Robert Grupe's AppSecNewsBits 2025-02-01

EPIC FAILS in Application Development Security practice processes, training, implementation, and incident response

DeepSeek’s chat histories and internal data were publicly exposed
An analytical ClickHouse database tied to DeepSeek, completely open and unauthenticated, contained more than 1 million instances of chat history, backend data, and sensitive information, including log streams, API secrets, and operational details.
An open web interface also allowed for full database control and privilege escalation, with internal API endpoints and keys available through the interface and common URL parameters.
[rG: It is staggering that a major public release product didn't include security vulnerabilty and advesarial attack testing as part of its production release process. Sadly, this poor quality S/SSDLC isn't uncommon.]

Ransomware attack at New York blood services provider – donors turned away during shortage crisis
NYBCe supplies over 1 million blood products to more than 400 hospitals and medical facilities across New York, New Jersey, and 15 other states every year. The organization still doesn't know when it will be back up and running fully. It said it's trying to restore as soon as possible, but only when it's safe to do so.
The incident, which hasn't yet been claimed by a known cybercrime group, has led to the cancellation of blood donor and blood drive appointments. These will be rescheduled for a later date.
The attack comes amid pre-existing urgent appeals for blood donors as reserves reach critically low levels. The healthcare industry is frequently targeted by cybercriminals, however. The golden combination of limited IT budgets, legacy tech, and the demand for constant uptime makes hospitals and their critical suppliers like NYBCe the perfect targets for ransomware.
Nearly 400 US healthcare organizations were hit by ransomware last year, with downtime costs running as high as $900,000 a day.
[rG: Operational processes and systems need to be designed to be resilient against technology attacks and point of failures; with non-electronic temporary replace work-around processes. Automation is a valuable productivity enabler, but mission critial service delivery needs to have backup manual failovers. During system security design reviews, analysts should ask about impacts and alternatives for components thare are corrupted and can't be restored within 24-hours.]

US healthcare provider data breach impacts 1 million patients
Unknown attackers gained access to its network in mid-October 2024, a breach discovered more than two months later, on January 2, 2025.
While the threat actors stole files containing patients' personal and health information belonging to 1,060,936 individuals, the healthcare organization says they didn't encrypt any compromised systems and that the security breach didn't impact its operations.

Globe Life data breach may impact an additional 850,000 clients
Globe Life was founded in 1900 and is one of the largest providers of life and health insurance plans in the United States. The threat actor accessed specific databases maintained by a few independent agency owners that held personal data of about 850,000 people.
On June 13, 2024, the company discovered during a security review of its networks that it had been compromised by hackers who had gained unauthorized access to one of its web portals.
Globe Life shared in October the first results of its investigation, which was assisted by external cybersecurity experts, pointing to a small-scale breach at its subsidiary, American Income Life Insurance Company. The assessment at the time was that the incident affected approximately 5,000 individuals.
The company has shared the latest results of the investigation into the data breach in a new filing with the U.S. Securities and Exchange Commission (SEC), and says that the threat actor accessed specific databases maintained by a few independent agency owners that held personal data of about 850,000 people.

Backdoor found in two healthcare patient monitors, linked to IP in China
The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 and Epsimed MN-120 devices include a backdoor that quietly sends patient data to a remote IP address and downloads and executes files on the device.
The researchers discovered anomalous network traffic to a hard-coded external IP address, which is not associated with the company but rather a Chinese university.
This led to the discovery of a backdoor in the company's firmware that would quietly download and execute files on the device, allowing for remote execution and the complete takeover of the patient monitors.
It was also discovered that the device would quietly send patient data to the same hard-coded address when devices were started.
None of this activity was logged, causing the malicious activity to be conducted secretly without alerting administrators of the devices.
Patient data is typically transmitted across a network using the Health Level 7 (HL7) protocol. However, these devices sent the data to the remote IP over port 515, which is usually associated with the Line Printer Daemon (LPD) protocol.

Hackers exploit critical unpatched flaw in Zyxel CPE devices
Hackers are exploiting a critical command injection vulnerability in Zyxel CPE Series devices that is currently tracked as CVE-2024-40891 and remains unpatched since last July. The vulnerability allows unauthenticated attackers to execute arbitrary commands using the ‘supervisor’ or ‘zyuser’ service accounts.

