CramHacks Chronicles #21: Weekly Cybersecurity Newsletter!

🥳 Happy Monday! 🥳

Thus far, we’ve amassed more than 250 subscribers interested in software supply chain security. However, my interests don’t exclusively rest within supply chain security; I’m sure yours don’t either!

In today’s newsletter, we go beyond software supply chain security. I hope you enjoy this new format, and please do let me know your thoughts.

I hope this new format attracts folks from all walks of life in cybersecurity. Building off the community we’ve established thus far.

Table of Contents

• Application Security

• AI/ML Security

• Cloud Security

• Miscellaneous

• Personal Security

• Software Supply Chain Security

• Until Next Time! 👋

Application Security

Over 5,300 GitLab servers exposed to zero-click account takeover attacks
BleepingComputer’s Bill Toulas notes that over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, an unauthenticated account takeover vulnerability announced earlier this month. Fortunately, the vulnerability does not evade multi-factor authentication requirements for those who have enforced it.

👋 Multi-factor authentication (MFA) is a single layer. Do not rely on this! If you’re managing a vulnerable GitLab instance, get to upgrading.

GitHub Actions Pipeline Enumeration and Attack Tool
“Gato, or GitHub Attack Toolkit, is an enumeration and attack tool that allows both blue teamers and offensive security practitioners to identify and exploit pipeline vulnerabilities within a GitHub organization's public and private repositories.”

👋 This tool has been published by the authors of the One Supply Chain Attack to Rule Them All attack vector.

AI/ML Security

OpenAI drops ban on military tools to partner with the Pentagon
“Last week, OpenAI removed language in its usage policy that would ban its AI from being used in “military and warfare” applications, sparking alarm among AI safety advocates.”

👋 OpenAI’s Anna Makanju, VP of Global Affairs, stated that the company will retain its ban on developing weapons. There are current discussions with the U.S. government about developing tools to reduce veteran suicides.

Exploring the Vulnerabilities of AI: A Universal Prompt Injection Attack in the GPT Store
Andrew Horton, CTO of ThreatCanary, discusses “pre-prompts,” which are the instructions prepended to whatever you type in. As ChatGPT has recently released the GPT Store, many GPTs are susceptible and enable users to disclose the inner workings via prompt injection.

👋 Shoutout to Jeff Williams for sharing this on LinkedIn and showing a simple proof of concept for disabling OpenAI’s guardian tool.

A Chevy for $1? Car dealer chatbots show perils of AI for customer service
Chris Bakke takes Chevrolet of Watsonville for a ride and uses a pseudo prompt injection attack to make the chatbot agree to sell Chris a 2024 Chevy Tahoe for USD 1.00. Screenshots of the chat here.

👋 The modern-day equivalent of modifying a website’s HTML 😆.

Cloud Security

Sys:All: How A Simple Loophole in Google Kubernetes Engine Puts Clusters at Risk of Compromise
The Orca Research Pod has discovered a loophole, Sys:All, which leaves more than 1 million misconfigured Google Kubernetes Engine (GKE) clusters vulnerable, potentially to full compromise, without leaving a trail.

The crux of this issue is that the GKE system:authenticated group includes any user with a valid Google account. Administrators who do not recognize this may bind the group to permissive roles, thinking it is safe.

👋 This is the intended behavior; however, I would agree that it is misleading. I likely would have assumed it was authenticated users within my organization 🤷‍♂️.

Obtaining AWS account ID from access keys
Tal Be’ery brings awareness to the lack of public documentation regarding the AWS authentication and authorization system. Tal determined that an AWS account ID can be derived from an access key using a simple script provided here.

Miscellaneous

Midnight Blizzard: Guidance for responders on nation-state attack
The Microsoft security team detected a nation-state attack on corporate systems on January 12, 2024, discovering that in later November 2023, a legacy non-production test tenant account was compromised via a password spray attack. The SEC notice can be read here.

The attack chain looked like this:

1. Password Spray → compromised user account with no MFA

2. identify and compromise a legacy test OAuth application with elevated access to the Microsoft corporate environment

3. Create additional malicious OAuth applications

4. Create a new user account to grant consent in the Microsoft corporate environment to the actor-controlled malicious OAuth applications

5. Use the legacy test OAuth application to grant them the Office 365 Exchange Online full_access_as_app role, which allows access to mailboxes

👋In my opinion, malicious actors are abusing OAuth applications, Graph API, and impersonation because most system administrators and information security professionals aren’t very comfortable with it. Additionally, audit trails, logging, and detection are subpar - this is something Microsoft has to do better at.

Personal Security

About Stolen Device Protection for iPhone
“When Stolen Device Protection is enabled, certain actions have additional security requirements when your iPhone is away from familiar locations such as home or work.”

👋 Follow the instructions here to enable Stolen Device Protection! There seems to be a growing trend of thieves stealing devices after witnessing a victim enter their pins.

NSA Admits Secretly Buying Your Internet Browsing Data without Warrants
As per U.S. Senator Ron Wyden, the NSA has admitted that they have leveraged data brokers to buy internet browsing records to identify websites and apps Americans use that would otherwise require a court order. 🕵️

Software Supply Chain Security

Guidance: Assembling a Group of Products for SBOM
CISA provided the following list of required information when describing a product line with a build SBOM:

1. Determine an identifier to use

2. Determine a versioning system to use with that identifier

3. List all the product’s components that are being distributed together as a group

4. Provide a version number for each component

5. Provide a reference to the build SBOM that generated each component image included in the product group as part of the PLB-SBOM

👋 Number 5 🤔. If you're working on a large project, there's a good chance you have 10,000 or even 100,000+ components. Rounding up, 100% of which won't have a readily available SBOM to reference. That's going to be a problem.

Do you know if all your repositories have up-to-date dependencies?
The GitHub Action Evergreen makes it easy to deploy Dependabot version updates throughout your organization, across all your repositories.

👋 I personally wouldn’t want Dependabot enabled on all my repositories, but if dependency management falls under your purview and you need to deploy Dependabot at scale, this may be the tool for you!

licenses.dev
Super simple web app for analyzing all licenses within a dependency graph.

Until Next Time! 👋 

Hey, you made it to the bottom – thanks for sticking around!

Questions, ideas, or want to chat? Slide into my inbox! 💌

Don’t hesitate to forward if someone could benefit from this.

See you next Monday!
-Kyle