Inside the Modern Threat Landscape: Attacker Wins, Defender Moves, and Your Priorities

Hey guys, glad you guys are here. My name is Chris Lindseay. I'm a field CTO over at Ox Security. I wander around a lot, so I'll try not to wander too much in front. I uh I've last year I spoke at 25 different conferences and wrapped up at Bides or not Bides. did besides in Denver, but I wrapped up at um Black Hat at London. Anyway, this year I started off in Athens with this talk. This is my new talk for the year. I like it. Um I really kind of go deep and I do things. So, a little bit about me that kind of helps set the stage. So, I ran a security program for three years for a

very large enterprise. We were scanning 2.9 billion lines of source code per month. I also wrote software for 35 years. So, some of you guys know me from back in the day. So, I've been doing it a while. So, as you're looking at this, if you have any questions or thoughts, uh, let me know. The other thing, too, is this one is interesting because to me, there's extremes. I'm going to talk heavily on the security uh for the security leaders. I'm also going to talk extremely deep on the coding, which was fun uh when I've given this over at other places with a lot of CISOs. So, it it's really interesting, but it's had great uh great conversations. With that

being said, I love being interactive, so I do a lot of back and forth. With that being said, how many of you guys are developers? Show hands. So, just a few. How many of you guys are on a security team? Show of hands. Okay, great. How many of you guys are developers who are on a security team and understand code and all that? Perfect. All right. DevOps, Dev Sec Ops in the room, and then of course students. I know there's students in here as well. All right, with that being said, let's talk here. I have the agenda. I'm going to really, for the most part, I'm going to go over a lot of security stuff. Then I'm going to talk

about really getting kind of fun and deep into source code, talking about two Chrome extensions that were malicious with over a million installs and accounted for over a 100 billion stolen credentials in 24 hours. We'll look at the code itself. We'll also talk about light LLM. When we do that, we're going to talk about some fun things. I don't know if Brian, if you uh remember us doing some of the stuff back at Lab One back in the days. So, and then we'll do thoughts, Q&A. If there's time left over, I'll kind of share some other tidbits of good information. I am a plethora of useless knowledge. So, here's where we're going to start. A

breakdown of common attack vectors because really understanding how we're being attacked, how they're missed is key. and I will share some things for with you on detecting malicious Chrome extensions that you can do today without buying any software. Then we'll talk about a practical framework risk prioritization approach talking if uh working with your leadership. So a lot of things who knows this quote if you choose to not decide you've still made a choice. Who is the band and what is the song? Rush and the song free will. Let's talk about why this matters. All right, major company breaches. When you look at what happens, and yes, this is AI, but when you look at the companies

that are being breached, it's every day now. And what's interesting is back in the day, if a company was breached, they were very quiet about it. They were shy about it and they cared. Today, a lot of companies are being breached and it's almost becomes to the point where it's just acceptable. And in my book, it's not acceptable. So let's talk about a breakdown of common attack vectors. So when you look at the common attack vectors, you have credential theft, session hijacking, you have the supply chain compromise, you have fishings, and much more. Malware, SQL injection, man-in-the-middle, but I'm going to focus in on those three specific areas. So we'll talk about credential theft. So

when you look at browser plugins, actually I'm going to step back. I know I've talked about it later. Question for you guys. When you download any application on the internet, what do you do? What is one thing that everybody does? Any ideas? Not click. I hate to be your security team. I check every link in the emails. They all work. Um, you scan it with you scan it with anti virus, right? All right. What are you doing with Chrome extensions? You go to the Chrome store, you go, "Hey, add to Chrome, add to whatever, right? Are you doing anything beyond that? Are you looking at it? Are you scanning it? It scans clean. Was it clean?" So, we'll actually do

some really cool stuff when we get to that. Um, email fishing, of course, we all know that. Uh when I ran my program, I uh I did those email campaigns where we were saying, "All right, is this fishing? Report is fishing, report not as fishing." And I was mean because I had a great email that was perfect. And I had two buttons on the email itself. Report is not fish, report is fish. The buttons were the fish. And I had probably 90 something percent plus fail because of that because everybody knows you go up and click it. Um, typo spotting. We'll actually see that in today when we go a little bit deeper. Supply chain compromise.

