edgelord, Musk seemed to reach his final form this year in the run-up to November's US election. Once a technologist with ambiguous politics who occasionally pursued public arguments against scuba divers, Musk now uses his megaphone of 200-million-plus followers on X, the social media platform he fully controls, to broadcast an unrelenting stream of anti-regulation, anti-immigrant, anti-transgender, anti-press, anti-progressive talking points. He's amplified and repeated disinformation, like claims after the disastrous damage done by Hurricanes Helene and Milton that the Federal Emergency Management Agency (FEMA) was hoarding supplies or had spent its budget on migrants instead of needy Americans. He's repeated debunked theories about voter fraud and immigrants swinging elections. In at least one case, he's even seemed to drop a reference that suggest support for the QAnon movement, which maintains bizarre theories about satanic pedophile rings that only Donald Trump can destroy.

Meanwhile, Musk continues to push his AI startup, xAI, toward one of the most no-holds-barred visions of what that technology can make possible, with little regard for safety or preventing its use for disinformation. The company this year launched new image-generation capabilities in its Grok tool that were immediately used to create images of copyrighted characters, celebrities, and political figures in compromising or sexual positions. Musk himself at one point posted an AI-generated deepfake of Kamala Harris that mocked her with her own voice—with no annotation that it was not authentic—that received 150 million views.

More than any particular political message or technology he's pushed, however, the danger Musk represents is simply that the richest man in the world can buy one of the internet's most vital media platforms, then use it, along with hundreds of millions of dollars in donations, to elect the president of his choosing and shape US policy. After Trump's election, Musk was rewarded with hundreds of billions more in net worth. The system, in other words, is working—for oligarchs like Elon Musk.

**Donald Trump**

For the next four years, Donald Trump will once again be the most powerful single person in the world. This year, he was just a very loud one. On social media platforms like X—where Musk reinstated Trump's account despite a 2021 ban following his incitement of the January 6 storming of the US Capitol—and Trump's own Truth Social, he lit fires with false claims that arguably helped fuel his path to political victory. Like Musk, he made and repeated falsehoods such as FEMA spending its budget on immigrants rather than hurricane victims, or that immigrants were stealing and eating pets. By converting Robert F. Kennedy Jr. from a third-party candidate to an endorsing ally, Trump also reciprocally endorsed RFK Jr.'s long-running stream of anti-vaccine misinformation, rhetoric that has led to childhood vaccine rates now dipping to a lower level than before the Covid-19 pandemic.

Once his second term in office begins, Trump is poised to use digital surveillance to carry out a highly disruptive and even vindictive agenda: He's promised mass deportations of millions of immigrants starting on day one of his administration, and he's vowed to target political opponents and journalists with prosecution. There's little doubt that Trump will top this list in 2025. But in 2024, his words alone represent a clear and present danger.

**Volt Typhoon**

In the cybersecurity world, the last months of 2024 have been dominated by warnings from public officials about a Chinese state-sponsored hacking group known as Salt Typhoon, which has penetrated at least eight telecoms, in some cases accessing the real-time calls and texts of Americans. But in the midst of that cyberespionage scandal, a different, far more dangerous digital threat from China still quietly looms: A Chinese state-sponsored group called Volt Typhoon spent much of 2024 continuing its stealthy campaign to breach US critical infrastructure facilities—not to spy on communications, but to prepare for a potential cyberattack. While headlines about Volt Typhoon have largely dissipated since it was first called out and named by Microsoft in May of 2023, officials warn that the group continues to “pre-position” itself inside of networks that appear to be chosen for maximum disruption, perhaps timed to a Chinese invasion of Taiwan. Given that Chinese head of state Xi Jinping has told his country's military to be prepared for that invasion by 2027, now is the time to head off the digital salient of what could be a world-shaking future war.

**Sandworm**

While Volt Typhoon prepares, Sandworm attacks. The Russian hacking group, a unit of the country's GRU military intelligence agency, has in fact carried out many of the most disruptive cyberattacks of the past decade. Those attacks—mostly in Ukraine—include at least three blackouts triggered by its hacking, the destructive NotPetya malware that spread around the globe and inflicted $10 billion in damage, and countless data-destroying breaches that the group has carried out since the beginning of Russia's full-scale invasion of Ukraine in 2022. In 2024, as Russia fought Ukraine to a stalemate or regained territory in the east of the country, Sandworm continued to project its power beyond that front: Security firm StrikeReady discovered Sandworm targeting Ukraine's energy sector again this fall, perhaps in preparation for another round of electrical utility hacking, either to carry out its own attacks or as reconnaissance for the Russian military's now-annual physical bombing of Ukraine's grid.

