1 00:00:00,500 --> 00:00:01,820 Cybersecurity today. 2 00:00:01,825 --> 00:00:05,584 Would like to thank Meter for their support in bringing you this podcast. 3 00:00:06,369 --> 00:00:11,080 Meter delivers a complete networking stack wired, wireless and cellular 4 00:00:11,139 --> 00:00:15,639 in one integrated solution that's built for performance and scale. 5 00:00:15,700 --> 00:00:20,080 You can find them at meter.com/cst. 6 00:00:21,640 --> 00:00:26,290 Living off the land attacks on Microsoft, attackers use fake Calendly invites 7 00:00:26,290 --> 00:00:29,020 to hijack Google and Meta ad accounts. 8 00:00:29,290 --> 00:00:35,230 Oracle breach claims yet another victim and researchers trace AI jailbreaks to 9 00:00:35,230 --> 00:00:37,720 hidden patterns in sentence structure. 10 00:00:38,050 --> 00:00:40,090 This is Cybersecurity Today. 11 00:00:40,450 --> 00:00:41,710 I'm your host, Jim. 12 00:00:41,710 --> 00:00:42,130 Love 13 00:00:43,900 --> 00:00:47,560 living off the land attacks is a phrase that was first coined about a dozen 14 00:00:47,560 --> 00:00:52,870 years ago by Christopher Campbell and Matt Grabber at Derby Con three. 15 00:00:53,140 --> 00:00:56,890 It describes a technique where attackers can hide using existing software and 16 00:00:56,890 --> 00:01:01,153 utilities I was reading about this and how it had been used in the Ukraine war 17 00:01:01,333 --> 00:01:06,583 where intruders were relying entirely on Microsoft utilities to stay hidden. 18 00:01:06,673 --> 00:01:11,263 And then I looked around and I found more and more examples of where 19 00:01:11,263 --> 00:01:15,733 intruders were relying entirely on trusted Microsoft utilities. 20 00:01:15,973 --> 00:01:19,993 But now in North America, The stories are the same. 21 00:01:20,113 --> 00:01:26,863 Attackers start with a foothold and they pivot Using PowerShell WMI task scheduler 22 00:01:27,013 --> 00:01:29,473 all legitimate windows components. 23 00:01:29,833 --> 00:01:34,153 PowerShell might quietly download a script, WMI might 24 00:01:34,153 --> 00:01:36,163 execute commands remotely. 25 00:01:36,493 --> 00:01:41,113 A scheduled task or a registry run key might be altered to keep the attackers 26 00:01:41,113 --> 00:01:45,763 hidden inside And nothing they do involves a suspicious binary and 27 00:01:45,763 --> 00:01:47,923 nothing looks foreign to the system. 28 00:01:48,283 --> 00:01:52,033 These are the same tools administrators use every day, and 29 00:01:52,033 --> 00:01:56,833 they're also tools Windows relies on, so you can't simply block them. 30 00:01:57,193 --> 00:01:58,183 And of course. 31 00:01:58,608 --> 00:02:01,728 That's why these attacks evade so many defenses. 32 00:02:02,208 --> 00:02:05,928 Endpoint Detection and Response systems are excellent at spotting malware, 33 00:02:06,198 --> 00:02:09,018 lateral movement, or even odd binaries. 34 00:02:09,288 --> 00:02:12,858 But when an attacker sticks to Microsoft signed utilities, 35 00:02:13,428 --> 00:02:14,658 there's often nothing to flag. 36 00:02:15,823 --> 00:02:19,093 Investigators in the Ukraine example that I was using said the 37 00:02:19,093 --> 00:02:23,083 intrusion blended into regular administrative traffic for weeks. 38 00:02:23,473 --> 00:02:27,763 What was dangerous looked almost identical to routine system work. 39 00:02:28,843 --> 00:02:33,493 . And the real risk isn't just the intrusion, it's the quiet persistence 40 00:02:33,493 --> 00:02:35,623 that follows living off the land. 41 00:02:35,623 --> 00:02:39,373 Techniques, let attackers stay inside networks for long stretches 42 00:02:39,373 --> 00:02:43,753 of time, often without writing a single malicious file to disc. 43 00:02:44,323 --> 00:02:47,593 And I guess that's why defenders are being pushed to rethink 44 00:02:47,713 --> 00:02:49,993 how these tools are monitored. 45 00:02:50,593 --> 00:02:54,043 When the threat hides inside some normal system activity, the only way 46 00:02:54,043 --> 00:02:58,633 to spot it going offside is when you have an idea of what normal really 47 00:02:58,633 --> 00:03:01,633 is and a way to spot the difference. 48 00:03:02,233 --> 00:03:06,913 And that means logging, that captures what these utilities are doing, but that 49 00:03:06,913 --> 00:03:11,773 logging's going more to a behavioral analysis that can surface these anomalies. 