Summary5 min read

Cyber Security Headlines: LLM Legalese Prompts, Maryland Transit Cyberattack, Hacking into University

Podcast: Cyber Security Headlines
Host: Steve Prentiss
Date: September 2, 2025

Episode Overview

This episode delivers a brisk and incisive roundup of major cybersecurity developments as of September 2, 2025. Steve Prentiss covers inventive large language model (LLM) attacks, a high-profile government cyber incident, academic hacking, new Android malware campaigns, controversy over AI in UK social services, a novel ransomware tactic naming SentinelOne, and an international maritime disruption attributed to hacktivists. The tone remains factual and forward-looking, emphasizing both technical depth and policy implications.

Key Discussion Points & Insights

1. Legal PWN Technique: Hiding LLM Prompts in Legalese

[00:06]

What Happened:
Researchers at Pangea report a “creative way to jailbreak LLMs”, by embedding adversarial prompts into the legalese of contract documents.
Technical Insight:
Many LLMs, especially the most widely used, struggle to distinguish user-given instructions from those concealed in ingested data (e.g., contracts).
Threat Landscape:
– Previously, prompt injection occurred via calendar entries or inline comments.
– Now evolving to complex legal text that passes by human review undetected.
Implication:
LLMs could be silently manipulated to leak data or ignore policy constraints if adversarial language passes technical and human scrutiny.

“Not all LLMs are fooled, but the most popular and heavily used ones do succumb to the prompts more readily.” — Steve Prentiss, [00:38]

2. Maryland Transit Cyberattack

[01:08]

Incident:
The Maryland Transit Administration confirmed a cyber attack affecting “some of its operation and information systems and call centers.”
Disclosure & Scope:
– Attack reported August 25, shortly before a parallel breach was disclosed in Nevada state systems.
– Officials shared no details on the severity or type of data targeted.
Broader Trend:
Indicates an uptick in state-level attacks on critical government infrastructure.

“Representatives said hackers accessed its systems, but they did not share information on the scope of the incident.” — Steve Prentiss, [01:23]

3. Hacking into a Spanish University

[02:00]

Incident:
Spanish police arrested a 21-year-old accused of hacking a government website to change his and friends’ academic records.
Attack Vector:
– Breach involved work accounts from 13 professors in Andalusian universities.
– Some professors were responsible for preparing entrance exams.
Significance:
Highlights risks posed by stolen PII and access to academic administration systems.

“This story highlights ways in which stolen PII does get used…” — Steve Prentiss, [02:00]

4. Android ‘Brokewell’ Malware: Fake TradingView Ads

[02:47]

Attack:
Bitdefender researchers found hackers abusing Meta ad platforms to distribute “TradingView Premium” apps—actually delivering the Brokewell Android malware.
Technical Details:
– Malware enables info-stealing, remote monitoring, and device takeover.
– Campaign has been active since mid-July, specifically targeting mobile users.
Social Engineering:
Fake ads mirror real TradingView branding.

“The ads replicate the branding and style of Trading View, a legitimate charting and financial analysis platform and social network.” — Steve Prentiss, [03:08]

5. Palantir AI Contract in UK Social Services

[04:04]

Development:
Coventry City Council (UK) signs a £500,000-a-year contract with Palantir to use AI for social service case note transcription and records summarizing, amid vocal concern.
Controversy:
– Palantir involvement in military and government activities fuels mistrust.
– The system will be used for children with special educational needs.
– Broader expansion, including law enforcement and NHS, creates ethical questions.
Concerns:
Local officials are wary both of the technology’s impact and the supplier’s history.

“A number of councillors and other officials have raised concerns about the technology itself, as well as with this particular supplier.” — Steve Prentiss, [05:02]

6. Cephalis Ransomware Spoofs SentinelOne

[05:26]

Malware Mechanics:
Cephalis ransomware targets organizations by exploiting unsecured RDP accounts (lacking MFA).
Attack Vector:
– Drops a real SentinelOne executable in the downloads folder.
– Tricks the legitimate program into sideloading a malicious DLL that launches the ransomware.
– Deletes Windows Shadow Copies, disables Defender, preempting recovery.
Targets:
Law firms, healthcare, finance, governmental and IT firms in the US and Japan.

