Cred Vaults, Cheap AI, and Hacking Devices – Matt Bishop – PSW #859

We uncovered several previously known vulnerabilities in both the bootloader and UEFI on three different Palo Alto firewalls. Here are the high-level talking points:

• An attacker requires root-level access to exploit these vulnerabilities. Previously disclosed remote exploits for PAN-OS exist, as do exploits (which is how we gained access in the first place).
• Secure Boot was enabled, but the DBX was not up-to-date, and a vulnerable GRUB2 bootloader was present.
• Several other vulnerabilities existed in the UEFI BIOS, all documented.
• Palo Alto has made the following statements: https://security.paloaltonetworks.com/PAN-SA-2025-0003 and is working on deploying fixes.
• We released this on a short disclosure timeline because Palo Alto said this in 2020: “It is not possible for malicious actors or PAN-OS administrators to exploit this vulnerability under normal conditions. Administrators do not have access to the grub configuration file nor do they have permission to modify it. An attacker would need to first compromise the system and then get the root Linux privileges necessary to perform these actions before they could exploit this vulnerability.”
• I disagree with the threat model, which is shared by other firewall and appliance vendors. It's essentially (and ironically) the same threat model for having a firewall: A hard and crunchy outside but a soft and chewy inside.

This is nuts: The core issue lies in the use of an outdated technology called Radio Ripple Control, which was developed in the early 20th century and is still used to manage critical functions of the power grid. This protocol operates by transmitting unencrypted frequency-modulated radio signals to receivers within the grid, lacking any form of encryption or authentication4. Key aspects of the vulnerability include:

• Unencrypted radio signals used to control renewable energy facilities across Central Europe.
• The ability to control up to 60 gigawatts (GW) of energy, which is more than the entire German * power system.
• Potential for hackers to manipulate grid frequency, trigger automated shutdowns, and create cascading failures.
• The researchers creatively repurposed the Flipper Zero's 125kHz RFID antenna and RFID reading functionality!

This is really interesting: "In a verified boot setup using bootloaders like U-Boot or Barebox, while the contents of files are authenticated, the filesystem data structures themselves are typically not. This opens an attack vector where an attacker could craft malicious filesystem structures that bypass authentication checks and exploit bugs in the filesystem driver implementation. By corrupting filesystem metadata, attackers can compromise the chain of trust, enabling arbitrary code execution or further exploitation."

Basically, you put some garbage in your .ASS subtitle file and AI struggles to rip off your content: "Most subtitle files are the fairly straightfoward .srt filetype which only allows for timing and text information. But a more obscure subtitle filetype known as Advanced SubStation Alpha, or .ass, allows for all kinds of subtitle customization like orientation, formatting, font types, colors, shadowing, and many others. YouTuber [f4mi] realized that using this subtitle system, extra garbage text could be placed in the subtitle filetype but set out of view of the video itself, either by placing the text outside the viewable area or increasing its transparency. So now when an AI crawler downloads the subtitle file it can’t distinguish real subtitles from the garbage placed into it."

Working at the speed of Government: "If signed into law, the ROUTERS Act would charge the Commerce Department’s assistant secretary for communications and information with overseeing a study of the national security risks presented by routers, modems or devices that combine both technologies, and that are “designed, developed, manufactured, or supplied by persons owned by, controlled by, or subject to the influence of a covered country,” the bill text reads." - Look, I can save you a ton of time and money on this study: There are millions of routers connected to the Internet, most are vulnerable, some will never get updates/patches, and most are manufactured in China. Now, lets do something about it rather than study what we already know.

This is a really funny but not-so-funny way of saying "remote exploit" or "authentication bypass": "Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access." - It's also confusing: what is an authorized user in this scenario?

The "Magic Packet" JUN-OS backdoor observed recently is similar to port knocking (Sending packets to closed ports but still "listening" for connections), and fwknop (https://github.com/mrash/fwknop) with SPA (single packet authentication). The attackers chose to implement a project from 2000 called cd00r (https://web.archive.org/web/20141208205626/https://www.phenoelit.org/stuff/cd00r.c) which uses a packet sniffer to observe certain TCP/IP options and header values to trigger a backdoor. While none of this is all that new, what is new is seeing an in-memory passive listening backdoor installed on a network device platform. Its clear, attackers are going after these systems and since we don't have great visibility into the devices, the attackers don't have to be that clever and can use older techniques. However, back in the day I could write some Snort rules really fast to detect this behavior. What happened to monitoring the network?

