Bluepurple Pulse: week ending July 16th
Discover more from Cyber Defence Analysis for Blue & Purple Teams
Bluepurple Pulse: week ending July 16th
Chinese actor #1 acquired Microsoft account (MSA) consumer signing key. Chinese actor #2 spotted and exploited a loophole in Microsoft Windows kernel driver singing - ye ha!
Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.
Operationally this week it has been about the fact that a Chinese APT managed to forge authentication tokens through acquired a Microsoft account (MSA) consumer signing key leading e-mail access (see reporting below). That and the rash of vulnerabilities in web based file sharing platforms continues and the fact a Chinese threat actor found a loophole in Microsoft Windows Kernel driver signing. Our thoughts are with MSRC this week..
In the high-level this week:
FACT SHEET: Biden-Harris Administration Publishes the National Cybersecurity Strategy Implementation Plan - The Department of State will publish an International Cyberspace and Digital Policy Strategy that incorporates bilateral and multilateral activities. State will also work to catalyze the development of staff knowledge and skills related to cyberspace and digital policy that can be used to establish and strengthen country and regional interagency cyber teams to facilitate coordination with partner nations.
ACD - The Sixth Year - UK's Active Cyber Defense report -
PDNS handled 0.55 trillion DNS queries, and blocked 11 billion DNS queries for 420,000 domains, corresponding to 2% of all queries
PDNS blocked over 5 million requests for domains associated with ransomware, a significant contribution to protecting UK organisations from this threat
the most blocked, attributable threats were Cobalt Strike, Flubot, CryptoStealer and SocGholish
NATO Vilnius Summit Communiqué - Today, we endorse a new concept to enhance the contribution of cyber defence to our overall deterrence and defence posture. It will further integrate NATO’s three cyber defence levels - political, military, and technical - ensuring civil-military cooperation at all times through peacetime, crisis, and conflict, as well as engagement with the private sector, as appropriate. Doing so will enhance our shared situational awareness.
NATO’s Next Decade - nine people’s perspective including - To prepare for various scenarios of an unstable, unpredictable, post-Putin Russia, NATO needs to encourage its members to shore up their defense capabilities, particularly the front-line Baltic states and Poland. This includes conventional military weapons and cyberdefense, but NATO members also need to anticipate a range of unconventional threats from a less stable Russia, such as weaponizing nuclear energy.
Japan’s National centre of Incident Reediness and Strategy for Cybersecurity published the output of their 36th meeting - their plan is at the highest level
Implementation of measures by each entity
Enhancement and enhancement of governmental support
Enhancement of international collaboration and cooperation.
It has become a challenge.
Responsible Behaviour in Cyberspace: Global narratives and practice -
Cyber Leak? Cybersecurity (Venture) Funding Falls 63% In Q2 - The numbers for the first half of the year are also a stark contrast to just one year ago. For the first six months this year, cyber startups raised only $4.3 billion, a drop of 60% from the $10.8 billion raised in the first half last year. It also is more than $2 billion less than the $6.4 billion raised in the second half of 2022.
Converse to this was 8 VCs explain why there’s good reason to be optimistic about cybersecurity
Orca Security suing Wiz for patent infringement in cloud security unicorn showdown - fight to the death now..
Swiss intelligence and communications agency Alp Services and specializes in what he describes as 'dark PR' : spreading negative information about a target - The country will initially sign a contract with Alp for four to six months, for 1.5 million euros. It will be extended afterwards; Mohammed bin Zayed gave at least 5.7 million euros to Alp Services in recent years for smear campaigns against prominent Muslims in Europe.
Virtual Assets: Targeted Update on Implementation of the FATF Standards on virtual assets (VA) and virtual asset service providers (VASPs) - The Financial Action Task Force (FATF)’s report finds that jurisdictions continue to struggle with fundamental requirements such as undertaking a risk assessment, enacting legislation to regulate VASPs, and conducting a supervisory inspection.
Army designates Quantum Information Science Research Center - Fatemi said DEVCOM ARL significant accomplishments include:
The world’s first quantum sensor for receiving radio-frequency communications signals, which has received substantial attention across the services, industry and academia
Programs to develop a Low-Cost Chip Scale Atomic Clock for battlefield timekeeping
Critical Infrastructure and the Cloud: Policy for Emerging Risk - From a policy perspective, one of the most challenging aspects of attempting to understand the cloud’s role in CI is a lack of consistent visibility into the exact nature and depth of cloud adoption by individual organizations.
