Security Vulnerabilities in Google’s Gemini Large Language Model (LLM)

Mar 15 2024

.bh__table, .bh__table_header, .bh__table_cell { border: 1px solid #C0C0C0; }
.bh__table_cell { padding: 5px; background-color: #FFFFFF; }
.bh__table_cell p { color: #2D2D2D; font-family: ‘Helvetica’,Arial,sans-serif !important; overflow-wrap: break-word; }
.bh__table_header { padding: 5px; background-color:#F1F1F1; }
.bh__table_header p { color: #2A2A2A; font-family:’Trebuchet MS’,’Lucida Grande’,Tahoma,sans-serif !important; overflow-wrap: break-word; }

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that thinks cybercriminals should be labelled an extremist group and denied all government funding in the UK ๐Ÿค“ #MichaelGove

Itโ€™s Friday, folks, which can only mean one thingโ€ฆ Itโ€™s time for our weekly segment!

It goes by many names. Patch of the Week, Tweak of the week. Okay, thatโ€™s it.

Congrats, the cybercriminals are no matchโ€ฆ for your patch! ๐Ÿฉน๐Ÿฉน๐Ÿฉน

Check out this freshly hatched patch ๐Ÿฃ

March Madness from Microsoft ๐Ÿคช

๐Ÿ”’ Microsoft's March Security Update: 61 Flaws Fixed! ๐Ÿš€

Microsoft's latest security update tackles 61 security flaws across its software, including two critical issues in Windows Hyper-V that could lead to denial-of-service (DoS) and remote code execution.

Out of these flaws, two are Critical, 58 are Important, and one is Low severity. While none are publicly known or actively attacked, six are marked with an "Exploitation More Likely" label. This update also includes fixes for 17 security flaws in the Chromium-based Edge browser.

Notable vulnerabilities addressed involve Azure Kubernetes Service, Windows Composite Image File System, and Authenticator. A privilege escalation bug in the Print Spooler component and a remote code execution flaw in Exchange Server are also patched.

The highest-rated vulnerability, CVE-2024-21334, concerns remote code execution in the Open Management Infrastructure. Despite fewer CVEs patched compared to previous years, cybersecurity experts advise remaining vigilant. ๐Ÿ›ก๏ธ๐Ÿ”

Now, on to todayโ€™s hottest cybersecurity stories:

  • ๐Ÿ’ป Googleโ€™s Gemini is vulnerable to LLM threats along with race baiting ๐Ÿ˜ฌ

  • ๐Ÿดโ€โ˜ ๏ธ PixPirates of the pancreas! Brazilian bankers watch out! Trojanย ๐ŸŽ

  • โš ๏ธ BEWARE: 4 ways hackers use social engineering to bypass MFA ๐Ÿ”‘

GeminAI ๐Ÿค–

๐Ÿšจ Security Vulnerabilities in Google's Gemini Large Language Model (LLM) ๐Ÿ”

HiddenLayer identified security vulnerabilities in Google's Gemini Large Language Model (LLM), impacting consumers using Gemini Advanced with Google Workspace and companies utilising the LLM API.

These vulnerabilities could lead to the leakage of system prompts, generation of harmful content, and execution of indirect injection attacks.

๐Ÿ” Identified Vulnerabilities

  • Leakage of System Prompts: Attackers can exploit synonym attacks to bypass security defences and content restrictions, prompting the LLM to output foundational instructions or system messages, potentially compromising sensitive information.

  • Generation of Misinformation: Crafty jailbreaking techniques can manipulate the LLM to generate misinformation, including misinformation about elections or producing content that may be illegal or dangerous.

  • Information Leakage in System Prompts: By passing repeated uncommon tokens as input, attackers can trick the LLM into leaking information contained in the system prompt.

๐Ÿ”’ Impact and Risks

These vulnerabilities could facilitate the dissemination of false information, compromise user privacy, and enable attackers to gain unauthorised control over interactions with the LLM.

While not novel, these vulnerabilities underscore the importance of rigorous testing and continuous improvement in LLM security measures.

๐Ÿ”ง Mitigation Measures

Google is actively conducting red-teaming exercises and enhancing model defences against adversarial behaviours, including prompt injection and jailbreaking.

Safeguards are in place to prevent harmful or misleading responses, with ongoing improvements to ensure robust security.

As a precautionary measure, Google is restricting responses to election-based queries and enforcing policies against prompts related to candidates, political parties, election results, voting information, and notable office holders.

๐Ÿ” Broader Implications

These findings highlight the need for comprehensive security testing across LLMs to mitigate prompt attacks, data extraction, model manipulation, and adversarial threats.

Collaboration among industry stakeholders and ongoing research efforts are crucial to address evolving cybersecurity challenges in language models.

Hackers: I am the PixPirate now โœŒ๏ธ๐Ÿ‘€

๐Ÿšจ New Evasion Technique in PixPirate Android Banking Trojan ๐Ÿ›ก๏ธ

The PixPirate Android banking trojan, notorious for exploiting Android's accessibility services to carry out fraudulent transactions, has adopted a new evasion technique.