We hear about this every day. When you look at light LLM and what it did, you look at the fact that what's really happening behind the the covers. The thing that's scary is a lot of the theft that's happening in the the marketplace today in the world is not because somebody was a master hacker and was able to do some really cool stuff and get into the database and steal stuff through SQL injection. No, they go out there's 300 billion tokens just from light LLM in the first couple days. And at RSA when this all fell apart, I was with my friend Dwayne and he works for a company that that deals with secrets in

GitHub. And when we were looking at it, they had a screen that you could literally see a ticker going up and up and up. And within I think it was about seven or eight hours, they had as many secrets leaked to GitHub as the entire year before. So when you look at what's going on, it's nuts. That's how people are breaking in. They're getting the credentials. They're getting the tokens and they're just simply walking in the front door. They don't have to go and be sneaky anymore. DNS poisoning apps installed from trusted source. Again, think about it. We download apps. We grab it. We do it. Think about your dependencies. What do we do with dependencies as developers?

We download it. We grab it. We use it. Right? Hey, this does exactly what I want to do. Do we ever do a code review on it? Anybody? No. We pull it down. jQuery's got millions and millions of lines of code. Are we going to do a senior tech review on it? It's impossible. Well, I mean, you could technically feed it through AI. So, I'm going to give you a good suggestion here that you can take back. I'm full of suggestions. So, one of the things you can do is say, you know what, three months ago, we know that nothing showed up on the SCA. we're going to treat this as probably good and then do a code diff

from three months ago to the latest version that we're using. Now your code review is much smaller, much tighter, and you're able to do something about it and see what's going on, what's new, what's changed, and then grow from there. Supply chain compromise. Nearly every high impact breach is related to this. So when you look at what happened with Trivy, do you guys know Trivy? Show of hands if you know Trivy and the stuff that happened. When you look at Trivy and then the fact that Trivy is being used by so many other applications, it's crazy when you look at that one compromise how much of an effect that it actually had. That is probably one of

the biggest compromises out there. And what happens is with the open source, well actually not as much anymore because with the open source you had to be a developer, try to help them become friends with the maintainer and then you know build trust, get the trust and then start doing malicious things. Now you have all those credentials out there. So you just log in as the maintainer. You find it, you log in, you do the stuff and bam. And that's how Trivy was compromised. It wasn't through a trust. It was, hey, here's credentials to the GitHub repository as the maintainer. Let's see if they're still active active and I'm done. So 2025, we doubled by 30%

but guys, we are on track to beat that already this year. And let's talk about Solar Winds from extensions and to name a few are in the compromise. Solar Winds was a fun one. I was running my security program when Solar Winds happened. And one of the first things I did was I reached out to our sec our server team and I asked, "Hey, can you go to our Solar Wind server and give me the bin folder?" And then I literally and there's over a hundred DLS. I reverse engineered every single one of those, put it into a Visual Studio program. And then I recorded myself walking through and doing a lot of this. And I shared

this with the entire company and I was talking about why we need to offiscate our code and the different reasons why we have to do things because people like me will simply go in and reverse engineer everything you have in minutes. And with AI, I could have automated that through a script that took a full day and a half to do over a hundred. But I did present it to the company. And when I did present it to the company, I found out that Solar Winds was presenting before me that they invited them in and they accepted. So, I'll just say that was a fun conversation with them. All right. Fishing and social engineering. So, really when you start

looking at the compromise, when you think of social engineering, we think people, right? But do we ever think about places?

>> Exactly. So when we start thinking about, you know, social engineering, I can go in there and I can start putting in on a GitHub repository or a Chrome extension more and more likes. I can automate that. Hey, guess what? This thing has 1 million downloads and it's got 32,000 five-star reviews and whatever. We're building trust. We're actually social engineering that Chrome extension. And you don't realize that that's happening, but perfect answer. So we require we build the trust and then we talk about the open source because we're here right XEills it was it was kind of fun because with XEills you know a bad state actor took two years became friends and then I don't

know what the triggering point was they started doing the malicious code and he pushed it through and thank god a Microsoft guy caught it going why is this running slower than average and so there are programs that are looking at how long does it actually take to run through the pipeline to run the different unit tests to do the different things and when they're off just by a little bit now they're suspicious. So, and then Notepad++ for the updates and so a lot of the systems out there the updates are being compromised. So, now you start pulling up updates and then they redirect off to a typo squatted site that looks right if you're looking at the firewall logs.

