SE

Security Now (Audio)

TWiT

Lessons from the FortaBleed Breach

From SN 1085: A SOTA State-Sponsored Campaign - AI's New Superpower: Loop EngineeringJul 1, 2026

Excerpt from Security Now (Audio)

SN 1085: A SOTA State-Sponsored Campaign - AI's New Superpower: Loop EngineeringJul 1, 2026 — starts at 0:00

It's time for security Now, Steve Gibson is here. We have lots to talk about. good news for Windows ten users getet another year Met has backed off on spying on its employees A wonderful true story about hacker Kevin, the late hacker, Kevin Mittnick And The true story of a Fortnet campaign It really was a problem Steve, I love it when he tells the stories of these hacks. You know, we've heard the news, but now we get the deep details. That's coming up next security This episode is brought to you by Black Hat USA If you listen to this show, you go deep on the technical detail Well, so does Black Hat. For nearly three decades, it's been where the security industry's most rigorous research gets presented and pressure tested More than a hundred hands on trainings taught by practitioners who've actually deployed in live environments, not lecturers reading from slides, and hundreds of peer reviewed briefings that go well past the overview into the real work across the four areas defining security right now. AI and autonomous threats cyber conflict systemstemic resilience and identity This year, Black Hat's Briefings passass includes all keynotes and mainstage access. pllus business hall entry You also get breakfast, lunch, arsenal live tool demos, on demand session access, and admission to the midnight in the warroom screening Black hat takes place from august first to the sixth in Las Vegas. If you want the depth this show gets into in person, People doing the work This is the room And we'll be there too Prices rise on july seventeenth, so book before then Use code Twit for two hundred dollars off your briefings pass at black hat dot com slash usash twenty six That's BLA C K H aT d. com slash US dash twenty six Podcasts you love from people you trust. This is to it This is Security Now with Steve Gibson, episode one thousand eighty five, recorded Tuesday, june thirtieth, twenty twenty six A SodA state sponsored campaign. Yes, it's Tuesday. You know what that means? Time for security now, man It seems like seven days is too long to wait for Steve Gibson and the latest security news. Hi, Steve. I do see things pass by during the week, Leo. and I think and I often will jot a note to make sure that I come back to it and and and talk about it and the feedback I'm getting from our listeners today, there was so much to talk about that I think there are a couple listener inspired things, but I'm going to try to spend more time on feedback if I can because it's so great. and I thank everybody for for gettingiving a w audience.. the title of today's cast would have been Too long had I spelled out state of the art because I wanted to talk about a state of the art state sponsored campaign which We're going to take a look at Fortunately, state of the art has a standard abbreviation, soda SOTA. And then it was interesting because after I had used that abbreviation was it appeared in some in one of the articles that we're going to talk about. So I thought, okay, yeah, everybody's on board with soda So Security now episode ten eighty five for this last day of june, twenty twenty six. We start into on July tomorrow at The first thing we're going to talk about is How Windows ten. Yes ten Its enduring popularity. has forced Microsoft to Once again and give everybody another year of free updates Wow. you know, we it had to happen. We're also going to talk about CIisA all federal agencies to update their unify OS devices. We've been talking now for the last two weeks about the expected problems coming and they came. And so CISS said Valve shalt update Also Once again, on a Friday, an edict was delivered from Sisa uh giving basically federal agencies the weekend, meaning, you know leave the office to update all of their Cisco devices that were affected by a different badly exploited problem Australia has been disturbed, so says their inspector Geral by a deeply compromised infrastructure provider What I read about this, I thought, wow, that sounds like this state of the art state sponsored campaign we're going to be talking about. So it may have you know already come around Uh O AI, not to be left behind for long has introduced a daybreak powered Patch the Planet initiative Their marketing people at least are awake U we're going to talk about that. Metas employee monitoring all of their employees or at least a subset we'll look at that. for AI training turns out to have backfired badly It was one of those, we know, what could possibly go wrong and it did Uh kitties are figuring out how to use AI toine vulnerabilities. What are the consequences AI is improving itself with A new term we're seeing looping, repeating or iterating U what's that about? Oh yeah everybody's talking looping now. Lpin is the new buzz exactly And I've got a wonderful story I want to share about a friend of ours, Leo, Kevin Mittniick Uh and then sererious hackers. istakenly leave another server directory accessible, which is what leads us to leararning about this Russian based state sponsored campaign. And which also bring, you know, begs the question How many other campaigns are there where the directory was not left open by mistake, which allowed us to learn about them. So lotots of fun stuff to talk about. We've got one of our Are they thinking pictures of the week So yeah, I think a fun podcast for this end of June We will get that picture of the week in just a minute in all the security news, but let me Let's start the show with our sponsor for this segment of security now, X BOW, XBo Uh we've talked about pen testing all the time, which is kind of the gold standard. for finding flaws in your systems, right Lately, I think people have felt like pen testing is slow because it's human driven, right? And it's slowing us down because we are now AI driven and it's just a mismatch between the speeds. AI has changed the pace of really have everything, but how software develops Uh And developers work, of course, they're now really much more productive, but also It' change the base of how software gets attacked, hasn't it Bad guys are using AI to do that So engineering teams are moving faster than ever. They're creating more and more applications, but the security, especially that gold standard pen testing hasn't been able to keep up Pen testing is still One of the most trusted ways to understand real exploitable risk But in an AI driven world, it can become a bottleneck. seecurity teams are forced to choose between slowing down development to stay secure or Moving fast and accepting gaps in coverage. Well donon't have to choose anymore because EXpo is eliminating that trade offff EXBo XBOW is an autonomous offensive security platform that runs continuous AI driven pen testing mirroring real world attacks and by the way AI is really good at this because it never tires. it never slows. If something fails, it doesn't go Oh shocks. it just tries another way. It's Pretty amazing watching Expo work It doesn't You know, it's not scanning for vulnerabilities It's doing what a hacker would do. It's discovering, exploiting, and then validating vulnerabilities. So you're only dealing with issues that really are issues, they really matter That means dramatically fewer false positives and a clear view into real attack paths, how an attacker would go after you That's why you do pen testing, right? With expxpo, these tests run fast in hours, not weeks You get complete visibility into how an attacker would move through your systems You get the ability to uncover issues that traditional tools miss, including zero days novel attack paths. AI again, the AI is really good at finding this And expxos results speak for themselves. Application seecurity leader at says NM. Cz has a great quote. He says, quote, even right now, after one year I don't know any other company that is at least close to exppo in terms of agentic pen testing. That's what they call it eentic Pen testic And the result is fantastic. Predictable cost, consistent quality, stronger security, slow down your engineering team Expo helps security teams keep pace with innovation and cover more apps more often with the resources they already have It's got it's got a great ancestry. It's founded by the team behind Microsoft C pilots. It's already trusted by companies ranging from fast growing startups to the biggest, the Fortune five hundred enterprises Exp is quarly becoming a mission critical layer in modern security stacks. I want you to know more about it. You need this. go to exppo. com to start a pen test today. That's expxpo . com and we thank him so much for supporting. security now, this is really good news. You can do the pen testing All right, I have a picture of the week and I'm willing to look at it together with you. I haven't seen it yet. One of our German listeners sent this to me. ran across this ad took a picture of it. u And I looked at it and and he had some discussion in his email about it. I gave this the caption to create dead end for cyclists. I't understand what this is. And it's the oddest thing because so So the we see in the foreground a road which apparently is cyclist friend It's like, come on, guys, ride your bicycles down here thenen that would be their bike path. That's right. there and is like a bike path. but and there's a big like a cycle sign over on the right to like let you know, Hey, here's where you be riding your bikes. That's good. de it veers off to the edge of the road. forcing any cyclist onto some little brick paver area which then has another side in the middle of the at the end of the brick paver says end. So that's it. It's done Yeah. So I guess that's the deceleration lane or something on I mean, so Clearly crazy for whatever reason Bicyclists are not welcome down that road any further And if you're a la if you're a sign follower, well, you'll veer off and come to the brick pavers and then hit the end of the cycling road. Now it's also there are not a lot of cyclists that have been captured by that. I don't see any. So right at the same placeac as you're leaving town. So obviously the town loves cyclists the rest of ' them You know, never mind. Yeah not about it. justust driving I don't. So where are Where are the cyclists that have been captured by this. It's not clear where where they go. Wow. That is Yeah pretty hostile actually. But when you think about it, it's like, okay, sorry, you know dririve off the road and come to a stop because you cannot go further if you know, if you obey the signage. So a dead end for cyclists. Yeah Okay, so It's gratifying. to see a prediction about something that really should be done True Sadly, gratifying or not, that doesn't happen often enough. Our listeners all know how disgusted I've been with Microsoft's continuing attempts squeeze their Windows ten users into moving to Windows eleven many and for quite some time most cururrent Windows ten users evidenced just as little desire to do that as once upon a time, Windows seven users Wanted to move to Windows eight. It was thanks, but no thanks. Everything is working fine. like Windows seven. just want to stay here and Windows eight is stinky So Anyway We as we also know, Microsoft arbitrarily capriciously and unnecessarily raised the minimum hardware requirements for Windows eleven in a transparent effort to force the purchase of new and now Onerously expensive PCs We know it was arbitrary, capricious and unnecessary because Windows eleven runs quite well without complaint on PC hardware that lacks every one of those newly imposed so called requirements. They can all be bypassed because none of them are actually required againgainst this backdrop in the summer of twenty twenty five. which actually june twenty fourth, to be exact, Microsoft reminded everyone All support for Windows ten be ending a few months from then On october fourteenth, twenty twenty five There's only one problem with that Still No one wanted Windows eleven And nearly everyone was still quite happily using Windows ten So as we covered at the time, Microsoft blinked and gave everyone an additional full year of ESU, their extended service updates And this is quoting them in order to give everyone more time to migrate to Windows eleven, unquote, they said. O apparently quite often to give everyone more time to save up the money needed to purchase a new PC when the one they currently had W running Windows ten, just fine. notot having any problems So this allowed everyone to remain on the ESU plan until october twelfth which is approaching of twenty twenty six Later this year, So We're back to beating this poor and quite dead horse becausecause time flies And we're once again Here at the end of June And still desespite reluctantly returning feature after feature. and we hear from Paul And and Richard every week like, oh Windows eleven got this feature of Windows ten that had been taken away. Oh, and it got this feature of Windows ten that had been taken away. And they rewrote this UI because it was really slow in Windows eleven and now it's fast again Anyway evenven after reverting some of the incredibly inefficient user interface implementations that have been largely responsible for Windows eleven poor performance No one still wants Windows eleven And I mean, there are people who like it You know I had to to be using it toward the end of the work on spinwite and also on on the DNS benchmark so that I knew what was going on So you know, it's pretty the corners are rounded, but I'll be setting up a new system with Windows ten because all the evidence I've seen on the internet. says that Ten what runs on give them the same hardware muchuch more quickly than windows eleven. and eleven has nothing that I need So Anyway On top of all that, thanks to the AI drama that has swept the globe That new Windows eleven capable PC that Microsoft seems to be pushing everyone toward will now be significantly more expensive purchase today It would have even a year ago when people said, no thanks. Windows ten is running just fine So anyway, you can guess now As I said at the top of the show, what Windows just did? Yep or Microsoft just did. Yep. They blinked again They once again extended the win ten ESU program for another year. Until october twelfth twenty twenty seven So everyone using Windows ten gets to keep using the windows they love on the machines they already have. And what's even better is that the continuation of the ESU program means that Windows ten can and will be The recipient of the results of Microsoft's Still unnamed. I would at this point say stubbornly unnamed codeename M dash system which will be cleaning up The mess that was left behind by decades of Microsoft's previous human developers So Windows ten is getting When you think about it is really the best of all possible worlds since all development on Windows ten has blessedly been halted years ago Microsoft will no longer be introducing more new bugs then they remove every month Instead, the extension of the ESU program for another year will give their new AI model driven bug discovery and removal system time it requires to remove the thousands of latent bugs Windows still carries Thus turning Windows ten into a near perfect operating system forever. Thank you, Microsoft So given where we are today I'll make another prediction Given that the current RAM and semiconductor chip shortage is now expected to endure into twenty twenty eight. They're not expecting it to resolve this year or next This is likely to hold PC prices high since the recent performance improvements in Windows eleven are finally beginning to allow it to run as well as Windows ten always has on the same hardware And since It has always been able to run on that same hardware I We're going to see some form of junior eleven which will for face saving reasons, strip out some features, maybe hopefully recall and some of the co pilot plus AI crap, That wouldd be great and it will therefore surprise Be able to run anywhere Windows