Aggregator

Adversarial Prompting: Tutorial and Lab

1 year 9 months ago

To learn more about Prompt Engineering and Prompt Injections I put together this tutorial + lab for myself. It is as a Jupyter Notebook to experiement and play around with this novel attack technique, learn and experiment. The examples reach from simple prompt engineering scenarios, such as changing the output message to a specific text, to more complex adversarial prompt challenges such as JSON object injection, HTML injection/XSS, overwriting mail recipients or orders of an OrderBot and also data exfiltration.

管窥网络安全的未来技术形态

qz安全情报分析

1 year 9 months ago

网络安全人员应该保持对新技术和趋势的关注，并不断提升他们的技能和能力，以便更好地适应这个不断变化的网络安全环境。

域渗透-How2UseLdap

7bits安全团队

1 year 9 months ago

前言在域环境中Ldap属于比较基础，且重要的知识点，通过了解Ldap的相关内容，可以快速的判断域内的环境。以

[推荐]急！！！2023-国hvv招聘

漏洞推送

1 year 9 months ago

[推荐]急！！！2023-国hvv招聘

Episode 004 - Jeremy MountainJohnson

The Blue Team Diaries

1 year 9 months ago

As the threat landscape continues to evolve, the integration of automation into network security has become an increasingly critical need for organizations to improve the performance of their security tools.

Join host Peter Manev and guest Jeremy MountainJohnson, a Security Analyst serving on the board for the Minnesota Chapter of High Technology Crime Investigation Association, as they explore the latest advancements in cybersecurity automation and discuss the areas for improvements.

Find Jeremy:
Linkedin: https://www.linkedin.com/in/mountainjohnson/

Today?s Evolving Cloud Strategies Are Embracing Distributed Computing

The Akamai Blog

1 year 9 months ago

Liam Eagle

The Race to Patch: Attackers Leverage Sample Exploit Code in WordPress Plug-in

The Akamai Blog

1 year 9 months ago

Ryan Barnett

简单的源码免杀

yanghaoi's blog

1 year 9 months ago

YangHao

Akamai?s Perspective on May?s Patch Tuesday 2023

The Akamai Blog

1 year 9 months ago

Akamai Security Intelligence Group

使用tor来绕过IP被封 - 利好爆破、扫描

关注安全技术

1 year 9 months ago

绕过IP限制

从RSAC2023看安全运营的技术发展趋势

专注安管平台

1 year 9 months ago

透过RSAC2023一窥安全运营未来发展方向

Announcing the GreyNoise Ambassador Program: Empowering Community Members to Make a Difference

Grey Noise

1 year 9 months ago

GreyNoise is built on a strong foundation of mutual respect from our community. With that in mind we wanted to recognize community members that go above and beyond, so we created the GreyNoise Ambassador Program.

终端安全隐私需求投资逻辑

小迪随笔

1 year 9 months ago

很久不写，随便写写

Why more transparency around cyber attacks is a good thing for everyone

NCSC Feed

1 year 9 months ago

Eleanor Fairford, Deputy Director of Incident Management at the NCSC, and Mihaela Jembei, Director of Regulatory Cyber at the Information Commissioner’s Office (ICO), reflect on why it’s so concerning when cyber attacks go unreported – and look at some of the misconceptions about how organisations respond to them.

Video: Prompt Injections - An Introduction

Embrace The Red

1 year 9 months ago

There are many prompt engineering classes and currently pretty much all examples are vulnerable to Prompt Injections. Especially Indirect Prompt Injections are dangerous as we discussed before. Indirect Prompt Injections allow untrusted data to take control of the LLM (large language model) and give an AI a new instructions, mission and objective. Bypassing Input Validation Attack payloads are natural language. This means there are lots of creative ways an adversary can inject malicious data that bypass input filters and web application firewalls.