All right, let's talk about a practical framework. I'm going to go a little deep on the security leadership here. So, security teams are asked to do much much more every year with less. If that's not you, I want to see your hands because I'm sure that is literally everybody in this room. You guys are being asked, you know what, we went from five developers or five security guys to four. H now we're at three. But you know what? The tools can do it all for us. That's happening. So, uh, but a lot of us still can't answer the the CFO. What did we actually get with that $2 million spent on security last year? If you're in leadership, if you're in a

board of directors, that comes up frequently. And the hard part, and well, actually, I think the next slide talks about it, but the hard part about this is when you're looking and trying to answer that question, you're like, "But we didn't get breached." Well, did we not get breached because of the security stuff, or was it just pure luck? Now, any of us that are on the security team that have access to a firewall can see that we're just pounded and pounded and pounded daily at the at the edge. If you're running an is IIS server, well, not is let's just say web server through any kind of different, you know, engineix and and all the different ones

out there, Tomcat. Now, you look at the logs, you're seeing that just slam. Um, I'm going to share a fun one with you. I I call these campfire stories. I I throw these in randomly typically and it's just, you know, if it comes to mind. So, I'm going to show this. A friend of mine had a website that he was running on WordPress, got compromised. Surprise, surprise. No, no backups, no anything, no way to retrieve it. Called me and said, "Chris, do you have any idea how we can bring this thing back besides just start over?" So, question for anybody in the room, just show of hands. Any ideas how we could bring that thing

back or is it possible? spot on the way back machine. I went there, I grabbed every uh screen, saved it. So, we have the the different assets and we had the HTML. I use uh I used Cloud Code to actually reassemble it back, but not as WordPress, but into Node.js. And then we had it fixed in three and a half hours and back online. And then the parts that you had to log in, I just got the requirements and that was like another eight hours of prompting and we're all completely back up in a secure environment. So when you're looking at what did our 2 million get us, a lot more than you realize. So

most organizations buy security tools the same way you buy insurance out of fear. Back in the teens, 2010 to probably 2020 somewhere in there, we always called it shelf uh shelfware security because everybody would go out and say, "You know what? I need a DA scanner because I'm being asked by companies, do you guys scan with DAS?" Yep. We're scanning our test area and we're testing one little area. We're not testing all the software. We're just testing enough to say check. Developer training, same thing. So when you look at it, you know, out of fear. So, a breach happens somewhere in the news. A vendor calls, a box gets checked, and this is what we call opening the

pocketbook. When a breach happens, and the board gets scared and says, "Hey, are we covered?" And you're like, "We need more, they'll give you more." So, and then the result is a portfolio of overlapping tools. So, now they go out and and buy three or four things that are SEA scanners, three or four things that are SAS scanners, and now you have a halfhazard install. And let's assume that all those are installed and running. Now the problem is is you don't have one single place to get the results. They're all scattered. So this is also another problem. All right. So let's talk about a practical framework for evaluating, right? So we ask what does this address? So and and honestly

developers same thing. You're grabbing a dependency. You're grabbing it because you need something addressed. You need something to do something. And then what is the impact? What is the uh mitigation cost? What is the actual installation cost? When you're buying software security leaders out there, talk to them about I want to ramp up. I don't want to immediately have 500 licenses for my 500 developers. I want to start off with 200 because I want to start ramping up. It's not going to be an instant on in your training. So, talk to your your uh vendors about that. What's the measurable reduction in risk? So, if we get this, what are we what are we saving

ourselves? And what else can we use do with that same dollar? And that's a question that's rarely ever asked because when you're in panic buying, you just buy. So, and acknowledge the hard part really uh just really honestly you know does you know doing the framework correctly it helps put numbers down because now you talk about a probability of an incident and one of the things that a lot of people do is well we're going to mitigate it through a w web application firewall we're going to mitigate it through the the some mechanism what happens if man we just did a deployment it's not working can we turn the w off for just a minute to make

