Daily Brief

Two suspected China-linked espionage groups, UNC5325 and UNC3886, have been exploiting Ivanti Connect Secure VPN vulnerabilities to deploy new malware. Malware, including LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, and PITHOOK, are used to maintain persistent access on compromised networks. The groups target the defense industrial base, technology, and telecommunication sectors in the U.S. and Asia-Pacific region, with moderate confidence in their association due to code similarities. Attackers have combined the SSRF vulnerability CVE-2024-21893 with a command injection flaw CVE-2024-21887 to gain unauthorized access and deploy BUSHWALK. Malicious plugins such as PITFUEL and PITDOG are employed to load persistent and tunnelling capable backdoors like LITTLELAMB.WOOLTEA and PITHOOK. Mandiant reports these activities demonstrate the threat actors' sophisticated understanding of the target appliances and ability to evade detection using living-off-the-land techniques. Additional threat groups associated with China, such as Volt Typhoon, target critical infrastructure for reconnaissance, aiming to exploit vulnerabilities for potential future attacks.

President Joe Biden has issued an Executive Order aimed at preventing the mass transfer of U.S. citizens' personal data to high-risk countries. The order puts restrictions on the sale of sensitive data including genomic, biometric, personal health, geolocation, and financial information to countries deemed a threat to privacy and national security. Data brokers and companies have been known to sell personal data to foreign entities, which can be utilized by intelligence services and foreign militaries for surveillance and other malevolent activities. Researchers have found that sensitive data about military personnel and their families can be obtained cheaply, raising counterintelligence and privacy concerns. The Executive Order will prompt federal agencies to set regulations that safeguard personal and government data from exploitation, and establish security protocols for commercial data access agreements. The U.S. Justice Department recognizes China, Russia, Iran, North Korea, Cuba, and Venezuela as countries of concern regarding data misuse. The order also specifies requirements for the Departments of Health and Human Services, Defense, and Veterans Affairs to protect sensitive data accessed through federal grants, contracts, and awards. Criticism of the order includes concerns that it doesn't encompass all authoritarian regimes that pose a risk and may not adequately prevent data from being relayed to other adversary nations such as China.

Acemagic, a Chinese PC manufacturer, acknowledged shipping products with pre-installed Bladabindi and Redline malware. The malware discovery was initially reported by The Net Guy, a YouTuber who found it shortly after booting Acemagic mini PCs. Bladabindi malware is a backdoor that can steal user information, while Redline can inventory systems, extract browser data, and steal cryptocurrency. Acemagic attempted to explain the incident by stating their developers modified Microsoft source code and network settings to improve boot times, leading to the malware infection. The company has offered full refunds for affected machines made between September and November 2023 and posted clean system images for users to disinfect their PCs. Infected model numbers include the AD08, AD15, and S1, with manufacture dates indicated on stickers on the machines. Acemagic has committed to strengthening its digital certificate usage to prevent unauthorized software modifications in the future.

The head of ASIO, Mike Burgess, articulated concerns about foreign adversaries targeting Australian critical infrastructure for potential sabotage. Burgess highlighted that the intersection of physical and cyber aspects of infrastructure increases vulnerability to cyberattacks. There has been an increase in activities from terrorists, foreign spies, and extremists interested in sabotage, with one nation-state frequently scanning critical infrastructures like water and energy. The speech mentioned the term "The A-Team," referring to a foreign intelligence service-run group targeting Australians with access to sensitive information via professional networking sites. A former Australian politician was mentioned as having been recruited by "The A-Team," providing them with significant insider information and attempting to involve others, including a prime minister's family member. ASIO disrupted several schemes where Australians, including academics and aspiring politicians, were approached to provide internal confidential information. Burgess emphasized the importance of developing a robust security culture, with further guidance forthcoming from ASIO and reference to the Signals Directorate's Essential Eight infosec strategies.

ALPHV/BlackCat ransomware gang claims responsibility for a significant cyber attack against Change Healthcare. The attack impacted thousands of pharmacies and hospitals in the US, disrupting the healthcare operations. The criminals allege to have stolen over 6TB of sensitive data, including personal and medical information. Experts advise skepticism towards the gang's claims, as ransomware criminals often exaggerate to pressure victims into paying ransoms. UnitedHealth Group (Change Healthcare's parent company) is collaborating with law enforcement and cybersecurity firms like Mandiant and Palo Alto Networks in response to the attack. Despite initial beliefs that a nation-state actor was responsible, evidence surfaced pointing to the financially motivated ALPHV/BlackCat group. The FBI and other federal agencies have warned healthcare facilities about the heightened risk from ALPHV, advising on mitigation strategies like the use of multifactor authentication and network vulnerability remediations. The exact method of initial access for the cyber attack remains unclear, with speculation around exploiting ConnectWise vulnerabilities being dismissed by the culprits.