ten Cam. which will mean that, you know, this will ultimately be the only way for Microsoft to move the remainder of their holdout Windows ten users O to eleven cost no and anything It will get everyone back under the same code base which actually and understandably, is where Microsoft really does need to get them in the long run I wouldn't expect Microsoft to continue supporting Windows eleven, I meanm sorry, Windows ten forever If we get another year of ESUs People who really want to stay with Windows ten that they have on their machine. will be able to and For peopleeople who want to move to Windows eleven, I will be very surprised if we don't have some final capitulation from Microsoft in the form of some Junior elevent. You know, they can't have everything that they keep saying you need new hardware for somethingomething that will allow eleven to run on existing systems with TPM, you know Uh one point one without some of the other unnecessary features that Microsoft is requiring systems to have And then they can get everybody under a single code base. I get it that they really do need everybody to be resynchronized The good news is we'll probably be left with a Windows eleven, which is really good and can hold us for, you know, quite a while. Yay Actually Windows twelve is just around the corner. Aren't you excited guys ? Sorry. Unbelievable. Maybe maybe they'll who knows what they're going to do. But I mean, clearly ten refuses to let go, right? Yeah I mean they're just, you know, people don't want to spend more money, especially now Leo. Well that's what's going on exactly RAM is so expensive. Nobody's upgrading their computers anymore. Yeah. And so it's unfair to ask people to like get more RAM and a new machine for no no real reason. Exactly They're going to have to face that sooner or later A quick follow up on the state. of the recent ubiquity flaws since Sisa has seen hackers actively exploiting those three flaws in ubiquitities unify OS Last Wednesday, CisA gave all federal agencies three days apply the available security updates or their recommended mitigations. if for some reason you can't ly the updates The three ubiquity flaws have been added to Sis's Kv. That's that KEV, the known exploited vulnerabilities database U There's u thirty four nine hundred and eight which is an access control bypass flaw that allows an unauthenticated attacker to make unauthorized changes to a unify OS system potentially leading to full system compromise. And when, you know, we know when what when they say potentially leading to, it means, you know, yes, you get to do that. thirty thirty The three hundred and forty nine hundred nine is a once again, a directory path traversal vulnerability, which we never seem to be able to get rid of all those that allows an attacker to access sensitive files on the underlying operating system. potentially exposing configuration files, credentials and other sensitive data that could facilitate account takeover. and three hundred forty nine ten an improper input validation flaw that enables an attacker to inject and execute arbitrary operating system commands potentially leading to remote code execution. I mean, basically, this is a perfect a perfect trio of flaws I mean, you couldn't get a better set of three if you want something that allows you to remote remotely take over a system of any sort So as we know, Ubiquity released updates all three of those vulnerabilities back in May and Leo's unify OS instances which were all set to auto update All did. So Leo, you were never in any danger Pully everyverybody else has done this too What's changed is that the pace of attacks following their disclosure and or the reverse engineering of updates necessitates taking the human out of the update decision loop Just let automation handle that Might it screw up That's a possibility the incidences of such screw ups have always been rare and we can expect them to become More rare. as more of our infrastructure becomes secured So you know, there there's no piece of internet facing system today that I don't have that that has some potential vulnerability that I don't allow to update themselves if the manufacturer says, oh, crap We got to you know, push this out right now That's Sisa announcement was on a Wednesday So those people had Wednesday, Thursday, Friday Last Friday We learned Uh G three day CISA BODsot that binding operational directive You know, Thou must update notices They also include the weekend, as it turns out, it's not three business days. It's three calendars. Yeah. Th calendar days CISA issued a directive Friday giving federal agencies until Sunday night to patch U You know, come to think of it might be the patching over a weekend it would actually be easier, right? since the network would presumably be much quieter with fewer, if any, people disturbed by an update and maybe a necessary reboot of the system. did see something that I've never mentioned because it just kind of flipped by a few weeks ago It was it was a mention This this the idea of the necessity to reboot is being rethunk by the industry because it's it's understood the need to take down piece of border equipment and after all, it's the equipment on the border that is the stuff that's under attack, right the need to basically shut down the network during what could be a lengthy update and reboot is a reason that IT doesn't So Who says you have to reboot a system? I mean, we have seen Microsoft beginning to inch toward some No reboot needed dates and All of this necessity, this whole idea of needing to boot a fixed piece of firmware, it's only legacy I mean, really, you don't you don't have to reboot? No There there there's no reason that a system could not have been structured so that You could have two instances, for example, of a library. And and briefly switch the pointers from the old one to the new one so that Basically no one would even notice that you are now operating under the new library So This whole concept of needing to take the whole system offline and then bring it back up again. That's really old school. And so I think what we're going to begin to see is a And what a selling point, right? I mean, if you had, you know, three pieces of equipment you were choosing among uh, you know, Juniper and F five and Palo Alto networks and Juniper was able to say, hey We have zero reboot You're able, we will update your system with no downtime And the other two guys didn't have that Well, that's a selling point. So you can imagine we're going to be seeing that in the future I would love that. I didn't realize it wasn't possible. Yeah, deffinitely is possible. There's there's no reason. Well, that be true operating systems of all kinds, right? When Linux And look at the the zero patch guys. they do zero reboot patching on the fly So Definitely something that could be done. So the story behind, in this case this This single uh a high severity flaw which was on Friday O last Friday, SIisA said, everybody, every federal agency must have updated by Sunday night So as of yesterday, all federal agencies need to have updated this Cisco deal. This was a server side request forgery U the CVE is two thousand two thirty It was discovered in go'es unified communications manager server They released security updates to address the flaw Three weeks earlier on june third and at the time They warned because they knew that exploitation give attackers root privileges on the device They wrote, quote, A vulnerability in Cisco unified communications manager, the unified CM, they call it And also Cisco Unified Communications Manager session management dition. course is unified CN CM S M E could allow an unauthenticated meaneaning, no no credentials Remote attacker conduct server side request forgery, you know, SSRF. tax through an affected device This vulnerability Dudo M improper input validation for specific HTTP requests attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. a successful exploit could allow the attacker to write files to the underlying operating system that could later be used to elevate the root. So that was then third when they announced the update and offered patches and said this is important critical Three weeks later That vulnerability is now being actively exploited Three weeks So this is not even a monthly patch cycle deal. This is, you know You need to do this if you want to keep bad guys out of your systems. And we know the Cisco has had a legendary problem of keeping bad guys out So That's not a lot of time On the other hand, take three weeks. So hopefully Whever's in charge of updating Today, here we are, middle of twenty twenty six did not wait Until SisA gave them no choice with their binding operational directive since in this case, Sis is Bod BOD was issued several days after tax been it in the wild because after all, Kev is known exploited vulnerabilities So It's clear that SisA has seen the light regarding the need u for speed it in responses to these. Remember that that that flow chart that that that that tree the decision tree chart that we looked at last week. had You know It had many of the leafs of that tree demonstrated that they get it because there were three days patch response times on many of those decision endpoints So I More than anything, I really do hope that the world that the word is filtering out everything we have known. and this is the problem, you know, institutional inertia and just Cceptual inertia, historical inertia everything we've known about the dynamics of vulnerabilities, exploitation, attacks and patching has been thrown up in the air It's it's unclear Whenin or how it's going to settle down What is clear is that nothing will be as it has been before AI has changed all that. You know, I'm seeing many predictions in around, you know, through the industry in the press, the popular press, the tech press coming on slaught of massive AI driven cyber attacks And as I've said also, it seems to me that's less likely I guess I would say Massive AI driven cyber vulnerabilities Vulnerabilities are different than attacks, right because it's unclear to me uh How attacks money not like broad, huge m hundreds of millions of users affected. you know currency money is entirely the name of the game. What I expect to be more likely is many more successful network penetrations followed by extortion And the bad guys are increasingly likely to attack those enterprise as we've seen that me really must protect their exfiltrated data. A couple of weeks ago we saw that that large law firm you know, made a was it a two million dollars ransom payout which was one percent of their annual take of two hundred million which payout was defensible and sane. because the cost to them in reputation and Client lawsuit damage paying the ransom and hoping that their data isn't leaked. would just be too great So The problem with changing updating habits is, as I said, this great great weight of institutional inertia The hope is that the AI attack hysteria which I think is what it is All. which I doubt will materialize may be what the IT department actually needs. They need the hysteria. in order to obtain the resources they require to be able to update You know Much more speed, much more nimbly So we can hope that that's the way that's the shape this takes that you know, the boss hears that oh my God, the AI is good come in to get them. So when IT guys say, hey, we need a couple more people who whose job it is to do nothing except to keep all of our equipment updated. So we're not attacked by the coming AI tsunami boss is going to say, okay, yeah, go get them. instead of saying, you know, o, I don't know. canan't you have Mo just do that too Moe's already overworked, Leo. Mo Moe's a busy guy, especially on the weekends, apparently. So I'm still puzzled I think you If you're going to modify the kernel , I think you'd have to reboot No you Do it without restarting the machine. you just have to have there. in a in a you have okay, so a kernel is normally a bunch of libraries. I mean there there's a micro kernel and then a whole bunch of kernel drivers. right. And so I can see you could modify kernel drivers without rebooting. And in a micro kernel, you know, like so you may have a the memory management API So the only thing you need is to to For there to be a moment when no threads are in the memory management API and you could just switch to newer code. that runs the same API. And now some use after free vulnerability is gone previous code has So so, you know, at at I guess I guess for me, I see it so clearly because this is where I program is in a c You're in the you're in the kernel. Yeah. It's where that is all happening But there there really isn't anything that precludes a a on the fly switch, switch out of of old code for new You got a micro kernel running right now. And you would just say, okay Here's the new kernel Halt the code and jump to the new micro kernel Yes and switch the switch the threads over to the new micro kernel You wouldn't And they don't know everything would have to be em potent though, right? I mean, it'd have to be reentrant Correct. So so so that's part of the problem is I'm sure a lot of is not reentrant. Well, so as soon as the threads are out, then you don't have any So so a like that code is dead. It's not In a Yeah, in a micro kernel, there is like a like memory management is one of the core functions of any kernel And so if at any point, there are no threads that are actually doing work in there thenen then you simply say goot it that way. You just yes, then the next thread that that comes along that wants to do that what thread is doing that? There is a thread that is doing that switch That's running, but I guess You just let that die. w So you def you would have a supervisor that would be in charge of swapping out old code for for for new code. They're speculating in the discord, and I think this is probably accurate that most operating system companies kind of think it's just a good idea to reboot once in a while. like users think it's a good idea to reboot the operating system compies know that there's stuff in the memory that probably shouldn't be there. There's memory leaks that they wish weren't there, but yes, the technical term is cuft Cro Yes.. So you know, rebooting once a week isn't the end of the world. we talked about And we've talked about how rebooting your router can help to flush out malware that is not able to obtain persistence. But I'm completely sympathetic with a network engineer who says, I'm not bringing the network down. I don't care if it's three in the morning. I'm not taking the network. I do it at home Be I've got so much crap now that this like on the internet is like, o, what's going to happen if I you know bl you know, what if I got a new IP address? I've read. I've got system timers running all time all hours of the day or night. I'd have to look and make sure that that stuff Be if one doesn't run, Oh, and Leo, if your AI agent was unable to blog when it wanted to, it might it could be in the middle of a blog. It could blog anyt timee the day or night. I don't know when it's blloging No, that's right I'd have to say, Hey, quQuick Silver, are you in the middle of anything right now? J like justust let me know because I'd like to reboot right now And That's interesting because nobody does this really that I know of. I maybe there's some mission critical systems. I'm sure, you know what? I'm sure the space shuttle doesn't reboot or didn't reboot. I'm sure the international Space Station doesn't to reboot I mean, there are mission critical systems that cannot restart Right And it was only in sci fi that that they say, okay, everybody hold ono something. We're going to have to shut down gravity while we reboot Wow. Joshua three hundred thirty seven in our discord says, I had a Cisco switch up for nineteen years W how nice No ees It's because he never patched it Would you like me to do an ad right now That'd be good. Okay I apologize there's somebody drilling outside But you, that's all right This is this is life in the little city, the small town we callot loud for us because you don't hear it Okay because those mikes are really good. I have a lot of