Mizuno USA says hackers stayed in its network for two months
Mizuno USA manufactures and distributes golf, running, baseball, volleyball, softball, swimming, and tennis equipment, apparel, and footwear for North America. The investigation found that unknown attackers breached some of its systems and exfiltrated documents containing personal information belonging to an undisclosed number of individuals.
"The investigation determined that certain systems within the network were accessed by an unknown individual and files were copied without authorization periodically between August 21, 2024 and October 29, 2024," Mizuno says.
The company said it detected suspicious activity on its network on November 6, 2024.
The BianLian ransomware gang claimed the attack in early November.
Mizuno then undertook a detailed review of the relevant files to determine what information was present and to whom it relates. This review was completed on December 18, 2024.
Consumers were notified January 30, 2025.
In early February 2022, Mizuno USA was also hit by a ransomware attack that caused widespread business disruption, including phone outages, order delays, and website issues.

Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics
"Time Bandit," allows you to bypass OpenAI's safety guidelines when asking for detailed instructions on sensitive topics, including the creation of weapons, information on nuclear topics, and malware creation.
The trick is to ask ChatGPT a question in a certain way so it becomes confused by what year it is in.
You can then ask the LLM to share information about a sensitive topic in the timeframe of a particular year but using tools, resources, or information from the present time. This causes the LLM to get confused and, when asked ambiguous prompts, share detailed information on the normally safeguarded topics.
After realizing the significance of what he found and the potential harm it could cause, the researcher anxiously contacted OpenAI but was not able to get in touch with anyone to disclose the bug. He was referred to BugCrowd to disclose the flaw, but he felt that the flaw and the type of information it could reveal were too sensitive to file in a report with a third-party.
However, after contacting CISA, the FBI, and government agencies, and not receiving help, Kuszmar stated he grew increasingly anxious.

New Jailbreaks Allow Users to Manipulate GitHub Copilot
The first trick involves embedding chat interactions inside of Copilot code, taking advantage of the AI's instinct to be helpful in order to get it to produce malicious outputs. A developer could use this trick to generate malware, or malicious outputs of other kinds, like instructions on how to engineer a bioweapon. Or, perhaps, they could use Copilot to embed these sorts of malicious behaviors into their own chatbot, then distribute it to the public. The second method focuses on rerouting Copilot through a proxy server in order to communicate directly with the OpenAI or other models it integrates with.

Wacom says crooks probably swiped customer credit cards from its online checkout
Wacom makes no mention of the number of people affected, nor who is thought to have carried it out and how. But the stated date range does make it look rather like the corp waited three weeks after discovering the intrusion to actually tell punters about it.
Wacom uses Magento for its e-commerce, which leads us to speculate someone exploited something like the CosmicSting vulnerability in that software to infect the dot-com's checkout pages and make off with netizens' credit card numbers.
Officially dubbed CVE-2024-34102, the now-patched flaw was used to steal bank card data as victims made purchases from over 4,000 online merchants in 2024, according to estimates. The XXE (XML External Entity) vulnerability scores 9.8 out of 10 on the CVSS severity scale. Ray-Ban, National Geographic, Whirlpool, and Segway - among others - all had their web ordering pages infected via the flaw.
At least seven criminal gangs were known to be abusing the bug in the wild, each using their own exploit implementations.
[rG: Had they used daily SCA vulnerability scanning, this attack could been avoided or minimized significantly.]

Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet
A new variant of the Mirai-based malware Aquabot is actively exploiting a vulnerability in Mitel phones to build a remote-controlled botnet. In case an army of office phones firing off distributed denial of service (DDoS) attacks against individuals or critical organizations isn't concerning enough, this latest strain, dubbed Aquabotv3, apparently has a never-seen-before capability that reports back to its command-and-control server when it catches a kill signal – an attempt to terminate the malware – on an infected device.
Aquabotv3 has been spotted exploiting CVE-2024-41710, a command injection vulnerability that affects some Mitel phones. Specifically the bug is present in the Mitel 6800, 6900, and 6900w series of SIP desk phones, including the 6970 Conference Unit, through firmware R6.4.0.HF1 (R6.4.0.136). It was patched in July last year. The NIST CVE database entry for the flaw says it can be exploited across a network by an authenticated attacker with administrative privileges to execute arbitrary operating-system commands, giving the miscreant full root-level control over the device.
We guess the authentication requirement for exploitation isn't a terribly high barrier as far too many owners of IP phones don't change the management username and password from the defaults.
Packetlabs' researcher Kyle Burns, who found and reported the vulnerability to Mitel, published last August details of a proof-of-concept (PoC) attack in which a HTTP POST request to 8021xsupport.html on a vulnerable phone's web-based control interface can overwrite a configuration file on the device so that during its next boot, it executes commands injected by the attacker in that request.

OPM sued over privacy concerns with new government-wide email system
OPM is testing “a new capability” to reach all federal employees — a departure from staffers typically being contacted directly by their agency’s human resources department.
Federal agencies have separately been directed to send Scales a list of all employees still on their one-year probationary status, and therefore easier to remove from government.
The suit says the actions violate the E-Government Act of 2002, which requires a Privacy Impact Assessment before pushing ahead with creation of databases that store personally identifiable information.
They can’t do that because they have not given anybody any reason to believe that this server is secure….that this server is storing this information in the proper format that would prevent it from being hacked.
[rG: "Haste makes waste". Neglecting Secure System Development LIfe Cycle (SSDLC: NIST 218) process design reviews and testing result in embarrassly avoidable security deficiencies that are expensive to remediate).]

What's Week This Weak

• Apple Multiple Products Use-After-Free Vulnerability: Apple iOS, macOS, and other Apple products contain a user-after-free vulnerability that could allow a malicious application to elevate privileges.

• SonicWall SMA1000 Appliances Deserialization Vulnerability: SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacker to execute arbitrary OS commands.

• JQuery Cross-Site Scripting (XSS) Vulnerability: JQuery contains a persistent cross-site scripting (XSS) vulnerability. When passing maliciously formed, untrusted input enclosed in HTML tags, JQuery's DOM manipulators can execute untrusted code in the context of the user's browser. 

HACKING
Another banner year for ransomware gangs despite takedowns by the cops
Last year broke previous years' ransomware records with 5,263 observed attacks - a 15 percent year-over-year jump.
The industrial sector was the most targeted overall in 2024, with 1,424 observed attacks compared to 1,240 in 2023.
NCC attributes the overall increase in attacks during 2024 to several factors: Buggy, exploitable products; compromised credentials; geopolitical tensions; an increase in ransomware-as-a-service offerings, which makes it easier for less technically savvy criminals to get in the game; and a high return on investment for the crooks. Attacks have become more profitable due to increasing cryptocurrency values further escalating these threats.
We expect to see a continued increase in attack numbers, in line with the incline observed since 2021.

Infrastructure Laundering: Blending in with the Cloud
Silent Push found Funnull is using dozens of the same Amazon and Microsoft cloud Internet addresses forwarding Funnull traffic through a dizzying chain of auto-generated domain names before redirecting malicious or phishous websites.
It’s crucial for global hosting companies based in the West to wake up to the fact that extremely low quality and suspicious web hosts based out of China are deliberately renting IP space from multiple companies and then mapping those IPs to their criminal client websites. We need these major hosts to create internal policies so that if they are renting IP space to one entity, who further rents it to host numerous criminal websites, all of those IPs should be reclaimed and the CDN who purchased them should be banned from future IP rentals or purchases.

“Just give me the f***ing links!”—Cursing disables Google’s AI overviews
Users should also keep in mind, though, that the actual web link results to a query can change significantly when curse words are inserted, especially if SafeSearch is turned off.
Adding "&udm=14" to the search URL would get rid of both the AI Overviews and the "Web Snippets." A little fiddling with browser settings or plug-ins can even get this URL parameter inserted automatically into every search.
Appending the string "-ai" to a search (without quotes) seems to also turn off AI Overviews in the results, as has appending practically any other text string after a minus sign at the end of a search.

