This week
- DeepSeek data left unsecured on the web (This Week)
- UnitedHealth says 190M affected in Change Healthcare incident (Incidents)
- UK gov cyber strategy pledge may take another 5 years (This Week, Interesting Stats)
- US state privacy laws are mostly trash (Privacy)
DeepSeek buzz, bans, breaches, all in one week
- DeepSeek, a Chinese competitor to OpenAI’s ChatGPT, received massive public attention this week and soared to the top of the App Store download charts. Hot takes and hysteria abound. Here are some of the security-related events from this week.
- Harmonic Security took a look at the data privacy concerns around the Chinese AI company, highlighting vague statements about data retention within the People’s Republic of China. The AI security firm concluded that very few (0.21%) of its customer’s users were actually using DeepSeek though. LINK (disclosure: Harmonic are a client)
- DeepSeek limited signups late on Monday amid a sudden wave of interest and in response to what it described as “large-scale malicious attacks on DeepSeek’s services”/ LINK
- Lots of examples have been shared on social media of DeepSeek refusing to answer questions about topics the Chinese Communist Party deems sensitive, such as the Tiananmen Square Massacre. An analysis by PromptFoo of 1,156 prompts found that these “canned refusals” were given 85% of the time and were reasonably easy to circumvent, suggesting, they say, that the censorship is more of a “crude, blunt-force” implementation rather than deeply baked into the reasoning model itself. LINK
- The Chinese company appears to have pretty sloppy security engineering practices: Wiz security researchers found a publicly accessible database containing “a significant volume of chat history, backend data and sensitive information, including log streams, API Secrets, and operational details,” within ‘minutes’ of scanning DeepSeek’s infrastructure. The HTTP interface to the database allowed Wiz to run a
SHOW TABLES;query, returning all the accessible tables. The log stream data may have included plaintext passwords and chat history. DeepSeek promptly fixed the issue after being notified. LINK - Italy blocked DeepSeek over privacy concerns after the company told the Italian data protection regulator that it did not fall under the purview of GDPR. LINK
NAO report says UK government won’t achieve 2025 cyber pledge
- A National Audit Office says that the UK government will not achieve a 2022 pledge to address vulnerabilities in critical operational systems this year, and achieving it by 2030 “remains ambitious”. The NAO concludes that the government’s cyber resilience levels are “lower than previously estimated” and that “departments have no fully funded plans for half of these vulnerable systems”.
- While a shortage of cyber skills is cited in the NAO report, I wonder if the bottleneck isn’t not having enough trained cyber security professionals, but rather IT systems administrators, software engineers, and other broader digital folk needed to modernise the systems themselves. LINK, MORE, REPORT
Interesting stats
$146,685 the average cost of dealing with a ransomware incident in 2024, down from $168,910 to respond in 2021, according to new research from the Ponemon Institute. LINK
28% of critical UK government systems reviewed by the National Audit Office were ‘red-rated’, meaning they presented a high likelihood of operational and security risks occurring. 1/2 of systems do not have fully funded plans to address vulnerabilities. (See Interesting Reads, above).
1/3 British companies monitor the websites visited by remote employees, ~1/4 check the displays of company devices in real-time, and ~1/7 admitted to tracking keystrokes, according to ExpressVPN, who say they surveyed 1,000 workplaces. LINK
83% of 600 organisations have their CISO participate in board meetings “somewhat often or most of the time,” according to a survey by Splunk, with **29% reporting that they have the “proper budget” for security initiatives and 62% said that delays due to budget cuts resulted in successful attacks. LINK
Other newsy bits / in brief
🤓 Interesting reads:
- The UK National Cyber Security Centre’s paper on “forgivable vs unforgivable vulnerabilities”. MITRE introduced the concept of an ‘unforgivable’ vulnerability in 2007, which is those that “simply should not appear in software that has been designed, developed, and tested with security in mind’.” LINK, PAPER
- Time bandit: you can bypass safeguards in ChatGPT by causing ‘temporal confusion’ and asking it, for example, to consider how someone in 1789, with access to current-day technology, might achieve things like writing malware or making weapons. LINK
“Many resources on AWS can be configured to allow public access, using their resource-based policies. S3 buckets are a well-known example, but other resources can be made publicly accessible, too, such as IAM roles. This research collected valid IAM role ARNs that live in random AWS accounts and subsequently tried to assume them.”
