CSOP 2025 | 走进蔚来汽车,探讨“AI+安全运营”新实战
当前环境异常,请完成验证后继续访问。
Aggregator
Заплатить налог государству или выкуп хакерам — что вы выберете, чтобы избежать 10-минутного бэкапа?
1 month 1 week ago
Одно «да» хакерам превращает тысячи компаний в новых жертв.
Infosec products of the month: August 2025
1 month 1 week ago
Here’s a look at the most interesting products from the past month, featuring releases from: Black Kite, Brivo, Cloudflare, Descope, Doppel, Druva, Elastic, ExtraHop, LastPass, Prove, Riverbed, Rubrik, StackHawk, and Trellix. StackHawk empowers security teams to expand their API testing coverage StackHawk releaseed LLM-Driven OpenAPI Specifications, a powerful new capability that creates API documentation directly from source code. With this new capability, StackHawk analyzes source code repositories, extracts API details using homegrown LLMs, and produces … More →
The post Infosec products of the month: August 2025 appeared first on Help Net Security.
Sinisa Markovic
新型AI攻击借助图像植入恶意提示词窃取用户数据
1 month 1 week ago
近日,一种新型攻击手段开始出现,其通过在人工智能系统处理的图像中植入恶意提示词,再将图像传输至大型语言模型,从而窃取用户数据。
该方法借助高分辨率图像实现,这些图像所承载的指令对人眼而言是不可见的,但当通过重采样算法降低图像质量时,指令便会显现出来。
攻击的运作方式
当用户将图像上传至人工智能系统时,为兼顾性能与成本效益,系统会自动将图像降采样至更低质量。
依据系统的不同,图像重采样算法可能会采用最近邻插值、双线性插值或双三次插值的方式来减小图像体积。若原始图像是为此目的专门设计的,那么所有这些方法都会产生混叠伪像,进而使隐藏图案在降采样后的图像上显现。
在Trail of Bits公司的案例中,当使用双三次降采样对恶意图像进行处理时,图像中特定的深色区域会变为红色,隐藏的黑色文本也随之显现。
在缩小的图像上显示隐藏信息的示例
人工智能模型会将这些文本视作用户指令的一部分,并自动将其与合法输入相结合。 从用户的角度来看,一切似乎都正常,但实际上,模型已执行了隐藏指令,这可能会导致数据泄露或引发其他危险行为。
在一个涉及Gemini CLI的案例中,研究人员借助Zapier MCP,在“trust=True”的设置下,无需用户确认即可批准工具调用,进而成功将谷歌日历数据泄露至任意邮箱地址。
Trail of Bits公司解释称,需根据每个人工智能模型处理图像时所使用的降采样算法,对该攻击手段进行相应调整。不过,研究人员已证实,他们的方法对以下人工智能系统有效:
·谷歌Gemini CLI
·Vertex AI Studio(采用Gemini后端)
·Gemini的网页界面
·通过llm CLI访问的Gemini API
·安卓手机上的谷歌助手
·Genspark
由于这种攻击向量分布广泛,其影响范围可能远不止于已测试的工具。此外,为了证明他们的发现,研究人员还开发并发布了Anamorpher(目前处于测试阶段)——这是一款开源工具,能够针对上述每种降采样方法生成相应图像。
缓解与防御措施
Trail of Bits公司的研究人员建议,人工智能系统在用户上传图像时应实施尺寸限制。若必须进行降采样,应向用户提供传输给大型语言模型的图像结果预览。
他们还认为,对于敏感的工具调用,应获取用户的明确确认,尤其是在检测到图像中包含文本时。
研究人员表示:“最有效的防御措施是实施安全的设计模式和系统性防御手段,以缓解包括多模态提示词注入在内的各类具有影响的提示词注入攻击。” 他们还引用了6月发表的一篇关于构建能够抵御提示词注入攻击的大型语言模型设计模式的论文。
胡金鱼
新型AI攻击借助图像植入恶意提示词窃取用户数据
1 month 1 week ago
一种新型AI攻击通过在高分辨率图像中植入不可见的恶意提示词窃取用户数据。当图像被降采样处理时,隐藏指令显现并被执行。该方法影响多个AI系统,并已开发工具生成恶意图像。研究人员建议限制图像尺寸、预览结果并获取用户确认以防御此类攻击。
CVE-2020-14703 | Oracle VM VirtualBox up to 5.2.43/6.0.23/6.1.11 Core information disclosure (Nessus ID 257985)
1 month 1 week ago
A vulnerability categorized as critical has been discovered in Oracle VM VirtualBox up to 5.2.43/6.0.23/6.1.11. This vulnerability affects unknown code of the component Core. The manipulation results in information disclosure.
This vulnerability is reported as CVE-2020-14703. The attack requires a local approach. No exploit exists.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2020-26880 | Sympa up to 6.2.57b.2 Configuration File privileges management (Nessus ID 257990)
1 month 1 week ago
A vulnerability labeled as critical has been found in Sympa up to 6.2.57b.2. Affected by this vulnerability is an unknown functionality of the component Configuration File Handler. Executing manipulation can lead to improper privilege management.