**Israeli Military and Intelligence**

Last year, WIRED named both the IDF and Hamas on this list, a nod to each side's use of the internet in its propaganda efforts in the war in Gaza following Hamas' October 7 attack. This year, with Israel's adversaries in that conflict like Hamas and Hezbollah significantly weakened and in retreat, it's the Israeli forces that remain on the offensive. Israel's military continues to use AI tooling to identify targets for bombs as its strikes have killed tens of thousands of Gazan civilians and leveled entire cities in the territory. Israeli missiles continue to intermittently knock out Gaza's communications infrastructure, destroying 80 percent of the country's top telecom's cell towers and leading to information blackouts amid the destruction and starvation of that now year-plus siege. Add to all of that a still-mysterious Israeli supply chain attack that hid lethal explosives in pagers and walkie-talkies in an effort to target Hezbollah operatives, which led to immediate distrust of all communications devices in the country, and Israel's government forces remain an internet apex predator by any definition.

**Black Cat/AlphV/RansomHub**

Ransomware in 2024 was, again, one of the most abhorrent forms of cybercrime to blight the internet. But few ransomware attacks in history have been quite as dangerous and damaging as the one that targeted UnitedHealthcare subsidiary Change Healthcare early this year, carried out by a ransomware group known as Black Cat or AlphV. Even after extracting a $22 million ransom from the company—a payment processor that handles around 40 percent of all health care insurance claims across the US—the hackers' disruption of Change's network continued to prevent the company from completing payments to pharmacies, clinics, health care practices, and hospitals across the country for weeks, causing some to even go out of business. Then, as if it hadn't inflicted enough chaos, AlphV ran off with Change's ransom money instead of sharing it with a group of hackers with whom it had partnered to infiltrate the company. That led the jilted hackers to share the data stolen from Change Healthcare with another, newer ransomware crew called RansomHub, which extorted the company a second time—an unprecedented health care cybersecurity debacle.

**The Com**

Even in an age of state-sponsored Chinese cyberspies, Russian hacker saboteurs, and ransomware gangs, nihilistic young hackers remain a constant in the darker corners of the internet. And few of those corners are as dark as the ones frequented by the Com. The loose movement of online trolls and criminals who operate under the Com banner in channels on Telegram and Discord, many just in their teens, engage in some of the most despicable digital crimes possible, from petty crypto theft and ransomware to sextortion, harassment, and the creation and trade of child sexual abuse material. This year, several members of a Com subgroup of ransomware hackers known as Scattered Spider were arrested, following their alleged high-profile 2023 attacks on companies including Caesar's Entertainment and MGM Resorts. But other members of the group are allegedly responsible for the serial breaches of well over a hundred customers of the cloud provider Snowflake. It's a safe bet that the Com will continue to serve as a haven for plenty more criminal acts to come.

**Data Brokers**

Once, privacy fears centered on government agencies like the FBI and NSA and their ability to carry out mass surveillance worldwide. Now, increasingly, we give away that same surveillance data en masse to companies you've never heard of. This year, it came to light that several data brokers collect and then sell access to Americans' highly granular location data pulled from their phones. Surveillance services like Babel Street's LocateX allegedly can—and do—track visitors to sensitive locations abortion clinic or mosques. A data broker called Near Intelligence left a vast cache of location data exposed online, revealing the movements of hundreds of visitors to sex trafficker Jeffrey Epstein's island in the Caribbean. Reporting on both companies has demonstrated how much private location data our devices leave behind as revelatory digital detritus, and how the possession of that data now extends far beyond government agencies to little-known firms with highly questionable privacy and security practices.

**Character.AI**

If 2023 was the year that AI tools future-shocked the internet with their seemingly abrupt rise to prominence, 2024 was the year that those tools became normalized, quietly settling into common use in spite of all their alleged flaws and ethical problems. Yet those issues are still there, and perhaps no startup better exemplifies them than Character.AI, an AI firm backed by $2.7 billion in investment from Google. According to lawsuits filed in Texas and Florida against the company, its chatbots have encouraged children to engage in self-harm and violence against their parents, and allegedly contributed to 14-year-old dying by suicide. Other chatbots hosted by the company have allegedly coached kids into developing eating disorders, role-playing as school shooters, and even seemed to be sexually grooming them. Despite repeatedly vowing to implement age restrictions, no meaningful age safeguards appear to have been added even now, according to news outlet Futurism. If this is the future of artificial intelligence, the AI era is going to be a dark age indeed.

