CTO at NCSC Summary: week ending March 30th
New 🐾 (PAWs) guidance...
Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.
Operationally this week nothing overly of note beyond robot dogs being exploited by researchers to see through their eyes and to tunnel into the networks they are on..
In the high-level this week:
Privileged access workstations: introducing our new set of principles - UK National Cyber Security Centre publish - “The NCSC has today published a new set of principles on privileged access workstations, or PAWs. When designed and implemented in the right way, PAWs are an indispensable tool for organisations to help defend against real-world cyber threats.”
Good security practice for domain registrars - UK National Cyber Security Centre publish - “Principles to reduce the prevalence of malicious and abusive domain registrations.”
National Strategic Assessment 2025 - UK National Crime Agency publishes - “The cyber threat persisted in 2024 despite the splintering of the ransomware market as a result of law enforcement disruptions against LockBit and BlackCat. There is an increasing threat from younger UK-based cybercriminals, although these make up a small proportion of the overall threat picture.”
Stop! Think Fraud - Action Fraud, National Cyber Security Centre and National Crime Agency launch - “Turn on 2-step verification – also known as 2SV or 2FA – for your important accounts today.”
The state of cyber security in adult social care - UK Department of Health and Social Care publishes - “Representatives and leaders raised concerns regarding care providers’ ability to identify cyber threats, which they attributed to a lack of understanding of cyber security risks and of the likely impacts of incidents, a lack of dedicated staff resources to manage risks, and the limited information shared by technology suppliers about this.”
Anonymisation and Pseudonymisation guidance - Information Commissioner’s Office publishes - “Our new guidance covers:
the key concepts of anonymisation and pseudonymisation;
how we ensure anonymisation is effective;
accountability and governance requirements; and
good practice advice anonymising personal data.”
Secretary of State Peter Kyle speech to Nvidia GTC 2025 - Department for Science, Innovation and Technology and The Rt Hon Peter Kyle MP publish - “Without compute, no economy can thrive. No country can protect its people. No government can retain the trust of its citizens.”
Annual Threat Assessment - US Intelligence Community publishes - “The PRC will likely continue posturing to be in a position of advantage in a potential conflict with the United States. The PRC will continue trying to press Taiwan on unification and will continue conducting wide-ranging cyber operations against U.S. targets for both espionage and strategic advantage.”
Why are North Korean hackers such good crypto-thieves? - The Economist writes - “North Korea has several strengths. One is talent. This could appear counterintuitive: the country is desperately poor and ordinary citizens have severely restricted access to the internet or even computers. But “North Korea can take the best minds and tell them what to do,” says Kim Seung-joo of the school of cybersecurity at Korea University in Seoul.”
Interpreting India’s Cyber Statecraft - Carnegie Endowment for International Peace publishes - “Given the strength of its digital economy and innovation, and its potential for further growth in connectivity, digital inclusion, and workforce development, India has considerable latent cyber power.”
Cybersecurity Strategy Scorecard - The Belfer Center for Science and International Affairs publishes - “These assessments reveal clear leaders, especially the United States, Australia, the United Kingdom, and Singapore, all of which received leading marks on at least 50% of the 70 elements for which they were scored.”
Trump Administration Begins Shifting Cyberattack Response to States - The Wall Street Journal reports - “The Trump administration wants state and local governments to play a bigger role in protecting water utilities, ports and other critical infrastructure from cyberattacks. In an executive order signed Tuesday, President Trump directed White House senior security advisers to draw up a national resilience plan to protect critical infrastructure that shifts more responsibilities to the state and local level.”
Japan’s cybersecurity shift: Adoption of Active Cyber Defence posture - Observer Research Foundation analyses - “While the ACD diverts from Japan’s traditional defence-oriented policy (Yoshida Doctrine), it emphasises the critical importance of safeguarding the country’s cyberspace, an essential national security priority. The legislation aims to remove the existing legal bottlenecks, including the Act on Prohibition of Unauthorised Computer Access (Article 2, Para. 4) and the prohibition on collecting signal intelligence (Article 21 of the constitution), facilitating likely ‘hacking back’ and allowing external network disruption.”
What the search for a social unicorn tells us about scaling impact - London School of Economics ponders - “A social unicorn is a play on the concept of a commercial unicorn. But rather than a company worth a billion dollars, the idea is to examine what it takes to positively impact a billion lives.”
