Tag: attack vectors
-
Slashdot: LLM Attacks Take Just 42 Seconds On Average, 20% of Jailbreaks Succeed
Source URL: https://it.slashdot.org/story/24/10/12/213247/llm-attacks-take-just-42-seconds-on-average-20-of-jailbreaks-succeed?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: LLM Attacks Take Just 42 Seconds On Average, 20% of Jailbreaks Succeed Feedly Summary: AI Summary and Description: Yes Summary: The article discusses alarming findings from Pillar Security’s report on attacks against large language models (LLMs), revealing that such attacks are not only alarmingly quick but also frequently result…
-
Alerts: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2024/10/09/cisa-adds-three-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Three Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-23113 Fortinet Multiple Products Format String Vulnerability CVE-2024-9379 Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability CVE-2024-9380 Ivanti Cloud Services Appliance (CSA) OS Command Injection…
-
The Register: Ransomware gang Trinity joins pile of scumbags targeting healthcare
Source URL: https://www.theregister.com/2024/10/09/trinity_ransomware_targets_healthcare_orgs/ Source: The Register Title: Ransomware gang Trinity joins pile of scumbags targeting healthcare Feedly Summary: As if hospitals and clinics didn’t have enough to worry about At least one US healthcare provider has been infected by Trinity, an emerging cybercrime gang with eponymous ransomware that uses double extortion and other “sophisticated" tactics…
-
Hacker News: Attacking PowerShell Clixml Deserialization
Source URL: https://www.truesec.com/hub/blog/attacking-powershell-clixml-deserialization Source: Hacker News Title: Attacking PowerShell Clixml Deserialization Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text details a series of research findings related to security vulnerabilities associated with PowerShell’s CLIXML deserialization mechanism. Specifically, it highlights the risks stemming from the serialization and deserialization processes in PowerShell, emphasizing how these…
-
Embrace The Red: Google AI Studio: LLM-Powered Data Exfiltration Hits Again! Quickly Fixed.
Source URL: https://embracethered.com/blog/posts/2024/google-ai-studio-data-exfiltration-now-fixed/ Source: Embrace The Red Title: Google AI Studio: LLM-Powered Data Exfiltration Hits Again! Quickly Fixed. Feedly Summary: Recently, I found what appeared to be a regression or bypass that again allowed data exfiltration via image rendering during prompt injection. See the previous post here. Data Exfiltration via Rendering HTML Image Tags During…