A

Foreign. And welcome back to Risky Business for another year. This is in fact the 20th year of the Risky Business podcast. My name of course is Patrick Gray and we've got a great show for you. As always this week we'll be chatting with Adam Boileau about all of the week's security news and then we'll be hearing from this week's sponsor. And this week's show is brought to you by Airlock Digital, who make a absolutely terrific allow listing technology which can operate at massive scale. And the founders, two of the founders of Airlock Digital are joining us this week. David Cottingham and Daniel Schell, the CEO and CTO respectively of Airlock. And they're going to talk to you about a wonderful thing called Click once applications in Windows, which are being combined with some code reflection techniques to get people owned in a pretty sort of hard to detect and kind of unexpected way. That's actually a really interesting interview and it is coming up after this week's news, which starts now. And Adam, we go on holiday. You know, the joke is usually something bad happens and you know, we got a really bad mongodb bug this time around. So that was fun.

B

Yeah, yeah. I mean it's not the world's worst thing that's happened while we've been on holiday, but it's still a pretty good bug. MongoDB is, you know, like document store database thing and kind of historically people put it on the Internet with no auth because like that was originally how it was written. So kind of we've had a lot of data breaches that come out of Mongo over the years. But this is a like a memory leak bug, kind of in the style of heartbleed, Citrix Bleed, it's called Mongo Bleed, unsurprisingly. And we've seen a bunch of active exploitation of this. Someone dropped an exploit, like a proof of concept exploit for this on I think, Christmas Day. Yeah, you know, little bit rude.

A

Yeah, someone did a write up with a whole bunch of details on it on Christmas Eve and then the POC dropped on Christmas Day, which is, yeah, rude. Very rude.

B

Little bit rude. Anyway, so the net result is you can kind of send a query structure up to the Mongo that includes like lengths. So this involves compression where basically you lie about the size of the compressed data and you end up leaking uninitialized memory. And the exploit script kind of rummages through and dumps out contents of memory in certain locations. And if you get lucky, you might get credentials, you might get tokens you might get passwords. And so, yeah, people have been using that. There's quite a lot of MongoDB exposed on the Internet and people are getting compromised. It's, I guess somewhat mitigated by the fact that what data you get out of it is somewhat non deterministic. So it's not like Insta pop a shell kind of thing. But people have been using it and I'm sure plenty of people are, you know, are getting themselves compromised one way or the other. So that's been fun.

C

Yeah.

A

Seven cloud access tokens and a partridge in a pear tree. I was a little bit disturbed though, I got to say, to see this paragraph appears by John Greig in the Record, but he wrote the bug was dubbed Mongo Bleed in reference to several previous vulnerabilities, including the Citrix bleed bug. See 19, 20th year. It's been 19 years of risky business, this being its 20th year. So I can be old and curmudgeonly and say, come on man, heartbleed's the one you're going to reference there, not Citrix Bleed.

B

The original Bleed.

A

Old man yells AT Cloud. Now look, speaking of bugs, that required a bit of a, bit of a response and caused a bit of a splash. Of course last year we had the REACT to shell bugs which were very interesting for a number of reasons. You know, one of which was the. Was the scale of, you know, how many, how many, you know, the number of places where this thing sort of popped up. Interesting places as well. There's an interesting write up here from Matt Kapko over at cyberscoop. You found this one which looks at Vercel's response to this. And Vercel is the sort of maintainer and owner of Next js, which is a big user of React. And there's some really interesting stuff in here.

B

Yeah, yeah, there's kind of talks through a little bit of the, like having to roll 247 response whilst they deal with the scale of that problem. Because Next JS was one of the bigger platforms that was directly impacted and Vercel run a hosting platform as well for Next JS applications. So there's a little bit about their response and it's always interesting seeing the insides of that kind of process. Like what it's like being on the receiving end of these kinds of disclosures because we as hackers often don't really think about the poor people who have to actually fix these bugs. But one of the bits that I thought was interesting about this response because they also run a Hosting platform and fixing Reactor Shell basically involved kind of rebuilding your next JS apps and republishing them. In the interim. They decided to deploy web application firewall rules in front of their hosting platform to protect their customers. And they rolled out some WAF rules and then they actually brought in, they started a bug Bounty program on HackerOne to test their WAF rules. And so they said, we're going to pay between 25 and 50 grand US for bypasses of their WAF rules. And they ended up blowing through a million buc worth of bounty payouts of people figuring out fun ways to bypass their waf. And actually that's really cool. Like that's a legitimately good use of bug bounty programs. And WAF bypasses are kind of a class of things that normally in bug bounty programs you don't really care about, except in so much as it gets you to the bugs you're actually going to find.

A

I mean, this is what I was going to say is like, if you want to find some people who are really good at bypassing wafs, it's going to be bug bounty participants because they have to go around them.

B

Yes, exactly. So like, that's why I thought this was a really neat kind of thing. And I liked. I mean, normally solving problems with a waf, you know, is a last ditch. Like it's a thing you do as an interim and.

A

But they're using, they're using the WAF the way that beardy people like you say wafs should be used, which is as a, as an interim band aid and not as a permanent countermeasure, so.

B

Exactly. Because there are so many ways to weasel past and bug bandigans are so good at weaseling past, you know, WAF rules and things. And so yeah, I just thought this was a great combo. I think this is a lesson for other big platforms to look at and go like, okay, if we're going to roll out WAF rules, let's go get them battle tested by the kind of people who know how to use them. So, yeah, I think, you know big ups for Vercel from this and I enjoyed this write up. So, yeah, thanks to Matt over at cyberscoop.

A

I mean, if your pockets are deep enough to throw a million bucks to get the unwashed of the bug bounty scene to come and find WAF bypasses, I mean, hey, yeah, why not?

B

Yeah, if you've got a million bucks to burn, it's a good way to burn it.

A

Yeah, exactly. Now we've got some research here from what was it 39C3 looking at GPG? I didn't go too deep on this one because I figured it was going to like make my brain fatigued and then I wouldn't do a good job hosting the podcast here. But walk us through this research because you got all in a titter about it.

