Apple's AI goes Private Cloud Compute

A privacy-preserving way to perform AI tasks on the cloud

A roundup of some of the noteworthy developments in the cybersecurity landscape, encompassing the latest vulnerability discoveries and emerging attack trends. Here are this edition’s top stories -

↘️ Apple has announced the launch of Private Cloud Compute (PCC) to perform AI processing tasks at scale in a privacy-preserving manner. At the heart of PCC is custom silicon and hardened software that’s designed to withstand potential security threats, while also preventing any third-party from accessing the information, including Apple. By building privacy and security into an AI system from the ground up, the approach stands in stark contrast to that of Microsoft’s, which fumbled big time with its AI offering, Recall, that triggered a wide range of concerns, prompting it to disable it by default and delay its launch. [The Hacker News / Dark Reading / Trail of Bits / MIT Technology Review]

↘️ Authorities in the U.K. made two arrests in May 2024 as part of an investigation into a large smishing campaign that made use of a text message blaster send thousands of SMS messages impersonating banks and official organizations. “In what is thought to be the first of its kind in the U.K., an illegitimate telephone mast is believed to have been used as an ‘SMS blaster’ to send messages that bypass mobile phone networks’ systems in place to block suspicious text messages,” officials said. The development comes as phishing continues to be one of the most favored ways of compromising systems for hacking groups. [City of London Police]

via Tenor

↘️ A Romanian national named Vlad Terebes has been extradited from the U.K. to Puerto Rico to face charges of identity theft and fraud for installing skimming software (aka card reader) to obtain information of about 1,215 customers from credit and debit card transactions at several large retail stores in the territory. In a related development, a Zambian court sentenced 22 Chinese nationals and a Cameroonian man to long prison terms for carrying out internet fraud and online scams targeting people in Zambia, Singapore, Peru, and the U.A.E. [Justice Department / BBC News / Associated Press]

↘️ As many as 20,000 FortiGate systems are said to have been compromised between 2022 and 2023 by exploiting a critical security flaw in FortiOS SSL-VPN allowing for remote code execution. The findings echo much of the wider industry’s observations in that attacks targeting edge services are on the rise. “What many exploited edge services have in common is that they are infrastructure devices, such as Firewalls, VPN gateways, or Email gateways, which are commonly locked down black box like devices,” WithSecure noted. “Devices such as these are often intended to make a network more secure, yet time and again vulnerabilities have been discovered in such devices and exploited by attackers, providing a perfect foothold in a target network.” [The Hacker News]

↘️ Hacktivist groups like Cyber Av3ngers (anti-Israel), CyberArmyofRussia_Reborn (pro-Russia), and Blackjack (Pro-Ukraine) are increasingly directing their efforts towards operational technology (OT) systems in hopes of causing substantial disruption and garner notoriety. [Dragos]

↘️ AI company Anthropic released its red team guidelines aimed at improving the safety and security of AI systems. “The lack of standardized practices for AI red teaming further complicates the situation,” it said. “Developers might use different techniques to assess the same type of threat model, and even when they use the same technique, the way they go about red teaming might look quite different in practice. This inconsistency makes it challenging to objectively compare the relative safety of different AI systems.” In doing so, the idea is to design systems such that it prevents the production of harmful content or being used to carry out instructions that go against the intended purpose of the AI application, a technique called jailbreaking or (indirect) prompt injection. [Anthropic / Microsoft]

↘️ An analysis of 193 million passwords has found that 45% of them (87 million) can be guessed by scammers within a single minute by means of brute-force and dictionary attacks, underscoring the need for password hygiene. Some of the most common passwords are “password,” “qwerty12345,” “admin,” “12345,” and “team.” A word of advice? “Using meaningful words, names, and standard character combinations significantly reduces the time it takes to guess the password,” Kaspersky said. [Kaspersky]