To bolster Texas' digital defenses, state leaders eye new 'cyber command' out of UTSA - Community Impact reports - A state bill has been proposed - “Relating to the establishment of the Texas Cyber Command as a component institution of The University of Texas System and the transfer to it of certain powers and duties of the Department of Information Resources.”
Reporting on/from China
US FCC probing if Huawei, other Chinese firms are seeking to evade curbs - South China Morning Post reports - “The US Federal Communications Commission said on Friday it is investigating nine Chinese companies including Huawei Technologies, ZTE, Hangzhou Hikvision, China Mobile, China Telecom and others to determine if they are seeking to evade US restrictions.
The Chinese companies have all been placed on the FCC’s “Covered List” that deems specific communications equipment and services pose a threat to US national security.”
Is this quantum microsatellite the start of a global network? A Chinese-South African team tested the idea - South China Morning Post reports - “Researchers from China and South Africa have used a low-cost microsatellite and portable ground stations to create the world’s longest quantum communication link.”
Robot wars: why this week was a game-changer for the US-China humanoid race - South China Morning Post reports - “On Tuesday, the American robot maker Figure AI unveiled a groundbreaking automated production line that it claims is capable of manufacturing 12,000 of its humanoids per year.
The same day, home appliance giant Midea Group became the latest Chinese company to jump into the industry, when it unveiled a prototype for a self-developed humanoid.”
Huawei-related chip equipment maker to debut products at Shanghai trade show - South China Morning Post reports - “SiCarrier, a chip tool maker backed by the Shenzhen government, will launch new products during the three-day Semicon China exhibition, an annual industry event hosted by US-based industry association SEMI.”
Hong Kong investment arm backs Chinese RISC-V start-up StarFive - South China Morning Post reports - ”The partnership would see Hong Kong support StarFive in rolling out RISC-V chip applications in the city, founder and CEO Thomas Xu Tao said in an interview.”
Chinese scientists create 'breakthrough' solid-state DUV laser light source for chipmaking tools - Tom’s Hardware reports - “While the initial CAS system demonstrates capabilities, its low power output makes it unsuitable for commercial semiconductor manufacturing, where high throughput and process stability are essential. It's likely that multiple generations of development would be needed to make this a viable chipmaking light source.”
In Depth: Where Chinese Overseas Investment Is Heading - Caixin reports - “Malaysia is leveraging a diversification strategy to attract Chinese semiconductor firms, while Saudi Arabia is seeking Chinese partners to develop its technology, e-commerce and tourism industries so that its economy is less dependent on oil.”
Huawei says its AI phone has 'emotions' trained by DeepSeek - Nikkei Asia reports - “We have trained our AI assistant for millions of hours with our large language models and put that intelligence on the device for the first time, to make it really like a real human that can interact naturally with conversations with different emotions and detect users' mood,""
Upskilling China: Implications for Middle-Income Economies - New York University and IDE-JETRO publish - “What happens when China, a large economy with active industrial policy, begins to expand into sectoral niches formerly occupied by its middle-income trade partners? We build a multi-country, multi-sector general equilibrium model of global trade and perform counterfactual experiments aimed at assessing the effects of China's human capital investments and industrial policies on trade, production and factor returns elsewhere in the developing world”
AI
NIST Artificial Intelligence (AI) 100-2 E2025, Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations - NIST publishes - “This NIST Trustworthy and Responsible AI report provides a taxonomy of concepts and defines terminology in the field of adversarial machine learning (AML). The taxonomy is arranged in a conceptual hierarchy that includes key types of ML methods, life cycle stages of attack, and attacker goals, objectives, capabilities, and knowledge.”
Which references our prior work at the NCSC - “As these systems permeate the digital economy and become essential parts of daily life, the need for their secure, robust, and resilient operation grows. These operational attributes are critical elements of trustworthy AI in the NIST AI Risk Management Framework [274] and the NCSC Machine Learning Principles [266].”
Fourth AI Pact webinar on the Guidelines for Prohibited AI Practices under the AI Act and the Definition of an AI system - European Commission publishes - “These guidelines provide clarity on the Commission’s interpretation of these prohibitions, offering legal explanations and practical examples to assist stakeholders in understanding and adhering to the AI Act’s requirements.”
