AI Sleeper Agents (5 minute read)
AI Sleeper Agents are AI agents that behave normally until a certain trigger occurs and their behavior changes. Researchers created AI Sleeper Agents and then applied standard safety training methods that are used by GPTs like ChatGPT and Claude. They observed that the models still responded to the sleeper triggers and were able to adapt their behavior even after going through all the safety training.
Cactus Ransomware malware analysis โ ShadowStackRE (9 minute read)
The Cactus ransomware has been targeting victims across various industries and putting pressure on them by releasing personal information. The malware uses standard C++ constructs and Windows scheduled tasks for persistence. This analysis provides information on the build of the malware, its program flow, its setup process, and the techniques it uses to inhibit system recovery.
๐งโ๐ป
Launches & Tools
Latio Application Security Tester (GitHub Repo)
LAST (Latio Application Security Tester) uses OpenAI to scan code for security issues from the command line. The tool can be configured to scan all code, only changes, or run in a pipeline.
Stalker (GitHub Repo)
Stalker is an Attack Surface Management (ASM) tool with a big focus on extendability. It streamlines and automates reconnaissance operations while giving you the flexibility to expand its functionalities. Its web interface enables easy data access and sharing with all stakeholders.
Sherlock (GitHub Repo)
This script is designed to help expedite web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
HP CEO evokes James Bond-style hack via ink cartridges (6 minute read)
HP claims blocking third-party ink cartridges prevents viruses. CEO Enrique Lores said viruses could "go to the printer" via cartridges, justifying HP's controversial Dynamic Security system. While hacked cartridges sound concerning, the actual security risk appears low, casting doubt on HP's virus justification.
How Pentesting Mirrors the Evolution of Quality Assurance (6 minute read)
A post in which Ross Haleliuk, best-selling author of the recently released Cyber for Builders, draws parallels between the development of the quality assurance industry and penetration testing. Haleliuk observes that both QA and pentesting followed a similar trajectory, going from companies not doing them at all before outsourcing the functions, and then finally bringing them back in-house. He predicts that just as software development and testing have become linked, securing and testing software security will become the standard.