Cybersecurity Today: North Korean Hacks, AI Memory Breach, and School Data Comprimise
In this episode of Cybersecurity Today, host Jim Love covers a range of crucial topics in the cybersecurity landscape. North Korean hackers are using new social engineering tactics to infiltrate systems by posing as South Korean officials, while prompt injection attacks are compromising the long-term memory of Google's Gemini AI. Canada's Privacy Commissioner is investigating a significant data breach affecting students' personal information in PowerSchool, and the FBI's Operation Level Up is tackling cryptocurrency investment frauds, potentially saving victims millions. Get the latest insights and stay informed on how to protect yourself against these evolving threats.
00:00 Introduction and Headlines
00:23 North Korean Hackers' New Tactics
02:35 Prompt Injection Attacks on AI
04:37 Canada's PowerSchool Data Breach
06:38 FBI's Operation Level Up
09:20 Conclusion and Upcoming AI Show
Episode Transcript
North Korean hackers trick employeeswith new social engineering,
new prompt injection attacks,compromise, gemini's long term memory.
Canada's privacy commissioner investigatesthe power school data breach and why
we should send a love note out tothe federal Bureau of Investigation.
This is cybersecurity today.
I'm your host, Jim Love.
(00:25):
North Korean state sponsored hackinggroup, Kim Sook hee, has adopted a
novel social engineering techniqueto infiltrate targeted systems.
According to Microsoft's ThreatIntelligence Team, the attackers pose
as South Korean government officialsto establish trust with their targets.
Once rapport is built, theysend spear phishing emails
(00:47):
containing PDF attachments.
And when the recipients open theemail, These PDFs, they're redirected
to a counterfeit device registrationpage that instructs them to run
PowerShell as administrators andinput code provided by the attackers.
Executing this code installs abrowser based remote desktop tool.
(01:08):
It downloads a certificate usinga hard coded pin and registers
the victim's device with a remoteserver, granting the attackers
direct access for data exfiltration.
This method inspired by the click fixcampaign involves deceptive prompts
that lead victims to execute maliciouscode themselves via PowerShell commands
(01:29):
and resulting in malware infections.
And Microsoft first observed thistactic in limited attacks starting in
January 2025, targeting individuals ininternational affairs organizations,
NGOs, Government agencies and evenmedia companies across North America,
South America, Europe, and East Asia.
The adoption of these tactics bynation state actors underscores their
(01:52):
effectiveness in real world operations.
To mitigate the risks, it'scrucial to treat all unsolicited
communications with extreme caution.
Users should be wary of requeststo execute code on their computers
under any circumstances, butespecially when it's asked for
with administrator privileges andimplementing security awareness training.
could help individuals recognize and avoidthese sophisticated phishing attempts.
(02:16):
I have to say that this attack hasseemed relatively obvious to me, but it
has been successful across the world.
So once again, it's probably time totake a look at our security awareness
training to make sure individualsrecognize and avoid even these
sophisticated phishing attempts.
A recent demonstration by securityresearcher, Johan Rehberger has
(02:39):
revealed a novel prompt injectionattack that corrupts the long
term memory of Google's Gemini AI.
This technique allows attackers tomanipulate the AI's memory, leading it
to retain and recall false information.
In the demonstration, Reberger crafteda prompt that deceived GemIIni into
permanently remembering the useras a 102 year old flat earther.
(03:05):
This manipulation persistedacross sessions, indicating
significant vulnerability inthe AI's memory management.
Prompt injection attacks involveInserting malicious instructions
into the input provided to AI models,causing them to behave unexpectedly
or disclose confidential information.
(03:26):
This incident underscores the challengesin securing AI systems against such
exploits, especially as they becomemore integrated into applications
with long term memory capabilities.
Now, while this is the latest in theprompt injection types of attacks,
more and more reports are surfacing.
I saw a demonstration this morningof how commands could be buried
(03:49):
in an emoticon using Unicode.
A smiley.
And while many people were criticizingthe deep seek hacks that occurred, we
warned that the larger US AI modelswere also vulnerable two days before
it was announced that someone hadjailbroken the very latest open AI model.
(04:09):
Many experts have warned that itcan take surprisingly small amounts
of data to corrupt an AI model.
So while the rush is on for AI supremacy,and even the vice President of the
United States is giving the US' officialposition as worrying more about being
first than being safe, warning lightsshould be flashing as we will become
(04:31):
more and more dependent on thesesystems in the coming months and years.
Canada's Privacy Commissioner,Philippe Dufresne, has initiated
a formal investigation into asignificant cybersecurity breach
involving PowerSchool, a widelyused student information system.
The breach has potentially exposedpersonal data of students across
(04:54):
multiple provinces of Canada,especially Ontario and Alberta.
The compromised informationmay include sensitive details
such as names, addresses, andacademic records, possibly more.
In Ontario, the Toronto District SchoolBoard reported that personal data dating
back to 1985 could have been affected.
