July 14, 2025 • 17 mins
In this episode of 'Cybersecurity Today,' hosted by David Shipley from the Exchange Security 2025 conference, urgent updates are provided on critical cybersecurity vulnerabilities and threats. CISA mandates a 24-hour patch for Citrix NetScaler due to a severe vulnerability actively being exploited, dubbed 'Citrix Bleed.' Fortinet’s FortiWeb also faces a critical pre-auth remote code execution flaw that demands immediate patching. Additionally, significant vulnerabilities in AI-driven developments are highlighted, including shortcomings in Jack Dorsey's BitChat app and a method to extract Windows keys from ChatGPT-4. The episode emphasizes the importance of timely updates, robust security measures, and the potential risks involved with AI-generated code.
00:00 Introduction and Overview
00:35 Urgent Citrix Vulnerability Alert
03:26 Fortinet FortiWeb Exploit Details
06:23 Ingram Micro Ransomware Recovery
09:26 AI Coding and Security Risks
14:03 ChatGPT Security Flaw Exposed
17:20 Conclusion and Contact Information
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:00):
CISA gives agency a day to patchexploits for pre-auth Fortinet
Forted Web RCE Flaw Released Patch.
Now, Ingram Micro restores all businessoperations globally . AI code leaving
behind bugs that could burn unawaredevelopers and I give up prompts.
Chat GPT to surrender Windows Keys.
(00:23):
This is cybersecurity today, andI'm your host, David Shipley, coming
to you from Frisco, Texas and theExchange Security 2025 conference.
Let's get started.
The US Cybersecurity and InfrastructureSecurity Agency, CISA issued an emergency
directive confirming active exploitationof Citrix bleed two CVE 20 25 5 7 7 7.
(00:49):
A critical vulnerability in CitrixNetScaler A DC, and gateway C
a's response is unprecedented.
Federal agencies were given just 24hours from July 10th to the end of July
11th to apply the necessary patches.
That level of urgency signals howserious and immediate the threat is.
(01:11):
The vulnerability is a memorysafety issue, specifically an
out of bounds memory read thatallows unauthenticated attackers
to access sensitive memory areas.
Impacted systems includeNetScaler, devices configured as
gateways or aaa authentication,authorization and accounting.
Virtual servers, running firmwareversions prior to 14.1 43 56, 13 0.1
(01:36):
58 32, 13 0.1 dash 37 2 3 5 FIPs,N-D-C-P-P and 12.1 55 32 8 FIPs
while Citrix released a patchfor this on June 27th, the threat
landscape has changed rapidly.
(01:57):
Security researcher Kevin Beaumontwarned of the flaws potential in early
July, referring to it as Citrix bleed.
A direct reference to CVE 20 23 4966, which was widely exploited last
year, but by July 7th, proof of conceptexploits were published by researchers
at Watchtower and Horizon three.
(02:19):
Since then, attackers have beenactively testing and sharing proof
of concepts in criminal forums.
CISA's confirmation now removesany doubt exploitation is underway.
I. Organizations mustact immediately on this.
If patching is not yet completed,restrict external access to NetScaler
systems using firewall rules or acls.
(02:41):
After applying updates, administratorsshould terminate all active
ICA and P-C-O-I-P sessions.
Those may already be compromised.
It's important to review allcurrent sessions for suspicious
activity using the show.
ICA Connection Command throughthe NetScaler Gateway console.
Notably, Citrix has yet to update itsoriginal advisory, which still claims
(03:05):
there's no known exploitation in the wild.
Ceases confirmation makes thecurrent threat level clear.
It is being exploited.
This is a critical issue.
Delay not an option.
Apply the patches.
Verify session integrity andlock down external access until
your remediation is complete.
(03:26):
Speaking of summertime, highseverity vulnerabilities that
give it and network administratorsmigraines during vacation season.
Fortinets 40 Web just had aproof of concept exploit drop.
For a pre-auth RCE.
That scores an impressive 9.8out of 10 on the CVSS scale.
Fortiweb a widely deployed webapplication firewall used to protect
(03:48):
against malicious web traffic isvulnerable to an unauthenticated SQL
injection flaw that can be leveragedto achieve full remote code execution.
I. It doesn't get much worse than that.
Fortinet has addressed the issueand put a patch out last week in
for to web version 7.64, 7.4 0.87.2 point 11, and 7.0 point 11.