Security on the Path to AGI - OpenAI expands their grant programme - “The Cybersecurity Grant Program is now soliciting proposals for a wider range of projects. Priority focus areas for new grant applications include:
Software patching: Leveraging AI to detect and patch vulnerabilities.
Model privacy: Enhancing robustness against unintended exposure of private training data.
Detection and response: Improving detection and response capabilities against advanced persistent threats.
Security integration: Boosting accuracy and reliability of AI integration with security tools.
Agentic security: Increasing resilience in AI agents against sophisticated attacks.”
Reasoning Efficiency Redefined! Meet Tencent’s 'Hunyuan-T1'—The First Mamba-Powered Ultra-Large Model - Tencent announces - “In addition to achievinAdvanced Research + Invention Agency (ARIA)g comparable or slightly better results than R1 on various public benchmarks such as MMLU-pro, CEval, AIME, Zebra Logic, and other Chinese and English knowledge and competition-level math and logical reasoning indicators, Hunyuan-T1 also performs on par with R1 in internal human evaluation datasets. It has a slight edge in cultural and creative instruction following, text summarization, and agent capabilities.”
Open-source AI models may be safer for military use, experts say - South China Morning Post reports - “Panellists at the Singapore Defence Technology Summit on Wednesday argued against the common assumption that closed-source AI models were safer because they could prevent adversaries from knowing their true capabilities.”
Gradual Disempowerment: Systemic Existential Risks from Incremental AI Development - Charles University, Advanced Research + Invention Agency (ARIA) and others publish - “These effects may be mutually reinforcing across different domains: economic power shapes cultural narratives and political decisions, while cultural shifts alter economic and political behavior. We argue that this dynamic could lead to an effectively irreversible loss of human influence over crucial societal systems, precipitating an existential catastrophe through the permanent disempowerment of humanity.”
Let artificial intelligence become an inclusive engine for global development (Global Peace) - People’s Daily publishes - “Adhere to the people-oriented principle and build an AI technology ethics governance system. Data security, algorithmic discrimination, privacy protection, intellectual property rights, etc., involve security and ethical issues in the development of AI. The international community needs to establish an AI risk assessment and early warning system as soon as possible.”
Synopsys lays out strategy for AI 'agents' to design computer chips - Reuters reports - “Synopsys on Wednesday unveiled the technology it calls AgentEngineer. In the near term, it will focus on AI "agents" that a human engineer can give instructions to.”
Cyber proliferation
Operation Zero offering up to $4 million for Telegram exploits - Tech Crunch reports - “Operation Zero, a company that acquires and sells zero-days exclusively to the Russian government and local Russian companies, announced on Thursday that it’s looking for exploits for the popular messaging app Telegram, and is willing to offer up to $4 million for them.”
Negg wins Italian cyber intelligence contracts after Paragon exposed - Intelligence Online reports - “Italian cyber intelligence firm Negg is aiming to become the provider of choice for Rome's cyber offensive contracts. The Italian government lost its preferred contractor in the field, Paragon Solutions, after it was publicly exposed earlier this year.”
Bounty Hunting
Software provider fined £3m following 2022 ransomware attack - Information Commissioner's Office fines - “ICO confirms that a subsidiary of Advanced broke data protection law by failing to fully implement appropriate security measures such as multi factor authentication coverage prior to 2022 attack”
noteworthy here is - Section 179 of the fining document spells out that their post incident mitigations (including engagement with NCSC) reduced the fine by 15% or about £700k - “Several factors from these representations led to a reduction in the fine, including Advanced’s proactive engagement with the National Cyber Security Centre (NCSC), the National Crime Agency (NCA) and the NHS in the wake of the attack and other steps taken to mitigate the risk to those impacted. “
Threat of state-sponsored cyber attacks could make UK terror insurer ‘obsolete’ - Financial Times reports - “Clementi said that the evolution of terrorist activity had left the insurance sector unprepared to handle key sources of systemic risk, particularly from state-backed cyber groups.”
Reflections this week comes from the article Robot wars: why this week was a game-changer for the US-China humanoid race coupled with the Unitree Go 1- Who is speaking to my dog? vulnerability.
Simply put if we do not learn what we have from the last 40 years and the pain from mobile and IoT as we enter the age of the mass adoption of autonomy and robotics then we will have failed. This time it will however likely come very real cyber-physical consequences..
Not getting this via email? Subscribe:
Think someone else would benefit? Share:
All attribution is by others and not the UK Government unless specifically stated as such, please see the legal text at the end.