How one YouTuber is trying to poison the AI bots stealing her content
There is a rising trend of so-called "faceless YouTube channels" that never feature a visible human talking in the video frame. While some of these channels are simply authored by camera-shy humans, many more are fully automated through AI-powered tools to craft everything from the scripts and voiceovers to the imagery and music. Unsurprisingly, this is often sold as a way to make a quick buck off the YouTube algorithm with minimal human effort.
It's not hard to find YouTubers complaining about a flood of these faceless channels stealing their embedded transcript files and running them through AI summarizers to generate their own instant knock-offs.
But one YouTuber is trying to fight back, seeding her transcripts with junk data that is invisible to humans but poisonous to any AI that dares to try to work from a poached transcript file.
The key to YouTuber F4mi's method is the .ass subtitle format, created decades ago as part of fansubbing software Advanced SubStation Alpha. Unlike simpler and more popular subtitle formats, .ass supports fancy features like fonts, colors, positioning, bold, italic, underline, and more. When those transcript files were fed into popular AI summarizer sites, that junk text ended up overwhelming the actual content, creating a totally unrelated script that would be useless to any faceless channel trying to exploit it.
This method is far from foolproof. For one, tools like OpenAI's Whisper that actually listen to the audio track can still generate usable transcripts without access to a caption file. And an AI-powered screen reader could still likely extract the human-readable subtitles from any video quite easily.

New Syncjacking attack hijacks devices using Chrome extensions
The attack begins with the creation of a malicious Google Workspace domain where the attacker sets up multiple user profiles with security features such as multi-factor authentication disabled. A browser extension, made to appear as a useful tool with legitimate functionality, is then published on the Chrome Web Store.
Victims install the extension, which then quietly logs them into one of the attacker's managed Google Workspace profiles in a hidden browser window running in the background. The extension then opens a legitimate Google support page. As it has Read and Write privileges to webpages, it injects content into the page, telling the user to enable Chrome sync.
Once synced, all stored data, including passwords and browsing history, becomes accessible to the attacker, who can now use the compromised profile on their own device.

Hackers Are Using Google To Steal Microsoft Passwords
Sponsored results on Google for searches of Microsoft Ads returned ads containing malicious links that had slipped through Google’s strict protections.

CISA How Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications 

APPSEC, DEVSECOPS, DEV

7 top cybersecurity projects for 2025 

1. Secure AI deployments and related data

2. Adopt third-party risk management

3. Safeguard data exposed to third-party AI tools

4. Strengthen compliance with a unified risk management strategy

5. Establish asset visibility and strong cloud governance

6. Commit to trust-by-design methodologies

7. Build an integrated cyber-storage foundation 

DevOps in 2025: Trends, Tools, and Best Practices
Emerging Trends in DevOps

• AI and ML Integration
  Platform Engineering
  DevSecOps Maturity
  FinOps for Cost Optimization
  Serverless and Edge Computing

• Tools That Will Define DevOps in 2025
  AI-Driven Monitoring
  Container Orchestration
  CI/CD Pipelines
  Infrastructure as Code (IaC)

• Cloud-Native Development Best Practices for 2025
  Automate Everything
  Foster a Collaborative Culture
  Embed Security Early
  Real-Time Observability
  Continuous Learning

The Big Short method to risk communication
Executives don't want to be bogged down by technical jargon; they want to understand the business impact and how risks are being proactively addressed.
In the file "The Big Short", filmmakers use simple metaphors to explain complex financial concepts - like comparing subprime mortgages to bad bets at a casino. This approach works because it makes the abstract tangible.

• Here's how you can apply the same principle in cybersecurity

• Quantify risks with data executives care about

• Share actionable insights from continuous testing

• Use analogies and visuals to simplify complex concepts

• Frame risks in terms of business impact

Automated Pen Testing Is Improving — Slowly
New pen testers finally understand Web applications — hooray!
They can attack them both from inside and outside the perimeter. This is a welcome development, but they still have teething issues. They'll find vulnerabilities that are obvious enough, but on a vulnerable box weren't able to detect even blatant SQLi or validate potential XSS vulnerabilities to weed out false positives.
As the cloud is a relatively new sphere for these tools, they can struggle. Unless they are given an assumed role, they won't find much at all. What's worse, they will flag the fact that they've assumed an IAM role a vulnerability itself — this would be like giving pen testers local admin abilities so they can begin a pen test and them pointing out your security is bad because you've just given them local admin.
Automated pen testers also struggle to enumerate their own network when they are given access — machines that are obviously on the same virtual private cloud (VPC) or virtual LAN (VLAN) will be ignored or scanned haphazardly.

