The Daily Decrypt
ChatGPT's Shakespearean Twist, Maritime Cybersecurity, Water Utility Defense, PyPI Threats, ScreenConnect Vulnerabilities

ChatGPT goes off-script with Shakespearean flair, and cybersecurity becomes the beacon in guarding our maritime and water utility infrastructures. We unravel the complexities of software supply chain threats with a focus on the Python Package Index, and spotlight the latest vulnerabilities in ConnectWise’s ScreenConnect. It’s a journey through the cyber squalls and the efforts to anchor down our digital defenses.

Featured Stories:

  1. ChatGPT’s Shakespearean Spiral – Delving into the reasons behind ChatGPT’s unexpected dive into nonsensical outputs. Read more on Ars Technica and Reddit.
  2. Bolstering Maritime Cybersecurity – How the Biden administration is strengthening America’s maritime defenses against cyber threats. Cybersecurity at Sea: Strengthening America’s Maritime Defenses.
  3. Protecting Water Utilities from Cyber Threats – A look into the new wave of cybersecurity measures for water utilities by CISA, the FBI, and the Environmental Protection Agency.
  4. The Stealthy Expansion of Software Supply Chain Threats – Unpacking a sophisticated cyber-attack via the Python Package Index. Discover more at ReversingLabs.
  5. Patch and Protect: ConnectWise ScreenConnect Update – Addressing the vulnerabilities reported in ScreenConnect and the steps for remediation. ConnectWise Security Bulletins.

Join us as we dissect these pivotal moments in digital security and AI quirks, ensuring you stay informed and ahead of the curve in the ever-evolving world of technology. Only on Spotify.

For the best listening experience, follow us on Spotify and dive into the digital depths with our insightful episodes on technology, cybersecurity, and the unexpected turns of AI.


Feb 22

[00:00:00] All right. Good morning listeners. And welcome back to the daily decrypt. Huge shout out to Jared Jones for his brand new release song played under the. Super sophisticated AI announcer. If you’re looking for some music, if you’re working hard all day in front of the computer and you’re looking for some [00:01:00] music that doesn’t have words and isn’t too distracting, highly recommend looking up Jared Jones. J E R E D. You’re going to find lots of sick bangers like that one.

All right.

But let’s get into the news today. We’re going to dive into a digital pandemonium as chat GPT, seemingly takes a Shakespearian swerve. Leaving user’s puzzled with it’s nonsensical Jabber. Meanwhile, the us government makes waves in cybersecurity. Anchoring down on maritime defenses against the rising tide of cyber threats, proving that when it comes to securing our ports, It’s not just about the web. It’s about the water. Speaking of water.

We are also going to explore how America’s water utilities are fortifying, their cyber defenses. Ensuring that the only things flowing through our pipes, our water and wifi.

In the realm of software and vulnerabilities, we’re gonna be talking about the Python package index or PI as I call it. And how it becomes a Trojan horse for cyber attackers highlighting the stealthy expansion of [00:02:00] threats within our digital supply chains. And lastly, if you stick around this long, we’re going to just touch base on connect Wise’s screen connect vulnerabilities.

All right. So yesterday, Users on Reddit started reporting that chat GPT.

What’s going absolutely insane.

The responses from techy, PT would start out pretty normal and then quickly devolve into what I would describe as someone with a dementia or Verna keys, aphasia.

Thanks to all the Reddit users who posted their chats. They’re very fun to read through. Various journalists have reached out to open AI, the makers of chatty Beatty. For comment and we’re met just with direction to their status page. So no comment at this time has been released. But I have an example here of what ChatGPT was spitting out. And you can see by looking at the. Output. It’s just [00:03:00] going through how it formulates its responses. It’s creating noise and then refining that noise. So here. Is. An example of what it was doing yesterday.

“The high, the high or the heart where the hair. The his, or the Howell hones, a hill, a heel or a hand where all the Astor and any, and all, or an ACE or a story or a strain at grok stands for, of you a visit or the verb there site. Is a stand, a state or a story the in or the in wit makes a must a may or a most.”

Part of that sounded kind of like the monologue from V for vendetta, which I’m not going to even try.

To repeat, but if you haven’t seen me for vendetta, highly recommended,

Given the help the chat should. The T made composing this episode, it seems to be back to normal. But.

It is a reminder at how. These quote, artificial intelligent. Chat bots are not perfect [00:04:00] and they can quickly devolve.

So did, do you know that. Our planet is made up of mostly water. And so our, our bodies.

Though these facts may seem startling. They’re starting.

To get the attention of government officials such as the Biden administration who yesterday released an executive order aimed at bolstering cybersecurity measures across the United States port facilities. This is sparked by increasing concerns over cyber threats, particularly from nation state actors like China.

Who could cripple a lot of our infrastructure. By just taking down a few maritime ports.

In an era where cybersecurity incidents can ripple through the global supply chain with devastating effect, the executive order represents a significant pivot towards enhancing the resilience of [00:05:00] maritime infrastructure.

The us coast guard is now endowed with explicit authority to counter malicious cyber activities.

