Captain

joined 1 year ago
MODERATOR OF
ai_infosec
sorted by: new top controversial old
2
Writeup: AWS API Gateway header smuggling and cache confusion (securityblog.omegapoint.se)
 

"This allowed us to completely bypass the application’s tenant isolation and access data from any tenant in the system"

Official announcement from AWS: https://aws.amazon.com/blogs/security/removing-header-remapping-from-amazon-api-gateway-and-notes-about-our-work-with-security-researchers/

1
In Escalating Order of Stupidity (kai-greshake.de)
 

Let's deploy LLMs everywhere! What could possibly go wrong?

1
GitHub - woop/rebuff: Rebuff.ai - Prompt Injection Detector (github.com)
 

I'm not sure how much I believe in prompt firewall similar things but I applaud and welcome all efforts!

1
fwd:cloudsec live stream (www.youtube.com)
 

fwd:cloudsec is by far ny favorite cloud security conference. Day one has already passed (sessions are recorded) and day 2 is about to start.

See schedule at: https://fwdcloudsec.org/schedule.html

2
The AI Attack Surface Map v1.0 (danielmiessler.com)
2
Because of existential risk from AI, infosec is considered an important career path (80000hours.org)
1
ChatGPT Cross Plugin Request Forgery and Prompt Injection (embracethered.com)
1
Threat Modeling LLM Applications (aivillage.org)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
0 comments fedilink
1
Hijacking hallucinated package dependencies suggested by ChatGPT (vulcan.io)
1
Nvidia’s AI software tricked into leaking data (arstechnica.com)
1
Introducing Google’s Secure AI Framework (blog.google)
1
Who is behind this instance and how is it financed? (infosec.pub)
 

Hi!

I'm trying to get a better understanding of the longer term reliability of this instance. Is there any kind of about page or similar where I can read up on how it's setup, financed, managed etc?

view more: ‹ prev next ›