(04:13):
if your organization is runningany version older than these
ones, you are at immediate riskand should prioritize patching.
According to Fortinet, the vulnerabilitystems from improper input sanitization
in the get fabric user by token functionwithin the fabric connector component,
software that synchronizes authenticationand policy data across Fortinet products.
(04:36):
Attackers can exploit this flaw byinjecting malicious SQL commands
through the authorization headerin HTTP requests sent to the API
fabric device status endpoint.
This allows for complete bypassof authentication mechanisms.
You heard that right?
Complete bypass ofauthentication mechanisms.
(04:57):
Researchers from Watchtowerand independent security
researcher, faulty Peter.
Researchers from Watchtower andan independent security researcher
released detailed technical analysisand proof of concept code showing how
the vulnerability can be escalated fromSQL injection to remote code execution.
(05:21):
By abusing my SQL select into outputfile function, they were able to
write malicious python path filesinto Fortiweb site packages directory.
Since PATH files are automaticallyexecuted with Python attackers could
then leverage a legitimate CGI scripton the device CGI bin ml, draw Python
(05:41):
to trigger arbitrary code execution.
This flaw was originally discovered byKentaro Kawani of GMO Cybersecurity,
who also recently identified a statichard-coded password issue in Cisco's ISE.
Although there are currently noconfirmed in the wild exploits for
this, that status is unlikely to hold.
(06:02):
Exploits are now publicly availableand the path from initial access to
full compromise is clearly documented.
If Citrix bleed two is any indication,this could escalate quickly
in the next two to three days.
Immediate patching is strongly advised.
Delays could result in compromise.
(06:23):
It is not often, I get to say job welldone on this podcast, but Ingram Micro
deserves a tip of the hat for its rapidcontainment and recovery from a recent
ransomware attack, from initial detectionto full recovery within a week, as
opposed to the more typical weeks oreven months seen at other organizations.
This is a notable win.
(06:43):
It's particularly significant becauseunfortunately IT, and security
organizations often don't practicewhat they preach to clients when it
comes to security and resiliency.
So it's important to celebrate whenorganizations like Ingram Micro
get something like this, right.
While the initial communicationsfrom Ingram generated some ire from
(07:04):
the MSSP community on Reddit, therapid recovery will likely go a
long way in smoothing things over.
The Irvine, California based technologydistributor issued a statement late
Wednesday, noting that all of itssystems were now operational across
every country and region in whichthe company conducts business.
And for the record, that's 90% ofthe global market in response to the
(07:27):
intrusion, which was detected just beforethe 4th of July long weekend in the US.
That must have been fun.
Ingram Micro took key systems offline aspart of its containment work and engaged
third party cybersecurity experts tosupport its investigation and recovery.
The company has also filed aneight K disclosure with the US
Securities and Exchange Commissionas it is a publicly traded company.
(07:49):
The company has expressedgratitude for customer and partner
support during the disruption.
The source of the attack has sincebeen attributed to the Safe Pay
Ransomware Group, a threat actornow regarded as one of the most
active in the ransomware ecosystem.
According to threat intelligencefirm, Acronis Safe Pay has been linked
to more than 200 victims worldwide,and importantly has increasingly
(08:12):
focused on managed service providersand small to mid-size businesses.
This group is believed to originated fromthe original lock bit ransomware gang.
One thing about the communicationsfrom Ingram on their website that still
doesn't quite make sense to me andand kind of gives a lack of clarity,
is all around when this all startedin their communications, they talk
(08:34):
about how they issued a statement onthe incident on July 5th, but their
websites went down on Thursday, July 3rd.
The communications seem intentionallyvague on when specifically the
ransomware gang was detected andhow the company reacted to it.
this may indicate that ongoing forensicwork has yet to fully confirm the
initial access method, as well as anyimpacted data and the overall timeline.
(09:01):
Continued transparency on thisincident may flow through further
SEC filings, but the company can makea huge difference globally by being
as transparent as possible with thedetails, and most importantly, sharing
critical lessons learned that couldprevent others from experiencing the
same attack or highlighting how theirplans worked well to recover so quickly.
(09:26):
Now we can turn our attentionfrom the latest round of exploits
and ransomware attacks to trendsthat are highlighting where future
attacks are likely to come from.
