Tootfinder

Hackers Hijacked Notepad Plugin to Execute Malicious Code
https://gbhackers.com/hackers-hijacked-notepad-plugin-to-execute-malicious-code/

Hackers Hijacked Notepad++ Plugin to Execute Malicious Code
Hackers have successfully manipulated a default plugin within the Notepad++ package, potentially compromising the security of countless systems.

The WMDP Benchmark: Measuring and Reducing Malicious Use With Unlearning
Nathaniel Li, Alexander Pan, Anjali Gopal, Summer Yue, Daniel Berrios, Alice Gatti, Justin D. Li, Ann-Kathrin Dombrowski, Shashwat Goel, Long Phan, Gabriel Mukobi, Nathan Helm-Burger, Rassin Lababidi, Lennart Justen, Andrew B. Liu, Michael Chen, Isabelle Barrass, Oliver Zhang, Xiaoyuan Zhu, Rishub Tamirisa, Bhrugu Bharathi, Adam Khoja, Ariel Herbert-Voss, Cort B. Breuer, Andy Zou, Mantas Mazeika, Zifan Wang, Palas…

The WMDP Benchmark: Measuring and Reducing Malicious Use With Unlearning
The White House Executive Order on Artificial Intelligence highlights the risks of large language models (LLMs) empowering malicious actors in developing biological, cyber, and chemical weapons. To measure these risks of malicious use, government institutions and major AI labs are developing evaluations for hazardous capabilities in LLMs. However, current evaluations are private, preventing further research into mitigating risk. Furthermore, they focus on only a few, highly specific pathways fo…

Mitigating Label Flipping Attacks in Malicious URL Detectors Using Ensemble Trees
Ehsan Nowroozi, Nada Jadalla, Samaneh Ghelichkhani, Alireza Jolfaei
https://arxiv.org/abs/2403.02995

Mitigating Label Flipping Attacks in Malicious URL Detectors Using Ensemble Trees
Malicious URLs provide adversarial opportunities across various industries, including transportation, healthcare, energy, and banking which could be detrimental to business operations. Consequently, the detection of these URLs is of crucial importance; however, current Machine Learning (ML) models are susceptible to backdoor attacks. These attacks involve manipulating a small percentage of training data labels, such as Label Flipping (LF), which changes benign labels to malicious ones and vice …

I've been wondering what, if any, sort of risk Lasse Collin might have been exposed to no one else would see.
For example, was there a malicious private branch Lasse tested? Reportedly JT and Lasse communicated mostly over Signal. Were any links shared and clicked on?
This edges on fantasy and conspiracy theory, but I'm hoping Lasse thinks deeply about this if he hasn't already. #xz

Developers say open-source software culture, where users demand constant updates from volunteer coders, is letting malicious actors introduce vulnerabilities (Jason Koebler/404 Media)
https://www.404media.co/xz-backdoor-bullyi

Bullying in Open Source Software Is a Massive Security Vulnerability
The Xz backdoor and a near miss on an the F-Droid app store show how the entitled attitude of some people in the open source community can be used to push malicious or insecure code.

The mistery of 'Jia Tan', the mastermind behind the XZ-Utils backdoor supply-chain hack [WIRED News, April 2024]
https://www.wired.com/story/jia-tan-xz-backdoor/?ref=platformer.news

The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind
The thwarted XZ Utils supply chain attack was years in the making. Now, clues suggest nation-state hackers were behind the persona that inserted the malicious code.

This https://arxiv.org/abs/2403.12619 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csSI_…

Detection of Malicious Agents in Social Learning
Social learning is a non-Bayesian framework for distributed hypothesis testing aimed at learning the true state of the environment. Traditionally, the agents are assumed to receive observations conditioned on the same true state, although it is also possible to examine the case of heterogeneous models across the graph. One important special case is when heterogeneity is caused by the presence of malicious agents whose goal is to move the agents towards a wrong hypothesis. In this work, we propo…

"""
#OpenRC […] has been in a state of bureaucratic decay for a decade now, having all been hoarded by a random corporate contractor about as responsive to the outside universe as OpenOffice (while taking up as much space; they're the entire reason for the farcical metadata/AUTHORS file in the main package repo).
"""
#Gentoo copyright policy (AKA #GLEP76) has been a long time in the making. More specifically, as you can guess from the author list, it has been a long time in fruitless debate, followed by a short period of creative activity. In its original form, it has been unanimously approved both by the Council and the Trustees in September 2018.
https://bugs.gentoo.org/653118
Not a month later, once we've actually started requiring signoffs per the new policy, one of the Council members requested a "transitional period", to give their company's legal team more time to approve it. Like, they've actively influenced the policy, they've actually voted for approving it, but they didn't mean for it to actually apply at the time — and they've never bothered telling anyone about the problem earlier. Fortunately, they've managed to get a quick approval and started using it.
https://bugs.gentoo.org/667602
As a side effect of using it, attribution lines to said company started popping up in random ebuilds that their employees touched (malicious compliance or just corporate bullshit?). This heralded a maintenance nightmare. Two months later, metadata/AUTHORS was proposed as a compromise to stop that.
https://bugs.gentoo.org/672962
All these years later, I'm thinking that we had a simpler solution to all these, and many later problems, at our disposal back then…

This Week in Deserialization: https://jfrog.com/blog/data-scientists-targeted-by-malicious-hugging-face-ml-models-with-silent-backdoor/

The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind.
The thwarted XZ Utils supply chain attack was years in the making. Now, clues suggest nation-state hackers were behind the persona that inserted the malicious code.
https://www.wired.com/story/jia-tan-xz-backdoor/…

The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind
The thwarted XZ Utils supply chain attack was years in the making. Now, clues suggest nation-state hackers were behind the persona that inserted the malicious code.

