CTO at NCSC Summary: week ending March 23rd
The journey to post quantum cryptography begins.. with discovery and planning until 2028.. walk don't run..
Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.
Operationally this week nothing overly of note but given what is in the below that says something about our normal..
In the high-level this week:
Timelines for migration to post-quantum cryptography - NCSC publishes - walk don’t run..
Setting direction for the UK's migration to post-quantum cryptography - NCSC blogs - “Migration to PQC can be viewed as any large technology transition. In the guidance, we describe the key steps in such a transition, and illustrate some of the cryptography and PQC-specific elements required at each stage of the programme. We also discuss how the challenge will vary between different sectors, and how the PQC ecosystem is likely to evolve following the work of industry developers and international standards bodies.”
Cyber chiefs unveil new roadmap for post-quantum cryptography migration - NCSC press releases - “New guidance from the NCSC outlines a three-phase timeline for organisations to transition to quantum-resistant encryption methods by 2035.”
Open call for evidence Data brokers and national security - Department of Science Innovation and Technology calls - “The UK government is seeking views to understand more about organisations that take part in data broking and the wider industry. In particular, the government would like to understand the operations, security practices and customers of data brokers, to support policy development.
Part 1 explores the definition and services of data brokers
Part 2 explores national security risks associated with the data broker industry
Part 3 explores the effectiveness of data brokers’ security and governance frameworks
Part 4 asks data brokers for a breakdown of their customer base and explores consumer awareness of data brokers”
Security of Critical Infrastructure Amendment (2025 Measures No. 1) Rules 2025 - Australia Department of Home Affairs set the rules - the rules commence April 4th, 2025.
Achieving Efficiency Through State and Local Preparedness - The White House publishes - “This order empowers State, local, and individual preparedness and injects common sense into infrastructure prioritization and strategic investments through risk-informed decisions that make our infrastructure, communities, and economy resilient to global and dynamic threats and hazards.”
Lithuania National Threat Assessment 2025 - State Security Department and Defence Intelligence and Security Service publish - “China is actively engaged in cyber espionage and remote recruitment.” … “The official and personal information systems of Lithuanian public sector employees continue to be targeted by cyber capabilities of Chinese and Russian intelligence services. Cyber espionage groups controlled by Chinese and Russian intelligence services are engaged in ongoing espionage activities and are attempting to gain new access to target information systems.”
IT security should be largely exempt from the debt brake - Heise reports - “The CDU/CSU, SPD, and the Greens have agreed on a financial package that relaxes the debt brake. This also includes the IT security budget: It will no longer be counted toward the debt brake if future spending exceeds 1 percent of gross domestic product.”
Hong Kong passes cybersecurity law covering ‘critical infrastructure’ - Hong Kong Free Press publishes - “Hong Kong has passed a law meant to enhance safeguards for the city’s key infrastructure systems against cyberattacks, imposing fines of up to HK$5 million for cybersecurity lapses.”
Korean Financial Security Agency warns of threats from state-sponsored hacking groups targeting financial sector - Financial Security Institute warns - “State-sponsored hacking organizations are expanding their attack scope to include not only virtual assets but also various fields including the financial industry , and are utilizing intelligent and targeted infiltration techniques specialized for the target of the attack.”
Reporting cyberattacks on [Swiss] critical infrastructure mandatory from 1 April 2025 - Swiss National Cyber Security Centre reminds - “At its meeting on 7 March, the Federal Council introduced a reporting obligation for cyberattacks on critical infrastructure, which will come into force on 1 April. Operators of critical infrastructure will be required to report cyberattacks to the National Cyber Security Centre (NCSC) within 24 hours of discovery.”
