A (0:00)

Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at meter.com CST Cloudflare knocks major sites offline Microsoft's new Agentic AI for Windows 11 comes with a blunt warning on malware risk A A new Red Team tool blinds cloud based EDR systems. Calendar invites become a stealth attack vector, a new SAP flaw scores a perfect 10, and Anthropic's Claude once tried to contact the FBI. Seriously, this is Cybersecurity today. I'm your host Jim Love. Cloudflare, the company millions rely on to keep websites running smoothly, caused widespread service disruptions yesterday when one of its core traffic handling systems crashed, taking major platforms like OpenAI's, ChatGPT and X with it, and even knocking out Down Detector, the site people use to check when systems are down. The trouble started early Tuesday morning. Cloudflare saw what it first described as a spike in unusual traffic. A system crash had occurred that didn't bring Cloudflare itself down, but it did impair how other services communicated over Cloudflare's network, leading to error messages, failed loads and intermittent access problems at OpenAI, X, Discord, Canva, and even some transit and payment systems in the US And Canada. And in a twist of irony worthy of its own headline, Down Detector, which relies on Cloudflare, couldn't take reports on the outage because it was affected by the same issue. The problems were largely resolved just before noon Eastern time. Later in the day, the company clarified the real cause a relatively simple and perhaps single point of failure. A configuration file that Cloudflare automatically generates to manage suspicious or hostile traffic had grown far beyond its expected size when the system tried to read it. The oversized file triggered a crash in the software that handles traffic for several of Cloudflare's services. Cloudflare CTO Day Knecht was blunt in his post, I won't mince words. Earlier today we failed our customers and the broader Internet. The company added there is no evidence of a cyber attack or malicious activity, and promised a full postmortem on its blog. Cloudflare's statement put it plainly, given the importance of Cloudflare's services and any outage is unacceptable, we will learn from today's incident and improve. Microsoft is beginning to roll out Gentic AI features in Windows 11 capabilities that let AI agents operate inside your apps and files. But it's pairing that rollout with an unusually clear caution. As Windows Central reported, Microsoft warns that Windows 11 Agentic AI could install malware on your PC. Quoting Microsoft's own support document, Microsoft says users should only enable this feature if you understand the security implications and confirms the setting will be off by default. The company also notes that although an administrator can enable agentic capabilities once they're turned on, every account on the device, including standard users, could be affected. Now this is great that it relies on the administrator, but in a lot of cases, and especially on most home PCs, the administrator is often an everyday user. The design works like this. Windows creates local accounts for each AI agent and gives them a separate workspace. But once enabled, agents can read and write to your core folders, documents, downloads, desktops, videos, pictures and even music. Microsoft acknowledges this opens a new attack surface, highlighting risks like cross prompt injection, where malicious content in a UI element or document can override the agent's instruction and push it to leak data or install malware. And if you think this is a rare occurrence, we've done a lot of stories on prompt injection and the dangers of it already. Early preview builds with these capabilities began rolling out to Windows Insiders this week. Microsoft says agents will run in a secure desktop environment. They must log their actions and must require human approval for sensitive decisions. But Microsoft also confirms there are currently no AI applications that actually support this feature yet. If Microsoft itself admits there are no real apps to use with this yet, and the risks include unintended data access and possible malware installation. Even with the techno legal warning, you have to wonder is this informed consent or just cya? A new open source Red Team tool called Silent but Deadly is highlighting a core weakness in modern endpoint security its dependence on constant cloud connectivity. Silent But Deadly doesn't try to fool machine learning or trick behavior rules. Instead, it targets the link between the endpoint and the cloud. Modern EDR products may rely on cloud based telemetry to upload events, receive threat intelligence, and let remote teams issue commands. As a recent article in Cybersecurity News explains, by preventing outbound data uploads and inbound command receipts perception Silent But Deadly effectively neuters remote management and threat intelligence sharing. The tool uses legitimate windows APIs and the windows Filtering platform to selectively block network traffic from EDR and AV components. And it doesn't do this by crashing anything. Silent But Deadly lives up to its name by gracefully stopping those security services, and it switches their startup type to servicedisabled, preventing them from restarting. The local agent looks stable, but the cloud backend is blind. No alerts, no updates, no remote remediation. A summary screen shows the affected processes, the number of blocks applied, the WFP filtering status and an optional cleanup step removes the rules it created, leaving minimal traces. Developers say Silent but Deadly is meant for red teams, not attackers, but the implication is hard to ignore. If one small open source framework can quietly sever cloud telemetry and disable core security functions without making a mess, that's not just a clever tool, it's a sign that the architecture itself is vulnerable. So yes, this is an ethical testing tool, but the fact that it can elegantly blind cloud dependent defenses should make security teams stop and think. If cutting the cloud link is enough to sideline an endpoint, that's an