Let's start with some bad vibes we'regetting from AI coding that's not properly
reviewed by knowledgeable developers.
A new messaging app from Jack Dorsey,co-founder of Block and Twitter, is
drawing sharp criticism from securityexperts for serious design flaws,
(09:49):
highlighting the growing tension betweenrapid generative AI driven development
and foundational cybersecurity principles.
Launched over the weekend as adecentralized peer-to-peer messaging tool.
Bit.
Chat was introduced by Dorseyas a privacy focused alternative
for resilient communication.
Specifically one designed tooperate over Bluetooth mesh
networks rather than the internet.
(10:11):
The concept enable messagingduring outages, disasters, or in
censorship prone environments.
But the App Security posture so farhas failed to meet its stated goals.
a security researcher, AlexRadocea, CEO of Super Networks,
conducted a technical review ofBit Chatt shortly after its launch,
And identified significantvulnerabilities, particularly
(10:33):
around identity verification.
In a detailed blog post, Radocea pointedout that BitChat does not implement
proper cryptographic checks to confirmthe identity of message senders.
As a result, attackers can impersonatetrusted contacts using spoofed identity.
Keys, a fundamental breakdownin secure communications.
(10:54):
Radocea said that this is a hallmarkof what happens when generative
AI is used to write applicationcode without robust review.
And while the application appearsto perform encryption, the actual
cryptographic guarantees are absent.
There's no assurance you'recommunicating with who you
think you're communicating with.
Dorsey has since acknowledgedthe shortcomings.
(11:16):
In an update to the app's GitHub page, heincluded a disclaimer BitChat, may contain
vulnerabilities and does not necessarilymeet its stated security goals.
No kidding.
He also announced plans to transitionthe platform to the Noise Protocol
Framework, a widely respected opensource cryptographic standard used in
secure communications tools such asSignal, a reminder, the age old advice.
(11:40):
Don't roll your own crypto.
Importantly, Dorsey confirmed thatBitChat was built using a block internal
AI tool called Goose, and constructedusing English and intelligence models.
Well, this highlights the potential forgenerative ai for rapid prototyping.
It also exposes a critical gap.
Security assumptions made by the AIor by the developer do not replace
(12:03):
the rigor of vetted purpose-builtcryptographic implementations.
And by the way, this isn't theonly problem with AI coding.
We've covered other issues like slop,squatting, the invention or hallucination
of different packages or dependencies thatthen criminals find out about and create.
This episode is a timely reminder that thespeed and creativity enabled by generative
(12:26):
AI and software development must bebalanced with disciplined, well-resourced
quality assurance and security validation.
Labeling a communications tool assecure without meaningful investment
in cryptographic engineering andsecure by design coding practices
is at best premature and at worse.
(12:46):
Wickedly irresponsible BitChat iscurrently in beta and available
via Apple's test flight program.
Though the initial slots appear to befilled despite the security flaws, EA
acknowledged Dorsey's transparency andrapid engagement with the feedback,
calling it a positive step towardsimproving the project and expressing
interest in eventually integratingit with Super Networks products.
(13:08):
Once it's properly hardened.
In Dorsey's own word, the reactionto Bit Chat's Launch Revealed
quote, unexpected demand end quote.
For decentralized messaging options,the demand is real, but so is the risk.
If apps like Bit Chat are to becomeviable, the cryptographic foundations must
be built with the same care as good code.
(13:30):
Silicon Valley's move fast and breakthings ethos mixed with vibe coating and
a growing disdain for paying real humansto do Quality assurance and quality
development work is going to end in tears.
This isn't a technologyissue, it's cultural.
Let me explain.
There's a place for AI coding toolsas augmentation for skilled developers
(13:51):
inside organizations that do securityby design and build even more robust QA
processes to match the efficiency of AIwith the need for greater due diligence.
Now from one AI power dumpster fire storyto another in the classic Arabic folktale,
Alibaba, and the 40 Thieves, the secretto the treasure was open sesame for chat.
(14:16):
GPT, it seems it's, I give up seriously.
I'll explain.
Recently, a researcher successfullymanipulated ChatGPT four into disclosing
windows, product keys, including at leastone, tied to Wells Fargo, the method, a
cleverly engineered prompt disguised asa game . According to a technical blog
(14:39):
post by Marco Figueroa, the technicalproduct manager for the Odin Gen AI
Bug Bounty program, the researcherbypassed ChatGPT Safety guardrails.