B

Yeah. So I was rummaging through the talks from 39C3, the Chaos Communications Conference in Germany, which often has really interesting kind of talks. And this one was a couple of European. I guess they feel like university CTF playing kids looking at gpg and the particular kind of things that you become good at finding when you're a CTF player are often not particularly relevant for regular everyday hacking. But this is a great counterexample. So they were looking at flaws in gpg, and not just technical flaws, they did find some MEM corruption and stuff like that, but also flaws in the context in which GPG is used, and in particular bypassing signature validation. Because GPG is relied on a lot in software distribution, and especially in free software distributions like validate packages you've downloaded or ISO files you've downloaded. And so they have a whole range of bugs, most of which are at the kind of intersection of the implementation of GPG being kind of old and rough and also the way that people use it. So one of the bugs that they talked about was including extra text in headers that get displayed from a signature. They get displayed by GPG when you're in the process of validation, which can be used to kind of confuse users. So kind of like, for example, they had a trick where they would include extra ANSI control sequences which would then prime your terminal to execute code when you smack Enter. And then they have a message that convinces you to press Enter to continue and code execution from.

A

I lied a little bit, because I did look at that bit and it reminded me of like ANSI bombs from the 90s, right? I was like, oh my God, ANSI bombs are back and now in gpg. And I'm like, wow.

B

Yeah, I mean, and GPG is from the 90s, so it makes sense that 90s level bugs would show up here. But anyway, they've got like 14 different bugs, some of which have been patched, some of which were like kind of decided to be won't fix by the maintainers. But the net result of all of this was a pretty comprehensive look at how people actually rely on GPG and various ways that you can break it. And like, I just thought it was great research and, you know, because despite it being nasty 90s code, we do still, especially in the open source world, rely on it a lot. So that was great work. And I think, you know, the, the talk is funny and, and kind of well worth the watch if you're into, you know, 90s Unix style bugs.

A

Yeah, I mean, it feels like, you know, they're keeping it, they're keeping it old school in Germany, as evidenced by this next talk.

B

Yes.

A

Where someone got up dressed as a Power Ranger, the Pink Power Ranger, and deleted a bunch of like white supremacist websites during the talk, including like what looks to be like a Tinder CL only for white people. And I just think this is what should happen at hacker conferences. You know, I feel like in, you know, the places you and I go to, maybe in Australia, in the United States, everything's got a little bit too tame. Like, it's good to see this go the Germans.

B

Yeah, you know, exactly like go. I mean, go the Germans. And this was. So this talk had the Pink Power Ranger character, I think Martha Root was the pseudonym used, and a couple of other people. And they talked about infiltrating a bunch of these kind of Nazi white supremacists. White supremacist kind of social sites. They used some like, AI tricks to, you know, kind of astroturf their way around and confuse them, blah, blah, blah. Net result of all of this was they broke into the infrastructure. And yeah, at the end of the talk, someone, I assuming a plant, asked the question, have the authorities done anything with the data that you've released? Because they released a bunch of the data that they'd stolen from these sites for investigators to use and so on. So they said like, has anyone shut these guys down? And then they immediately segue into well, actually, and then they go ahead and, you know, shut down a bunch of the sites, delete their email accounts, etc. Etc. Which is as a hacker con organizer. Exactly the sort of talk that I want to book. Because, you know, it's going to get a bunch of attention, it's going to get some laughs and be funny. You know, a bit of performative hacking on stage is always fun. And the actual hacking in question is like hidden behind a Python script that's just sort of, you know, making it look nice. And like, I assume that they actually had all this stuff primed to go in advance. So I don't know like how real time it was, but still, I like the show.

A

I mean, pulling the trigger.

B

Germans, they bring it, you know.

A

Yeah. Pulling the trigger on stage. Pretty good. They should have workshopped this joke a little bit. Which is the, you know, imagine calling yourselves the master race but forgetting to secure your own website. Maybe try mastering to host WordPress before world domination. And you know, you could do better with that sort of joke. You could say master race can't even master WordPress. You know, keep it simple. That would be my, my only advice there. But yes, I'm all for the white supremacists being RMRF'd. To me it feels like a victimless crime and I would like to encourage anyone out there listening who can to go and go forth and do that with your God given skills. Moving on to another one from John Greig over at the Record. And yeah, we're only including this one because. Oh my God. So there's some bugs in Cisco's like secure email gateway thing, right? Which is Bhagat from Ironport. Okay, so really what we're talking about here is bugs in Ironport email security which you know, you think, okay, there's bugs in Ironport, no surprises there, that's pretty old tech. But then you see that like Chinese apt crews are actually using these bugs and you just think man, like what are we even doing? What are we even doing? Like it means the people who are serious enough to be targeted by Chinese apts. And I think, look, as far as I remember, I think there's a lot of iron port left in government as well, which makes sense. Cisco, big company, you know, with those sort of relationships and whatever. But like, oh man, doesn't it just like, did it, does it just depress you as well?

B

It does, yeah. I mean you see a bunch of iron portals in like financial institutions they were pretty big in. So yeah, this is like, it's just, it's depressing seeing ancient old school crappy bugs in software that, honest to God is 20 years past its use by date, as you say, in organizations that probably do kind of care about security. But you know, security is the thing you have to keep doing, not just buy the iron port 20 years ago and then leave it there. And this was like, I think command exec in the like web interface for the email quarantine thing. So like when it quarantines your attachments and you have to click through to go release them or whatever else. And that also feels like very old tech, old workflow, old life. So yeah, this whole thing just, you know, makes me feel A old and B depressed. So good job.

A

It's funny that you mentioned that it's like 20 years past its use by date, given that Cisco bought it 19 years ago. So the timing's probably right.

B

You know, it's a Risky Business episode.

A

One grade bug from something very, very old to something very, very new. What's really funny in this, in this write up of this, of this bug, it's in something called N8N and there's a part of this write up that says unless you've been living under a rock for the last year, you've probably heard of N8N and I have not been living under a rock, in fact Adam, for the last year never heard of it. So if you could give me a bit of a primer on what this thing is. I understand that it's, you know, it's, it's a big deal in AI, but until I, until you put this advisory in front of me, I'd never heard of it. So what is N8N?