↘️ A new type of ransomware called ShrinkLocker has been found using BitLocker, a native utility built into Windows, for encryption. “ShrinkLocker shrinks the computer’s drive partitions by 100 megabytes — hence its name — and uses the freed-up space to create a boot partition for itself,” Kaspersky noted. “While it’s at it, it disables every BitLocker key-recovery mechanism, and sends the key that was used for the drives’ encryption to the attacker’s server.” It then performs a forced shutdown, rebooting the machine to a standard BitLocker password prompt and requiring the victim to contact the attacker via an email address written to the C: volume label. [Kaspersky]

↘️ In late May 2024, the U.S. government announced the takedown of the 911 S5 botnet, arresting key people behind the operation. While the service itself was abruptly shut down in July 2022, it continued to operate under the alias CloudRouter starting February 2023. According to researchers at Netlab 360, the botnet is known for its high-profile activity, lengthy running duration, and 19 million IP addresses spread across several nations. It’s known to be propagated through VPN apps like MaskVPN, DewVPN, and ShineVPN. [Netlab 360]

↘️ A new in-depth analysis of a malware loader named PikaBot has highlighted that it continues to be actively developed by its developers. “The malware employs advanced anti-analysis techniques to evade detection and harden analysis, including system checks, indirect syscalls, encryption of next-stage and strings, and dynamic API resolution,” Sekoia said. “The recent updates to the malware have further enhanced its capabilities, making it even more challenging to detect and mitigate.” The malware, which first appeared in February 2023, has exhibited similarities with other families like Matanbuchus. The development comes as the infrastructure distributing another loader called Latrodectus has gone offline in the wake of a law enforcement effort dubbed Operation Endgame that saw over 100 botnet servers, including those associated with IcedID, SystemBC, PikaBot, SmokeLoader, Bumblebee, and TrickBot, dismantled. [Sekoia / Bitsight]

↘️ A new side-channel attack named Freaky Leaky SMS can be used to infer a user's location with up to 96% accuracy by analyzing the timing of SMS delivery reports using a machine learning model. Researchers have also demonstrated a technique called Side Eye that shows it's possible to extract sounds from still images captured using smartphone cameras with rolling shutters and movable lenses, acting as a side-channel for acoustic eavesdropping. [arXiv]

↘️ Cybersecurity researchers have uncovered a new variant of the open-source Diamorphine rootkit in the wild. The malware, primarily used to hide all the files and folders starting with a prefix chosen by the attacker at compilation time, now includes new features that make it possible to unload the rootkit kernel module from memory and execute arbitrary commands in the infected system via magic packets. [Avast]

↘️ Indian authorities have arrested five people accused of trafficking unwitting job seekers into Southeast Asian scam compounds under false promises of employment. “They were coerced into undertaking illegal activities online, such as credit card fraud, investments in cryptocurrency using fake applications, honey trapping, etc.,” the National Investigation Agency (NIA) said. The problem has become so pervasive that it has prompted the Indian Embassy in Cambodia to issue a warning about job seekers being lured into cybercrime. The arrests also follow an advisory from the U.S. Federal Bureau of Investigation (FBI) about scammers using fake remote job ads to steal cryptocurrency from job seekers across the country while posing as recruiters for legitimate companies. [NIA / The Record / FBI / The Washington Post]

↘️ An attacker by the name “Gitlokers” is targeting GitHub repositories, wiping their contents, and asking the victims to reach out on Telegram as part of a new extortion operation that has been ongoing since February 2024. The social engineering campaign targets developers with phishing emails sent from “notifications@github.com” that aim to trick them into clicking on bogus links under the guise of a job opportunity at GitHub, following which they are prompted to authorize a new OAuth app that erases all the repositories and demands a payment in exchange for restoring access.

