all InfoSec news
Google Gemini: Planting Instructions For Delayed Automatic Tool Invocation
Feb. 23, 2024, 6 a.m. |
Embrace The Red embracethered.com
Confused Deputy - Automatic Tool Invocation First, what do I mean by this… “automatic tool invocation”…
Consider the following scenario: An attacker sends a malicious email to a user containing instructions to call an external tool. Google named these tools Extensions.
When the user analyzes the email with an LLM, it interprets the instructions and …
attacker automatic bard called email gemini google google bard google gemini malicious november scenario testing tool vulnerabilities
More from embracethered.com / Embrace The Red
Bobby Tables but with LLM Apps - Google NotebookML Data Exfiltration
1 week, 6 days ago |
embracethered.com
ASCII Smuggler - Improvements
1 month, 3 weeks ago |
embracethered.com
ChatGPT: Lack of Isolation between Code Interpreter sessions of GPTs
2 months, 2 weeks ago |
embracethered.com
Video: ASCII Smuggling and Hidden Prompt Instructions
2 months, 2 weeks ago |
embracethered.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Lead Technical Product Manager - Threat Protection
@ Mastercard | Remote - United Kingdom
Data Privacy Officer
@ Banco Popular | San Juan, PR
GRC Security Program Manager
@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City
Cyber Security Engineer
@ ASSYSTEM | Warrington, United Kingdom
Privacy Engineer, Technical Audit
@ Meta | Menlo Park, CA