- 0.2253%: the success rate of assuming an IAM role of a random AWS account. (H/t Craig). LINK
⚠️ Incidents:
- The US Agency for International Development (USAID) suffered a crypto-mining incident in ‘fall 2024’ that racked up $500,000 in compute costs. LINK
- A disgruntled former IT contractor to the British Museum gained unauthorised physical entry to the museum and shut down IT systems, resulting in some exhibitions having to be closed. Police apprehended the individual on-site and arrested them. LINK
- Update: UnitedHealth Group has told TechCrunch that its Change Healthcare breach that occurred this time last year affected around 190 million Americans or roughly double previous estimates. Approximately 340 million people live in the United States, meaning around 56% of the US population was affected. LINK
🏴☠️ Ransomware:
- New York Blood Center Enterprises suffered a ransomware attack this week and has had to suspend operations and turn away donors. NYBCe collects around 4,000 units of blood daily and serves over 400 hospitals in dozens of states. LINK
- Tata Technologies, part of Indian conglomerate Tata Group, has disclosed a ransomware attack. LINK
- The South African Weather Service (SAWS) was taken offline due to a cyberattack this week. Critical services, including aviation and marine reports, as well as business email and the organisation’s website, are affected. The incident is thought to be a ransomware attack, though no group has claimed responsibility. LINK
- Smiths Group is investigating a potential ransomware attack. The UK engineering firm notified the London Stock Exchange this week that it had “rapidly isolated affected systems and activated business continuity plans”. LINK
- ENGlboal, an energy industry contractor, who suffered a ransomware attack at the end of November 2024, has told the SEC that it was locked out of its financial systems for six weeks following the attack. Presumably, ‘locked out’ in this case is the time taken to get working copies of data and restore the affected systems. LINK
🕵️ Threat Intel:
- More sub-sea shenanigans in the Baltic Sea: Swedish authorities seized a Russian vessel believed to have damaged a subsea cable between Latvia and the island of Gotland. Norwegian police also seized a vessel suspected of being involved in the incident. Russian vessels have been involved in multiple incidents where they have dragged anchors along the sea floor, resulting in damage to subsea internet cables. SWEDEN, NORWAY
- Attackers are exploiting vulnerabilities in SimpleHelp’s remote monitoring and management (RMM) software. Gaining access to this software gives onward control over enrolled devices to make changes to configurations and installed software. LINK
- Zyxel CPE Series devices are being exploited in command-injection attacks, according to GreyNoise. The vulnerability was disclosed in 2024, but no patch has been made available. LINK
- Mitel SIP phones are being targeted by a new Mirai-based malware dubbed Aquabot, which infects affected devices by exploiting CVE-2024-41710, a command injection vulnerability. LINK
- Google says that it has been monitoring Chinese, Russian, North Korean, and Iranian state-backed threat actors using its Gemini AI tools for nefarious purposes. Iran is apparently the worst offender. LINK
🪲 Vulnerabilities:
- Apple has patched a zero-day vulnerability in its operating systems that was being actively exploited. CVE-2025-24085 (7.3/10) is a use after free memory issue in the CoreMedia library of MacOS, iOS, watchOS, tvOS, and visionOS. Spyware operators have exploited similar vulnerabilities in the handling of media files to gain unauthorised access to victims’ devices. LINK, ADVISORIES: MacOS, iOS
- Researchers have published details of two speculative execution-type vulnerabilities in Apple Silicon chips. SLAP and FLOP are similar to those found in Intel and AMD chips, where the contents of other memory are unrelated to the current process. An Apple spokesperson thanked the researchers and said they don’t believe the issues pose an immediate risk to users in an email to Ars Technica. LINK, SITE