In a related development, threat actors have been detected gaining unauthorized access to AWS accounts using authentication secrets leaked as plaintext in Atlassian Bitbucket artifact objects. This happens when developers use the printenv command to extract all environment variables to a text file in the plaintext format (as opposed to being encrypted) before it’s passed to an artifact object for future steps in the build process. [GitHub Community (1), (2) / Mandiant]

↘️ A new vulnerability has been disclosed in Phoenix Technologies' SecureCore Unified Extensible Firmware Interface (UEFI) firmware that could permit an attacker with access to a target machine to escalate privileges and gain code execution. Tracked as CVE-2024-0762 and nicknamed “UEFIcanhazbufferoverflow,” the flaw has a score of 7.5 on the 10-point CVSS scale. There are very few places in a system as UEFI and its predecessor, BIOS, where malware can stay persistent and be challenging to excise. The fact that it is the first and most privileged code that runs once a system is powered on has attracted attackers far and wide in recent years, allowing them to grab elevated privileges, establish persistence through reboots, and bypass security programs that might otherwise catch more traditional malware. While UEFI, which comes with Secure Boot, makes it much harder for threat actors to install persistent malware and drivers, bugs in the firmware can provide an alternative pathway to deploy bootkits that load very early in the boot process, giving the malicious programs low-level access to the operation and making them very difficult to detect and remove. At the same time, vulnerabilities identified in the component can pose a severe supply chain risk, as they can impact several hundred models at once. [The Hacker News]

↘️ A widespread malware campaign aimed at cryptocurrency theft is propagating a wave of information stealers like Rhadamanthys, StealC, and Atomic through fake virtual meeting software for both macOS and Windows platforms. A threat actor dubbed “markopolo” has been attributed to the elaborate campaign. [The Hacker News]

↘️ The U.S. government has banned the sale of Kaspersky’s products and services in the country, declaring the Russian enterprise a national security risk. The ban goes into effect on July 20, when the U.S. will block the sale of Kaspersky software to new customers. It is also banning the antivirus maker from distributing software updates and malware signatures to existing customers after September 29. Kaspersky has consistently denied being a national security risk or acting on behalf of the Kremlin. [The Hacker News / WIRED]

↘️ In a surprising turn of events, some frustrated users who have been locked out of their Facebook and Instagram accounts and have been unable to seek any recourse from Meta are approaching small claims courts in the U.S. to recover access or win financial damages. [Engadget]

↘️ The U.S. Federal Bureau of Investigation (FBI) is warning of fraudsters posing as law firms and lawyers that offer cryptocurrency recovery services to approach victims of investment scams via social media or other messaging platforms and steal funds and personal information. [FBI]

↘️ Security researchers claim to have found exposed API keys in the code of Rabbit’s R1 standalone AI assistant in mid-May 2024, potentially allowing access to all user responses and historical text-to-speech messages. The reverse engineering group, named Rabbitude, said the hard-coded API keys also allow for bricking the devices, altering responses, and even sending emails from internal Rabbit addresses using its SendGrid account. Rabbit said it’s not aware of any customer data being leaked or any compromise to its systems. [Rabbitude / Rabbit]

↘️ The Cybersecurity and Infrastructure Security Agency (CISA) is urging organizations and software manufacturers to reduce memory safety vulnerabilities after an analysis of 172 broadly used open-source projects found that 52% of them contain code written in a memory-unsafe language and 55% of the total lines of code (LoC) for all projects were written in a memory-unsafe language. [CISA]

↘️ Nation-state actors from China and North Korea could be using ransomware attacks as a deflection strategy and as a cover for espionage operations. Orchestrating ransomware attacks can not only lead to misattribution, but also allows threat actors to destroy evidence of their espionage efforts. While deploying ransomware means losing access to compromised systems, new findings show that they are outweighed by the benefits. [The Hacker News / The Record]

↘️ Polyfill.io, a service used by over 100,000 websites, has been modified to silently inject malicious code after its acquisition by Chinese CDN company Funnull earlier this February. Website owners and developers are being urged to immediately remove references from cdn.polyfill.io and switch trusted alternatives from Cloudflare and Fastly. “At the heart of this security breach is malicious JavaScript code, injected directly through the compromised cdn.polyfill.io domain,” Checkmarx said. “When a website includes a script tag pointing to cdn.polyfill.io, it unknowingly pulls in this malicious code, executing it in users’ browsers.” [The Hacker News / Checkmarx]

