SANS NewsBites

CISA Fights SQL Injection; Attackers Target AI Framework; NVD Update

March 29, 2024  |  Volume XXVI - Issue #25

Top of the News


2024-03-26

Secure by Design Alert: SQL Injection Vulnerabilities

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have published a Secure by Design alert, which urges software manufacturers eliminate SQL injection vulnerabilities from their products. The alert notes that “the software industry has known how to eliminate these defects at scale for decades,” and urges manufacturers to bake security in from the very start of the development process.

Editor's Note

I always consider SQL Injection the "least necessary" vulnerability. They are easily prevented, and one of the easier vulnerabilities to identify. The critical SQL injection vulnerabilities reported in many critical enterprise products are an indicator of how "Ship Fast" will always beat "Secure by Design". Use announcements of SQL injection vulnerabilities, in particular repeated and critical vulnerabilities that can lead to code execution, as the canary to tell you to run from a vendor.

Johannes Ullrich
Johannes Ullrich

We know how to solve most SQL Injections, but there is no reason that this bug should exist. Yet here we are with a developer writing software that concatenates SQL into the parser from the user. This is solvable; let’s solve it.

Moses Frost
Moses Frost

CISA began issuing Secure by Design alerts in GFY24. This is the fourth such alert. In the short term, the alerts provide useful secure by design principles for product vendors. In the long term, the alerts can be used to build the case for legal liability claims against product vendors that ship vulnerable products.

Curtis Dukes
Curtis Dukes

Don't get distracted by the term "secure by design," it's a mindset that is going to take culture change, like always making sure you're mitigating SQL Injection and XSS risks, most commonly by sanitizing input. This bulletin is more about building the culture and mindset than about the specific techniques to reduce risks of SQL injection. Take ownership of the needed processes and support them from the top. Don't be the subject of the next vulnerability disclosure.

Lee Neely
Lee Neely

2024-03-27

Attackers Exploiting Unpatched Ray AI Framework Vulnerability

Researchers at Oligo have detected a cyberattack campaign that is exploiting a vulnerability in the Ray open-source AI framework. The campaign has been operating for seven months. The vulnerability that is being exploited is one of five that were disclosed late last year. Four of the vulnerabilities were addressed in Ray version 2.8.1, but the fifth, (CVE-2023-48022) was disputed and not addressed in the update. Threat actors are exploiting the vulnerability to compromise servers storing AI workloads and network credentials.

Editor's Note

The "rush to AI" led to organizations purchasing rather expensive equipment without knowing how to use them, and without concern as to how to secure them. "Ship Fast" beats "Secure by Design" every day, and who has the money to spare for a $1,000 firewall if you just spent it all on a $100,000 AI "box"? Maybe AI will eventually tell them how to secure these systems. Note that whenever you hear that these systems are infected by crypto miners, what really happened is that these organizations are not sophisticated enough to detect anything else.

Johannes Ullrich
Johannes Ullrich

Since this is the third AI-flavored item in today’s NewsBites, the point is obvious: much like back when the internet and Windows were built with “need to share” being emphasized over “need to know” or “need to keep running,” AI software and services are on the same trajectory. A good example to show to management is Microsoft’s September 2023 exposure of terabytes of sensitive information by an AI model run insecurely on their own Azure services.

John Pescatore
John Pescatore

The flaws allow for altering the AI model, grabbing company data, capturing credentials and remote code execution. CVE-2023-480222 has been dubbed ShadowRay by the Oligo group, as the first known instance of AI workloads actively being exploited in the wild through flaws in modern AI infrastructure.

Lee Neely
Lee Neely

2024-03-28

A Bit More Information About the NVD Consortium

In mid-February, a message appeared on the NVD website, saying that “NIST is currently working to establish a consortium to address challenges in the NVD program and develop improved tools and methods.” Since that time, more than 4,000 CVEs have not undergone analysis, leaving them without enrichment data. Speaking at the VulnCon cybersecurity conference earlier this week, NVD program manager Tanya Brewer said that they plan to have the NVD Consortium “operational within two weeks.” An updated message is expected to be posted on the NVD website by Friday, March 29.

Editor's Note

Part of the problem is a 12% budget decrease for NIST. Combine this with a large increase in the number of vulnerabilities and challenges in moving NVD forward to incorporate new standards to identify software. The load of maintaining NVD needs to be better distributed, and the new “NVD Consortium” will hopefully help.

Johannes Ullrich
Johannes Ullrich

Keep an eye on this: that enrichment/analysis of CVEs is a critical source of information to help triage vulnerabilities. While some security companies started working on alternate sources of this information, the latest version FedRAMP requires cloud service providers to use the NVD as their source of truth and remediate all known vulnerabilities inside it. It is expected that the consortium will not only provide resources but also funding to ensure the analysis process continues in a sustainable fashion.