Tough financial targets hindering cybersecurity efforts in Hong Kong - 48 per cent of IT security decision-makers at Hong Kong firms said overstretched financial targets were a reason for cybersecurity mistrust
Tracy Resident Charged With Computer Attack On Discovery Bay Water Treatment Facility - in January of 2021, after Gallo had resigned from Company A, he allegedly accessed the facility’s computer system remotely and transmitted a command to uninstall software that was the main hub of the facility’s computer network and that protected the entire water treatment system, including water pressure, filtration, and chemical levels.
Teen hacked Uber, Revolut and Grand Theft Auto maker, London court hears - Prosecutor Kevin Barry told jurors at London's Southwark Crown Court last week that the 17-year-old hacked City of London Police's cloud storage weeks after the force arrested him in connection with the attack on BT and EE.
Former Security Engineer For International Technology Company Arrested For Defrauding Decentralized Cryptocurrency Exchange - announced the unsealing of an Indictment charging SHAKEEB AHMED with wire fraud and money laundering in connection with his attack on a decentralized cryptocurrency exchange (the “Crypto Exchange”).
The cyber provisions to watch in the big defense bill - The amendments include proposals to:
Authorize more collaboration on cybersecurity with several Middle Eastern countries.
Direct a cyber agency to conduct a thorough study of the landmark SolarWinds hack.
And order a Department of Homeland Security threat assessment on cyber harassment by terrorists and other foreign threats.
A short reflection this week is that as with digital transformation before it we are likely going to need to have similar programmes to embed ML/AI in organisations and help manage the transition. The number of conversations which begin with resistance on the topic appear material, the revolution is clearly coming so landing it is going to take some finessing. Beyond that I’ve spent the majority of the week in meetings, projects or helping team members. But I’m listening to Start with WHY at the moment, so you might get some Simon Sinek inspired prose next week.
On the interesting job/role front (thanks to those sending me these):
Threat Intelligence Engineer. III at Amazon in Seattle
Senior Security Analyst at the Organised Crime and Reporting Project Remote or in the Amsterdam/Sarajevo offices.
Technical Director, Cybersecurity for World Vision in Asia & Pacific
Technical Director, Cybersecurity for World Vision in Southern Africa
Technical Director, Cybersecurity for World Vision in West Africa
Technical Director, Cybersecurity for World Vision in East Africa
Technical Director, Cybersecurity for World Vision in North & Latin America
Technical Director, Cybersecurity for World Vision in Middle East / Europe
Senior Security Software Development Engineer for Compiler at NVIDIA in Santa Clara, Austin, Seattle or Redmond - they also have other interesting compiler jobs going.
Enjoying this? don’t get via e-mail? Subscribe:
Think someone else would benefit? Share:
Have a lovely Thursday
Ollie
Cyber threat intelligence
Who is doing what to whom and how.
Russia
The GRU's Disruptive Playbook
Dan Black and Gabby Roncone provide an analysis and distillation of Russian approaches to cyber disruption. Many a paper will be written on this playbook and many a vendor will use it in their marketing.
Since last February's invasion, [we have] tracked Russian military intelligence (GRU) disruptive operations against Ukraine adhering to a standard five-phase playbook.
[We] assesse with moderate confidence that this standard concept of operations represents a deliberate effort to increase the speed, scale, and intensity at which the GRU can conduct offensive cyber operations, while minimizing the odds of detection.
The tactical and strategic benefits the playbook affords are likely tailored for a fast-paced and highly contested operating environment. We judge this operational approach may be mirrored in future crises and conflict scenarios where requirements to support high volumes of disruptive cyber operations are present.
https://www.mandiant.com/resources/blog/gru-disruptive-playbook
RomCom Threat Actor Suspected of Targeting Ukraine's NATO Membership Talks at the NATO Summit
They collected “the full set of cyber weapons” - yes, really.
[We] found two malicious documents submitted from an IP address in Hungary, sent as lures to an organization supporting Ukraine abroad, and a document targeting upcoming NATO Summit guests who may also be providing support to Ukraine.
Our analysis based on the tactics, techniques, and procedures (TTPs), code similarity, and threat actor network infrastructure leads us to conclude that the threat actor known as RomCom is likely behind this operation.
Based on our internal telemetry, network data analysis, and the full set of cyber weapons we collected, we believe the threat actor behind this campaign ran their first drills on June 22, and also a few days before the command-and-control (C2) mentioned in this report was registered and went live.
https://blogs.blackberry.com/en/2023/07/romcom-targets-ukraine-nato-membership-talks-at-nato-summit
Storm-0978 attacks reveal financial and espionage motives
More Russian phishing, nothing to note other than it looks like the criminal eco-system continues to be mobilised.