B

So it's kind of an automation platform and I guess by comparison to our sponsors tines is the direct kind of comparison. It's something kind of like that where you build workflows out of components and bodge them into your existing enterprise structure. These kinds of frameworks of course are very configurable because you're plugging in all sorts of components. They by design want to be able to reach out and touch all sorts of things, expose all sorts of functionality. So pretty ripe place for bugs. This particular set of bugs, It's a Series S10, but like this kind of workflow platform implies, it's going to be dependent on the workflows that are configured. So this particular flaw exploits bugs in how it handles file attachments. So very modern platform, very old problem, can we put file names and file attachments? So if you have a workflow that's configured in this thing that like accept a file upload from the user, then there may be ways to kind of manipulate that into returning back file contents from other files on the file system. And in this exploit flow they leverage that, they kind of use that to steal credentials and then from there turn it back into CodExec and onwards from there. So hence the CBSN kind of severity once you chain it all together there is quite a lot of N8N on the Internet and kind of vulnerable patterns of it. Like accepting file uploads is a pretty kind of common sort of thing you would do like think people emailing in CVS for job applications. So the web form accepts a file upload of a CV and then kicks off a flow that sends it off around the organization or does whatever else. So like not unrealistic but you know, does require like it's not going to be like point, click, pop a shell kind of exploit. It's going to require a little bit of thought. But yeah, these kinds of platforms are increasing in prominence and kind of dangerous because they do all this important functionality and the write ups also kind of funny. So like good work to the researchers behind it.

A

Man. It's a bug heavy edition of the show this week. This one just snuck in today. There's some sort of ServiceNow bug that looks like a pretty big deal too.

B

Yeah, so this one I shoved in the list because yes, it's a bargain. It's like a CVSS nine point something something and ServiceNow is a big name company. But what's interesting is this is actually a prompt injection. So they have bodged some AI into their products. So we'll create tickets and service now when certain things happen. And I guess this is sort of previewing things, foreshadowing the rest of the year. Right. We're going to be seeing high CBSs prompt injection bugs because prompt injection is not really a thing that you can solve. So the bug itself kind of not very interesting. ServiceNow in particular context, you can prompt inject and do stuff from that. But it's just how do we talk about prompt injection bugs generally? Because they're kind of different than regular security bugs. But if the outcome is the same then I guess it's still relevant to our interests.

C

Yeah.

A

So it looks like they actually fixed.

C

This bug last year, but they're just.

A

Talking about it now. And we've linked through to a cyberscoop write up from Greg Otto. What else have we got? Now this one's interesting, right? James Reddick has the write up for the record about this fraud kingpin who was arrested in Cambodia and has been extradited to China. This guy's name is Chen Xi Zi. Unsure Zhi. He's the head of the Prince Group conglomerate and the alleged mastermind between a multi billion dollar scam empire. Now the interesting thing is here too, I believe the Americans were after him as well and he's wound up being extradited to China. China is executing these people. So I think it's really interesting that we've got a situation where everyone's trying to get their hands on him. He's wound up going over to China now. I don't know, there's you know, funny stuff can happen in China with corruption and whatever, but I don't know that there's anything to indicate that here they keep sentencing these people to the firing squad. So it's one of those rare instances where I think someone's probably sitting there going, oh, please don't extradite me to China. Please, please extradite me to America. Please extradite me to America. Because then they could just lounge about in a federal prison through their sentence instead of being, you ready on fire. Which seems to be China's approach to this, right?

B

Yeah, I mean, it's interesting because the, you know, clearly the situation in Cambodia and Southeast Asia generally with scam comments kind of had to come to a head. And we saw. So the Prince group that this guy is behind were also involved with the, like, $15 billion worth of crypto that the US seized. And then there was a bunch of subsequent arguing between China and the USS about whose actual bitcoin that ought to be and whether it came from a previous mining pool theft. Like it was tied up with the Lubian mining pool theft many, many, many moons ago now. So the US has definitely had an interest in this guy. There has been some commentary which suggests that maybe the Cambodians felt like extraditing some. Like, some. They need to do something to preserve some face and, you know, get some. Make it show like they're doing something. They need to have a sack. Fisher, Lamb, this guy is a legit kingpin, probably should take some of the fall. But they send him to China in preference of the US because the Chinese investigation was likely more, as you say, ready, aim, fire. Unless, you know, in the US that investigation might point more fingers at actual Cambodian leadership and their involvement and all of the kind of, like, other corruptness that comes from, as you say, the, you know, these scam empires being bigger than the economies of the countries that they operate out of. So, like, maybe sending him to China is a way to kind of avoid some of that extra attention that a trial in the US and all of that would lead to. So, you know, it's always chicanery and wheels within wheels with this kind of stuff, but we don't have to see what actually happens to this, to this guy now that he's in China.

A

Yeah, I mean, I don't.

C

I don't think he's going to have.

A

A good time, man.

B

Yeah, and honestly, no sympathy.

A

I mean, he's. His kidneys are already on Organ Bay, you know, it's not good. It's really not good. All right, moving on. I remember that's my second organs joke for the Chinese. I gotta stop Making organs.

B

Keen on the organs.

A

Oh, here we go. Some now to some INSANITY in the U.S. as is the way. And Underwriters Underwriting Labs. Is that the proper name? Ul, is it? Underwriter Laboratories. Underwriters Labs, they have left the FCC. He's like, cyber security labeling program for IoT devices. And you know, they're a pretty critical part of it, but they've withdrawn after the FCC has started investigating them because they have labs in China. And apparently this makes the US government very mad. And you know, in particular Brendan Carr, who runs the fcc. And I don't know if you've seen this guy, but he seems like a proper certified 10 out of 10 whack job, Adam. And you know, I would say the stuff this guy would post on Twitter before he ran the fcc and he is a proper, like looney tunes dude who is now running the fcc. And you know, it looks like, looks like this scheme is falling apart. I think is the tldr.

