Microsoft adds tools to protect Azure AI from threats such as prompt injection, as well as to give developers the capabilities to ensure generative AI apps are more resilient to model and content manipulation attacks.

Source: Tada Images via Shutterstock

Microsoft has announced several new capabilities in Azure AI Studio that the company says should help developers build generative artificial intelligence (GenAI) apps that are more reliable and resilient against malicious model manipulation and other emerging threats.

In a March 29 blog post, Microsoft's chief product officer of responsible AI, Sarah Bird, pointed to growing concerns about threat actors using prompt injection attacks to get AI systems to behave in dangerous and unexpected ways as the primary driving factor for the new tools.

"Organizations are also concerned about quality and reliability," Bird said. "They want to ensure that their AI systems are not generating errors or adding information that isn’t substantiated in the application’s data sources, which can erode user trust."

Azure AI Studio is a hosted platform that organizations can use to build custom AI assistants, copilots, bots, search tools and other applications, grounded in their own data. Announced in November, the platform hosts Microsoft's machine learning models, as well as models from several other sources, including OpenAI, Meta, Hugging Face, and Nvidia. It allows developers to quickly integrate multimodal capabilities and responsible AI features into their models.

Other major players, such as Amazon and Google, have rushed to market with similar offerings over the past year to tap into the surging interest in AI technologies worldwide. A recent IBM-commissioned study found that 42% of organizations with more than 1,000 employees are already actively using AI in some fashion, with many of them planning to increase and accelerate investments in the technology over the next few years. And not all of them were telling IT beforehand about their AI use.

**Protecting Against Prompt Engineering**

The five new capabilities that Microsoft has added — or will soon add — to Azure AI Studio are Prompt Shields, groundedness detection, safety system messages, safety evaluations, and risk and safety monitoring. The features are designed to address some significant challenges that researchers have uncovered recently — and continue to uncover on a routine basis — with regard to the use of large language models (LLMs) and GenAI tools.

Prompt Shields, for instance, is Microsoft's mitigation for what are known as indirect prompt attacks and jailbreaks. The feature builds on existing mitigations in Azure AI Studio against jailbreak risk. In prompt-engineering attacks, adversaries use prompts that appear innocuous and not overtly harmful to try and steer an AI model into generating harmful and undesirable responses. Prompt engineering is among the most dangerous in a growing class of attacks that try to jailbreak AI models or get them to behave in a manner that is inconsistent with any filters and constraints that developers might have built into them.  

Researchers have recently shown how adversaries can engage in prompt-engineering attacks to get GenAI models to spill their training data, spew out personal information, generate misinformation, and potentially harmful content, such as instructions on how to hot-wire a car.

With Prompt Shields, developers can integrate capabilities into their models that help distinguish between valid and potentially untrustworthy system inputs, set delimiters to help mark the beginning and end of input text, and use data marking to mark input texts. Prompt Shields is currently available in preview mode in Azure AI Content Safety and will become generally available soon, according to Microsoft.

**Mitigations for Model Hallucinations and Harmful Content**

With groundedness detection, Microsoft has added a feature to Azure AI Studio that it says can help developers reduce the risk of their AI models "hallucinating." Model hallucination is a tendency by AI models to generate results that appear plausible but are completely made up and not based — or grounded — on the training data. LLM hallucinations can be hugely problematic if an organization were to take the output as factual and act on it in some way. In a software development environment, for instance, LLM hallucinations could result in developers potentially introducing vulnerable code into their applications.

Azure AI Studio's new groundedness-detection capability is basically about helping detect — more reliably and at greater scale — potentially ungrounded GenAI outputs.  The goal is to give developers a way to test their AI models against what Microsoft calls "groundedness metrics" before deploying the model into their products. The feature also highlights potentially ungrounded statements in LLM outputs, so users know to fact check the output before using it. Groundedness detection should be available in the near future, according to Microsoft.

The new system message framework offers a way for developers to clearly define their models' capabilities, profile, and limitations in their specific environments. Developers can use the capability to define the format of the output and provide examples of intended behavior, so it becomes easier for users to detect deviations from intended behavior. The feature isn't available yet but should be soon.

Azure AI Studio's newly announced safety evaluations capability and its risk and safety monitoring feature are both currently available in preview status. Organizations can use the former to assess the vulnerability of their LLM models to jailbreak attacks and generate unexpected content. The risk and safety monitoring capability allows developers to detect model inputs that are problematic and likely to trigger hallucinated or unexpected content, so they can implement mitigations against it.

"Generative AI can be a force multiplier for every department, company, and industry," Microsoft's Bird said. "At the same time, foundation models introduce new challenges for security and safety that require novel mitigations and continuous learning."