University of Maryland computer scientists create BEAST, a method for quickly generating harmful prompts that exploit large language models (LLMs). BEAST (BEAm Search-based adversarial aTtack) achieves a 65x speedup over traditional gradient-based attacks, taking as little as one minute of GPU time. The technique has an 89% success rate in generating prompts that "jailbreak" LLMs, significantly higher than the 46% achieved by the best baseline method. BEAST operates by using token probability scores and beam search algorithms to derive prompts that elicit problematic responses from LLMs such as Vicuna-7B. Adversarial prompts developed can potentially be used for social engineering attacks since BEAST allows for tunable parameters that can make the prompts more readable. The developed approach can also induce "hallucinations" or untruthful responses from models and enable membership inference attacks, raising privacy concerns. While the method is potent, the researchers note that thorough safety training of AI models can mitigate such attacks, demonstrating the need for provable safety guarantees.

University of Maryland researchers have created BEAST, a method for breaching the safety protocols of large language models (LLMs) with adversarial prompts. BEAST stands for BEAm Search-based adversarial aTtack, and is significantly faster than previous methods, enabling attacks within 60 seconds using an Nvidia RTX A6000 GPU. The adversarial prompts generated by BEAST have an 89% success rate in "jailbreaking" models, surpassing the 46% rate of current baseline methods. The method works by exploiting the token probability scores from the model's final network layer, allowing it to potentially attack public commercial models like GPT-4. In addition to eliciting harmful responses, BEAST can also create prompts that result in inaccurate model outputs or compromise privacy by performing membership inference attacks. Safety training of AI models can mitigate the risks posed by BEAST; the LLaMA-2 model's resistance to attacks serves as a testament to effective alignment training. The researchers emphasize the importance of developing provable safety guarantees for the responsible future deployment of powerful AI models.

Anycubic 3D printers were hacked globally to alert users to a security vulnerability. Hackers left a message via a gcode file on affected printers, stating the printers had a critical security bug allowing remote control via the company's MQTT service API. The hacker's message suggested Anycubic should open-source their software, criticized the security of the MQTT server, and claimed that over 2.9 million devices received the warning. Users were advised to disconnect their printers from the Internet until Anycubic addresses the vulnerability. Customers have reported a forum post by an anonymous party detailing two critical vulnerabilities, after allegedly trying to reach Anycubic for two months without success. Anycubic is gathering data from affected users to assess the issue, meanwhile, the Anycubic app experienced network-related disruptions. Anycubic, with over 1000 employees, is a major 3D printer brand and has reportedly sold more than 3 million printers worldwide. An official statement on the incident is pending.

Over a hundred AI machine learning models on the Hugging Face platform were discovered to contain malicious code, enabling backdoor access to users' systems. Hugging Face, known for AI, NLP, and ML collaboration, faces significant security risks despite robust scanning measures for malware and unsafe behaviors. JFrog's security team deployed an advanced scanning system, revealing malicious functionalities in models for PyTorch and Tensorflow on Hugging Face, excluding false positives. A recently removed PyTorch model was found to establish a reverse shell to an external host, demonstrating the potential for data breaches and espionage. Malicious code was hidden in the model files using Python's "pickle" serialization method, circumventing typical detection mechanisms. The intentions behind these uploads may vary, with possibilities including AI researchers' experimentation and attempts to bypass security for bug bounties. JFrog's report emphasizes the need for increased vigilance and proactive defenses within the AI ML ecosystem against such hidden threats.

President Joe Biden has signed an executive order to prevent the bulk sale of private data of U.S. citizens to countries like China, Russia, Iran, North Korea, Cuba, and Venezuela. The order empowers the Justice Department to obstruct transactions that threaten national security by exposing Americans' sensitive personal data to adversaries. New regulations will be established to limit or prohibit data transactions that pose a national security risk, particularly focusing on genomic, biometric, personal health, geolocation, and financial data. The order also targets commercial data brokers to prevent them from selling personal information that can be used for surveillance, scams, and blackmail by "countries of concern." The sale of sensitive personal data is considered a privacy and security risk for U.S. citizens, especially those associated with the military or national security sectors. The Federal Trade Commission recently banned two data brokers from selling precise location data to protect individuals from being tracked and to maintain the privacy of sensitive information such as religious and medical details.