Deception can enable private-sector initiative persistence - Binding Hook op eds -”By using cyber operations to deceive adversaries, the private sector can act persistently without conducting ‘attacks’”
IMO FAL convention’s 60th Anniversary proposing increased cyber resilience and improved port call optimisation - The World Ports Sustainability Program announces - “Patrick also warned the member states and NGOs present that cybersecurity is the greatest threat facing ports”
SG’s NRP launches RoboNexus to boost robotics startups globally - Tech in Asia reports - “The National Robotics Programme (NRP) has launched RoboNexus, an accelerator aimed at supporting Singapore-based robotics startups and SMEs in gaining international visibility” - having just popped back from Asia and seen robots in action in various real-world use cases this is not the stuff of tomorrow.
ENISA: Fit for Purpose? - Interface EU reviews - “For policymakers in Member States and EU institutions, two basic conceptual options emerge to make ENISA truly fit for purpose: equipping ENISA with additional financial resources and personnel to fully meet its mission and responsibilities or redefining ENISA’s mandate to align with existing resources, which would entail significantly narrowing the agency’s tasks and scope of activities.”
CHIPDIPLO consortium selected to support international diplomacy in semiconductors - European Commission announces - “CHIPDIPLO will create a dynamic EU Semiconductor Diplomacy Network to strengthen the EU's economic security and develop a European economic foreign policy.”
Reporting on/from China
After DeepSeek, Chinese fund managers beat High-Flyer's path to AI - Reuters reports - “Quant fund High-Flyer not only deployed AI in its multi-billion dollar portfolio, it also built China's most notable AI start-up DeepSeek whose cost-effective large language model stunned Silicon Valley and undermined Western dominance of the AI sector.”
Chinese Startup Zhipu AI Raises $207 Million Funding in Less Than a Month - Caixin reports - “Zhipu AI, a leading Chinese generative artificial intelligence (AI) start-up, has raised 500 million yuan ($69 million) in new funding less than a month after securing 1 billion yuan ($138 million) in its previous round.”
DeepSeek focuses on research over revenue in contrast to Silicon Valley - Financial Times reports - “Industry insiders said Liang has shown little intention to capitalise on DeepSeek’s sudden fame to further commercialise its technology in the near term. The company is instead focusing the majority of its resources on model development and the quest to build artificial general intelligence — machines with humanlike cognitive capabilities.”
Alibaba revamps Quark search engine into AI super assistant - South China Morning Post reports - “The new version of Quark is powered by Alibaba’s Qwen series reasoning model. It offers advanced capabilities such as a chatbot, as well as deep thinking and task execution features through the “all-in-one AI super assistant”, which can handle tasks ranging from academic research to medical diagnostics, the Hangzhou-based company said on Thursday.”
Exclusive: Mercedes to develop smart cars for global markets with China's Hesai lidar - Reuters reports - “Mercedes-Benz will develop smart driving cars for global markets equipped with Hesai's lidar sensors, a person with direct knowledge said, the first time a foreign automaker has sought to use such Chinese-made technology for models sold outside China.”
AI
Auditing language models for hidden objectives - Anthropic publishes - “At present, safety testing of AI systems primarily consists of checking whether AIs ever appear to behave badly. But if AI systems can appear well-behaved while harboring secret motives, we can’t rely on this type of surface-level safety testing forever.”
China Announces Generative AI Labeling to Cull Disinformation - Bloomberg reports - “The Cyberspace Administration of China together with three other agencies on Friday announced a new set of rules that will require service providers to label AI-generated material as such, either explicitly or via metadata encoded in each file. Those rules come into effect on Sept. 1.”
Third Draft of the General-Purpose AI Code of Practice published, written by independent experts - European Commission publishes - “The draft is based on a concise list of high-level commitments and provides more detailed measures to implement each commitment. These are 2 Commitments related to transparency and copyright for all providers of general-purpose AI models, and further 16 Commitments related to safety and security only for providers of general-purpose AI models classified as general-purpose AI models with systemic risk.”