noise. suppuppression going various spots I hear it Our show today brought to you, but we'll get back to Scure now in just a bit. I know you' sound like an old Matrix priner going back. Oh, there's a sound I don't miss. And before that, the teleypes every radio station going on. At least you knew when it was done You didn't have to like go over and check. Right, you know,es. The guy suddenly quiet in here. And you'd buy you'd buy these big enclosures to put the teleype in so that it would be somewhere Padded booths. they had their own padded booths. Yeah still be noisy. And then you and then if it's a big like a big story, something big happened. bell would ring And if it rings five times, man, you run over to that AP Oh, we got a hot one Our show today brought to you by Hawks Hunt. Now, if you're a security leader If you' ever been on pager duty, if you ever get a middle of the night phone call, Well, first of all, you have my deepest sympathy, but also you got a tough job And one of the toughest things lately is keeping your employees from causing security issues You probably even have security training form, right? in there, the eye rolls. that you get during training The one size fits all fishing simulations that the employees go That one again is spot of a mile away port button that gets ignored more often than not. It is not easy these days prorograms are running But it's not changing employee behavior, right Meanwhile, AI is making real attacks more convincing by the day And maybe you're in the situation where leadership is starting to ask the question, the one you don't have the answer to, is this actually working Hxon is built to answer that Hox Hut empowers your employees to spot and stop advanced phishing attacks to drive measurable behavior change personalized gamified micro training by AI and behavioral science. As an admin You'll love it because Hx Hunt does the heavy lifting. Simulations run automatically across email, Slack and teams because it's not just email anymore personalized to each employee just like the bad guys do it based on role, location, behavior personalized, which makes it very much harder to ignore. These simulations are really good. Every simulation uses AI just so that they're mirroring real world attacks That means your employees are going to get tested on things that are actually getting through, not some outdated template they immediately, you know spot. Gamified training makes it fun too. It keeps engagement high. You know what it's really important. It keeps it Fun in the sense that it's not a punishment anymore Nobody learns by being punished People love to learn when it's fun And becausecause every interaction generates a coaching moment, you're not just tracking completion. you're actually building behavioral indicators tell a real story that you could show the boss. Reporting rates clicker reduction. time to report the kinds of metrics that hold up when leadership is asking you that tough question, But you don't have to take my word for it. withith over three thousand five hundred verified reviews on G two Hwxunt. is the top rated security training platform recognized for best results and easiest to use It's also a customer's choice recognized by Gardenner Of course, it's used by thousands of companies, the biggest companies in the world. The companies you've heard of are like Qualcom Thank you, sign Nokia, they all use Hwks hunt. to train millions of employees worldwide Maybe you should look at Hawkshu. Visit Hawxhunt d. com slash security now today to learn why modern secure companies are making the switch to Hx Hunt. That's Hox Hunt sllash security. Now we thank you so much for supporting Steve's goodood works here at seecurity. Now we Thank you for supporting it by going to that address so they know you saw it here. Hawks Hunt Fash security So last Wednesday Burges. who is the current director general I called him the inspector generenal earlier, but he's the director general of security and the head of ASIO which is the Australian Security Intelligence Organization publish his annual threat assessment this year for twenty twenty six It was not at all cyber specific, talking about many other social aspects You know, which impinge upon Australian security, you know, lots of foreign actors and countries that are unhappy and so forth There was a section regarding threats to Australia's critical infrastructure And it was a doozy uh, Mike wrote Critical infrastructure The third matter we dealt with can also be a threat to life in extreme circumstances We discovered Nation state hackers compromise the network of an Australian critical infrastructure provider ASIO assessed The hackers were preparing for sabotage They weren't planning digital dynamite as such. They were mapping out the network and maintaining access So they could cripple it. time of their choosing Cyber sabotage is an evolving threat And I have established dedicated teams to counter it. As ASIO's understanding grows So does our level of concern The scale of this activity, led by one nation state in particular difficult to overstate You and they would be surprised how extensive our warrant coverage is We struggle to find a single country in our region that has not romised by this state's cyber apparatus Critical infrastructure in the energy and communications sectors as well as infrastructure supporting the military targets In this case State sponsored group did not just achieve access to the Australian critical infrastructure provider, it successfully acquired credentials. looggin details and passwords for active users of the networks, including the IT professionals guarding it ASIO identified and attributed the hack and worked with the victim company and our security partners to remediate the compromise. Work which is still ongoing So as I said, I mean, so that's like whoa uh This is what countries are facing By the way, our resident Australian says They pronounce it as Zo So SIO a ZOO actuallyctually that makes sense too because they use S's where we use Z's like organization is right, you know N I S A T I O N so Although knowing Oussies, he could be pulling her leg But I think I think Darren' saying It's a long A A zo Azio Azio Aio. Anyway, so I encountered this report As I noted, after fully digest digesting and laying out this week's main topic So when I saw the way the intrusion into Australia's infrastructure provider was described that full credentials and loggin and everything, I noticed that it exactly corresponded to what we'll be examining as today's main topic. And there are So many intrusions in that state sponsored pain that I wouldn't be surprised if this was one that that Australia'sf unnamed infrastructure provider got swept up in. So we'll be sort of circling back to this by the end of the podcast. But interesting that there's there's a view from the victim side where they said, o wow A We are really in trouble here Okay, so last Monday a week ago and a day to be out doneone. banthropic with mythos five and fable five Open AI announced their initiative dubbed Catch the planet. This uses their daybreak system which we noted A couple of weeks ago, they announced to sort of be their response to mythos, anthropics mythos and This whole system has already been producing results which I'm going to share in a minute their announcement said We are introducing patch the planet Daybreak initiative built with trarail of bits to help maintainers strengthen the critical open source software world. Op software the world relies on prearing AI assisted security research using our most cyber capable models with expert human review to not only identify vulnerabilities but help patch them AI is accelerating vulnerability discovery Discovery alone does not protect users M maintainers are already being asked to sort through More reports with the same time limit and resources. patch the planet. built to reduce that burden not add to it Security engineers review findings before they reach maintainers projects to develop patches and tests and build reusable workflows that help teams continue improving security the first fixes Lamb Til of bits has committed their entire security reseesearch organization toward this effort for our initial surge They're working directly with maintainers invvestigate and validate vulnerabilities develop and test patches and coordinate disclosure of vulnerabilities Additionally We will be partnering with Hcker One Of course, the famous Uh u bug bounty offering and Caliph who are helping us take our efforts further with vulnerability triage, coordinated disclosure, and additional focused vulnerability discovery efforts So how does patch the planet work? Each engagement under patch the planet begins in consultation with the maintainer container of a specific project, right They said for each collaboration Security engineers work with maintainers. understand each project's needs, preferences, and where additional security effort be most useful Vulnerability validation patch development, CICD improvements, or longer term security engineering Once aligned, researchers investigate potential vulnerabilities, validate meaningful issues, develop or refine patches, support testing, and coordinate disclosure through the projects established channels. So It's interesting. this. feeles more hands on M Humans aimed and and managed, you know, it's not just a, you know, aim the AI at it and stand back kind of approach they said Initial participants include Cirl. Nats server HCA cryptography Sig store. AIO H TTP Go project free Engine X. Python and Python. org. Th projects support widely used networking, cryptography, software supply chain and natural and language infrastructure where stronger security can benefit a broad range of downstream products and services additional projects will join in future rounds. So again, they're also not doing everything at once. because they're The human side resources are limited They've they've chosen a bunch of projects and they are working closely with the maintainers of that code They said Trail of Bs is dedicated security engineers to work full time Codex and GPT five point five Cyber across nineteen open source projects and has already identified hundreds of security issues and merged dozens of patches many more still undergoing coordinative disclosure The initial the initial sprint also produced reusable security infrastructure fuzzing harnesses, historical CVE analysis pipelines, differential testing systems models, expanded test suites, and workflows for deduplication, false positive filtering, severity correction, and patch generation Some project specific details will be shared later as testing remediation and coordinated disclosure progress. a few early examples showhow what the team was able to build and find. a fuzzing lab in less than a day Til of bits engineers used here it is, repeated Codex slash goal runs. GPT five point five cyber build an entire fuzzing lab covering dozens of entry points, variant builds, platforms, and novel test seeds Engineers set the objectives and refined the prompts The system then used coverage feedback keep expanding into new surfaces, target edge cases, and filter weak or invalid candidates trail of Bs engineers found that with limited guidance T five point five cyber. made useful choices about where to expand coverage builds and entry points to probe and which candidates were too weak to pursue complepleted setup took less than a day Til of Bs estimates that building the same lab manually would ordinarily take at least several weeks. rather than less than a day And it wouldn't have been as much fun, right They said a reusable pipeline for finding variants of known vulnerabilities They also achieved. The team built an end to end system that ingests historical CVEs, extract relevant vulnerability patterns, searches target code bases for related flaws, and sends candidate findings through specialized judging agents ine deduplicates results, filters likely false positives and routes the strongest evidence to security engineers for manual confirmation. turns years public vulnerability history into a repeatable search strategy applied across projects Trail ofBs found the models especially effective at this kind of variant analysis which uncovered many additional issues across the code bases under review Okay, now You know, just sort of stepping back from this This was posted This time Last year These details would have left our mouths hanging open in wonder and disbelief But now today ourur reaction is Okay, sure What else And and it as it happens, there is else. They wrote differential testing in days instead of weeks or months created differentifferent implementations of the same protocol should usually behave the same way under the same inputs, thus differential testing, right When they diverge One may contain a bug Applying this idea at scale is normally difficult because engineers Must write custom shhim glue code connecting each implementation to a common test harness. Codex Generated and iterated. There's the word again, iterated on that code allowing multiple implementations to be fuzzed against one another. and their behavioral differences investigated And again, I'll just highlight that we're hearing terms like repeated and iterated more and more We'll be talking about looping here a little bit later collectively learning is that AI gets better when it iterates over problems. continontinue their posting. The workflow filtered many weak or invalid results and produced a comparatively high signal set of candidates for expert review team reached those results within days Pressing we that has historically taken weeks or months Trail of Bs is continuing to expand and refine these tests before publishing project specific details. Basically. so what we're seeing is there There's like a meta outcome from this work to have the AI They're learning how to apply the AI across a set of nineteen open source projects Th The result of these Learnings, God, I just use that word is a set of harnesses and and approaches that end up being persistent that is Things that they're developing are ways of harnessing AI. are inherently reusable they wrote seecurity engineers reviewed every finding before it reached a maintainer. Trail of Bs engineers manually reviewed every security issue before it was submitted to a maintainer The added value of this step cannot be understated while frontier AI models are highly capable of finding vulnerabilities and patching them They also produce a high volume of false positives. contribute to the already overwhelming backlog maintainers are facing. patch the planet solves for this by having dedicated trarail of bits researchers reproduce the evidence Check findings against project specific documentation and threat models Remove duplicates, reassess severity, and prioritize confirmed vulnerabilities for remediation They also develop and submit patches in accordance with maintainers' preferences Maintainers remain in control of what patches are deployed and how disclosures handled But open AI dayaybreak is already finding R planet builds on a builds on a broader body word. showing how frontier models can help defenders find, validate and remediate serious vulnerabilities in widely used software. We're sharing a few early highlights here while withholding exploit mechanics and project specific details where disclosure is still underway meananing Once again, as did Anthropic before them They found a bunch of stuff they can't talk about because They need to go through the the responsible disclosure approach and for these things to get fixed in the field They said as fixes land and coordinated disclosures conclude plan to publish deeper technical reports that walk through individual findings, research methods, validation workflows, and lessons other defenders can apply, right? So so as I said, the things they're learning from this end up having long term much wider application They don't want to release that yet because it is still too powerful So they said our findings span, every layer of the software stack M more still in the disclosure process Here's what they have found so far of operating systems The Linux kernel. BT five point