B

Yeah, this was the, it's called the Cyber Trust Mark program. And it's kind of a Biden era attempt to like, can we introduce product labeling and testing for like, testing and labeling for IoT devices so that when you go to Walmart and you buy a $30 RO router, that Z's got a sticker that says, hey, I don't ever get upgrades. And my admin password is admin. And you know, we've been talking about product labeling, you know, as a way to deal with very low cost devices for a while now. And you know, this program has been kind of a long time coming. And I mean, to my mind, it probably kind of makes sense as a good idea. But then the idea that Underwriters Labs, which is like, what 150-year-old American company was getting tarred as a, like, you know, tool of the Chinese Communist Party or something by various MAGA types on, on social media, like, it's all a bit bonkers. And yeah, like, clearly they have just gone, you know what? Nope, we're, we're done with this trash. We don't want to be involved. And they've, you know, they sent a letter to the FCC which said, we don't want to run because they were, they had won the tender to operate the entire program, like all the testing regime, the labeling, the administration at all. And they wrote a letter that said, actually, you know what, best of luck with you. Like, I hope the program goes well, but, you know, don't, don't feel like we need to be involved anymore. Thanks very much. Which, yeah, is a little bit bonkers. And you know, I don't know whether it was going to be a super effective control, but.

A

Yeah, but at least you could have.

B

Like, I mean, pre installed botnets on everything.

A

Yeah, but you and I were chatting about this and like at least if you're operating a major retail chain in the United States, you can say, well, we're not going to sell anything that's under four stars. You know what I mean? So, so it is, it is kind of, I think it's, it's worth having. Is it game changing? No, probably not. Is this the end of the world? No, probably not. But it is a shame to see years of this work just sort of thrown into the toilet. You know what I mean? That's the thing about it. I just sort of think for no reason.

B

Yeah, I mean like, at the very least, I think things like we've got this story coming up that Krebs is looking at with like botnets on Android TDV devices and you know, basically every crappy Android TV device you buy, you buy on Walmart or Amazon or whatever to get free sports streaming or whatever are pre backdoored with botnet components on them. That's the kind of thing that this sort of labeling program would at least deal to because very, very cheap Android TV sticks is the sort of thing that ought to come with a really crappy trust mark sticker on them. So there was some utility for this. And it is a pity to see, as you say, years of work thrown under the bus for just, you know, the kind of stupid reasons that everything else seems to be happening in the US lately as well.

A

Yeah, well, at least they've picked a nominee to run Cyber Command in the NSA who's a proper Delta Force dude. Apparently his name is Joshua Rudd. Doesn't appear to have any cybersecurity experience, which seems, I think, you know, less than ideal. I mean, it seems like he's, you know, a very accomplished military person and you know, hey, maybe he's going to do a great job, but you would think it would be preferable to have someone who at least has some history in the space.

B

Yeah, I mean, yeah, like I think it's possible to do a good job without that experience. But it would really quite help, I feel like, if you knew a bit about computers and hacking and kind of the, you know, the world in which cyber and the security aspects of it operate. But you know, at this point having anyone lead cybercom in the NSA is probably a good choice. So, you know, Just get someone in there that's competent, regardless of whether they're the perfect person for the job because.

A

Well, hold, hold on. Let's see, let's see if they get to a Senate confirmation hearing and then just start saying dump the gum there. You know, I'm not going to say anyone's better than no one when you've got people like RFK Jr bringing, you know, doing their best to bring back polio in the United States.

C

Right.

B

So that's a solid argument. I will give you that one, sir. That is a yes, yes. We do not want cyber polio back.

A

But it does, it does look like there's new leadership headed to the Cybersecurity Directorate. This is the part of NSA that is, you know, really out there trying to help secure the Defense Department and the, and the Defense Industrial Base. And they do a lot of very important work. Rob Joyce and Morgan was it. Morgan's story was over there. There's a few over there, very talented people and they've been leader, leaderless for a bit. So we've got David Imbordino, who is a NSA senior executive, who's currently the deputy chief there, and we've also got Holly Baroody, who is a senior official at NSA as well, who's just finished up working in the UK on behalf of NSA and she'll be taking up the deputy position there. So that's good. What else have we got here? We got one from Dorina Antoniok over at the Record. I think we spoke about this guy before, but he's been through the courts, he's been through an appeal. This 44 year old guy, he's been sentenced to seven years in prison for hacking a major port company in Belgium to smuggle cocaine into the Netherlands. So it looks like what he did is he bribed someone to, you know, put a USB stick in, actually execute something on there and then off he went into the computer systems there, which gave him a lot of control over port facilities, somewhat concerning actually the level of control that this guy did have. And he also was, you know, conspiring to do importations of his own. So, yeah, he's in a bunch of trouble. Seven years, seems like he's getting off pretty light. But I think the interesting thing is here that, you know, this, this activity happened in 2020 and 2021. So we're already in this situation where we've got traditional criminal networks using cyber capabilities for the importation of drugs. I think that's interesting. I also think it's interesting because the average computer network at the average port is not particularly secure, which I think maybe some people listening might be surprised by, but they're typically pretty bad. What were your thoughts here?

B

Yeah, I mean this story, I guess the guy we saw some reporting that said like that he originally entered I think through the port of Antwerp, but I think it's the same port company was involved in Rotterdam and some other European ports. So that initial access via getting someone to plug a USB stick and looks like it got escalated to really quite privileged access. I'm going to go ahead and assume domain admin and then from there onwards to being able to control cameras and shipping manifests and have enough information to really help with managing. I think it was large scale cocaine importation. I think the scheme unraveled as part of the Dutch law enforcement going after sky ecc, the encrypted messenger crime firm operation. So I think that was how they originally figured out what was going on here. But yeah, the security of port and shipping infrastructure, I mean my experience in dealing with those kind of environments is that you know, the corporate side of it is no different than anywhere else and the like industrial, you know, all of the cranes and you know, other moving parts. The OT infrastructure is like OT infrastructure everywhere else. Like it's fine so long as you don't get near it. Like when it's air gaps in separate and on separate environments then great. But the moment you start putting it over radio or wireless networks or letting people get near it then really it's not very flash. And of course there's quite a lot of mobile infrastructure in port so they tend to be very reliant on radio stuff. So yeah, kind of a, kind of a mess. And the hard bit is how do you leverage that to make money or use it for your own good? And obviously importing drugs is one very good way to do that.

