Just how bad can things get if someone clicks on a link? Rob Allen joins us again to talk about ransomware, why putting too much attention on clicking links misses the larger picture of effective defenses, and what orgs can do to prepare for an influx of holiday-infused ransomware targeting.
Segment resources
- https://www.bleepingcomputer.com/news/security/how-a-ransomware-gang-encrypted-nevada-governments-systems/
- https://www.darkreading.com/endpoint-security/pro-russian-hackers-linux-vms-hide-windows
- https://www.threatlocker.com/blog/how-to-build-a-robust-lights-out-checklist
This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them!
Rob Allen, Chief Product Officer of ThreatLocker, is an IT Professional with three decades of experience assisting small and medium enterprises embrace and utilize technology. He has spent the majority of this time working for an Irish-based MSP, which has given him invaluable insights into the challenges faced by businesses today. Rob’s background is technical – first as a system administrator, then as a technician and an engineer. His broad technical knowledge, as well as an innate understanding of customers’ needs, made him a trusted advisor for hundreds of businesses across a wide variety of industries. Rob has been at the coalface, assisting clients in remediating the effects of, and helping them recover from cyber and ransomware attacks.
Mike Shema
- OWASP Top 10:2025 RC1
One thing I like about the OWASP Top 10 is that it regenerates every few years just like Doctor Who.
- Private data at risk due to seven ChatGPT vulnerabilities | Tenable®
No big surprises here. ChatGPT 4o has several flavors of prompt injection problems. ChatGPT 5 has most of the same (although the write-up doesn't explicitly state which of the seven vulns still applied to 5).
I grabbed this article for the beginning section about the observed isolation techniques between the LLMs used for chat, retrieving URLs, and browsing on behalf of the user. As the article notes (and as many, many others do as well), prompt injection is a fundamental problem inherent to LLMs since they cannot distinguish instructions from content. But that doesn't mean there's no point in mitigating such an intractable problem. Separating contexts and behaviors across different LLMs seems like a decent approach to reduce the impact of potential vulns.
- Introducing Aardvark: OpenAI’s agentic security researcher
Ah, the promise of prompts to protect software...
This is one of those articles that I'm marking now so that we can come back to it in six months to see what type of impact this LLM-based security analysis has had, how its underlying LLM may have improved in that time, and whether it's any better than using grep to find security flaws.
- Claude Pirate: Abusing Anthropic’s File API For Data Exfiltration · Embrace The Red
- FYI: Ready to Hack an LLM? Our Top CTF Recommendations | Bishop Fox
- FYI: USENIX Security ’25 (Paper Presentations)
A few titles that caught my eye:
- SelfDefend: LLMs Can Defend Themselves against Jailbreaking in a Practical Manner
- Confusing Value with Enumeration: Studying the Use of CVEs in Academia
- Demystifying the (In)Security of QR Code-based Login in Real-world Deployments
- A Formal Analysis of Apple's iMessage PQ3 Protocol
- Posthammer: Pervasive Browser-based Rowhammer Attacks with Postponed Refresh Commands
- HISTORY: Smashing The Stack For Fun And Profit
Aleph One published this famous intro to stack-based overflows (and a bit of heap) 29 years ago.
Adrian Sanabria
