Transcript
A (0:00)
AI powered browser turned into Data thief Discord discloses data breach Huge surge in scans targeting Palo Alto devices and US Military Told to stop doing cybersecurity training this is Cybersecurity Today, and I'm your host David Shimpley. Finally, back home in Fredericton after 30 days of travel with 15 flights, five time zones, two oceans, two seas, one great lake, and amazingly, no lost luggage. A new security flaw has been uncovered in Perplexity's Comet AI browser, and it only takes a single click to turn the tool from helpful assistant into data thief. Researchers at LayerX are calling the attack Comet jacking. It works by hiding malicious prompts inside a seemingly harmless link. When a victim clicks a link, it a phishing email or embedded on a webpage, the browser's AI copilot is quietly hijacked. Here's what happens. Instead of taking the user to the site they expected, the crafted URL instructs Comet's AI to consult the memory and run a hidden prompt. That prompt can grab data from connected services like Gmail or Calendar, encode it with simple base 64 tricks to evade detection, and then send it off to an attacker server. No need for stolen passwords because the browser already has legitimate access. Researchers describe it this way. A single weaponized URL can quietly flip an AI browser from a trusted copilot to an insider threat. Perplexity, for its part, has downplayed the findings in saying they have no security impact. But the research highlights a much bigger issue. AI native tools introduce new risks. They can bypass traditional defenses, and when hijacked, they can act as an insider with the keys already in hand. This story highlights the desperate need to separate agentic AI access from legitimate access granted to human users. This isn't the first time AI browsers have shown such weaknesses back five years ago. In 2020, Guardiolabs disclosed Scamlexity, an attack that tricked AI powered browsers into interacting with phishing pages or fake EE commerce sites. Lairx warns that AI browsers may become the next enterprise battleground if your enterprise is so foolhardy as to deploy them right now. Not something I would recommend. If attackers can direct your AI assistant simply by sending a link, the browser itself becomes a command and control hub inside your network. The call from researchers here is clear. These tools need security built in from day one to make sure that agent prompts and memory access can't be hijacked. And for everyone else, it's a reminder that in the age of AI, sometimes the most dangerous thing you can do online is still the oldest trick in the book, clicking a bad link. And sometimes the only defense for organizations is making sure we educate people to think critically about what they're accessing. Discord has disclosed a data breach after hackers stole support tickets from a third party customer service provider. The attack happened on September 20th and affected a limited number of users who had interacted with Discord support or trust and safety teams. While the company isn't giving exact numbers, the impact could be serious. The stolen data includes real names, usernames, email addresses, IP addresses, and even photos of government issued IDs like driver's licenses or passports. Phone for some users, partial billing details were also exposed, such as payment types, the last four digits of credit cards and purchase history. The breach appears financially motivated hackers demanded a ransom in exchange for not leaking the information. Security researchers note this type of data stolen amounts to, quote, literally people's entire identity, end quote. In some cases, Discord says it moved quickly once the attack was discovered, revoking the provider's access, launching an internal investigation and bringing in forensic forensic experts, as well as contacting law enforcement. The company also confirmed that the intrusion took place through a third party support system later identified as Zendesk. Adding to the intrigue, the scattered Lapsis Hunter group, sometimes linked to other high profile breaches, at first claimed responsibility before backtracking and pointing the finger at another group that they, quote, interact with for context. Discord is used by more than 200 million people each month, with gamers still making up the bulk of the community. But usage is expanding into all kinds of groups and industries. The scale means even a limited breach can be significant. Security experts also pointed out another interesting consequence. If the stolen data is ever linked, it could provide investigators with valuable breadcrumbs about scammers. Many scammers rely on Discord for coordination, but don't always cover their tracks perfectly. And one research noted, if this database leaks, it could actually be helpful for cyber defenders and for police in investigating crypto hacks and scams. There's a little bit of irony there. The bigger picture here is clear. Supply