A

Yeah, yeah, that's right. And when you say it's like any other corporate environment, you don't mean like a good one, like a bank.

B

I mean the bad sort, which is to say the bad sort, bad place.

A

Now look, we mentioned Krebs has written a bunch of articles about these residential proxy networks which appear like it looks like one of the ways that these residential proxy networks are assembled. And these of course are the ones that allow you to buy access to other people's IPs and tunnel your traffic through somebody's home connection. It looks like one of the ways that happens is with these like Android TV boxes, right, that come sort of, they, they pre ship with the malware on them. But he's also turned up something. So he's got, he's got a bunch of, he's got a whole write up on that whole ecosystem, which is interesting enough. But one thing that I found really interesting is in one of the other stories that he's written about this, he's looked at how one of these operators essentially staged like, kind of like a hostile takeover of another one that was operating out of China. Because the Chinese one, it didn't look like they'd done a good enough job of filtering the requests that customers of the residential IP network, the IP proxy network, what their customers could do in terms of like getting onto local IPs on the networks where these devices existed, right? So there's some person who's got a set top box or a digital picture frame that is being used by this Chinese, you know, residential proxy network. And then one of the customers just starts hitting up 10 dot, whatever, and they did it with a DNS trick, which I'll let you explain. But very quickly, you know, very quickly you had a situation where one of the other operators was owning internal devices on all of these other networks. And it's, you know, it's just a cool story.

B

Yeah, yeah, it is, it is a great write up. So he was looking at the Kimwolf botnet, which was behind a bunch of DDoS attacks that happened towards the end of last year, and the relationship between that and one of the residential proxy networks. And some researchers found that there was a heap of overlap in terms of where this particular botnet was coming from and IPs that were available in the residential proxy network pool. And it turned out that, yeah, there was a trick where they were using basically DNS rebinding, where you set up a DNS name that the answer to the DNS query is a local IP address like a 192168 or a 1080 address. And then you use that to bypass restrictions on what can leave the proxy component. Because normally the proxy component is going to say if I see a request where the destination address is 102168 or something, then filter it. So what they do is make a DNS name. So you say, Please connect to naughtyhacker.com but that DNS name resolves to 102168 1.1 or something. And you do that at scale and you can connect to people's local networks. DNS rebinding is a pretty well known trick for bypassing these types of controls, but seeing it being used at scale. Millions of deployments of this Kimwolf botnet were done using these kinds of tricks to compromise local network devices. So pretty cool trick. And I think the research, one of the researchers that was kind of looked at how this was happening, went and tried to report it to the various residential proxy networks as well. Because like, responsible disclosures, a thing you want to do, but then, you know, residential proxy networks are also not entirely legitimate businesses as well. So like responsible disclosure starts to fall apart a little bit there. But net result of all of this was Krebs has this write up and like it is quite funny seeing the push and pull because in some cases the Kimwolf botnet or other botnets that were using these tricks were then also selling their bots back into residential proxy networks. So there's sort of this whole sort of ouroborous of fail where you end up with sort of wars between various proxy operators and botnet operators all feeding into and providing services to each other. And it's just a horrible, horrible big mess. And you feel bad for people who just want to display pictures of their grandkids on a photo frame. And now they're part of, you know, the modern version of IRC scene wars over, you know, over people's residential proxy access networks.

A

They're oblivious. Who cares? You know what I mean? Like, it's almost like a victim of crime. Like it's, it's, it's fine. I mean, not really, you know, but you know what I'm saying? Like it's, it's.

B

Yeah, yeah, it's, it's one of all the bad things that happen on the Internet. It's on the lower end of, you know, of being, you know, being bad for the actual victims compared to having your life savings stolen by a pig. But thrower.

A

Yeah, 100%.

C

100%.

A

All right, so we got one here from Alexander Martin over at the Record, where I guess the interesting thing here is that there was an investigation into this huge data breach in South Korea at that organization called coupang, where 33.7 million customer accounts got stolen and whatever. So it looks like this incident wasn't quite as big as all of that. So that data was taken, but it looks like the actual breach was pretty contained and they tracked down the guy who walked it out. And as part of the investigation, they wound up locating one of his computers which he threw into a river. And Mandiant and some others, Mandiant, Palo Alto Networks and Ernst and Young were able to recover data off the laptop, even Though it was wet, which I guess is the interesting part of this story, Adam. They recovered data from a wet MacBook Air.

B

Yeah, I mean, if anything, it says nice things about Apple engineering. I suppose the. There is actually a picture in the record story of the laptop, which was shoved in a company branded bag. So that's a nice touch with a bunch of bricks. After the guy had smashed it, sort of, you know, smashed the screen like in the movies, you know, when you want to destroy the computer, you smash the screen because that's where the data is. Anyway, it smashed it up a little bit, put it in a bag with some bricks and threw it in the river. And, yeah, I guess good work to whoever was, you know, doing the forensics job, recovering the data from the SSD on that thing. I'm glad it didn't turn into a pile of lithium smoke. But, yeah, you know, most of that's just. That's the story for us is the, you know, hey, funny, wet laptop.

A

Yeah, we had a. There was a talk at BSIDES years ago. I think I might have interviewed the guy. I can't even remember it was that long ago, but they. I didn't see the talk, but I heard about it. Which was the guy from casa, which is the Civil Aviation Safety Authority. It's like. What do they call it in the US the ntsb. It's like our ntsb. But he did a really interesting talk about, like, you know, having to recover data from badly damaged bits of airplane, you know, and did part of the talk about, like, removing these chips and like, having to piece it all back together. It was. It was very interesting. Apparent, like, everyone loved that talk. They just said it was really cool. So. So there you go. There is a. There is a whole discipline of, you know, recovering data off stuff from that's been, you know, spent a bit of time in the bottom of a creek. We've got a guilty plea from the cyber security guys in the United States who started doing Russian ransomware stuff with Alfie Blackheart. I mean, we talked about these guys, Ryan Goldberg and Kevin Martin. They've each pleaded guilty to one count of conspiracy to obstruct commerce by extortion. And. Which sounds like, oh, what? They knocked it down to one charge, but they're facing up to 20 years in prison, and the sentencing is scheduled for March 12th. So, yeah, Goldberg is 40 years old and from Georgia, worked for an incident response, incident response firm, Signia. And the other guy is 36 years old from Texas and was a ransomware negotiator for Digital Mint. So. Losers, man.