sure that it works. The WFT gets turned off. Hey, guess what? It works. All right, we had to get this out. We'll turn the W on. We'll go back and Wrong. By that point, you've now opened the door for all the issues that were mitigated because of your web application firewall. Look at the value of your data. Too many people underestimate the value of the data. Um, again, fun story. I was sitting on the plane with a uh insurance lawyer next to me that does cyber security risk and I suggested this to him. I put it out on LinkedIn. I post every day on LinkedIn. And this was one of the funny ones because the look on his face when I

asked this question, it it was I wish I had I wish it was recorded because I asked the question, when a company gets compromised, what do we get a free year of uh monitoring, right? Credit report monitoring. So I asked him, I said, "Well, how about this? if a company gets compromised, every single person who had a record in there that was affected gets at least a $50 check, period. And he was like, "That would bankrupt them." And and then he asked the question, too, which I expected. Well, how are we going to know who's impacted? And I'm like, "Oh, that's easy because the name, the address, the details, the phone number, it's all included and the

and your data, you know." So, you have it. So anyway, the point is it's not about precision. The point is really about reasoning and trying to come up with an estimate that really tries to get out there. Um, we call this a WAG. Anybody know what WAG stands for? >> Will you raise your hand?

Ah, that that was well mitigated right there. So, honestly, start with a wag. At least get something to work from and then kind of work from there. All right. So, the real payoff is not your framework. It's it's not really a better spreadsheet because honestly, when you're in a boardroom, you're working with everybody. you're trying to build a tabletop, your thread actors aren't going to care. They're already going to be hitting you. And another conversation I had with the CISO of AT&T earlier this week, well, Monday of this past week, was I was talking about the amount of time to compromise. If I write an AI agent that's sitting there watching Kev and any of the other

systems out there, I can know within probably depending on my polling, within a minute or two, depending on how aggressive. Then I can go out and I can go uh hit um I had the name earlier. I was thinking about it. um showdown and get where is this actually being run and then turn around and start attacking in less than 5 minutes from time of identifying out the world average is just so you know 15 minutes and the question isn't and and I talked about this later but the question isn't you know are we protected the bigger question now because you will get breached at some point how fast can you turn around a hot fix and what I mean by

that is if a zero day happens right now. How quickly can you get that in dev to QA into production? Bypassing a lot of your controls, but you still need to do your security scan, which you can do in parallel as you're doing your other stuff because getting it into production is more important than letting the attackers in. All right, so a lot of the developers in the room are asking, why does this matter to me? Because we're kind of heavy on the development. I tried to lighten that uh security deep uh part a little bit but so let's talk about risk prioritization approach grounded in attack behavior. So developers here's your turn. So I don't just download any

and run any file. I run an anti virus scanner on it. We talked about that. However, when I download open source I freely push it to production. A lot of people are doing this. All right let's talk about Trojans. All right. So, the first one we're going to talk about is a Chrome extension that was uh an AI uh chat bot that was supposed to help you do a lot of things for you behind the scenes. The executive summary, right? So, this Chrome extension exhibits multiple malicious and deceptive behaviors including user navigation, AI chat interactions, prompt and response, and user sessions. There was one file that contained literally all the code which was interesting because usually

you see this spread out and that is in blue background.js. Here's the code. Does anybody see what's malicious about this code or is this code malicious? There's at least one. Any ideas? How about I show you? Right. So, DeepSeek.ai. Looks like we're going to a really good spot, right? Chrome extension. Uninstall chat URL chat.desec.com. Is uh deepseeek.com owned by Deepseek? Anybody know the answer to this? No. Nope. It's a malicious actor. You look at that, you look at it on the firewall, you're going, "Hey, they're going to deepsee. We should be good." Right? So, you're not thinking about that. So we go in, they piggyback. When they do an uninstall, this actually sends some of

