Marcel Brown: November 15, 1996. The first version of ICQ, the Internet’s first popular instant messaging program, is released by four high school students from Israel. By the end of 1997, ICQ had more than 5 million users, and in mid-1998, AOL purchased the company for $407 million.

Edwin Kwan:  Users of OpenAI’s API, ChatGPT, and Dall-E services were experiencing intermittent outages. They would see messages from their queries saying that ” something seems to have gone wrong or we’re experiencing exceptionally high demand. Please hang tight as we work on scaling our systems.”

Katy Craig: The Citrix Bleed vulnerability has become the focal point of threat actors’ attention, with active exploitation campaigns targeting government, technical, and legal organizations across the Americas, Europe, Africa, and the Asia Pacific region. The attackers employed a clever technique involving specially crafted HTTP GET requests.

Hillary Coover: As the festive season approaches, the thrill of holiday shopping is palpable, but so is the excitement for cybercriminals aiming to capitalize on the online shopping surge through scams and data theft. One rising concern demanding attention is the surge in credit card skimming, a threat likely to intensify in the coming weeks.

 

The Stories Behind the Cybersecurity Headlines

 

Edwin Kwan
OpenAI Suffers DDOS Attack Resulting in Intermittent Outages

OpenAI has been suffering from periodic outages due to Distributed Denial of Service attacks.

This is Edwin Kwan from Sydney, Australia.

Users of OpenAI’s API, ChatGPT, and Dall-E services were experiencing intermittent outages. They would see messages from their queries saying that ” something seems to have gone wrong or there was an error generating a response, or we’re experiencing exceptionally high demand. Please hang tight as we work on scaling our systems.”

Those outages were due to a Distributed Denial of Service attack. While OpenAI has yet to attribute the attackers, a threat attacker known as Anonymous Sudan, has claimed responsibility for the attacks. They said that the reason for the attack was due to OpenAI’s general biases towards Israel and against Palestine.

The group has been operating since January 2023 and had previously taken down Microsoft’s Outlook.com, OneDrive, and Azure Portal in June 2023.

Resources
– OpenAI: https://status.openai.com/incidents/21vl32gvx3hb
– Bleeping Computer: https://www.bleepingcomputer.com/news/security/openai-confirms-ddos-attacks-behind-ongoing-chatgpt-outages/

 

Katy Craig
Citrix Bleed Vulnerability Targets Government, Technical, and Legal Organizations

The Citrix Bleed vulnerability, officially known as CVE-2023-4966, has become the focal point of threat actors’ attention, with active exploitation campaigns targeting government, technical, and legal organizations across the Americas, Europe, Africa, and the Asia Pacific region.

This is Katy Craig in San Diego, California.

Here’s what you need to know. The Citrix Bleed vulnerability is a high-impact vulnerability affecting Citrix NetScaler ADC and NetScaler Gateway appliances. This flaw provides unauthorized access to sensitive data stored on these devices. Mandiant researchers uncovered that this vulnerability has been actively exploited as a zero-day since late August 2023. This occurred even before a fix became available, underlining the urgency of the situation.

The attackers employed a clever technique involving specially crafted HTTP GET requests. These requests essentially compelled the vulnerable appliance to divulge system memory contents, including valid Netscaler AAA session cookies. This allowed them to bypass multi-factor authentication and gain unauthorized access. Once in, attackers hijack user sessions, effectively granting them access to the device without requiring MFA verification. Remaining stealthy, attackers used “living off the land” techniques to mask their presence. Engaging in network reconnaissance, their ultimate goal is to steal account credentials and to move laterally across the network.

Applying security updates, while essential, does not address existing breaches. Therefore, a comprehensive incident response plan is necessary. Mandiant has released a detailed remediation guide to assist organizations in addressing this critical issue.

This is Katy Craig. Stay safe out there.