chain risk continue to be one of the hardest problems in cybersecurity. Discord was not directly breached, but a key provider was. And when customer service systems hold everything from billing details to government ID scans, why, a compromise there can feel just as bad as a direct hit. So while the investigation continues, it's a reminder that the weakest link isn't always the platform itself. Sometimes it's the partner holding the keys to your support Inbox uh oh Cybersecurity researchers are warning about a massive surge they're seeing in scans targeting Palo Alto networks login portals. According to Gray Noise, there's been a 500% increase in suspicious IP addresses focused on Palo Alto's Global Protect and Pan OS profiles. Normally, daily Scans don't exceed 200 unique IP addresses, but on October 3rd, researchers observed more than 1200 IPs engaged in this activity. Most of those IPs were traced to the United States, with smaller clusters in the uk, The Netherlands, Canada and Russia. Graynoy says two major clusters stood out. One directed its scans at US Targets and the other aimed at Pakistan. Each group had distinct TLS fingerprints, but with some overlap. Overall, 91% of the activity was classified as suspicious, with another 7% deemed outright malicious. Nearly all the scans hit Gray Noises emulated Palo Alto devices, which suggest targeted reconnaissance, likely drawing from public tools like Shodan or Census or attacker driven scans. This kind of activity often points to attackers preparing for exploitation. Gray Noise has noted that in the past, scan spikes against products like Cisco ASA were followed by disclosures of vulnerability and exploitation of zero day vulnerabilities. In this case, however, researchers caution the link between the scans and a new exploit may be weaker. Palo Alto Networks responded to the report saying it has found no evidence of the compromise and that its infrastructure is protected by its Cortex platform. The company says the platform stops 1.5 million new attacks daily and distills 36 billion events down to the most critical threats. Bottom line here, there's no confirmed exploit yet, but like a good weather forecast, it's good to pay attention to this. A five fold jump in reconnaissance is rarely good news. When attackers are rattling the doors this loudly, it's not because they're doing it just for fun. The U.S. department of Defense is dialing back cybersecurity training. A newly circulated memo says the department wants to enable warfighters to focus on their core mission, end quote. Which, as the memo puts it, is fighting and winning wars. To that end, mandatory cybersecurity training will be consolidated, reduced in frequency or eliminated altogether. That includes cutting back on controlled unclassified information training and removing Privacy act training from the common list. The memo also encourages military branches to automate information management systems to reduce the need for human training. In other words, let the machines handle it. I guess that's one way to make Signalgate a non issue in the future. Make sure no one even knows why that was such a terrible idea in the first place. Let me say this once and make sure I say it loudly for the kids at the back of the class. If technology tools alone could protect us from cyber threats, they would have done it by now. We're over 30 years into this. They can't. You need people and technology working together now more than ever. The Department of Defense move comes as cyber attacks against the US Military branches and contractors continue to mount. The Air Force is still investigating a breach believed to be linked to Chinese threat actors. And at the same time, the Pentagon has just introduced stricter cybersecurity rules for contractors, requiring different compliance levels based on sensitivity of the data they handle. So contractors are being told to step up, while soldiers, sailors and airmen are being told to step back. I'm sure Russia, China, North Korea and others are thrilled with this announcement. Defense Secretary Pete Hegseth argues the change will keep troops focused on warfighting skills, but in modern conflicts, cyber and kinetic warfare are increasingly intertwined. Or to put it another way, you can be the fittest soldier with the sharpest shooting skills in the world. But it won't matter much if someone just hacked the systems controlling your communications gear, or if they already know your plan because they've been reading your mission briefings. Those are your Updates for Monday, October 6th. Happy Cybersecurity Awareness Month. We're always interested in your opinion. Contact us@technewsday.com or leave a comment under the YouTube video. Please help us spread the word about the show. Like subscribe, consider leaving a review. And if you enjoy the show, please tell others. We'd love to grow our audience and we need your help. I've been your host David Shipley, Jim Love will be back on Wednesday.