This https://arxiv.org/abs/2312.14197 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csCL_…

Benchmarking and Defending Against Indirect Prompt Injection Attacks on Large Language Models
The integration of large language models (LLMs) with external content has enabled more up-to-date and wide-ranging applications of LLMs, such as Microsoft Copilot. However, this integration has also exposed LLMs to the risk of indirect prompt injection attacks, where an attacker can embed malicious instructions within external content, compromising LLM output and causing responses to deviate from user expectations. To investigate this important but underexplored issue, we introduce the first be…

#GitHub is under attack.
“The flow of the campaign is simple:
1. Cloning existing repos (for example: TwitterFollowBot, WhatsappBOT, discord-boost-tool, Twitch-Follow-Bot, and hundreds more)
2. Infecting them with malware loaders
3. Uploading them back to GitHub with identical names
4. Automatically forking each thousands of times
5. Covertly promoting them across the …

GitHub besieged by millions of malicious repositories in ongoing attack
GitHub keeps removing malware-laced repositories, but thousands remain.

The security of the worldwide information technology infrastructure sadly rests on tons of unpaid open source developers. 😦
https://www.theverge.com/2024/4/2/24119342/xz-utils-linux-backdoor-attempt

How one volunteer stopped a backdoor from exposing Linux systems worldwide
A maintainer for a Linux-based database identified malicious code hidden in a tool called XZ Utils and stopped a global security breach in its tracks.

The mistery of 'Jia Tan', the mastermind behind the XZ-Utils backdoor supply-chain hack [WIRED News, April 2024]
https://www.wired.com/story/jia-tan-xz-backdoor/?ref=platformer.news

The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind
The thwarted XZ Utils supply chain attack was years in the making. Now, clues suggest nation-state hackers were behind the persona that inserted the malicious code.

WeSee: Using Malicious #VC Interrupts to Break AMD SEV-SNP
Benedict Schl\"uter, Supraja Sridhara, Andrin Bertschi, Shweta Shinde
https://arxiv.org/abs/2404.03526

WeSee: Using Malicious #VC Interrupts to Break AMD SEV-SNP
AMD SEV-SNP offers VM-level trusted execution environments (TEEs) to protect the confidentiality and integrity for sensitive cloud workloads from untrusted hypervisor controlled by the cloud provider. AMD introduced a new exception, #VC, to facilitate the communication between the VM and the untrusted hypervisor. We present WeSee attack, where the hypervisor injects malicious #VC into a victim VM's CPU to compromise the security guarantees of AMD SEV-SNP. Specifically, WeSee injects interrupt n…

This https://arxiv.org/abs/2403.12619 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csSI_…

Detection of Malicious Agents in Social Learning
Social learning is a non-Bayesian framework for distributed hypothesis testing aimed at learning the true state of the environment. Traditionally, the agents are assumed to receive observations conditioned on the same true state, although it is also possible to examine the case of heterogeneous models across the graph. One important special case is when heterogeneity is caused by the presence of malicious agents whose goal is to move the agents towards a wrong hypothesis. In this work, we propo…

Distributed Estimation in Blockchain-aided Internet of Things in the Presence of Attacks
Hamid Varmazyari, Yiming Jiang, Jiangfan Zhang
https://arxiv.org/abs/2405.03665

Distributed Estimation in Blockchain-aided Internet of Things in the Presence of Attacks
Distributed estimation in a blockchain-aided Internet of Things (BIoT) is considered, where the integrated blockchain secures data exchanges across the BIoT and the storage of data at BIoT agents. This paper focuses on developing a performance guarantee for the distributed estimation in a BIoT in the presence of malicious attacks which jointly exploits vulnerabilities present in both IoT devices and the employed blockchain within the BIoT. To achieve this, we adopt the Cramer-Rao Bound (CRB) as…

Over 100,000 Infected Repos Found on GitHub
https://apiiro.com/blog/malicious-code-campaign-github-repo-confusion-attack/

Bullying in Open Source Software Is a Massive Security Vulnerability https://www.404media.co/xz-backdoor-bullying-in-open-source-software-is-a-massive-security-vulnerability/

Researchers detail an ongoing repo confusion attack impacting 100K GitHub repos, which involves cloning existing repos and infecting them with malware loaders (Dan Goodin/Ars Technica)
https://arstechnica.com/security/2024/

GitHub besieged by millions of malicious repositories in ongoing attack
GitHub keeps removing malware-laced repositories, but thousands remain.

This is brutal. I was shocked that the obvious vandalism is so hard to see, and then my brain immediately turned to other ways to accomplish the same thing even more discreetly, and a few of the things I thought of made me want to puke.
#xz #infosec

By @… for @… :

Bullying in Open Source Software Is a Massive Security Vulnerability
The Xz backdoor and a near miss on an the F-Droid app store show how the entitled attitude of some people in the open source community can be used to push malicious or insecure code.

Half of internet traffic is now bots.
Hi, bot followers :-)
https://www.imperva.com/company/press_releases/bots-make-up-half-of-all-internet-traffic-globally/

Bots Now Make Up Nearly Half of All Internet Traffic Globally - Company
Automated and malicious traffic rises for a fifth consecutive year Bad bots account for 32% of all internet traffic 44% of all account takeover attacks target API endpoints Thales, the cybersecurity leader that protects critical applications, APIs, and data, anywhere at scale, today announced the release of the 2024 Imperva Bad Bot Report, a global […]

Heckler: Breaking Confidential VMs with Malicious Interrupts
Benedict Schl\"uter, Supraja Sridhara, Mark Kuhne, Andrin Bertschi, Shweta Shinde
https://arxiv.org/abs/2404.03387

Heckler: Breaking Confidential VMs with Malicious Interrupts
Hardware-based Trusted execution environments (TEEs) offer an isolation granularity of virtual machine abstraction. They provide confidential VMs (CVMs) that host security-sensitive code and data. AMD SEV-SNP and Intel TDX enable CVMs and are now available on popular cloud platforms. The untrusted hypervisor in these settings is in control of several resource management and configuration tasks, including interrupts. We present Heckler, a new attack wherein the hypervisor injects malicious non-t…

Please watch out where you download from and go through as many steps as you can stomach to verify what you downloaded is what you intended to download. Case in point 📂📌
> One such attack chain targets users searching for Arc Browser on search engines like Google to serve bogus ads that redirect users to look-alike sites ("airci[.]net") that serve the malware.
…

Hackers Target macOS Users with Malicious Ads Spreading Stealer Malware
Malicious ads and fake websites are spreading dangerous malware that can steal your passwords, cryptocurrency, and other sensitive data.

