Aggregator
The Race to Patch: Attackers Leverage Sample Exploit Code in WordPress Plug-in
1 year 6 months ago
Ryan Barnett
简单的源码免杀
1 year 6 months ago
YangHao
Akamai?s Perspective on May?s Patch Tuesday 2023
1 year 6 months ago
Akamai Security Intelligence Group
使用tor来绕过IP被封 - 利好爆破、扫描
1 year 6 months ago
绕过IP限制
从RSAC2023看安全运营的技术发展趋势
1 year 6 months ago
透过RSAC2023一窥安全运营未来发展方向
Announcing the GreyNoise Ambassador Program: Empowering Community Members to Make a Difference
1 year 6 months ago
GreyNoise is built on a strong foundation of mutual respect from our community. With that in mind we wanted to recognize community members that go above and beyond, so we created the GreyNoise Ambassador Program.
终端安全隐私需求投资逻辑
1 year 6 months ago
很久不写,随便写写
Why more transparency around cyber attacks is a good thing for everyone
1 year 6 months ago
Eleanor Fairford, Deputy Director of Incident Management at the NCSC, and Mihaela Jembei, Director of Regulatory Cyber at the Information Commissioner’s Office (ICO), reflect on why it’s so concerning when cyber attacks go unreported – and look at some of the misconceptions about how organisations respond to them.
Video: Prompt Injections - An Introduction
1 year 6 months ago
There are many prompt engineering classes and currently pretty much all examples are vulnerable to Prompt Injections. Especially Indirect Prompt Injections are dangerous as we discussed before.
Indirect Prompt Injections allow untrusted data to take control of the LLM (large language model) and give an AI a new instructions, mission and objective.
Bypassing Input Validation Attack payloads are natural language. This means there are lots of creative ways an adversary can inject malicious data that bypass input filters and web application firewalls.
From One Vulnerability to Another: Outlook Patch Analysis Reveals Important Flaw in Windows API
1 year 6 months ago
Ben Barnea
大型语言模型(LLM)的红队测试
1 year 6 months ago
大语言模型(LLM)红队测试的专业指引...
安全、ChatGPT、灌水
1 year 6 months ago
GPT的出现实在让人大受震撼。
看上去不起眼的微信机器人以及公众号爬虫
1 year 6 months ago
互联网发展零零散散都要20多年了,技术发展的重心也一直在演变。今天这篇文章很特别,起因是最近有一些关于微信机器人以及公众号爬虫的需求,本以为这种老透了需求其实现在根本不需要花什么时间精力去搞,结果没想到这个东西在过去的十几年里经过了很多次变化,于是决定记录下这篇文章,一方面是留个技术存档,另一方面也是想看看10年之前的技术相比现在和10年之后发生过又或者会发生什么的变化?
LoRexxar
从Gartner2022年魔力象限看SIEM未来发展
1 year 6 months ago
透过Garnter魔力象限一窥SIEM的未来技术发展趋势
Internet Noise Search School with the GreyNoise Product Team - Searching for Words
1 year 6 months ago
See how users search our data with the GreyNoise Query Language (GNQL) and learn tip and tricks to improve your searching skills.
ZoomEyeGPT:ChatGPT Prompt编程实践
1 year 6 months ago
「Prompt也是可编程的 --黑哥尔」既然ChatGPT火了后就诞生了“提示工程师”,所以Prompt本身
陆奇"新范式 新时代 新机会"演讲观后小记
1 year 6 months ago
按个人理解重新整理一下内容逻辑
从云上攻防态势分析展望云服务安全架构设计框架发展
1 year 6 months ago
本文主要是记录笔者基于近期对云上攻防态势的分析思考和展望云服务安全架构设计框架的未来发展趋势。
十大开源攻击模拟(BAS)工具
1 year 6 months ago