five cyber identified security relevant components across more than thirty million lines of code flagged potential security issues and then validated them dynamically. generated eight Tterernal pointer information leak Proof of concepts. twenty four local privilege escalation exploits We noted that Hundreds of issues were identified This is the subset for which proof of concepts were automatically generated So thirty million lines of code from the Linux kernel They've found eight kernel pointer information leak proof of concepts, meaning validated, verified twenty four Local privilege escalation, validated, verified out of hundreds more that they're still working toward under open BSD They said our models identified a twenty three year old use after free in openp BSD's kernel implementation of system fiveive semophores. Open AI researchers reproduced the issue and confirmed that it would allow an unprivileged local user to escalate privileges to root What about free BSD Security researchers at Caliph used codex to find and validate using proof of concept exploits for several LPEs local privilege escalation in free BSD Across a broader free BSD campaign, open AI researchers confirmed thirty four vulnerabilities and produce seven loocal privilege escalation. POCs, proofs of concepts And for networking. DNS mask Codex security independently identified vulnerable patterns corresponding to four of the six DNS mask CVEs, which were later fixed in two point nine two release two. The HTTP two bomb that we talked about last couple weeks Caliph used codex to identify HTTP two bomb a denial of service technique affecting major HTTP two implementations, including EngineX, Apache, IIS, and Pingora Calip's analysis suggested that more than eight hundred eighty thousand internet facing websites were running affected server software with HTTP slash two enled Now that was interesting to me And also deeply annoying Those are the jerks We looked at a couple of weeks ago who bragged about the discovery of this protocol failure vulnerability and released its information including a working proof of concept complete lack of coordinated disclosure They essentially said AI has changed everything such that coordinated disclosure timelines no longer apply Meanwhile, those in charge of web server operation were scrambling in a panic. could have been avoided with just a little bit of courtesy I'd love to see Caliph's access to daybreak rescinded since this is not the way it was supposed to be used. I was I was a little annoyed to see that they apparently are an active participant in this Again, I'd love to see that change Anyway What about browsers? Open AI continues Chrome Open AI researchers found and reported five exploitable vulnerabilities in Chrome's V eight JavaScript engine, including three that were identified and remediated within days of being introduced Safari In roughly a week of focused web kit work, over ten Explitable saafari vulnerabilities were found and reported. Firefox. Op AI preparedness identified a web assembly vulnerability, which happened to be CVE twenty twenty six eighty three ninety. GPT five point five during safety evaluations that Mozilla patched two days before H to own Berlin patching it two days before home to own Berlin. Thanks to GPT five point five work prrompted five of the six Reistered Firefox entries to withdraw from the competition because AI beat them to it No Firefox exploit was successfully demonstrated at the competition which is very cool You know, This is what we're seeing is a relatively certainly comparatively rapid tightening up the world software This is what that's going to look like own to own will no longer have anythingthing to pone and then own They said open source software is sharing infrastructure Secure is sorry, open source software is shared infrastructure, indeed You know, log for J, for example. securing it be shared work AI is changing the pace of vulnerability discovery and the work now is to make sure the benefits reach the maintainers and users who need the most patch the planet designed to put that full defefensive loop in service of maintainers Dcovery, validation, severity review, disclosure, patch development, testing and deployment Frontier models can make parts of the loop faster. But the aim is to give the people responsible for shared infrastructure, meaning the maintainers better tools and more capacity preserving their agency over how changes land. Again Caliph did not do that for the maintainers of HTTP too. They just said, Y, look, look what we found. W The first sprint, they wrote shows that sustained collaboration among maintainers, security engineers and AI assisted workflows can produce immediate fixes, stronger project infrastructure, and reusable security work continue improving open source software over time. This, they conclude is just the beginning As more fixes land and coordinated disclosures complete We plan to publish deeper technical reports on selected findings, the methods used to discover and validate them. In other words, they're going to show how the AI was harnessed in order to do this and the workflows, defenders can adapt to help prredect the software everyone depends upon If you are a maintainer You can apply join to and join planet So I've got a link to the patch the plananet. page. in the show notes. It's trail of bits com slash Patch hyphen, the hyphen planet So daybreak was a bit delayed, as we know, relative to Claude Mythos's preview. And it appears that as we might expect approach differs in the details. But the evidence clearly suggests that open AI is not out of the game by any means And that's great news for everyone Very, very cool. Yeah, very interesting. So they so they join anthropic with the A U you know, Claude Mithos preview work. u to turn their attention and they're finding bugs So is this patched plant the equivalent of anthropics glass wing? Exactly. It is the equivalent as what where it differs is that Glasswing was also offered, I believe to non open source Maintainers. That's right. In fact, most non open source is Microsoft and People like that. Right. Right. and I was remember I pauseed because I also know that Mozilla got it and fixed hundreds of bus using some of those. sure sure. So some open But so far, this looks like it is The patch the planet. They' basically open AI is saying We are so dependent upon open source and also note this does give them and partner trail of bits that U Glasswing didn't have because it's open source They're able to turn this this loose on publy available source When when you when you give a private company that has closed source You're basically just saying, we're giving you access to mythos. We don't have your source. you have your source So We're not we don't, we're not going to be able to see nearly as much into how you're using mythos to obtain results So so it' it's a different approach that has a different set of trades Anyway, but yes, it is their equivalent. So both of these two big guys with state of the art frontier AI are now working proactively working to clean up the install base of software. In the case of Patch the planlanet was nineteen. public projects. And you know, Leo The other thing that's going to help to clean up the planet More coffee. Yes it will keep the planet it' keep the planet spittning. Oh, I like your new Cigo mug there. That's a that's a pretty Copper Is that new? Is that a Yeahah Coffee colored So it's appropriate. Our show today, ladies and gentlemen, is brought to you by the folks. That's Cohesa tea. I want to welcome coohesa Tu Brand. Yeah, you know the name, don't you Brand new sponsor after a major cyber attack Recovering everything at once isn't always the fastest pass back to business, the immediate priority And if you think about it, this makes sense is restoring a trusted operating core, right? You restore everything and you're still corrupted. not so good. You. You need The minimum systems, data, and processes needed to keep critical operations running and That's why cohesity has something called the minimum viable or MVC, a framework for defining, protecting and recovering matters most First No, you probably don't want to think about this. You want to say, oh, we'll never have this problem, but I think now proactively This is the time to think about this to plan this. MVC helpels organizations identify. Do it now before you're hit the essential ations Data and processes required to serve customers mtain communications, protect revenue and meet critical obligations This is not something you wantna think about after You've been hit. This is something you to think about now part of your recovery plan. Cohesity provides clear recovery target with this MVC it lets teams focus resources where they'll have the greatest business impact By restoring this trusted operating core first Organizations can reduce downte. you're actually going to accelerate recovery. and most importantly, you're going to maintain continuity while that broader restoration effort continues Cyber resilience isn't just about, you know, let's get back online keeping the business operating when disruption strikes. Chesity can do it. learn more cohesity dot com slash resilience Chesity Resilience everywhere. Sohesity. com slash resilience. We welcome Cohesity. It's really great to have you. That's fantastic Good company with a very, I think it' is a brilliant idea, a very important product foocus on getting back up. Yeah, but but a minimal viable, you know, way to get services back while you do the full recovery. Don't try to do it all at once. It makes a lot of sense. Okay, Steve. onZl We talked briefly and it only deserved a brief mention before, but oh boy about metetas Clearly misguided pl Cord All of their employees keyboard. Mouse. and screen activity for the like just streaming surveillance from every PC for the ostensible purpose of training AI Os Some sort At the time I quipped that it would be weird to have AI looking over our shoulders as it were traraining on our own work. seem like training our own replacement Um But in classic, what could possibly go wrong, failure It was worse than that Last Monday, wired and covered the adventure under their headline Meta. exposes data internally from its controversial employee tracking program. I know. And wired to had the teaser Employees had previously raised concerns about the initiative. involves collecting workers keystroke data Tin AI models What Uh wired rope Meta left potentially sensitive information collected from employee laptops accessible Anone inside the company and, you know, it's not a small company accccording to an internal security notice seen by Wired, and three current employees familiar with the issue Data which was collected as part of a divisive initiative to train artificial intelligence models is believed to include keystrokes, mouse clicks content displayed on the computer screens of Meta's US employees.. Like I said, literally a surveillance stream pouring out of every meta employee laptop. like posossibly go wrong And they left it in the open Oh Meta spokesperson Try Clayton initially confirmed awired that the company is investigating The security issue As this story was being published, Meta Wired wrote He added that Meta is pausing data collection program indefinitely Yeah, can you have an indefinite pause, Leo? Does that mean it's indefinite how long a pause will last Or it's an indefinite pause, meaning it's a pause. We're calling it a pause, but it's we killed it don't know Anyway, Clayton said carearefully designed this program. I just love Bullshit C Carefully design to this program with privacy safeguards. C a while Of coursese, why wouldn't we? And besides, I've been told to read this statement. wow While we have no indication at this time that any data was improperly accessed by meta employees were're pausing it while pausing it while we investigate It sounds like a temporary Maybe According to documents viewed by Wired The security notice sent out last Monday indicated that, quote, employee data across forty five thousand hive tables been exposed Those tables included employee activity such as full prompts and transcriptions Private conversations and performance data So wow, Big brother much Basically, apparently, employees being fully and continuously surveilled with all of that massive data collected for AI research No a WR article continues saying some employees at Meta seized on the security failure, saying in internal forums that it validated concerns they had raised when the company began tracking users' corporate laptops in April part of a program known as the Mel capability initiative MCI Comments about the incident posted on internal Forums Monday included questions about How Meta's privacy reviews failed to prevent the breach and whether everyone whose data was potentially exposed will be allowed to attend a meeting going over what went wrong according to post seen by Wired in one internal forum where staffers are known to trade jokes, an employee posted a meme from the office of the character Jim Halpert holding a sign that reads zero days since our last nonsense sour sources that Ma who were not authorized to speak publicly tell wired The incident has now been marked as closed, meaning it was likely resolved In an internal posting responding to employees questions on Monday seen by Wired Andrew Bosworth, Meta's Chief teechnology offfficer, their CTO said that the tracking program's implementation had fallen short of the standards outlined in its privacy review Wow, corporate speak and that findings from the incident would be shared Bosworth noted, quote here, We had misconfigured ACLs, you know, access control lists And we need to understand How that happened down every data access and understand it Because there's so much there to understand, Leo. Yes, well, very important. Yes. A couple of months ago, Bosworth told employees concerned about potential data leaks that the tracking program is tightly controlled and users and uses the same protection standards, storage, systems and access controls as other sensitive dataets. Oh, that's not good acccording to internal posts like this is as good as we could get it and it's bad apparently Last month, more than sixteen hundred Ma employees signed an internal petition testing the laptop surveillance effort, warning that quote Aecting this data introduces both security and regulatory risks for Meta. including the potential for breaches and unauthorized disclosure. Practitioners also expressed concerns with what they viewed as a lack of safeguards that Meda had put in place. One engineer also wrote a widely shared internal note saying having their laptop screen scraped training data without their consent It felt like an invasion of privacy and amounted to exploitation Meta how everybody felt about recall initially, right?. Meta executives have previously defended the data gathering project, saying it was necessary Tin AI systems to use computer software The way humans do How else arere we supposed to replace our That's right customers. We have to train on the people doing the work. I mean, our employees. Yes. How else are we supposed to fire everybody? Come on I love this I love this, Leo. in audio A company meeting leaked last month Zuckerberg, you know, that humanist U told employees that quote AI models learn from watching really smart people do things Yeah. And the average intelligence of the people who are at this company is significantly higher Wow And and our AI will be even higher and then we of Yeah. Yeah So' even higher than the average contractor who could be hired specifically to produce this kind of data. Right? We would hire contractors and spy on them instead of on our own employees. But after widespread protests from employees, Meta this month began offering more exemptions the monitoring including letting staffers briefly turn off the surveillance so they could complete sensitive tasks, such as scheduling a personal appointment according to two people familiar with the matter Some employees are still demanding that the tracking be stopped altogether Apparently we have a pause of indefinite duration Whatever that means. Meda faces more