**About the Author(s)**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

Microsoft Beefs Up Defenses in Azure AI

Had a Microsoft developer not spotted the malware when he did, the outcome could have been much worse.

Source: ozrimoz via Shutterstock

A newly discovered backdoor in XZ Utils, a data compression utility present in nearly all Linux distributions, has revived the ghosts of previous major software-supply chain security scares such as the Log4Shell vulnerability and the attack on SolarWinds.

The backdoor is embedded in an XZ library called liblzma and gives remote attackers a way to bypass secure shell (sshd) authentication and then gain complete access to an affected system. An individual with maintainer-level access to the code appears to have deliberately introduced the backdoor in a painstakingly executed, multiyear attack.

**A Shock to the OSS Community**

The backdoor affects XZ Utils 5.6.0 and 5.6.1, which are versions of the utility currently used only in unstable and beta releases of Fedora, Debian, Kali, open SUSE, and Arch Linux. As a result, the potential threat with this backdoor for now is considerably more limited than if the malware had found its way into a stable Linux distro.

Even so, the fact that someone managed to sneak a nearly undetectable backdoor into a trusted, widely used open source component — and the potential havoc it could have caused — has come as a painful wakeup call on how vulnerable organizations remain to attacks via the supply chain.

"This supply chain attack came as a shock to the OSS community, as XZ Utils was considered a trusted and scrutinized project," JFrog researchers said in a blog post. "The attacker built up a credible reputation as an OSS developer over the span of multiple years and used highly obfuscated code in order to evade detection by code reviews."

XZ Util is a command-line utility for compressing and decompressing data in Linux and other Unix-like operating systems. Microsoft developer Andres Freund discovered the backdoor in the software when investigating odd behavior in recent weeks around liblzma on some Debian installations. After initially thinking the backdoor was purely a Debian problem, Freund discovered the issue actually impacted the upstream XZ repository and associated tarballs or archive files. He publicly disclosed the threat on March 29.

Over the weekend, security teams associated with Fedora, Debian, openSUSE, Kali, and Arch issued urgent advisories alerting organizations running the affected Linux releases to immediately revert to earlier, more stable releases of their software to mitigate the potential risk of remote-code execution.

**Maximum Severity Vuln**

Red Hat, the primary sponsor and contributor to Fedora, assigned the backdoor a vulnerability identifier (CVE-2024-3094) and assessed it as a maximum severity risk (CVSS score of 10) to draw attention to the threat. The US Cybersecurity and Infrastructure Security Agency (CISA) joined the chorus of voices urging organizations using affected Linux distributions to downgrade their XZ Utils to an earlier version, and to hunt for any potential activity related to the backdoor and report any such findings to the agency.

All of the advisories offered tips for users on how to quickly check for the presence of the back-doored XZ versions in their code. Red Hat released an update that reverts XZ to previous versions, which the company will make available via its normal update process. But users concerned about potential attacks can force the update if they don't want to wait for the update to become available via the normal process, the company said.

Today Binarly released a free tool that organizations can use to look for backdoored XZs as well.

"Had this malicious code been introduced to stable OS releases in multiple Linux distributions, we could have seen in-the-wild exploitation en-masse," says Scott Caveza, staff research engineer at Tenable. "The longer this went unnoticed, the greater the potential for more malicious code from whomever this malicious actor might be."

In an FAQ, Tenable described the backdoor as modifying functions within liblzma in such a way as to allow attackers to intercept and modify data within the library. "In the example observed by Freund, under certain conditions, this backdoor could allow a malicious actor to 'break sshd authentication,' allowing the attacker to gain access to an affected system," noted the researchers.

**XZ Utils "Maintainer" Behind the Backdoor**

What makes the backdoor especially troublesome is the fact that someone using an account belonging to a maintainer of XZ Util embedded the malware in the package in what appears to have been a carefully planned multiyear operation. In a widely referenced blog post, security researcher Evan Boehs traced the malicious activity back to 2021 when an individual using the name Jia Tan created a GitHub account and almost immediately started making suspicious changes to some open source projects.

The blog post provides a detailed timeline of the steps Jia Tan and a couple of other individuals took to gradually build enough trust within the XZ community to make changes to the software and eventually introduce the backdoor.

"All the evidence points to social manipulation being used by a person with the sole end goal of inserting a backdoor," Boehs tells Dark Reading. "Basically, there was never a genuine effort to maintain the project, only to gain enough trust to insert \[the backdoor\] quietly."

Typically, gaining commit access to a repository requires an individual to establish a sense of trustworthiness. Often, projects give new commit access to individuals only when there is a need for it and after some risk assessment, Boehs says.

