相關新聞
Mozilla: ChatGPT Can Be Manipulated Using Hex Code
LLMs tend to miss the forest for the trees, understanding specific instructions but not their broader context. Bad actors can take advantage of this myopia to get them to do malicious things, with a new prompt-injection technique.
Dark Reading
2024年10月29日 32 觀看次數
Fog ransomware targets SonicWall VPNs to breach corporate networks
Fog and Akira ransomware operators have increased their exploitation efforts of CVE-2024-40766, a critical access control flaw that allows unauthorized access to resources on the SSL VPN feature of SonicWall SonicOS firewalls. [...]
Bleepingcomputer
2024年10月28日 44 觀看次數
Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining
The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached servers to third-parties. "The group is currently targeting exposed Docker daemons to deploy Sliver malware, a...
The Hacker News
2024年10月28日 32 觀看次數
Windows 11 24H2: The hardware and software blocking the new update
Windows 11 24H2 is unavailable for thousands of users due to safeguard or compatibility holds Microsoft has placed on specific device and software configurations. [...]
Bleepingcomputer
2024年10月28日 34 觀看次數
AWS's Predictable Bucket Names Make Accounts Easier to Crack
Amazon's open source Cloud Development Kit generates dangerously predictable naming patterns that could lead to an account takeover.
Dark Reading
2024年10月25日 62 觀看次數
Google offers its AI watermarking tech as free open source toolkit
SynthID provides a hidden way to mark LLM output as artificial.
Ars Technica
2024年10月24日 31 觀看次數
CISA proposes new security requirements to protect govt, personal data
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is proposing security requirements to prevent adversary states from accessing American's personal data as well as government-related information. [...]
Bleepingcomputer
2024年10月23日 51 觀看次數
Fortinet warns of new critical FortiManager flaw used in zero-day attacks
Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks to steal sensitive files containing configurations, IP addresses, and credentials for managed devices. [...]
Bleepingcomputer
2024年10月23日 31 觀看次數
Cheap AI “video scraping” can now extract data from any screen recording
Researcher feeds screen recordings into Gemini to extract accurate information with ease.
Ars Technica
2024年10月18日 72 觀看次數
Fake Google Meet conference errors push infostealing malware
A new ClickFix campaign is luring users to fraudulent Google Meet conference pages showing fake connectivity errors that deliver info-stealing malware for Windows and macOS operating systems. [...]
Bleepingcomputer
2024年10月18日 35 觀看次數