Cloud Security Alliance News Clipping Site

Tag: unicode characters

  • Cisco Talos Blog: Malicious QR codes

    by

    system automation
    in

    Source URL: https://blog.talosintelligence.com/malicious_qr_codes/ Source: Cisco Talos Blog Title: Malicious QR codes Feedly Summary: QR codes are disproportionately effective at bypassing most anti-spam filters, as most filters are not designed to recognize that a QR code is present in an image and decode the QR code. According to Talos’ data, roughly 60% of all email containing…

  • Hacker News: Invisible text that AI chatbots understand and humans can’t?

    by

    system automation
    in

    Source URL: https://arstechnica.com/security/2024/10/ai-chatbots-can-read-and-write-invisible-text-creating-an-ideal-covert-channel/ Source: Hacker News Title: Invisible text that AI chatbots understand and humans can’t? Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a sophisticated method of exploiting vulnerabilities in AI chatbots like Claude and Copilot through “ASCII smuggling,” where invisible characters are used to embed malicious instructions. This innovative…

  • Cisco Talos Blog: What NIST’s latest password standards mean, and why the old ones weren’t working

    by

    system automation
    in

    Source URL: https://blog.talosintelligence.com/threat-source-newsletter-oct-10-2024/ Source: Cisco Talos Blog Title: What NIST’s latest password standards mean, and why the old ones weren’t working Feedly Summary: Rather than setting a regular cadence for changing passwords, users only need to change their passwords if there is evidence of a breach.  AI Summary and Description: Yes **Summary:** The text discusses…

  • Schneier on Security: NIST Recommends Some Common-Sense Password Rules

    by

    system automation
    in

    Source URL: https://www.schneier.com/blog/archives/2024/09/nist-recommends-some-common-sense-password-rules.html Source: Schneier on Security Title: NIST Recommends Some Common-Sense Password Rules Feedly Summary: NIST’s second draft of its “SP 800-63-4“—its digital identify guidelines—finally contains some really good rules about passwords: The following requirements apply to passwords: lVerifiers and CSPs SHALL require passwords to be a minimum of eight characters in length and…

  • The Register: From Copilot to Copirate: How data thieves could hijack Microsoft’s chatbot

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/08/28/microsoft_copilot_copirate/ Source: The Register Title: From Copilot to Copirate: How data thieves could hijack Microsoft’s chatbot Feedly Summary: Prompt injection, ASCII smuggling, and other swashbuckling attacks on the horizon Microsoft has fixed flaws in Copilot that allowed attackers to steal users’ emails and other personal data by chaining together a series of LLM-specific…