the information letting them know, hey, this is a place where the the extension's no longer active. So it's a classic Trojan uh trait. And here's some more information. All right. Well, guess what? We hit the bottom. This area is also malicious. The update utility. So extensions-hub.com partners updated, right? So what's malicious about this third party update tracking? On every update, it calls back to this third party person that extensions.Hub is not a company. It's also a malicious link. So they're receiving the information. Again, when you look at some of this, depending if you're running Paulo or if you're running foret or regardless of what you're running, you're going to have these links come across, a lot of the different vendors

are seeing those and blocking it in the blocking security part, but not always. So, you have third party update tracking. So, anytime you do something, you modify, you give it more information, it does more for you. And then this uninstall. So the redirect, this is where that line of code right here when you go in and you uninstall that Chrome extension, they tell the server, he just uninstalled it, so we shouldn't be hitting them. So that way they're not seeing stuff at the firewall and it stays nice and quiet. All right. Oh, the top. Guess what? That entire page was malicious. So top part, right? So now we have this uh AI topia. How many of you guys get these popups all

the time? Hey, install this third-party really cool utility, those ads, right? Ads, ads, ads, ads. That's exactly what that does. This file looks benign, but actually what's happening is it pops up every probably two to five interactions. It replaces the ad with itself. So, it's just nagging you, nagging you, nagging you. Like what happens to our grandparents? They get nagged on the phone or one of your guys who gets the push notifications. Do you accept? Do you accept? And you're like, "Shut up. If I hit yes, you'll shut up." That happens. So, what makes this a Trojan? So, we have the popup hijacking structure. So, this uh message. So, basically, this is where it's fun. Um, when you

install a Chrome extension, do you get a ULA? Is that usually part of it? No. No. I'm seeing the headshake. No. And then I see some that are like I don't know. You don't actually get a ULA. But this one it does. When you get the ULA and you go, I accept. You're not actually accepting a ULA. What you're actually doing is the process within the Chrome extension that allows background processes to happen in a shadow mode that you are completely unaware. Because now what's happening is once you say I accept the ULA now everything that happens on any tab any location you go and it stays memory resident regardless you reboot your computer it comes back

in this Chrome extension's there it's capturing everything this one between this one and the other or maybe it's this one had a 100 billion credentials stolen in 24 hours and sent to their server. And so that's that that's after every, you know, everybody's like, "Oh, this is great." Again, if you looked at the app store, five stars, well, maybe like 4.9, but you had a lot of comments, AI bots going, "Hey, this looks great. It's an amazing, you know, Chrome extension. Download it, you know, from a real human." Yeah. So, anyway, so it opens the door for you. All right. So, what makes this a Trojan? So when you look at the overall pattern that all really kind

of goes together, it it's really you look at the URLs, you look at the different things that it's trying to do and our security software and everything missed it. And we'll talk about that. We'll talk here after the next one, how you can actually scan these at home without buying anything that you don't already have access to. So signs to look for, send message. Oh, wait, wait, wait, wait. Typos typos typos. Yeah, sin massage those typos. Again, there's software that looks for keywords, and if those keywords aren't there, you're good. That's another way that they um get past it. So, when you look at this, it looks like it's rushed, but that's actually on purpose. All

right, so this is great example. If response message type equals this, here's what we're doing. and else. And this is that consent model that we were just talking about. And that's exactly how they did it within source code. All right, Chrome extension two. We're not going to go as long on this one, but this one was uh this one was a fun one. Uh chat GPT for Chrome. So now you have a nice little window for chat GPT. So you don't have to go into a chat GPT site to ask questions. It's always going to be on your screen for your benefit. So that's out there. All right. So what this does is this hijacks chat GPT

traffic. It tracks everything you do, every prompt, every result. It injects its own advertising and will also change code and things that are coming back to replace it with stuff on its own. It uh requests excessive permissions. We'll see that it does deceptive marketing practices. Surprise, surprise. We saw that on the last one. And it has missing core functionality. So when you look at the Chrome extensions and it says I do all this, sometimes it does, sometimes it doesn't. This one didn't. So what makes this malicious? So when we look at here, and I really just want to point this out, post permissions, all URLs, that all URLs is what gives it the ability to

capture anything from everywhere just like our previous one. So this is out there. Uh what makes this malicious? When we look at this one, if we look here, this extension that AIPAI again that AIA is what we were looking at before again it's AItopia. When you go ahead and install th this extension here Aitopia it actually is kind of a command and like a C2 server. So with that again, everything goes to it. The requests go to it. You think that it's going and doing what it's supposed to because it hits that and then hits chat GPT. So you get your results. So everything looks perfect. All right. Uh traffic hijacking. So this chat GPT banner script. So why is this?

