Scaling Cybersecurity: CISO Briefing for "Mythos-ready" Program; Qualys Finds Human Remediation "Ceiling"

"Never let a good crisis go to waste." Yes, there's a lot of fear and uncertainty right now, but there's also opportunity to do amazing work. Carve out some time to read the CSA paper and get in front of decision makers at your organization to offer guidance on shaping the future of your cybersecurity program.

We often talk about how important it is to treat "out of band" patches. When you get the brain power of the people involved in this paper to work together, we have a similar type of situation. If there is one thing you do this week to understand how the threat landscape is evolving, read this paper.

If Anthropic’s claims are true (and we are waiting for similar claims from OpenAI) then the entire game of cybersecurity is about to change. As others are suggesting, read the paper and then read other analyst’s opinions and recommendations. Your leadership will look to you for advice and guidance, be sure you have prepared yourself in advance to handle some difficult questions.

So far, this is about finding known classes of vulnerabilities faster, at greater scale, across vastly more targets. These known classes are in general represented in guides such as the CIS Community Defense Model and are the basis for CIS Critical Security Control selection. However, you cannot react fast enough to this coming flood, so the acceleration also underscores the need for preparation by putting security controls in place, ensuring that security is “turned on” before deployment, etc. Also, anecdotally, even if LLMs discover new classes of vulnerabilities, you still get significant value from “best practices” against types of attacks you did not know about beforehand. This is not surprising, since good practices limit movement, access, unauthorized changes, privilege abuse, etc.

Mythos’s ability to discover flaws is a capability we hope our software providers will leverage, particularly as the interval between flaw discovery and exploitation continues to shrink. This capacity raises the bar for protection of your AI, and you need to stay secure. The guidance from the CSA provides guidance for updating your risk register and supporting security program, and if nothing else, make sure that you haven’t missed current risks and mitigations.

The old saying "vendors can release patches but not apply them" rings very true, and as this report highlights, the scale of vulnerabilities and associated patches and workarounds is growing to a level that we will not be able to cope with using traditional vulnerability management techniques. Companies will need to start to look at auto-remediation solutions as part of their vulnerability management program and balance the risk of a vulnerability being exploited causing a breach versus an automated update causing an outage. In many cases, dealing with an outage may be preferable to dealing with a ransomware attack or a fine from a regulator.

I have been thinking that vulnerability scanning, patch management, and other ‘legacy’ mechanisms to protect an environment have been broken for a while. Here are my initial thoughts: There are too many vulnerabilities for a single company to track, let alone if you have 10,000 endpoints. Some companies have hundreds of thousands of vulnerabilities to patch. The problem with that statement is that of those hundreds of thousands of vulnerabilities, there is a small number of them with working exploit code in the wild. That is, until now. Now we have expert systems that can automate the creation of exploits to determine how real those vulnerabilities actually are. In a world where there is a machine doing this work, the only answer is to fight back with more machines. It will be a machine arms race. I will, however, note that this is the reality we are facing, and many companies are still grappling with the 101 of “what do we do and when?” We have a SANS Webcast around this on Thursday that I highly recommend you attend.

This issue is particularly relevant in light of Anthropic's Mythos. Mythos will discover more vulnerabilities earlier; it is likely to overwhelm any remediation strategy that relies on people. We must remediate at or near the rate of discovery. Also, we should keep in mind that there is an upper bound to the rate of change that any system can tolerate. There is always the potential for the solution to become the problem. While there are only hundreds of CVEs in the KEV, there are billions of instances of those vulnerabilities, many of which will never be remediated. No matter how quickly we patch, there will always be a window for attack and exploitation.

In the coming age of AI, the research states the obvious… humans are the weak link. The cybersecurity community must find a way to automate the patch management process. IOW, a machine-to-machine approach is needed. Without that, the game continues to favor the attacker.

The numbers show that we’re not only dealing with an ever-increasing number of vulnerabilities, but also falling behind as the number of flaws increases faster than our ability to address them. The takeaway is to make sure that you’re automating as much as possible for vulnerability management: detection, verification, analysis, application of updates, etc. Have a talk with your team about what manual processes remain, as well as where the automation isn’t helping. You may need new tools, but make sure you’ve looked at what’s already on hand.

This is the fix to the flaw we discussed last week in NewsBites Volume 28, Number 27, April 10. As Adobe treated this as an emergency fix, so should you. Make sure all your copies of Acrobat are updated. We now have both a CVE (CVSS score 8.6) and an update for current versions of Reader, Acrobat DC and Classic 24. If you’re running anything older, move to one of the updated/supported versions.

