The Daily Decrypt
The Daily Decrypt
Microsoft President Takes Full Accountability, YouTube Ad Injections, Sleepy Pickle Cyber Attack

In today’s episode, we discuss Microsoft’s commitment to take full responsibility for security failures, as detailed in Brad Smith’s House testimony (–security-failures-house-testimony/718853/), YouTube’s testing of harder-to-block server-side ad injections affecting ad blockers like SponsorBlock, along with the potential solutions (, and the new “Sleepy Pickle” attack technique that targets machine learning models, posing severe supply chain risks ( Tune in for a detailed analysis of these pressing cybersecurity issues and their broader implications.

Thanks to Jered Jones for providing the music for this episode.

Logo Design by

Tags: Microsoft, President, Security, Cybersecurity, Brad Smith, House testimony, Security failures, State-linked cyberattacks, U.S. federal agencies, Cyber attack, Machine learning, Sleepy Pickle, Pickle format, Supply chain risk

Search Phrases: Microsoft security failures, Brad Smith House testimony, U.S. federal agencies cyber attack, State-linked cyberattack Microsoft, Measures to improve Microsoft cybersecurity, Sleepy Pickle machine learning, Protecting machine learning models, Cybersecurity in Pickle format, Supply chain risks in cybersecurity, Advanced server-side ad injection YouTube

Microsoft will take full ownership for security failures in House testimony–security-failures-house-testimony/718853/ —`- Microsoft’s Accountability: Brad Smith, Microsoft’s vice chair and president, commits to taking full responsibility for recent security failures in his written testimony to the U.S. House Committee on Homeland Security. This is a critical move for transparency and accountability in the cybersecurity sector.

  • State-Linked Cyberattacks: The testimony follows two significant state-linked cyberattacks on Microsoft. Hackers from the People’s Republic of China targeted Microsoft Exchange Online, compromising 22 organizations and 500 individuals, including high-profile figures like U.S. Commerce Secretary Gina Raimondo. Another attack from the Russia-linked Midnight Blizzard group compromised senior executives’ credentials, impacting federal agency security.
  • Preventable Breaches: A report by the U.S. Cyber Safety Review Board criticized Microsoft for prioritizing speed to market and new features over security, labeling the attacks as preventable. This highlights the importance for cybersecurity professionals to balance innovation with robust security measures.
  • Security Recommendations: The Cyber Safety Review Board issued 25 recommendations to improve security, 16 specifically for Microsoft. These recommendations are essential for Microsoft and the broader cloud security industry to address vulnerabilities and prevent future breaches.
  • Phishing Attack Surge: Nation-state cyber activity has intensified, with Microsoft experiencing 47 million phishing attacks against its employees and 345 million daily attacks against its customers. This underscores the importance of phishing awareness and training for all cybersecurity professionals.
  • Enhanced Security Measures: To bolster internal security, Microsoft plans to link senior executive compensation to meeting security goals, demonstrating a commitment to accountability. Additionally, the company has invited the Cybersecurity and Infrastructure Security Agency (CISA) to its headquarters for a detailed briefing on their security strategy.
  • Industry Implications: Critics argue that Microsoft’s dominant position in federal systems should be re-evaluated given its security lapses. This raises questions about the broader implications for vendor accountability and the need for stringent security standards in government contracts.`

YouTube tests harder-to-block server-side ad injection in videos —`- YouTube Ad Blocking Challenge:

  • YouTube now injects advertisements directly into video streams (server-side ad injection), making it tougher for ad blockers to filter them out. (Source: BleepingComputer)
  • This method integrates ads seamlessly into the video content, creating a continuous stream that includes ad segments.
  • Impact on Ad Blockers:
    • Traditional ad blockers, which rely on blocking JavaScript scripts for ad insertion, will struggle with this new approach.
    • SponsorBlock, a tool that crowdsources data to skip sponsored content, reports that server-side ad injection disrupts its functionality.
  • Technical Breakdown:
    • YouTube uses smaller video segments, or “chunks,” stitched together to create continuous playback.
    • A manifest file dictates the sequence of these chunks, including both content and ads, complicating the ability to skip or block ads.
  • SponsorBlock’s Response:
    • Currently, SponsorBlock blocks submissions from browsers with server-side ad injection to avoid data corruption.
    • Future solutions may involve calculating ad durations via metadata and YouTube’s interface elements, though these systems are still in development.
  • Potential Solutions for Ad Blockers:
    • Ad blockers might need to evolve by developing sophisticated detection algorithms, analyzing metadata, and employing advanced pattern recognition techniques to identify ad segments.`

New Attack Technique ‘Sleepy Pickle’ Targets Machine Learning Models —`1. Discovery of Sleepy Pickle Attack:

  • Trail of Bits researchers discovered a new attack technique called “Sleepy Pickle” that targets machine learning (ML) models.
  • Unlike traditional attacks, Sleepy Pickle focuses on corrupting the ML model itself, posing a severe supply chain risk.
  1. Mechanism and Risks:
    • The attack leverages the Pickle format, commonly used in ML libraries like PyTorch, to carry out arbitrary code execution during deserialization.
    • Sleepy Pickle can insert backdoors, control outputs, or tamper with processed data, leading to dangerous consequences like misinformation or data theft.
  2. Attack Delivery Methods:
    • Attackers can deliver the payload using techniques such as adversary-in-the-middle (AitM) attacks, phishing, supply chain compromise, or exploiting system weaknesses.
    • When deserialized, the payload modifies the model in-place, making detection very difficult.
  3. Recommendations for Mitigation:
    • Only load models from trusted users and organizations.
    • Use signed commits and consider alternatives to Pickle, like TensorFlow or Jax formats with auto-conversion mechanisms.
  4. Potential Impact:
    • Hypothetical scenarios include generating harmful outputs (e.g., unsafe health advice), stealing user data, or manipulating news article summaries to redirect to phishing sites.
    • The attack can maintain surreptitious access to ML systems, evading detection by modifying model behavior dynamically.
  5. Broader Implications:
    • Sleepy Pickle highlights the need for stronger supply chain security and awareness of vulnerabilities in widely-used software components.
    • The attack’s ability to corrupt local models without appearing as an ML model broadens the attack surface significantly.`

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.