So clicking here. When users interact with the extension, it opens pop-up windows that can redirect here. Again, it has access to everything. This one did a very similar thing that went out and said, "Hey, here's a ULA and you accept." So, yes. And then a persistent advertising banner. This one pops up all the time. Injects a full screen promotion. How many of those uh websites we've been to or on our phone? Full page, right? And you click that X because you're thinking you're clicking the close, but you're actually clicking into it. It's still the image. They don't actually close. They they now install things for you. That happens all the time. And when you look at the code, it employs a lot of

the dark patterns that we're we're used to. We've got just a few more here. And then I'm going to go deep on something here. So this one, what makes this one malicious? So we're at a different part. Here's the line of code, the complete platform with uh cloud code and all this. So this claims to have access to GPT5, which it actually doesn't. and uh false advertising, misleading. So again, it's that confusion. You look at it. Guess what? Chat JP uh well, let's let's use something a little bit more relevant. I mean, I wrote this probably about a month and a half ago, but let's say Cloud Code, we're using Sonnet, what 46 47, you know, and and now Mythos,

right, man? Guess what? We have access to Mythos. Go ahead and accept this and and we'll funnel all your stuff through mythos. No. So, uh, here this injection in, uh, injects again information. This, this is again a lot. This one really was just a lot of annoying, uh, banners and ads. And again, one more. And this one, so when you look at the pricing, this one actually popped up pricing on the screen and it said, "Hey, you can do this for $20 or buy this for $40 or buy this for 60." And again, it looks legitimate. All right. So, honestly, we can sit here and talk about this all day. That's why I love that. Um, but we're going to move

along because really, I don't want to be I feel like I'm a parrot just kind of in just walk in circles talking about the same thing. I will tell you right now how to detect these. So, I was lucky because our research team back in Israel is just simply amazing. If you follow anything on LinkedIn, you see our stuff. We're always on Forbes. We're always in these massive places because we're finding things way before other people. These two Chrome extensions, I did a webinar with our research team and we talked about malicious things and some of the things going on and I was just like, man, this would be kind of fun to take on the road and talk about, but how and

this is not how they did it, but this is one of the things that I did and I show results at the end, but I'm going to go ahead and talk about it now. You can take a Chrome extension, a CRX. A CRX is nothing more than a zip. You can right click and you can say you know unzip and once you have the files then you can take cursor free point it to it and say what makes this malicious. If you do that it will actually tell you it'll do its thing and it'll come back and it'll actually tell you what's malicious about that. It'll even test the different URLs and the different things and those will

actually show up in the results. So, that is one of the things that you can do. The other thing, too, if you're running the program at at work, think about going in and doing whitelisting on your extensions, limiting your browsers, because that's going to be key to make sure that people at home aren't like, "Hey, I've got this really good Chrome extension for coupons, and I'm saving all these things." All right. Oh, actually, it was right here. So, I took both of these extensions. I ran it through our scanner. I actually did check marks. I also did snake. I also did um like three or four others, but the results were all identical. We had one

high, three medium, 11 lows, three mediums, nine lows, three infos. What I'm trying to tell you is if you scan your Chrome extensions with security tools, you're going to get just basic stuff and you're you're going to totally miss all the different things that make it really truly malicious. All right, light LLM. Who loves this one? Who knows this one? Some of you. All right, and him. So, light LLM. The thing that makes this one interesting was this was a trivy compromise that then actually impacted this and this one was accounted for over 300 billion tokens stolen, credentials stolen with all the details that you would need to do it. Again, that trivial compromise is