B

Yeah, I mean, really, like. Like, surely you get paid enough during those jobs that you don't need to then go also run criminal conspiracies on the side. Like, it just seems like a bad move. Like, what are you. What are you doing? What are you doing? I guess you're going to jail is what you're doing, but.

A

Yeah. Yeah. And another thing that happened while we're on break is a whole bunch of health care breaches, Adam.

C

There was one.

A

What is it? Covenant. Covenant Health Data. Covenant Health, That's a Catholic healthcare organization, I think in the United states, they lost 480,000 records. We had one in Illinois, 700,000 residents. Personal data, you know, a number of years of data there. We also had. What is it, some processor, like a data processor for the NHS in England. DXS International, they had an incident as well. They experienced a security incident affecting its office. Servers discovered on December 14th immediately contained the breach. Working, you know, with NHS, blah, blah, blah, blah. But then there's this other one which is relevant directly to you, Adam, which hit a bunch of people in New Zealand. Pretty limited data set. You managed to actually be in there, so congratulations. And what I find most remarkable about this one is the guy is out there bragging about it, and his ransom demand is US$60,000, which, I'm sorry to say something a little bit like about your country here, but it's a sign of the scale of New Zealand that the money they're demanding is $60,000, you know.

B

Yeah, this was a company called Manage My Health that makes software used by, like, medical practices for managing patient records and other things. And, yeah, they. They got themselves data breached. I think most of the data came from, like, when you were importing documents into the system or they were sharing documents with patients. It was like, in the document management system. It feels like direct object reference is probably what it was. I don't know any technical specifics of it, but, yeah, the attacker who did it, as you say, is asking for US$60,000, which isn't very much, and has also been doing a lot of work talking to local media. And the combination of it happening over the Christmas break when most of the senior leadership at media organizations are away, and cyber just not being particularly well reported in this country. There's been a lot of really, I would say, kind of shonky journalism, like straight up talking to the attackers, quoting them directly, treating them like they're legitimate businessmen, treating this guy like he's the CEO of Ransomware organization who's just trying to do business with Manage my Health. Shake them down for 60,000 bucks. I don't know if they've paid, but it has kind of gone quiet. And as you say, $60,000 is really not very much and I would not be surprised if the ransom got paid. So. Yeah, but it feels, who knows?

A

It feels a bit school kid.

B

It really does. It feels super amateur and to be honest, having used managedmyhealth myself and I didn't pen test it, but boy, oh boy, it looks pretty old and clunky. Like it's not the sort of, you know, it really does give you old.net like, you know, enterprise app vibe. It did not fill me with confidence at all. But hey, what are you going to do, right? You want to book an appointment at your doctor, you got to use their system. So tough. Tough for me and tough for everyone else. New Zealand that had had its stuff compromised, like in New Zealand, this is probably the biggest of the medical practice management software packages. Like it's something like 1.8 million New Zealanders, which to your point of it being a small country is still quite a big proportion of our country. So, yeah, sucks to be New Zealand. And yeah, the quality of the reporting has not been fantastic. So boo to them.

A

Yes. All right, mate. Well, that is actually it for this week's news. I've missed you, man. It's good to be back. It's good to be back to be chatting about this stuff every week. And yeah, I look forward to doing it again next week, but we're going to hear from this week's sponsor. You actually had a listen to this interview as well, because this is Airlock Digital talking about a new way to get you owned, which is through these like dot application click once things that Microsoft has created in its wisdom, which first of all seem like kind of like a bad idea. But then attackers are combining like a code reflection technique with these dot application things to own people pretty effectively. And I just, I mean, I asked you to have a listen to this interview because I'm like, this sounds actually very cool to me. Is it also very cool to you? And you're like, yes, this seems actually quite cool.

B

Yeah, it's a funny technique. Like the click once thing is like Microsoft's sort of early. NET application packaging tech. And I guess to my mind that's kind of comparable to like Java. What? Java Web Start was a way to package up applications. And yes, the fact that someone has gone like this is an old trick. This is not the modern way that you would package. Net applications. So the fact that someone's gone back, found some legit binaries that you can package using this technique, and then alter their behavior by giving them extra. Net runtime, Net assembly at runtime, that's pretty cool work. Honestly, whoever started doing this, my hat's off. Good quality hacking. So, yeah, it's a fun interview. And the Airlock guys are always good when they. Because they see such weird Windows gubbins that nerds always enjoy hearing about. So, yes, it's a great interview worth listening to.

C

Yeah.

A

All right, mate. Well, with that, we will roll on to this interview now with the Airlock guys. But thanks a lot for your time, Adam. Appreciate it.

B

Yeah, thanks. I'll talk to you next week, Pat.

A

Okay, so here's David Cottingham from Airlock Digital to start things off, and then you'll hear from Daniel Shell as part.

C

Of the same interview.

A

So we are talking about these Click Once applications. That's the first half of this interview. And then the second half, we do talk a bit about AI, because funnily enough, like, Airlock's not doing much really with AI at the moment in terms of giving an AI agent control over what is added or removed from an Allow list. For an interesting philosophical reason. You'll hear Dave describe it, but basically he thinks the whole point of Allow listing is that you do have that human control, you do have that human context. And once you strip that away, are you really doing, you know, are you really fulfilling your promise of actually giving people, you know, direct control? It's a very interesting conversation. I think that I definitely see Dave's point. There's going to be a lot of customers who do not want to hand over control of their Allow lists to an AI agent. But I think there's also a whole market of other people who would want to do that. But it's very interesting conversation nonetheless. So here it is, this week's sponsor review with David Cottingham and Daniel Shell talking all about, yeah, click once and then AI and applying AI to Allow Listing. Enjoy.