This https://arxiv.org/abs/2403.16760 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csHC_…

As Good As A Coin Toss Human detection of AI-generated images, videos, audio, and audiovisual stimuli
As synthetic media becomes progressively more realistic and barriers to using it continue to lower, the technology has been increasingly utilized for malicious purposes, from financial fraud to nonconsensual pornography. Today, the principal defense against being misled by synthetic media relies on the ability of the human observer to visually and auditorily discern between real and fake. However, it remains unclear just how vulnerable people actually are to deceptive synthetic media in the cou…

Marsfall - Season 3 finale 🤯🫨🫠
Dramatized sci-fi action/adventure series | Total listening time: 16h 33m
Jacki and her crew left Earth and its problems behind for a chance at giving humanity a fresh start on Mars. But mysterious aliens, malicious AI, and the expected difficulties of colonizing this inhospitable planet leave t...

Marsfall - Season 3 finale 🤯🫨🫠
Dramatized sci-fi action/adventure series | Total listening time: 16h 33m Jacki and her crew left Earth and its problems behind for a chance at giving humanity a fresh start on Mars. But mysterious aliens, malicious AI, and the expected difficulties of colonizing this inhospitable planet leave them all questioning if they’ve made the right choice to abandon their home. 3 seasons, 31 episodes as of Oct 10, 2023.

EU, NATO condemn cyberattacks against Germany, Czechia, blame Russia as perpetrator
https://poliverso.org/display/0477a01e-c2596e91-385a11e9b76a80d4
EU, NATO condemn cyberattacks against Germany, Czechia, blame Russia as perpetratorThe EU and NATO o…

risks of nonexistent software names cited by LLMs
"AI hallucinates software packages and devs download them – even if potentially poisoned with malware
"Simply look out for libraries imagined by ML and make them real, with actual malicious code. No wait, don't do that"
Ha!
So far no evidence it's been used for malware (yet):
"... our package is not malicious it is just an example of how easy and dangerous it could be to leverage this technique"
#AI #LLM #coding

JFrog says it found around a hundred malicious ML models on Hugging Face, some of which can backdoor users' machines (Bill Toulas/BleepingComputer)
https://www.bleepingcomputer.com/news/security/malicious-ai-models-on…

Nearly 20% of Docker Hub Repositories were used to spread malware & phishing scams https://jfrog.com/blog/attacks-on-docker-with-millions-of-malicious-repositories-spread-malware-and-phishing-scams/

Very interesting (and very long thread) by @… on AI, LLM booby-traps, and 'reverse-centaurism'
https://mamot.fr/@pluralistic/112196495887778…

Cory Doctorow (@pluralistic@mamot.fr)
Attached: 1 image Here's a fun AI story: a security researcher noticed that large companies' AI-authored source-code repeatedly referenced a nonexistent library (an AI "hallucination"), so he created a (defanged) malicious library with that name and uploaded it, and thousands of developers automatically downloaded and incorporated it as they compiled the code: https://www.theregister.com/2024/03/28/ai_bots_hallucinate_software_packages/ 1/

Fascinating story about the XZ backdoor, before people start blaming opensource, these backdoors can be in any closed source component and nobody will know.
https://arstechnica.com/security/2024/04/what-we-know-about…

What we know about the xz Utils backdoor that almost infected the world
Malicious updates made to a ubiquitous tool were a few weeks away from going mainstream.

Looks interesting. As the article notes it isn't foolproof, but any extra protection will help.
And yes, I have UBlock origin installed.
https://www.ghacks.net/2024/02/20/google-chrome-will-soon-prev…

Ball’s in your court, @….
Apple has very publicly told you to go fuck yourselves with its malicious compliance. What you do next will decide whether malicious compliance is acceptable in the EU or not.
#apple

_“The end game would be the ability to login to every Fedora, Debian and Ubuntu box on the internet. If it isn’t a state actor it should be…”_
Cryptographer Filippo Valsorda said, _“This might be the best executed supply chain attack we’ve seen described in the open, and it’s a nightmare scenario: malicious, competent, authorized upstream in a widely used library.”_
And awesome: FOSS community catched it, because tests slowdown

'xz utils' Software Backdoor Uncovered in Years-Long Hacking Plot - UNICORN RIOT
A fascinating but ominous software story dropped on Friday: a widely used file compression software package called “xz utils” has a cleverly embedded system for backdooring shell login connections, and it’s unclear how far this dangerous package got into countless internet-enabled devices. It appears the persona that injected this played a long game, gaining the […]

CDN-hosted JS has always smelled more than a little funny to me. It’s all the problems of a library supply chain attack, except that an attacker can hot swap the malicious into your already-deployed site. Maybe only for a brief time window. Maybe only for specific regions or specific users.
https://oisaur.com/@r…

Phishers and other scammers are very effective. Sometimes, they even outperform the activity of the site that they are pretending to be.
Excellent insight into some campaigns.
#Phishing #Scam

This https://arxiv.org/abs/2403.03218 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csLG_…

The WMDP Benchmark: Measuring and Reducing Malicious Use With Unlearning
The White House Executive Order on Artificial Intelligence highlights the risks of large language models (LLMs) empowering malicious actors in developing biological, cyber, and chemical weapons. To measure these risks of malicious use, government institutions and major AI labs are developing evaluations for hazardous capabilities in LLMs. However, current evaluations are private, preventing further research into mitigating risk. Furthermore, they focus on only a few, highly specific pathways fo…

Quarantining Malicious IoT Devices in Intelligent Sliced Mobile Networks
David Candal-Ventureira, Pablo Fondo-Ferreiro, Felipe Gil-Casti\~neira, Francisco Javier Gonz\'alez-Casta\~no
https://arxiv.org/abs/2403.19731