Lee Neely
Lee Neely

The Rest of the Week's News


2024-03-28

17,000 Exchange Servers in Germany are Vulnerable to Critical Flaws

German’s Federal Office for Information Security (BSI) is warning that there are at least 17,000 instances of Internet-exposed Microsoft Exchange servers that are vulnerable to one or more critical security flaws. Some of the Exchange instances are running versions that are no longer supported; others are supported but have not been patched against known vulnerabilities. BSI urges admins to ensure they are running current versions of Exchange, that patching is kept up to date, and that they are securely configured.

Editor's Note

Consider yourself breached if your Exchange Server has a few unpatched vulnerabilities. These flaws are known and have been exploited. The bigger problem is that the organizations that have not patched their servers probably won’t read this newsletter, so someone may want to alert them.

Moses Frost
Moses Frost

Close to 40 percent of all Exchange servers operating in Germany are vulnerable to attack. That is eye-popping. Outside of stealing credentials, exploiting known vulnerabilities is the second most used attack technique by cybercriminals. Should any of these organizations fall victim to attack and get hauled into court it will be difficult to argue they maintained a standard duty of care.

Curtis Dukes
Curtis Dukes

It would be naive to believe that this problem is unique to or limited to Germany. That there are that many in one European country is simply a measure of how widespread the problem is.

William Hugh Murray
William Hugh Murray

2024-03-28

NVIDIA Patches Two Vulnerabilities in ChatRTX for Windows

NVIDIA has released fixes for two vulnerabilities in their recently-released ChatRTX for Windows app. One of the vulnerabilities (CVE-2024-0082) is a high-severity flaw that could lead to privilege elevation, information disclosure, and data tampering. The second vulnerability (CVE-2024-0083) is a medium-severity flaw that could lead to code execution, denial-of-service conditions, and information disclosure. Users are urged to update to ChatRTX version 0.2.

Editor's Note

Surfing the AI wave, NVIDIA’s stock price/market cap/profit has skyrocketed. NVIDIA needs to do what Zoom quickly did when the pandemic caused Zoom use to leap – an immediate “pencils down” stop to new code and firmware development and a in depth code security review to make sure NVIDIA isn’t baking in flaws that will doom AI to “insecure by design.”

John Pescatore
John Pescatore

ChatRTX is an AI chatbot that runs locally on your RTX 30 and 40 series Nvidia GPU, which is an upside for folks wishing to deploy a local or private AI engine. While the flaws can be mitigated by updating to version 0.2 of ChatRTX, for some reason the flawed version of ChartRTX is also marked version 0.2, so what you really need to do is a reinstall.

Lee Neely
Lee Neely

2024-03-27

CISA Releases ICS Advisories

The US Cybersecurity and Infrastructure Security Agency (CISA) has published four industrial control system (ICS) advisories that address three vulnerabilities in Automation-Direct C-MORE EA9 HMI and a total of 10 vulnerabilities in three different Rockwell Automation products: PowerFlex 527, Arena Simulation, and FactoryTalk View ME.

Editor's Note

A recurring theme is these vulnerabilities can be leveraged for DOS attacks, which is distasteful in an environment where availability is key. Beyond making sure your ICS systems are properly isolated, make sure the team is planning for downtime to apply these updates.

Lee Neely
Lee Neely

2024-03-27

Undersea Cable Damage Still Causing Outage Issues in Africa

The cause of damage to undersea fiber-optic cables serving numerous African countries has not been determined. The incident caused widespread outages in at least a dozen African countries. Six countries are reportedly still suffering related outages. The head of the Nigerian Communications Commission (NCC) has called for a collaborative effort from countries in the region to protect telecommunications infrastructure.

Editor's Note

The failures cannot be, at this time, attributed to Seismic or deliberate actions, so you cannot narrow down the threat you're mitigating. Even so, the idea of redundant services makes sense. Even so, sufficient path diversity to prevent natural events from taking out both paths, (as is done for tornados) may not be practical. If you're reliant on underseas cables, talk to your ISP about options, verifying offers carefully for both accuracy and viability.

Lee Neely
Lee Neely

2024-03-28

Indian Government and Energy Sector Targeted in Cyberespionage Campaign

Researchers from EclecticIQ have detected a cyber espionage campaign that has been targeting government entities and energy sector organizations in India. The threat actors are using a modified version of the HackBrowserData information-stealing malware. The researchers say the threat actors have exfiltrated 8.81 GB of data from the targeted networks.

Editor's Note

This attack, dubbed "Operation FlightNight," utilized a phish that was an email with well-crafted PDF (embedded in an executable on an ISO file) invitation letter claiming to be from the Indian Air Force. The attackers utilized Slack channels as exfiltration points, uploading confidential internal documents, email messages and cached browser data. User action was key to the success of this campaign. Success could have been mitigated both by technical measures in email and endpoint as well as user education. You may want to add a similar multi-step payload to your next phishing campaign to see how your users respond.

Lee Neely
Lee Neely

2024-03-25

SEC Takes Action Against Investment Firms for “AI Washing”

The US Securities and Exchange Commission has imposed financial penalties against two investment firms for making untrue or misleading claims about their use of AI, known as “AI washing.” Delphia has agreed to pay a civil penalty of $225,000; Global Predictions has agreed to a civil penalty of $175,000.