The Artificial Intelligence (Regulation) Bill: Closing the UK's AI Regulation Gap? - Kennedy’s analyses - “This legislative initiative comes at a time when the UK government remains committed to a pro-innovation approach to AI regulation, a stance first articulated at the 2023 AI Safety Summit and later reaffirmed in the AI Opportunities Action Plan (AI Action Plan) published on 13 January 2025. Unlike the European Union, which has implemented the AI Act, the UK has favoured a sector-specific and principles-based approach to AI regulation.”
Superintelligence Strategy: Expert Version - Dan Hendrycks, Eric Schmidt and Alexandr Wang publish - on an academic paper website not an academic paper - “Taken together, the three-part framework of deterrence, nonproliferation, and competitiveness outlines a robust strategy to superintelligence in the years ahead.”
Jerry Sheehan’s speech at AI Standards Hub Global Summit - OECD publishes - “When it comes to driving compatibility among legal frameworks, AI standards are only effective insofar as they are rooted in shared principles and a common understanding of foundational concepts – such as “what is AI” or “what constitutes an AI incident.”
Putting Explainable AI to the Test: A Critical Look at AI Evaluation Approaches - George Town publishes (in Feb) - “We find that researchers describe explainability and interpretability in variable ways across papers and do not clearly differentiate explainability from interpretability. We also identify five evaluation approaches that researchers adopt—case studies, comparative evaluations, parameter tuning, surveys, and operational evaluations—and observe that research papers strongly favor evaluations of system correctness over evaluations of system effectiveness.”
Cyber proliferation
Virtue or Vice? A First Look at Paragon’s Proliferating Spyware Operations - Citizen Lab holds to account - “We forensically analyzed multiple Android phones belonging to Paragon targets in Italy (an acknowledged Paragon user) who were notified by WhatsApp. We found clear indications that spyware had been loaded into WhatsApp, as well as other apps on their devices.”
Activist alerts ICC to spyware attack while sharing Libya torture victims’ details - The Guardian reports - “A prominent activist in Italy has warned the international criminal court that his mobile phone was under surveillance when he was providing the ICC with confidential information about victims of torture in Libya.”
Bounty Hunting
Former CEO Of Kubient, Inc. Sentenced To Prison In Connection With Accounting Fraud Scheme - US Department of Justice announces - “ROBERTS also repeatedly made material misrepresentations in SEC filings about the efficacy of KAI in identifying and preventing digital ad fraud, including in connection with Kubient’s initial and secondary public offerings when Kubient was touting KAI as one of the company’s premier products that would differentiate it from its competitors.” - inaccurate claims of efficacy a compound matter in sentencing..
Cyber insurance-linked securities market grows as insurers seek alternative risk transfers - Insurance Asia reports - “Since January 2023, the market has seen 10 cyber ILS issuances from five cedents, totalling over $800m.”
Marsh expands Cyber Echo with additional insurance capacity - Insurance Business reports - “Cyber Echo, launched in 2016, offers up to US$125 million in cyber insurance cover and is the largest facility of its kind. Since its introduction, it has facilitated nearly US$50 billion in coverage for around 500 clients worldwide.”
Reflections this week are based on our PQC migration guidance and the fact that concerns being raised by some around store now and decrypt later are significantly overplayed for marketing benefit.
The complexity of capture along with the cost implications and practicalities of store now and decrypt later mean that for all but the very few (and I can’t stress how small), it is a risk which is unlikely to manifest.. In short don’t get anxious and be bounced, instead get planning for a comprehensive and well executed migration over the next decade..
Not getting this via email? Subscribe:
Think someone else would benefit? Share:
All attribution is by others and not the UK Government unless specifically stated as such, please see the legal text at the end.
Have a lovely Saturday..
Ollie
Cyber threat intelligence
Who is doing what to whom and how allegedly.
Reporting on Russia
New Wave of Attacks Targeting Defence Enterprises and the Defence Forces of Ukraine
CERT-UA details a regional phishing campaign targeting the military which is allegedly Russian in origination.
