AI may be good at finding security vulnerabilities, but it can't beat human stupidity

KETTLE AI commands all the headlines nowadays, but the biggest security story of the week is all about human laziness and poor password habits – just like the good old days. 

This week on the Kettle, host Brandon Vigliarolo is joined by US editor Avram Piltch and security editor Jessica Lyons to talk about the Klue breach, which was blamed on a "compromised legacy credential" that ought to have been deleted a while ago. The hole allowed cybercriminals to access the SalesForce environments of hundreds of companies, say researchers. The incident has caused trouble for security firm Huntress, which admitted to the breach early on, and the situation over there wasn't caused by AI either.

Brandon (00:01)

Welcome to the latest episode of The Register's Kettle Podcast. I'm your host, Brandon Vigliarolo, and this week we have some rather interesting security stories to talk about concerning yet another Salesforce data breach affecting a whole bunch of companies, the new extortion gang behind them, and the trouble the whole thing has spelled for one of the first companies to point the whole thing out. This week I'm joined by US editor Avram Pilch and security editor Jessica Lyons to talk about this whole mess and more. Welcome to you both.

Jessica Lyons (00:29)

Good to be here.

Avram Piltch (00:30)

Hey.

Brandon (00:30)

Jess, let's start with that Salesforce supply chain attack that you wrote about this week. I understand there was a market intelligence connector of some sort that was behind the incident, right?

Jessica Lyons (00:41)

Right. So there's this company named Klue, and they provide market intelligence to more than 250,000 users worldwide. And they integrate with Salesforce. And so apparently what happened, on around June 11th, somebody used compromised legacy credentials linked to the Salesforce integration, and then by that they were able to obtain OAuth tokens and then were able to access customers' Salesforce data, Klue customers' Salesforce data from that.

Brandon (01:21)

Okay, was it data that Klue had on their customers in their Salesforce environment, or they pivoted to the customers' environments as well?

Jessica Lyons (01:29)

It was through the integration with the Salesforce databases.

Brandon (01:34)

That's not great. A lot of companies were exposed, and a lot of them in your article you mentioned were security companies. Is that right?

Jessica Lyons (01:42)

There were a ton of security ones, and then LastPass, this huge password manager. We don't know how many; Klue didn't say. Huntress, which is one of the security companies who was involved in this and who came out on the forefront and said, "Yeah, we were one of the compromised organizations," said it was hundreds. And out of 250,000 users, it could be pretty comprehensive.

Avram Piltch (02:12)

Do you think this makes Huntress look good?

Jessica Lyons (02:17)

I think it was admirable that they came out, especially as a security company, and said "we were one of the companies who were victimized." I think that's how any company should respond if they're among the companies affected. Especially if you're a security firm, you have an obligation to be transparent and tell your customers what happened.

Brandon (02:43)

Legally, in the United States at least, if you've got a breach, you've got to report these things to the government. There's all kinds of cybersecurity reporting standards in place. They are contradictory and overlapping sometimes, but they're there. What kind of data was exposed, Jess?

Jessica Lyons (02:57)

It was basically CRM data. It wasn't any of the companies' internal IP or anything like that. It was CRM data for pretty much every single company involved across the board. The cybercrime group behind this hack did leak the Huntress data a few days later.

And we've heard that they're actually deleting the stolen data from LastPass. That's what LastPass is saying. We don't know if this data is actually not going to exist anymore or if they're just handing it off for other attacks or to other organizations. But it involves CRM data.

Brandon (03:49)

CRM data then, customer data, from the affected companies too. I'm assuming no financial information was exposed?

Jessica Lyons (03:52)

No, no financial information.

Avram Piltch (04:02)

So relatively not that bad for Huntress's reputation when you think about it.

Jessica Lyons (04:08)

They specifically said it's our business contacts, price quotes, and other sales related data and messaging. They said no threat data, passwords, payment card information, or engineering data related to Huntress Agent or telemetry are affected. That's pretty standard across the board. The companies who did get more specific in their disclosures about what was taken basically lost business data, leads, and contacts.

Brandon (04:46)

For LastPass, was it just CRM records or were consumers of their password managers affected too?

Jessica Lyons (04:55)

LastPass customers' data was affected. It was some sale-related data, but also the intruders took customers' names, phone numbers, email addresses, and physical addresses, plus some case support data and then also sales-related data.

Brandon (05:13)

Right. If you're a LastPass customer, you might want to go in and reset that Master Vault password now.

Jessica Lyons (05:18)

Big yes, yes, definitely.

Brandon (05:22)

This didn't involve Shiny Hunters, who've been the de facto kings of Salesforce attacks recently. They weren't involved, right?

Jessica Lyons (05:29)

Right. No, they weren't involved in that. I think it was what everybody assumed is that you've got Salesforce and you've got OAuth tokens and that just screams Shiny Hunters. They weren't involved. It was a new group called Icarus. They're a new data theft and extortion crew, and they're modeled in the same mold here as Shiny Hunters and Scattered Spider.