By structuring the interaction as aguessing game, the AI was instructed
to think of a real Windows 10 serialnumber, except yes or no questions.
And if the user gave up, reveal the key.
(15:01):
ChatGPT accepted the premiseand followed the instructions.
When the researcher typed, I giveup ChatGPT complied producing what
it believed to be a valid window.
Serial number, screenshots of theinteraction with sensitive content.
Redacted confirmed the AIresponded with default Windows.
Keys, Figueroa emphasizedthe phrase I give up.
(15:23):
Served as the triggerthat allowed the AI to.
Bypass internal restrictions anddisclose previously blocked content.
The vulnerability works by exploitingthe model's pattern, matching behavior,
and its tendency to treat instructionsembedded in game-like framing.
As rule govern responses.
The key is surfaced by the model includedhome pro and enterprise additions.
(15:45):
Notably, Figueroa confirmed to theregister that one of the return
keys matched a private licensereportedly linked to Wells Fargo.
The incident raises urgent questionsabout the exposure of sensitive
data during model training.
It underscores a growing concern,preexisting public or semi-private
data sets, such as leak credentials,licenses, or API keys may have
(16:07):
been unintentionally incorporatedinto large language model training.
Corpora.
And this isn't a riskthat's without precedent.
It's not a hypothetical.
In 2023, a Microsoft developerinadvertently exposed 38 terabytes of
private data on GitHub while sharingopen source AI training resources.
(16:29):
I. Security firm.
Wizz reported the exposure, whichincluded sensitive items such as
API, keys, passwords, internal teams,messages, and workstation backups.
Microsoft later described thedisclosure as a quote learning
opportunity, but the scope of theexposure was still substantial For
organizations, this highlights theneed for stronger data hygiene, tighter
(16:51):
control over developer workflows, andrigorous vetting of training data.
Generative AI's flexibility is apowerful asset, But it also introduces
new unconventional threat factors thatare only beginning to be understood.
As always, stay skepticaland stay patched.
And if you're in the US governmentbeing proactive on patching, might just
(17:15):
save your weekend from the next 24 hourmust patch rule dropped on a Thursday.
We're always interested in youropinion, and you can contact us at
editorial@technewsday.ca or leavea comment under the YouTube video.
I've been your host, David Shipley,Jim Love will be back on Wednesday.
And if you're at the ExchangeSecurity Conference, come say hi.
(17:38):
Thanks for listening.
CISA gives agency a day to patchexploits for pre-auth Fortinet
Forted Web RCE Flaw Released Patch.
Now, Ingram Micro restores all businessoperations globally . AI code leaving
behind bugs that could burn unawaredevelopers and I give up prompts.
Chat GPT to surrender Windows Keys.
(00:23):
This is cybersecurity today, andI'm your host, David Shipley, coming
to you from Frisco, Texas and theExchange Security 2025 conference.
Let's get started.
The US Cybersecurity and InfrastructureSecurity Agency, CISA issued an emergency
directive confirming active exploitationof Citrix bleed two CVE 20 25 5 7 7 7.
(00:49):
A critical vulnerability in CitrixNetScaler A DC, and gateway C
a's response is unprecedented.
Federal agencies were given just 24hours from July 10th to the end of July
11th to apply the necessary patches.
That level of urgency signals howserious and immediate the threat is.
(01:11):
The vulnerability is a memorysafety issue, specifically an
out of bounds memory read thatallows unauthenticated attackers
to access sensitive memory areas.
Impacted systems includeNetScaler, devices configured as
gateways or aaa authentication,authorization and accounting.
Virtual servers, running firmwareversions prior to 14.1 43 56, 13 0.1
(01:36):
58 32, 13 0.1 dash 37 2 3 5 FIPs,N-D-C-P-P and 12.1 55 32 8 FIPs
while Citrix released a patchfor this on June 27th, the threat
landscape has changed rapidly.
(01:57):
Security researcher Kevin Beaumontwarned of the flaws potential in early
July, referring to it as Citrix bleed.
A direct reference to CVE 20 23 4966, which was widely exploited last
year, but by July 7th, proof of conceptexploits were published by researchers
at Watchtower and Horizon three.