Throughout March 2025, attackers were spreading phishing messages containing malicious archives in the Signal messenger. Hackers disguised attached files as a report on the results of a meeting. In some cases, to increase trust in the message, it was sent on behalf of familiar contacts whose accounts had been previously hacked by the attackers.
Phishing archives typically contain: a lure file with the "pdf" extension and an executable file, DarkTortilla – a crypter/loader that decrypts and launches the remote administration tool DarkCrystal RAT (DCRAT).
This activity has been tracked by CERT-UA under the identifier UAC-0200 since at least the summer of 2024. Since February 2025, the content of the lure messages has concerned UAVs, electronic warfare equipment, and other military technologies.
Reporting on China
Operation FishMedley
Matthieu Faou takes a look at historical alleged i-Soon activity from 2022 including alleged victimology and other technique-tactics and procedures. Irrespective if this is i-Soon or not the tradecraft awareness will be valuable.
Verticals targeted during Operation FishMedley include governments, NGOs, and think tanks, across Asia, Europe, and the United States.
Operators used implants – such as ShadowPad, SodaMaster, and Spyder – that are common or exclusive to China-aligned threat actors.
We assess with high confidence that Operation FishMedley was conducted by the FishMonger APT group.
Independent of the DOJ indictment, we determined that FishMonger is operated by I‑SOON.
..
We were unable to identify the initial compromise vectors. For most cases, the attackers seemed to have had privileged access inside the local network, such as domain administrator credentials.
At Victim D, the attackers gained access to an admin console and used it to deploy implants on other machines in the local network. It is probable that they first compromised the machine of a sysadmin or security analyst and then stole credentials that allowed them to connect to the console.
At Victim F, the implants were delivered using Impacket, which means that the attackers somehow previously compromised a high-privilege domain account.
https://www.welivesecurity.com/en/eset-research/operation-fishmedley/
Operation AkaiRyū: MirrorFace invites Europe to Expo 2025 and revives ANEL backdoor
Dominik Breitenbacher details this alleged Chinese campaign which is suspected of using spear phishing as the initial access mechanism.
MirrorFace has refreshed its TTPs and tooling.
MirrorFace has started using ANEL, a backdoor previously associated exclusively with APT10.
MirrorFace has started deploying a heavily customized variant of AsyncRAT, using a complex execution chain to run it inside Windows Sandbox.
To our knowledge, MirrorFace targeted a European entity for the first time.
We weren’t able to determine the initial attack vector for all the cases observed in 2024. However, based on the data available to us, we assume that spearphishing was the only attack vector used by MirrorFace. The group impersonates trusted organizations or individuals to convince recipients to open documents or click links. The following findings on initial access align with those in the Trend Micro article, although they are not entirely the same.
Zhou Shuai: A Hacker’s Road to APT27
Natto Team detail the alleged career path of this individual.
Zhou Shuai’s name may be new to many of us. However, in the Chinese hacking world, Zhou Shuai is a renowned hacker who was among men of the moment - the first-generation Chinese patriotic hackers in the mid 90s. In his evolution into an allegedly state-sponsored hacker behind APT27, Zhou Shuai exemplifies a cohort of highly skilled Chinese hackers who have become a significant asset for Chinese state cyber operations.
nattothoughts.substack.com/p/zhou-shuai-a-hackers-road-to-apt27
Reporting on North Korea
N. Korea ramps up cyber offensive: New research center to focus on AI-powered hacking
Daily NK reports this alleged evolution in North Korean offensive cyber investments..
“In late February, the Supreme Commander issued an order to the RGB under the General Staff Department to enhance overseas information warfare capabilities. This order included instructions to establish Research Center 227 for hacking technology research.”
According to the source, following this order transmitted through the Operations Bureau to the RGB staff department, efforts to establish the center officially began March 9.