[We have] identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a remote code execution vulnerability exploited before disclosure to Microsoft via Word documents, using lures related to the Ukrainian World Congress.
Cyberattack on the State Statistics of Ukraine: the enemy reports another non-existent «victory»
The information war continues and a lesson in why Facebook passwords are indeed important in national security.
So-called russian hacktivists, associated with the main department of the general staff of the armed forces of the russian federation (formerly known as the main intelligence office), keep waging complex attacks against Ukraine by combining cyberattacks and PsyOps.
A message was posted today on the official Facebook page of the State Statistics Service of Ukraine about a cyberattack that ostensibly disabled statistics delivery to Ukrainian public authorities, «complicated assistance to revenue authorities» and resulted in «suspended submission of statistics related to economy, population, employment and labor migration to the AFU General Staff».
The message instantly appeared in the Telegram channel of a russian «hacking group». This channel had been repeatedly used as a disinformation campaign platform by russian intelligence agencies.
UAC-0057 Targeted Cyber Attack Against Government Agencies Using PicassoLoader/njRAT
More phishing, included for completeness - tradecraft is 🥱
CERT-UA discovered XLS documents "PerekazF173_04072023.xls" and "Rahunok_05072023.xls" containing both a legitimate macro and a macro that will decode, persist and launch the PicassoLoader malware .
At the time of research, PicassoLoader provided download, decryption (AES) and execution of the njRAT malware.
The activity is carried out by the group UAC-0057.
We would like to inform you that "GhostWriter" is the name of the information operation carried out by the group UNC1151 (UAC-0057),
https://cert.gov.ua/article/5098518
North Korea
Lots of tactical reporting omitted this week as again there was so much. Can be found on the subreddit.
DangerousPassword attacks targeting developers' Windows, macOS, and Linux environments
Japanese reporting on North Korean Linux capability used in the crypto asset theft campaigns. Some useful indicators of compromise to build off of here.
JPCERT/CC is developing a crypto asset exchange service provider that is believed to be related to the targeted attack group DangerousPassword [1][2] (also known as CryptoMimic or SnatchCrypto), which has been conducting attacks continuously since June 2019. At the end of May, we confirmed an attack targeting The attack targets Windows, macOS, and Linux environments with Python or Node.js installed on the machine.
China
Mitigation for China-Based Threat Actor Activity
The reporting related to the operational update I included at the top. This is what cloud aware APTs look like.
On June 16, 2023, based on customer reported information, Microsoft began an investigation into anomalous mail activity. Over the next few weeks, our investigation revealed that beginning on May 15, 2023, Storm-0558 gained access to email data from approximately 25 organizations, and a small number of related consumer accounts of individuals likely associated with these organizations. They did this by using forged authentication tokens to access user email using an acquired Microsoft account (MSA) consumer signing key.
https://blogs.microsoft.com/on-the-issues/2023/07/11/mitigation-china-based-threat-actor/
Undocumented driver-based browser hijacker RedDriver targets Chinese speakers and internet cafes
The blows keep on coming. This uses a novel technique which we cover in the offensive tradecraft section later on. Evidences well developed research capabilities and platform understanding on behalf of the threat actor.
[We] identified multiple versions of an undocumented malicious driver named “RedDriver,” a driver-based browser hijacker that uses the Windows Filtering Platform (WFP) to intercept browser traffic. RedDriver has been active since at least 2021.
RedDriver utilizes HookSignTool to forge its signature timestamp to bypass Windows driver-signing policies.
Code from multiple open-source tools has been used in the development of RedDriver's infection chain, including HP-Socket and a custom implementation of ReflectiveLoader.
The authors of RedDriver appear to be skilled in driver development and have deep knowledge of the Windows operating system.
This threat appears to target native Chinese speaker
https://blog.talosintelligence.com/undocumented-reddriver/
Hunting for A New Stealthy Universal Rootkit Loader
Mahmoud Zohdy, Sherif Magdy and Mohamed Fahmy provide further reporting on the same threat as the above.