(02:19):
Since then, attackers have beenactively testing and sharing proof
of concepts in criminal forums.
CISA's confirmation now removesany doubt exploitation is underway.
I. Organizations mustact immediately on this.
If patching is not yet completed,restrict external access to NetScaler
systems using firewall rules or acls.
(02:41):
After applying updates, administratorsshould terminate all active
ICA and P-C-O-I-P sessions.
Those may already be compromised.
It's important to review allcurrent sessions for suspicious
activity using the show.
ICA Connection Command throughthe NetScaler Gateway console.
Notably, Citrix has yet to update itsoriginal advisory, which still claims
(03:05):
there's no known exploitation in the wild.
Ceases confirmation makes thecurrent threat level clear.
It is being exploited.
This is a critical issue.
Delay not an option.
Apply the patches.
Verify session integrity andlock down external access until
your remediation is complete.
(03:26):
Speaking of summertime, highseverity vulnerabilities that
give it and network administratorsmigraines during vacation season.
Fortinets 40 Web just had aproof of concept exploit drop.
For a pre-auth RCE.
That scores an impressive 9.8out of 10 on the CVSS scale.
Fortiweb a widely deployed webapplication firewall used to protect
(03:48):
against malicious web traffic isvulnerable to an unauthenticated SQL
injection flaw that can be leveragedto achieve full remote code execution.
I. It doesn't get much worse than that.
Fortinet has addressed the issueand put a patch out last week in
for to web version 7.64, 7.4 0.87.2 point 11, and 7.0 point 11.
(04:13):
if your organization is runningany version older than these
ones, you are at immediate riskand should prioritize patching.
According to Fortinet, the vulnerabilitystems from improper input sanitization
in the get fabric user by token functionwithin the fabric connector component,
software that synchronizes authenticationand policy data across Fortinet products.
(04:36):
Attackers can exploit this flaw byinjecting malicious SQL commands
through the authorization headerin HTTP requests sent to the API
fabric device status endpoint.
This allows for complete bypassof authentication mechanisms.
You heard that right?
Complete bypass ofauthentication mechanisms.
(04:57):
Researchers from Watchtowerand independent security
researcher, faulty Peter.
Researchers from Watchtower andan independent security researcher
released detailed technical analysisand proof of concept code showing how
the vulnerability can be escalated fromSQL injection to remote code execution.
(05:21):
By abusing my SQL select into outputfile function, they were able to
write malicious python path filesinto Fortiweb site packages directory.
Since PATH files are automaticallyexecuted with Python attackers could
then leverage a legitimate CGI scripton the device CGI bin ml, draw Python
(05:41):
to trigger arbitrary code execution.
This flaw was originally discovered byKentaro Kawani of GMO Cybersecurity,
who also recently identified a statichard-coded password issue in Cisco's ISE.
Although there are currently noconfirmed in the wild exploits for
this, that status is unlikely to hold.
(06:02):
Exploits are now publicly availableand the path from initial access to
full compromise is clearly documented.
If Citrix bleed two is any indication,this could escalate quickly
in the next two to three days.
Immediate patching is strongly advised.
Delays could result in compromise.
(06:23):
It is not often, I get to say job welldone on this podcast, but Ingram Micro
deserves a tip of the hat for its rapidcontainment and recovery from a recent
ransomware attack, from initial detectionto full recovery within a week, as
opposed to the more typical weeks oreven months seen at other organizations.
This is a notable win.
(06:43):
It's particularly significant becauseunfortunately IT, and security
organizations often don't practicewhat they preach to clients when it
comes to security and resiliency.
So it's important to celebrate whenorganizations like Ingram Micro
get something like this, right.
While the initial communicationsfrom Ingram generated some ire from
(07:04):
the MSSP community on Reddit, therapid recovery will likely go a
long way in smoothing things over.
The Irvine, California based technologydistributor issued a statement late
Wednesday, noting that all of itssystems were now operational across
every country and region in whichthe company conducts business.
And for the record, that's 90% ofthe global market in response to the
(07:27):
intrusion, which was detected just beforethe 4th of July long weekend in the US.
That must have been fun.
Ingram Micro took key systems offline aspart of its containment work and engaged
third party cybersecurity experts tosupport its investigation and recovery.