"In this case, Jia created a \[seemingly\] legitimate need for more maintainers ... and then began building trust. Our society is built on trust, and occasionally some crafty people exploit it," he notes. "Gaining permission requires trust. Trust takes time to establish. Jia was in it for the long game."

Boehs says it's unclear when exactly Jia Tan became a trusted member of the repository. But soon after his first commit in 2022, Jia Tan became a regular contributor and is currently the second-most active on the project. GitHub has since suspended Jia Tan's account.

Saumitra Das, vice president of engineering at Qualys, says what happened with XZ Util can happen elsewhere.

"Many critical libraries in open source are being maintained by volunteers in the community who are not paid for it and can be under pressure due to their personal issues," Das says.

Maintainers who are under pressure often welcome contributors who are willing to spend even a little bit of time on their projects. "Over, time, such folks can gain more control over the code," as was the case with XZ Utils, he says.

**About the Author(s)**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

XZ Utils Backdoor Implanted in Carefully Executed, Multiyear Supply Chain Attack

By Waqas
Microsoft has acknowledged the concerns!
This is a post from HackRead.com Read the original post: Data Security Fears: Congress Bans Staff Use of Microsoft’s AI Copilot

U.S. House Bans Staff from Using Microsoft’s Copilot Amid Data Security Concerns – The AI coding assistant, recently released to the public, is deemed a risk due to potential data leakage – Learn more about the controversy and the future of AI in government workplaces.

In a move highlighting growing anxieties around data security, the U.S. House of Representatives has reportedly banned congressional staffers from using Microsoft’s AI coding assistant, Copilot. This comes just weeks after Microsoft announced the official public release of AI Copilot on March 14th, 2024.

The ban, implemented by the House’s Chief Administrative Officer Catherine Szpindor, reportedly stems from concerns about potential data leakage. According to a report from Axios, Szpindor’s office believes AI Copilot “poses a risk to users due to the threat of leaking House data to non-House approved cloud services.”

****Concerns Over Data Security****

Copilot, an AI tool integrated within Microsoft’s development environment, analyzes a programmer’s code and suggests completions or entire lines of code. This can significantly boost productivity for developers. However, the tool relies on a massive dataset of publicly available code, raising concerns about potential security vulnerabilities.

The House’s Office of Cybersecurity reportedly fears that sensitive congressional data could be inadvertently incorporated into this vast codebase, potentially exposing it to unauthorized access.

****Microsoft Responds****

Microsoft has acknowledged the concerns raised by the House and emphasized its commitment to government user security. A Microsoft spokesperson, speaking to Reuters, stated, “We recognize that government users have higher security requirements for data. That’s why we announced a roadmap of Microsoft AI tools, like Copilot, that meet federal government security and compliance requirements that we intend to deliver later this year.”

****Wider Implications****

The House’s decision to ban AI Copilot reflects a broader trend of increased scrutiny surrounding AI tools that access user data. While AI offers immense potential for efficiency and innovation, concerns about data privacy and security remain significant.

Commenting on this, Callie Guenther, Senior Manager, Cyber Threat Research at Critical Start argued that the US government is cautious about regulating AI due to concerns like data security and bias.

_“_The ban on congressional staffers’ use of Microsoft AI Copilot highlights the government’s careful approach to AI while trying to regulate it. The risks include data security, potential bias, dependence on external platforms, and opaque AI processes,_“_ Callie pointed out.

_“_The industry must enhance security, improve transparency, develop government-specific solutions, and support ongoing evaluation to address these concerns. Congress might reconsider its stance if these issues are effectively addressed, especially with government-tailored AI versions demonstrating high security and ethical standards,” she advised.

****Uncertain Future****

The House’s ban is a strict one, targeting all commercially available versions of AI Copilot. However, Szpindor’s office did indicate they would “be evaluating the government version when it becomes available and deciding at that time.” This suggests a potential path forward if Microsoft can address the House’s security concerns.

It remains to be seen if other government agencies or private companies will follow suit and implement similar restrictions on AI Copilot. However, this incident indicates the need for data security practices in a world increasingly reliant on AI tools.

1.  To Spy or Not to Spy; Congress to Decide
2.  US Congress Dumps Yahoo Mail Over Phishing Attacks
3.  Malicious Ads Infiltrate Bing AI Chatbot in Malvertising Attack
4.  U.S Senate wants to ban Kaspersky’ Software for Links to Russia
5.  AI Healthcare: ChatGPT Helps Boy Get Diagnosis After Doctors Fail
6.  Researchers Test Zero-click Worms that Exploit Generative AI Apps

Data Security Fears: Congress Bans Staff Use of Microsoft’s AI Copilot

Plus: Microsoft patches over 60 vulnerabilities, Mozilla fixes two Firefox zero-day bugs, Google patches 40 issues in Android, and more.

