Experimental News Clipping Site

Tag: exfiltration

  • Cloud Blog: Get ready for a unique, immersive security experience at Next ‘25

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/products/identity-security/unique-immersive-security-experience-coming-to-next-25/ Source: Cloud Blog Title: Get ready for a unique, immersive security experience at Next ‘25 Feedly Summary: Few things are more critical to IT operations than security. Security incidents, coordinated threat actors, and regulatory mandates are coupled with the imperative to effectively manage risk and the vital business task of rolling out…

  • Embrace The Red: AI Domination: Remote Controlling ChatGPT ZombAI Instances

    by

    Kurt Seifried
    in

    Source URL: https://embracethered.com/blog/posts/2025/spaiware-and-chatgpt-command-and-control-via-prompt-injection-zombai/ Source: Embrace The Red Title: AI Domination: Remote Controlling ChatGPT ZombAI Instances Feedly Summary: At Black Hat Europe I did a fun presentation titled SpAIware and More: Advanced Prompt Injection Exploits. Without diving into the details of the entire talk, the key point I was making is that prompt injection can impact…

  • The Register: FireScam infostealer poses as Telegram Premium app to surveil Android devices

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/06/firescam_android_malware/ Source: The Register Title: FireScam infostealer poses as Telegram Premium app to surveil Android devices Feedly Summary: Once installed, it helps itself to your data like it’s a free buffet Android malware dubbed FireScam tricks people into thinking they are downloading a Telegram Premium application that stealthily monitors victims’ notifications, text messages,…

  • The Register: How cops taking down LockBit, ALPHV led to RansomHub’s meteoric rise

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/12/28/lockbit_alphv_disruptions_ransomhub_rise/ Source: The Register Title: How cops taking down LockBit, ALPHV led to RansomHub’s meteoric rise Feedly Summary: Cut off one head, two more grow back in its place RansomHub, the ransomware collective that emerged earlier this year, quickly gained momentum, outpacing its criminal colleagues and hitting its victims especially hard. The group…

  • Alerts: CISA Issues BOD 25-01, Implementing Secure Practices for Cloud Services

    by

    system automation
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2024/12/17/cisa-issues-bod-25-01-implementing-secure-practices-cloud-services Source: Alerts Title: CISA Issues BOD 25-01, Implementing Secure Practices for Cloud Services Feedly Summary: Today, CISA issued Binding Operational Directive (BOD) 25-01, Implementing Secure Practices for Cloud Services to safeguard federal information and information systems. This Directive requires federal civilian agencies to identify specific cloud tenants, implement assessment tools, and align…

  • Simon Willison’s Weblog: Quoting Johann Rehberger

    by

    system automation
    in

    Source URL: https://simonwillison.net/2024/Dec/17/johann-rehberger/ Source: Simon Willison’s Weblog Title: Quoting Johann Rehberger Feedly Summary: Happy to share that Anthropic fixed a data leakage issue in the iOS app of Claude that I responsibly disclosed. 🙌 👉 Image URL rendering as avenue to leak data in LLM apps often exists in mobile apps as well — typically…

  • Simon Willison’s Weblog: Security ProbLLMs in xAI’s Grok: A Deep Dive

    by

    system automation
    in

    Source URL: https://simonwillison.net/2024/Dec/16/security-probllms-in-xais-grok/#atom-everything Source: Simon Willison’s Weblog Title: Security ProbLLMs in xAI’s Grok: A Deep Dive Feedly Summary: Security ProbLLMs in xAI’s Grok: A Deep Dive Adding xAI to the growing list of AI labs that shipped feature vulnerable to data exfiltration prompt injection attacks, but with the unfortunate addendum that they don’t seem to…