“This research center is separate from existing institutes under the RGB,” the source emphasized. While RGB headquarters is located in Pyongyang’s Hyongjesan District, Research Center 227 is situated in Mangyongdae District.
Malicious npm package infection case distributed by North Korea's Lazarus group
Iacell gives us the sense of scale which this alleged North Korean open source repository attack achieved. In the contemporary world 330 may not feel like a lot on one hand, on the other it might feel like a massive return on investment for not much effort.
Number of malicious packages found: 6 in total
Number of downloads: Approximately 330 times
Attack technique: Using typosquatting to trick developers into installing malicious packages through typos in popular packages.
https://logpresso.com/ko/blog/2025-03-17-lazarus-npm
Reporting on Iran
Nothing of note this week
Reporting on Other Actors
Inside BRUTED: Black Basta (RaaS) Members Used Automated Brute Forcing Framework to Target Edge Network Devices
Arda Büyükkaya details a capability from this organised crime group which indicated some of their initial access capability.
EclecticIQ analysts assess that Black Basta targets edge network devices for credential-stuffing attacks, exploiting weak or reused credentials to gain an initial foothold for lateral movement, and ransomware deployment. BRUTED framework enables Black Basta affiliates to automate and scale these attacks, expanding their victim pool for and accelerating monetization to drive ransomware operations.
ClearFake’s New Widespread Variant: Increased Web3 Exploitation for Malware Delivery
Pierre Le Bourhis and Quentin Bourgue detail what the contemporary internet offers and that malicious actors are taking advantage of. Whilst also highlighting that said malicious actors are not adopting secure by design in their development..
ClearFake is a malicious JavaScript framework deployed on compromised websites to deliver malware through the drive-by download technique.
The Sekoia Threat Detection & Research (TDR) tecoam discovered that since December 2024, ClearFake has included new lures. This latest variant uses fake reCAPTCHA or Cloudflare Turnstile verifications, along with fake technical issues, to trick users into resolving these CAPTCHA challenges and finally executing malicious PowerShell code.
This “EtherHiding” technique presents a double-edged sword. On one hand, it makes the malicious content impossible to remove from the blockchain and allows attackers to use a legitimate database to store malicious content. On the other hand, it opens the door for other threat actors to leverage the framework and its large infrastructure to insert their own PowerShell commands.
Buying browser extensions for fun and profit
John Tuckner details an attack surface which is under appreciated. Think of this as a meta initial access broker of sorts for those who aren’t overly concerned with optimisation or specificity of access.
I have been tracking extensions listed for sale on the website extensionhub.io for some time. There have been numerous extensions listed over time from 400,000 users on sale for $100,000 to extensions with five users (one being browser extension fan solst/ICE who I worked on this project with) listed for $50.
https://secureannex.com/blog/buying-browser-extensions/
Discovery
How we find and understand the latent compromises within our environments.
100 Days of KQL
Aura continues to pump out the goodness..
C2 Beaconing Detection with MDE Aggregated Report Telemetry
Mehmet Ergene details this interesting feature in MDE which will allow the discovery of certain implant beaconing behaviours. A case for jitter..
Microsoft has recently introduced a new telemetry feature in Defender for Endpoint: Aggregated Reports. This new telemetry provides new opportunities for detecting malicious activities.
Beaconing activity is typically identified by analyzing the time intervals (or time delta) between consecutive connections.
Defender for endpoint generates two aggregated report events, ConnectionSuccessAggregatedReport and ConnectionFailedAggregatedReport, for network activity on an hourly-basis. While it's not documented when MDE starts aggregating the data, it seems like the aggregation window starts when MDE service starts. Therefore, don't expect receiving aggregated report events at the beginning of each hour.
https://academy.bluraven.io/blog/beaconing-detection-using-mde-aggregated-report-telemetry
Do Not Trust What They Tell: Exposing Malicious Accomplices in Tor via Anomalous Circuit Detection
Yixuan Yao, Ming Yang, Zixia Liu, Kai Dong, Xiaodan-Gu, and Chunmian Wang detail the results of their experiments of looking for anomalies within the Tor network. More interesting is that the authors did some of try and stay anonymous.
