PP116: News Roundup—FortiBleed Reveals Password Cracking Is Alive and Kicking, Accenture Goes All-In on OT, and More
Jennifer Jabush and guest co-host Wolf Gerlich discuss major cybersecurity incidents including the SearchLeak Copilot vulnerability, the FortiBleed password-cracking infrastructure, North Korean NPM package compromises, and organizational acquisitions in the OT security space. They also cover concerns about age verification systems and a FIFA World Cup broadcast vulnerability involving weak client-side authentication.
Summary
The episode opens with Jennifer Jabush covering SearchLeak, a three-stage vulnerability affecting Microsoft Copilot that combines parameter-to-prompt injection with HTML injection and SSRF attacks. The attack allows threat actors to craft malicious URLs that trick Copilot into exfiltrating email data and other sensitive information through Bing searches. Wolf Gerlich notes that email gateways with URL rewriting can mitigate some attacks, but widespread prompt protection tools won't be adopted for approximately 12 months. The hosts discuss FortiBleed, initially dismissed as another Fortinet vulnerability but revealed to be far more significant. Researchers discovered an attacker's internet-facing infrastructure containing 45 NVIDIA GPUs performing large-scale password cracking against hundreds of thousands of compromised firewalls and servers. The attack involved credential theft from prior vulnerabilities, extraction of Kerberos tokens and Active Directory GPO templates, and credential sniffing from unencrypted protocols like SNMP and Telnet. The hosts note that Fortinet's SHA-256 password hash patch required users to re-authenticate, but this likely did not occur universally, leaving many systems vulnerable. The North Korea story involves a compromised npm maintainer account with access to 140 packages used in the Maestra AI agent framework. Attackers injected an infostealer targeting cryptocurrency wallets and API keys for OpenAI, Anthropic, and Google, executing within 88 minutes of package updates. The Clue platform breach affected major security companies through stolen OAuth credentials to a Salesforce integration, allowing access to tens of thousands of client accounts. Regarding Accenture's acquisition spree in OT security, the hosts discuss the company's acquisition of Dragos, Run Zero, and NetRise alongside its earlier purchase of Ookla. Wolf expresses concerns about market consolidation and vendor lock-in, though he notes Dragos founder Rob Lee negotiated contractual protections to maintain vendor neutrality. The hosts debate age verification systems being proposed in the UK, California, and Colorado, which would require identity verification at the OS level or through website platforms. They argue this creates massive privacy risks, enabling doxing, stalking, and extortion if data breaches occur, while also raising censorship concerns through content classification technologies. Finally, the hosts discuss a researcher who discovered severe authentication vulnerabilities in FIFA's streaming management and analytics systems. Client-side-only authorization checks allowed access to broadcast controls, camera feeds, financial spreadsheets, and backend analytics. The researcher faced significant challenges in coordinated disclosure, eventually requiring intervention from media and the FBI to expedite remediation.
About this episode
Looks like it’s going to be a long, hot cybersec summer. The latest news roundup covers how Microsoft 365 Copilot got turned into a data exfiltration tool, why the FortiBleed attack is about much more than compromised firewalls, and how North Korea exploited a single npm maintainer account to poison more than a hundred software<a class="excerpt-read-more" href="https://packetpushers.net/podcasts/packet-protector/pp116-news-roundup-fortibleed-reveals-password-cracking-is-alive-and-kicking-accenture-goes-all-in-on-ot-and-more/" title="ReadPP116: News Roundup—FortiBleed Reveals Password Cracking Is Alive and Kicking, Accenture Goes All-In on OT, and More">... Read more »</a>
Key Insights
- SearchLeak exploits Copilot's ability to interpret URL query parameters as direct prompts without input validation, enabling attackers to exfiltrate email data through legitimate Bing search requests that serve as data exfiltration channels.
- FortiBleed represents an industrialized password-cracking operation with 45 NVIDIA GPUs cracking hundreds of thousands of compromised firewall credentials, supplemented by prior vulnerability dumps and recursive cracking of unencrypted network protocols like SNMP and Telnet.
