685 matches found
Is Web Scraping Illegal? Depends on Who You Ask
Web scraping has existed for a long time, and depending on who you ask, it can be loved or hated. But where is the line drawn between extracting data for legitimate business purposes and malicious data extraction that hurts business? The bar is getting blurrier by the day, and the introduction of...
A New Trick Uses AI to Jailbreak AI Models—Including GPT-4
Adversarial algorithms can systematically probe large language models like OpenAI’s GPT-4 for weaknesses that can make them misbehave...
Trellix 2024 Threat Predictions
Trellix 2024 Threat Predictions By Trellix · October 30, 2023 Introduction This last year we have seen upheaval across the cybersecurity landscape. The need for effective, worldwide threat intelligence continues to grow as geopolitical and economic developments create an increasingly complicated...
Webinar: How vCISOs Can Navigating the Complex World of AI and LLM Security
In today's rapidly evolving technological landscape, the integration of Artificial Intelligence AI and Large Language Models LLMs has become ubiquitous across various industries. This wave of innovation promises improved efficiency and performance, but lurking beneath the surface are complex...
LLMs and Tool Use
Last March, just two weeks after GPT-4 was released, researchers at Microsoft quietly announced a plan to compile millions of APIs--tools that can do everything from ordering a pizza to solving physics equations to controlling the TV in your living room--into a compendium that would be made...
Prompt injection could be the SQL injection of the future, warns NCSC
The UK's National Cyber Security Centre NCSC has issued a warning about the risks of integrating large language models LLMs like OpenAIs ChatGPT into other services. One of the major risks is the possibility of prompt injection attacks. The NCSC points out several dangers associated with...
How to Prevent ChatGPT From Stealing Your Content & Traffic
ChatGPT and similar large language models LLMs have added further complexity to the ever-growing online threat landscape. Cybercriminals no longer need advanced coding skills to execute fraud and other damaging attacks against online businesses and customers, thanks to bots-as-a-service,...
Criminals Have Created Their Own ChatGPT Clones
Cybercriminals are touting large language models that could help them with phishing or creating malware. But the AI chatbots could just be their own kind of scam...
AiCEF - An AI-assisted cyber exercise content generation framework using named entity recognition
AiCEF is a tool implementing the accompanying framework 1 in order to harness the intelligence that is available from online resources, as well as threat groups' activities, arsenal eg. MITRE, to create relevant and timely cybersecurity exercise content. This way, we abstract the events from the...
Why endpoint management is key to securing an AI-powered future
The chief information security officer CISO agenda has a new set of priorities. Hybrid work and the resultant architecture updates, so prevalent at the beginning of the pandemic, are no longer top of mind. Instead, the thinking is focused on tackling ever more sophisticated threats and integratin...
Why endpoint management is key to securing an AI-powered future
The chief information security officer CISO agenda has a new set of priorities. Hybrid work and the resultant architecture updates, so prevalent at the beginning of the pandemic, are no longer top of mind. Instead, the thinking is focused on tackling ever more sophisticated threats and integratin...
LangChain 安全漏洞
LangChain is used to build applications using LLM through composability. A security vulnerability exists in Langchain version 0.0.171, which stems from an arbitrary code execution vulnerability...
CVE-2023-34094 ChuanhuChatGPT vulnerable to unauthorized configuration file access
ChuanhuChatGPT is a graphical user interface for ChatGPT and many large language models. A vulnerability in versions 20230526 and prior allows unauthorized access to the config.json file of the privately deployed ChuanghuChatGPT project, when authentication is not configured. The attacker can...
AI-powered content farms start clogging search results with ad-stuffed spam
A recent study by NewsGuard, trackers of online misinformation, makes some alarming discoveries about the role of artificial intelligence AI in content farm generation. If youve previously held your nose at the content mill grind, its probably going to become a lot more unpleasant. Content farms...
What does ChatGPT know about phishing?
Can ChatGPT detect phishing links? Hearing all the buzz about the amazing applications of ChatGPT and other language models, our team could not help but ask this question. We work on applying machine learning technologies to cybersecurity tasks, specifically models that analyze websites to detect...
The Hacking of ChatGPT Is Just Getting Started
Security researchers are jailbreaking large language models to get around safety rules. Things could get much worse...
LLMs and Phishing
Heres an experiment being run by undergraduate computer science students everywhere: Ask ChatGPT to generate phishing emails, and test whether these are better at persuading victims to respond or click on the link than the usual spam. Its an interesting experiment, and the results are likely to...
haystack 安全漏洞
haystack is an open source NLP framework for interacting with your data using Transformer models and LLMs GPT-4, ChatGPT, etc.. A security vulnerability exists in haystack versions prior to 0.1.30 that stems from the use of hard-coded constants...
ChatGPT happy to write ransomware, just really bad at it
This morning I decided to write some ransomware. I've never done it before, and I can't code in C, the language ransomware is mostly commonly written in, but I have a reasonably good idea of what ransomware does. Previously, this lack of technical skills would have served as something of a barrie...
ChatGPT helps both criminals and law enforcement, says Europol report
In a report, Europol says that ChatGPT and other large language models LLMs can help criminals with little technical knowledge to perpetrate criminal activities, but it can also assist law enforcement with investigating and anticipating criminal activities. The report aims to provide an overview ...