SRUM-DUMP Version 3: Uncovering Malware Activity in Forensics

Mark Baggett released SRUM-DUMP Version 3. The tool simplifies data extraction from Widnows System Resource Usage Monitor (SRUM). This database logs how much resources software used for 30 days, and is invaluable to find out what software was executed when and if it sent or received network data.

https://isc.sans.edu/diary/SRUM-DUMP%20Version%203%3A%20Uncovering%20Malware%20Activity%20in%20Forensics/31896

Novel Universal Bypass For All Major LLMS

Hidden Layer discovered a new prompt injection technique that bypasses security constraints in large language models.

The technique uses an XML formatted prequel for a prompt, which appears to the LLM as a policy file. This Policy Puppetry can be used to rewrite some of the security policies configured for LLMs. Unlike other techniques, this technique works across multiple LLMs without changing the policy.

https://hiddenlayer.com/innovation-hub/novel-universal-bypass-for-all-major-llms/

CHOICEJACKING: Compromising Mobile Devices through Malicious Chargers like a Decade ago

The old Juice Jacking is back, at least if you do not run the latest version of Android or iOS. This issue may allow a malicious USB device, particularly a USB charger, to take control of a device connected to it.

https://pure.tugraz.at/ws/portalfiles/portal/89650227/Final_Paper_Usenix.pdf

SANS @RSA: https://www.sans.org/mlp/rsac/