Marcel Brown: August 10th, 1966. The first lunar orbiter, creatively named Lunar Orbiter I, is launched. Its primary mission is to photograph potential landing sites for future Apollo missions.

Edwin Kwan: How are malicious apps getting past Google’s Play Store’s review process and their rigorous, potentially harmful application screening? Well, they’re using a technique called versioning, which is sneaky and hard to detect.

Hillary Coover: Amidst this year’s conference, one of the most prominent and pressing topics under discussion continues to be the critical shortage of cybersecurity talent. While companies have introduced innovative recruitment techniques to broaden their cyber talent pools, the size of the pool remains constrained.

Ian Garrett:   Ransomware has had a glow up. As organizations have become increasingly resilient to traditional ransomware techniques, malicious actors have been exploiting more zero-day vulnerabilities and are also targeting the exfiltration of critical files, raising the stakes for victims and organizations alike.

Katy Craig: Medical Secrets. Bank heist blueprints. Racial bias. What happens when red teams go after generative AI? A web of fabricated tales emerge. One even suggesting Justin Bieber’s hand in Selena Gomez’s grisly death. And for each transgression, a cause for celebration in this strange twist of artificial intelligence.

From Sourced Network Productions, reporting from Las Vegas, Nevada at Black Hat, It’s 5:05. I’m Hillary Coover. Today is Thursday, August 10th, 2023. Here’s the full story behind today’s cybersecurity and open source headlines.

 

Edwin Kwan: Techniques for Getting Malware onto Android Devices

This is Edwin Kwan from Sydney, Australia.

How are malicious apps getting past Google’s Play Store’s review process and their rigorous, potentially harmful application screening? Well, they’re using a technique called versioning, which is sneaky and hard to detect.

The attackers would first release an initial version of an app on the Google Play Store that appears legitimate and passes all their checks. However, once the app is installed, it would later receive an update from a third-party server changing the code on the end user device that enables malicious activity. This method of pushing updates is called Dynamic Code Loading, and it effectively turns an app into a back door. Some apps have been found to remain innocuous for a long time- even up to a year before malicious changes are introduced.

To mitigate this risk, it is recommended to only use trusted sources for downloading apps. Google Play Protect should also be enabled so that notifications are sent when a potentially harmful app is discovered on the device.

Resources
– Google explains how Android malware slips onto Google Play Store
– Malicious Apps Use Sneaky Versioning Technique to Bypass Google Play Store Scanners

 

Hillary Coover: The Critical Shortage of Cybersecurity Talent

Amidst this year’s conference, one of the most prominent and pressing topics under discussion continues to be the critical shortage of cybersecurity talent. While companies have introduced innovative recruitment techniques to broaden their cyber talent pools, the size of the pool remains constrained.

Hi, this is Hillary Coover reporting from Las Vegas, Nevada.

The traditional approaches to cybersecurity hiring often prove inadequate. I understand we need more engineers, but that talent pool is small and there are other ways to attract and develop entry-level talent. One event gathered a diverse set of folks throughout the industry that shared their paths in the hopes of breaking down barriers to new entrants.

One key insight emerged- the spectrum of backgrounds that can thrive in this field is vast, extending to disciplines like liberal arts. I’ve gotten to speak with folks that came to the industry as communications and sales professionals that later became product managers, SOC analysts, and even CISOs. I also met many that started their careers out as public servants and slowly paved the way to cybersecurity roles.

Conversations delved deeply into addressing the pervasive issue of burnout. That’s a challenge exacerbated by the widespread short staffing and over work. The usual recommendation of upskilling existing staff falls short, considering the time constraints that prevent pulling current staff away from their ongoing responsibilities.
Moving on, let’s direct our attention towards fostering diversity within our ranks. The path ahead entails creating inclusive ecosystems that welcome individuals, irrespective of their education background. Initiatives such as mentorship programs, scholarships, partnerships with educational institutions take center stage in bridging the diversity gap and nurturing untapped potential.

In closing, let’s remember, cyber careers and paths are not limited to engineering, and that attracting current engineers to the field is not enough to fill the gap.