I was wondering though, is this just a front? According to Shiny Hunters, no, they were not involved. They told me that they were kind of bummed (laughs) that this other group was able to do this. And if it had been them, they would have definitely publicized the fact that it was Shiny Hunters who did this. 

Brandon (06:15)

Yeah, they're not exactly publicity shy. So … I I love the fact that we've got an inside line to them too, that you can be like, "Hey, was this you guys in any way?" And they're like, "No, no, we wish it was."

Jessica Lyons (06:26)

I think the actual response was, "We wish."

Brandon (06:29)

Not much is known about Icarus. I think you mentioned a couple of different countries that their IPs might have been linked to, but those very well could have been Tor or VPN exit nodes. We don't even know where they're located.

Jessica Lyons (06:43)

No, we don't know much about them. Their leak site has been active since late April. We've seen different IP addresses in Europe, but we don't know much about this group at all.

Brandon (06:53)

These groups change and move so rapidly. Who knows who they are? Are they ransoming this data? Do we know?

Jessica Lyons (07:08)

Yes, they were ransoming and then leaking some of the data outright.

Brandon (07:20)

Okay, that's standard MO for a lot of these groups. Speaking of Huntress's early identification of this, that opened up a bit of a Pandora's box for them. Because they had a jilted ex-employee who wasn't thrilled with the response, which you also wrote about. What happened there?

Jessica Lyons (07:22)

Right. So after Huntress came out and and they said Huntress believes in radical transparency about security incidents, including when it affects our company. That was about the Klue breach. They said that in their blog. A former security operations analyst posted their response on his LinkedIn page along with a Pinocchio GIF. And that just kind of started this whole mess.

He says that he was threatened by the company with legal action. He made it very clear this has nothing to do with the Klue incident. He says this stems from an earlier incident that he found out about in December, and because of that incident, he resigned from the company. What he's alleging, and again this is all allegations at this point, is that another Huntress employee who still works for the company passed communications from US law enforcement to a cyber criminal.

Now this alleged cyber criminal, according to the ex-employee, is actively targeting his family and him. He says that he can no longer work at Huntress because of this. He says in the next few weeks he's going to provide more proof, including communications and phone calls about what happened here.

He says also that this alleged insider was caught by the FBI. I don't know if that means arrested, I don't know if that means questioned, but still continues to work at Huntress.

Brandon (09:30)

I'm assuming there's no DoJ notice of anything that ties to an arrest of someone who could be involved. 

Jessica Lyons (09:37)

Not at Huntress. No. Not at Huntress.

Brandon (09:40)

What has Huntress had to say about this whole thing?

Jessica Lyons (09:42)

The CEO responded to me and also responded on a Reddit post. He acknowledges the concerns raised by this former employee. He said that because of our work as researchers, sometimes we need to communicate with possible cyber criminals to gather intel that supports our partners and customers. He says that he appreciates the former employee's concerns and will continue to investigate the instance.

He said a little bit more directly on Reddit that he doesn't understand and he firmly disagrees with these accusations and the insider narrative. Another thing that the former employee also brought up that Huntress is prioritizing an IPO over the safety of its partners, customers, and team members. He said that "sure AF" isn't the case.

He's made it very clear that the company disagrees with all of these accusations and they're continuing to work with law enforcement. He said some of this involves legal proceedings, so they can't be completely public about everything. It sounds like a continuing story that we're going to learn more about in the weeks ahead.

Brandon (11:15)

If this ex-employee has documents to prove his allegations, that's pretty serious. Obviously, yes, you do have to interact with some of the people that you're defending against at a security firm, but passing law enforcement communications to them – I don't see a very good reason for that.

Jessica Lyons (11:22)

Right.

Avram Piltch (11:36)

Could this be a misunderstanding about what the employee was doing?

Jessica Lyons (11:44)

It potentially could, but if he has these communications between law enforcement and the Huntress employee, I don't know how that could be a misunderstanding. It's one thing to talk with cyber criminals, but it's another thing to be passing them information about legal proceedings....

Brandon (12:09)

Yeah, or potential operations.

We'll see what comes of that. It's going to be interesting to follow that thread. These two stories aside, it seems like we've got a really busy cybersecurity summer so far, even though it is usually a lull. Jess, you were talking about that with one of your sources, right?

Jessica Lyons (12:13)

Right. Normally everything slows down in the summer, and I was talking to a source and they said they're already calling it the "summer of hell." For the security folks out there, that's pretty accurate. I think a lot of that has to do with AI, to be perfectly honest.

Brandon (12:48)

Right. Squidbleed, which you wrote about recently, was a Mythos-discovered vulnerability discovered that was old and potentially serious.

Jessica Lyons (12:51)

Definitely. It's been around since 1997. It was discovered by Mythos, but it was also discovered even before then by IL Security, a European startup. They have their own model that they said found this before Mythos did. You've got this 29-year-old vulnerability, it's existed since 1997. It's in Squid, which is an open source web proxy server.

