Tag
Categories: News Tags: ChatGPT Tags: DAN Tags: Bing Chat Tags: Chinese Tags: large language model Tags: jailbreak Large language models like ChatGPT are now being tested by the public and, no surprise here, researchers are finding ways to jailbreak the systems (Read more...) The post Jailbreaking ChatGPT and other large language models while we can appeared first on Malwarebytes Labs.
Categories: Podcast This week on Lock and Code, we speak with Josh Saxe about artificial intelligence, machine learning, security, and where the three intersect. (Read more...) The post What is AI good at (and what the heck is it, actually), with Josh Saxe: Lock and Code S04E04 appeared first on Malwarebytes Labs.
A previously unknown threat actor has been targeting companies in the U.S. and Germany with bespoke malware designed to steal confidential information. Enterprise security company Proofpoint, which is tracking the activity cluster under the name Screentime, said the group, dubbed TA866, is likely financially motivated. "TA866 is an organized actor able to perform well thought-out attacks at
Ichiran App for iOS versions prior to 3.1.0 and Ichiran App for Android versions prior to 3.1.0 improperly verify server certificates, which may allow a remote unauthenticated attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack.
Keep your movements private.
DataHub is an open-source metadata platform. In the event a system is using Java Authentication and Authorization Service (JAAS) authentication and that system is given a configuration which contains an error, the authentication for the system will fail open and allow an attacker to login using any username and password. The reason for this is that while an error is thrown in the `authenticateJaasUser` method it is swallowed without propagating the error. As a result of this issue unauthenticated users may gain access to the system. Users are advised to upgrade. There are no known workarounds for this issue. This vulnerability was discovered and reported by the GitHub Security lab and is tracked as GHSL-2022-081.
A review of the FBI’s access to foreign intelligence reveals troubling misuse of powerful surveillance tech.
Valve's unpatched JavaScript engine and incomplete modification vetting process for Steam-delivered mods led to user systems being backdoored.
Your fortnightly rundown of AppSec vulnerabilities, new hacking techniques, and other cybersecurity news
Ubuntu Security Notice 5860-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.