Have a lovely Saturday..
Ollie
Cyber threat intelligence
Who is doing what to whom and how allegedly.
Reporting on Russia
Russian Intelligence Service-backed Campaigns Impersonate the CIA to Target Ukraine Sympathizers, Russian Citizens and Informants
An alleged Russian campaign which regional targeting, but yet phishing.. still!
We found the campaign consists of four major phishing clusters, impersonating the CIA, the Russian Volunteer Corps, Legion Liberty, and Hochuzhit—“I Want to Live,” an appeals hotline for Russian service members in Ukraine operated by the Main Directorate of Intelligence of Ukraine (also known as the Defense Intelligence of Ukraine).
The official Liberty of Russia Legion made an X (formerly known as Twitter) post on March 14, 2024: “We remind you that the only official telegram channel of the Legion is listed on our website: hxxps://legionliberty[.]army Do not be fooled by fakes. Do not fall into the traps of the security forces of the Putin regime!”
All campaign clusters appear to share a common objective: collecting personal information from site visitors/victims for the benefit of the threat actor.
https://www.silentpush.com/blog/russian-intelligence-phishing/
Gamaredon campaign abuses LNK files to distribute Remcos backdoor
Guilherme Venere details more alleged Russian activity which is regionally focused with phishing but specifically LNK files in order to deploy malware. The lack of sophistication is of note for several reasons, not least that we must infer it is working..
Cisco Talos is actively tracking an ongoing campaign targeting users in Ukraine with malicious LNK files, which run a PowerShell downloader, since at least November 2024.
The file names use Russian words related to the movement of troops in Ukraine as a lure.
The PowerShell downloader contacts geo-fenced servers located in Russia and Germany to download the second stage Zip file containing the Remcos backdoor.
The second stage payload uses DLL side loading to execute the Remcos payload.
Talos assesses with medium confidence that this activity is associated with the Gamaredon threat actor group.
https://blog.talosintelligence.com/gamaredon-campaign-distribute-remcos/
CVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin
Aliakbar Zahravi details an alleged Russian campaign which shows they are able to find and take operational advantage of zero-days..
Trend Research uncovered a campaign by the Russian threat actor Water Gamayun that exploits a zero-day vulnerability in the Microsoft Management Console framework to execute malicious code, named MSC EvilTwin (CVE-2025-26633).
In this attack the threat actor manipulates .msc files and the Multilingual User Interface Path (MUIPath) to download and execute malicious payload, maintain persistence and steal sensitive data from infected systems.
https://www.trendmicro.com/en_us/research/25/c/cve-2025-26633-water-gamayun.html
Reporting on China
Weaver Ant, the Web Shell Whisperer: Tracking a Live China-nexus Operation
Sygnia detail an alleged Chinese operation which is noteworthy for a number of reasons. Firstly the insidious nature, next the evasion attempts. The AMSI evasion attempts are easily detectable through copy-on-write techniques. Here is some code which I write four years ago that will do it..
Sygnia responded to a stealthy and highly persistent China-nexus threat actor operation targeting a major telecommunication company in Asia.
Based on our analysis, we assess that the group behind this intrusion—tracked by Sygnia as Weaver Ant—aimed to gain and maintain continuous access to telecommunication providers and facilitate cyber espionage by collecting sensitive information.
The threat actor deployed minimalist web shells on compromised machines - often consisting of just a single line of code, such as a modified version of China Chopper - the web shells served merely as conduits for executing more sophisticated payloads to achieve the actual objectives.
To bypass AMSI protections, the attacker overwrote the ‘AmsiScanBuffer’ function in the ‘amsi.dll’ module. This modification rendered AMSI integrations with security tools, such as EDR and antivirus software, ineffective, allowing malicious PowerShell commands to execute without interference.
Lucid
Prodaft document an alleged Chinese organised crime phishing campaign which gives a sense of the scale..
The Lucid Phishing-as-a-Service (PhAAS) platform, developed by the XinXin group, facilitates large-scale phishing campaigns targeting global organizations, including postal and courier services.
Lucid is a sophisticated Phishing-as-a-Service (PhAAS) platform operated by Chinese-speaking threat actors, targeting 169 entities across 88 countries globally. With 129 active instances and 1000+ registered domains,
https://catalyst.prodaft.com/public/report/lucid/overview
You will always remember this as the day you finally caught FamousSparrow
Alexandre Côté Cyr details an alleged Chinese operation which again involves webshells... Anyway lots of detection opportunity here.
