Hello and welcome to the Tuesday, April 29th, 2025 edition of the Sands Inundit Storm Center's Stormcast.

My name is Johannes Ulrich and today I'm recording from Jacksonville, Florida.

And in diaries today, we got a new Python tool for a change, not from DDA, but from the Python master himself.

Mark Baggett.

Mark wrote SRUM dump, SRUMD the systems resource usage monitor.

That's the part of Windows that logs.

How much resources different software used for the last 30 days? And that's of course

really interesting in forensics and incident response because you can check, well, which

software was running when and did it use the network? How much data did it send? All of this

is in the system research usage monitor logs.

And well, that's exactly what this tool exports for you presents it in easy-to-use formats.

So if you are in that line of business, definitely take a look.

And the mark is always interesting feedback.

There's also a little run-through of the

tool and how to use it in sort of a simple case, kind of to give you an idea for how you could

apply this tool to any kind of investigation that you are performing. And then we got an interesting

new technique to perform a prompt injection in large language models.

This comes from hidden layer, and what they say is unique about their particular technique.

They call it policy puppetry is that it's fairly universal.

The same technique, the same style prompt can be used across multiple

LMs. They sort of tested all the big ones as part of their research. There have been

similar prompt injections for specific models, but as Hidden Layer points out, well,

...