Two kinds of anomalies are identified: routing anomalies and usage anomalies, that respectively represent the anomalies with explicit or implicit violation of Tor's circuit construction guidelines. This leads to a successful revealing of totally 1,960 anomalous nodes in Tor. Furthermore, we apply clustering analysis with considering corresponding anomalous circuits and other key characteristics to the detected anomalous nodes, revealing potential hidden organizations behind these nodes that can threaten the network's security. Our findings highlight the necessity for the Tor project to adopt targeted mitigation strategies to enhance overall network security and privacy.
https://openreview.net/forum?id=qcnePVejeV#discussion
Defence
How we proactively defend our environments.
Using RPC Filters to Protect Against Coercion Attacks
Isaac Trzebiatowski details a practical defence to this ever growing attack technique.
When manually creating RPC filters, documentation states that the audit flag may only be applied to rules with the action set to permit. That helps us if you know you can't block an endpoint, but ideally, I would like to block the end point and also alert when someone tries to access the UUID. Bummer.
Additionally, when testing a permit rule for each UUID in this article, only two successfully generated 5712 events.
MS-EVEN (82273fdc-e32a-18c3-3f78-827929dc23ea)
MS-EFSRPC (c681d488-d850-11d0-8c52-00c04fd90f7e)
https://blog.shellntel.com/p/using-rpc-filters-to-protect-against-coercion-attacks
Incident Writeups & Disclosures
How they got in and what they did.
j-actions changed-files through 45.0.7
Github release an advisory on this supply chain attack. Developer supply chains is a wicked problem.
tj-actions changed-files through 45.0.7 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were not originally affected, but were modified by a threat actor to point at commit 0e58ed8, which contains the malicious updateFeatures code.)
https://github.com/advisories/GHSA-mrrh-fwg8-r2c3
OKX Web3
OKX detail an incident which they alleged involved North Korea misusing their service. No real technical detail but interesting that North Korea are exploring and get caught doing so.
Recently, we detected a coordinated effort by Lazarus group to misuse our defi services. At the same time, we've noticed an increase in competitive attacks aiming to undermine our work.
https://www.okx.com/learn/dex-aggregator-service-update
Vulnerability
Our attack surface.
Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
Peter Stöckli shows what happens when parsing goes adverse. This will be one of those vulnerabilities which will keep giving for a while.
Critical authentication bypass vulnerabilities (CVE-2025-25291 + CVE-2025-25292) were discovered in ruby-saml up to version 1.17.0. Attackers who are in possession of a single valid signature that was created with the key used to validate SAML responses or assertions of the targeted organization can use it to construct SAML assertions themselves and are in turn able to log in as any user. In other words, it could be used for an account takeover attack. Users of ruby-saml should update to version 1.18.0. References to libraries making use of ruby-saml (such as omniauth-saml) need also be updated to a version that reference a fixed version of ruby-saml.
AIX is vulnerable to arbitrary command execution
For the reader of a certain vintage who will appreciate this..
Vulnerabilities in AIX could allow a remote attacker to execute arbitrary commands (CVE-2024-56346, CVE-2024-56347).
IBM AIX nimesis NIM master service could allow a remote attacker to execute arbitrary commands due to improper process controls.
IBM AIX nimsh service SSL/TLS protection mechanisms could allow a remote attacker to execute arbitrary commands due to improper process controls.
https://www.ibm.com/support/pages/node/7186621
Offense
Attack capability, techniques and trade-craft.
Bypassing Windows Defender Application Control with Loki C2
Bobby Cooke shows how to using Electron applications to get an implant to run. Initial access is left as an exercise for the reader.