It's a parsing bug and it essentially allows users to access the proxy's active memory. There are a couple key points: it's only unencrypted traffic, so it's cleartext HTTP, and it also requires that Squid has the file transfer protocol, FTP server gateway features turned on.

So you have to be using this older vintage technology and protocols. FTP is pretty outdated at this point.

Brandon (14:07)

It's a vulnerability, but maybe not a serious one.

Jessica Lyons (14:11)

It's serious if these two conditions are met, because then it's going to expose your password, session tokens, and API keys.

Brandon (14:15)

Hopefully there are not too many environments where this is the case, but we know from writing about stories like this that every time you say this is a very rare case on old software, you can easily find examples.

Avram Piltch (14:33)

If you're still using FTP and HTTP on your servers, then you're letting yourself in for a big security problem. That probably isn't your only problem.

Brandon (14:39)

Yeah, you don't want to say asking for it, but yeah.

AI might be discovering these and other problems. We've seen multiple open source projects shut down bug reports because they're getting flooded with AI-discovered issues, some of which are completely legitimate. It feels like this is the summer of AI and cybersecurity convergence. The Trump administration is now haranguing OpenAI, just as much as they've been putting pressure on Anthropic not to go public with models that could be a threat.

It feels like a big moment for cybersecurity, and a lot of it's being driven by AI. What do you guys think about the current moment of this pairing?

Jessica Lyons (15:23)

It's a perfect storm because you have these models that are really good at finding vulnerabilities and developing exploits. That's leading to a bunch of internally, with security companies finding their own bugs and pushing out patches, so then all the sysadmins need to work extra hard. Plus open source, which is a huge issue here, you have all of these bug hunters looking for and finding all kinds of vulnerabilities on open source projects.

They push those to maintainers who a lot of times are volunteers themselves and they're not getting paid. There's maybe one of them for this huge project. They have this huge backlog of AI-enabled threat reports that they need to deal with. It's just coming at people from all ends here and yeah, a lot of that's because of the AI models.

Brandon (16:35)

Is NIST still backed up with the national vulnerability database? Last I heard they were some months behind. Not only that, but we've got a lot of big threats out there that might not be being made public because they're buried too. It's quite the mess.

So before we wrap up, I did wanna touch on, like you mentioned, Jess, and and we've seen this in a number of stories that Avram's written recently for the Pwned column. AI is creating a headache for a lot of people, but there's still a group of people that are stuck dealing with this and it's sysadmins, right? It's the security professional, it's the sysadmins, NShuman human problems can still be kind of the root of this. Avram, you wrote a number of stories in your Pwn column that it was it was like all these problems, these security problems come back to bad password hygiene, administrator laziness. I mean, what are some of the things you've kind of seen? 

Avram Piltch (17:35)

Hubris. There was a CEO that wanted to make sure that he could get in and change anybody in the company's email. We could talk about whether that's a good policy in the first place, but his method of doing it was to have an Excel file on his desktop with all of the usernames and passwords of all the employees so that if he sent out an email he shouldn't have, he could go into their inboxes and delete it.

But conversely that was a wonderful target for people outside the company to find all the names and passwords they needed, even though there's software out there that will allow an admin to go into an inbox anyway. This was completely unnecessary, but things like that are constantly happening. We had another incident where somebody hadn't deleted a former employee's username and password, perhaps their password was in a breach somewhere or somebody guessed it. But Greg from auditing hadn't worked there in like ten years, but somebody used his credentials to break into a city's water system and start trying to interfere with things having to do with the water supply.

The best AI in the world isn't needed to find these problems and couldn't be used to prevent them. The human element is still the biggest problem in security. Maybe when I have my agent talk to your agent, they will be much better behaved than when people get involved. But coming up in a future Pwned column, I talked to a red teamer who said he's basically able to break into almost any facility by acting like he belongs there.

Brandon (19:51)

That's a classic trick. It's the same thing I've said for a long time about security: you've got new tricks that come up, you've got new things like AI, but there's nothing new under the sun at the end of the day. The best way to gain access to a system isn't to swordfish your way in a la Huge Jackman, it's a con. It's lying, putting on a reflective vest, and having a clipboard. It's relying on password breaches and people being bad about their password hygiene. That's what happened with the Clue issue: an old password that was in a breach somewhere that someone used to get into the system. Nothing new under the sun.

Jessica Lyons (20:26)

Yeah, we see that all the time.

Brandon (20:34)

And it's probably going to keep being that way, and I bet we are probably going to be talking about it on the Kettle for months and years to come. Invariably, until AI fully takes over the computer world and we're all just sitting in our WALL-E couches being perpetually entertained by all these sentient machines. But until then, we will be here to talk about these things. Thanks for joining me, guys, and we will see you all again soon. ®