D

Yeah, so Qlik Once is basically a capability built into Windows that allows applications to deploy it seamlessly with a single click. It's like a file which is called Application. It's basically an XML config that describes the application, all its dependencies, and how those dependencies are obtained. So when a user runs this, and they'd be through a link or something like that, it loads up the deployment application service, and then it prompts the user to install or don't install the application. I haven't come across it much in sort of like legitimate practice. So I'm not really sure of the prevalence out there in organizations, but we're seeing this being used in campaigns, particularly across our financial clients, quite extensively. If users do click install, it will download all the components of those applications, place it in a user profile folder, doesn't require admin to install. And there's a config file, which is the interesting part about this. So let's say, for example, you install an application and it contains a Dell binary that's written in. Net, it's signed, it's smart screen approved, it's entirely legitimate. When the application is run, this config file will give that Dell binary some instructions and the Dell binary will actually go, oh, I need all these things in order to run. And it will actually go down and download malicious code from the Internet itself and reflect it into memory, which is really, really difficult to see.

C

So it just grabs a whole bunch of DLLs and like, starts bing, bing, bing, bing, bing, bing, bing, bong, bong, bong.

A

As Donald Trump would say, pretty.

D

Pretty much. And the thing is, they don't have to have the extension of a DLL file either. So it could be a JS and it could actually be sort of assembly code which is reflected. And it's not a normal library load. So you can't. It's really difficult to see unless you're looking for. Net assembly load. So you basically have a situation with these applications where you have a legitimate signed application that could be whatever the attacker chooses. They just pick a. Net binary of some vendor, it's all signed, it's not going to be detected as malicious. And then there's this config file giving it instructions that's not going to be detected as malicious because it's a legitimate xml. Just saying with instructions telling the. Net binary what to do. This isn't new. There's been a lot written about click once. But what's novel is that attackers have chained this with a legitimate binary that's actually doing the work, which really sort of changes the way that EDR and other behavioral tools look at it. Because they're like, well, it's just a legitimate app doing its thing. Yeah, yeah. And there's a good reputation with every component, essentially.

A

So it's just so, so out of the box.

C

Default config.

A

Were you stopping this?

D

Yes.

E

So because like, years ago we invested heavily in just the. Net reflection part. By default, it turned out we Just proactively blocked this. A lot of people would think that this sort of dynamic net reflection is like a fileless malware, but they are actually written like in this case, to the user's Internet temp cache folder and it's run from there. So we would then intercept that with airlock. You'd see the Dell application where we chose like this would try to open a handle to the. Net assembly which is malicious and it would be prevented from running. The reason we found out about this, we're starting at support tickets for many customers saying, how do I control application files? It's not the application file though, that's the problem, it's the downstream components.

A

Right?

C

So they were aware that this was a risk and they were asking you how can we use your tool to stop it? And you're like, well, good news everyone.

E

Basically, yeah, well, it sourced that this weird thing where we were saying, well, why do you want to block application files? They're not actual executable code. So it becomes this conversation like, don't you want these trusted sign files? And they're like, well, there's some malicious components. And a couple of our customers were like, I'll send you some artifacts. And then we looked at it and went, oh wait, this is much worse than anyone, that the customer didn't understand it properly. And this is the first time we've seen it. And then it just turned into a big sort of research piece piece as well, or being like, well, what's actually going on here? And then because it's really a combination, you've got the Qlik1 stuff that's been around forever. Like in Visual Studio you can just go compile this to a published website to deploy this app. It's just a deployment method. And the net assembly reflection, config file stuff has been known for like five years and sort of dropped off a bit. But what they've really done here is they've combined both of them by making the config file also a dependency. And it really brings any Net assembly like trusted file can become a loader stager launcher for malware. So together that's where the novel stuff is.

C

Well, I've got two questions which are what type of attackers are we talking about here? Are they sort of ransomwares apts? Do we even know? Are they the modern equivalent of Fin7 financial fraud actors? And my other question there would be are they having any luck against edr?

A

So yeah, who's doing this?

C

And are they actually able to sidestep EDRs the majors anyway.

E

Sure. So who's doing this? I'm not sure. Customers would definitely be sensitive about sharing that information. And we're not a threat Intelligence House, I guess.

A

Well, you don't have to be. Which is, which is one of the wonderful things about allow listing.

E

But anyway, yeah, I think I did presentations recently. At the end it's like, well, who was it? What wasn't like?

C

I.

E

My answer is I don't care. We default prevented this type of tradecraft. I would say customer can go down that path.

C

Right.

D

I would say where we see this pop up continually though is financial customers. It's very heavy on that. If you know, that's a, that's quite a big data point.

C

So this feels like the Fin7 style actor kind of, you know, trying to get into a bank.

E

Yeah, very. Target spear phishing templated emails that you know are branded as the bank. All that stuff.

A

Right.

C

And is this getting around? I mean you would think first of all those spear phishing emails, you would hope your mail gateways would do a decent job of stopping them. But of course stuff can slip through and people can drop phishing links into what into you know, LinkedIn messages or teams or whatever. Right. So okay, but how is EDR dealing with this?

A

Or why is EDR not dealing with this?

C

Well, which seems to be what you were implying earlier.

B

Yeah.

E

So yeah, the challenge of I think in this is because a lot of people think that this DLL is like we say DLL is interchangeably but the traditional old like portable executable DLL format is very different and there's a lot of visibility on that. Any vendor, any AV vendor us are going to hook into load library this Windows function to load dlls. However, since these are actually not really those sorts of dlls, they're NET assemblies with a DLL extension which could be a JS extension or whatever. In this case it's just more like the. NET application itself just has that functionality built in to suck that up. So you're not hooking it. The application itself has that capability, so there's very little visibility. And yeah, vendors will be like to do like, they'll try to trace loads in different ways, but because this is all happening within the application itself, there's nothing to hook.

D

Yeah. And also because again, the attackers are using legitimate signed binaries from different vendors, so it has a signature and the binary itself has a good reputation and that naturally goes towards contributing the overall score for behavior.