It’s time to check your software updates. March has seen the release of important patches for Apple’s iOS, Google’s Chrome, and its privacy-conscious competitor Firefox. Bugs have also been squashed by enterprise software giants including Cisco, VMware, and SAP.

Here’s what you need to know about the security updates issued in March.

**Apple iOS**

Apple made up for a quiet February by issuing two separate patches in March. At the start of the month, the iPhone maker released iOS 17.4, fixing over 40 flaws including two issues already being used in real-life attacks.

Tracked as CVE-2024-23225, the first bug in the iPhone Kernel could allow an attacker to bypass memory protections. “Apple is aware of a report that this issue may have been exploited,” the iPhone maker said on its support page.

Tracked as CVE-2024-23296, the second flaw, in RTKit, the real-time operating system used in devices including AirPods, could also allow an adversary to bypass Kernel memory protections.

Later in March, Apple released a second software update, iOS 17.4.1, this time fixing two flaws in its iPhone software, both tracked as CVE-2024-1580. Using the issues patched in iOS 17.4.1, an attacker could execute code if they convinced someone to interact with an image.

Soon after issuing iOS 17.4.1, Apple released patches for its other devices to fix the same bugs: Safari 17.4.1, macOS Sonoma 14.4.1 and macOS Ventura 13.6.6.

**Google Chrome**

March was another hectic month for Google, which patched multiple flaws in its Chrome browser. Mid-way through the month, Google released 12 patches, including a fix for CVE-2024-2625, an object-lifecycle issue in V8 with a high severity rating.

Medium-severity issues include CVE-2024-2626, an out-of-bounds read bug in Swiftshader; CVE-2024-2627, a use-after-free flaw in Canvas; and CVE-2024-2628, an inappropriate implementation issue in Downloads.

At the end of the month, Google issued seven security fixes, including a patch for a critical use-after-free flaw in ANGLE tracked as CVE-2024-2883. Two further use-after-free bugs, tracked as CVE-2024-2885 and CVE-2024-2886, were given a high-severity rating. Meanwhile, CVE-2024-2887 is a type-confusion flaw in WebAssembly.

The last two issues were exploited at the Pwn2Own 2024 hacking contest, so you should update your Chrome browser ASAP.

**Mozilla Firefox**

Mozilla’s Firefox had a busy March, after patching two zero-day vulnerabilities exploited at Pwn2Own. CVE-2024-29943 is an out-of-bounds access bypass issue, while CVE-2024-29944 is a privileged JavaScript Execution flaw in Event Handlers that could lead to sandbox escape. Both issues are rated as having a critical impact.

Earlier in the month, Mozilla released Firefox 124 to address 12 security issues, including CVE-2024-2605, a sandbox-escape flaw affecting Windows operating systems. An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system, escaping the sandbox, Mozilla said.

CVE-2024-2615 sees critical-rated memory safety bugs fixed in Firefox 124. “Some of these bugs showed evidence of memory corruption, and we presume that with enough effort \[they\] could have been exploited to run arbitrary code,” Mozilla said.

**Google Android**

Google has released its March Android Security Bulletin, fixing nearly 40 issues in its mobile operating system, including two critical bugs in its system component. CVE-2024-0039 is a remote code-execution flaw, while CVE-2024-23717 is an elevation-of-privilege vulnerability.

“The most severe of these issues is a critical security vulnerability in the System component that could lead to remote code execution with no additional execution privileges needed,” Google said in its advisory.

You Should Update Apple iOS and Google Chrome ASAP

Ubuntu Security Notice 6707-4 - Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

    ==========================================================================Ubuntu Security Notice USN-6707-4March 28, 2024linux-azure-6.5 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-azure-6.5: Linux kernel for Microsoft Azure cloud systemsDetails:Lonial Con discovered that the netfilter subsystem in the Linux kernel didnot properly handle element deactivation in certain cases, leading to ause-after-free vulnerability. A local attacker could use this to cause adenial of service (system crash) or possibly execute arbitrary code.(CVE-2024-1085)Notselwyn discovered that the netfilter subsystem in the Linux kernel didnot properly handle verdict parameters in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denialof service (system crash) or possibly execute arbitrary code.(CVE-2024-1086)Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:   - Network drivers;   - PWM drivers;(CVE-2024-26597, CVE-2024-26599)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS:   linux-image-6.5.0-1017-azure    6.5.0-1017.17~22.04.1   linux-image-6.5.0-1017-azure-fde  6.5.0-1017.17~22.04.1   linux-image-azure               6.5.0.1017.17~22.04.1   linux-image-azure-fde           6.5.0.1017.17~22.04.1After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6707-4   https://ubuntu.com/security/notices/USN-6707-1   CVE-2024-1085, CVE-2024-1086, CVE-2024-26597, CVE-2024-26599Package Information:   https://launchpad.net/ubuntu/+source/linux-azure-6.5/6.5.0-1017.17~22.04.1

Ubuntu Security Notice USN-6707-4

Intel PowerGadget version 3.6 suffers from a local privilege escalation vulnerability.

