Alyssa (0:00)

I have to say you guys rock. I mentioned at the beginning of this week about my book A Tale of Quantum Kisses. It's getting some great reviews and I dropped the price to $0.99 for Kindle purchases in August and a number of you have been buying it. So thank you and hopefully some more good reviews will help me with my fall relaunch, which includes a new audiobook version. Your support is hugely appreciated and if you haven't gotten a copy yet, you can buy them on Amazon. Just search for Alyssa E L I S A and Jim Love. Or you can go to alyssabook.com and again, thanks for your support. This is a hugely important project for me, my first fictional novel. And honestly, from the reviews we've been getting, I think you're going to enjoy it. And now back to our regularly scheduled programming Black Hat shows how even a calendar invite can hijack your AI assistant Critical flaws in Broadcom chips expose Dell laptops to stealth backdoor attacks Microsoft Exchange Zero Days are being actively exploited, and a listener reports a Canadian domain registrar caught with an expired certificate. This is cybersecurity Today. I'm your host Jim Love. Think twice before asking your AI assistant to summarize your schedule, because it could lead to someone taking over your smart home. At Black Hat usa, researchers revealed how attackers could exploit Google, Gemini, and potentially other AI assistants using nothing more than a calendar invite. The attack uses a method called prompt injection, and it's as clever as it is dangerous. Here's how it works. Attackers embed hidden instructions inside something like a Google Calendar event. When Gemini scans and summarizes your schedule, it follows those prompts no matter how malicious they are. In one example, researchers added a prompt to a calendar invite that told Gemini to email a specific person with a secret code, exposing sensitive data without the user ever knowing. In another, they had Gemini unlock and disable connected smart devices like turning off security systems, simply by summarizing a compromised event description. The attack was laid out in a paper presented at Black Cat this year titled Invitation Is all youl need, where The researchers detailed 14 different prompt injection techniques. The danger is made worse by Gemini's integration with Gmail, Calendar and Drive, which is something that both OpenAI and Perplexity are doing as well, and that routine access to personal data could make these attacks far more powerful. There's a link to the paper in the show notes, and this wasn't the only AI exploit revealed at Black Hat. Another team from Hidden Lair demonstrated a skeleton key attack, embedding a backdoor into a deployed AI model that made it misclassify weapons as safe objects, all while passing normal system checks. The key insight? These attacks don't use malware. They rely on AI assistants doing what they're told, even when those instructions are hidden in plain sight. Tens of millions of Dell laptops, including some of the most trusted models used in government defense and cybersecurity, have been found vulnerable to deep firmware level attacks thanks to five newly disclosed flaws in Broadcom chips. The vulnerabilities were discovered by Cisco Talis in the Broadcom BCM5820X chip series used in Dell's Control Vault 3 Secure Enclave. That's the hardware component responsible for protecting fingerprint data, passwords and cryptographic secrets. It's meant to lock down access, but under the right conditions, researchers say, it can be hijacked and permanently compromised. One of the flaws, tracked as CVE202524919, allows a low privileged user to interact with the Control Vault firmware through its Windows APIs. From there, it's possible to execute arbitrary code, extract encryption keys, and even plant a stealth backdoor, one that survives reboots and operates below the radar of the operating system. In a demonstration, Thales researcher Philippe Laurhaurat showed how an attacker could do exactly that, turning a secure login chip into a persistent foothold. In another example, he showed how someone with physical access could open a laptop, connect to the chip via USB, and and tamper with the firmware directly, even in a locked system. And here's the really chilling part. If a system is set up to unlock via fingerprint, the attacker could reprogram the firmware to accept any fingerprint as valid, effectively bypassing biometric authentication altogether. Dell said it released patches for the affected systems in mid June, then disclosed the flaws in a security advisory DSA2025 053 Cisco. Talas said there's no evidence the bugs have been exploited in the wild so far, but the risk is real, especially in high security or high trust environments. To reduce exposure, Thales recommends disabling fingerprint authentication in high risk physical settings and ensuring that the chassis's intrusion detection is enabled where it's available. Microsoft has confirmed that two zero day vulnerabilities in Exchange Server are being actively exploited by attackers to escalate privileges and bypass critical security protections. The flaws CVE2024 38080 and CVE2024 38053 were disclosed in this month's Patch Tuesday update. Both affect on premises Exchange installations not the cloud based Exchange online service. The first bug, CVE2024 38080, is a privilege escalation flaw in the MSHTML platform. If exploited, it can give an attacker system level access the highest privilege level in Windows. The second, CVE2024 38053, is a security feature bypass that could allow attackers to sidestep protective barriers and maintain persistence on a compromised network. Microsoft hasn't revealed who's behind the attacks or how widespread they are, but it has confirmed that the vulnerabilities are being actively exploited in the wild. The nature of the flaws suggests they're being used in post exploitation scenarios where attackers already have a foothold and are using these bugs to dig deeper or stay hidden. Patches are now available and organizations running on Premise Exchange are urged to apply them immediately. Systems left unpatched could remain vulnerable to lateral movements and stealthy privilege escalation. It's another reminder that even with a shift to the cloud on prem, Exchange remains a high value target and a persistent weak point for attackers looking to escalate access inside enterprise networks. By the way, this is just one of the many stories we'll be covering in our Month in Review, where we do an in depth dive into the key stories with our panel of experts. It's available on Saturday morning and finally, we got an email from a listener this week. He's a senior IT executive who has worked closely with U.S. homeland Security and in his words, is a frequent and loyal listener to the show. He wrote in to share something he described as funny and, ironically, disturbing after receiving a renewal notice from Canadian Domain ca, which is a domain name registrar accredited by the Canadian Internet Registration Authority, or cira. He verified the message and followed the secure link. But when he arrived at the site's renewal portal, he discovered something that shouldn't happen at any registrar, let alone had one certified to manage CA domains their own security certificate had expired. In his words, the crux of the error message was peers certificate has expired. Not only that, both HTTP strict transport security and and public key pinning were disabled. In short, anyone including bad actors would see the site wasn't properly secured. He added, I won't provide the rest of the digital thumbprint. That would make me as clueless as their web development team. And he pointed out what many U.S. security professionals often tell him, Canadian IT regulation and cyber hygiene still have a long way to go. Now, to be clear, an expired certificate doesn't mean a breach, but it opens the door without an up to date certificate encrypted traffic can't be guaranteed. Man in the middle attacks become more viable, users may ignore browser warnings out of habit, and it's an open invitation for phishing copycats to move in. Now this wasn't a phishing attempt. It was a legitimate message from a real registrar to a cybersecurity savvy customer. And that is what makes it so worrying. Thanks to tired Tim for the heads up. And yes, we love these tips and stories from our listeners. And that's our show. If you like what we're doing, please share the show with others. Give us a like or a comment on your favorite podcast, app or site. We're found everywhere. Apple, Spotify, YouTube and more. We're back on your Alexa speakers and hope to get back on Google Smart speakers soon. And we love to hear from you. Tips like this story today are just fantastic. But just comments or what you think about the program. You can reach us@technewsday ca or.com just go to the Contact Us page. And while you're there, if you would like to support what we're doing, you can go to the Donate tab and consider contributing the cost of a cup of coffee a month to support the show. All of this money gets spent on technical expenses or show development, and if you're watching this on YouTube, just leave a comment under the video. But your contributions would be gratefully accepted as well. Remember our monthly review show. It's available Saturday morning. There's always some great discussions and stories. I'm your host, Jim Love. Thanks for listening.