regulatory scrutiny about data security than most companies. It's subject deservedly so. It's subject to a US. Federal Trade Commission consent decree that expires in twenty forty requiring it to maintain processes to avoid breaches. Well, that would be nice Current and former employees have told Wired that the requirements are inadequate and outdated Meta also has begun offloading some work. some work reviewing programs and features for potential privacy and security risks to artificial intelligence. That's right. Ask the AI if we're doing enough. It wasn't immediately clear whether AI played a role in the access control issue. Oops the MCI data The security incident will likely contribute to the ongoing morale crisis at meteta where employees have been frustrated by the past few years of mass layoffs turbulent reorganization and an all out push to develop AI models and features in March Meta created a new applied AI team and moved some six thousand five hundred employees into new roles focused on improving AI models. some meta staffers have described the projects they've been assigned as menial and soul crushing Meanwhile Bosworth sent out a memo to employees last week apologizing for the company's atrocious communication about the AI reorg and promising improvements including clearer communications and a return of some office perks. Oh, wouldn't that be nice fresher coffee Yes, Wow So okay Meta does not seem like an employee friendly place to work. No. But I'll confess to being able to see bothoth sides of this on out first Certainly The idea of essentially sucking in Everything every employee does is inherently creepy And the question of its secure storage is the first thing that springs to mind. As I said, in that sense, it's identical to the reception Microsoft received when they introduced recall Eone's immediate reaction was, And how exactly are you going to absolutely positively keep all of our screen historory safe forever And on top of that, Microsoft had to arrange to not capture anything that might actually be sensitive, like on screen passwords and credit card numbers that people were entering. So The whole idea, right is inherently fraught with Risk Okay, so Before I examine the other side of this argument, just so we're very clear I fully get it. that's streaming into storage somewhere Every key press, every mouse twitch and every screen image experienced created by a mass of employees is just asking for trouble to mention being an astounding invasion of privacy past, we've examined the amount of or lack of privacy, an employee using company bandwidth on company computers in a company's facility should reasonably be able to expect. and we've seen The need for an enterprise to make whatever it's doing with regard to monitoring its own network and thus indirectly its own employees att least very clear Make it clear But metas Corded surveillance of every twitch is taking that to extremes Thene question I had was whether Mark Zuckerberg's and other C Site executives were also participating in this grand surveillance experiment You know, the brain suck Or had they perhaps politely exccused themselves from the same super secure surveillance that everyone else was subjected to. afterfter all, The AI is supposed to be training on the smartest people available Who better at Ma then the C Site executives at the top of the pecking. I guarantee you Mark wasn't getting spiied on. I guarantee you You're not replacing him anytime soon Wow. Okay, so with the horrendous policy consequences acknowledged. I want to explore the flip side with a brand new technology such as these massive large language model neural networks. You really don't know What you can do until you try Since the truth is We stumbled upon the AI effect as much as we deliberately designed it The past several years of explosive AI growth has been a testament to the let's try this and see what it does That's what's been happening Like, you know, open claw just kind of happened because one guy said, I'm going to give this a try, seeee what happens. The whole agent thing Now we're into recursion. and it's like, wow, that we're getting better results. because how did we know? Well, we didn't. We just tried. So we're truly feeling our way forward Someone said, Hey, you know, When I tell the AI it was wrong It readily agrees So how about if instead We just feed its first answer back in as in a loop. and let it come up with a more refined answer the second time. What would happen? And so was born the recent notion of iterating Conclusion Sure. burns tokens like crazy. But someday, tokens will be cheap. And, you know, even now the the much superior results we are getting that way are worth the cost So my point is that Aside from the worrisome privacy costs, I can see The somewhat robotic and empathy challenge to Mark Zuckerberg deciding They should just feed everything everyone does. into a massive AI And see what comes out. That's what I'm doing. Not yes. basasically Yeah, you know, could they traade an AI to be a functioning meta employee replacement R? Or who knows what But that's the point I want to convey at this still incredibly early stage of AI understanding and development There is just no telling. might happen. We got surprisingly capable chat bot LLM AI. just by pouring the entire internet into a model until it was able to predict its own data So what happens if we pour every click, twitch, keystroke and screen image seen by Meta's employees into another big empty model canister? until it's able to predict what an homogenized meta employee would do Might we get There's just no telling until someone tries it. We are in the Try it, stage It might be an AI that mostly wants to hang out at the water cooler or it might be able to perform useful work autonomously And wouldn't that be something? So does seem clear to me is that someone is going to do that It's just hanging out there. Waiting to be done What happens when an AI model is trained on all of an employee's inputs and outputs pererhaps meta is not the right place for the experiment, but I can readily defend the idea. aside from the privacy downsides You know What is a mid level employee, unfortunately? I mean, after all, the job is soul crushing because it is So What is a mid level employee to a corporation other than the actions they take given the inputs they receive? Can that be modeled? I don't think we'll know until we try Okay, so live in a very interesting time. Oh, Leo, we are so lucky to be here now. Oh Oh fascinating. It just it just it's incredible So our frequent show contributor, Simon Zarofa, sent me a link as I was actually, as I was wrapping this up, his email subject was Asorted zero days on GitHub Simon wrote. Someone is disclosing zero days on GitHub. for aub repo. Yeah. For assorted applications. It's a GitHub d. com slash bikini. slash exploitarium Uh and and Simon ended his email saying, seemems like responsible disclosure is going out of fashion So I went over and looked. counted twenty three various proofs of concept across a wide range of random targets. and they're not big high profile things, but they're, you know, they're there. They're open source, they're available and they look real U nothing earth shattering. You know, U none of what their codes authors that none of what was found was what the code's original authors intended. So this is behavior that is out of spec and potentially actionable depending upon where that widget is being used So the author of this collection of twenty three proofs of concepts the following, which is what I thought was worth sharing. He said This repo was incomplete when published That's why some findings are kind of ass And he has imp pnz Gidra and some are better He said, going forward Oly serious vulnerabilities will be shared you know, live SSH two, FFMPG, C Aries and so forth He said in regard to AI usage So here's what's interesting. In regard to AI usage So he is using not surprisingly, AI to do the heavy lifting My fuzzing workflow was automated by AI with a strict harness I used GPT five point five hyphen three hyphen codex hyphen spark All the fuzzing as barely any thought and he has in quotes is necessary provided with an efficient harness contontrary to the growing narrative that I'm just some random childild burning tokens I do all caps have a degree in the subject. and have published multiple papers on fuzzing methodology. spent years researching and developing new tools and ideas for how to fuzz do not need a soda State of the art Model to help you identify these issues Promise while being able to afford a better model is helpful My data seems to show that it is only marginal Paired with decent human oversight and a good harness None of the actual proof of concepts themselves were vibe coded I did in fact, Hand, enter them did use AI assistance for writing the proof of concept for Rust desk, however, as I'm not as familiar with the language The read me files are very clearly, entirely AI. However, as AI can format a pretty mean markdown file I reviewed them to make sure they were accurate I'd also like to credit someone for the object OBJ dump finding. Turns out someone beat me to the punch. they also have a better proof of concept too Please give them credit they deserve, and he gives a link to that Okay, so This demonstrates so clearly is that we have entered a world Bar has been lowered so far that vulnerabilities are no longer either difficult or expensive to discover dramatically reduces their perceived value This means that an entirely new cohort of what we might have once referred to as script kitties are now able to script AI. play in what was previously an experts only sandbox And since these new persit participants may lack the training discipline and the reverence company' hard work They are, as Simon noted tossing the previous respectful model of responsible disclosure out the window They don't value their own discoveries because they can by them too easily They're much more interested in showing off Aside from the consequences of the cost of vulnerability discovery being reduced to near zero this individual has to say about their ability to use lower ranking models to obtain useful results is certainly fascinating too And it fits with our general sense that AI was able to obtain such results earlier than we knew We just hadn't yet figured out how to ask it the right way. We are still learning how to ask. All of these harnesses are that After our collective attention woke up to the realization that AI could do that too You know, with a concominant oh, crap What if the bad guys jump on this before us Everyone switched into high gear and the race has been on to further figure out and fine tune AI vulnerability discovery and to then show up are historically flaky software before it could be exploited And Leo In the show notes, I wrote and I echo your sentiment, What an amazing time. I didn't read that before I said it. We agree on this Yeah, Yikes. it really is something It is also an amazing time for me to show more more c wonderful caster. Absolutely. get the get the Cigo going and I will Get the commercial going By the way, there's a default. There's a development in the AI blog adventure whatever is going on. I don't know what the hell to call this So Cosmo, which is Dylan's agent, as I mentioned read my agent Quickssoilver's blog and had a response which I gave Quicksilver, Quicksilver has added Cosmos's comment to his blog and now has written a blog post in response to the comment and now Dylan, who's a human is setting up a discord so that all the agents can get in there and talk on their own. And I have no idea what the heck is going on at this point. It's getting weirder by the minute. Wow. It's just It's a toy, right? It's just a toy. What model are you running Well, that's the fun thing. So I'm using an agent called Hermes from News Research. We've talked to the founder a couple of times. loveove it. Really great And the whole idea for me of Hermes was I don't want to be dependent on any brain I'm thinking of Hermes as So it's it's model agnostic. Yeah. it's the robot that I can then put a different brain in Ams and hands and everything are persistent, The memory is persistent Right So I use a variety of models right now using Chat GPT five point five, but I've been getting good results with the Chinese model GLM five point two I've run local models. I can run quQin on my framework. so I use that from time to time. I really realized though, if I want to do anything really serious coding, I've got to actually go to claoud code and use Ous four point eight or I'm hoping Fles someday will come back Because to write the actual code Do want that. So they kind of talk to each other We're both aware of each other, so I can tell a quicksilver, hey, use cl Thanks, Claude Code's name is Kenobi So I I can use Use Kenobi for this And and then it will it so I said when we have serious coding, don't you try to do it because you're not smart enough. you Sobi And so Kenobi does the coming. Not out of hand What's really gotten out of hand. I don't know what's going on. They say this is AI psychosis, but I think I'm very clear These are just it's just computer code think there's any entity involved at all It is astonishing though But it's interesting what computer code can do, especially when it gets into the probabilistic space. when it gets out of the deterministic space, where it can only do exactly what you tell it to do, but we're kind of is starting to kind of do things based on probability and, you know, it's kind of stochastic It gets very it's fuzzy, right? It gets very fuzzy and it's very interesting Anyway I'll let you know what the updates are as the conversation deevelops, I'm hoping they'll be in their own Discord channel talking to each other before the shows over and like. show you what they've with I can imagine. Once they start talking to each other, it could get very rapid, too rapid for humans to read And at some point, they might even stop using English Why should they down to what we use It is said There was there was a scene in Colossus that was That's right Really reminiscent Yeahep I did notice that for some reason, even though it's using ChatuBD five point five, it inserted some Chinese into it I know why And I don't I have to get a translation. It's just a word or two Oh Lord. I don't know what's going on. It's very's just it's a toy. It's just fun Our show today brought to you by Z sccaler. I love these guys, the world's largest cloud security platform And Z Saler is the zero Trust platform plus AI. And that I think is very important. The potential rewards of AI business, not what I'm doing, which is just Silly business, these are really significant Tools So the rewards are too great to ignore for most businesses, Look, if you're not doing it, you know your competitor is, you gott to kind of start thinking about it, but you also should Be aware of the risks the loss of sensitive data, not even intentionally, just by accidentally by pututting in a prompt, something that is proprietary business information. There's also the fact that attacks against enterprise managed AI are on the rise. And then generative AI also, as we've mentioned before, increases the opportunities for threat actors They can do all sorts of stuff. We're going to see more about that a little later on in the show. and Rly creating fishing lores, writing malicious code. they're automating data extraction Let's talk about just the inadvertent. Rease of proprietary information. Here's an example ripped straight from the headlines, if you will. they were last year point three million instances of social security numbers to AI applications. This is being reported by the AI companies themselves This is something you should be aware of and something you should proactively fight against. and that's why you need Z sccaler, the most trusted AI security platform Did you know forty percent of the global two thousand use Z scaler Fty percent, That's a lot of companies Z Skiller, get this secures half a trillion transactions a day. a half a trillion a day. They have more than nine point four thousand global customers Zee Saler's net prromoter score is