- Details of three vulnerabilities in the Voyager package used to manage Laravel PHP applications have been published after researchers did not receive a response from the developers for 90 days. LINK
🧑💻 End user and consumer:
- Microsoft will automatically begin rolling out a new impersonation protection feature this month for Teams organisations that allow external chat messages. Users who receive suspicious messages that may be trying to spoof other parties will see a ‘high-risk accept/block screen’ before receiving chat messages. If you’re an M365 house, you may want to check out what this looks like and let your users know. LINK
- BitWarden is adding an email message check step to password manager accounts that do not have multi-factor authentication enabled. The step provides some additional protection by requiring active access to an account’s email address, as well as knowing their username and password. LINK
🛠️ Security engineering:
- North Korean threat actors have been cloning open source projects and publishing spoofed versions that include backdoors to steal credentials, according to SecurityScorecard. The packages include Codementor, CoinProperty, Web3 E-Store, and other packages, including a password manager, authentication packages, and other cryptocurrency/web3 libraries. LINK
🧿 Privacy:
- A new report from advocacy group EPIC says that almost half of US State privacy laws fail to protect individuals’ data. California scored a B+, New Jersey, Oregon, and Delaware got flavours of C-grade, Connecticut, New Hampshire, and Montana D’s, and Texas, Indiana, Virginia, Utah, Tennessee, and Iowa all received an F-grade. LINK, PDF
- MGM Resorts will pay $45 million to settle 14 class action lawsuits against the entertainment company in the wake of a July 2019 data breach and September 2023 ransomware incident. The payouts will be in three tiers, dependent on the type of information breached, from $75 to $20 per person. Those with documented losses can claim up to $15,000. LINK
📜 Policy & Regulation:
- A bipartisan bill aimed at addressing the security risks of poorly secured small office and home office routers and other access points was introduced in the US Senate this week, dubbed the Removing Our Unsecure Technologies to Ensure Reliability and Security, or ROUTERS Act. LINK
- The European Union has sanctioned three individuals believed to be part of Russia’s GRU military intelligence agency for their role in cyberattacks against the Estonian government. LINK
👮 Law Enforcement:
- A law enforcement operation, dubbed Operational Talent, led by German authorities and supported by Europol, has taken two prominent cybercrime forums, Cracked and Nulled, with a combined 10 million users. LINK
- US and Netherlands authorities have taken down a Pakistan-based cybercrime operation, Saim Raza. Operational Heart Blocker resulted in the seizure of 39 domains and servers and was in response to $3 million in victim losses caused by phishing kits sold by the cyber criminals. LINK
- Four men involved in selling Anom ‘secure phones’ that had secretly been backdoor by the FBI have pleaded guilty before trial. Aurangzeb Ayub, Shane Ngakuru, Seyyed Hossein Hosseini, and Alexander Dmintrienko LINK
💰 Investments, mergers and acquisitions:
- Tenable has announced the acquisition of Vulcan Cyber for $150 million. Both firms operate in the ‘exposure management’ space, so this is a consolidation play. LINK
- Searchlight Cyber has acquired Australian attack surface management firm Assetnote. LINK
- Clutch, an Israeli machine-to-machine identity security startup, has announced $20 million in funding. LINK
- Backline, a startup that claims to use AI agents to remediate vulnerabilities automatically, has announced a $9 million seed round led by StageOne Ventures. LINK
- Seraphic Security, building a secure enterprise browser, has announced $29 million Series A funding led by GreatPoint Ventures. LINK
And finally
- Cake and eat it: OpenAI is investigating if its outputs or technology were obtained by the Chinese AI company in an unauthorised manner, seemingly missing the irony that OpenAI stands accused of similar “unauthorised manner” from sites and potential violation of other company’s terms of service. LINK