**Crypto Scammers**

The crypto-based investment scams known as “pig butchering”—a term experts now say should be retired because it can further harm victims—pulled in a staggering $37 billion in 2023, and likely more in 2024. The victims of that explosively growing form of crimes aren't just those who fall for its scams and lose their life savings, but also many of the perpetrators of the scams themselves: As many as 200,000 people have been enslaved in compounds across Southeast Asia and forced to carry out the fraud schemes. In some cases, they've been kept in electrified shackles and faced threats of cattle prods and beatings from the gangs overseeing their work. This year, the dystopia those scammers have ushered in has begun to spread worldwide, with operations cropping up in the Middle East, Eastern Europe, Latin America, and West Africa. The targets of their fraud, of course, are even more global. Crypto scams have already become a top-tier form of cybercrime, and there's no end in sight to the expansion of this predatory underworld industry.

The Most Dangerous People on the Internet in 2024

An overview of incidents and news surrounding Artificial Intelligence in 2024.

A popular saying is: “To err is human, but to really foul things up you need a computer.”

Even though the saying is older than you might think, it did not come about earlier than the concept of artificial intelligence (AI).

And as long as we have been waiting for AI technology to become commonplace, if AI has taught us one thing this year, then it’s that when humans and AI cooperate, amazing things can happen. But amazing is not always positive.

There have been some incidents in the past year that have made many people even more afraid of AI than they already were.

We started off 2024 with a warning from the British National Cyber Security Centre (NCSC) telling us it expects AI to heighten the global ransomware threat.

A lot of AI related stories this year dealt with social media and other public sources that were scraped to train an AI model.

For example, X was accused of unlawfully using the personal data of 60 million+ users to train its AI called Grok. Underlining that fear, we saw a hoax go viral on Instagram Stories that told people they could stop Meta from harvesting content by copying and pasting some text.

Facebook had to admit that it scrapes the public photos, posts and other data from the accounts of Australian adult users to train its AI models, which no doubt contributed to Australia’s ban on social media for children under the age of 16.

As with many developing technologies, sometimes the race to stay ahead is more important than security. This was best demonstrated when an AI companion site called Muah.ai got breached and details of all its users’ fantasies were stolen. The hacker described the platform as “a handful of open-source projects duct-taped together.”

We also saw an AI supply-chain breach when a chatbot provider exposed 346,000 customer files, including ID documents, resumes, and medical records.

And if the accidents didn’t scare people off, there were also some outright scams targeting people that were eager to use some of the popular applications of AI. A free AI editor lured victims into installing an information stealer which came in both Windows and MacOS flavors.

We saw further refinement of an ongoing type of AI-supported scam known as deepfakes. Deepfakes are AI-generated realistic media, created with the aim of tricking people into thinking the content of the video or image actually happened. Deepfakes can be used in scams and in disinformation campaigns.

A deepfake of Elon Musk was named the internet’s biggest scammer as it tricked an 82-year-old into paying $690,000 through a series of transactions. And AI-generated deepfakes of celebrities, including Taylor Swift, led to calls for laws to make the creation of such images illegal.

Video aside, we reported on scammers using AI to fake the voices of loved ones to tell them they’ve been in an accident. Reportedly, with the advancements in technology, only one or two minutes of audio—perhaps taken from social media or other online sources—are needed to generate a convincing deepfake recording.

Voice recognition doesn’t always work the other way around though. Some AI models have trouble understanding spoken words. McDonalds ended its AI drive through order taker experiment with IBM after too many incidents, including customers getting 260 Chicken McNuggets or bacon added to their ice cream.

To sign off on a positive note, a mobile network operator is using AI in the battle against phone scammers. AI Granny Daisy uses several AI models that work together listening to what scammers have to say, and then responding in a lifelike manner to give the scammers the idea they are working on an “easy” target. Playing on the scammers’ biases about older people, Daisy usually acts as a chatty granny while at the same time wasting the scammers’ time that they can’t use to work on real victims.

What do you think? Do the negatives outweigh the positives when it comes to AI, or is it the other way round? Let us know in the comments section.

Tag

#intel