50 00:03:13,483 --> 00:03:18,193 Of course, zero trust and least privilege models can limit how much 51 00:03:18,193 --> 00:03:24,313 damage a built-in tool can do if it's misused, but it's not one control. 52 00:03:24,793 --> 00:03:28,273 We're looking at an orchestrated defense and living off the land 53 00:03:28,273 --> 00:03:32,953 attacks are showing why that shift is becoming perhaps even more important. 54 00:03:35,106 --> 00:03:37,626 And you know how it is when you see something and it makes you think, 55 00:03:37,626 --> 00:03:41,586 and then you keep seeing examples of the same thing over and over again. 56 00:03:41,976 --> 00:03:46,386 While I was working on that last story, David, our Monday host sent 57 00:03:46,386 --> 00:03:51,546 me a story, and this time they were spoofing a different trusted utility. 58 00:03:51,816 --> 00:03:55,776 A new campaign is sending fake meeting invitations that look like 59 00:03:55,776 --> 00:04:00,486 the real thing complete with branding, but from well-known companies. 60 00:04:01,176 --> 00:04:05,376 But instead of opening a scheduling page, the link may open a phishing 61 00:04:05,376 --> 00:04:11,006 site designed to steal either Google ad or Meta business login credentials. 62 00:04:11,096 --> 00:04:14,906 And it's a clever twist on this living off the land approach. 63 00:04:15,236 --> 00:04:19,996 Calendly is a tool that is used by a lot of people, And of course people click 64 00:04:19,996 --> 00:04:24,466 meeting links without thinking about it, and the attackers aren't dropping 65 00:04:24,466 --> 00:04:27,016 malware or trying to compromise devices. 66 00:04:27,436 --> 00:04:30,796 they're going after The people who control Google AdWords or Meta 67 00:04:30,796 --> 00:04:35,386 advertising budgets and the phishing pages are tuned specifically for them. 68 00:04:36,476 --> 00:04:39,746 Once an attacker gets access to an ad manager account, they can spend 69 00:04:39,746 --> 00:04:44,726 thousands of dollars in minutes running fraudulent campaigns or crypto scams, 70 00:04:44,936 --> 00:04:50,396 all billed to the victim, and all coming from what might be a trusted source. 71 00:04:51,556 --> 00:04:54,736 What makes this campaign stand out is the precision. 72 00:04:55,276 --> 00:04:58,696 The phishing isn't being blasted out to random users. 73 00:04:58,906 --> 00:05:04,276 It's aimed at people who manage business pages and have payment methods attached. 74 00:05:04,516 --> 00:05:09,676 The entire attack relies on trust, a familiar scheduling tool, a 75 00:05:09,676 --> 00:05:14,866 familiar business brand, and a login page that looks exactly like 76 00:05:15,016 --> 00:05:16,606 Meta or Google's own interface. 77 00:05:18,416 --> 00:05:22,316 It is another reminder of how this living off the land idea is 78 00:05:22,316 --> 00:05:24,716 shifting beyond system utilities. 79 00:05:24,986 --> 00:05:28,946 Attackers are now using the everyday cloud tools we depend 80 00:05:28,946 --> 00:05:31,136 on as their delivery mechanism. 81 00:05:31,496 --> 00:05:35,126 And when the threat arrives through something as ordinary as a meeting 82 00:05:35,126 --> 00:05:40,916 invite, the line between safe and suspicious becomes a lot thinner. 83 00:05:43,556 --> 00:05:47,546 And again, as if to show how much damage can be done. 84 00:05:47,546 --> 00:05:51,536 Once somebody breaches your defenses and gets within your system, the 85 00:05:51,536 --> 00:05:55,556 University of Pennsylvania is reporting another data breach. 86 00:05:55,886 --> 00:05:59,936 This one appears to trace back to the Oracle E-Business Suite hack 87 00:05:59,936 --> 00:06:04,566 disclosed earlier this year, Penn says attackers stole documents from its 88 00:06:04,566 --> 00:06:09,456 Oracle EBS servers in August, months before Oracle issued patches for 89 00:06:09,456 --> 00:06:12,036 multiple vulnerabilities in October. 90 00:06:12,156 --> 00:06:16,236 And even though those patches were applied, the university now 91 00:06:16,236 --> 00:06:20,166 believes that new breach may have stemmed from access the attackers 92 00:06:20,166 --> 00:06:22,896 gained during that earlier incident. 