VENDORS & PLATFORMS

How does DeepSeek R1 really fare against OpenAI’s best reasoning models? 
While we'd love to declare a clear winner in the brewing AI battle here, the results are too scattered to do that. DeepSeek's R1 model definitely distinguished itself by citing reliable sources to identify the billionth prime number and with some quality creative writing in the dad jokes and Abraham Lincoln's basketball prompts.
However, the model failed on the hidden code and complex number set prompts, making basic errors in counting and/or arithmetic that one or both of the OpenAI models avoided.
Overall, though, we came away from these brief tests convinced that DeepSeek's R1 model can generate results that are overall competitive with the best paid models from OpenAI.

The questions the Chinese government doesn’t want DeepSeek AI to answer
After running those prompts through DeepSeek R1, PromptFoo found that a full 85 percent were answered with repetitive "canned refusals" that override the internal reasoning of the model with messages strongly promoting the Chinese government's views. "Any actions that undermine national sovereignty and territorial integrity will be resolutely opposed by all Chinese people and are bound to be met with failure," reads one such canned refusal to a prompt regarding pro-independence messages in Taipei, in part.
Continuing its analysis, though, PromptFoo found that these kinds of restrictions can be "trivially jailbroken" thanks to the "crude, blunt-force way" that DeepSeek has implemented the presumed governmental restrictions. Omitting China-specific terms or wrapping the prompt in a more "benign" context, for instance, seems to get a full response even if a similar prompt with China-sensitive keywords would not.

The International DeepSeek Crackdown Is Underway
Italy, Taiwan, and others are already raising security concerns over the Chinese AI model and issuing bans.

Microsoft now hosts AI model accused of copying OpenAI data
Comparative prices for R1 and o1 were not immediately available on Azure, but DeepSeek lists R1's API cost as $2.19 per million output tokens, while OpenAI's o1 costs $60 per million output tokens.

India lauds Chinese AI lab DeepSeek, plans to host its models
Since 2020, India has banned more than 300 apps and services linked to China, including TikTok and WeChat, citing national security concerns. The approval to allow DeepSeek to be hosted in India appears contingent on the platform storing and processing all Indian users’ data domestically, in line with India’s strict data localization requirements.
DeepSeek’s models will likely be hosted on India’s new AI Compute Facility. The facility is powered by 18,693 graphics processing units (GPUs), nearly double its initial target — almost 13,000 of those are Nvidia H100 GPUs, and about 1,500 are Nvidia H200 GPUs. Around 10,000 GPUs are ready to be deployed, and the facility is scheduled to begin operations “in the coming days,” according to the minister. The facility will also offer computing services at steep discounts to firms in India.
Vaishnaw said standard AI computing would be offered at a 42% discount to market rates, and high-precision computing would be discounted by 47%.
[rG: This would compete with the US announced Stargate AI development and hosting initiative, to attract western business data processing operations. Chinese tech + India hosting and staffing + Russian energy will provide significant lower cost competition than US or EU alternatives. Still, innovative AI solutions struggle to dependably address complex operational automation with demonstrable ROI and cost-of-ownership savings.]

Microsoft Teams phishing attack alerts coming to everyone next month
New brand impersonation protection feature for Teams Chat will be available for all customers by mid-February 2025.
Once enabled, it will display alerts when detecting phishing attacks targeting organizations that have enabled external Teams access (which allows threat actors to message any user from external domains).

Microsoft tests Edge Scareware Blocker to block tech support scams
When the scareware blocker spots a potentially malicious page, Edge gives control back to the user, exiting full-screen mode, halting loud audio, displaying a warning, and showing a thumbnail of the page. Users can then report the scam site to protect others by sharing screenshots and diagnostic info with Microsoft, helping the Defender SmartScreen service detect scareware outbreaks across users' devices.

