Bulletin — August 2024

August loads with Black Hat and DEF CON: five important research findings, two breaches of magnitude (National Public Data, Halliburton), the AI Act entering into force, and CVE-2024-38063 — the first wormable IPv6 RCE in Windows in years. Chronological walkthrough.

EU AI Act in force — 1 August

The Regulation (EU) 2024/1689 enters into force on 1 August, twenty days after its publication in the OJEU (12 July). Application is staged: Article 5 prohibitions at 6 months (February 2025), GPAI at 12 (August 2025), Annex III high-risk at 24 (August 2026), Annex I at 36 (August 2027).

Covered in detail in the technical post with an obligations-by-subject table and classification flowchart. What’s operational for a CISO/DPO starts now with inventory and triage against Article 5.

Official source: https://eur-lex.europa.eu/eli/reg/2024/1689/oj

PKfail — 813 models with “DO NOT TRUST” Platform Key in production

PKfail — 813 models with "DO NOT TRUST" Platform Key in production

25 July, full echo in August. Binarly publishes the result of auditing firmware on ~900 models from 10 vendors: Acer, Aopen, Dell, Formelife, Fujitsu, Gigabyte, HP, Intel, Lenovo and Supermicro. Hundreds carry as Platform Key an AMI test key with the literal subject DO NOT TRUST or DO NOT SHIP, whose private part has been on GitHub since 2018–2022.

CVE-2024-8105, VU#455367. The oldest affected firmware dates from May 2012; the most recent, June 2024 — 12 years of exposure.

Covered in an extra post with manual verification using efivar and a description of the exploitation chain.

Source: https://www.binarly.io/blog/pkfail-untrusted-platform-keys-undermine-secure-boot-on-uefi-ecosystem

Sitting Ducks DNS hijacking — Eclypsium and Infoblox

30 July, echo in August. Researchers from Eclypsium and Infoblox publish Sitting Ducks: a domain hijack technique abusing lame delegation configurations in DNS providers that don’t properly validate that the party claiming a domain is its owner. They estimate >1 million domains exploitable, 30,000+ already hijacked since 2019.

The bug isn’t in software, it’s operational: when a domain delegates NS to a provider where it has no active account (the hosting was bought and abandoned, the account expired), an attacker can claim that domain on the DNS provider and serve records for it. There’s no zero-day, just bad defaults.

What’s interesting: Russian actors have been exploiting this at low speed for years for spam, malware delivery and phishing infrastructure with historically “legitimate” domains. Krebs documents several cases.

Source: https://eclypsium.com/blog/ducks-now-sitting-dns-internet-infrastructure-insecurity/

National Public Data breach — 2.9B records

1 August: Christopher Hofmann files a class action in California against Jerico Pictures Inc, d/b/a National Public Data (NPD), for unsecured exfiltration of personal data. The number that circulates: 2.9 billion records with full name, current and historical addresses, SSN, date of birth and phone, for US, UK and Canada citizens.

The technical compromise traces back to an intrusion started in December 2023, with exfiltration between April and the following months. The dump starts appearing on forums like Breached via actor USDoD, first with a $3.5M price tag and eventually published in August. Troy Hunt analyses the set and confirms, after removing duplicates, that the operational number is lower than 2.9B — around 272 million unique SSNs. Still, the scale is one of the largest of the decade in terms of identity data.

NPD confirms the incident on 16 August via notification. 2 October the company files for Chapter 11. Fourteen class actions already filed.

Source: Troy Hunt analysis https://www.troyhunt.com/inside-the-3-billion-people-national-public-data-breach/

Black Hat USA 2024 — Windows Downdate (Alon Leviev, SafeBreach)

7 August. Alon Leviev (SafeBreach) presents Windows Downdate: two vulnerabilities (CVE-2024-38202 and CVE-2024-21302) that allow forcing a fully patched Windows to regress to earlier versions of specific kernel DLLs, reintroducing already-fixed bugs as operational zero-days.

The abuse is against Windows Update itself: an attacker with sufficient privileges manipulates the trusted installer flow so the system downgrades to a vulnerable version of ci.dll, ntoskrnl.exe or other core components, without invalidating the “fully patched” state in winver. The result: a system that looks up to date but runs code that already had an assigned and fixed CVE.

Microsoft acknowledges the report in February and assigns the CVEs in August, during Black Hat. Full mitigation takes months; in October Leviev publishes a follow-up on reactivating Virtualization-Based Security vulnerabilities.

Source: https://www.safebreach.com/blog/windows-downdate-attacks-quick-share-vulnerability-exploit-threat-coverage/

DEF CON 32 — AMD Sinkclose (CVE-2023-31315)

10 August. Enrique Nissim and Krzysztof Okupski (IOActive) present AMD Sinkclose: Universal Ring-2 Privilege Escalation. It’s a bug in SMM (System Management Mode) affecting AMD EPYC and Ryzen CPUs (all EPYC generations, Ryzen 3000/4000/5000/7000/8000, Threadripper and embedded) that allows escalation from Ring 0 (kernel) to Ring -2 (SMM).