Targeting the nation’s Marine transportation system. This includes a mandate for the immediate reporting of any cyber threats or incidents that could compromise vessels, harbors, ports, or waterfront facilities.

Part of the executive order involved reallocating over $20 billion towards port infrastructure over the next five years.

And this is an aim to repatriate crane manufacturing, eh, which is a sector currently dominated by China, which manufacturers approximately 80% of the cranes used in us ports.

So if you’re wondering why focus on ports? Well, consider this America’s ports are not just points of entry for goods. They’re bustling hubs that can support 31 million American jobs and contribute $5.4 trillion to the economy. They’re smooth operation is pivotal to our national security and economic prosperity. The threat of cyber attacks, particularly those that could be orchestrated by foreign adversaries.

So as it [00:06:00] turns out, network ports, aren’t the only ports cybercriminals are sneaking into.

In the world of port. Cybersecurity, it looks like we’re moving from pirate, infested waters. To cyber secure harbors. Ari a feeling safe yet.

Speaking of water and making waves in the world of cybersecurity.

The FBI SISA and the EPA. Released tips targeted specifically to water plants and water managing agencies.

At an age where hackers seem to have the thirst for infiltrating our critical infrastructures. The spotlight has turned to our water utilities. This isn’t just about keeping the water flowing. It’s about ensuring that the only thing going down the drain is well water. And not our security. In recent years, several water treatment companies have been the target of ransomware attacks, which has led to significant disruptions.

Such events compromise the safety and availability of drinking water, which is a serious risk to public health and [00:07:00] safety.

These agencies. Are aiming to prevent such outcomes by helping utilities, bolster their defenses against malicious cyber activity. The article in our show notes, outlines eight top notch strategies to keep cyber threats at bay. From hiding key assets to changing passwords, as often as we’re supposed to change our water filters. It seems like water utilities are being prepped for a stormy season in cyberspace.

So what kind of attacks are they trying to prevent?

Often hackers exploit vulnerabilities in the software and hardware that control water treatment processes. And by gaining unauthorized access, they can disrupt operations, demand, ransom, or even tamper with water quality. The guidance provided by SISA the EPA and FBI emphasizes the importance of regular updates and patches to address these vulnerabilities. Alongside training for staff to recognize and respond to cyber threats.

Well, no system can be made completely invulnerable.

The adoption of these recommended practices significantly reduces the risks [00:08:00] of successful cyber attacks, which is what we’re going for.

It is a lofty goal to completely eliminate cyber risk, but.

The goal is to just do what we can.

To make ourselves more secure.

Alrighty, we’re going to turn this a little bit more technical and talk about some recent vulnerabilities that have been discovered. Reversing labs.

Released an article that discusses.

A sophisticated cyber attack that leverages the Python package index or PI as I like to call it. To distribute malicious software through a technique known as DLL sideloading.

In January of 2024. Carlos janky, a reverse engineer at reversing labs discovered two suspicious packages on PI. Named helper and NP six helper HTTP or. These packages were found to exploit DLL sideloading, which is a method where attackers execute malicious code on a computer without being detected by security [00:09:00] software.

This technique was used to target legitimate pie packages, revealing a concerning trend in the misuse of open source platforms for cyber attacks.

DLL sideloading typically involves replacement or of a dynamic link library or DLL with a malicious one. The attacker’s goal is to trick the application into loading this malicious DLL. Thereby executing the harmful code. It contains. In this case, the malicious packages were designed to mimic legitimate ones, very closely, which fooled developers into incorporating them into their projects. So, this is pretty significant.

It affects not just individual developers, but potentially the entire supply chain. As compromised packages could be integrated into a wide array of applications. The attackers utilized Typosquatting, which is a tactic where malicious packages are named similarly to legitimate ones. In an effort to deceive users into downloading them.

Reversing labs investigation further revealed that these malicious packages downloaded additional payloads, including a legitimate [00:10:00] file from king soft core. And a malicious DLL designed to execute a second stage payload. For those interested in diving deeper into the specifics of this breach, including the technical details and indicators of compromise. We encourage you to check out the full article in our show notes for a comprehensive understanding of the attack, vectors and protective measures. And before we finish up for the day. We’re just going to quickly circle back to the recent ConnectWise ScreenConnect vulnerabilities that were reported on February 13th.

If you’re running ScreenConnect on premises, you’re going to need to update your servers to version 23.9 0.8 immediately. If you’re in the cloud, there are no actions needed at this time. And ConnectWise is saying that there’s no evidence that these vulnerabilities have been exploited in the wild, but immediate action must be taken by on-premise partners to address these identified security risks.

All right. That’s all we’ve got for today. I hope you enjoyed

Water puns as well as the new music by [00:11:00] Jared Jones.

Today was probably my favorite episode I’ve done so far. So if you have any feedback Uh, please shoot me a message on Instagram. Shoot us a tweet on Twitter. Uh, We’d love to hear from you. We understand your feedback is an honor. And so we’d be honored to receive And I believe we were taking tomorrow off. So we will talk to you more next week. [00:12:00] [00:13:00]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.