all InfoSec news
Technical Advisory – Ollama DNS Rebinding Attack (CVE-2024-28224)
April 8, 2024, 5 p.m. | Gérald Doussot
NCC Group Research Blog research.nccgroup.com
NCC Group identified a DNS rebinding vulnerability in Ollama that permits attackers to access its API without authorization, and perform various malicious activities, such as exfiltrating sensitive file data from vulnerable systems.
access advisory api attack attackers authorization cve cve-2024 data dns file language language models large llms malicious ncc ncc group research running sensitive system systems technical technical advisories technical advisory vulnerability vulnerable
More from research.nccgroup.com / NCC Group Research Blog
Non-Deterministic Nature of Prompt Injection
2 weeks, 4 days ago |
research.nccgroup.com
LTair: The LTE Air Interface Tool
1 month, 2 weeks ago |
research.nccgroup.com
The Development of a Telco Attack Testing Tool
1 month, 2 weeks ago |
research.nccgroup.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Threat Analysis Engineer
@ Gen | IND - Tamil Nadu, Chennai
Head of Security
@ Hippocratic AI | Palo Alto
IT Security Vulnerability Management Specialist (15.10)
@ OCT Consulting, LLC | Washington, District of Columbia, United States
Security Engineer - Netskope/Proofpoint
@ Sainsbury's | Coventry, West Midlands, United Kingdom
Journeyman Cybersecurity Analyst
@ ISYS Technologies | Kirtland AFB, NM, United States