Resources
– Mandiant: https://www.mandiant.com/resources/blog/session-hijacking-citrix-cve-2023-4966
– CISA: https://www.cisa.gov/guidance-addressing-citrix-netscaler-adc-and-gateway-vulnerability-cve-2023-4966-citrix-bleed
– Bleeping Computer: https://www.bleepingcomputer.com/news/security/hackers-use-citrix-bleed-flaw-in-attacks-on-govt-networks-worldwide/

 

Hillary Coover
Surge in Holiday Credit Card Skimming

As the festive season approaches, the thrill of holiday shopping is palpable, but so is the excitement for cybercriminals aiming to capitalize on the online shopping surge through scams and data theft.

Hi, this is Hilary Coover in Washington, DC.

One rising concern demanding attention is the surge in credit card skimming, a threat likely to intensify in the coming weeks. Despite the perceived security of online stores, handing over your credit card details poses risks, especially when merchant websites fall victim to hacking.

Imagine the scenario: you make a purchase online, unaware that a malicious code invisible to you, lurks beneath the surface, poised to intercept your credit card information. Unfortunately, this is the reality faced by many unsuspecting shoppers.

The Kritec campaign, initially detected in March of 2023, gained notoriety for its extensive volume and sophisticated approach. Bad actors behind the operation customized their skimmer for every victim’s site, employing convincing templates in multiple languages. The seamless experience created by these criminals make it nearly impossible for shoppers to realize that their credit card details have been compromised.

While the skimming activity experienced a temporary slowdown in the summer after reaching its peak in April, it’s resurged with a vengeance in October. This resurgence is measured by the increase in newly registered domain names associated with the threat actor, pointing to heightened activity just in time for the holiday season.

As you navigate the digital shopping landscape this season, exercise caution and consider the cybersecurity of the online retailers you choose. Avoid smaller retailers with older websites, and don’t let cyber grinches steal your holiday joy. Shop smart and stay cyber-safe.

Resources
– MalwareBytes: https://www.malwarebytes.com/blog/threat-intelligence/2023/11/credit-card-skimming-on-the-rise-for-the-holiday-shopping-season

 

Marcel Brown
This Day, November 15, in Tech History

This is Marcel Brown delivering some technology history for November 15th.

November 15, 1971. An advertisement in the magazine, Electronic News, announces the Intel 4004, the first commercially available microprocessor. The 4004 was primarily used in calculators, the first being the Busicom 141-PF.

In fact, it was Busicom that actually developed the design of what would become the Intel 4004. Busicom approached Intel to help them finalize the design and manufacture their calculator engine. Intel’s engineers reduced the 12 integrated circuit design Busicom had come up with to four integrated circuits and delivered the finished product in January of 1971. Busicom had exclusive rights to that design until later in the year when Busicom and Intel renegotiated their contract, lowering their prices to Busicom in exchange for rights to the design of the microprocessor. By offering the first general purpose programmable processor to the general market, Intel spurred the rapid development of electronic devices in the 1970s, culminating in the development of personal computers during that decade. However, Intel wasn’t the clear leader in the microprocessor market until the IBM PC and clones helped catapult Intel to that title in the 1980s.

November 15, 1996. The first version of ICQ, the Internet’s first popular instant messaging program, is released by four high school students from Israel. By the end of 1997, ICQ had more than 5 million users, and in mid-1998, AOL purchased the company for $407 million.

After changing hands a few times in the ensuing years, ICQ is now owned by a Russian company and is still in operation, albeit not nearly as popular as it was back in the 1990s. I think I started using ICQ back around 1997 or 1998, and while it was really cool to be able to communicate with anybody in the world instantly, the fact that you had to use it on a desktop computer, and not that many of my friends actually used it, was a bit of a downer. But this was the early internet, so it’s fun to think back of a much simpler time.

November 15, 2001. Microsoft releases their Xbox gaming console, entering the video game console market to compete with Sony and Nintendo. Even though their launch title, Halo, was one of the biggest blockbusters of all time, Microsoft is said to have lost $4 billion on the initial Xbox, but clearly the Xbox has been a success, as the ensuing Xbox consoles have sold over 100 million units. All that being said, I’m still pretty salty at Microsoft for stealing the game Halo and not releasing it for the Macintosh back in the late 1990s. That is an entire story all to itself.

That’s your technology history for today. For more, tune in tomorrow and visit my website, thisdayintechhistory.com.

Resources
– https://thisdayintechhistory.com/11/15