Editor's Note

Part of AI governance is making sure your company/agency is NOT using AI fraudulently, illegally, or in other risky manners. This includes all use of AI used in service/product delivery and in securing your infrastructure. The SEC does audit claims such as “we use AI-based tools to reduce the risk of another ransomware attack doing what the last three did to us…”

John Pescatore
John Pescatore

I am not sure what entails AI Washing in this article per se, but does this mean that IT companies could also be liable for these types of claims? What is that AI meme, “We Use AI, but it's just a bunch of if/else statements”?

Moses Frost
Moses Frost

AI washing refers to a tactic companies use to exaggerate their use of AI technology in their products. This finding is directed at marketing, where AI washing is used to drive sales. I'm not sure we can tell the marketing staff not to exaggerate capability; AI and ML have been in the lexicon too long. Today's focus needs to be on ethical and secure use of AI rather than marketplace position.

Lee Neely
Lee Neely

2024-03-27

CISA Notice of Proposed Rulemaking for CIRCIA CI Incident Reporting Framework

The US Cybersecurity and Infrastructure Security Agency (CISA) will publish a notice of proposed rulemaking for the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) cyber incident reporting rule. The framework will appear in the Federal Register on Thursday, April 4; comments will be accepted for the following 60 days. Among the proposed provisions: covered entities must report qualifying incidents within 72 hours; and entities that choose to pay ransomware demands must disclose the payments to CISA.

Editor's Note

Allocate time to review this: it's 447 pages, which is a lot to digest. The required reporting will be exempt from public disclosure, and it's expected this rule will impact over 316,000 entities which are expected to submit over 210,000 reports over the next decade. Other entities already required to report to CISA are bound by similar timelines and conditions. If you're in scope, particularly if you're in the critical infrastructure sector, set aside time to read and comment on this draft.

Lee Neely
Lee Neely

The most controversial aspect of the rulemaking is the requirement to notify CISA within 24-hours of a ransomware payment. It doesn’t imply the payment is illegal, just that you must notify government (CISA in this case). Stay tuned as positions are taken with an organization’s response to the NPRM.

Curtis Dukes
Curtis Dukes

2024-03-28

OMB Publishes AI Risk Mitigation Rules

The US Office of Management and Budget (OMB) has published AI risk mitigation rules for all federal agencies. The agencies will have until December 1, 2024, to implement “new agency requirements and guidance for AI governance, innovation, and risk management” outlined in the 34 page memo.

Editor's Note

Agencies will reference this as OMB M-24-10 which refines EO 14110 on the safe, secure and trustworthy development and use of AI, comes with a bit of work which is ongoing. The agency-implemented plans and guidance on AI must be submitted to OMB within 180 days and every two years thereafter until 2036. They are also required to post their plan to achieve consistency with this memorandum or a written determination they don't use the covered AI, aka an exception. Additionally, agencies have to inventory their use of AI, for covered use cases, and report on AI use cases not subject to inventory, these must also be reported annually and posted on their public websites.

Lee Neely
Lee Neely

Of note is the creation/designation of a Chief AI Officer (CAIO). Government often does this to focus leader attention to the matter. A natural question is the interplay between this role and the roles of CTO and CIO. Over time these roles will likely change.

Curtis Dukes
Curtis Dukes

This is a governance, not a management, requirement. It specifies what must be done but does not prescribe how to do it.

William Hugh Murray
William Hugh Murray

Internet Storm Center Tech Corner

New tool: linux-pkgs.sh

https://isc.sans.edu/diary/New+tool+linuxpkgssh/30774

Scans for Apache OfBiz

https://isc.sans.edu/diary/Scans+for+Apache+OfBiz/30784

From JavaScript to AsyncRAT

https://isc.sans.edu/diary/From+JavaScript+to+AsyncRAT/30788

Okta Verify for Windows Auto-update Arbitrary Code Execution CVE-2024-0980

https://trust.okta.com/security-advisories/okta-verify-windows-auto-update-arbitrary-code-execution-cve-2024-0980/

Suspicious NuGet package grabs data from industrial systems

https://www.reversinglabs.com/blog/suspicious-nuget-package-grabs-data-from-industrial-systems

ShadowRay Attacks AI Workloads Actively Exploited in the Wild

https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild

TeamCity Patches

https://www.jetbrains.com/privacy-security/issues-fixed/?product=TeamCity&version=2024.03

Google Zero Day Report

https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/Year_in_Review_of_ZeroDays.pdf

Wall-Escape (CVE-2024-28085)

https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt

Recent "MFA Bombing" Attacks Targeting Apple Users

https://krebsonsecurity.com/2024/03/recent-mfa-bombing-attacks-targeting-apple-users/

Preventing Cross Service UDP Loops in QUIC

https://bughunters.google.com/blog/5960150648750080/preventing-cross-service-udp-loops-in-quic

TheMoon Malware Infects 6,000 ASUS Routers in 72 Hours for Proxy Service

https://www.bleepingcomputer.com/news/security/themoon-malware-infects-6-000-asus-routers-in-72-hours-for-proxy-service/