Fifteen years ago, I could see embedded OSes such as VxWorks using weaker password hashing algorithms with fewer passes as they are computationally expensive. System resources were scarce long ago, so implementing leaner code was required. Today, we have much better hashing algorithms (resistant to GPU cracking) and much faster hardware. VxWorks also chose not to address these issues and not to issue CVEs (though I believe there is a process for submitting a CVE outside of the CNA or other CVE-issuing organizations).

Looks like we are getting closer! To what, you might ask? My mini-faq is below:

• The C5 is based on RISC-V and will have 2.4 and 5GHz radios in them
• For developers, this will be treated as a different platform, requiring you to re-compile your code (my guess is that the ESP-IDF will be updated, then if you are using platformio, that will need updates, and adjust your platformio.ini files, and re-compile your code)
• The Internet tells me: "The latest information suggests that initial support for the mass production version of ESP32-C5 will be included in ESP-IDF v5.5, which has a planned release date of June 30, 2025"
• Youtuber Andreas Spiess got a prototype (Video: https://www.youtube.com/watch?v=glEvHRHdboA)

Why is this exciting? ESP32s and FlipperZeros only support 2.4GHz, and now we can write code for Wifi discovery and attacks for 5GHz once the C5 is released.

Apple also released several patches fixing security bugs, including a zero-day bug that “may have been actively exploited” — meaning hackers were using it to compromise devices — against users with iPhones running software older than iOS 17.2, which was released in December 2023.

The bug was found in Core Media, the media engine that powers a range of Apple devices, and is now fixed across its product line, including iPhones, iPads, Macs, Apple TVs, Apple Watches, and its mixed-reality headset, Vision Pro. Apple said hackers could have “elevated privileges” by exploiting a memory corruption bug, which would have allowed broader access to a device’s data.

The perennial question when it comes to protests is whether you should bring your phone at all. If you leave your phone at home, that is probably the safest your data will get, and you will be at very low risk of being tracked by mass surveillance tools. On the other hand, your phone is a critical resource when it comes to coordinating with others, getting updates on the protest from social media, or simply documenting what is going on with your phone's camera. ... Update (2025-01-27): This article has been updated based on some community feedback, notably I added the Burner Phones, Minimize Your Stored Data, Use Public Wi-Fi, and Check Your Keyboard sections.

The project’s architecture is straightforward: a Go backend powered by the labstack/echo framework, with UI rendering handled by Go’s standard html/template package. To accelerate development and improve the overall user experience, I experimented with Cline through its VSCode plugin as my primary AI coding assistant. Here’s a detailed breakdown of my experience.

The Federal Trade Commission will require web hosting company GoDaddy to implement a robust information security program to settle charges that the company failed to secure its website-hosting services against attacks that could harm its customers and visitors to the customers’ websites.

The FTC alleges in its complaint that, since 2018, GoDaddy has failed to implement reasonable and appropriate security measures to protect and monitor its website-hosting environments for security threats, and misled customers about the extent of its data security protections on its website hosting services.

One person here fell for the phish spam that evening but realized it almost immediately and promptly changed their password. Today that person got in touch with us because they'd started receiving email bounces for (spam) email that they hadn't sent. Investigation showed that the messages were being sent through us, but in an alarmingly clever way. ... As far as we can tell, in the quite short interval between when the person fell for the phish and then changed their password, the phish spam attacker used the main password they'd just stolen to register the person for our VPN and obtain a VPN password (which we don't reset on Unix password changes). They then connected to the VPN using their stolen credentials and used the VPN to send spam email through our internal-only SMTP gateway (initially last evening and then again today, at which point they were detected).

NordVPN has announced this week a new protocol it says will enable it to bypass VPN blocks in countries like Russia and India. The company’s new NordWhisper protocol, as it is called, is said to mimic regular internet traffic so internet service providers and websites do not know the traffic is coming through a masked service.

GeoSpy Pro is an advanced AI platform integrating powerful AI location models for your city or country. Delivering up to meter level accuracy, state of the art computer vision models all in an easy to use interface. For government and enterprise.