93 00:06:23,586 --> 00:06:25,776 And Penn is a major target. 94 00:06:25,836 --> 00:06:29,676 It's an Ivy League institution with more than 29,000 students, 95 00:06:30,126 --> 00:06:36,516 almost 6,000 faculty, and an operating budget of $4.7 billion. 96 00:06:36,906 --> 00:06:42,711 It also holds a $24.8 billion endowment as of mid 2025. 97 00:06:43,581 --> 00:06:46,221 And this isn't the first time it's been hit. 98 00:06:46,461 --> 00:06:50,481 Back in October, Penn disclosed a separate compromise involving its 99 00:06:50,481 --> 00:06:54,861 development and alumni systems, and in that case, a hacker claimed to have 100 00:06:54,861 --> 00:07:01,071 stolen personal information on roughly 1.2 million students, alumni, and donors. 101 00:07:02,181 --> 00:07:04,971 What makes the new incident stand out is the timing. 102 00:07:05,556 --> 00:07:09,246 The attackers first accessed the Oracle EBS servers in August. 103 00:07:09,516 --> 00:07:13,806 Oracle then released patches in October, but Penn's latest investigation 104 00:07:13,806 --> 00:07:17,946 shows the intruders may have used the foothold from August to carry 105 00:07:17,946 --> 00:07:19,896 out newly reported date of theft. 106 00:07:20,733 --> 00:07:23,973 it suggests that even when an organization patches quickly, the 107 00:07:23,973 --> 00:07:28,623 damage from an earlier compromise can continue to unfold months later. 108 00:07:29,673 --> 00:07:33,813 It's a reminder that once attackers get inside a system, especially one tied to 109 00:07:33,813 --> 00:07:38,463 business operations, the breach doesn't end when the vulnerability is fixed. 110 00:07:38,793 --> 00:07:42,783 The challenge becomes understanding how far the original intrusion 111 00:07:42,783 --> 00:07:47,643 went and whether access that was gained early on could still be used. 112 00:07:47,658 --> 00:07:53,508 Quietly in the background And finally, a different story. 113 00:07:53,508 --> 00:07:55,218 But something that keeps coming up. 114 00:07:55,908 --> 00:07:59,898 One of the ways we could spot patterns in behavior and maybe work to defeat 115 00:07:59,898 --> 00:08:06,708 living off the land is in using AI, but AI has its own set of issues and problems. 116 00:08:06,888 --> 00:08:10,818 One of them being how easily it be jailbroken and turn what 117 00:08:10,818 --> 00:08:15,288 should be a trusted tool into a liability and an attack vector. 118 00:08:16,968 --> 00:08:19,968 , We hear about a breach almost every couple of days. 119 00:08:19,968 --> 00:08:21,978 Open AI reported one last week. 120 00:08:21,978 --> 00:08:22,968 That was a major one. 121 00:08:24,108 --> 00:08:28,678 So, most jailbreaks make sense in a human way. 122 00:08:29,068 --> 00:08:32,548 Someone reframes a harmful request, so it sounds harmless. 123 00:08:32,598 --> 00:08:35,418 Essentially socially engineering the model. 124 00:08:35,928 --> 00:08:40,188 The famous example is you can't ask it to build a bomb, but you can ask for 125 00:08:40,188 --> 00:08:44,088 help writing a scene in a community play where your character builds one. 126 00:08:44,448 --> 00:08:46,818 The trick works on the framing, not the intent. 127 00:08:47,298 --> 00:08:51,738 We've used this as little as last week to break one of the major models. 128 00:08:52,038 --> 00:08:56,358 It's a problem and it's one they need to solve, but there's another 129 00:08:56,358 --> 00:08:59,358 problem that's surfaced and researchers have begun studying. 130 00:08:59,388 --> 00:09:05,568 A stranger kind of jailbreak, the one built from strings of nonsense words or 131 00:09:05,568 --> 00:09:08,448 words appended to the end of sentences. 132 00:09:08,868 --> 00:09:12,978 These prompts don't look like trick questions or role-playing setups. 133 00:09:13,403 --> 00:09:17,843 Many of them read like gibberish, yet they sometimes cause an AI system 134 00:09:18,023 --> 00:09:20,483 to ignore its own safety rules. 135 00:09:20,663 --> 00:09:26,003 And now a new study by researchers from MIT Northeastern University and 136 00:09:26,003 --> 00:09:32,513 Meta may explain why in their paper with the mellifluous flowing title of 137 00:09:32,663 --> 00:09:38,873 syntactic domain, spurious correlations in language models, which I'll translate 138 00:09:38,873 --> 00:09:44,933 for you into syntax hacking how sentence structure enables LLM Jailbreaks. 