The Rhysida ransomware gang claims to have executed a cyberattack on Lurie Children's Hospital in Chicago, demanding a $3.6 million ransom. As a result of the cyberattack, Lurie Children's Hospital's IT systems were taken offline, disrupting various medical services and patient care. Sensitive data including ultrasound and CT scan results were compromised, resulting in the healthcare provider resorting to manual record-keeping methods. Rhysida has threatened to sell the purportedly stolen 600 GB of data for 60 BTC unless their single-buyer ransom is met within a seven-day deadline. The attack continues to cause service delays at the hospital, with MyChart still unavailable and prescription processing being performed manually. The hospital has made accommodations such as extending billing timeframes and waiving no-show fees due to the affected payment systems. A potential vulnerability in the Rhysida ransomware was recently published, which may provide a method to decrypt files without paying, but its efficacy on the most recent attacks is unclear.

Kali Linux 2024.1, designed for cybersecurity professionals, includes a refreshed theme and desktop changes. The first 2024 version adds four new tools for penetration testing and security audits. Visual updates feature new wallpapers, boot menu, and login display improvements. Desktop enhancements include copying VPN IP addresses with Xclip on Xfce and replacing the image viewer with Loupe on Gnome. Kernel has been upgraded to version 6.6, ensuring up-to-date hardware support and security. Users can upgrade existing installations or download new ISO images to access the latest version of Kali Linux. For those on Windows Subsystem for Linux, an upgrade to WSL2 is recommended for an optimal experience.

The BlackCat/ALPHV ransomware gang has attacked Optum, a subsidiary of UnitedHealth Group, responsible for managing the Change Healthcare platform. Change Healthcare, a critical payment exchange used by over 70,000 pharmacies, reportedly suffered an outage due to this cyberattack. BlackCat claims to have stolen 6TB of data, including sensitive information from healthcare providers, insurance companies, and pharmacies. Stolen data may include source code for Change Healthcare solutions and personal data from entities such as Tricare, Medicare, CVS Caremark, and MetLife. The attack affected services, but Optum officials stated that most pharmacies have transitioned to alternative electronic claim procedures. Federal agencies including the FBI, CISA, and HHS have issued warnings about BlackCat's focus on the U.S. healthcare sector, with the group being tied to numerous attacks since late 2021. The U.S. State Department is offering a reward of up to $15 million for information leading to the identification or location of the leaders behind BlackCat ransomware attacks.

The LockBit ransomware group has resumed attacks using newly updated encryptors and establishing fresh servers for operations. Law enforcement agencies including the NCA, FBI, and Europol had disrupted the LockBit operation through 'Operation Cronos', which resulted in infrastructure seizure and decryption tool recovery. In response to the takedown, LockBit has vowed to enhance security against law enforcement intrusions and has already set up a new data leak website with a defiant message to the FBI. Researchers at Zscaler have identified updated ransom notes in the wild, pointing to the gang's new Tor-based infrastructure. BleepingComputer confirmed that the negotiation servers are operational again but are specific to recent victims of the ransomware's new encryptors. Despite the recent takedown, LockBit, which previously had around 180 affiliates, is making efforts to recruit experienced penetration testers to strengthen its ranks and escalate future attacks. The long-term strategy of LockBit remains unclear, with the possibility of rebranding, but currently, the group continues to pose a significant cyber threat.

North Korean Lazarus Group hackers leveraged a zero-day vulnerability in the Windows AppLocker driver to achieve kernel-level access. The vulnerability, CVE-2024-21338, was noticed by Avast analysts and subsequently patched in the February 2024 Patch Tuesday updates. The updated version of the Lazarus rootkit, FudModule, showcases significant stealth improvements, capable of disabling security tools such as Microsoft Defender and CrowdStrike Falcon. The FudModule rootkit uses advanced techniques for evading detection and maintaining persistence on infected systems. Avast uncovered a previously undocumented remote access trojan (RAT) related to Lazarus, which will be further detailed at BlackHat Asia in April. This exploitation method signifies a major evolution in the capabilities of Lazarus, allowing for more covert attacks and prolonged presence on compromised systems. Security practitioners are urged to apply the latest patches to mitigate risks associated with the exploited Windows zero-day vulnerability.