ESET researchers discovered that FamousSparrow compromised a trade group for the financial sector in the United States and a research institute in Mexico.
FamousSparrow deployed two previously undocumented versions of the SparrowDoor backdoor, one of them modular.
Both versions constitute considerable progress over previous ones and implement parallelization of commands.
The APT group was also observed using the ShadowPad backdoor for the first time.
Reporting on North Korea
Tempted to Classifying APT Actors: Practical Challenges of Attribution in the Case of Lazarus’s Subgroup
Hayato Sasaki walks through the alleged ever complex North Korean subgroups of the DPRK act known as Lazarus..
https://blogs.jpcert.or.jp/en/2025/03/classifying-lazaruss-subgroup.html
Meet Nick Franklin - Blockchain Security Engineer…. or RGB operative hacking for DPRK?
Tanuki42 highlights an alleged North Korean social engineering campaign which is deep as well as rich in context and backstory..
This persona is extremely developed and has seemingly interacted with many major security researchers, protocols and services. It is yet another lesson that EVERYONE should be paranoid - you have probably already spoken to North Korean operatives, and have absolutely no idea.
Reporting on Iran
Nothing of note this week
Reporting on Other Actors
Microsoft Trusted Signing service abused to code-sign malware
Lawrence Abrams details the misuse by alleged criminal actors who appear to be having some success..
These malware samples are signed by "Microsoft ID Verified CS EOC CA 01" and the certificate is only valid for three days. While the certificate expires three days after being issued, it is important to note that executables signed with it will still be considered valid until the issuer revokes the certificate.
"We use active threat intelligence monitoring to constantly look for any misuse or abuse of our signing service," Microsoft told BleepingComputer.
Semrush impersonation scam hits Google Ads
Jérôme Segura and Elie Berreby do what they do best whilst highlighting that malvertising is still a challenge for the industry..
We observed this transition with a malicious ad for “Google Ads” that oddly enough redirected to a fraudulent login page for Semrush. While the phishing page uses the Semrush brand, only the “Log in with Google” option is enabled, forcing victims to authenticate with their Google account username and password.
Barely a day later, the campaign was starting to take shape with Google ads now fully moving away from the “Google Ads” brand to fully impersonating Semrush.
The infrastructure for this new wave was deployed recently and the domain names registered for it are all variations on the Semrush name.
https://www.malwarebytes.com/blog/news/2025/03/semrush-impersonation-scam-hits-google-ads
Discovery
How we find and understand the latent compromises within our environments.
100 Days of KQL
Aura continues to pump out the goodness..
AWS CloudTrail network activity events for VPC endpoints now generally available
Esra Kayabali announces this feature which increases the observability stacks quite considerably..
the general availability of network activity events for Amazon Virtual Private Cloud (Amazon VPC) endpoints in AWS CloudTrail. This feature helps you to record and monitor AWS API activity traversing your VPC endpoints, helping you strengthen your data perimeter and implement better detective controls.
With this new capability, you can now opt in to log all AWS API activity passing through your VPC endpoints. CloudTrail records these events as a new event type called network activity events, which capture both control plane and data plane actions passing through a VPC endpoint.
Defence
How we proactively defend our environments.
Privileged access workstations: introducing our new set of principles
David G, Tom B and Tim D from the UK’s National Cyber Security Centre announce our new principles..
The NCSC has today published a new set of principles on privileged access workstations, or PAWs. When designed and implemented in the right way, PAWs are an indispensable tool for organisations to help defend against real-world cyber threats.
Any organisation, no matter the size, will benefit from reviewing their use of privileged access against these principles.
https://www.ncsc.gov.uk/blog-post/introducing-new-paws-principles
Trapping misbehaving bots in an AI Labyrinth
Reid Tatoris, Harsh Saxena and Luis Miglietti show the AI arms race has clicked in the defences favour against crawler bots.
AI Labyrinth, a new mitigation approach that uses AI-generated content to slow down, confuse, and waste the resources of AI Crawlers and other bots that don’t respect “no crawl” directives.
https://blog.cloudflare.com/ai-labyrinth/
landrun
Armin Ranjbar a new sandbox approach for Linux which will be interesting to see if it gains traction.
