In Part 2, weβre diving headfirst into one of the most critical attack surfaces in the LLM ecosystem - Prompt Injection: The AI version of talking your way past the bouncer.
The post Getting Started with AI Hacking Part 2: Prompt Injection appeared first on Black Hills Information Security, Inc..
Tim Fowler // Do you know what could be lurking in your Windows event logs? In May of 2022, I was sent a Threat Post article about a new technique [β¦]
The post Windows Event Logs for Red Teams appeared first on Black Hills Information Security, Inc..
Marcello Salvati// During Red Team and penetration tests, itβs always important and valuable to test assumptions. One major assumption I hear from Pentesters, Red teamers and clients alike is that [β¦]
The post Having Fun with ActiveX Controls in Microsoft Word appeared first on Black Hills Information Security, Inc..
Beau Bullock & Michael Felch // Source:Β https://chrome.google.com/webstore/detail/google-calendar-by-google/gmbgaklkmjakoegficnlkhebmhkjfich Overview Google Calendar is one of the many features provided to those who sign up for a Google account along with other popular [β¦]
The post Google Calendar Event Injection with MailSniper appeared first on Black Hills Information Security, Inc..
Carrie Roberts // OS Command Injection is fun. I recently found this vulnerability on a web application I was testing (thanks to Burp Suite scanner). I was excited because I [β¦]
The post OS Command Injection; The Pain, The Gain appeared first on Black Hills Information Security, Inc..
Login