In one of our recent threat hunting investigations, we came across an interesting new threat activity cluster that we initially thought was a false positive detection for a Microsoft signed file. However, this turned out to be a novel piece of a signed rootkit that communicates with a large command-and-control (C&C) infrastructure for an unknown threat actor that we are currently tracking and that we believe that is the same threat actor behind the rootkit FiveSys. This malicious actor originates from China and their main victims are the gaming sector in China. Their malware seems to have passed through the Windows Hardware Quality Labs (WHQL) process for getting a valid signature. We reported our findings to Microsoft's Security Response Center (MSRC) in June 2023.
Analysis of the Rekoobe Backdoor Being Used In Attacks Against Linux Systems in Korea
Linux backdoor from China which sits at the lower end of the capability spectrum.
Rekoobe is a backdoor known to be used by APT31, a threat group based in China.
Rekoobe is a backdoor that can receive commands from a C&C server to perform various features such as downloading malicious files, stealing internal files from a system, and executing reverse shell. While it may appear simple in structure, it employs encryption to evade network packet detection and can perform a variety of malicious behaviors through commands from the threat actor.
Being based on an open-source code, Rekoobe can be used by other threat actors aside from the already identified Chinese threat group APT31. It continues to be used in attacks targeting Linux servers, and cases of attacks against Korean systems are still being observed as well.
https://asec.ahnlab.com/en/55229/
Iran
Nothing this week
The Spies Who Loved You: Infected USB Drives to Steal Secrets
Rommel Joven and Ng Choon Kiat provide a summary of two distinct threat actors who are actively using USB outside of the criminal nexus. If you thought USB as a means of initial access and/or exfiltration was dead you were wrong.
SOGU Malware Infection via USB Flash Drives Across Industries and Geographies
This is the most prevalent USB-based cyber espionage attack using USB flash drives and one of the most aggressive cyber espionage campaigns targeting both public and private sector organizations globally across industry verticals. It uses USB flash drives to load the SOGU malware to steal sensitive information from a host.
[We] attribute this campaign to TEMP.Hex, a China-linked cyber espionage actor. TEMP.Hex likely conducted these attacks to collect information in support of Chinese national security and economic interests. These operations pose a risk to a variety of industries, including construction and engineering, business services, government, health, transportation, and retail in Europe, Asia, and the United States.
SNOWYDRIVE Malware Infection via USB Flash Drives, Targets Oil and Gas Organizations in Asia
This campaign uses USB flash drives to deliver the SNOWYDRIVE malware. Once SNOWYDRIVE is loaded, it creates a backdoor on the host system, giving attackers the ability to remotely issue system commands. It also spreads to other USB flash drives and propagates throughout the network.
[We] attribute this campaign to UNC4698, a threat actor that has targeted oil and gas organizations in Asia. Once the actor has gained access to the system, they execute arbitrary payloads using the Windows Command Prompt, use removable media devices, create local staging directories, and modify the Windows registry.
https://www.mandiant.com/resources/blog/infected-usb-steal-secrets
What’s up with Emotet?
Jakub Kaloč gives us a summary that concludes we don’t need to worry at the moment about this criminal threat actor.
Emotet launched multiple spam campaigns since it re-appeared after its takedown.
Since then, Mealybug created multiple new modules and multiple times updated and improved all existing modules.
Emotet operators subsequently have put a lot of effort into avoiding monitoring and tracking of the botnet since it came back.
Currently Emotet is silent and inactive, most probably due to failing to find an effective, new attack vector.
https://www.welivesecurity.com/2023/07/06/whats-up-with-emotet/
Discovery
How we find and understand the latent compromises within our environments.
HTTP Headers Hashing (HHHash) or improving correlation of crawled content
Alexandre Dulaunoy provides a nice little technique which will have some value in clustering threat actor infrastructure in some cases I suspect.
When developing open-source tools like the AIL project, it is common to encounter overwhelming crawling results that pose challenges for analysis. To address this issue, the use of pivotal or correlation hashes becomes crucial as they enable automatic grouping of content for further examination by human analysts.
HHHash, which facilitates the hashing of similar returned HTTP headers. This approach holds great potential in improving the analysis of crawling results within the context of the AIL project or any CTI processes involving content crawling.
https://www.foo.be/2023/07/HTTP-Headers-Hashing_HHHash
Enhanced Monitoring to Detect APT Activity Targeting Outlook Online
Advice from CISA (US Government) on how to detect activity similar to that use by the Chinese threat actor.
In Mid-June 2023, an FCEB agency observed MailItemsAccessed events with an unexpected ClientAppID and AppID in M365 Audit Logs. The MailItemsAccessed event is generated when licensed users access items in Exchange Online mailboxes using any connectivity protocol from any client. The FCEB agency deemed this activity suspicious because the observed AppId did not normally access mailbox items in their environment.
