Ransomware Insider Threats, AI Vulnerabilities, and Major Security Gaffes - Cybersecurity Today

Summary5 min read

Cybersecurity Today: Ransomware Insider Threats, AI Vulnerabilities, and Major Security Gaffes

Host: Jim Love
Date: November 5, 2025

Episode Overview

In this episode, host Jim Love delves into the latest cybersecurity threats facing organizations, including a shocking case of insider attacks by ransomware negotiators, new vulnerabilities in AI stacks within Microsoft Windows, creative abuse of OpenAI’s API, a critical hardware flaw affecting AMD processors, and a damning security lapse at the Louvre. The episode is rich with cautionary insights and real-world incidents, highlighting the evolving threat landscape and the enduring importance of cybersecurity fundamentals.

Key Discussion Points & Insights

1. Insider Threat: Ransomware Negotiators Turn Hackers

Details of the Case (00:30)
- Two employees from Digital Mint, a company specializing in ransomware negotiations, have been charged with actually perpetrating ransomware attacks themselves.
  - Kevin Tyler Martin and another unnamed employee allegedly carried out attacks using ALF V (Black Cat) ransomware.
  - Ryan Clifford Goldberg, formerly with Signia, was also indicted.
  - At least five U.S. companies were targeted, including a Florida medical device maker (losses > $1.2 million), a Virginia drone manufacturer, and a Maryland pharmaceutical firm.
- Digital Mint’s president, Mark Gren, stated:
  
  "Martin acted completely outside the scope of his employment, and we hope so."
- Signia confirmed Goldberg's termination and both firms are fully cooperating with the FBI.
Insightful Commentary (01:55)
- Jim Love remarks:
  
  "It's a stunning insider threat. Case professionals hired to stop ransomware accused of joining it."

2. Malware Concealed in Windows AI Stack

Vulnerability Discovery (02:15)
- Researcher HXR1 demonstrated malware embedded in ONNX (Open Neural Network Exchange format) files used in Windows AI features, escaping antivirus detection.
- Attack leverages Microsoft’s local AI processing push, which widens the attack surface.
- Embedding occurs within neural network internal data, reconstructed by trusted components.
Living-Off-The-Land Attack (03:15)
- ONNX files are typically not signed nor scanned, letting malicious payloads bypass defenses.
- Commentary from Jim Love:
  
  "This turns into what might be a textbook living off the land attack using what's already built into Windows."
AI Security Culture Critique (03:40)
- Love drives home a key industry lesson:
  
  "The reality is that the run fast and break things culture of AI appears to be deploy first, patch later,"
  and cites HXR1’s succinct warning: "These models are not trustworthy. Don't blindly trust any model sitting on the Internet."

3. Abuse of OpenAI Assistance API for Espionage

Techniques of Attack (04:05)
- Microsoft DART identified the ‘SesameOp’ backdoor using the OpenAI Assistance API as a command-and-control channel.
- API features enable attackers to send/receive encrypted commands masked as legitimate traffic.
- Discovered during a July espionage investigation; provided persistent access by misusing trusted cloud services instead of newly created, more easily flagged infrastructure.
Clarification and Response (05:00)
- Not a flaw in OpenAI’s systems, but misuse of legitimate features.
- Microsoft and OpenAI disabled the compromised account; the affected API to be deprecated in August 2026.

4. Serious Flaw in AMD Zen 5 Processors Jeopardizes Encryption

Vulnerability Facts (05:30)
- AMD SB7055 flaw: Zen 5 CPUs’ RDC'ed instruction can yield predictable "random" numbers, undermining cryptographic security.
- Discovery by a Meta engineer in October 2025 prompted Linux to disable RDC'ed on Zen 5 systems.
- Firmware updates begin Nov 25, 2025, for Ryzen 9000 and Threadripper 9000; all patches due by January 2026.
Key Takeaway (06:45)
- Jim Love underscores:
  
  "Even at the deepest layers of modern processors, the ones we trust for things like randomness, human oversight remains essential."

