This Week In Security: DNS Oops, Novel C2s, And The Scam Becomes Real

Something rather significant happened on the Internet back in May, and it seems that someone only noticed it on September 3rd. [Youfu Zhang] dropped a note on one of the Mozilla security mailing lists, pointing out that there was a certificate issued by Fina for 1.1.1.1. That IP address may sound familiar, and you may have questions.

First off, yes, TLS certificates can be issued for IP addresses. You can even get a numeric TLS certificate for your IP address, via Lets Encrypt. And second, 1.1.1.1 sounds familiar because that’s CloudFlare’s public DNS resolver. On that address, Cloudflare notably makes use of DoH, a charming abbreviation for DNS over HTTPS. The last important detail is that Cloudflare didn’t request or authorize the certificate. Significant indeed.

This is a high-profile example of the major weakness of the TLS certificate system. There are over 300 trusted certificate authorities in the Microsoft Root Certificate Program, Financijska agencija (Fina) being one of them. All it takes is for one of those trusted roots to issue a bad certificate, to compromise that system. That it took four months for someone to discover and point out the problem isn’t great. Continue reading “This Week In Security: DNS Oops, Novel C2s, And The Scam Becomes Real”

This Week In Security: DEF CON Nonsense, Vibepwned, And 0-days

DEF CON happened just a few weeks ago, and it’s time to cover some of the interesting talks. This year there were two talks in particular that are notable for being controversial. Coincidentally both of these were from Track 3. The first was the Passkeys Pwned, a talk by SquareX about how the passkey process can be hijacked by malware.

[Dan Goodin] lays out both the details on Passkeys, and why the work from SquareX isn’t the major vulnerability that they claim it is. First, what is a Passkey? Technically it’s a public/private keypair that is stored by the user’s browser. A unique keypair is generated for each new website, and the site stores the public key. To authenticate with the Passkey, the site generates a random string, the browser signs it with the private key, and the site checks it against the public key. I stand by my early opinion, that Passkeys are effectively just passwords, but with all the best-practices mandated.

So what is the claim presented at DEF CON? Malicious code running in the context of the browser tab can hijack the passkey process. In the demonstrated attack flow, a browser extension caused the Passkey login to fail, and prompted the user to generate a new Passkey. This is an interesting observation, and a clever attack against Passkeys, but is not a vulnerability in the Passkey spec. Or more accurately, it’s an accepted limitation of Passkeys, that they cannot guarantee security in the presence of a compromised browser. Continue reading “This Week In Security: DEF CON Nonsense, Vibepwned, And 0-days”

This Week In Security: Anime Catgirls, Illegal AdBlock, And Disputed Research

You may have noticed the Anime Catgirls when trying to get to the Linux Kernel’s mailing list, or one of any number of other sites associated with Open Source projects. [Tavis Ormandy] had this question, too, and even wrote about it. So, what’s the deal with the catgirls?

The project is Anubis, a “Web AI Firewall Utility”. The intent is to block AI scrapers, as Anubis “weighs the soul” of incoming connections, and blocks the bots you don’t want. Anubis uses the user agent string and other indicators to determine what an incoming connection is. But the most obvious check is the in-browser hashing. Anubis puts a challenge string in the HTTP response header, and JavaScript running in the browser calculates a second string to append this challenge. The goal is to set the first few bytes of the SHA-256 hash of this combined string to 0.

[Tavis] makes a compelling case that this hashing is security theatre — It makes things appear more secure, but doesn’t actually improve the situation. It’s only fair to point out that his observation comes from annoyance, as his preferred method of accessing the Linux kernel git repository and mailing list are now blocked by Anubis. But the economics of compute costs clearly demonstrate that this SHA-256 hashing approach will only be effective so long as AI companies don’t add the 25 lines of C it took him to calculate the challenge. The Anubis hashing challenge is literally security by obscurity.

Continue reading “This Week In Security: Anime Catgirls, Illegal AdBlock, And Disputed Research”

This Week In Security: The AI Hacker, FortMajeure, And Project Zero

One of the hot topics currently is using LLMs for security research. Poor quality reports written by LLMs have become the bane of vulnerability disclosure programs. But there is an equally interesting effort going on to put LLMs to work doing actually useful research. One such story is [Romy Haik] at ULTRARED, trying to build an AI Hacker. This isn’t an over-eager newbie naively asking an AI to find vulnerabilities, [Romy] knows what he’s doing. We know this because he tells us plainly that the LLM-driven hacker failed spectacularly.

The plan was to build a multi-LLM orchestra, with a single AI sitting at the top that maintains state through the entire process. Multiple LLMs sit below that one, deciding what to do next, exactly how to approach the problem, and actually generating commands for those tools. Then yet another AI takes the output and figures out if the attack was successful. The tooling was assembled, and [Romy] set it loose on a few intentionally vulnerable VMs.

As we hinted at up above, the results were fascinating but dismal. This LLM successfully found one Remote Code Execution (RCE), one SQL injection, and three Cross-Site Scripting (XSS) flaws. This whole post is sort of sneakily an advertisement for ULTRARED’s actual automated scanner, that uses more conventional methods for scanning for vulnerabilities. But it’s a useful comparison, and it found nearly 100 vulnerabilities among the collection of targets.

The AI did what you’d expect, finding plenty of false positives. Ask an AI to describe a vulnerability, and it will glad do so — no real vulnerability required. But the real problem was the multitude of times that the AI stack did demonstrate a problem, and failed to realize it. [Romy] has thoughts on why this attempt failed, and two points stand out. The first is that while the LLM can be creative in making attacks, it’s really terrible at accurately analyzing the results. The second observation is one of the most important observations to keep in mind regarding today’s AIs. It doesn’t actually want to find a vulnerability. One of the marks of security researchers is the near obsession they have with finding a great score. Continue reading “This Week In Security: The AI Hacker, FortMajeure, And Project Zero”