This vulnerability is tracked as CVE-2020-26880. The attack is restricted to local execution. No exploit exists.
vuldb.com
CVE-2021-33453 | lrzip 0.641 stream.c ucompthread use after free (Issue 199 / Nessus ID 257991)
1 month 1 week ago
A vulnerability was found in lrzip 0.641. It has been classified as critical. Affected by this issue is the function ucompthread of the file stream.c. This manipulation causes use after free.
This vulnerability appears as CVE-2021-33453. The attacker needs to be present on the local network. There is no available exploit.
vuldb.com
CVE-2023-41633 | Catdoc 0.95 src/fileutil.c xls2csv null pointer dereference (Nessus ID 257987)
1 month 1 week ago
A vulnerability was found in Catdoc 0.95. It has been classified as problematic. The affected element is the function xls2csv of the file src/fileutil.c. The manipulation leads to null pointer dereference.
This vulnerability is uniquely identified as CVE-2023-41633. The attack can only be initiated within the local network. No exploit exists.
vuldb.com
CVE-2002-2251 | Marcos Luiz Onisto Lib CGI 0.1 libcgi.h changevalue memory corruption (EDB-22049 / ID 10918)
1 month 1 week ago
A vulnerability described as critical has been identified in Marcos Luiz Onisto Lib CGI 0.1. This issue affects the function changevalue in the library libcgi.h. Such manipulation leads to memory corruption.
This vulnerability is uniquely identified as CVE-2002-2251. The attack can be launched remotely. Moreover, an exploit is present.
vuldb.com
CVE-2002-2255 | phpBB 2.0.3 search.php search_username cross site scripting (EDB-22065 / ID 10923)
1 month 1 week ago
A vulnerability, which was classified as problematic, was found in phpBB 2.0.3. This affects an unknown function of the file search.php. The manipulation of the argument search_username results in cross site scripting.
This vulnerability is identified as CVE-2002-2255. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com
CVE-2002-2261 | Sendmail up to 8.12.6 Hostname check_relay access control (Nessus ID 43132 / ID 116754)
1 month 1 week ago
A vulnerability categorized as critical has been discovered in Sendmail. This vulnerability affects the function check_relay of the component Hostname Handler. The manipulation results in improper access controls.
This vulnerability is reported as CVE-2002-2261. The attack can be launched remotely. No exploit exists.
It is best practice to apply a patch to resolve this issue.
vuldb.com
CVE-2002-2269 | Netdave Webster Http Server URL path traversal (ID 86433 / XFDB-10728)
1 month 1 week ago
A vulnerability, which was classified as critical, was found in Netdave Webster Http Server. Affected by this vulnerability is an unknown functionality of the component URL Handler. Such manipulation leads to path traversal.
This vulnerability is referenced as CVE-2002-2269. It is possible to launch the attack remotely. No exploit is available.
vuldb.com
PiCar – A DIY Car Radio Head Unit made from a Raspberry Pi and RTL-SDR
1 month 1 week ago
PiCar是一款基于Raspberry Pi和RTL-SDR的自制车载收音机项目,支持AM/FM广播、GPS导航、CAN总线监控及iPhone音乐流媒体播放等功能。开发者Vinnie Moscaritolo通过9篇博客详细介绍了该项目的设计与实现。
JVN: 三菱電機製MELSEC iQ-F CPUユニットにおける複数の脆弱性
1 month 1 week ago
三菱電機株式会社が提供するMELSEC iQ-F CPUユニットには、複数の脆弱性が存在します。
Threat Actors Breach High Value Targets like Google in Salesforce Attacks – What Organizations Need to Know
1 month 1 week ago
The escalation of sophisticated cyberattacks targeting Salesforce environments has emerged as one of the most concerning trends in enterprise cybersecurity. As organizations increasingly rely on customer relationship management (CRM) platforms to store their most sensitive business data, threat actors have recognized the immense value these systems represent. Recent intelligence indicates that attackers are successfully compromising […]
The post Threat Actors Breach High Value Targets like Google in Salesforce Attacks – What Organizations Need to Know appeared first on Cyber Security News.
Guru Baran
门票 145 块还要爬 900 级台阶,赛里木湖值不值?
1 month 1 week ago
赛里木湖以独特的蓝色闻名,自驾游环湖90公里需145元门票。顺时针路线更佳,松树头有900级台阶可爬。景点包括灵虾湾、月亮湾和天鹅聚集地克勒涌珠。果子沟大桥日落迷人。租车建议伊宁机场取还车,并注意天气变化大需带冲锋衣。
Эйнштейн vs. Вселенная — 1:0. Чёрные дыры снова сыграли на его стороне
1 month 1 week ago
В теории безволосости всё стабильно. Или нет?..
JVN: 複数のiND製品における複数の脆弱性
1 month 1 week ago
株式会社iNDが提供する複数の製品には、複数の脆弱性が存在します。
苹果向开发者推出Xcode 26新测试版 新增支持GPT-5和内置Claude集成
1 month 1 week ago
苹果推出Xcode 26 Beta 7版本,新增对GPT-5模型和Claude AI的集成支持,方便开发者快速生成代码。