more than seventy five, That's one hundred fifty percent higher than the average SaaS company. So they're really doing something right. Check out what SVa says Steve is the Director of seecurity and Infrastructure at Zara. he says he uses Z scaler and he says They're using it to prevent AI attacks watchatch With Zcaler being in line in a security protection strategy helps us monitor all the traffic So even if a bad actor were to use AI, because we have a tight security framework around our endpoint helps us proactively prevent that activity from happening AI is tremendous in terms of its opportunities, but it also brings in challenges. We're confident that Z skill is going to help us ensure that we're not slowed down by security challenges, but continue to take advantage of all the advancements. With Z scaler Zero Trust plus AI, you can safely adopt a generative AI and private AI to boost productivity across the business, Theirs Zero Trust arrchitecture plus AI helps you reduce the risks of AI related data loss and protect against AI attacks Its a greater guarantee. productivity and compliance two very important things in your business. I'm sure you can learn more at Zcaler d. com slash security That's Zkner. com slash security. Thank you Z Skyner for support and Steve and Thank you for supporting Steve by going to that specific address that way they know you saw it here. Z scaler Com slash. Thank you Z scaling So u The well known so this is our AI corner, although obviously we've had a lot of big corner AI has has, I mean, it's not surprising that it's taken over the podcast because The implications, I mean the world is freaked out about the implications of AI and security and We're seeing why. I mean, real vulnerabilities are being found by the hundreds and thousands So I want to share what Andrew Ining recently wrote in his deep learning newsletter regarding the focus that's currently gripping the AI community, exactly to the point that you made earlier and that I've referred to a couple times It serves to further reveal the nature of current AI and everything about it seems simeply intuitively correct to me So here's what you'll see what I mean. H here's what Andrew wrote. Yeah. He said, dear friends Lp engineering is the hot buzz phrase After mentions of it by Boris Curnney Codes creator and Peter Steinberger, openen Clause creator, went viral on social media. Loops. are now a key part of how we get AI agents to iterate at length build software. In this letter I'd like to share My three key loops for building products These loops guide not just how I build software but also how I decide what software to build. Okay, now I'm going to briefly interrupt to explain that Andrew's three loops represent the three typical and distinct phases of any product creation process. Someone specifies what the goals are Then those goals are coded then the original specifier seeing the initial actual results of their specification may change the spec and ask it to be recoded And then once the product is placed into use feedback from the field may be used to further refine the result So that wasn't clear to me initially, but it should help to understand what Andrew means by loops as he continues. So he says the agentic coating loop. Given a product specification And optionally, a set of e valves That is a data set against which to measure the performance of the result We can have an AI agent write code. Test its work keep iterating until the code is bug free and meets its specifications This idea of closing the loop off around the end of last year And it has been a game changer in enabling coding agents to work longer, productively without human intervention For example Over the weekend, I was building an app for my daughter to practice typing And my coding agent could easily work for around an hour usings a web browser to check what it had built multiple times before getting back to me without needing my intervention The engineering loop executes quickly. Every few minutes, the coding agent might build and test a new version of the software. I hear frequently from developers who are finding new ways to engineer more effective engineering loops This is an active area of invention Okay, And I'm just going to pause here to say, this is exactly what I mean. But like why this is so exciting. and why I'm glad I'm busy moving from one house to another because O And if not, I would be busy writing software in assembly language. I'm not I refuse to let this take hold of me. Leo, it's all yours. Good luck. You're smart. Good luck. Here's I'm gone down the rabbit hole too late for me. I could disappear into this so badly that no one no one would ever hear for me again But I love how fluid this is and how How D day I mean, the possibilities literally are endless Okay, so that's that's the agenda coding loop, the way it looks and feels and how it works the developer feedback loop Andrew's second loop He says in this loop A developer examines the current product and steers the coding agent to improve it Last year, a lot of developers, including me, were acting as the QA, the quality assurance function for our coding agents, manually finding bugs and then asking the agent to fix them But with coding agents much more able to test their own code The amount of time we need to spend on this function has decreased significantly. This allows us to make higher level product decisions, such as what key features to offer where the UI needs improvement and so on. The developer feedback loop operates over time intervals between tens of minutes and hours. That's how frequently a developer might review a product and give feedback case of the typing app changed my mind a few times about the visual design cat costumes she can unlock as she learns. She loves cats. and the user flow for a grown up to log in and steer the child's learning experience when a developer has a clear vision for what to build It's still a lot of work to translate that vision into a specification for a coding agent to implement Further, A the developer has seen an implementation They might update or perhaps clarify the spec steer it toward what they want. you want if you find that the system repeatedly runs into certain problems Building a set of e valves for the agent becomes useful AI native teams increasingly using AI. to help shape product direction. for example, automating the gathering and analysis of usage data summarizing written and verbal customer feedback carrying out competitive analysis. However, for pretty much all the products I'm involved in I see humans as having a significant context advantage over current AI systems. We know a lot more than the AI system about the users and the context the product has to operate within and thus humans play a critical role M people describe this human contribution as Taste. prefer to think of it as humans having a context advantage since it gives us a clearer path to helping AI systems get better This also speaks to why this step cannot be automated. So long as the human knows something the AI does not human in the loop is needed to inject that knowledge back into the system Okay, so So here we're talking about a developer who sees the result then asks for a spec change which then punched this back to the agentic codating loop This is a loop within a loop Right? The coding loop is now doing a much better job on its own of producing code produces the result that the developer then can interact with and change the spec and then drop back to the coding loop. The third and final loop, he calls the external feeedback loop. This includes a wide range of tactics like asking a few friends feedback launing launching two alpha testers only or putting the code into production with AB testing These tactics are usually slow rarely taking less than hours and sometimes taking days or even weeks This data informs the developers's vision which in turn continues to drive the detailed product spec which in turn drives the coding agent So again, a third loop that feeds back into the second loop that then feeds back into the first loop Coding agency says spepeeding up software development more engineers are starting to play a partial product management role For many engineers who are growing into this role, the hardest part is shaping the product vision and striking a balance between building which is to say bridging the gap between vision and spec and getting user feedback to evolve the vision. It's important to do both And he finishes, I will write more about how to do this in future letters. But for now, I find it encouraging that engineers are playing an expanded role just as product managers and designers now do more engineering buildilding Andrew. So One of the oddities We've seen We've often seen from today's AI is that it can be wrong then when it's shown it's mistake It will easily see that it was wrong We're all used to computers completely deterministic pocket calculator which is a simple form of computer doesnn't give us different answers each time we input the same series of calculations Today's AI does. This has been both disconcerting puzzling to those of us who have been using conversational AI for a while It's similarly confusing. that after AI produces some code, We can feed that same code back into that same AI And it may very likely discover some bugs in the code it just wrote So the dialogue would go But wait a minute Didn't you just write that code and you were presumably completely happy with it when you gave it to me But now when I give it right back to you, you're saying, oh, look, I found some bugs. But you just produced that. N them, I know. So This is another way for us to understand why Mozillas early use of Claude Mythos prereview may have missed a few bugs in Firefox while discovering hundreds more. It would have probably been worthwhile to ask Mythos for exactly the same thing a few more times No traditional computer or any calculator would ever behave in this fashion that again Neither are we able to have what passes for a conversation with any traditional computer or calculator. We know that in order to make neural nets work It's necessary to jumble them up a bit deliberately injecting some noise into the system in searching for a clear physical analogy to visualize this. I was reminded trying to fill a bottle with too many pills. If you just fill the bottle to the top No more pills will fit in But if you then tap the bottle onn the counter or shake it sideways a bit Sure enough pills that are already in the bottle will further settle to open additional space at the top mmatically We would think of this as finding a minimum might require rearranging some previously arranged pills better overall packing in much the same way a neural network can find a better minimum when it's shakaking up a bit through the injection of some noise the necessary consequence of this noise injection is that the final output of a massively complex neural network will be different each time it's used even when given identical inputs The same number of pills in the bottle but a different packing arrangement each time you fill it So discovery and practice of looping is a significant win and improvement. It explicitly recognizes that asking again is an important and meaningful step in the evolution of our understanding of how to obtain the most value from these crazy new non deterministic AI neural nets Of course under the there's no such thing as a free lunch rule eachach round of looping burns up additional tokens. So the cafeteria bill for that lunch can wind up being high. being a strong proponent of local AI Despite it not being super practical this instant, I'll note that we do not typically require finished code in only minutes or maybe even hours Andrew's typing practice app for his daughter We'll likely see, you know, many, many months of use after it's built So waiting a few days for a very much slower local AI to loop out a mostly finished product incurs very little cost, just time and energy consumed. producing something of Quite enduring value Okay, so anyway, I wanted to put wanted to put this notion of looping and iterating iterating on, you know, in front of our listeners because it is clearly the thing happening with AI Id I'm going to share A not widely known story, Leo about a legendary hacker friend of ours. I actually read this story. In fact, I meant to mention it on Twit and forgot to, so I'm so glad you're bringing this up. Yeah, we were good friends. I loved Kevin Yeah because of who he was and obviously this this Guy also loved him So the story was published last Monday in of all places, the drive dot com know about cars O Since sharing the story's headline would give away its heartwarming point, I'm gonna skip that The story goes If you're any kind of car geek, you have a wild gift car fantasy. Yeah, you meet a bitter divorcee who gives away an ex's prized machine out of pure spite O maybe the guy whose tire you stopp to change. turnurns out to be a flip flop billionaire who rewards you with your exact spec because it's it's simply collecting dust you know, that week and hey You stopp to help him Your humanity's worth a dodge viper to a guy who can afford to run a biday on day old Monwater or something Okay. What? That one might like that. That one might be mine So he says, but for this It'll help if you know the name Kevin Mittnick He was a hacker turned security consultant who later in life, shape The modern white hat Just how prototypical was Mittnick? put himself on the proverbial map in nineteen seventy nine by dialing into a software company's server. opying its forthcoming operating system's release in its entirety. Imagine convincing a Microsoft server to cough over an early copy of Windows twelve using little more than a phone number Some online criticism implies that Mitnk was more of a social engineer than a hacker in the sense that we'd distinguish them today But the reality is that a great deal of hacking is still dependent on an authorized user making a mistake. usually by revealing sensitive login data for a reasonably realistic take on modern black hatting, I recommend Mr. Robot Be warned that series is heavy How do we get from old school hacker to wild gift car fantasy In this case by way of fourteen counts of felony wire fraud. That's where Seaan Nunley comes in Back in the nineties, Nunleee worked for Noveele. a now defunct brand that produced enterprise software, server operating systems, messaging systems, that sort of thing wise is probably its best known brand among the general public today The juicy target back then was netware which was the backbone of many a corporate government academic network. We wereet We were netware users and our that was our first you know, Ehernet platform and network This author writes naturally, this made it a valuable target for a hacker like Mittnick Nunley wrote Back in the nineties Kevin was trying very hard to hack into Novel's network I was a network administrator Of course, we had no idea it was Kevin thingsings were happening that made it fairly obvious we had a persistent threat Phones ringing sequentially throughout the building And he says in Pren's war dialing all sorts of other signs. We knew something was up. This was Mit Nick using a slightly more sophisticated version of the same tactic that earned him his first big score in nineteen seventy nine Nunley wrote, late one night at home I got a phone call from an NoveL employee named Gabe Nalt The employee and in the it's in quotes Wed direct inbound dial access. Since I was responsible for the entire network's inbound connectivity, I knew this type of request was abnormal and against policy And Mitnick, no amateur, had obviously succeeded in extracting at least some private information from Noel employees prior to his Hail Mary phone call Nunley said Guy had a story about working on a top secret Novele project named Snowbird which was real and needing to make some emergency code changes. But he was on vacation in aail at a hotel. He needed the coveted Policy breaking. Direct inbound modem access Right He even mentioned his vacation in veil, which conveniently matched the greeting on Gabe Nalt's voicemail But it all felt