A lightweight, secure sandbox for running Linux processes using Landlock. Think firejail, but with kernel-level security and minimal overhead.
Linux Landlock is a kernel-native security module that lets unprivileged processes sandbox themselves.
Landrun is designed to make it practical to sandbox any command with fine-grained filesystem and network access controls. No root. No containers. No SELinux/AppArmor configs.
It's lightweight, auditable, and wraps Landlock v5 features (file access + TCP restrictions).
https://github.com/Zouuup/landrun
Linux kernel Rust module for rootkit detection
Antoine Doglioli’s intern project shows potential, but i suspect may be surpassed by eBPF solutions
We walked through the development of a malware detection tool in Rust (which you can find on Github) and we explored a few rootkit techniques.
Since monitoring capabilities of LKMs are not a primary focus of the Rust for Linux project, many abstractions had to be reimplemented,
https://blog.thalium.re/posts/linux-kernel-rust-module-for-rootkit-detection/
Incident Writeups & Disclosures
How they got in and what they did.
A Sneaky Phish Just Grabbed my Mailchimp Mailing List
Troy Hunt shows great transparency in details his experience of falling for a phishing e-mail..
You know when you're really jet lagged and really tired and the cogs in your head are just moving that little bit too slow? That's me right now, and the penny has just dropped that a Mailchimp phish has grabbed my credentials, logged into my account and exported the mailing list for this blog. I'm deliberately keeping this post very succinct to ensure the message goes out to my impacted subscribers ASAP, then I'll update the post with more details.
…
I'm enormously frustrated with myself for having fallen for this, and I apologise to anyone on that list. Obviously, watch out for spam or further phishes and check back here or via the social channels in the nav bar above for more. Ironically, I'm in London visiting government partners, and I spent a couple of hours with the National Cyber Security Centre yesterday talking about how we can better promote passkeys, in part due to their phishing-resistant nature. 🤦♂️
https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mailchimp-mailing-list/
Vulnerability
Our attack surface.
Unitree Go 1- Who is speaking to my dog?
Andreas Makris and Kevin Finisterre find a great yet trivial vulnerability which hints and how much work we are going to have in ensuring the cyber security of cyber physical systems..
We obtained a Unitree CloudSail API key during our research, allowing full access to the CloudSail API. This enabled listing connected machines (internal and external IPs) and creating tunnels to active clients.
Anybody with access to the API key can freely access all robot dogs on the tunnel network, remotely control them, use the vision cameras to see through their eyes or even hop on the RPI via ssh.
https://think-awesome.com/download_unitree_report
Next.js and the corrupt middleware: the authorizing artifact
Rachid.A details a vulnerability that we at NCSC has released an alert on Vulnerability affecting Next.js web development framework
As highlighted in this paper, this vulnerability has been present for several years in the next.js source code, evolving with the middleware and its changes over the versions. A critical vulnerability can occur in any software, but when it affects one of the most popular frameworks, it becomes particularly dangerous and can have severe consequences for the broader ecosystem. As mentioned earlier, Next.js is downloaded nearly 10 million times a week at the time of writing. It is widely used across critical sectors, from banking services to blockchain. The risk is even greater when the vulnerability impacts a mature feature that users rely on for essential functions like authorization and authentication.
https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware
CVE-2025-1302: jsonpath-plus before 10.3.0 are Remote Code Execution (RCE)
Proof of concept out for this vulnerability
Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of eval='safe' mode. Note: This is caused by an incomplete fix for CVE-2024-21534.
https://github.com/EQSTLab/CVE-2025-1302
Here is the Chinese analysis
https://mp.weixin.qq.com/s/6FarJC2THHqUyS5cE0h9mA
Clevo Boot Guard Keys Leaked in Update Package
Fabio Pagani details arguably an unforgivable oversight here..
After extracting the private key modulus from these keys (see Figure 2), we confirmed that they match the modules stored in the Boot Guard Key Manifest (KM) and Boot Policy Manifest (BPM) used in a Clevo firmware image found within the archive. This means that these keys can be used to sign a malicious firmware image that will pass validation at runtime, effectively bypassing Boot Guard
https://www.binarly.io/blog/clevo-boot-guard-keys-leaked-in-update-package
Offense
Attack capability, techniques and trade-craft.
Fileless lateral movement with trapped COM objects
Dylan Tran details a technique which is a thing of nightmares..