5. Louvre Heist and Shocking Security Lapses

Incident Recap (07:05)
- Louvre’s surveillance network used default or simplistic passwords like 'Louvre' and 'Thales' (the system name) for over a decade.
- These credentials were still active in 2024—long after security warnings.
- October 20th: Thieves used an automated lift truck to steal €88 million in jewels, exploiting weak surveillance and credentials.
- Seven suspects arrested; four charged with organized robbery and conspiracy.
Reflection on Failure (08:20)
- Jim Love summarizes:
  
  "Proves the greatest tech in the world is worthless if you neglect the basics like strong passwords and regular audits."

Notable Quotes & Moments

On Insider Threats:

"It's a stunning insider threat. Case professionals hired to stop ransomware accused of joining it."
— Jim Love (01:55)
On AI Security Risks:

"These models are not trustworthy. Don't blindly trust any model sitting on the Internet."
— HXR1, via Jim Love (03:40)
On Security Culture:

"The reality is that the run fast and break things culture of AI appears to be deploy first, patch later,"
— Jim Love (03:45)
On Hardware Vulnerabilities:

"Even at the deepest layers of modern processors, the ones we trust for things like randomness, human oversight remains essential."
— Jim Love (06:45)
On Basics of Security:

"Proves the greatest tech in the world is worthless if you neglect the basics like strong passwords and regular audits."
— Jim Love (08:20)

Timeline of Major Segments

| Timestamp | Segment | Details | |-----------|----------------------------------------------|--------------------------------------------------------------| | 00:30 | Ransomware negotiators indicted | Digital Mint/Signia insider attacks | | 02:15 | Malware in Windows AI Stack | ONNX/AI vulnerabilities | | 04:05 | OpenAI Assistance API abused | 'SesameOp' backdoor discovered | | 05:30 | AMD Zen 5 vulnerability | Hardware RNG flaw, patch responses | | 07:05 | Louvre heist & password failures | Museum’s basic security neglected, major art theft | | 08:20 | Closing insight | Importance of basic cybersecurity hygiene |

Summary Takeaways

This episode spotlights the ever-changing world of cybersecurity: trusted insiders turned threats, AI’s shiny new tools doubling as attack surfaces, trusted hardware riddled with flaws, and old-fashioned human sloppiness undermining even the world's most valuable treasures. Jim Love urges vigilance at both high-tech and basic levels, reminding listeners that securing organizations is as much about culture and oversight as it is about tools and technology.