While the CVSS score is 8.6, don’t be lulled into not prioritizing the patch. Acrobat Reader is on pretty much everybody’s desktop, and users are accustomed to receiving and opening PDF attachments without much thought. Heed Adobe’s advice: update to the latest version of Reader now.

The Breakglass Intelligence post includes the file and network IoCs you’re looking for. So, make sure you’ve got the known good versions of CPUID as well as no traces of shenanigans.

CPUID breach was a big bad. Lots of Windows Machines, especially those at home labs run by professional and semi-professional IT people, were hit by this. It was a “putty-level” event. Unsure what the fallout is yet, but it seems that we will find out in the next few weeks.

Two things here: First, always have consent before recording (and recourse for a ‘no’ answer). There are too many privacy and data protection requirements to assume it’s not required. Second, be clear where those recordings are stored and analyzed/transcribed. In this instance they were not only missing consent, but processing PHI, which requires certification, business partner agreements, and appropriate security measures. Beware of technology outpacing regulatory requirements. AI transcription and summarization of content is really common and helpful, but are the required controls in place, or is that left as an exercise for the user?

Since even most California privacy laws only require opt-out be offered (vs. be the default unless explicit opt-in) odds are high that some existing clause covers this. But it would be good to get some case law precedent on the books defining what is required for “ambient eavesdropping” use, both in obtaining permission and in assuring the accuracy of the output.

This case highlights the growing concerns around the use of AI in sensitive environments such as healthcare. From a European perspective, this would most likely be illegal under the EU GDPR, particularly around consent, transparency, and data processing. The saying "Europe regulates while the world innovates" is often bandied about in a derogatory way, but this is a good example of why strong regulation is needed to ensure technology is not employed to abuse the human rights of individuals.

I’m of two minds on this lawsuit. Sure, the patient should have been notified that a transcription service was being employed, but that’s the reality we live in today: notification typically after the fact. The result will be something akin to a consent banner on a digital device, or on the wall, or as a form that is signed and filed. Did we really move the cybersecurity needle forward?

With the number of two-party consent states and the number of AI transcription devices I am seeing, I was curious to see what would happen in this scenario. Considering how many devices are wearables (looking at you, Ray-Ban glasses) and how many places they are used that are not public, how many of these lawsuits are just waiting to happen? If you are a company of any size, you may want to consider how to protect yourself in the event of these types of lawsuits. Do you use AI transcription services for anything? Are people aware? This will be as much policy as it is legal adjustments. One to watch for sure.

The issue is reusable credentials. As long as we continue to use them, they will be exploited. That there is a market for them suggests that they continue to be widely used. Use of reusable credentials in almost any application is risky; in financial transactions it is reckless. Resistance to strong authentication may be rooted in the false belief that it is inconvenient. Get over it.

The W3LLSTORE, which was used for selling and exchanging captured credentials from the W3LL phishing-as-a-service system was shut down in 2023, but attackers switched to private messaging services instead. This action, a first ever partnership between the FBI and Indonesia law enforcement, takes out the remaining service, which was a sophisticated phishing ecosystem, had an entry price of only $500, and was found to be connected to more than 850 campaigns.

Leveraging a website 'watering hole’ whether legitimate or lookalike is just table stakes with credential harvesting. Glad that law enforcement shut this operation down, but unfortunately, others will pop up quickly after.

This story highlights that criminals are increasingly targeting the supply chain, and organisations need to better manage the cyber risks in their supply chain. Indeed, under the EU NIS2 and DORA regulations this is now becoming a requirement for all regulated entities. Soon no matter where you are in the supply chain you will be required to demonstrate you are managing cyber security risk in your organisations.

Snowflake is a powerful data lake, but you need to secure it properly. Snowflake has implemented services that detect and respond to anomalous activity, but you really need to get the basics right first. Start with phishing-resistant authentication.

Seriously consider implementing E2EE for your email system, regardless of provider. Verify users outside your tenant are sent a link to a website for decryption. Then teach users to encrypt sensitive information always. This is a culture change, so you want to test and develop plans which move from suggested to required use. Leverage testers in as many business units as you can. Make sure you understand who can decrypt these messages, and how that control is managed.

Enterprise users of Exchange and Gmail have a straightforward path to turning on end-to-end encryption, within the bounds of their enterprise licensing and directory. But even within those boundaries, it takes a lot of workflow testing to find out what breaks when objects are persistently encrypted.

Verify your installed OpenAI apps are signed with the new certificate; update those which aren’t. As the old certificate will not be revoked until May 8, the older flawed macOS versions could still be running.

For signing certificates to be more than just eyewash, revocation checking (and off-schedule rotation) has to become standard operating procedure.

It should not be necessary to say that certificates do not sign; private keys sign. Certificates are meta-data about the key.