“Cephalis breaks in by leveraging Remote Desktop Protocol accounts that have not been secured with multi factor authentication…” — Steve Prentiss, [05:30]

7. Hackers Disrupt Iranian Ship Communications

[06:26]

Incident:
The hacking group “Lab Duktegan” disrupted communications for 60 Iranian ships (tankers and cargo) via an attack on satellite communications provider FNAVA.
Tactics:
– Disabled central system (Falcon) and wiped core data, leaving ships unable to communicate.
– Known for prior doxxing of Iranian state hackers (APT34).
Impact:
Demonstrates capabilities of non-state actors in critical infrastructure attacks.

“The group's name? Lab Duktegan is a translation from Farsi meaning sewn lips or closed lips.” — Steve Prentiss, [07:12]

Notable Quotes

On LLM Security Gaps:
“Not all LLMs are fooled, but the most popular and heavily used ones do succumb to the prompts more readily.” — Steve Prentiss, [00:38]
On Government Breach Disclosure:
“Representatives said hackers accessed its systems, but they did not share information on the scope of the incident.” — Steve Prentiss, [01:23]
On Classroom Hacking:
“This story highlights ways in which stolen PII does get used…” — Steve Prentiss, [02:00]
About Fake TradingView Ad Campaigns:
“The ads replicate the branding and style of Trading View, a legitimate charting and financial analysis platform and social network.” — Steve Prentiss, [03:08]
About Palantir's Role in UK Public Sector:
“A number of councillors and other officials have raised concerns about the technology itself, as well as with this particular supplier.” — Steve Prentiss, [05:02]
On Cephalis Ransomware’s Infection Path:
“Cephalis breaks in by leveraging Remote Desktop Protocol accounts that have not been secured with multi factor authentication…” — Steve Prentiss, [05:30]
Regarding Lab Duktegan:
“The group's name? Lab Duktegan is a translation from Farsi meaning sewn lips or closed lips.” — Steve Prentiss, [07:12]

Important Timestamps

00:06 — Start of news stories
00:38 — LLM prompt injection via contract legalese
01:08 — Maryland Transit cyberattack
02:00 — University exam grade hacking in Spain
02:47 — Brokewell Android malware in fake TradingView ads
04:04 — Palantir AI controversy in Coventry social services
05:26 — Cephalis ransomware spoofs SentinelOne
06:26 — Iranian ships' comms disrupted by Lab Duktegan

Final Notes

The episode underscores the creative evolution of cyber attack vectors—from AI prompt manipulation and social engineering to critical infrastructure sabotage.
The host’s neutral, concise tone keeps focus on factual reporting while isolating the most crucial, high-impact developments.
For deeper dives, listeners are encouraged to visit CISOseries.com for full story coverage.