Quarantining Malicious IoT Devices in Intelligent Sliced Mobile Networks
The unstoppable adoption of the Internet of Things (IoT) is driven by the deployment of new services that require continuous capture of information from huge populations of sensors, or actuating over a myriad of "smart" objects. Accordingly, next generation networks are being designed to support such massive numbers of devices and connections. For example, the 3rd Generation Partnership Project (3GPP) is designing the different 5G releases specifically with IoT in mind. Nevertheless, from a sec…

xz Utils
Backdoor found in widely used Linux utility breaks encrypted SSH connections | Ars Technica
https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ss…

But they are by definition all open source, so a million eyes will inspect them! The bad ones will be noticed!
(Sarcasm.)
From: @…
https://infosec.exchange/@d…

GitHub is under a major attack with millions of malicious repositories being created. https://reddit.com/r/cybersecurity/comments/1b3qr27/

This https://arxiv.org/abs/2211.06073 has been replaced.
link: https://scholar.google.com/scholar?q=a

SceneFake: An Initial Dataset and Benchmarks for Scene Fake Audio Detection
Many datasets have been designed to further the development of fake audio detection. However, fake utterances in previous datasets are mostly generated by altering timbre, prosody, linguistic content or channel noise of original audio. These datasets leave out a scenario, in which the acoustic scene of an original audio is manipulated with a forged one. It will pose a major threat to our society if some people misuse the manipulated audio with malicious purpose. Therefore, this motivates us to …

This https://arxiv.org/abs/2403.16760 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csHC_…

As Good As A Coin Toss Human detection of AI-generated images, videos, audio, and audiovisual stimuli
As synthetic media becomes progressively more realistic and barriers to using it continue to lower, the technology has been increasingly utilized for malicious purposes, from financial fraud to nonconsensual pornography. Today, the principal defense against being misled by synthetic media relies on the ability of the human observer to visually and auditorily discern between real and fake. However, it remains unclear just how vulnerable people actually are to deceptive synthetic media in the cou…

This https://arxiv.org/abs/2403.14020 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csCR_…

Zero-Knowledge Proof of Distinct Identity: a Standard-compatible Sybil-resistant Pseudonym Extension for C-ITS
Pseudonyms are widely used in Cooperative Intelligent Transport Systems (C-ITS) to protect the location privacy of vehicles. However, the unlinkability nature of pseudonyms also enables Sybil attacks, where a malicious vehicle can pretend to be multiple vehicles at the same time. In this paper, we propose a novel protocol called zero-knowledge Proof of Distinct Identity (zk-PoDI,) which allows a vehicle to prove that it is not the owner of another pseudonym in the local area, without revealing …

Adversarial Botometer: Adversarial Analysis for Social Bot Detection
Shaghayegh Najari, Davood Rafiee, Mostafa Salehi, Reza Farahbakhsh
https://arxiv.org/abs/2405.02016

Adversarial Botometer: Adversarial Analysis for Social Bot Detection
Social bots play a significant role in many online social networks (OSN) as they imitate human behavior. This fact raises difficult questions about their capabilities and potential risks. Given the recent advances in Generative AI (GenAI), social bots are capable of producing highly realistic and complex content that mimics human creativity. As the malicious social bots emerge to deceive people with their unrealistic content, identifying them and distinguishing the content they produce has beco…

Ooh I’ve been waiting for one of these! New SteganoAmor attacks use steganography to target 320 orgs globally: A new campaign conducted by the TA558 hacking group is concealing malicious code inside images using steganography to deliver various malware tools onto targeted systems.

New SteganoAmor attacks use steganography to target 320 orgs globally
A new campaign conducted by the TA558 hacking group is concealing malicious code inside images using steganography to deliver various malware tools onto targeted systems.

i’m sure i’m not the first to make this but i haven’t seen one yet.
(context: https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/)<…

Backdoor found in widely used Linux utility targets encrypted SSH connections
Malicious code planted in xz Utils has been circulating for more than a month.

Details on the #backdoor in #xz for users of #Fedora 40 and 41/rawhide:

Not his* fault! He simply found himself negotiating a contract, signing it, performing the forgery, optimizing it for the distribution method, and taking payment! He had no choice whatsoever! It must have been terrible!
https://www.cnn.com/2024/02/23/politics/de

Law Enforcement Disruption of Malicious Cyber Actors Is Gaining Steam
https://www.metacurity.com/p/law-enforcement-disruption-malicious-cyber-actors-gaining-steam

Bullying in Open Source Software Is a Massive Security Vulnerability https://www.404media.co/xz-backdoor-bullying-in-open-source-software-is-a-massive-security-vulnerability/

This https://arxiv.org/abs/2308.16639 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_ees…

Security Allocation in Networked Control Systems under Stealthy Attacks
This paper considers the problem of security allocation in a networked control system under stealthy attacks. The system is comprised of interconnected subsystems represented by vertices. A malicious adversary selects a single vertex on which to conduct a stealthy data injection attack with the purpose of maximally disrupting a distant target vertex while remaining undetected. Defense resources against the adversary are allocated by a defender on several selected vertices. First, the objectives…

A look at XZ Utils attacker "Jia Tan", a persona experts say was used by a nation state group and that left little trace after working on the project since 2021 (Wired)
https://www.wired.com/story/jia-tan-xz-backdoor/

The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind
The thwarted XZ Utils supply chain attack was years in the making. Now, clues suggest nation-state hackers were behind the persona that inserted the malicious code.