    Vulnerability summary: Local Privilege Escalation from regular user to SYSTEM, via conhost.exe hijacking triggered by MSI installer in repair modeAffected Products: Intel PowerGadgetAffected Versions: tested on PowerGadget_3.6.msi (a3834b2559c18e6797ba945d685bf174), file signed on ‎Monday, ‎February ‎1, ‎2021 9:43:20 PM (this seems to be the latest version), earlier versions might be affected as well.Affected Platforms: WindowsCommon Vulnerability Scoring System (CVSS) Base Score (CVSSv3): 7.8 HIGHRisk score (CVSSv3): 7.8 HIGH AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H&version=3.1)I have reported this issue to Intel, but since the product has been marked End of Life since October 2023, it is not going to receive a security update nor a security advisory. Intel said that they are OK with me making this finding public, under the condition that I would emphasize that the product is EOL.Description and steps to replicate:On systems where Intel PowerGadget is installed from an MSI package, a local interactive regular user is able to run the MSI installer file in the "repair" mode and hijack the conhost.exe process (which is created by an instance of sc.exe the installer calls during the process) by quickly left-clicking on the console window that pops up for a split second in the late stage of the process. Left-clicking on the conhost.exe console window area freezes the console (meaning it prevents the sc.exe process from exiting). That process is running as NT AUTHORITY/SYSTEM. From there, it is possible to run a web browser by clicking on one of the links in the small GUI window that can be called by right-clicking on the console window bar and entering "properties". Once a web browser is spawn, attacker can call up the "Open" dialog and in that way get a fully working escape to explorer. From there they can, for example, browse through C:\Windows\System32 and right-click on cmd.exe and run it, obtaining as SYSTEM shell.Now - an important detail - on most recent builds of Windows neither Edge nor Internet Explorer will spawn as SYSTEM (this is a mitigation from Microsoft); thus for successful exploitation another browser has to already be present in the system. As you can see I pick Chrome and then spawn an instance of cmd.exe, which turns out to be running as SYSTEM. Also, when doing this, DO NOT check "always use this app" in that dialog, as if you pick the wrong one (e.g. Edge or IE), it will be saved as the default http/https handler for SYSTEM and from then further attacks like this won't work if you want to repeat the POC - unless you reverse that change somewhere in the registry.This class of Local Privilege Escalations is described by Mandiant in this article: https://www.mandiant.com/resources/blog/privileges-third-party-windows-installers.To run the installer in repair mode, one needs to identify the proper MSI file. After normal installation, it is by default present in C:\Windows\Installer directory, under a random name. The proper file can be identified by attributes like control sum, size or "author" information.The exploitation process is illustrated in the screenshots below, reflecting the the steps taken to attain a SYSTEM shell (no exploit development is required, the issue can be exploited using GUI).Recommendation:Technically, as per the reference, it is recommended to change the way the sc.exe is called, using the WixQuietExec() method (see the second reference). In such case the conhost.exe window will not be visible to the user, thus making it impossible to perform any GUI interaction and an escape.I am, however, aware that this product is no longer maintained since October 2023 (https://www.intel.com/content/www/us/en/developer/articles/tool/power-gadget.html) and that includes security updates. Still, I believe a security advisory and CVE should be released just to make users and administrators aware why they need to replace PowerGadget with Intel Performance Counter Monitor.Another possible (short-term) mitigation is to disable MSI (https://learn.microsoft.com/en-us/windows/win32/msi/disablemsi).References:https://hackingiscool.pl/intel-powergadget-3-6-local-privilege-escalation/https://www.mandiant.com/resources/blog/privileges-third-party-windows-installershttps://wixtoolset.org/docs/v3/customactions/qtexec/https://www.intel.com/content/www/us/en/developer/articles/tool/power-gadget.html)https://learn.microsoft.com/en-us/windows/win32/msi/disablemsi

Intel PowerGadget 3.6 Local Privilege Escalation

An easy-to-understand guide on how to back up your Windows PC to OneDrive.