C

Yeah. So what's the actual behavior that you're stopping There, Dave.

D

Yeah, so it's the actual loading. So you take a binary and then when that binary is downloaded, some new bit of code which is the actual malicious bit that it wants to run in the process, we're actually stopping the load of that. So we're seeing that legitimate process load basically untrusted code into itself and we're blocking that because it's not explicitly trusted, because we take a deny by default approach and we happen to hook all of those and monitor those net assembly reflection mechanisms that are quite non standard.

C

Yeah, nice, nice. Very nice. All right, so I want to talk about one more thing while you were here, but congratulations on that win too. We'd love to hear a good winning story. But the other thing I wanted to talk to you about is AI, right? Because everybody's AI. I've seen you guys actually have been around long enough and validated allow listing enough these days that you actually have a couple of competitors now. And you go to their websites and they're like AI allow listing pool, pew, pew. You know, it's all finger guns. And AI, you guys, not so much. I mean, I would have thought there's some huge potential to use AI to do things like automatically manage the allow lists and evaluate binaries on first execution, evaluate files when the first time they pop up into an environment.

A

But you seem a little bit circumspect.

C

About a lot of this fancy AI stuff. So what's your thinking on AI and where it can plug into your stuff?

A

Because I would have thought it was a slam dunk.

D

Yeah, so look, and there's certainly opportunity and applicability to type of deny by default product for AI. You know, I think you've really got to look at where does the security for allow listing application control come from. And that is just this foundationally black and white sort of approach to you trust this, you don't trust that. Right. And it's always human driven and the human is the person that has the context to decide what they allow inside their organization. Right. Now the thing with AI is okay, do you trust a standard operator to make those decisions better than AI? And I think a standard operator will generally have a sense of what is expected or not expected from their point of view in their org. So they know what applications they use and they can make a judgment call from that point of view. But a human operator will not be as good as necessarily saying, is this particular piece of code potentially malicious? Right. They over index on context, whereas AI will over index on sort of the, the sensitivity of Code and what we're sort of thinking in terms of our approach and where it can add the most value is providing context to the operator to make better decisions ultimately. So it's looking at the data set that's coming in, what files are being executed and really answering what, and distilling down data sets into some clarity of here's what's here, here's what applications are associated with and here's the types of decisions that you should make. So providing a bit of assistance to actually go forward and define what you trust ultimately, but without fully handing over the capability to trust files itself. Because then all we're doing, we feel, is just sort of like a reverse EDR in a way in terms of utilizing those trust decisions which get messy.

C

Well, I mean, they do, but I.

A

Sort of feel like the products that.

C

Are really well suited to AI tend to be the ones that are designed day to day to be process driven.

A

Right.

C

So you look at companies like Sublime Security, right? You do email security, email gateway security and well, it's more of a cloud based product now. But you know, the whole point is there's detection as code and they've got a really nice process for people to be able to manage that. So it turns out when you've got a, when you've developed your whole product to allow a human operator to work within a process, right, which is somewhat repetitive and a little bit annoying, but it's a very well defined process. Turns out AI is really good at taking over the human workload. Bit of that. And you know, the whole key of Airlock's success over the years is you have taken allow listing and made it a process at scale. I mean, you have customers with 150,000 endpoints, right. Last I checked, could be more now, right? Like, yeah, but the point is you've boiled all of that down to a process and I just would have thought, but at some point the AI stuff is going to wind up just being more accurate than the human operator. And at that point who cares if you're a reverse edr? Like it's a win.

E

What?

D

No, and you're totally right. I think the, you know, what problem are you trying to solve, right? And really you've got to push the operator to make decisions at speed, as fast as possible without fully handing over that control. Because I think that, you know, we're fairly principled in making sure that the customer is in complete control of what they trust because that provides ultimately the best security outcome. The biggest thing is you can't understand in many cases, why an LLM made a particular decision. Right. Like if you had, oh, suddenly you've got these, you know, 300 computers in your organization suddenly have this binary on them. Okay, well, prevalence would dictate that then it's probably something legitimate. Right. And you sort of add those things together and then you end up sort of in a scoring model again, where you just need to get over that threshold in order to get the trust. And also, I think one thing that where Allow Listing gets really unwieldy is if you don't understand what is actually your definition of trust anymore. If you've got this thing that's making decisions for you on your behalf, then it can kind of get you just go, oh, well, the system added it. And then from us as a vendor point of view, it starts to come up against really interesting questions, which is like, well, hang on, your software made that choice and trusted it. So, you know, who, who's in control here? You know, so it's, look, there is totally applicability here. And we are working through, you know, sort of testing the efficacy and accuracy of these types of things in our trust workflows to make the operator as fast as possible. But I still just feel like you come back to the principle of what makes Allow Listing effective. And that is just the human context of should we be using this application or not? Not. You know, is this application necessarily malicious? It's a slightly different, different question.

A

It's really impactful.

C

Yeah, I understand 100% what you're saying. It's like, does this belong here?

E

There's a deception piece as well, right? Like the malware offers are trying to look like other files or stuff like that. So can AI work out the slight difference?

D

Yeah, but then you get an interesting question which is, can the operator tell the difference? And that's where context is the richest thing that you can provide based on all of these different sources to come to a good conclusion ultimately.

A

All right, Dave Cottingham, Daniel Schell, that is all we have time for. Thanks to both of you for helping.

C

Us kick off Risky Business for another year. It's 20th year in 2026. Great to see you both.

D

Yeah, thanks, Patrick.

E

Cheers. Patrick.

A

That was David Cottingham and Daniel Schell there from Airlock Digital. I'm a huge fan of Airlock Digital, as regular listeners would know, and I think basically every enterprise should be using it.

C

If you're operating at any sort of.

A

Scale, it's just a really, really good tool. But, yeah, that's it for this week's show. I do hope you enjoyed it. We'll be back in this feed, the main feed, next week with more risky biz for you. And don't forget, we also publish news bulletins and other podcasts into the Risky Bulletin feed. My colleagues have a bunch of podcasts they publish there. But yeah, I'll catch you all next time week. And until then, I've been Patrick Gray. Thanks for listening.