Robust Federated Learning Mitigates Client-side Training Data Distribution Inference Attacks
Yichang Xu, Ming Yin, Minghong Fang, Neil Zhenqiang Gong
https://arxiv.org/abs/2403.03149

Robust Federated Learning Mitigates Client-side Training Data Distribution Inference Attacks
Recent studies have revealed that federated learning (FL), once considered secure due to clients not sharing their private data with the server, is vulnerable to attacks such as client-side training data distribution inference, where a malicious client can recreate the victim's data. While various countermeasures exist, they are not practical, often assuming server access to some training data or knowledge of label distribution before the attack. In this work, we bridge the gap by proposing I…

_“The end game would be the ability to login to every Fedora, Debian and Ubuntu box on the internet. If it isn’t a state actor it should be…”_
Cryptographer Filippo Valsorda said, _“This might be the best executed supply chain attack we’ve seen described in the open, and it’s a nightmare scenario: malicious, competent, authorized upstream in a widely used library.”_
And awesome: FOSS community catched it, because tests slowdown

'xz utils' Software Backdoor Uncovered in Years-Long Hacking Plot - UNICORN RIOT
A fascinating but ominous software story dropped on Friday: a widely used file compression software package called “xz utils” has a cleverly embedded system for backdooring shell login connections, and it’s unclear how far this dangerous package got into countless internet-enabled devices. It appears the persona that injected this played a long game, gaining the […]

Interesting #privacy issues found in iOS Safari - Could be used for easy tracking:
https://www.mysk.blog/2024/04/28/safari-tracking/

This https://arxiv.org/abs/2404.16116 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csCL_…

Classifying Human-Generated and AI-Generated Election Claims in Social Media
Politics is one of the most prevalent topics discussed on social media platforms, particularly during major election cycles, where users engage in conversations about candidates and electoral processes. Malicious actors may use this opportunity to disseminate misinformation to undermine trust in the electoral process. The emergence of Large Language Models (LLMs) exacerbates this issue by enabling malicious actors to generate misinformation at an unprecedented scale. Artificial intelligence (AI…

Malicious Reconfigurable Intelligent Surfaces: How Impactful can Destructive Beamforming be?
Steven Rivetti, Ozlem Tugfe Demir, Emil Bjornson, Mikael Skoglund
https://arxiv.org/abs/2402.13351

Malicious Reconfigurable Intelligent Surfaces: How Impactful can Destructive Beamforming be?
Reconfigurable intelligent surfaces (RISs) have demonstrated significant potential for enhancing communication system performance if properly configured. However, a RIS might also pose a risk to the network security. In this letter, we explore the impact of a malicious RIS on a multi-user multiple-input single-output (MISO) system when the system is unaware of the RIS's malicious intentions. The objective of the malicious RIS is to degrade the \ac{SNR} of a specific \ac{UE}, with the option of …

Free Proxies Unmasked: A Vulnerability and Longitudinal Analysis of Free Proxy Services
Naif MehannaUniversity of Lille, Inria Lille, Walter RudametkinUniversity of Rennes, IUF, Pierre LaperdrixCNRS, Inria Lille, Antoine VastelDatadome
https://arxiv.org/abs/2403.02445

Free Proxies Unmasked: A Vulnerability and Longitudinal Analysis of Free Proxy Services
Free-proxies have been widespread since the early days of the Web, helping users bypass geo-blocked content and conceal their IP addresses. Various proxy providers promise faster Internet or increased privacy while advertising their lists comprised of hundreds of readily available free proxies. However, while paid proxy services advertise the support of encrypted connections and high stability, free proxies often lack such guarantees, making them prone to malicious activities such as eavesdropp…

Researchers find malicious code in versions of the Linux compression tool XZ Utils that were incorporated into unstable distributions from Red Hat and Debian (Dan Goodin/Ars Technica)
https://arstechnica.com/security/2024/

Backdoor found in widely used Linux utility breaks encrypted SSH connections
Malicious code planted in xz Utils has been circulating for more than a month.

GitHub is under a major attack with millions of malicious repositories being created. https://reddit.com/r/cybersecurity/comments/1b3qr27/

Just stop using your computers. Hmm...
https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users

Urgent security alert for Fedora 41 and Fedora Rawhide users
Red Hat Information Risk and Security and Red Hat Product Security learned that the latest versions of the “xz” tools and libraries contain malicious code that appears to be intended to allow unauthorized access.

Peregrine: ML-based Malicious Traffic Detection for Terabit Networks
Jo\~ao Romeiras Amado, Francisco Pereira, David Pissarra, Salvatore Signorello, Miguel Correia, Fernando M. V. Ramos
https://arxiv.org/abs/2403.18788

Peregrine: ML-based Malicious Traffic Detection for Terabit Networks
Malicious traffic detectors leveraging machine learning (ML), namely those incorporating deep learning techniques, exhibit impressive detection capabilities across multiple attacks. However, their effectiveness becomes compromised when deployed in networks handling Terabit-speed traffic. In practice, these systems require substantial traffic sampling to reconcile the high data plane packet rates with the comparatively slower processing speeds of ML detection. As sampling significantly reduces t…

Don't miss today's packed Metacurity for the most important infosec developments you should know, including
--White House, FCC and Markey have connected car data practices in their crosshairs
--ALPHV claim of UnitedHealth attack appeared briefly,
--Epic Games and Ireland's DFA deny Mogilevich attacks,
-- Millions of malicious repos hit GitHub,
--Lazarus Group exploited AppLocker drive flaw,
-- Rhysida claims attack on children's hospital,
--Fake security warning hits 3D printers,
--Hackers target Calendly, Nearly $16 million stolen in trio of crypto hacks,
-- much more
https://www.metacurity.com/p/white-house-fcc-markey-connected-car-data-practices-crosshairs

This https://arxiv.org/abs/2403.03218 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csLG_…

The WMDP Benchmark: Measuring and Reducing Malicious Use With Unlearning
The White House Executive Order on Artificial Intelligence highlights the risks of large language models (LLMs) empowering malicious actors in developing biological, cyber, and chemical weapons. To measure these risks of malicious use, government institutions and major AI labs are developing evaluations for hazardous capabilities in LLMs. However, current evaluations are private, preventing further research into mitigating risk. Furthermore, they focus on only a few, highly specific pathways fo…

