LLMs tend to miss the forest for the trees, understanding specific instructions but not their broader context. Bad actors can take advantage of this myopia to get them to do malicious things, with a new prompt-injection technique.
Follow Dark Reading:
 October 29, 2024
LATEST SECURITY NEWS & COMMENTARY
Mozilla: ChatGPT Can Be Manipulated Using Hex Code
LLMs tend to miss the forest for the trees, understanding specific instructions but not their broader context. Bad actors can take advantage of this myopia to get them to do malicious things, with a new prompt-injection technique.
Windows 'Downdate' Attack Reverts Patched PCs to a Vulnerable State
Windows 11 machines remain open to downgrade attacks, where attackers can abuse the Windows Update process to revive a patched driver signature enforcement (DSE) bypass.
Delta Launches $500M Lawsuit Against CrowdStrike
Delta argues that it lost hundreds of million of dollars in downtime and other costs in the aftermath of the incident, while CrowdStrike says it isn't liable for more than $10 million.
China's Elite Cyber Corps Hone Skills on Virtual Battlefields
The nation leads in the number of capture-the-flag tournaments sponsored by government and industry — a strategy from which Western nations could learn.
Russia Kneecaps Ukraine Army Recruitment With Spoofed 'Civil Defense' App
Posing as an application used to locate Ukrainian military recruiters, a Kremlin-backed hacking initiative delivers malware, along with disinformation designed to undermine sign-ups for soldiers in the war against Russia.
Put End-of-Life Software to Rest
Relying on EOL software leaves critical systems exposed — making it a problem no business can afford to ignore.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
My Journey From the Air Force to Cybersecurity
Cybersecurity is mission-driven, meaningful work that coincides with the service branches' goals to protect, defend, and create a safer world.

AWS's Predictable Bucket Names Make Accounts Easier to Crack
Amazon's open source Cloud Development Kit generates dangerously predictable naming patterns that could lead to an account takeover.

Critical Bug Exploited in Fortinet's Management Console
An attacker compromised one of Fortinet's most sensitive products and mopped up all kinds of reconnaissance data helpful for future mass device attacks.

Why Cybersecurity Acumen Matters in the C-Suite
Until CEOs and boards prioritize learning more about mitigating threats, organizations are leaving themselves and their businesses open to the potential for disaster.

MORE
PRODUCTS & RELEASES
Grip Security Releases 2025 SaaS Security Risks Report
Jake Williams Joins Hunter Strategy As VP of RND & Managing Director of Hunter Labs
American Water Under Investigation for Cyberattack Potentially Affecting 14M Customers
MORE PRODUCTS & RELEASES
EDITORS' CHOICE
SEC Fines Companies Millions for Downplaying SolarWinds Breach
Four companies — Avaya, Check Point, Mimecast, and Unisys — have been charged by the SEC for misleading disclosures in the aftermath of the 2020 SolarWinds compromise.
LATEST FROM THE EDGE

'Shift Left' Gets Pushback, Triggers Security Soul Searching
A government report's criticism of the 100x metric often used to justify fixing software earlier in development fuels a growing debate over pushing responsibility for secure code onto developers.
LATEST FROM DR TECHNOLOGY

Open Source LLM Tool Sniffs Out Python Zero-Days
Vulnhuntr is a Python static code analyzer that uses Claude AI to find and explain complex, multistep vulnerabilities.
LATEST FROM DR GLOBAL

Russia-Linked Hackers Attack Japan's Govt, Ports
Russia-linked hackers have taken aim at Japan, following its ramping up of military exercises with regional allies and the increase of its defense budget.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2024  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us