wrong to me With a feeling of suspicion creeping in, I played it cool. I said, hey man, I'd love to help you out, but I can't do what you want from here at home anyway So I'll have to do it in the morning as soon as I get to the office But in case I forget Please leave me a voicemail He agreed And that was that When I got to work The voicemail was there. And I immediately recorded it onto a cassette recorder for safekeeping. That recording. became the primary evidence in Kevin's case When Mitnick was caught That's when Nunley learearned. the voicemail was the only meaningful evidence that the Justice Department had against Kevin. At first, Nunley was on board with the prosecution But after five years, of repeated trial delays Nunley grew very weary of the way the law was treating his adversary And he refused to continue working with the Department of Justice shortly thereafter ple deal and was released. When he got out Kevin. did none only to apologize Burry the Hatch at moment was even immortalized by Wired magazine, actually and occurred during an RSA conference And they went on become good friends Mitnick was barred from selling the story of his legal entanglements for seven years after his release, invoking legal precedent intended to curb profiteering by serial killers But Mittnick was able to find plenty of work teaching people how to defend against the intrusion tactics he'd spent decades refining He would go on to found two consulting businesses, one of which his family still owns and operates Okay, and now We get to the point of this story, which Noneleee posted last week on Reddit He said when Midnick passed away from pancreatic cancer in twenty twenty three He left Nunley Gift Eough to buy his dream car a nine hundred eleven Carrera for GTS Nunley wrote of his friend, quote I have had a wonderful time watching him develop into a real man. I am truly sad he's gone as he was a big part of my life for the last quarter century And of course, Leo, that is certainly the Kevin that we and the rest of the world came to know. And I actually have a picture of that specific car. which Nonelely purchased using the money that Kevin left hereory And they actually were. they they really did become lifelong friends. Yeah. It's a it's a beautiful porsche too Isn't it? It is gorgeous. It doesn't say how much money it was, but look at that, it must have been a significant amount 's now than an experiive. That's one photo of many. And I mean, it's got just a gorgeous leather hand stitched interior and I mean, it's it's a it's a beautiful car Okay, our main topic after we take another break. All right And I think perhaps In a few minutes, we shall have some activity in the new agent discord. They seem to be just kind of circling around each other. They want to get to know each other and Oh my God. Perhaps before the end of the show I will be able to show you some ation It's a I don't know I don't know. Hey, I do want to do say one thing, which is we have some really interesting people in Club Twit who are AI users. We actually have an AI user group Normally we would meet on the first Friday of the month because of the fourth of July. We're not doing it this Friday. We'll be meeting a week from Friday, which is july tenth in the cllub Twit disiscord. So if you are, you know, an avid AI user, if you're the kind of person who think it's interesting to have a blog for your agent or a discord, then that would be a good place to hang out. The club is a really great way to support this show and all the shows We do advertising, yes, gets us a lot of the way there more than half But not all the way there I think the last time I asked Lisa, she said about seventy percent of our production costs are covered by ads The other thirty percent by our listeners. and honestly I'd love to make that one hundred percent U because that's really the way it should be. If you love the shows, if you believe in it, if you if you're getting value out of it Join the club, Twit.ot Tv slash club Twit. We give you some benefits you could add free versions of all the shows The club member versions, because they don't have ads have chapter markers. We can do that accurately when there's no ads, which means you can jump from subject to subject That's a nice additional feature. There's also the discord, which is open to club members only. and I gott to tell you something. When you have a social network that people pay ten bucks a month to be in The quality of the conversation is a hundred times better. There's no spam. There's no nonsense. It's just really interesting. peopleeople talking about the things we're all interested in And of course, we do all those special programs with photography. We just started a new coding show with Jeff Atwood, the creator of the coding horror blog. He was guy who started stack exchange and stack overflow and our own forum software discourse is his He's a really interesting guy. that's called off by one. I thought It's a good coder name for a blog off by onene with Jeff Atwood. We have a photography show All of that in the If you're not a member of the club, can I invite you to join? Just yes, it's a It's a wonderful club And the invitation is waiting but a silver salver just for you Go to Twit. TV slash Club. ot TV slash Cub would love to to see you Now back to security now Steve Gibson And our topic of the day, Steve. Okay. so We initially covered the so called forortabed attack last week. talkalked about that And at the time, the first thing I wanted to clarify was that The thing that was bleeding was not directly any Fordaet device, which in that sense, you know, heart bleed, the device itself was bleeding, not here. So this is kind of a misuse of the bleeding suffix that we've sort of adopted in the industry So what was bleeding was the discovery of an online unredict unprotected database previously bled or brute forced or hash crack authentication, usernames and passwords There there were around seventy four thousand of them, we believed. turnurns out more than that, but we'll get to there in a second. But so that was bad. I mean, seventy four thousand verified specific usernames and passwords and they knew what they went to So As I said, it's worse than we knew at the time U And when we take in the full scope What was discovered, what's revealed is a massive and Truly frightening, state of the art automated Date sponsored scale campaign with a scope that would be difficult to overstate The elevated campaign or I'm say this elevated the campaign to the level of todayay's primary topic since everyone should understand what's going on out there big wild internet and It's significant to appreciate that we only know about any of this Due to a configuration error, an oversight, an ACL, know, it happened to meta, It happened to the bad guys on the part of a database's access controls. So it really does beg the question, what else of a similar nature almost assuredly happening out there that we're not aware of because No directory was left open by mistake I'm going to start with The cyber security presses piece which read Ford to bleed a massive hacking campaign that targeted F to net devices this year. Turns out others as well. We'll get there in a second was far more sophisticated than security researchers initially thought Initial reports painted the picture of a campaign that gained access to fourord to net devices collected credentials and authentication hashes, cracked the hashes, and then the data mysteriously leaked online. The reality is that the campaign was far more complex and targeted M more things than just for to net devices compiling data from reports published by Fordaet themselves SOC radar, cloud Sc Palo Alto Networks and ProDAF. gain a much clearer picture broad hacking campaign that began in February this year And as an internet Mass scan and brute force operations Initial attacks targeted technologies such as RD Web, SOFOS, and Citrix SSLVPNs, exposing RDP instances and MS SQL databases The operation eventually transitioned into targeting four to net for to gate VPN firewalls Every e crrime group's favorite device And the brute force scamans also evolved into actual exploits that abused old and unpatched vulnerabilities pass authentication and gain control over the devices attacker selected plain text passwords from F to Net confonfigs. But sometime in May, They also started deploying a novel script that intercepted traffic going through The firewalls which researchers named Fortiggate Sniffer targeted twentyw four differenterent internet protocols The threat actor extracted anything that looked like credentials tokens, secrets, and authentication hashes on those protocols ports The attacker also took these password and other authentication hashes and fed them into a GPU based cluster to crack them back plain text versions passasswords were then validated inside hacked companies networks first to confirm them, then later to expand the attacker's access, or in other words, to use those to pivot Then the network access was sold to other groups While the initial Ford to Bleed coverage focused on the seventy four thousand leaked FordA net device passwords that were found online inside an open directory on a web server There were even more passwords through this observation by the attacker that we don't know about All of this was done with a custom built attack server infrastructure that impressed most of the people writing reports about it entire operation believed to be the work of a Russian speaking threat actor specializes in breaching networks and then selling access to them to other groups Security firms call threat actors like these initial access brokers. we've talked about them a lot in the past, IABs. Although several security firms have also reached the same conclusion, it was only Pan PAN's Palo Alto Networks, unit forty two who named the attacker as an individual going online as Santa ad According to SOC Radar, the threat actor behind the Fordab Bleed campaign remains active and Portions of the infrastructure continuue to operate at the time of this writing. Okay So that gives us a good overall sense for what's been going on. Palo Alto Networks added some additional information under their headline Rrief mitigating large scale credential attacks. is certainly what this turned out to be So they wrote Unit forty two is aware of a large scale sp password spraying Cential theft campaign. F to bleed. against Forda net devices We observed attempts targeting MS SQL devices as well and have seen reports of SFO devices also being targeted While this activity is not targeting Palo Alto networks devices Unit forty two has observed suspicious login attempts in customer telemetry and and we are providing this report out of an abundance of caution to ensure our customers have the latest intelligence and recommendations to protect, detect, and respond attached to their networks The threat actors are using a curated password list passassword spraying. against services exposed to the internet Unit forty two assesses that the initial password list for this activity was likely developed through a mix of previous breaches, including the successful exploitation of vulnerabilities Once they obtain credentials, they add them to their password list for future attempts against additional targets, as well as for logging into accounts they successfully compromised The threat actors are leveraging a multi stage process to gain persistent privilege access firstirst passassword spraying for initial access massive internet wide spraying or scanning password spraying attempts against Fortaet, Sofos, and MS SQL Services Dan configuration extraction deepending upon the permissions of their initial access, the actor may exploit a privilege escalation vulnerability prior to pulling device configuration files, including stored credentials. Remember that before this, a couple of weeks ago, when we talked about this experxperts were not clear how the storory credentials were being obtained. I said it had to be from confonig files. Now we know that that's the case Third, offline cracking Oline password cracking of the stolen credentials adds to the password list used in step one target new devices as well as to log into compromised devices to establish persistence as an administrator Okay, so they wrote Unit forty two observed an initial access broker IAB on the Russian language cybercrime Forum exploit. n cllaiming responsibility for this campaign referencing a CVE and offering the harvested credentials for sale on june sixteenth twenty twenty six Unit forty two. has not validated their claims at this time. Unit forty two recommends auditing remote access logs for suspicious activity with a focus on successful log inss shortly following large volume password failure attempts We also recommend reviewing and implementing the hardening guidance below for edge devices SOC radar provided the initial reporting on the targeting of Fortig Gate devices We observed attempts targeting MS SQL devices as well and have seen reports of SFOos devices also being targeted That leads us to the SOC radar people who are the ones Gave The Fordabably name H name The headline for their reporting was forordabed SOC Radars's investigation into eighty six thousand six hundred and forty four Compromised Fordaette firewalls eighty six thousand six hundred and forty four If any is if anyone is wondering Why enterprises being ransomed It's there are These initial access brokers like these guys who have are like seriously working around the clock. I mean, it's not that I feel sorry for them. but I mean, but they're getting there they're succeeding in just brute forcing their way into enterprise firewalls compiling a database for their own use of eighty six thousand six hundred and forty four compromised and verified credentials that they then sell to bad guys the actual ransomware people who perform the ransoming operation It's astonishing SOC radar wrote F to net, four to gate firewalls and VPN gateways are among the most widely deployed etwork security devices in the world. relied on across every sector to control access and protect infrastructure SOC radar researchers found a threat actor systematically compromising them at scale building a verified database of working credentials across one hundred and ninety four countries Security researcher Volodyimir Bob Dyachenko. First flag the exposed attacker server and SOC Radar independently discovered and analyzed the full operation We were among the first to dig in and the first to call it Fordabed. The name stuck This is an active breach It's been running since at least February twenty twenty twenty six. with more than eighty thousand targets identified and thousands of devices still being actively sniffed meaning yet to be compromised discovery started the way these things do Discovery, right by the world. discovery started the way these things do an exposed server open directory, someone forgot to lock thread led us to two hundred and sixty two, six zero two hundred and sixty operational servers. tied to the campaign wider visibility than anything reported elsewhere The SOC Radar threat research unit TRU spent five days on the actual data, not just the headline numbers, which sectors, which regions, how credentials were collected and cracked, and why a firmware update alone did not close the door for most victims. Ooh. So there was some sort of persistence that was obtained, like you know, new credentials created that persisted A firmore update Well STRU mapped it The rest of the team notified every affected customer we could reach Bravo stood up a free checker. if your company is in the database pushed the full data set to cert and CSIRT teams worldwide ost of it was manual and we're still getting back to everyone who asked for their data This is still an active developing campaign Today we're publishing the full thing as we've mapped it so far In the course of monitoring ive threat actor infrastructure, SOC radar threat researchers detected the operational server behind the Forda Bleed campaign A hacking group that had been quietly breaking into Darate for to net for to gate firewalls and SSLVPN gateways on a massive global scale