Transferring Troubles: Cross-Lingual Transferability of Backdoor Attacks in LLMs with Instruction Tuning
Xuanli He, Jun Wang, Qiongkai Xu, Pasquale Minervini, Pontus Stenetorp, Benjamin I. P. Rubinstein, Trevor Cohn
https://arxiv.org/abs/2404.19597 https://arxiv.org/pdf/2404.19597
arXiv:2404.19597v1 Announce Type: new
Abstract: The implications of backdoor attacks on English-centric large language models (LLMs) have been widely examined - such attacks can be achieved by embedding malicious behaviors during training and activated under specific conditions that trigger malicious outputs. However, the impact of backdoor attacks on multilingual models remains under-explored. Our research focuses on cross-lingual backdoor attacks against multilingual LLMs, particularly investigating how poisoning the instruction-tuning data in one or two languages can affect the outputs in languages whose instruction-tuning data was not poisoned. Despite its simplicity, our empirical analysis reveals that our method exhibits remarkable efficacy in models like mT5, BLOOM, and GPT-3.5-turbo, with high attack success rates, surpassing 95% in several languages across various scenarios. Alarmingly, our findings also indicate that larger models show increased susceptibility to transferable cross-lingual backdoor attacks, which also applies to LLMs predominantly pre-trained on English data, such as Llama2, Llama3, and Gemma. Moreover, our experiments show that triggers can still work even after paraphrasing, and the backdoor mechanism proves highly effective in cross-lingual response settings across 25 languages, achieving an average attack success rate of 50%. Our study aims to highlight the vulnerabilities and significant security risks present in current multilingual LLMs, underscoring the emergent need for targeted security measures.

This https://arxiv.org/abs/2402.16914 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csCR_…

DrAttack: Prompt Decomposition and Reconstruction Makes Powerful LLM Jailbreakers
The safety alignment of Large Language Models (LLMs) is vulnerable to both manual and automated jailbreak attacks, which adversarially trigger LLMs to output harmful content. However, current methods for jailbreaking LLMs, which nest entire harmful prompts, are not effective at concealing malicious intent and can be easily identified and rejected by well-aligned LLMs. This paper discovers that decomposing a malicious prompt into separated sub-prompts can effectively obscure its underlying malic…

Don't miss today's Metacurity for the most critical infosec developments you should know today, including
--Researchers stopped XZ Utils-Type malicious Actors targeting three JavaScript projects
--RansomHub starts leaking Change Healthcare data,
-- Hackers stole some Cisco Duo's customers' VoIP and SMS logs,
--Cryptojacker busted for stealing cloud services,
--Chirp Systems silent on smart lock vulnerability,
--Critics question Microsoft's incentive to improve security,
--FTC slams Cerebral for sharing customers' health info with advertisers,
--Ukraine hackers claim Russian drone developer breach,
--Palo Alto rolls out fixes for zero-day,
--much more
https://www.metacurity.com/p/researchers-stopped-xz-utilstype-malicious-actors-targeting-three-javascript-projects

Microsoft engineer Andres Freund accidentally found the malicious code in versions of the XZ Utils compression tool, likely preventing thousands of infections (Mike Larkin/Security Boulevard)
https://securityboulevard.com/2024/03/

An Accidental Discovery of a Backdoor Likely Prevented Thousands of Infections
... Read more » The post An Accidental Discovery of a Backdoor Likely Prevented Thousands of Infections appeared first on Deepfactor.

This https://arxiv.org/abs/2402.16914 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csCR_…

DrAttack: Prompt Decomposition and Reconstruction Makes Powerful LLM Jailbreakers
The safety alignment of Large Language Models (LLMs) is vulnerable to both manual and automated jailbreak attacks, which adversarially trigger LLMs to output harmful content. However, current methods for jailbreaking LLMs, which nest entire harmful prompts, are not effective at concealing malicious intent and can be easily identified and rejected by well-aligned LLMs. This paper discovers that decomposing a malicious prompt into separated sub-prompts can effectively obscure its underlying malic…

JailBreakV-28K: A Benchmark for Assessing the Robustness of MultiModal Large Language Models against Jailbreak Attacks
Weidi Luo, Siyuan Ma, Xiaogeng Liu, Xiaoyu Guo, Chaowei Xiao
https://arxiv.org/abs/2404.03027

JailBreakV-28K: A Benchmark for Assessing the Robustness of MultiModal Large Language Models against Jailbreak Attacks
With the rapid advancements in Multimodal Large Language Models (MLLMs), securing these models against malicious inputs while aligning them with human values has emerged as a critical challenge. In this paper, we investigate an important and unexplored question of whether techniques that successfully jailbreak Large Language Models (LLMs) can be equally effective in jailbreaking MLLMs. To explore this issue, we introduce JailBreakV-28K, a pioneering benchmark designed to assess the transferabil…

“SubdoMailing” — Thousands of Hijacked Major-Brand Subdomains Found Bombarding Users With Millions of Malicious Emails
https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935

This https://arxiv.org/abs/2403.03149 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csCR_…

Robust Federated Learning Mitigates Client-side Training Data Distribution Inference Attacks
Recent studies have revealed that federated learning (FL), once considered secure due to clients not sharing their private data with the server, is vulnerable to attacks such as client-side training data distribution inference, where a malicious client can recreate the victim's data. While various countermeasures exist, they are not practical, often assuming server access to some training data or knowledge of label distribution before the attack. In this work, we bridge the gap by proposing I…

Researchers detail a spam campaign using hijacked abandoned domains and subdomains from reputable brands like eBay and VMware to send ~5M malicious emails daily (Bill Toulas/BleepingComputer)
https://www.bleepingcomputer.com/news/secu

Don't miss today's Metacurity for the crucial infosec developments you might have missed over the weekend, including
--LockBit reappears, threatens to release Fulton County data by March 2 unless ransom is paid,
--Attackers actively exploit ScreenConnect servers to deploy LockBit ransomware,
--Crypto wallets show LockBit received $125 million,
--RCMP copes with cyber event,
--MicroStrategy X account hacked to steal $440K in Bitcoin,
--Hackers stole $9.7m from Axie Infinity co-founder,
--Malicious JavaScript smuggled into Tornado Cash governance proposal,
--Facial recognition data collected by M&M vending machines,
--Auto industry knew of theft risk from keyless tech,
--Biden rival consultant created voice-cloned Biden call,
--much more
https://www.metacurity.com/p/lockbit-reappears-threatens-release-fulton-county-data-march-2-unless-ransom-paid

Resecurity: in Q1, malicious cyber activities targeting the Philippines, including cyberattacks and misinfo campaigns, were up 300% YoY, as China tensions rise (Pierluigi Paganini/Security Affairs)
https://securityaffairs.com/161909/int

Misinformation and hacktivist campaigns targeting the Philippines skyrocket
Amidst rising tensions with China in the SCS, Resecurity observed a spike in malicious cyber activity targeting the Philippines in Q1 2024.