Loading summary

Transcript1 lines

[00:02]
A
Cybersecurity Today we'd like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at meter.com CST ransomware negotiators are accused of turning into hackers Malware hides inside windows AI stack backdoor uses OpenAI's assist API for covert control Flaws could weaken encryption keys and the Louvre heist exposes shocking security sloppiness. This is Cybersecurity Today. I'm your host Jim Love. Imagine hiring someone to negotiate with ransomware gangs and finding out they've been the ones running the attack. That's what prosecutors say might have happened at Digital Mint, a Chicago company that helps victims negotiate and pay ransoms. Two of its ransomware negotiators, Kevin Tyler Martin and another unnamed employee, have been charged with carrying out attacks using ALF V, also known as Black Cat ransomware. They weren't alone. A third man, Ryan Clifford Goldberg, who once worked as an incident response manager at Signia, was also indicted. Prosecutors say the trio hacked at least five U.S. companies, stole data and demanded payment, netting more than $1.2 million from a Florida medical device maker. Other victims included a Virginia drone manufacturer and a Maryland pharmaceutical firm. Digital Mint's president, Mark Gren, said Martin acted completely outside the scope of his employment, and we hope so. Signia confirmed Goldberg's termination. Both companies are cooperating with the FBI. It's a stunning insider threat. Case professionals hired to stop ransomware accused of joining it. A new proof of concept shows that Windows built in artificial intelligence Stack can become an attack vector one most defenders haven't even considered. A researcher called HXR1, in work shared with the security blog Dark Reading, demonstrated how malware can be hidden inside onnx, the open neural network exchange format used by Windows features like Windows, hello Photos, and Office. For a few years now, Microsoft has pushed more AI processing to run locally for privacy and speed. But that same shift has had an unintended consequence in widening the attack surface. In HXR1's demo, the malicious code was embedded in a neural network's internal data and reconstructed in memory using trusted Windows components. And because onnx files aren't signed or scanned, the payload slipped past antivirus tools completely. In fact, this turns into what might be a textbook living off the land attack using what's already built into Windows. But this highlights a huge problem that is becoming evident in AI security. While the cybersecurity community has worked to try to install the idea that security needs to be built in and not bolted on. The reality is that the run fast and break things culture of AI appears to be deploy first, patch later, which gives HXR1's comments more validity when he says these models are not trustworthy. Don't blindly trust any model sitting on the Internet. And as if to echo that, there was a second major AI related attack vector uncovered this week showing that attackers may be starting to weaponize the AI infrastructure enterprises are starting to depend on Microsoft's detection and response team, or DART, discovered a new backdoor called SesameOp, a net based malware strain that used OpenAI's assistance API as a hidden command and control channel. The Assistance API was announced with some fanfare, and it allows developers to build custom AI assistants that can store context and call tools, a valuable tool in integrating AI and other systems. In this case, the attackers exploited those same features to fetch encrypted commands and send stolen data back disguised as legitimate API traffic. The malware was found during a July espionage investigation, and Microsoft said it gave attackers persistent access for months by abusing trusted cloud services instead of using new or different infrastructure that might be detected or shut down. We need to stress this wasn't a flaw in OpenAI systems, it was a misuse of legitimate features, and Microsoft and OpenAI have worked together to disable the compromised account. But the affected API is still active, although it's scheduled for deprecation in August of 2020. And AMD has confirmed a high severity flaw in its Zen 5 CPUs that could cause hardware random number generators to produce predictable encryption keys. The vulnerability is tracked as AMD SB7055, and it affects the RDC'd instruction. Now that's one of two CPU routines used to generate random numbers. RDSEED is designed to produce true randomness, While its counterpart RD Rand is a pseudo random generator. RDC'd is affected. RD Rand is not RDCed can sometimes output zeros while still reporting success, and that leads to the possibility of predictable numbers. That's a serious issue, since unpredictability of random values underpins cryptographic security. This was discovered by a meta engineer in October, prompting Linux developers to disable RDC'ed entirely on Zen 5 systems. AMD says firmware updates addressing the issue will roll out between now and January 2026, with patches for Ryzen 9000 and Threadripper 9000 processors starting November 25th. Now this is a stark reminder that even at the deepest layers of modern processors, the ones we trust for things like randomness, human oversight remains essential, and we need to encourage the curiosity and creativity that that meta engineer had that uncovered this issue. And finally, the Louvre, home of the Mona Lisa, is facing a crisis of credibility after investigators found that its surveillance network used simple passwords like Louvre and Thales, which is the name of the security system. According to the security blog Red Hot Cyber, those credentials date back to 2014 and were still active as late as 2024. The museum's technology may have been sophisticated, but its maintenance and oversight were anything but. You might remember that on October 20th, two men used an automated lift truck to break into the Apollo Gallery, cutting open display cases and escaping in minutes with 88 million euros in jewels. The cameras, which should have been state of the art, failed to capture clear footage. Seven people were later arrested. Four now face charges of organized robbery and criminal conspiracy. France's National Agency for Information Systems Security had warned as early as 2014 that control of the museum's network could facilitate art theft, a prediction now haunting officials. Culture Minister Rachita Dati has admitted to security lapses and ordered a full investigation. We'll wait for that investigation to pan out, but if the stories of the passwords are true, this is a classic case of advanced technology undermined by basic human error or sloppiness. Proof that the greatest tech in the world is worthless if you neglect the basics like strong passwords and regular audits. And that's our show. Once again, we'd like to thank Meter for their support in bringing you this podcast. Meter delivers a full stack networking infrastructure, wired, wireless and cellular to leading enterprises. Working with their partners, Meter designs, deploys and manages everything required to get performant, reliable and secure connectivity in a space. They design the hardware, the firmware, build the software, manage, deploy and run support. It's a single integrated solution that scales from branch offices, warehouses and large campuses all the way to data centers. Book a demo@meter.com CST that's M E T E R.com CST if you like what we're doing, please share the podcast. You've done that generously in the past and our numbers have grown. And if you can, give us a like or comment on your favorite app, whether it's Apple or YouTube or wherever. Those reviews, thumbs ups and subscriptions have a big impact on our ability to attract new listeners. And if you've got something you want to contribute, we love hearing from you. Reach me at the Contact US page at TechNewsDay CA or leave us a comment under the video on YouTube. I'm your host, Jim Love. Thanks for listening.