Since AllowDCOMReflection is properly set, we can then perform .NET reflection over DCOM to access Assembly.Load to load a .NET assembly into the COM server. Since we’re using Assembly.Load over DCOM, this lateral movement technique is completely fileless as the assembly byte transfer is handled by the DCOM remoting magic. For an in-depth explanation of this technical flow from object instantiation to reflection, please refer to the following diagram:
https://www.ibm.com/think/news/fileless-lateral-movement-trapped-com-objects
RamiGPT: Autonomous Privilege Escalation using OpenAI
M507 provides further evidence that AI is a productivity enhancer for the less inclined..
RamiGPT is an AI-powered offensive security agent designed to pwn root accounts. Leveraging PwnTools and OpenAI capabilities, RamiGPT navigated the privilege escalation scenarios of several systems from VulnHub, getting root access in less than a minute.
https://github.com/M507/RamiGPT
SpyAI
DarkSpaceSecurity hint a the future offensive uses of AI..
Intelligent Malware that takes screenshots for entire monitors and exfiltrate them through Trusted Channel Slack to the C2 server that's using GPT-4 Vision to analyze them and construct daily activity — frame by frame
https://github.com/DarkSpaceSecurity/SpyAI
Exploitation
What is being exploited..
Blasting Past Webp
Ian Beer walks through this NSO capability showing what contemporary vulnerability exploitation is required..
An analysis of the NSO BLASTPASS iMessage exploit
the two CVEs fixed in iOS 16.6.1 to an "NSO Group Zero-Click, Zero-Day exploit captured in the wild":
Parsing the single 5.5MB bplist causes nearly half a million allocations, churning through nearly a gigabyte of memory. Just looking through this allocation summary it's clear there's lots of CFString and CFData objects, likely used for heap shaping. Looking further down the list there are other interesting numbers:
https://googleprojectzero.blogspot.com/2025/03/blasting-past-webp.html
Tooling and Techniques
Low level tooling and techniques for attack and defence researchers…
lnav
Tim Stack gives log wranglers a tool of wonder..
The Log File Navigator, lnav, is an advanced log file viewer for the terminal. It provides an easy-to-use interface for monitoring and analyzing your log files with little to no setup. Simply point lnav at your log files and it will automatically detect the Log Formats, index their contents, and display a combined view of all log messages. You can navigate through your logs using a variety of hotkeys. Commands give you additional control over lnav’s behavior for doing things like applying filters, tagging messages, and more. You can then analyze your log messages using the SQLite Interface.
https://docs.lnav.org/en/latest/intro.html
Footnotes
Some other small (and not so small) bits and bobs which might be of interest.
Visualizing versus verbalizing uncertainty in intelligence analysis - “We compared the probability terms used by Western intelligence organizations against two visual encoding channel-based representations of uncertainty (i.e. darkness and thickness). Analysts were more sensitive to the probability being communicated under the word than thickness condition but not the darkness condition, with no difference among the visual conditions. However, sensitivity was not perfect. There was no difference in inter-individual variability across all conditions, which was generally poor.”
Friend or Foe? Navigating and Re-configuring "Snipers' Alley" - “In a ‘digital by default’ society, essential services must be accessed online. This opens users to digital deception not only from criminal fraudsters but from a range of actors in a marketised digital economy. Using grounded empirical research from northern England, we show how supposedly ‘trusted’ actors, such as governments, (re)produce the insecurities and harms that they seek to prevent”
Optimizing intelligence support: guidelines for policymakers and intelligence analysts
On Data Leakage Prevention Maturity: Adapting the C2M2 Framework
Artificial intelligence
Books
Nothing of note this week
Events
A.I. and Society in China - deadline is April 30th for submissions - “CSR invites submissions for a special issue examining the interactions between A.I. and society in China."
Unless stated otherwise, linked or referenced content does not necessarily represent the views of the NCSC and reference to third parties or content on their websites should not be taken as endorsement of any kind by the NCSC. The NCSC has no control over the content of third party websites and consequently accepts no responsibility for your use of them.
This newsletter is subject to the NCSC website terms and conditions which can be found at https://www.ncsc.gov.uk/section/about-this-website/terms-and-conditions and you can find out more about how will treat your personal information in our privacy notice at https://www.ncsc.gov.uk/section/about-this-website/privacy-statement.
Thank you for mentioning our research! :)