From personally experimenting with newer Electron applications like Signal, I have confirmed that integrity checks are now in place for some Electron applications which prevent their JavaScript files from being modified. Still, many actively distributed Electron applications remain vulnerable.
This technique has also been observed in real-world attacks. In 2022, a threat actor backdoored the MiMi chat application by modifying its bundled JavaScript files on the distribution server. Trend Micro identified this as a supply-chain attack, where the compromised Electron app was distributed to end users, enabling the execution of malicious JavaScript code which downloaded and executed a second stage C2 payload.
If the C2 agent itself was entirely written in JavaScript, it could establish a C2 channel even against the strictest WDAC policies. From there, reconnaissance could be performed to find a way to deploy a stage 2 C2 payload. There would be no unsigned DLL load events—just JavaScript executing within the trusted Teams process.
https://securityintelligence.com/x-force/bypassing-windows-defender-application-control-loki-c2/
NullGate
0xsch1zo provides a capability which is worth verifying your detections work against.
This project implements a comfortable and modern way to use the NTAPI functions using indirect syscalls, coupled with the FreshyCalls method with a little twist for dynamic syscall number retrieval. It also uses a technique that I haven't seen being metioned to bypass windows defender's memory scanning. It also implements a classic PoC process injector.
A known solution is to first when calling
NtAllocateVirtualMemoryset the page permissions asPAGE_NOACCESS, then create the thread in a suspended state. When windows defender will scan the memory of our process it will fail to do that. We can then resume the execution of our thread withNtResumeThread.
https://github.com/0xsch1zo/NullGate
Exploitation
What is being exploited..
Mass Exploitation of CVE-2024-4577
Martin Zugec details the scale of exploitation of an argument injection vulnerability in PHP affecting Windows-based systems running in CGI mode. The data shows that this configuration is maybe more common than we would expect.
Since our initial advisory, exploitation attempts have been steadily rising. Our telemetry shows a significant surge in the past month. We've observed a significant concentration of exploit detections in Taiwan (54.65%) and Hong Kong (27.06%), but also notable activity in other countries, including Brazil (16.39%), Japan (1.57%), and India (0.33%).
CVE-2025-24071
0x6rss provides a proof of concept for a vulnerability which is the stuff of nightmares. We can expect widespread use of this vulnerability in phishing campaigns and potentially watering hole attacks.
NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File
Windows Explorer automatically initiates an SMB authentication request when a .library-ms file is extracted from a .rar archive, leading to NTLM hash disclosure. The user does not need to open or execute the file—simply extracting it is enough to trigger the leak.
https://github.com/0x6rss/CVE-2025-24071_PoC
Windows Shortcut Exploit Abused as Zero-Day in Widespread APT Campaigns
Peter Girnus and Aliakbar Zahravi give a sense of the wide exploitation of this vulnerability. Tik tock goes the clock whilst we await for patches..
[We] identified nearly 1,000 malicious .lnk files abusing ZDI-CAN-25373, a vulnerability that allows attackers to execute hidden malicious commands on a victim’s machine by leveraging crafted shortcut files.
The attacks leverage hidden command line arguments within .lnk files to execute malicious payloads, complicating detection. The exploitation of ZDI-CAN-25373 exposes organizations to significant risks of data theft and cyber espionage.
The vulnerability has been exploited by state-sponsored APT groups from North Korea, Iran, Russia, and China. Organizations across the government, financial, telecommunications, military, and energy sectors have been affected in North America, Europe, Asia, South America, and Australia.
https://www.trendmicro.com/en_us/research/25/c/windows-shortcut-zero-day-exploit.html
Ransomware groups continue to exploit critical Fortinet vulnerabilities - Warning about patched but already compromised devices
CERT Austria warns and shows a degree of tenacity on behalf of the threat actors..