The agency reported the activity to Microsoft and CISA. Microsoft determined that APT actors accessed and exfiltrated unclassified Exchange Online Outlook data from a small number of accounts. The APT actors used a Microsoft account (MSA) consumer key to forge tokens to impersonate consumer and enterprise users. Microsoft remediated the issue by first blocking tokens issued with the acquired key and then replacing the key to prevent continued misuse
https://www.ic3.gov/Media/News/2023/230712.pdf
Defence
How we proactively defend our environments.
KB5029033: Notice of additions to the Windows Driver.STL revocation list
Microsoft responding to some certificates being misused as we have discussed above. They are really sparse in the details here..
The Windows Driver.STL file is part of the Windows Code Integrity feature. The file contains digital signatures and lists of drivers that Microsoft has revoked. This stops malware from running in the Windows boot and Windows kernel processes. Driver.STL ships along with Windows but is not a part of Windows. It cannot be turned off, tampered with, or removed from the system. Microsoft updates the contents of the revocation file. The updates are sent to Windows systems and users from Windows Update.
Shortening the Let's Encrypt Chain of Trust
On September 30th, 2024, Let’s Encrypt cross-sign will expire which will impact older Android devices i.e. 7.0 and earlier or about ~7% of Android devices in use!
If you use Android 7.0 or earlier, you may need to take action to ensure you can still access websites secured by Let’s Encrypt certificates. We recommend installing and using Firefox Mobile, which uses its own trust store instead of the Android OS trust store, and therefore trusts ISRG Root X1.
https://letsencrypt.org/2023/07/10/cross-sign-expiration.html
Vulnerability
Our attack surface.
SonicWall GMS/Analytics Impacted by suite of vulnerabilities
A reason to patch.
Predictable Password Reset Key
Web Service Authentication Bypass
Post-Authenticated Arbitrary File Read via Backup File Directory Traversal
Post-Authenticated Arbitrary File Upload
Post-Authenticated Command Injection
Hardcoded Tomcat Credentials (Privilege Escalation)
Post-Authenticated Arbitrary File Write via Web Service (Zip Slip)
Use of Outdated Cryptographic Algorithm with Hardcoded Key
Unauthenticated Sensitive Information Leak
Client-Side Hashing Function Allows Pass-the-Hash
Multiple Unauthenticated SQL Injection Issues & Security Filter Bypass
Password Hash Read via Web Service
Post Authenticated Arbitrary File Read via Web Service
Unauthenticated File Upload
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010
CVE-2023-24489: Citrix ShareFile StorageZones Controller Security Update
After MOVEit etc.
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller.
Offense
Attack capability, techniques and trade-craft.
Old certificate, new signature: Open-source tools forge signature timestamps on Windows drivers
This is the technique used by the Chinese threat actor which showed they understood how Windows works.
{We] observed threat actors taking advantage of a Windows policy loophole that allows the signing and loading of cross-signed kernel mode drivers with signature timestamp prior to July 29, 2015.
Actors are leveraging multiple open-source tools that alter the signing date of kernel mode drivers to load malicious and unverified drivers signed with expired certificates.
We have observed over a dozen code signing certificates with keys and passwords contained in a PFX file hosted on GitHub used in conjunction with these open source tools.
The majority of drivers we identified that contained a language code in their metadata have the Simplified Chinese language code, suggesting the actors using these tools are frequently used by native Chinese speakers.
Cisco Talos has further identified an instance of one of these open-source tools being used to re-sign cracked drivers to bypass digital rights management (DRM).
We have released a second blog post alongside this one demonstrating real-world abuse of this loophole by an undocumented malicious driver named RedDriver.
https://blog.talosintelligence.com/old-certificate-new-signature/
Performance, Diagnostics, and WMI
Steven F details a technique which will be used by Red Teams, Iran and criminal threat actors alike.
Performance Monitor offers some interesting ways for attackers to extend their lateral movement or persistence opportunities by hijacking a service’s performance DLL. With this, we gain a novel WMI lateral movement primitive and I do believe there is a lot more to be explored here. Both V2 providers were not looked at in depth and has potential for further discoveries.
https://specterops.io/blog/2023/07/11/performance-diagnostics-and-wmi/
Exploitation
What is being exploited.
Rockwell Automation Select Communication Modules
Rockwell have behind a login flow the remainder of their article. But we have APT exploiting Industrial Control Systems (ICS) for real. This is a not a drill..