Loading summary

Transcript3 lines

[00:00]
A
From the CISO series, It's Cybersecurity Headlines.
[00:07]
B
These are the cybersecurity headlines for Tuesday, September 2, 2025. I'm Steve Prentiss. Legal PWN technique hides LLM prompts inside contract legalese Researchers at security firm Pangea are warning of another creative way to jailbreak LLMs, empowering them with instructions that can be used to exploit vulnerabilities and circumvent cybersecurity practices. This one focuses on the inability of many LLMs to distinguish between instructions in their user's prompt and those hidden inside ingested data. We have already seen this with threat actors hiding prompts inside online calendars and inline comments in documents, but now they are also being inserted inside the large paragraphs of legalese in contracts carefully written to not raise suspicions amongst human readers. Not all LLMs are fooled, but the most popular and heavily used ones do succumb to the prompts more readily. Maryland Transit investigating cyber Attack the Maryland Transit Administration says a cyber attack impacted some of its operation and information systems and call centers, end quote. Representatives said hackers accessed its systems, but they did not share information on the scope of the incident. The attack was disclosed on August 25, just prior to a similar announcement made by the state of Nevada, which also announced that hackers had breached its state systems. Hacker attempts to forge his way into Spanish university this story highlights ways in which stolen PII does get used to Spanish Police have arrested a 21 year old individual for allegedly accessing a government website to alter his high school and university entrance exam grades, as well as those of some of his friends. As posted by Graham Cluley in bitdefender, According to investigating officers, the work accounts of at least 13 professors from various Andalusian universities had been hacked. Some of these teachers apparently were responsible for preparing university entrance exams in the country. Brokewell Android malware delivered through fake TradingView ads Researchers at Bitdefender are warning of cybercriminals who are abusing Meta's advertising platforms with fake offers of a free TradingView Premium app that spreads the Brokewell malware for Android. This campaign, which was specifically designed for mobile users, has been active since mid July. Brokewell is an Android malware capable of info stealing, remote monitoring and taking control of a compromised device. The ads replicate the branding and style of Trading View, a legitimate charting and financial analysis platform and social network. These bogus ads offer a free premium app for Android. Huge thanks to our sponsor, ThreatLocker. ThreatLocker is a global leader in zero trust endpoint security offering cybersecurity controls to protect businesses from zero day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and to start your free trial, visit threatlocker.com CISO I.e. t H R E A T L O c k e r.com UK Social Services Department uses Palantir amid concerns the City Council of the English town of Coventry has signed a 500,000 pound per year artificial intelligence contract with the US data technology company Palantir, which is also known to be involved with the Israel Defense Forces as well as with US Government deportation activities. According to the Guardian. The contract follows a pilot scheme in the council's Children's Services Department, including using AI for case note transcription and to summarize social workers records. The council is planning to extend the Palantir system to process for providing support to children with special education needs. Palantir already has a number of public sector contracts in the uk, including providing AI to help tackle organized crime in the county of Leicestershire and building the new National Health Service Federated Data platform. A number of councillors and other officials have raised concerns about the technology itself, as well as with this particular supplier. Cephalis ransomware spoofs Sentinel 1 as attack vector A new ransomware named Cephalus is casting its spear at law firms, financial services, healthcare organizations, architectural practices, municipalities, IT firms and marketing agencies in the US And Japan. Cephalis breaks in by leveraging Remote desktop protocol accounts that have not been secured with multi factor authentication, according to a report from security firm Huntress. The malware drops a real program executable from security firm Sentinel 1 into a computer's downloads folder. This is then tricked into sideloading a malicious DLL that runs the ransomware code. Cephalis will also delete Windows Shadow copy files, which companies often turn to for recovery of their data, and also disables Windows Defender. Hackers disrupt the communications of dozens of Iranian ships as posted in Security Week, a hacking group known as labduktegen, I.e. lab D O O K H T E g a n lab Dugtegen allegedly disrupted the communication systems of 60 Iranian ships, including 39 tankers and 25 cargo ships operated by Iranian maritime companies NITC and Irisl, which are sanctioned by the U.S. the group hacked satellite communications company FNAVA, allegedly disabled a central communications system named Falcon and ran destructive commands to erase core data, leaving the ships without communication or data of any kind. The group's name? Lab Duktegan is a translation from Farsi meaning sewn lips or closed lips. Little is known about the group even where it is based, but it does focus on targeting Iranian state infrastructure and is perhaps most famous for its doxxing of Iran's APT34 hacking unit in 2019. Almost all organizations have some concrete AI adoption plan either in progress or on their roadmap, which is great. Too bad many of these organizations don't have any plans for AI oversight. How do we balance the speed of innovation with security and compliance concerns? That's one of the segments we're digging into on this week's episode of the CISO Series Podcast. Look for the episode entitled we're all for a Responsible AI Rollout, as long as it goes as fast as possible. Wherever you get your podcasts and if you have some thoughts on the news from today or about the show in general, please be sure to reach out to us@feedbackisoseries.com we would love to hear from you. I'm Steve Prentiss reporting for the CISO series.
[07:48]
A
Cybersecurity headlines are available every weekday. Head to cisoseries.com for the full stories behind the headlines.