Maximize your protection, eliminate business risks.
Optimize and modernize with cloud transformation.
Empower your people to work securely from anywhere.
Let us handle IT so you can focus on growing your business.
Get multichannel 24/7/365 expert end-user support.
Stay ahead of attacks with 24/7 protection and monitoring.
Maximize uptime with with industry-leading DRaaS.
Swiftly mitigate cyber threats and restore security.
Improve efficiency, productivity and outcomes with cloud.
Ensure all mobile devices, everywhere, are secure.
Gain a competitive edge with strategic IT solutions.
This battle-tested checklist enables your team to swiftly initiate a ransomware response.
IT for businesses of all sizes, in any industry.
Empower institution growth with custom IT solutions.
Ensure your firm is always in compliance.
Improve patient care and staff morale.
Deal with pressing legal matters, not IT.
Keep up with the evolving digital landscape.
Focus on your mission by outsourcing IT.
Accelerate PE client deals and secure data.
Leverage your technology as a strategic asset.
Empower Your Municipality with Secure, Reliable IT Services
Execute initiatives and develop IT strategies.
Get the latest industry insights and trends.
Join us at events in person and online.
Hear from clients and learn more about strategic IT.
See how Dataprise can make IT your greatest asset.
Get informative technical resources from IT experts.
Stay on stop of emerging cybersecurity threats.
Discover the key areas of DR your organization needs to address to ensure downtime is minimized.
Gain a strategic asset by bringing harmony to IT.
Ensure 24/7 support and security with dedicated teams.
Drive business forward by partnering with Dataprise.
Meet our one-of-a-kind leadership team.
Discover the recognition Dataprise has earned.
Help us help businesses with strategic IT.
Grow through acquisition and partnership with Dataprise.
Embracing different perspectives and backgrounds.
Find a Dataprise location near you.
Dataprise is committed to empowering more women to consider a career in technology.
Defense Digests
Table of content
A recently exploited vulnerability in ChatGPT’s infrastructure, identified as CVE-2024-27564, has been discovered. The vulnerability is specifically a Server-Side Request Forgery (SSRF) attack, which allows bad actors to abuse the functionality of pictureproxy.php to make unauthorized requests. This can put organizations at significant risk, with various sectors and industries being targeted around the world.
The SSRF attack specifically resides within the pictureproxy.php file. The file is used within ChatGPT’s tool codebase to handle user commands, specifically for image processing. A “commit” command refers to an update made in a GitHub codebase. The specific codebase affected by this vulnerability is ChatGPT’s f9f4bbc codebase, which is used for answering questions through an application programming interface (API).
Attackers craft malicious URLs within the URL parameter to generate unintended requests from ChatGPT. These malicious URLs can contain various harmful commands, leading to many types of nefarious activities worldwide. Authentication is not needed for this exploit, and it has been weaponized by at least one bad actor who has made over 10,000 attack attempts from a single IP address. The specific IP address responsible for these mass attacks has not yet been disclosed.
Out of the 10,000 attack attempts, 33% were directed at organizations in the U.S., 7% toward Thailand and Germany, and the rest at other organizations around the world, including the UK, Colombia, and Indonesia. Organizations may be impacted if they identify pictureproxy.php and the f9f4bbc codebase present within their environment.
The financial sector remains a primary target for this SSRF attack, along with government, healthcare, and any other organizations that have the previously discussed malicious entities present in their environment. Many of these organizations are being targeted as they utilize API integrations and AI-powered services, which are the focus of this vulnerability. The effects of this type of attack can lead to regulatory penalties, data exposure, unauthorized transactions, and reputational damage.
Implement monitoring: Monitor security logs for known malicious IP addresses associated with this vulnerability.
Update pictureproxy.php and ensure that the f9f4bbc codebase is not being used with pictureproxy.php.
Promptly implement security patching: Ensure that all software, hardware, and third-party tools and applications are updated to address any known vulnerabilities.
Review and configure effective security infrastructure: Ensure that web application firewalls (WAFs), standard firewalls, and intrusion prevention systems (IPS) are properly tuned to address known vulnerabilities. Thirty-five percent of organizations are unprotected due to misconfigurations of these security elements, so ensure configurations are promptly addressed.
Sources
Actively Exploited ChatGPT Bug Puts Organizations at Risk
ChatGPT Tool Vulnerability Exploited Against US Government Organizations – SecurityWeek
OpenAI Under Attack: CVE-2024-27564 Actively Exploited in the Wild – VERITI
Contributing Author:
Jayden Baalrud– Cybersecurity Analyst | Dataprise
INSIGHTS
Subscribe to get real-time notifications when a new Dataprise Defense Digest is published.