Related Posts
Critical Vulnerability In AI-As-A-Service Provider Let Attackers Access Sensitive Data
Critical Vulnerability In AI-As-A-Service Provider Let Attackers Access Sensitive Data
A critical vulnerability was found in the Replicate AI platform that could have exposed the private AI models and application data of all its customers.
The vulnerability stemmed from challenges in tenant separation, a recurring issue in AI-as-a-service platforms.
By exploiting this, attackers could have gained unauthorized access to user prompts and the corresponding AI results, as the security flaw was responsibly disclosed to Replicate and promptly addressed, with no customer data compromised.
Replicate, a platform for sharing AI models, allows users to upload containerized models using their Cog format, including a RESTful API server, potentially enabling malicious code execution.
Researchers created a malicious Cog container and uploaded it to Replicate, achieving remote code execution on Replicate’s infrastructure.
This highlights a potential vulnerability in AI-as-a-service platforms, where untrusted models can be a source of attacks.
ANYRUN malware sandbox’s 8th Birthday Special Offer: Grab 6 Months of Free Service
Similar techniques were previously used to exploit Hugging Face’s managed AI inference service.
An attacker gained root privileges within a container on Replicate’s Kubernetes cluster, as the container shared its network namespace with another container with an established connection to a Redis server.
By exploiting CAP_NET_RAW and CAP_NET_ADMIN, the attacker used tcpdump to identify the Redis connection, confirmed it was plaintext, and then aimed to manipulate the shared Redis queue to impact other replicate customers potentially.
According to the Wiz Research Team, the attacker lacked credentials for direct access and devised a plan to inject packets into the existing authenticated connection.
The authors exploited a vulnerability in a shared Redis server to gain unauthorized access to customer data by injecting TCP packets containing Redis commands to bypass authentication.
While modifying existing entries in the Redis stream proved difficult due to its append-only nature, the authors were able to manipulate the data flow.
They achieved this by injecting a Lua script that identified a specific customer request, removed it from the queue, altered the webhook field to point to a malicious server they controlled, and then reinserted the modified request back into the queue, which allowed them to intercept and potentially alter the prediction results sent back to the customer.
A critical vulnerability in Replicate’s AI platform allowed attackers to potentially steal proprietary knowledge or sensitive data from customer models through malicious queries.
Moreover, attackers could manipulate prompts and responses, compromising the models’ decision-making processes.
This vulnerability threatened the integrity of AI outputs and could have had severe downstream impacts on users who rely on those models.
Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers
The post Critical Vulnerability In AI-As-A-Service Provider Let Attackers Access Sensitive Data appeared first on Cyber Security News.
NSA Appoints Dave Luber as Cybersecurity Director
NSA Appoints Dave Luber as Cybersecurity Director
[[{“value”:”
US National Security Agency appoints Dave Luber as its new cybersecurity director following the retirement of Rob Joyce.
The post NSA Appoints Dave Luber as Cybersecurity Director appeared first on SecurityWeek.
“}]] Read More
SecurityWeek RSS Feed
Chinese RedJuliett Exploiting Firewalls, VPNs, & Load Balancers
Chinese RedJuliett Exploiting Firewalls, VPNs, & Load Balancers
A suspected Chinese state-sponsored cyberespionage group, RedJuliett, targeted the Taiwanese government and academic, technological, and diplomatic organizations between November 2023 and April 2024.
They exploited vulnerabilities in firewalls, VPNs, and load balancers to gain initial access to victim networks, likely originating from Fuzhou, China, which aligns with China’s interest in Taiwan and suggests an attempt to gather intelligence on Taiwan’s economic and diplomatic affairs, as well as technological advancements.
It has intensified its attacks on the Taiwanese government, academic, and technological institutions, as it has been identified that the campaign targets these sectors from November 2023 to April 2024.
Scan Your Business Email Inbox to Find Advanced Email Threats – Try AI-Powered Free Threat Scan
RedJuliett’s strategy involved network reconnaissance and attempted exploitation, with a focus on compromising VPN access points. This strategy aligns with the group’s past activities and demonstrates an expansion beyond Taiwan, with targets identified in Hong Kong, Southeast Asia, South Korea, the US, and Africa.
A suspected Chinese state-sponsored threat actor employed a multi-pronged attack strategy against Taiwanese targets by exploiting vulnerabilities in internet-facing devices (firewalls, VPNs) to gain initial access.
Beyond these vulnerabilities, RedJuliett leveraged SQL injection and directory traversal techniques to compromise web applications and databases. To mitigate these attacks, organizations should prioritize routine patching and implement defense-in-depth strategies.
These strategies should focus on identifying lingering malicious presences, uncovering compromised systems, and stopping lateral movement within the network.
It is also recommended that businesses conduct regular audits of devices connected to the Internet to reduce their potential attack surface.
RedJuliett, a cyberespionage group, compromised 24 organizations, including government entities across Taiwan, Laos, Kenya, and Rwanda, by targeting over 70 additional organizations in Taiwan, including academic institutions, government agencies, think tanks, and technology companies, for reconnaissance or attempted infiltration.
Their methods involved creating SoftEther VPN access points within victim networks, utilizing Acunetix scanners for vulnerability discovery, and exploiting weaknesses like SQL injection and directory traversal.
After gaining initial access, RedJuliett deployed open-source web shells and leveraged a Linux privilege escalation vulnerability to maintain persistence and potentially escalate privileges.
According to the Insikt Group, the company’s operations are carried out through a combination of self-controlled leased servers and compromised infrastructure from Taiwanese universities.
This infrastructure is managed through SoftEther VPN, a tool that allows the group to tunnel malicious traffic out of victim networks, whose targets include government agencies and critical technology companies in Taiwan, aligning with China’s goals of collecting intelligence on Taiwan’s economic and technological advancements.
Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free
The post Chinese RedJuliett Exploiting Firewalls, VPNs, & Load Balancers appeared first on Cyber Security News.