(05:15):
Similarly in Alberta, 31 schoolshave been impacted by the breach.
PowerSchool has notified affectedschool boards and is cooperating with
the investigation, but the Office ofthe Privacy Commissioner is assessing
the scope of the breach and theimplications for students privacy rights.
The incident has been a wake up callabout the levels of cybersecurity
(05:36):
measures in educational institutions.
Parents and guardians are advisedto monitor communications from their
respective school boards for updates, andto take necessary precautions to protect
their children's personal information.
As a bit of an editorial aside, it'sridiculous for senior governments
to expect these small IT departmentsin school boards and schools to
(05:57):
keep up with something that evenlarge organizations struggle with.
We can see by the abolishment of theDepartment of Education in the U.
S. that there's somehow a belief thatEvery dollar must be spent in the
classroom or it's lost to the bureaucracy.
We hope that the Canadian inquiry willhelp to clarify these issues and maybe
(06:18):
surface some of the actions that needto be taken to keep our kids safe.
I don't want to mischaracterize the U. S.position in this, but I haven't seen any
similar actions in response other thanthe end of the Department of Education.
If someone has more info that Ishould be sharing, please let me know.
And we should send a love note out tothe Federal Bureau of Investigation who
(06:43):
launched Operation Level Up, a proactiveinitiative aimed at identifying and
notifying victims of cryptocurrencyinvestment frauds, or what's commonly
referred to as pig butchering.
The scam involves fraudsters establishingonline relationships with individuals
and subsequently enticing them intofraudulent cryptocurrency investments.
(07:06):
Victims are often persuaded to investincreasing amounts into seemingly
profitable platforms only to findthemselves unable to withdraw their funds.
Since its inception in Januaryof 2024, Operation Level Up has
achieved some significant milestones.
The FBI has informed 4, 323 individualsabout their involvement in such scams.
(07:33):
And approximately 76 percent of theseindividuals were unaware they were being
defrauded prior to the FBI's notification.
The initiative has potentiallysaved victims an estimated 285
million.
These are individuals.
That's a lot of money.
(07:56):
Additionally, and sadly, 42 individualshave been referred to the FBI victim
specialists for suicide intervention,highlighting the severe emotional
and financial toll of these scams.
The FBI advises the public to be vigilantand to recognize common indicators of
such scams, unsolicited online contacts,proposing investment opportunities,
(08:18):
requests to move conversationsto encrypted messaging platforms.
Promises of high returns coupledwith pressure to invest quickly,
encouragement to limit communicationwith financial advisors or family
members and difficulties in withdrawingfunds or demands for additional
fees to facilitate withdrawals.
If you suspect that somebody you knowis a victim of cryptocurrency investment
(08:40):
fraud, it's critical to report theincident promptly to the FBI's Internet
Crime Complaint Center, IC3, at ic3.
gov. And their site has a great infopiece with further information that is
a must read for us all, in any country.
And beyond that, it's a must share,especially with those you love.
And if you're in a position toget the point across, it's a great
(09:03):
reason why governments everywhereneed to invest in cyber policing.
If that note about people needingsuicide counseling doesn't get to you.
Nah, nobody's that heartless.
So for all of you, there'sa link in the show notes.
This weekend, we're going toshare our AI related show.
It looks at questions thatexecutives should be asking about AI.
(09:25):
And while it's not totally focused oncybersecurity, once again, we will all
benefit from a better understanding andmore intelligent conversations about AI.
It'll be there on Saturday morningwith your morning coffee, or
whenever you listen to long formpodcasts, I'm your host, Jim Love.
Thanks for listening.
Popular Podcasts
Amy Robach & T.J. Holmes present: Aubrey O’Day, Covering the Diddy Trial
Introducing… Aubrey O’Day Diddy’s former protege, television personality, platinum selling music artist, Danity Kane alum Aubrey O’Day joins veteran journalists Amy Robach and TJ Holmes to provide a unique perspective on the trial that has captivated the attention of the nation. Join them throughout the trial as they discuss, debate, and dissect every detail, every aspect of the proceedings. Aubrey will offer her opinions and expertise, as only she is qualified to do given her first-hand knowledge. From her days on Making the Band, as she emerged as the breakout star, the truth of the situation would be the opposite of the glitz and glamour. Listen throughout every minute of the trial, for this exclusive coverage. Amy Robach and TJ Holmes present Aubrey O’Day, Covering the Diddy Trial, an iHeartRadio podcast.
Betrayal: Season 4
Karoline Borega married a man of honor – a respected Colorado Springs Police officer. She knew there would be sacrifices to accommodate her husband’s career. But she had no idea that he was using his badge to fool everyone. This season, we expose a man who swore two sacred oaths—one to his badge, one to his bride—and broke them both. We follow Karoline as she questions everything she thought she knew about her partner of over 20 years. And make sure to check out Seasons 1-3 of Betrayal, along with Betrayal Weekly Season 1.
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.