Aggregator
CTF | 2023 阿里云CTF / AliyunCTF WriteUp
1 year 10 months ago
这比赛好难啊,大概花了点时间瞄了几眼题目,卡住的题目赛后又来复现了一下,这里记录一下writeup喵。
MiaoTony
Adversarial Prompting: Tutorial and Lab
1 year 10 months ago
To learn more about Prompt Engineering and Prompt Injections I put together this tutorial + lab for myself. It is as a Jupyter Notebook to experiement and play around with this novel attack technique, learn and experiment.
The examples reach from simple prompt engineering scenarios, such as changing the output message to a specific text, to more complex adversarial prompt challenges such as JSON object injection, HTML injection/XSS, overwriting mail recipients or orders of an OrderBot and also data exfiltration.
管窥网络安全的未来技术形态
1 year 10 months ago
网络安全人员应该保持对新技术和趋势的关注,并不断提升他们的技能和能力,以便更好地适应这个不断变化的网络安全环境。
域渗透-How2UseLdap
1 year 10 months ago
前言在域环境中Ldap属于比较基础,且重要的知识点,通过了解Ldap的相关内容,可以快速的判断域内的环境。以
[推荐]急!!!2023-国hvv招聘
1 year 10 months ago
[推荐]急!!!2023-国hvv招聘
Episode 004 - Jeremy MountainJohnson
1 year 10 months ago
As the threat landscape continues to evolve, the integration of automation into network security has become an increasingly critical need for organizations to improve the performance of their security tools.
Join host Peter Manev and guest Jeremy MountainJohnson, a Security Analyst serving on the board for the Minnesota Chapter of High Technology Crime Investigation Association, as they explore the latest advancements in cybersecurity automation and discuss the areas for improvements.
Find Jeremy:
Linkedin: https://www.linkedin.com/in/mountainjohnson/
Today?s Evolving Cloud Strategies Are Embracing Distributed Computing
1 year 10 months ago
Liam Eagle
The Race to Patch: Attackers Leverage Sample Exploit Code in WordPress Plug-in
1 year 10 months ago
Ryan Barnett
简单的源码免杀
1 year 10 months ago
YangHao
Akamai?s Perspective on May?s Patch Tuesday 2023
1 year 10 months ago
Akamai Security Intelligence Group
使用tor来绕过IP被封 - 利好爆破、扫描
1 year 10 months ago
绕过IP限制
从RSAC2023看安全运营的技术发展趋势
1 year 10 months ago
透过RSAC2023一窥安全运营未来发展方向
Announcing the GreyNoise Ambassador Program: Empowering Community Members to Make a Difference
1 year 10 months ago
GreyNoise is built on a strong foundation of mutual respect from our community. With that in mind we wanted to recognize community members that go above and beyond, so we created the GreyNoise Ambassador Program.
终端安全隐私需求投资逻辑
1 year 10 months ago
很久不写,随便写写
Why more transparency around cyber attacks is a good thing for everyone
1 year 10 months ago
Eleanor Fairford, Deputy Director of Incident Management at the NCSC, and Mihaela Jembei, Director of Regulatory Cyber at the Information Commissioner’s Office (ICO), reflect on why it’s so concerning when cyber attacks go unreported – and look at some of the misconceptions about how organisations respond to them.
Video: Prompt Injections - An Introduction
1 year 10 months ago
There are many prompt engineering classes and currently pretty much all examples are vulnerable to Prompt Injections. Especially Indirect Prompt Injections are dangerous as we discussed before.
Indirect Prompt Injections allow untrusted data to take control of the LLM (large language model) and give an AI a new instructions, mission and objective.
Bypassing Input Validation Attack payloads are natural language. This means there are lots of creative ways an adversary can inject malicious data that bypass input filters and web application firewalls.
From One Vulnerability to Another: Outlook Patch Analysis Reveals Important Flaw in Windows API
1 year 10 months ago
Ben Barnea
NIST Revises SP 800-171 Guidelines for Protecting Sensitive Information
1 year 10 months ago
Draft Revision 3 aligns the publication’s language with NIST’s 800-53 catalog of cybersecurity safeguards.
Sarah Henderson
NIST/JILA Physicist Ana Maria Rey Elected to National Academy of Sciences
1 year 10 months ago
As a theoretical physicist, Ana Maria Rey studies atomic, molecular and optical physics, condensed matter physics and quantum information science.
Sarah Henderson