The company has also filed aneight K disclosure with the US
Securities and Exchange Commissionas it is a publicly traded company.
(07:49):
The company has expressedgratitude for customer and partner
support during the disruption.
The source of the attack has sincebeen attributed to the Safe Pay
Ransomware Group, a threat actornow regarded as one of the most
active in the ransomware ecosystem.
According to threat intelligencefirm, Acronis Safe Pay has been linked
to more than 200 victims worldwide,and importantly has increasingly
(08:12):
focused on managed service providersand small to mid-size businesses.
This group is believed to originated fromthe original lock bit ransomware gang.
One thing about the communicationsfrom Ingram on their website that still
doesn't quite make sense to me andand kind of gives a lack of clarity,
is all around when this all startedin their communications, they talk
(08:34):
about how they issued a statement onthe incident on July 5th, but their
websites went down on Thursday, July 3rd.
The communications seem intentionallyvague on when specifically the
ransomware gang was detected andhow the company reacted to it.
this may indicate that ongoing forensicwork has yet to fully confirm the
initial access method, as well as anyimpacted data and the overall timeline.
(09:01):
Continued transparency on thisincident may flow through further
SEC filings, but the company can makea huge difference globally by being
as transparent as possible with thedetails, and most importantly, sharing
critical lessons learned that couldprevent others from experiencing the
same attack or highlighting how theirplans worked well to recover so quickly.
(09:26):
Now we can turn our attentionfrom the latest round of exploits
and ransomware attacks to trendsthat are highlighting where future
attacks are likely to come from.
Let's start with some bad vibes we'regetting from AI coding that's not properly
reviewed by knowledgeable developers.
A new messaging app from Jack Dorsey,co-founder of Block and Twitter, is
drawing sharp criticism from securityexperts for serious design flaws,
(09:49):
highlighting the growing tension betweenrapid generative AI driven development
and foundational cybersecurity principles.
Launched over the weekend as adecentralized peer-to-peer messaging tool.
Bit.
Chat was introduced by Dorseyas a privacy focused alternative
for resilient communication.
Specifically one designed tooperate over Bluetooth mesh
networks rather than the internet.
(10:11):
The concept enable messagingduring outages, disasters, or in
censorship prone environments.
But the App Security posture so farhas failed to meet its stated goals.
a security researcher, AlexRadocea, CEO of Super Networks,
conducted a technical review ofBit Chatt shortly after its launch,
And identified significantvulnerabilities, particularly
(10:33):
around identity verification.
In a detailed blog post, Radocea pointedout that BitChat does not implement
proper cryptographic checks to confirmthe identity of message senders.
As a result, attackers can impersonatetrusted contacts using spoofed identity.
Keys, a fundamental breakdownin secure communications.
(10:54):
Radocea said that this is a hallmarkof what happens when generative
AI is used to write applicationcode without robust review.
And while the application appearsto perform encryption, the actual
cryptographic guarantees are absent.
There's no assurance you'recommunicating with who you
think you're communicating with.
Dorsey has since acknowledgedthe shortcomings.
(11:16):
In an update to the app's GitHub page, heincluded a disclaimer BitChat, may contain
vulnerabilities and does not necessarilymeet its stated security goals.
No kidding.
He also announced plans to transitionthe platform to the Noise Protocol
Framework, a widely respected opensource cryptographic standard used in
secure communications tools such asSignal, a reminder, the age old advice.
(11:40):
Don't roll your own crypto.
Importantly, Dorsey confirmed thatBitChat was built using a block internal
AI tool called Goose, and constructedusing English and intelligence models.
Well, this highlights the potential forgenerative ai for rapid prototyping.
It also exposes a critical gap.
Security assumptions made by the AIor by the developer do not replace
(12:03):
the rigor of vetted purpose-builtcryptographic implementations.
And by the way, this isn't theonly problem with AI coding.
We've covered other issues like slop,squatting, the invention or hallucination
of different packages or dependencies thatthen criminals find out about and create.
This episode is a timely reminder that thespeed and creativity enabled by generative
(12:26):
AI and software development must bebalanced with disciplined, well-resourced
quality assurance and security validation.
Labeling a communications tool assecure without meaningful investment
in cryptographic engineering andsecure by design coding practices
is at best premature and at worse.
(12:46):
Wickedly irresponsible BitChat iscurrently in beta and available
via Apple's test flight program.