- Fortinet's SHA-256 password hash security patch failed to achieve comprehensive protection because it required all users to re-authenticate post-patch, which apparently did not occur universally, leaving legacy hashes exploitable.
- The North Korean threat actor accessed 140 npm packages through a dormant but unrevoked maintainer account, executing an infostealer within 88 minutes that targeted both cryptocurrency wallets and AI API keys from OpenAI, Anthropic, and Google.
- Accenture's scale advantage—employing over 1,000 people for every one Dragos employee—creates potential for consulting-led sales conflicts of interest where Accenture's role as assessor and problem-identifier becomes merged with their role as solution vendor.
- Age verification systems requiring government identity verification at the OS level or to websites create privacy vulnerabilities for extortion, doxing, and stalking while also enabling censorship through algorithmic content classification that determines what content requires age verification.
- FIFA's streaming and broadcast control systems relied entirely on client-side authentication checks, allowing a researcher with a basic coach account to access camera controls, live feed management, analytics dashboards, and financial spreadsheets without server-side authorization validation.
- One-third of Fortune 100 companies lack any formal vulnerability disclosure channel, leaving security researchers unable to report critical issues through official pathways and forcing reliance on informal channels like WhatsApp, media companies, and FBI intervention.
Topics
Transcript
Today's show is sponsored by Dynanick. Dynanick turns FPGA smart NICs into software-controlled line-rate packet processing data paths. Run deep packet inspection and IDS workloads such as Suricata at up to 400 gigabits per server. That means you can reduce your infrastructure requirements and lower operational costs without sacrificing processing power or visibility. Dynanick's demonstrating its technology at Black Hat USA 2026. Book a meeting and learn more at dynanick.com slash black hat learn more at dynanick.com slash Black Hat. That's dynanick.com slash Black Hat. Hey, everyone, welcome back to Packet Protector, the podcast at the intersection of networking and security. I'm Jennifer Jabush. Drew is still out on assignment. So I'm coming at you this week with a special…
Full transcript available for MurmurCast members
Sign Up to AccessMore from The Everything Feed - All Packet Pushers Pods
HS137: Did AI Turn “Everybody Codes” into “Nobody Codes”?
John Attil-Johnson and John Burke discuss how AI coding tools have fundamentally changed the "everybody codes" strategy, arguing that while AI can generate code quickly, logical thinking and code comprehension remain essential skills. They contend that the focus should shift from teaching everyone to code to ensuring everyone can read code and think logically to catch AI-generated errors.
IPB202: How to Get Hands-On IPv6 Deployment Experience
Ed Horley interviews John, an experienced network engineer, about practical ways to gain hands-on IPv6 experience at home. They discuss consumer-grade IPv6 setups, multi-homing challenges, ULA addressing, NAT/masquerading trade-offs, and how working with multiple historical protocols informs modern IPv6 design thinking.
N4N057: The Art of Troubleshooting
Ethan Banks and Holly Podbilak discuss a structured methodology for network troubleshooting on the NS for Networking podcast. They cover steps from gathering information and recreating problems to using tools like AI, logs, and packet captures, while emphasizing the human elements of staying calm, working as a team, and documenting root causes.
D2DO304: Observability in the Age of AI
Kyler Middleton and Ned Belovance interview Anuj Tyagi about AI observability, covering the unique challenges of monitoring AI stacks versus traditional applications, the importance of tracking token costs, implementing guardrails, and how tools like Agent Gateways and MCP servers add new layers of complexity to observability.
PP113: Patch Gaps, Pretexting, and AI Use for Crimes and Crimefighting: 2026 Verizon DBIR Highlights
Hosts Jennifer Jabush and Drew Connery-Murray discuss highlights from the 2026 Verizon Data Breach Investigations Report, covering shifts in attack vectors, ransomware trends, third-party risk, and AI's role in both cybercrime and enterprise security. The report is based on 31,000 incidents and over 22,000 confirmed breaches across 145 countries from November 2024 to October 2025. Key findings include vulnerability exploitation surpassing credential abuse as the top initial access vector, and 60% of breaches now involving third-party relationships.