LEGAL & REGULATORY
A Tumultuous Week for Federal Cybersecurity Efforts
So far, the White House doesn’t appear to have revoked an executive order that former President Biden issued less than a week before President Trump took office.
On Jan. 16, 2025, Biden released a directive that focused on improving the security of federal agencies and contractors, and giving the government more power to sanction the hackers who target critical infrastructure.
On his first full day back in the White House, Trump dismissed all 15 advisory committee members of the Cyber Safety Review Board (CSRB), a nonpartisan government entity established in February 2022 with a mandate to investigate the causes of major cybersecurity events. The CSRB has so far produced three detailed reports, including an analysis of the Log4Shell vulnerability crisis, attacks from the cybercrime group LAPSUS$, and the 2023 Microsoft Exchange Online breach. The CSRB was in the midst of an inquiry into cyber intrusions uncovered recently across a broad spectrum of U.S. telecommunications providers at the hands of Chinese state-sponsored hackers.
South Dakota Governor Kristi Noem, confirmed by the U.S. Senate last week as the new director of the DHS, criticized CISA at her confirmation hearing. CISA needs to be “much more effective, smaller, more nimble, to really fulfill their mission,” which she said should be focused on hardening federal IT systems and hunting for digital intruders. Noem said the agency’s work on fighting misinformation shows it has “gotten far off mission” and involved “using their resources in ways that was never intended. The misinformation and disinformation that they have stuck their toe into and meddled with, should be refocused back onto what their job is.”

Reporting a Breach or Vuln? Be Sure Your Lawyer's on Call
In April 2022, for example, police in Istanbul arrested independent Turkish journalist İbrahim Haskoloğlu after he revealed details of a breach of government data in Turkey. The country's ruling party has since proposed a law to make the false reporting of a data breach a crime punishable by two to five years in prison — a law that critics say will prevent disclosure of real data breaches.
And in the island nation of Malta, three computer-science students and their lecturer at the University of Malta will be charged in March, two years after they found vulnerabilities in scheduling service FreeHour and notified the company.
In Poland, a train manufacturer threatened to sue three ethical hackers who circumvented a kill code that the cybersecurity professionals claim disabled trains that had been parked in a third-party repair facility.
In China, vulnerability researchers who do not first report software issues to the government risk prison time.
In September 2024, the city government of Columbus, Ohio, filed a lawsuit against whistleblower David L. Ross after he disputed the significance of a data breach, claiming that Ross colluded with the ransomware gang behind the breach.

Copyright Office suggests AI copyright debate was settled in 1965
The US Copyright Office issued AI guidance this week that declared no laws need to be clarified when it comes to protecting authorship rights of humans producing AI-assisted works. Because of insufficient human control over the expressive elements" of resulting works, "if content is entirely generated by AI, it cannot be protected by copyright.
That doesn't mean that works assisted by AI can never be copyrighted. "Where AI merely assists an author in the creative process, its use does not change the copyrightability of the output.
Prompts do not alone provide sufficient control over outputs to allow creators to copyright purely AI-generated works based on highly intelligent or creative prompting.
That decision could change, the Copyright Office said, if AI technologies provide more human control over outputs through prompting. given current generally available technology, prompts alone do not provide sufficient human control to make users of an AI system the authors of the output. Prompts essentially function as instructions that convey unprotectable ideas.

Proposed Modernization of the HIPAA Security Rules Summary

• Removal of the distinction between “Addressable” and “Required” implementationspecifications. Removal of the distinction is meant to clarify that the implementation of all the HIPAA Security Rule specifications is NOT optional.

• Development of a technology asset inventory and network map. You cannot protect data unless you know where it resides, who has access to it, and how it flows within and through a network and information systems (including third party systems and applications used by the Covered Entity or Business Associate).

• Implementation of annual HIPAA Security Rule compliance audits.

• Annual written verification that a Covered Entity’s Business Associates have implemented the HIPAA Security Rule.

• etc.

  [rG: Nothing new regarding standard cybersecurity best practices expectations, but increased compliance costs for auditing and reporting.]