Aggregator

Indirect Prompt Injection via YouTube Transcripts

Embrace The Red
1 year 7 months ago
As discussed previously the problem of Indirect Prompt Injections is increasing. They start showing up in many places. A new unique one that I ran across is YouTube transcripts. ChatGPT (via Plugins) can access YouTube transcripts. Which is pretty neat. However, as expected (and predicted by many researches) all these quickly built tools and integrations introduce Indirect Prompt Injection vulnerabilities. Proof of Concept Here is how it looks with ChatGPT end to end with a demo example.

Adversarial Prompting: Tutorial and Lab

Embrace The Red
1 year 7 months ago
To learn more about Prompt Engineering and Prompt Injections I put together this tutorial + lab for myself. It is as a Jupyter Notebook to experiement and play around with this novel attack technique, learn and experiment. The examples reach from simple prompt engineering scenarios, such as changing the output message to a specific text, to more complex adversarial prompt challenges such as JSON object injection, HTML injection/XSS, overwriting mail recipients or orders of an OrderBot and also data exfiltration.

域渗透-How2UseLdap

7bits安全团队
1 year 7 months ago
前言在域环境中Ldap属于比较基础,且重要的知识点,通过了解Ldap的相关内容,可以快速的判断域内的环境。以

Episode 004 - Jeremy MountainJohnson

The Blue Team Diaries
1 year 7 months ago

As the threat landscape continues to evolve, the integration of automation into network security has become an increasingly critical need for organizations to improve the performance of their security tools. 

Join host Peter Manev and guest Jeremy MountainJohnson, a Security Analyst serving on the board for the Minnesota Chapter of High Technology Crime Investigation Association, as they explore the latest advancements in cybersecurity automation and discuss the areas for improvements.

Find Jeremy: 
Linkedin: https://www.linkedin.com/in/mountainjohnson/


Managed ad