Inside DeepSeek’s Security Flaws

Jan 31, 2025

Join Sam Rubin, SVP of Unit 42 Consulting, and Kyle Wilhoit, Director of Threat Research, as they delve into the security vulnerabilities of the DeepSeek AI model. They discuss cutting-edge jailbreaking techniques like 'Bad Liker Judge' and 'Deceptive Delight,' exposing risks of harmful content generation. The conversation emphasizes the importance of understanding these vulnerabilities, especially for non-technical users, and advocates for rigorous testing before deploying AI tools in organizations to ensure data integrity and security.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

DeepSeek's Appeal and Risks

DeepSeek, a new large language model (LLM), is faster, cheaper, and open source.
Unit 42 researchers investigated its vulnerability to jailbreaking techniques.

ADVICE

Understanding LLM Jailbreaking

Think of LLM jailbreaking as bypassing built-in safety measures.
It involves manipulating prompts to get the model to produce harmful content.

ANECDOTE

Bad Likert Judge Success

The Bad Likert Judge technique manipulates LLMs by having them rate the harmfulness of responses.
Researchers tricked DeepSeek into revealing sensitive information, like keylogger creation and phishing email templates.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

Artificial intelligence is advancing fast, but with innovation comes risk. In this episode of Threat Vector, host David Moulton sits down with Sam Rubin, SVP of Consulting and Threat Intelligence at Unit 42, and Kyle Wilhoit, Director of Threat Research, to explore the vulnerabilities of DeepSeek, a new large language model. They dive into AI jailbreaking techniques like Bad Likert Judge and Deceptive Delight, uncovering how attackers can manipulate models to generate harmful content. The discussion highlights security risks, data integrity concerns, and why businesses must carefully evaluate AI tools before adopting them. Tune in for expert insights on the evolving cybersecurity landscape and what organizations can do to stay protected.

Join the conversation on our social media channels:

Website: http://www.paloaltonetworks.com
Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠
Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠
LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/palo-alto-networks/
YouTube: ⁠⁠⁠⁠@paloaltonetworks
Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠

About Threat Vector

Threat Vector, Palo Alto Networks podcast, is your premier destination for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.

The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.

Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.

Palo Alto Networks

Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