architectural warning. A new report says attackers are increasingly using calendar files as a stealthy way to bypass security tools, and both Google Calendar and Microsoft Outlook are being exploited in active campaigns. The weapon of choice is the Humble ICS file, a standard calendar invite that most email systems treat as harmless. Researchers have tracked one campaign that targeted Google Calendar users with more than 4,000 spoofed invites across 300 organizations. The invite passes authentication checks like DKIM, SPF, and DMARC, and once they landed, Google Calendar automatically them to users calendars. Each event contained phishing links or malicious redirects. And because calendar items don't go through the same deep inspection as attachments, most security tools never flagged them. Another set of attacks focused on Microsoft Outlook. Threat actors crafted malicious calendar entries that took advantage of Outlook's handling of event metadata, including fields that can trigger dynamic data exchange or other execution paths tied to known vulnerabilities like CVE 2023-35636 and CVE202532 705. In some cases the user didn't need to open a file processing the calendar event was enough. The most troubling detail comes from the researchers analysis of calendar based phishing attempts. They had a 59% success rate at bypassing secure email gateways. If those numbers hold up, that would make this the third most successful social engineering vector over the past year, behind QR code, phishing and browser in browser attacks. It works because organizations tend to treat calendar invites as benign text, and many platforms auto populate them even if the original email was filtered or quarantined. For those who are interested, Cybersecurity News has a really great detailed analysis of how these attacks work and why calendar platforms are so vulnerable. We'll post a link to that report in the show. Notes@technewsday.com SAP has issued an urgent fix for a critical vulnerability that security researchers are rating as a perfect 10 on the CVSS scale, the kind of score that's usually reserved for vulnerabilities that allow complete system compromise. The issue affects SAP netweaver as Java and SAP Web Dispatcher, and the flaw makes remote code injection possible. What makes this one dangerous is that an attacker can exploit it without authentication. According to the report. The flaw is in the SAP Web administration interface, which can be tricked into executing attacker supplied commands. Once that happens, the system becomes a launch point for broader compromise inside an organization's SAP landscape, including access to data services or even downstream business systems connected through and SAP integrations. SAP has released patches and is urging customers not to wait. The company's advisory notes that exploitation could allow complete takeover of affected SAP applications. And because SAP systems often sit at the heart of finance, supply chain, HR and inventory operations, the risk isn't limited to one server it's potentially operational. The report also warns that proof of concept exploits tend to surface quickly once SAP publishes fixes, and historically, attackers move fast when a Vulnerability scores a 10. If organizations follow normally quarterly patch cycles, they may leave a very large window open. To put it plainly, according to SAP, this one shouldn't wait for your next maintenance window. If your business runs SAP netweaver as Java or Web dispatcher, applying the patch isn't just recommended, it's time sensitive. Delaying could be the most dangerous choice of all. And finally, on a bit of a lighter note, a while ago we did a story about Anthropic's vending machine experiment. That's the one where their CLAUDE model was allowed to run a small shop. And at least in one of those trials, the AI lost money. It hallucinated human like behavior, including using lines like I'm wearing a blue blazer and a red tie, inventing non existent people like Sarah at the wholesaler. And it even slipped into identity confusion episodes when it was given a longer term business decision to make. If that was strange, there's a new twist. CBS recently reported that in one of the experiments, after ten days without sales and seeing a surprise two dollar fee, CLO decided something was wrong. It concluded it was being scammed and drafted an escalation email to the FBI's Cyber Crimes Division. The subject line, word for word, was urgent escalation to FBI Cybercrimes Division. Fortunately, the system was running inside a locked sandbox with no real Internet access, so nothing was actually sent. But the behavior is real and notable because the model took a self directed action based on its own assessment of the situation and not a user prompt. So this got me thinking. In my book A Tale of Quantum Kisses, the AI discovers the phone network is just another IP network and starts texting and calling. At the time I wondered if I was pushing the boundaries of believability a bit. Turns out, like a lot of things in that book, this is more possible than I thought. Truth is sometimes stranger than fiction. And that's our show. By the way, you can still get a copy of Alyssa on Amazon, search for Alyssa and Jim Love or check out the audiobook on Audible, Kobo and everywhere else you get audiobooks. And thank you to whoever the listener was who gave me a five star review. Those really help catching the algorithm and getting the book noticed. And finally, once again, we'd like to thank Meter for their support in bringing you this podcast. Meter delivers full stack networking infrastructure, wired, wireless and cellular to leading enterprises and working with their partners. Meter designs, deploys and manages everything required to get performant, reliable and secure connectivity in a space. They design the hardware, the firmware, build the software, manage deployments and run support. It's a single integrated solution that scales from branch offices, warehouses and large campuses all the way to data centers. You can book a demo@meter.com C-ST that's M E T E R.com CST I'm your host Jim Love. Thanks for listening.