paying dividends on, you know, hacking and getting in. So, you see me talk about this all the time on LinkedIn if you follow me. Rotate those keys. Rotate those keys. Do it at home. My phone and and I was actually going to bring a CVS receipt. If you look at my authenticator app, it looks like CBS receipt because everything that has multiffactor actually is on there. And I will tell you, there's a website called prompts suggestions.io. If you type in OTP, it will actually give you the prompts that will actually create a onetime passcode implementation into your application. And that's all free. You don't even have to log into prompt suggestions. And how do I know

this? I wrote the site. All right. So, let's talk about this. Right. So March 24th, a threat actor team PCP compromised LLMs. Pi publishing credentials part of the triv think about recent attacks. Trivy was used in the light LLM CI/CD pipeline and used to publish two backdoor versions which were 1.827 and 1.828. The malicious payload was harvested in secrets, credentials, basically all the good stuff. So, what's kind of funny is when you look at team uh PCP, they were like, "This is great. You can tell their kids or they're young because they're like, "Nobody, you know, everybody's talking about our compromise, but they're not talking about us." They're like, "Hey, anybody please give us some feedback." Okay, I don't know

any malicious thread actors that are this way going, "Come on, guys. Talk about it. I'm still sad that nobody analyzed our build, gave feedback on. I mean, these are all real quotes that are out there that the team actually was griping about. They asked for technical analysis. So, the guys back in Israel did and this is cool. They have a dropper, they have an unpacker, stenography, injection, and then C2. So, let's talk about this. So, stage one, the dropper, right? So the audio dropper, so it goes in, it grabs this wave file, it comes out, but actually it's not an audio file. This is actually an executable that then gets executed through MS build. So a lot of

your firewalls, a lot of your things are looking for traffic and it goes, yeah, this looks like a wave. There's just enough in there to trick the systems into thinking, yes, this is truly a wave file. All right, this is where I know Brian and I, we had fun. We had a lot of us back in uh lab one days which became course diagnostics that we were kind of nerds. Well, we are nerds because we would go through and we try to trick each other. We'd send messages in hex messages in binary messages that were actually an image where there certain bits and bites out of that image that were the message. And so guess what?

This is an image, but it doesn't look like an image because that's exactly what they did. So how'd they get by with it? They had the red bite, the green bite, the blue bite, and then they ignore that. So that way it still would actually show something and tricked the system. And here's the code that they did. So they extract the values, the red, the red, green, blue channel, they ignored, they reassembled it. So now they passed a payload through a image. They reassembled it and then did more. Then they took it, passed it through MS field, they actually got their injection and bam. And the evidence right there is the details if you actually were hit or

had it. That's some of the information. So the dynamic API hashing. So to evade static analysis, they inject a DL that has no import address. By having no import address, you can't just take the file, tie it directly into your application. You have to do late binding. For those who are developers that are old enough to remember late binding, here's code to do it. Establishing the command and control channel. So now they've got their API up. They've loaded it. They've got their read file. They've got all their information. Now they build a beacon going off to the command and control. So that way now they're like, "Hey, guess what? I'm compromised. You know me. Let

me know what you want." And at this point they were uh trapping every keystroke and every piece of data on the screen that had anything to do with tokens or any aspect of your login bank everything. So the synthesis and actional defense right so you look at it standard rat remote access getting in the API hashing. So when you look at the difference, they really kind of really just kind of you had the standard malware the team and they really just kind of did the same things just slightly different but in a way that was not normal and detectable and they built a a complex evasion to steal the basic credentials. So this again rotate your

keys because most likely if you have and and here's here's the problem with white LLM. If you guys have done anything with AI, raise your hand. Anything. You guys all used this application without realizing it. What this does is this connects you to models, even the ones in the cloud, even open AI. When you're talking, this stuff is all behind the scenes, but it's only those two versions. So, just make sure that you look at the uh dependency chain and just kind of really just be smart about it. But honestly everybody was affected by this. So next steps there's something that we can do. So let's talk through this. So we can download our software.