They say the only backup you ever regret is the one you didn’t make. Starting in Windows 10, the operating system (OS) now comes with a built-in tool to back up your files, themes, some settings, many of your installed apps, and your Wi-Fi information.

First, you’ll need to sign in with your Microsoft account

Go to **Start**  > **Settings**  > **Accounts**  > **Your info** . Select **Sign in with a Microsoft account instead**. You’ll see this only if you’re using a local account. If you see **Sign in with a local account instead**, you’re already using your Microsoft account.

To start the backup process select **Start**  **\> Windows Backup**.

Select **Folders** to drop down a list, and select which of your user folders you want to back up by toggling them **On** or **Off**. The ones you have already backed up will say **Backed up** next to them.

**Next**, you can move forward to back up your settings. You can use the drop down for each category and select the items you want to back up by setting them to **On** or **Off**.

First choose your apps:

Then your settings:

Then your credentials:

When you’ve decided on what to back up, click **Back up** and the backup will be made.

From this point on, Windows will synchronize these backups at regular intervals. If it’s been a while since you made your backups or changed your settings, you can check the status by going to **Start  > Settings  > Accounts  > Windows backup**.

_Current status_

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

 How to back up your Windows 10/11 PC to OneDrive 

Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. These missives draw on the recipient's natural curiosity about being copied on a private discussion, which is modified to include a malicious link or attachment. Here's the story of a recent thread hijacking attack in which a journalist was copied on a phishing email from the unwilling subject of a recent scoop.

Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. These missives draw on the recipient’s natural curiosity about being copied on a private discussion, which is modified to include a malicious link or attachment. Here’s the story of a thread hijacking attack in which a journalist was copied on a phishing email from the unwilling subject of a recent scoop.

In Sept. 2023, the Pennsylvania news outlet **LancasterOnline.com** published a story about **Adam Kidan**, a wealthy businessman with a criminal past who is a major donor to Republican causes and candidates, including **Rep. Lloyd Smucker** (R-Pa).

The LancasterOnline story about Adam Kidan.

Several months after that piece ran, the story’s author **Brett Sholtis** received two emails from Kidan, both of which contained attachments. One of the messages appeared to be a lengthy conversation between Kidan and a colleague, with the subject line, “Re: Successfully sent data.” The second missive was a more brief email from Kidan with the subject, “Acknowledge New Work Order,” and a message that read simply, “Please find the attached.”

Sholtis said he clicked the attachment in one of the messages, which then launched a web page that looked exactly like a Microsoft Office 365 login page. An analysis of the webpage reveals it would check any submitted credentials at the real Microsoft website, and return an error if the user entered bogus account information. A successful login would record the submitted credentials and forward the victim to the real Microsoft website.

But Sholtis said he didn’t enter his Outlook username and password. Instead, he forwarded the messages to LancasterOneline’s IT team, which quickly flagged them as phishing attempts.

LancasterOnline **Executive Editor Tom Murse** said the two phishing messages from Mr. Kidan raised eyebrows in the newsroom because Kidan had threatened to sue the news outlet multiple times over Sholtis’s story.

“We were just perplexed,” Murse said. “It seemed to be a phishing attempt but we were confused why it would come from a prominent businessman we’ve written about. Our initial response was confusion, but we didn’t know what else to do with it other than to send it to the FBI.”

The phishing lure attached to the thread hijacking email from Mr. Kidan.

In 2006, Kidan was sentenced to 70 months in federal prison after pleading guilty to defrauding lenders along with Jack Abramoff, the disgraced lobbyist whose corruption became a symbol of the excesses of Washington influence peddling. He was paroled in 2009, and in 2014 moved his family to a home in Lancaster County, Pa.

The FBI hasn’t responded to LancasterOnline’s tip. Messages sent by KrebsOnSecurity to Kidan’s emails addresses were returned as blocked. Messages left with Mr. Kidan’s company, Empire Workforce Solutions, went unreturned.

No doubt the FBI saw the messages from Kidan for what they likely were: The result of Mr. Kidan having his Microsoft Outlook account compromised and used to send malicious email to people in his contacts list.

Thread hijacking attacks are hardly new, but that is mainly true because many Internet users still don’t know how to identify them. The email security firm **Proofpoint** says it has tracked north of 90 million malicious messages in the last five years that leverage this attack method.

One key reason thread hijacking is so successful is that these attacks generally do not include the tell that exposes most phishing scams: A fabricated sense of urgency. A majority of phishing threats warn of negative consequences should you fail to act quickly — such as an account suspension or an unauthorized high-dollar charge going through.

In contrast, thread hijacking campaigns tend to patiently prey on the natural curiosity of the recipient.

