🤖 Sinon: A tool by James Brine that automates the setup of Windows-based deception hosts, using GPT-4 to generate content (files, emails, etc.) And a config file that supports various actions to emulate user behavior: - Installing applications - Browsing websites - Ceating and modifying files - Downloading decoy files - Simulating user interaction - Creating lures and more! https://lnkd.in/ge8yrH9M #cybersecurity #security #ai #blueteam
Clint Gibler’s Post
More Relevant Posts
-
Google open sources file-identifying Magika AI for malware hunters and others Cool, but it's 2024 – needs more hype, hand wringing, and flashy staged demos to be proper ML
To view or add a comment, sign in
-
❗Last month cybersecurity researchers at JFrog discovered a high-severity flaw in the Vanna.AI library (CVE-2024-5565) that allowed hackers to exploit the "ask" function via prompt injection, enabling remote execution of harmful commands. This flaw lets attackers manipulate inputs to run arbitrary code instead of generating safe SQL queries. One of OWASP’s top 10 security vulnerabilities for LLMs is prompt injection, where users can maliciously or inadvertently cause LLMs to return sensitive data or access. Some recommended solutions for organizations looking to secure their AI usage and prevent prompt injection: 1). Enforce privilege control on LLM access. 2). Provide the LLM with its own API tokens for functionality like plugins and data access. 3). Develop guardrails around the usage of AI applications and LLMs. #GenAI #LLM #AIInnovation #EnterpriseAI #DeveloperProductivity #CustomerExperience #Security
To view or add a comment, sign in
-
Creating images with #Opensource #AI is super cool, but it can be dangerous if not done right. 🖼️🤖 A recent #article (https://lnkd.in/dDRTPpYc ) on @vpnMentor highlights the risks associated with using Opensource AI tools like #ComfyUI. A malicious custom node was introduced into the system, potentially compromising user data and security. This incident serves as a crucial reminder to always use trusted sources and keep our security protocols up to date. Stay safe and enjoy the creative power of AI responsibly! #AI #CyberSecurity #ImageCreation #TechSafety #ArtificialIntelligence #DataProtection #AIArt #DigitalSecurity
ComfyUI Users Targeted by Malicious Custom Node
vpnmentor.com
To view or add a comment, sign in
-
Today with codees we are talking about: Google Bug Bounty Program. Google has expanded its vulnerability rewards program (VRP) to include attack scenarios specific to generative AI. In an announcement shared with TechCrunch ahead of publication, Google said: “We believe expanding the VRP will incentivize research around AI safety and security and bring potential issues to light that will ultimately make AI safer for everyone,” Google’s vulnerability rewards program (or bug bounty) pays ethical hackers for finding and responsibly disclosing security flaws. #Codees #IT #technology #news #google #NewsUpdate #bugbounty
To view or add a comment, sign in
-
-
OWASP Top 10 LLM security concerns! They’ve added to their application Top 10 list with Gen AI concerns. How well placed are you to cover these? https://lnkd.in/gMnGVGSM
To view or add a comment, sign in
-
-
Detecting file types helps identify malicious files disguised with false extensions, such as a .jpg that is actually malware. Magika, Google’s AI-powered file type detection tool, uses deep learning for precise detection. In the following code, files have misleading extensions, but Magika still accurately detects their correct types. 🚀 Link to Magika: https://bit.ly/45tdw5O
To view or add a comment, sign in
-
-
Network Professional | SOC Analysist, Network Security, System Administrator| Ask me about Sandboxing, Cisco Networking and Endpoint Security
CTF Tools CTF Field Guide - Everything you need to win your next CTF competition. 🔗https://lnkd.in/drn3pFdS Ciphey - Automated decryption tool using artificial intelligence and natural language processing. 🔗https://lnkd.in/dh7AuwSx RsaCtfTool - Decrypt data enciphered using weak RSA keys, and recover private keys from public keys using a variety of automated attacks. 🔗https://lnkd.in/dNtg-tv2 ctf-tools - Collection of setup scripts to install various security research tools easily and quickly deployable to new machines. 🔗https://lnkd.in/d5a6gVXM - Easily generate sophisticated reverse or bind shell commands to help you save time during penetration tests. 🔗https://lnkd.in/d4AZUgF5 #infosec #cybersecurity #hacking #pentesting #security
To view or add a comment, sign in
-
There’s no reason to panic over WormGPT: As tools for building AI systems, particularly large language models (LLMs), get easier and cheaper, some are using them for unsavory purposes, like generating malicious code or phishing campaigns. But the threat of AI-accelerated hackers isn’t quite as dire as some headlines would suggest. The dark web creators of LLMs like “WormGPT” and “FraudGPT” advertise […] http://dev.dlvr.it/2dX0KY
To view or add a comment, sign in
-
-
Google open sources file-identifying Magika AI model
theregister.com
To view or add a comment, sign in
-
Cyber Security Researcher | AI & Machine Learning Expert | Top 1% TryHackMe | SOC Analyst & Ethical Hacker
🌟 New Development: I am happy to introduce my AI malicious mail detection software! 😊 👨💻 About the Software: This software effectively detects malicious emails using artificial intelligence technologies. It analyzes email texts in depth, quickly identifies potential threats and sends instant alerts to users. #CyberSecurity #AI #EmailSecurity #ArtificialIntelligence #DigitalSafety #InfoSec #Phising #Email #Malicious #ThreatDetection #SecureEmail #CyberAttack #DataProtection #CyberDefense
To view or add a comment, sign in
-
Director - Cyber Threat Intelligence, R&D and DevSecOps | Cyber Solutions by Thales
2wThanks for the share Clint