Tag: Server-Side Request Forgery

  • Microsoft Security Blog: 3 takeaways from red teaming 100 generative AI products

    Source URL: https://www.microsoft.com/en-us/security/blog/2025/01/13/3-takeaways-from-red-teaming-100-generative-ai-products/ Source: Microsoft Security Blog Title: 3 takeaways from red teaming 100 generative AI products Feedly Summary: Since 2018, Microsoft’s AI Red Team has probed generative AI products for critical safety and security vulnerabilities. Read our latest blog for three lessons we’ve learned along the way. The post 3 takeaways from red teaming…

  • Cloud Blog: Bridging the Gap: Elevating Red Team Assessments with Application Security Testing

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/red-team-application-security-testing/ Source: Cloud Blog Title: Bridging the Gap: Elevating Red Team Assessments with Application Security Testing Feedly Summary: Written by: Ilyass El Hadi, Louis Dion-Marcil, Charles Prevost Executive Summary Whether through a comprehensive Red Team engagement or a targeted external assessment, incorporating application security (AppSec) expertise enables organizations to better simulate the tactics and…

  • The Register: Open source LLM tool primed to sniff out Python zero-days

    Source URL: https://www.theregister.com/2024/10/20/python_zero_day_tool/ Source: The Register Title: Open source LLM tool primed to sniff out Python zero-days Feedly Summary: The static analyzer uses Claude AI to identify vulns and suggest exploit code Researchers with Seattle-based Protect AI plan to release a free, open source tool that can find zero-day vulnerabilities in Python codebases with the…

  • Slashdot: Microsoft Copilot Studio Exploit Leaks Sensitive Cloud Data

    Source URL: https://yro.slashdot.org/story/24/08/21/1947215/microsoft-copilot-studio-exploit-leaks-sensitive-cloud-data?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Microsoft Copilot Studio Exploit Leaks Sensitive Cloud Data Feedly Summary: AI Summary and Description: Yes Summary: The text details a security vulnerability (CVE-2024-38206) found in Microsoft’s Copilot Studio that allows attackers to exploit Server-Side Request Forgery (SSRF) to access sensitive cloud data. This flaw has significant implications for cloud…