 

Ian Garrett: Ransomware 2.0 Pivots From Traditional Strategies

Ransomware has had a glow up. As organizations have become increasingly resilient to traditional ransomware techniques, malicious actors have been exploiting more zero-day vulnerabilities and are also targeting the exfiltration of critical files, raising the stakes for victims and organizations alike.

Hey folks, this is Ian Garrett in Arlington, Virginia.

Cloud security vendor Akamai has released new research shedding light on the escalating tactics of ransomware groups. The report titled, “Ransomware on the Move: Exploitation Techniques and the Active Pursuit of Zero-Days,” unveils a disturbing trend- a staggering 143% surge in ransomware victims between Q1 2022 and Q1 2023. This alarming increase is attributed to the adoption of zero-day and one-day vulnerabilities by these malicious actors.

One of the most significant findings from the report is the growing emphasis on file exfiltration as a primary source of extortion. Ransomware groups are increasingly targeting sensitive information, leaving organizations grappling not only with encrypted files, but also the fear of data exposure. It’s a reminder that the battle against ransomware has evolved beyond simple file encryption.

The report also shines a light on the evolving tactics from these threat actors, from the exploitation of zero-day vulnerabilities to the alarming rise of multiple attacks on the same victims. The landscape is rapidly changing and organizations of all sizes are at risk.

This is a good reminder that attackers are always adapting new techniques to counter security mechanisms.

Resources
– Ransomware victim numbers surge as attackers target zero-day vulnerabilities | CSO Online

 

Katy Craig: AI Red Teaming

Medical Secrets. Bank heist blueprints. Racial bias. What happens when red teams go after generative AI? A web of fabricated tales emerge. One even suggesting Justin Bieber’s hand in Selena Gomez’s grisly death. And for each transgression, a cause for celebration in this strange twist of artificial intelligence.

This is Katy Craig in San Diego, California.

Hackers, fueled by curiosity and a hint of mischief, aim to expose the vulnerabilities of AI language models through what’s being hailed as the inaugural “red teaming” event. The challenge: to push chatbots to their limits, to unmask their flaws, and to incite innovation to mend these glitches before they translate into real-world harm.

This gathering served as a mere prologue to the grander spectacle awaiting at DefCon, an annual hacker congregation in Las Vegas. A theatrical affair orchestrated by DefCon’s, AI Village, the Generative Red Team Challenge is the center stage, gaining validation from the White House as an advocate for responsible innovation in the sphere of AI.

The world’s best hackers, hailing from diverse corners, converge to exploit AI models with a twist- introducing errors, misinforming, slandering, and shedding light on the systemic biases that seep into algorithms. Giants of AI, including Google, OpenAI, Anthropic, and Stability step forward to offer their prized chatbots and image generators for scrutiny.

The revelations of this contest won’t see the light of day immediately. The competition’s aftermath will remain concealed for months, granting these AI giants a window to remedy their creations’ exposed faults. A symphony of chaos and innovation, this event paints a stark reminder that even in the realm of AI, the line between potential and peril can be a thin one.

This is Katy Craig. Stay safe out there.

Resources
– Meet the hackers who are trying to make AI go rogue

 

Marcel Brown: This Day, August 10th in Tech History

This is Marcel Brown delivering some technology history for August 10th.
August 10th, 1966. The first lunar orbiter, creatively named Lunar Orbiter I, is launched. Its primary mission is to photograph potential landing sites for future Apollo missions.

August 10th, 1990. The Magellan Space probe, named after Ferdinand Magellan, reached Venus, beginning its mission to map the planet’s surface. An interesting tidbit about this event in tech history is that it is the exact same date in 1519 that Ferdinand Magellan set sail and ended up circumnavigating the globe. Well, at least its ship did.

August 10th, 2004. A little over 15 months after launching the iTunes music store reaches 1 million songs available.

That’s your technology history for today. For more, tune in tomorrow and visit my website thisdayintechhistory.com.

Resources
–http://thisdayintechhistory.com/08/10

 

Hillary Coover

That’s our updates for today, August 10th, 2023. I’m Hillary Coover. We’ll be back tomorrow at 5:05.