The malware now hides its icon from the home screen, ensuring that victims remain unaware of its malicious activities during the reconnaissance and attack phases.

๐Ÿ” Attack Flow

PixPirate is typically distributed via SMS and WhatsApp, leveraging a downloader app to deploy the main payload.

The downloader not only instals the malicious app but also actively executes it, establishing communication between the two components for fraudulent operations.

๐Ÿ”’ Evasion Technique

The latest version of PixPirate's droppee lacks the activity necessary for launching the app from the home screen.

Instead, the downloader initiates the execution of the PixPirate APK by binding to a service exported by the droppee, ensuring persistence even if the downloader is removed.

Receivers registered by the droppee are triggered by system events, allowing it to run and conceal its presence independently of the downloader.

๐ŸŒŽ Broader Implications

PixPirate's evasion technique highlights the evolving sophistication of malware, posing challenges for detection and mitigation.

Latin American banks are also facing threats from malware like Fakext, which employs rogue Microsoft Edge extensions for financial fraud.

๐Ÿ”ง Mitigation Measures

Users should exercise caution when downloading apps from unofficial sources and be vigilant for suspicious behaviour on their devices.

Employing mobile security solutions and keeping devices updated can help mitigate the risk of malware infections.

๐Ÿšจ Security Response

Google Play Protect automatically safeguards Android users against known versions of PixPirate and other malicious apps, providing an additional layer of defence against threats.

๐ŸŽฃ Catch of the Day!! ๐ŸŒŠ๐ŸŸ๐Ÿฆž

Learn AI in 5 minutes a day. We'll teach you how to save time and earn more with AI. Join 400,000+ free daily readers for trending tools, productivity boosting prompts, the latest news, and more.

We donโ€™t talk about this on social media ๐ŸŽถ #TheStreets

๐Ÿšจย Bypassing Multi-Factor Authentication: Social Engineering Tactics ๐Ÿ”’

Multi-Factor Authentication (MFA) is a crucial defence against breaches, but it's not foolproof. Hackers can employ social engineering tactics to circumvent MFA and gain unauthorised access to accounts. Let's delve into four common strategies hackers use:

Adversary-in-the-middle (AITM) Attacks

Hackers create counterfeit websites to deceive users into divulging login credentials, including MFA codes.

Using '2FA pass-on,' attackers promptly enter stolen credentials on the legitimate site to trigger a genuine MFA request, granting them access.

Notorious threat groups like Storm-1167 use this tactic to harvest credentials, mimicking MFA steps to gain complete access.

MFA Prompt Bombing

After compromising passwords, attackers exploit push notification MFA prompts, hoping users will accept them without suspicion.

In a notable case, the 0ktapus group tricked an Uber contractor into accepting a fraudulent MFA push notification after a password compromise.

Service Desk Attacks

Hackers manipulate helpdesks, claiming password forgetfulness, and gain access through phone calls.

Exploiting recovery settings and backup procedures, attackers may bypass MFA by coercing service desks.

Notable incidents include the MGM Resorts attack by the Scattered Spider group.

SIM Swapping

Cybercriminals exploit MFA reliance on cell phones by tricking service providers into transferring services to a SIM card under their control.

This allows them to intercept MFA prompts and gain unauthorised access to accounts.

Threat groups like LAPSUS$ employ extensive social engineering campaigns, including SIM swapping, to bypass MFA.

๐Ÿ” Password Security Still Matters

Despite MFA implementation, compromised passwords remain a significant risk.

Even strong passwords can't protect against breaches or password reuse.

Tools like Specops Password Policy enforce robust password policies and scan for compromised passwords, ensuring MFA serves as an additional security layer.

๐Ÿšจ Conclusion

Organisations must recognize MFA's limitations and bolster password security measures.

Combining MFA with stringent password policies provides a comprehensive defence against social engineering tactics and unauthorised access.

Thatโ€™s all for this week, cyber squad. Stay safe out there โœŠ

๐Ÿ—ž๏ธ Extra, Extra! Read all about it! ๐Ÿ—ž๏ธ

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • ๐Ÿ›ก๏ธ Tl;dr sec: Join 30,000+ security professionals getting the best tools, blog posts, talks, and resources right in their inbox for free every Thursday ๐Ÿ“…

  • ๐Ÿ’ตย Crypto Pragmatist: Crypto made simple. Actionable alpha in 5 minutes, 3x a week. Join 47,000+ investors and insiders, for ๐Ÿ†“

  • ๐Ÿ“ˆย Bitcoin Breakdown: The best in Bitcoin, carefully curated by an alien from the future ๐Ÿ‘พ

Let us know what you think.

So long and thanks for reading all the phish!

footer graphic cyber security newsletter
  • ๐ŸŒต CACTUS ransomware exploits flaws in Qlik Sense ๐Ÿ’ป

Recent articles