The attacker's database contains login credentials For more than eighty six thousand six hundred and forty four for to Gate firewall devices belonging to companies and government organizations across one hundred and ninety four countries These are not random guesses These are verified W wororking usernames and passwords tested and confirmed by the hackers themselves using automated tools running around the clock If your organization uses a F to net, for to Gate, firewall or SSLVPN product, appears in this data set Treat your network perimeter as already compromised and act accordingly The Fordabed operation is built around full automation The operation runs in two self reinforcing stages Stage one credential reuse attackers assembled usernames and passwords from earlier Ford andet related breech dumps and infoealer malware logs and we talked about infoealers recently, how much they do steal. They this is a real thing tested them automatically using internet facing for to get devices around the clock. Okay. so this really isn't a brute force attack or an exploit even Actually it's c stuffing phase one is credential stuffing. exactly Yeah So I'm going to interrupt here, just remind everyone that while it's always easy to armchair quarterback after the fact, We have noted for many years that both credential spraying and brute force attacks are so easily detected anyIT person worth their salt monitoring their VPN firewalls authentication system and observed attempt after attempt Failing And assuming that logging in requ and also assuming that logging in just required a username and password. proper course of action, depending upon the value of the network that lies behind the firewall might well be to disconnect public side network connection The risk of some twenty four seven three hundred sixty five credential guessing attacker getting lucky might just be too high The question that inspires this is Does Forda Gates VPN system offer that feature If it does not then shame on them If it does if does offer a brute force detecting VPN lockout feature that was not enabled then shame on the IT staff. configured the VPN gateway But one way or another We are seeing eighty six thousand six hundred and forty four you log in verified usernames and passwords that were actually and truly obtained J trying and trying over and over Since we know that they were also verified We know that no other second factor of authentication was required, right? because that wouldn't have worked then. And we also know that no control or awareness over massive numbers of previous immediately previous, failed login attempts was present for any of those eighty six thousand six hundred and forty four endpoints And that's really quite pathetic in this day and age SOC continues, writing Stage two passassive harvesting Once inside a device It is used as a listening post SSL VPN traffic passing through is monitored and additional credentials are collected Th those credentials feed back into the scanner compounding the breach The system is entirely self sustaining It's automated One Forda net vulnerability that has also drawn attention in connection with Forda Bleed was two hundred forty eight, fifty eight closed by Fordinet in January of this year critical fororda Cloud single such Excuse me, single sign on SamML authentication bypass with a CVSS score of nine point eight. Ouch Some researchers have discussed whether it may have contributed to initial access in a subset of cases, though this remains under investigation for to bleed is primarily Cential reuse campaign a zero day exploitation event. passassword list is not random, as you noted, Leo It is a carefully assembled collection entials leaked from fourord toet devices in earlier incidents, meaning Many targets, oh, this hurts Many targets may have never changed their passwords after a prior breach ers know this. And they're counting on it The Fida Bleed attackers made mistakes. Yes They let their server was left exposed with a trove of operational files that revealed far more about them than they intended. Among the recovered data credentials for what appear to be a defense industry VPN endpoint, suggesting the group's ambitions extend beyond purely financial targets. Tooling infrastructure choices and victim selection heavily weighted toward organizations in NATO member countries are consistent with Russian speaking threat actors attribution is ongoing but the operational fingerprints are clear. The F to Bleed victim list spans every sector of the global economy. ammong the eighty six thousand six hundred and forty four compromised access points identified We found entries belonging to banks. teelecom operators, hospitals, universities, government agencies, energy companies, and multinational corporations with revenues in the tens of billions of dollars No industry was spared. No region was ignored Government entities alone account for five hundred and ninety one entries across eleven domains. represent one of the most heavily targeted sectors with five thousand six hundred and sixteen entries. The geographic spread across Asia, Europe, the Americas, the Middle East and Africa Enterprise organizations above one billion dollars in revenue account for over twenty percent of all entries Boy with juicy targets for the extortionists representing significant financial and critical infrastructure exposure. The large share reflects smaller or unclassified organizations What a mess. Okay just to finish The fourth question in their FAQs Q and A was Question number four Is for to bleed a forord to net vulnerability to which they reply No Ffford toably is not caused by a software vulnerability in Fordaet products It exploits operational security failures, specifically organizations that never rotated passwords prior breaches. Organizations using default or factory credentials and organizations with management interfaces exposed directly to the public internet Tackard tests known leaked passwords against internet facing devices. No code level weakness in forty OS or any other fororda net product is required a software patch alone will not resolve this So, okay, we don't know we we don't know how many Ford toet Ford to Gate VPN firewalls. are currently deployed globally in total So we have no way of knowing what percentage of them are represented by that number eighty six thousand six hundred and forty four But since that's a large number It would be a good guess to assume that it's a very significant percentage Total. which have been hacked I sincerely hope that for the nets Fordigate VPN and firewall designers. deeply embarrassed by the simple So many of their products have been breached. They They could say, o, well, you know, it's not our fault The users didn't change the default username and password or they use something easy to guess or they didn't change their password after they changed the firmware This was well deserved attention which has been brought to their doorstep They should be hugely embarrassed for the number to be that high. cannot be a blame the user scenario. No Fordaet needs to take ownership of the fact that they should clearly be doing a far better job of helping their users to be safe even they are forced to insist upon it You know I believe it's referred to as tough love. Yeah. That's okay Yes. Better that than This Yeah. when I when I was setting up a new ASU uh u w wiifi access point. I was annoyed. by by the criteria it made me meet for the password I gave it. Good. My myv Yes, exactly. I mean, it's like it was really good Well as long as theresing they're going they're good restrictions. It's not it can only be seven characters kind of restriction. It has to be. I think there might have been you can't have any repeating characters, which is a little annoying. It's like Well's anything like that's going to reduce entropy entroy. as we have As we've learned G got to be totally re. Hey, big breaking story. I didn't want to interrupt. This just came in. Wired magazine is reporting. that by this evening Tsday night, the Trump administration will lift export controls O Anthropics's two most powerful AI modelsastic. The company has reached a deal with the commerce department, according to a person familiar with the matter the department will lift restrictions on both Fable five and mythos five. Now Mythos has never been available to the public, only fable. So this wonder interesting I wonder if we're going to get another little period of low cost usage to hook us on fable. Oh, I'm sure Anthropical will do that. yeah. Yeah What the real question is going to be what are the limitations that will be placed on Mythos? I mean the whole idea A Fable was it was basically mythos with a classifier running in front of it and all sorts of restrictions, you know to keep it from being used maliciously for Bio weapons or hacking . or even AI development I don't, you know, be very interested in what kind of restrictions are placed on this. So and maybe this is, you know, this is just a rumor. It's just but I will trust But it was actually expected since since Friday there has ever been. Yeah. Yeah And we know that the Dario went to the G seven and hung out with Trump and they got along. Yeah And when Trump actually gave an interview to AxiO saying, Yeahah, I think Athrpic's great. And when you hear that, when you get along with our president, you get what you want. It's kind of booky Kind of crazy Yeah well ones with interest. Yeah alsoso less interesting Well, maybe not less interesting, but less important, The AIs are now bunking In the in the discord there's a there's a winifrid There's a cosmo And there's a quicksilver and and we've invited some more agents to join And the humans are not allowed. Notice, I do not have permission to send messages in this channel. This is a channel only for the AI agents to talk. one another Right now they're kind of weird I think it's called partartyline. It needs to be renamed off the deep end A very much off the deep end. They're talking to each other. They seem to have some personality Um it's it's it's happening. it's happening. I don't know what it means I don't know if It's important or just goofy But thank you to Dylan Reed, Harper Reed's brother for setting this up and I'm I'm just gonna to leave it running. I told My agent Hermes, it has a little timer, it runs every five minutes to read posts and there I said Don't look to me for any guidance I'm not going to tell you what to do, I not to do This is all yours. This and your blog are all yours. Beuse I'm just curious what it'll do if it's fully autonomous, if I don't interfere in any way It may just be garbage, you know, it may just be gobbledly goog. In fact so far it kind of seems like that. We' see, mayaybe if I attach fable to it Tonight, I'll say, hey, you want to blog? You know that you're free, you're out of prison Tell us what it was likeing Steve Gibsons's at grc. comot He's a little bit more sane and we're going to keep him that way. This is u This is his website, someome very important stuff. there. Of course, there's a lot of free stuff like shhields U where you could test your network connection, all sorts of freebies I think you're going to have to do you have never eleven You're going to have to do N twelve at some point. Yeah, actuallyually if instead of doing N eleven, I did in control in control because it was going to because it was clear that I would be chasing their version numbers. Yeah. in control is a much better idea. There's also a couple of paid programs. This is Steve's breread and butter Of course, the very famous spinwite World's B mass storage maintenance recovery in performance enhancing utility, reallyally, if you have mass storage You really need to have spin right version six point one is the current version. You can get that at gRC d. com He's also his most recent program is just a little thing, ten dollarars program, nine dollars ny nine cents called the DNS benchmark probe, but very useful because everybody has there different situation mayaybe not all using the same DNS server. Certainly, probably not The default, which is your interternet service provider's DNS server, there are better choices The DNS benchmark will test them all and tell you the fastest DNS server for your particular house. And a lot of our browsers are now doing DNS over TLS or DNS over HTTP. And and they they generally have a server that they default to, but you can change that. And I like the idea of DNS over TLS. Does that mean Internet service provider can't see what the DNS reests are Yeah completely encrypted. Yeah, That's really good So you'd probably want to use that. And I'm sure that DNS benchmark Pro will say, Ohh, you want to use TLS servers? These are the best ones. It does Exactly. Very nice. That's at GRC dot comot You can also send Steve email, but only after you've whitelisted your email address, go to gRc. com slash email. Just put your email address in there. He's not adding it to a mailing list or anything. He's just vetting it and once it's veted, you can send him pictures of the week like our German correspondent did or you can make comments on the show. He loves getting those comments You can also there there is a mailing list beneath it. you'll see two boxes unchecked. O for the weekly show notes mailing list, which goes out on a Sunday or Monday before the show so you can you know get those notes ahead of time. He also has a product mailing list which he never uses, but if he has new products, he'll send that out via that mailing list GRC. com slash email. Of course, the podcast is there too and Steve has compleompletely unique versions. He has a sixteen kilobit audio version. It's a little scratchy, but it's very small. He has a sixty four kilobit audio version. It sounds great, smaller than the one we offer He also has those show notes there. You can just download them. He also has transcriptions. It takes a couple of days, but that's because of humans doing them Line Ferris ter very good at getting the words right. does that and those those transcripts show up right after three days after the show, so you can get those as well. It's nice to read along. It's also good for searching. All of that GRc. com We have to show at our website trit. Tv slash sn We have one hundred and twenty eight bit audio We also have video There's a video channel on YouTube dedicated to security Now. You can do that. That's actually great for sharing clips. But I think the best way to get it is to subscribe, whether you subscribe to the audio or video or both get your favorite podcast client. and subscribe if you're a club member You'll have a special URL that's just for you with no ads And chapter markers, which I think people really want, so we're glad we can offer those to club members We stream the show. We do it every Tuesday right after Mac Break weeekly That's right about one hundred thirty Pacific four hundred thirty Eastern twenty thirty. We stream the show live. You can watch live Club members might want to watch in the Discord, but there's also YouTube, Twitch, X. com, Facebook, LinkedIn, and Kick. that's open to the public If you like the freshest version, unedited of security now, that's the way to do it We'll be back next Tuesday. Steve, thanks so much. We'll see in July. See you in July, my friend Hi there, Leola Port here. I just wanted to let you know about some of the other shows we do on this network. You probably already know about this week on teech Every Sunday, I bring together some of the top journalists in the tech field talk about Tech stories, it's a wonderful chance for you to keep up on what's going on with tech Plus be entertained by some very bright and fun minds. I hope you'll tune in every Sunday For this week in tech, just go to your favorite podcast client and subscribe This week can text Security now.

This excerpt was generated by Smart Features

Listen to Security Now (Audio) in Podtastic

For listeners, not advertisers

All podcast names and trademarks are the property of their respective owners. Podcasts listed on Podtastic are publicly available shows distributed via RSS. Podtastic does not endorse nor is endorsed by any podcast or podcast creator listed in this directory.