**Ryan Kalember**, chief strategy officer at Proofpoint, said probably the most ubiquitous examples of thread hijacking are “CEO fraud” or “business email compromise” scams, wherein employees are tricked by an email from a senior executive into wiring millions of dollars to fraudsters overseas.

But Kalember said these low-tech attacks can nevertheless be quite effective because they tend to catch people off-guard.

“It works because you feel like you’re suddenly included in an important conversation,” Kalember said. “It just registers a lot differently when people start reading, because you think you’re observing a private conversation between two different people.”

Some thread hijacking attacks actually involve multiple threat actors who are actively conversing while copying — but not addressing — the recipient.

“We call these multi-persona phishing scams, and they’re often paired with thread hijacking,” Kalember said. “It’s basically a way to build a little more affinity than just copying people on an email. And the longer the conversation goes on, the higher their success rate seems to be because some people start replying to the thread \[and participating\] psycho-socially.”

The best advice to sidestep phishing scams is to avoid clicking on links or attachments that arrive unbidden in emails, text messages and other mediums. If you’re unsure whether the message is legitimate, take a deep breath and visit the site or service in question manually — ideally, using a browser bookmark so as to avoid potential typosquatting sites.

Thread Hijacking: Phishes That Prey on Your Curiosity

By Waqas
Some of the known targets of this iMessage phishing campaign are USPS (the United States Postal Service), DHL, Evri, Australia Post, Bulgarian Posts, and Singapore Post.
This is a post from HackRead.com Read the original post: New iMessage Phishing Campaign Targets Postal Service Users Globally

Netcraft Report Uncovers “Darcula” Platform Targeting Postal Services Worldwide via iMessage & RCS Phishing. Discover how USPS & global services are under attack and learn essential protection measures.

A new report by cybersecurity firm Netcraft has discovered a sophisticated phishing-as-a-service (PhaaS) platform called “Darcula.” This platform is being used to launch large-scale smishing attacks targeting the United States Postal Service (USPS) and global postal services across more than 100 countries.

Darcula represents a significant development in the world of cybercrime. Unlike traditional PhaaS platforms that rely on email communication, Darcula leverages iMessage and Rich Communication Services (RCS) messaging for its attacks. This allows cybercriminals to bypass SMS firewalls commonly used to block phishing attempts.

****Why iMessage and RCS?****

iMessage and RCS offer features like file transfers and enhanced media support, making them appear more legitimate than traditional SMS messages. Additionally, these messaging services are often used for personal communication, potentially lowering a user’s guard against potential phishing attempts.

****The Smishing Tactic****

The Darcula platform facilitates smishing attacks, a form of phishing that uses text messages to trick victims. These messages often impersonate legitimate organizations, such as postal services, and typically lure users into clicking malicious links or providing sensitive information.

Screenshots of the actual malicious text sent to a user (Credit: Netcraft)

In the case of attacks targeting postal services, the messages might impersonate the USPS or a similar national postal service, informing recipients of missed deliveries or requesting additional information for package clearance. Clicking the malicious link could lead to a fake website designed to steal the user’s login credentials, credit card information, or other sensitive data.

****Global Reach and Long History****

The Netcraft **report** reveals that Darcula has been operational for at least a year and has been used in attacks on users in the UK and the United States. The platform’s capacity to target postal services in over 100 countries highlights its global reach and the potential impact of these phishing campaigns.

Phishing pages to which a user is taken (Credit: Netcraft)

****Importance of Cybersecurity** Training**

While the use of iMessage and RCS introduces a new element to smishing attacks, basic security principles and training remain crucial in protecting oneself. Users should be wary of unsolicited messages, even those coming from seemingly familiar sources.

Phishing attempts often create a sense of urgency, urging users to click links or respond immediately. Taking a moment to verify the legitimacy of a message by contacting the sender directly through a verified phone number or website can help avoid falling victim to these scams.

According to Max Gannon, Cyber Intelligence Analysis Manager at Cofense, _“_Darcula, a very advanced phishing kit, paints a dire picture of phone-based phishing that individuals are not trained to avoid. This kit uses new techniques carefully designed to avoid security controls._“_

_“_While this advanced phishing kit is problematic and avoids common security controls, a user trained properly to detect phishing emails should be just as likely to detect phishing messages on other platforms,_“_ Max emphasised.

_“_The existence of this kit emphasizes the importance of training individuals to be more vigilant across platforms. Even if a trained individual were to fall for the phishing attempt and click the link, the request for sensitive information like credit card details or SSNs should raise immediate concerns,_“_ he added.