Rockwell Automation, in coordination with the U.S. government, has analyzed a novel exploit capability attributed to Advance Persistent Threat (APT) actors affecting select communication modules
https://www.cisa.gov/news-events/ics-advisories/icsa-23-193-01
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010
Tooling and Techniques
Low level tooling and techniques for attack and defence researchers…
BOF Development Docker
I suspect / have a theory the use of musl might create a detection opportunity for all the BOFs produced.
This repository serves as a fully functional, lightweight template for developing and compiling
BOFor otherwiseWindows-centric applications viaVisual Studio Code.I'm currently using
muslas the set of header files/libraries/compiler options. This plays a lot nicer with the numerous hacks of function pointers leveraged within many popular projects, to include reflective loaders of choice.
https://github.com/EspressoCake/BOF_Development_Docker
Footnotes
Some other small (and not so small) bits and bobs which might be of interest.
Aggregate reporting
2023 Crypto Crime Mid-year Update: Crime Down 65% Overall BUT ransomware attackers are on pace for their second-biggest year ever, having extorted at least $449.1 million through June.
Report on the recent high activity of South Asian APT organizations in China - a large number of related attacks suspected of being organized by APT organizations in South Asia and India. Active organizations include CNC, BITTER (Man Linghua), Patchwork (White Elephant) , Conficius ( Moro Tree), SideWinder (rattlesnake), Donot (belly worm), etc. Among them, CNC, BITTER, and Patchwork organized activities particularly frequently and rampantly, launching multiple attacks on multiple industries in my country.
Cyber-threat intelligence for security decision-making: A review and research agenda for practice - A key contribution in this paper is the range of questions exploring the broad aspects of practice at both the macro-level, focusing on the examination of CTI programs in organizations with different strategic risks, and the micro-level, exploring the distinctions between practice, praxis, and practitioners as well as the role of artefacts, objects, and information systems that support CTI practice and the spaces and the role of practitioners and non-practitioners.
Preliminary study on the technical and legal aspects relating to the desirability of a standard-setting instrument on the ethics of neurotechnology - Neurotechnology refers to devices and procedures used to access, monitor, investigate, assess, manipulate, and/or emulate the structure and function of the neural systems of animals or humans.
Why cyberoffense will never be regulated - Despite strong public statements that they want "a safer internet for everyone", many states appear to be double-dealing in the cyber-space and engage in the very activities they discourage. In order to convince decision-makers to genuinely discuss acceptable behavior in the cyberspace, we need to give up on moral arguments and focus on pragmatic reasons to favor defense. But the incentives towards offense may just be too strong.
Machine Learning and Artificial Intelligence
PoisonGPT: How we hid a lobotomized LLM on Hugging Face to spread fake news - We will show in this article how one can surgically modify an open-source model, GPT-J-6B, and upload it to Hugging Face to make it spread misinformation while being undetected by standard benchmarks.
Frontier AI Regulation: Managing Emerging Risks to Public Safety - We consider several options to this end, including granting enforcement powers to supervisory authorities and licensure regimes for frontier AI models. Finally, we propose an initial set of safety standards. These include conducting pre-deployment risk assessments; external scrutiny of model behavior; using risk assessments to inform deployment decisions; and monitoring and responding to new information about model capabilities and uses post-deployment.
The Whole Truth and Nothing But the Truth: Faithful and Controllable Dialogue Response Generation with Dataflow Transduction and Constrained Decoding - The first component of this architecture is a rule-based content selection model defined using a new formal framework called dataflow transduction, which uses declarative rules to transduce a dialogue agent's actions and their results (represented as dataflow graphs) into context-free grammars representing the space of contextually acceptable responses. The second component is a constrained decoding procedure that uses these grammars to constrain the output of a neural language model, which selects fluent utterances. Our experiments show that this system outperforms both rule-based and learned approaches in human evaluations of fluency, relevance, and truthfulness.
On the Planning Abilities of Large Language Models -- A Critical Investigation - Our findings reveal that LLMs' ability to generate executable plans autonomously is rather limited, with the best model (GPT-4) having an average success rate of ~12% across the domains - world domination is a little way off then.
Events etc.
Cyber Defence Review call for papers
JSAC2024 – Tokyo, January 25-26, 2024
This newsletter is produced by BinaryFirefly, it is via BinaryFirefly I support a hand picked set of organisations across investment, strategy and capability in the domain of cyber.
For sponsorship enquiries regarding Bluepurple or anything else contact hello@binaryfirefly.com.