↘️ The helpdesk portal of a Canadian router maker named Mercku has been found sending MetaMask phishing emails in response to newly filed support tickets and redirect victims to sketchy sites, in what appears to be a compromise. [Bleeping Computer]

↘️ Meta is in the regulators crosshairs for its pay or consent advertising model after the European Commission found that the approach runs afoul of the bloc's Digital Markets Act (DMA). Meta, which announced its plans for an ad-free Facebook and Instagram as part of a monthly subscription, has faced criticism for giving users only an illusion of choice by forcing them to either pay for access to its platforms or give consent to collect user data to target ads. [The Hacker News]

↘️ Ukraine’s security service, the SBU, has detained two Russian nationals who reportedly helped Russian intelligence spread pro-Kremlin propaganda and hack the phones of Ukrainian soldiers to deploy spyware capable of accessing data and communications being sent to and from the infected devices using social engineering tactics. The two suspects are said to have run bot farms, which involve using special servers and SIM cards to create and manage fake social media accounts. [The Record]

↘️ South Korean media outlet JTBC has alleged that local telecom service provider KT deliberately infected some customers with malware in May 2020 due to their excessive use of peer-to-peer (P2P) downloading tools like WebHards for sharing content. [JTBC / The Register / TorrentFreak]

↘️ OpenAI has updated its ChatGPT macOS app to encrypt locally stored conversations, after it was discovered that the app was storing chats in plaintext, thereby allowing a bad actor or malicious app that already had access to a machine to read users’ conversations with ChatGPT and the data contained within them. [The Verge]

↘️ An international coalition of law enforcement agencies have taken action against hundreds of installations of the Cobalt Strike software, a legitimate adversary simulation tool abused by both state-sponsored and criminal hackers involved in the ransomware ecosystem. The action comes as cross-border investigations continue to tackle cybercrime by targeting the ecosystem's weak points, hitting the links in the chain that could have cascading effects. Cobalt Strike has long been the tool of choice for malicious actors to conduct post-exploitation actions, often as a precursor to ransomware. [The Hacker News]

↘️ Google has launched kvmCTF, a new vulnerability reward program (VRP) to improve the security of the Kernel-based Virtual Machine (KVM) hypervisor. The program offers a reward of up to $250,000 for successfully achieving a full virtual machine escape exploit. “The goal of the attack must be to exploit a zero-day vulnerability in the KVM subsystem of the host kernel,” Google said. “If successful, the attacker will obtain a flag that proves their accomplishment in exploiting the vulnerability.” The reward program is similar to Google’s kernelCTF, which focuses on vulnerabilities in the Linux kernel. [Google]

↘️ Researchers have identified a new Spectre-style attack targeting modern Intel CPUs, including Raptor Lake and Alder Lake, called Indirector that an attacker could use the tactic to essentially trick the CPU into making incorrect speculative executions and leak sensitive data. Intel so far has not released any microcode fix for Indirector, instead noting that previous mitigation guidance provided for issues such as IBRS, eIBRS, and BHI are effective against the side-channel attack. [The Hacker News / Dark Reading]

↘️ The RADIUS network protocol is vulnerable to a newly discovered attack called BlastRADIUS that can allow adversaries to gain control over a range of environments, including industrial controllers, telecommunications services, ISPs, and enterprise networks. [The Hacker News / Ars Technica / The Register]

↘️ A threat actor with ties to the Houthi rebels in Yemen has been spying on military targets throughout the Middle East since at least October 2019 using a custom Android surveillanceware called GuardZoo. The malware is essentially the leaked Dendroid RAT with some of the unwanted features removed, and retrofitted with dozens of commands fitting the proprietor's spying needs. It's distributed in the form of APK files via WhatsApp and WhatsApp Business. The campaign is said to have infected 450 victims in the region. A majority of them are concentrated in Yemen, with lesser numbers reported in Saudi Arabia, Egypt, the U.A.E., Turkey, Qatar, and Oman. [The Hacker News]