1.  Police Dismantle PhaaS Platform BulletProftLink
2.  Malspam targets hotels, spreading Redline and Vidar stealers
3.  Microsoft Warns of Tax Returns Phishing Scams Targeting You
4.  800 Fake “Temu” Domains Lure Shoppers into Credential Theft
5.  “Failure in Parcel Delivery” Email Drops Malware on USPS Users’ PC

New iMessage Phishing Campaign Targets Postal Service Users Globally

How experts uncovered a years-long SolarMarker attack on a K-12 district

In early 2024, a large K-12 school district partnered with ThreatDown MDR to strengthen its cybersecurity posture. Shortly after onboarding, ThreatDown MDR analysts detected unusual patterns of activity subsequently identified as the work of SolarMarker, a sophisticated backdoor. It became evident that SolarMarker had been present in the district’s system since at least 2021, likely exfiltrating data over several years.

Let’s dive further into the investigation’s findings and the steps taken to mitigate the threat.

**SolarMarker infection****Background**

The incident began with the detection of an anomalous instance of PowerShell attempting to establish an outbound network connection to a suspicious IP address **(188.241.83.61)**. This connection attempt was thwarted by Malwarebytes Web Protection (MWAC), signaling the first indication of a potential security breach.

**Initial challenges**

Upon investigation, it was discovered that Endpoint Detection and Response (EDR) settings were disabled in the client’s endpoint policy. This limitation prevented the use of Fast Response Scanning (FRS) to capture and analyze detailed endpoint data, necessitating a manual approach to the investigation utilizing Active Response Scanning (ARS).

**Investigation and analysis**

The first step involved querying active network connections with **netstat**, which revealed an instance of PowerShell in operation. To further understand the nature of this PowerShell instance, its command line was examined using Windows Management Instrumentation Command-line (WMIC) with the process ID (PID), which unveiled obfuscated code.

**Decoding and understanding SolarMarker**

The obfuscated PowerShell code was extracted and refactored for clarity. The analysis revealed the following components of the malware’s operation:

    powershell
    
    $decodeKey = '<Base64_encoded_string>'
    
    $encodedFilePath = 'C:\Users\akeith\AppData\Roaming\micROSoft\wbpgVnSBjsytaokm\JqdVQplHfgwxyNmtaPX.gvzPlATqFe'
    
    $decodedPayload = [System.IO.File]::ReadAllBytes($encodedFilePath)
    
    for ($payloadIndex = 0; $payloadIndex -lt $decodedPayload.Count; $payloadIndex++) {
    
     $decodedPayload[$payloadIndex] = $decodedPayload[$payloadIndex] -bxor $decodeKey[$payloadIndex % $decodeKey.Length]
    
     if ($payloadIndex -ge $decodeKey.Length) {
    
     $payloadIndex = $decodeKey.Length
    
     }
    
    }
    
    [System.Reflection.Assembly]::Load($decodedPayload)
    
    [ab821408b424418fa94bb4d815b4e.ad0682a943e4859ef35309cc0a537]::a1f5abfa214411baa77e25f6ceaa6()
    

This code reveals the malware’s methodology:

*   It utilizes a Base64-encoded string as a decryption key.
*   It targets a specific file path for encoded data.
*   It reads, decodes, and executes the encrypted payload.

The command line shows signs of the malicious script execution, with parameters indicative of a desire to hide the window (-WindowStyle Hidden), bypass execution policies (-Ep ByPass), and run encoded commands (-ComMand “sa43…). 

Further investigation uncovered randomly named folders within the AppData\\Roaming\\Microsoft directory, each containing encoded payloads. These discoveries suggested a more widespread infection than initially anticipated.

**Response and mitigation**

The response involved several steps to contain and eliminate the threat:

*   Terminating the malicious PowerShell instance.
*   Deleting the identified folders containing encoded payloads.
*   Conducting a thorough search for persistence mechanisms, which fortunately yielded no findings.

A comprehensive threat scan was executed, and the incident was escalated for visibility with the client. Post-reboot checks confirmed the absence of persistence, no spawn of new PowerShell instances, and blocking of suspicious network connections, indicating successful remediation of the infection.

**Conclusion**

As we’ve seen in our 2024 State of Ransomware in Education report, the educational sector continues to be a prime target for attackers. In this case, attackers used SolarMarker, a sophisticated backdoor, to lurk within the school district’s network for years, likely stealing data in the process. Its presence went undetected until the district onboarded with ThreatDown MDR. Despite facing initial obstacles, such as disabled EDR settings, the ThreatDown MDR team successfully identified and neutralized the SolarMarker infection through manual intervention.

Discover how ThreatDown MDR can safeguard your K-12 institution.

Tag

#microsoft