Exploring Emerging Trends in 5G Malicious Traffic Analysis and Incremental Learning Intrusion Detection Strategies
Zihao Wang, Kar Wai Fok, Vrizlynn L. L. Thing
https://arxiv.org/abs/2402.14353

Exploring Emerging Trends in 5G Malicious Traffic Analysis and Incremental Learning Intrusion Detection Strategies
The popularity of 5G networks poses a huge challenge for malicious traffic detection technology. The reason for this is that as the use of 5G technology increases, so does the risk of malicious traffic activity on 5G networks. Malicious traffic activity in 5G networks not only has the potential to disrupt communication services, but also to compromise sensitive data. This can have serious consequences for individuals and organizations. In this paper, we first provide an in-depth study of 5G tec…

Exploring Emerging Trends in 5G Malicious Traffic Analysis and Incremental Learning Intrusion Detection Strategies
Zihao Wang, Kar Wai Fok, Vrizlynn L. L. Thing
https://arxiv.org/abs/2402.14353

Exploring Emerging Trends in 5G Malicious Traffic Analysis and Incremental Learning Intrusion Detection Strategies
The popularity of 5G networks poses a huge challenge for malicious traffic detection technology. The reason for this is that as the use of 5G technology increases, so does the risk of malicious traffic activity on 5G networks. Malicious traffic activity in 5G networks not only has the potential to disrupt communication services, but also to compromise sensitive data. This can have serious consequences for individuals and organizations. In this paper, we first provide an in-depth study of 5G tec…

The UK says Chinese state-affiliated actors were responsible for a "malicious cyber campaign" on the country's Electoral Commission between 2021 and 2022 (Ryan Browne/CNBC)
https://www.cnbc.com/2024/03/25/britain-bl

Effective Malware Detection for Embedded Computing Systems with Limited Exposure
Sreenitha Kasarapu, Sanket Shukla, Rakibul Hassan, Avesta Sasan, Houman Homayoun, Sai Manoj Pudukotai Dinakarrao
https://arxiv.org/abs/2404.02344

Effective Malware Detection for Embedded Computing Systems with Limited Exposure
One of the pivotal security threats for the embedded computing systems is malicious software a.k.a malware. With efficiency and efficacy, Machine Learning (ML) has been widely adopted for malware detection in recent times. Despite being efficient, the existing techniques require a tremendous number of benign and malware samples for training and modeling an efficient malware detector. Furthermore, such constraints limit the detection of emerging malware samples due to the lack of sufficient malw…

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two companies and four individuals involved in malicious cyber activity on behalf of the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC).
https://home.treasury.gov/news/press-releases/jy2292#:~:text=WASHINGTON — Today, the U.S. Department,Command (IRGC-CEC).

Exploring Backdoor Vulnerabilities of Chat Models
Yunzhuo Hao, Wenkai Yang, Yankai Lin
https://arxiv.org/abs/2404.02406 https://arxiv…

Exploring Backdoor Vulnerabilities of Chat Models
Recent researches have shown that Large Language Models (LLMs) are susceptible to a security threat known as Backdoor Attack. The backdoored model will behave well in normal cases but exhibit malicious behaviours on inputs inserted with a specific backdoor trigger. Current backdoor studies on LLMs predominantly focus on instruction-tuned LLMs, while neglecting another realistic scenario where LLMs are fine-tuned on multi-turn conversational data to be chat models. Chat models are extensively ad…

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two companies and four individuals involved in malicious cyber activity on behalf of the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC).
https://home.treasury.gov/news/press-releases/jy2292#:~:text=WASHINGTON — Today, the U.S. Department,Command (IRGC-CEC).

Designing a Photonic Physically Unclonable Function Having Resilience to Machine Learning Attacks
Elena R. Henderson, Jessie M. Henderson, Hiva Shahoei, William V. Oxford, Eric C. Larson, Duncan L. MacFarlane, Mitchell A. Thornton
https://arxiv.org/abs/2404.02440

Designing a Photonic Physically Unclonable Function Having Resilience to Machine Learning Attacks
Physically unclonable functions (PUFs) are designed to act as device 'fingerprints.' Given an input challenge, the PUF circuit should produce an unpredictable response for use in situations such as root-of-trust applications and other hardware-level cybersecurity applications. PUFs are typically subcircuits present within integrated circuits (ICs), and while conventional IC PUFs are well-understood, several implementations have proven vulnerable to malicious exploits, including those perpetrate…

Assessing LLMs in Malicious Code Deobfuscation of Real-world Malware Campaigns
Constantinos Patsakis, Fran Casino, Nikolaos Lykousas
https://arxiv.org/abs/2404.19715 https://arxiv.org/pdf/2404.19715
arXiv:2404.19715v1 Announce Type: new
Abstract: The integration of large language models (LLMs) into various pipelines is increasingly widespread, effectively automating many manual tasks and often surpassing human capabilities. Cybersecurity researchers and practitioners have recognised this potential. Thus, they are actively exploring its applications, given the vast volume of heterogeneous data that requires processing to identify anomalies, potential bypasses, attacks, and fraudulent incidents. On top of this, LLMs' advanced capabilities in generating functional code, comprehending code context, and summarising its operations can also be leveraged for reverse engineering and malware deobfuscation. To this end, we delve into the deobfuscation capabilities of state-of-the-art LLMs. Beyond merely discussing a hypothetical scenario, we evaluate four LLMs with real-world malicious scripts used in the notorious Emotet malware campaign. Our results indicate that while not absolutely accurate yet, some LLMs can efficiently deobfuscate such payloads. Thus, fine-tuning LLMs for this task can be a viable potential for future AI-powered threat intelligence pipelines in the fight against obfuscated malware.