What's particularly striking is that after successfully infecting the device and establishing persistence, the attackers update the software of affected devices themselves. This serves to conceal the attack and prevent other attackers from exploiting the same vulnerability again. Organizations could therefore mistakenly assume that their systems are secure and up-to-date, even though they are already compromised.
Tooling and Techniques
Low level tooling and techniques for attack and defence researchers…
Zentool -- AMD Zen Microcode Manipulation Utility
The tooling behind the blow which allow deep platform research.
This package provides a suite of tools for analyzing, manipulating and generating microcode patches for AMD Zen processors.
https://github.com/google/security-research/tree/master/pocs/cpus/entrysign/zentool
Defeating String Obfuscation in Obfuscated NodeJS Malware using AST
Niranjan Hegde walks through practically how to use an AST parser..
I’ve chosen the Babel library . While there are other AST parsers available, I opted for Babel due to the availability of several high-quality tutorials that explain how to use it. You can find all the tutorials and blogs that helped in writing this script in the references section.
goLAPS
Felipe Molina and Leon Jacobs release a capability which we may see used offensively.
It can get all LAPS passwords from a domain controler using the "get" command
It can set the target computer LAPS password using the "set" command
For now, it only works with simple binding on LDAP and LDAPS protocols
You can provide a filter (-f, --filter) to retrieve computers in the domain that follow a specific patter on their samAccountName
https://github.com/sensepost/goLAPS
Footnotes
Some other small (and not so small) bits and bobs which might be of interest.
Cybersecurity Governance and Normative Frameworks: Non-Western Countries and International Organizations Perspectives - NATO CCCDOE publishes in October
The ‘Pacific Rim’ Campaign: Corporate Norm Entrepreneurship and Active Cyber Defense
Third Party Exit Plan Template - Cross Market Operational Resilience Group publishes - available to Financial Conduct Authority (“FCA”) and/or the Prudential Regulation Authority (“PRA") registered entities - “This template provides a structured approach to managing supplier exits, ensuring continuity of operations and mitigating risks associated with service termination or provider withdrawal. Effective exit planning helps to maintain operational resilience and aligns with regulatory expectations, particularly within the UK and EU financial sectors, where supplier dependencies are scrutinised to safeguard against potential disruptions to core services.”
Artificial intelligence
A Guide to Failure in Machine Learning: Reliability and Robustness from Foundations to Practice - “One of the main barriers to adoption of Machine Learning (ML) is that ML models can fail unexpectedly. In this work, we aim to provide practitioners a guide to better understand why ML models fail and equip them with techniques they can use to reason about failure. Specifically, we discuss failure as either being caused by lack of reliability or lack of robustness.”
HCAST: Human-Calibrated Autonomy Software Tasks - "We evaluate the success rates of AI agents built on frontier foundation models, and we find that current agents succeed 70-80% of the time on tasks that take humans less than one hour, and less than 20% of the time on tasks that take humans more than 4 hours."
Books
Nothing of note this week
Events
JSAC 2025 - videos of presentations in English
Exploring the UK’s Ransomware Legislative Proposals - Mar 26, 2025 04:00 PM UK - “We will begin with a short presentation on the proposals from the UK’s Home Office, and followed by a panel discussion about the practical and policy implications of the proposals.”
Offensive AI CON - conference dedicated to offensive AI cybersecurity, coming to Oceanside, San Diego - October 5-8, 2025.
Video of the week - How North Korean hackers (allegedly) stole $1.5 billion dollars in crypto
Unless stated otherwise, linked or referenced content does not necessarily represent the views of the NCSC and reference to third parties or content on their websites should not be taken as endorsement of any kind by the NCSC. The NCSC has no control over the content of third party websites and consequently accepts no responsibility for your use of them.
This newsletter is subject to the NCSC website terms and conditions which can be found at https://www.ncsc.gov.uk/section/about-this-website/terms-and-conditions and you can find out more about how will treat your personal information in our privacy notice at https://www.ncsc.gov.uk/section/about-this-website/privacy-statement.