139 00:09:45,623 --> 00:09:49,313 They show that many nonsense jailbreaks work, not because of the 140 00:09:49,313 --> 00:09:54,053 words, but because of the syntactic patterns hiding underneath them. 141 00:09:54,623 --> 00:09:58,943 Some combinations of meaningless terms accidentally form structures 142 00:09:59,153 --> 00:10:02,663 that these large language models interpret as commands. 143 00:10:02,993 --> 00:10:05,123 In other words, they're using the correct grammar. 144 00:10:05,533 --> 00:10:11,473 But nonsense words syntax resembles that system level instruction learned during 145 00:10:11,473 --> 00:10:17,443 the training, the patterns that can slip past the safety layers added later. 146 00:10:19,633 --> 00:10:22,903 so just to recap, they're using a grammatic structure that's 147 00:10:22,903 --> 00:10:25,213 accurate, but with nonsense words. 148 00:10:25,293 --> 00:10:30,473 Although the system might recognize that grammatical structure, the words just 149 00:10:30,473 --> 00:10:36,353 slip past, The researchers argue that this happens because models are more sensitive 150 00:10:36,353 --> 00:10:39,468 to shape and structure than pure meaning. 151 00:10:39,893 --> 00:10:42,623 That doesn't mean they don't understand meaning they do, 152 00:10:42,893 --> 00:10:45,683 But they have this inherent flaw that calls them to look at the shape 153 00:10:45,683 --> 00:10:47,148 and structure of sentences as well. 154 00:10:48,171 --> 00:10:51,771 They generalize from these patterns in sentence construction, and those 155 00:10:51,771 --> 00:10:56,781 patterns can override the safeguards when they resemble the cues. 156 00:10:56,781 --> 00:11:00,111 The model associates with higher level instructions. 157 00:11:00,561 --> 00:11:06,621 It also explains why gibberish jailbreaks are inconsistent and difficult to patch. 158 00:11:06,831 --> 00:11:08,811 They don't rely on a specific loophole. 159 00:11:09,021 --> 00:11:12,531 They rely on quirks in how the model processes language. 160 00:11:13,646 --> 00:11:16,646 and while both of these vulnerabilities breaking the frame and breaking 161 00:11:16,646 --> 00:11:21,476 the syntax have been known for some time, understanding why they work can 162 00:11:21,476 --> 00:11:26,306 bring us one step closer to higher levels of protection and defense. 163 00:11:27,176 --> 00:11:28,406 and that's our show for today. 164 00:11:29,241 --> 00:11:32,481 we'd like to thank Meter for their support in bringing you this podcast 165 00:11:32,661 --> 00:11:37,221 Meter delivers full stack networking infrastructure, wired, wireless 166 00:11:37,221 --> 00:11:41,151 and cellular to leading enterprises and working with their partners. 167 00:11:41,151 --> 00:11:44,841 Meter designs, deploys and manages everything required to 168 00:11:44,841 --> 00:11:49,311 get performant, reliable and secure connectivity in a space. 169 00:11:49,671 --> 00:11:53,361 They design the hardware, the firmware, they build a software, they manage 170 00:11:53,361 --> 00:11:58,641 deployments and run support It's a single integrated solution that scales from 171 00:11:58,641 --> 00:12:03,261 branch offices, warehouses, and large campuses all the way to data centers. 172 00:12:03,741 --> 00:12:07,611 Book a demo at meter.com/cst. 173 00:12:07,911 --> 00:12:12,291 That's METE r.com/cst. 174 00:12:13,941 --> 00:12:17,001 And while the show is all news, there's some ideas that are important. 175 00:12:17,311 --> 00:12:20,551 I'd always love to hear from you on what you think. 176 00:12:20,941 --> 00:12:24,631 You can reach me with tips, comments, even constructive criticism. 177 00:12:25,003 --> 00:12:28,513 You can find me@technewsday.com or.ca. 178 00:12:28,543 --> 00:12:29,263 Take your pick. 179 00:12:29,353 --> 00:12:30,793 Use the contact us page. 180 00:12:31,183 --> 00:12:33,673 if you're watching this on YouTube, you can just put a comment under 181 00:12:33,673 --> 00:12:37,213 the video or you can track me down on LinkedIn as many of you have. 182 00:12:37,813 --> 00:12:39,253 I'm your host, Jim Love. 183 00:12:39,913 --> 00:12:40,813 Thanks for listening.