The abuse: AMD’s TClose feature allows manipulating SMRAM via an ambiguous mapping. An attacker with already-compromised kernel modifies the SMM context before SMM_LOCK is applied, gaining persistent execution in SMM, invisible to the OS, hypervisors and EDR. Cleaning the bootkit requires physical access to the SPI chip and an external programmer.

AMD publishes an advisory on 9 August, CVE-2023-31315, CVSS 7.5. Mitigations on EPYC and Ryzen desktop. Ryzen 3000 initially without patch; AMD reverses the decision on 21 August and promises an update. Older embedded processors don’t get a fix.

Source: https://www.ioactive.com/event/def-con-talk-amd-sinkclose-universal-ring-2-privilege-escalation/

CVE-2024-38063 — TCP/IP IPv6 wormable RCE in Windows

13 August, Patch Tuesday. Microsoft publishes the patch for CVE-2024-38063, RCE in the Windows TCP/IP stack in IPv6 packet processing. CVSS 9.8, zero-click, wormable — a remote attacker sends a crafted IPv6 packet, the kernel parser of extension headers falls into an integer underflow, and code runs without user interaction, without authentication.

Affects Windows 10, Windows 11 and Windows Server from 2008 to 2022, on any system with IPv6 enabled — the default. Marcus Hutchins publishes technical analysis and PoC on his blog with detailed root cause and a controlled proof of concept. The immediate workaround for unpatchable systems: netsh interface ipv6 disable, at the cost of losing IPv6 connectivity.

Microsoft tags the bug as “Exploitation More Likely”. As far as we know at month close, there are no confirmed reports of mass in the wild exploitation — the exploit is operationally complex despite the CVSS. But the exploit exists; this one will be on the table for the next few months.

Source: https://malwaretech.com/2024/08/exploiting-CVE-2024-38063.html · NVD: https://nvd.nist.gov/vuln/detail/cve-2024-38063

Halliburton — RansomHub ransomware, $35M impact

21 August. Halliburton (oil services, revenue ~$23B) reports to the SEC unauthorised access to its systems. On 23 August it confirms via 8-K that data was exfiltrated. RansomHub claims it days later. Halliburton shuts down part of its IT infrastructure in response, with limited but measurable operational impact.

In the next quarterly report, CEO Jeff Miller quantifies: $35 million impact in lost or deferred revenue during the quarter. The exact scope of exfiltrated data remains under investigation at month close.

RansomHub is one of the most active RaaS operations of 2024 — formed with ex-BlackCat affiliates after Operation Cronos. CISA publishes a specific advisory on the group at month end.

Source: https://www.bleepingcomputer.com/news/security/halliburton-reports-35-million-loss-after-ransomware-attack/

DEF CON 32 AI Village — Generative Red Team 2, AIxCC semifinal

9–11 August. AI Village at DEF CON 32 with three main lines:

Generative Red Team 2: continuation of the public red-teaming exercise against commercial models. Focus this edition: disclosure mechanisms for model vulnerabilities. Lessons for AI safety frameworks of the main vendors.
AIxCC Semifinal (DARPA AI Cyber Challenge): almost 40 Cyber Reasoning Systems compete in finding and patching vulns in critical open-source projects. An AI-native version of the 2016 CGC.
CoSAI panel on Securing the Future of AI — coalition led by Google.

Source: https://aivillage.org/events/defcon32/

Rest of the month

ADT confirms a breach with 30,800 customer records (emails, addresses, products) published by netnsher on a hacking forum. No compromise of physical security systems or bank data.
Microsoft Patch Tuesday 13 Aug brings several additional zero-days beyond CVE-2024-38063: CVE-2024-38193 (AFD.sys, Lazarus), CVE-2024-38106 (Windows Kernel), CVE-2024-38107 (Power Dependency Coordinator).
CrowdStrike publishes the Root Cause Analysis of the 19 July incident: parser of Channel File 291 with template type expecting 21 fields when the binary delivers 20. Covered in the July bulletin.
Iran-linked APT42 active in influence operations against the US election campaign — Microsoft Threat Intelligence publishes a report.
Schlatter Industries (Swiss, industrial machinery) suffers a cyberattack with production interruption.
NotEnoughTime / TPM 2.0 discussion on X after research on persistent vulnerabilities in certain implementations.

Pattern of the month

August crystallises two things that had been on the horizon. One: firmware as an operational research area comes back strong after several years of foundational software in focus. PKfail and Sinkclose have the same structural shape — the low-level trust chain is worse than assumed, and the firmware/CPU supply chain has no systematic external audit. The attacker doesn’t need a zero-day when the public PK is “DO NOT TRUST”; doesn’t need an exploit when SMRAM leaves the door open to Ring -2.

Two: the AI Act enters into force with a calendar that will mark foundation model roadmaps in Europe through 2027. The question for the coming months isn’t whether the regulation applies (it applies, on specific dates), but which today-normalised practices in GPAI will have to change before August 2025. Documented adversarial testing and serious incident reporting are the two with the most operational impact.

September arrives with OpenAI o1 announced for the 12th, and the full weight of Salt Typhoon starting to break open. See you.