Though the initial slots appear to befilled despite the security flaws, EA
acknowledged Dorsey's transparency andrapid engagement with the feedback,
calling it a positive step towardsimproving the project and expressing
interest in eventually integratingit with Super Networks products.
(13:08):
Once it's properly hardened.
In Dorsey's own word, the reactionto Bit Chat's Launch Revealed
quote, unexpected demand end quote.
For decentralized messaging options,the demand is real, but so is the risk.
If apps like Bit Chat are to becomeviable, the cryptographic foundations must
be built with the same care as good code.
(13:30):
Silicon Valley's move fast and breakthings ethos mixed with vibe coating and
a growing disdain for paying real humansto do Quality assurance and quality
development work is going to end in tears.
This isn't a technologyissue, it's cultural.
Let me explain.
There's a place for AI coding toolsas augmentation for skilled developers
(13:51):
inside organizations that do securityby design and build even more robust QA
processes to match the efficiency of AIwith the need for greater due diligence.
Now from one AI power dumpster fire storyto another in the classic Arabic folktale,
Alibaba, and the 40 Thieves, the secretto the treasure was open sesame for chat.
(14:16):
GPT, it seems it's, I give up seriously.
I'll explain.
Recently, a researcher successfullymanipulated ChatGPT four into disclosing
windows, product keys, including at leastone, tied to Wells Fargo, the method, a
cleverly engineered prompt disguised asa game . According to a technical blog
(14:39):
post by Marco Figueroa, the technicalproduct manager for the Odin Gen AI
Bug Bounty program, the researcherbypassed ChatGPT Safety guardrails.
By structuring the interaction as aguessing game, the AI was instructed
to think of a real Windows 10 serialnumber, except yes or no questions.
And if the user gave up, reveal the key.
(15:01):
ChatGPT accepted the premiseand followed the instructions.
When the researcher typed, I giveup ChatGPT complied producing what
it believed to be a valid window.
Serial number, screenshots of theinteraction with sensitive content.
Redacted confirmed the AIresponded with default Windows.
Keys, Figueroa emphasizedthe phrase I give up.
(15:23):
Served as the triggerthat allowed the AI to.
Bypass internal restrictions anddisclose previously blocked content.
The vulnerability works by exploitingthe model's pattern, matching behavior,
and its tendency to treat instructionsembedded in game-like framing.
As rule govern responses.
The key is surfaced by the model includedhome pro and enterprise additions.
(15:45):
Notably, Figueroa confirmed to theregister that one of the return
keys matched a private licensereportedly linked to Wells Fargo.
The incident raises urgent questionsabout the exposure of sensitive
data during model training.
It underscores a growing concern,preexisting public or semi-private
data sets, such as leak credentials,licenses, or API keys may have
(16:07):
been unintentionally incorporatedinto large language model training.
Corpora.
And this isn't a riskthat's without precedent.
It's not a hypothetical.
In 2023, a Microsoft developerinadvertently exposed 38 terabytes of
private data on GitHub while sharingopen source AI training resources.
(16:29):
I. Security firm.
Wizz reported the exposure, whichincluded sensitive items such as
API, keys, passwords, internal teams,messages, and workstation backups.
Microsoft later described thedisclosure as a quote learning
opportunity, but the scope of theexposure was still substantial For
organizations, this highlights theneed for stronger data hygiene, tighter
(16:51):
control over developer workflows, andrigorous vetting of training data.
Generative AI's flexibility is apowerful asset, But it also introduces
new unconventional threat factors thatare only beginning to be understood.
As always, stay skepticaland stay patched.
And if you're in the US governmentbeing proactive on patching, might just
(17:15):
save your weekend from the next 24 hourmust patch rule dropped on a Thursday.
We're always interested in youropinion, and you can contact us at
editorial@technewsday.ca or leavea comment under the YouTube video.
I've been your host, David Shipley,Jim Love will be back on Wednesday.
And if you're at the ExchangeSecurity Conference, come say hi.
(17:38):
Thanks for listening.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
The Joe Rogan Experience
The official podcast of comedian Joe Rogan.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Special Summer Offer: Exclusively on Apple Podcasts, try our Dateline Premium subscription completely free for one month! With Dateline Premium, you get every episode ad-free plus exclusive bonus content.