We can do security scans. Good. We can also uh you know good use and then bad. So again when we download we do our scans open source security. This is where I was talking about it. Take anything you download put it in your own registry your own area. build off of your DevOps pipeline from your copy. Give it a two-eek cool down. If your developers are like, "Man, this is great." Let them give them an environment that's in a sandbox to play with it. And then what happens is you sit on it for two weeks. By that point, you know, is it malicious? Because if it's really malicious within couple of hours to a couple days, it's going to

get flagged and removed. So, you'll know that. So, give a cooling off period. If it's still good, use, right? But make sure that you pin all of your dependencies. Security team, you don't know that because you're not doing any development, but tell your developers, pin the versions. Now, they may come back and say, "Well, but how do we stay current?" That's easy. Let AI do it for you or you just look at the versions, you change the number, you pull it down and run with it. So when you look at the process, so when you're vetting it, look at open source, do the comparison, the code diff. So there's things you can do. It's just most of the time we're always

in too much of a hurry and we just simply do it and and move forward. So threat models are built uh threat models that are built in the conference rooms age poorly. Attackers don't read them. But you can't do that. That's not in our tabletop exercise. Um again funny sto well not really funny story but again our company is based out of Israel. I've been there six times. I actually was in charge of building their uh tabletop exercise this year. This was before I ran. And my tabletop exercise was a missile hits within 2 miles of the office and takes out the power and takes out the internet. We're in the middle of a deployment. What do we do? And the

system is down because of the deployment. That's my tabletop. Mine aged poorly because it actually happened. Well, not the missile taking out the electricity, but within a couple of blocks of the office. Actually, it was when I was there, the hotel I was staying at and the office, it actually hit in between. So, pretty close. Um, so what I've shown, you know, is a lot of this isn't just, you know, you know, theorical. It's it's really pulled from malicious code. You're seeing real techniques, real targets, real things that have been done. When you ground your defensive investments and observe attack behavior, you stop defending against what sounds scary and start defending against what's actually happening. So, this is the difference

between a security budget that looks onto paper and one that actually moves the needle. So, uh this is a link to my LinkedIn. I post every day on LinkedIn except for the weekends, but I always put good advice on there. I My Friday's post was uh take a look at it. I think you guys will like it. It's it's one of those things where LinkedIn sometimes when I get deep in trying to be technical, they don't really show it, but there's been several of my posts that have exceeded about 50,000 to 200,000 views. So, I'm I'm widely followed. Any questions or thoughts? And if I know we have a little bit of time, I can also

tell you some cool things that you can do with AI. So, any questions? No questions. question. Do what? >> I don't I probably should.

>> Yeah, it's time to rebirth a blog. Definitely. I ran a community for a couple of years with a lot of high uh big company CISOs and I also did some stuff out there too where I did blogging. All right. Um, so I'm going to share one bit of advice with you related to AI and writing software that I use. And I'll I'll say this and then let you guys go. So when I'm writing software and I'm doing AI, if you're just simply prompting, you're going to get into that little spiral of hell that you can't get out of. The way to prevent that from happening is think about what you're trying to create. go into cloud, go into

open AAI, go into one of those and say, I want to create a design requirement for the following and actually tell it what you're trying to accomplish. It will give you a large document at the end then and make sure that you say I want this written for a developer that I can just hand it off to them and they can actually do. So then the next step is once you've done that you've you've created about a 30 to 50page document then you turn around and you say you know what actually use cloud code give me the prompts exactly to create that do not overlook it I want to make sure it hits everything you'll end up with about

anywhere between 40 and 70 prompts and it will truly actually build it and it does a really great job. I created prompt suggestions that way because I wanted to show some of the stuff that we're doing in AI, how we're checking your you're you're doing a prompt fixing before it even gets through. It worked great. I actually had one medium, one low, and one info. And then they asked a lot of customers, can you show the opposite? So, I created uh two applications that way. I created one that does security education training because I'm a huge believer in that for your developers and I did that through prompting and I had that one I think it was like 60 or 70 prompts and

if you guys have used check marks uh code bash familiar with that this actually replaces it it's much better a lot some of the guys that I work with were from check marks back in the day if you're familiar with secure code warrior it actually does a good job at replacing those guys, too. We're actually going to put it out there for free because we want to be good stewards of the security environment. I also did a capture the flag, but I did that and literally I never got myself into that circle, that tight circle where I was stuck.