This https://arxiv.org/abs/2311.14496 has been replaced.
link: https://scholar.google.com/scholar?q=a

RTPS Attack Dataset Description
This paper explains all about our RTPS datasets. We collect malicious/benign packet data by injecting attack data in an Unmanned Ground Vehicle (UGV) in the normal state. We assembled the testbed, consisting of UGV, Controller, PC, and Router. We collect this dataset in the UGV part of our testbed. We conducted two types of attack "Command Injection" and "Command Injection with ARP Spoofing" on our testbed. The data collection time is 180, 300, 600, and 1200. The scenario has 30 each on colle…

This https://arxiv.org/abs/2311.14496 has been replaced.
link: https://scholar.google.com/scholar?q=a

RTPS Attack Dataset Description
This paper explains all about our RTPS datasets. We collect malicious/benign packet data by injecting attack data in an Unmanned Ground Vehicle (UGV) in the normal state. We assembled the testbed, consisting of UGV, Controller, PC, and Router. We collect this dataset in the UGV part of our testbed. We conducted two types of attack "Command Injection" and "Command Injection with ARP Spoofing" on our testbed. The data collection time is 180, 300, 600, and 1200. The scenario has 30 each on colle…

Merchants of Vulnerabilities: How Bug Bounty Programs Benefit Software Vendors
Esther Gal-Or, Muhammad Zia Hydari, Rahul Telang
https://arxiv.org/abs/2404.17497

Merchants of Vulnerabilities: How Bug Bounty Programs Benefit Software Vendors
Software vulnerabilities enable exploitation by malicious hackers, compromising systems and data security. This paper examines bug bounty programs (BBPs) that incentivize ethical hackers to discover and responsibly disclose vulnerabilities to software vendors. Using game-theoretic models, we capture the strategic interactions between software vendors, ethical hackers, and malicious hackers. First, our analysis shows that software vendors can increase expected profits by participating in BBPs, e…

This https://arxiv.org/abs/2405.00426 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csCR_…

On the Potential of RIS in the Context of PLA in Wireless Communication Systems
Re-configurable Intelligent Surfaces (RIS) technology has proven itself a promising candidate for the next generation of wireless networks through its enhanced performance in terms of throughput, spectral, and energy efficiency. However, the broadcast nature of RIS-assisted wireless communication makes it vulnerable to malicious attacks at the physical layer. On the other hand, physical layer authentication is an emerging area in the security domain to thwart different attacks such as cloning, …

Multicore DRAM Bank-& Row-Conflict Bomb for Timing Attacks in Mixed-Criticality Systems
Antonio Savino, Gautam Gala, Marcello Cinque, Gerhard Fohler
https://arxiv.org/abs/2404.01910

Multicore DRAM Bank-& Row-Conflict Bomb for Timing Attacks in Mixed-Criticality Systems
With the increasing use of multicore platforms to realize mixed-criticality systems, understanding the underlying shared resources, such as the memory hierarchy shared among cores, and achieving isolation between co-executing tasks running on the same platform with different criticality levels becomes relevant. In addition to safety considerations, a malicious entity can exploit shared resources to create timing attacks on critical applications. In this paper, we focus on understanding the shar…

This https://arxiv.org/abs/2404.04991 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csCR_…

OSS Malicious Package Analysis in the Wild
The open-source software (OSS) ecosystem suffers from various security threats and risks, and malicious packages play a central role in software supply chain (SSC) attacks. Although malware research has a history of over thirty years, less attention has been paid to OSS malware. Its existing research has three limitations: a lack of high-quality datasets, malware diversity, and attack campaign context. In this paper, we first build and curate the largest dataset of 23,425 malicious packages fro…

Certified Adversarial Robustness of Machine Learning-based Malware Detectors via (De)Randomized Smoothing
Daniel Gibert, Luca Demetrio, Giulio Zizzo, Quan Le, Jordi Planes, Battista Biggio
https://arxiv.org/abs/2405.00392

Certified Adversarial Robustness of Machine Learning-based Malware Detectors via (De)Randomized Smoothing
Deep learning-based malware detection systems are vulnerable to adversarial EXEmples - carefully-crafted malicious programs that evade detection with minimal perturbation. As such, the community is dedicating effort to develop mechanisms to defend against adversarial EXEmples. However, current randomized smoothing-based defenses are still vulnerable to attacks that inject blocks of adversarial content. In this paper, we introduce a certifiable defense against patch attacks that guarantees, for …

The Reversing Machine: Reconstructing Memory Assumptions
Mohammad Sina Karvandi, Soroush Meghdadizanjani, Sima Arasteh, Saleh Khalaj Monfared, Mohammad K. Fallah, Saeid Gorgin, Jeong-A Lee, Erik van der Kouwe
https://arxiv.org/abs/2405.00298

The Reversing Machine: Reconstructing Memory Assumptions
Existing anti-malware software and reverse engineering toolkits struggle with stealthy sub-OS rootkits due to limitations of run-time kernel-level monitoring. A malicious kernel-level driver can bypass OS-level anti-virus mechanisms easily. Although static analysis of such malware is possible, obfuscation and packing techniques complicate offline analysis. Moreover, current dynamic analyzers suffer from virtualization performance overhead and create detectable traces that allow modern malware t…

On the Potential of RIS in the Context of PLA in Wireless Communication Systems
Hama Amin, Waqas Aman, Saif Al-Kuwari
https://arxiv.org/abs/2405.00426 http…

On the Potential of RIS in the Context of PLA in Wireless Communication Systems
Re-configurable Intelligent Surfaces (RIS) technology has proven itself a promising candidate for the next generation of wireless networks through its enhanced performance in terms of throughput, spectral, and energy efficiency. However, the broadcast nature of RIS-assisted wireless communication makes it vulnerable to malicious attacks at the physical layer. On the other hand, physical layer authentication is an emerging area in the security domain to thwart different attacks such as cloning, …