This is probably what you’re wondering. There are a couple reasons why. First, the Apple Watch (like all Apple products) is too much device for a kid. It ships with so many shiny features and apps and notifications. It’s beautifully crafted. It’s also way too distracting for a kid while they’re at school. Secondly, it doesn’t provide a good, reliable view of his CGM data. The Dexcom integration is often backgrounded, doesn’t show the chart, only the number and an arrow. People use hacks like creating calendar events just to see up-to-date data. And the iOS settings, Screen Time, and notification systems have ballooned into a giant ball of complexity. What we need is something simple.

Malimite is an iOS and macOS decompiler designed to help researchers analyze and decode IPA files and Application Bundles.

Built on top of Ghidra decompilation to offer direct support for Swift, Objective-C, and Apple resources.

Google identified APTs from more than 20 nations misusing its Gemini AI chatbot but noted that threat actors were unsuccessful in finding novel techniques or vulnerabilities. "Rather than enabling disruptive change, generative AI allows threat actors to move faster and at higher volume," GTIG researchers said. "For skilled actors, generative AI tools provide a helpful framework, similar to the use of Metasploit or Cobalt Strike in cyber threat activity. For less skilled actors, they also provide a learning and productivity tool, enabling them to more quickly develop tools and incorporate existing techniques."

This report shares our findings on government-backed threat actor use of the Gemini web application. The report encompasses new findings across advanced persistent threat (APT) and coordinated information operations (IO) actors tracked by GTIG. By using a mix of analyst review and LLM-assisted analysis, we investigated prompts by APT and IO threat actors who attempted to misuse Gemini.

Further notes from the author: my assumption is that they've just taken old HDDs from servers (probably because they were getting upgraded) and they somehow made it onto store shelves as new units. It's hard to say if this is just Germany or if it's also an issue in Europe or if it's actually worldwide. Almost certainly there's an early point in the supply chain in respect to Germany where the used drives are sneaking in, I don't see how else so many stores would be impacted. So yea, I have lots of speculation but the facts are limited to what's in the articles.

On Tuesday, OpenAI, SoftBank, Oracle, and MGX announced plans to form Stargate, a new company that will invest $500 billion in AI computing infrastructure across the United States over four years. The announcement came during a White House meeting with President Donald Trump, who called it the "largest AI infrastructure project in history."

It's a Sputnik moment: the USA is humiliated by the Chinese LLM, which seems to be vastly superior to our outrageously expensive models. Trump just announced that we're investing $500 billion in AI, and China just made a model as good as ours for just $6 million.

Good background, how to run the model locally, and excellent tests on questions LLMs often get wrong. DeepSeek seems to be vastly cheaper than ChatGPT-o1 and has comparable performance.

Citations helps Claude models avoid hallucinations by linking their responses directly to source documents. The feature lets developers add documents to Claude's context window, enabling the model to automatically cite specific passages it uses to generate answers.

A service described as "the first AI software engineer" can supposedly " build and deploy apps end to end," and "can autonomously find and fix bugs in codebases." It costs $500 per month. But when tested, it completed just three out of 20 tasks successfully.

He had been regularly sniffing a computer cleaner for more than three years to get high. This caused skeletal fluorosis, a condition caused by long-term exposure to high levels of fluoride. This causes bones to swell and become brittle.

The USB 3.2 Gen 1 drive comes with in-built endpoint protection, the "DiXiM Security Endpoint," a security service that continuously monitors files saved or updated on the USB drive for any signs of infection.

This is in addition to a real-time antivirus feature which automatically isolates and removes infected files when detected, and a "heuristic function" that identifies potentially malicious programs by analyzing their behavior.

I'd like to see tests--how can this work?

Only 18% of businesses have successfully recovered all of their data.

Some exceptions may be made. The timeline and real effects are not yet clear.

ESXi features a built-in SSH service that allows administrators to remotely manage the hypervisor via a shell. Attackers get in by exploiting known flaws or using compromised administrator credentials. VMware ESXi appliances have a critical role in virtualized environments, but they are largely unmonitored.

A set of three distinct but related attacks, dubbed 'Clone2Leak,' can leak credentials by exploiting how Git and its credential helpers handle authentication requests. The attacks involve injecting carriage returns or newlines, or tricking Git into sending authentication tokens to unintended hosts.

A malicious campaign has been specifically targeting Juniper edge devices, many acting as VPN gateways, with malware dubbed J-magic that starts a reverse shell only if it detects a “magic packet” in the network traffic.

The new Identity Check feature is designed to enhance theft protections in Android by requiring biometric authentication to access critical account and device settings when outside trusted locations.