The latest GenAI jailbreak technique tricks chatbots into returning restricted content by blending different prompt topics together.
| LATEST SECURITY NEWS & COMMENTARY | AI Chatbots Ditch Guardrails After 'Deceptive Delight' Cocktail The latest GenAI jailbreak technique tricks chatbots into returning restricted content by blending different prompt topics together. Recurring Windows Flaw Could Expose User Credentials Now a zero-day, the vulnerability enables NTLM hash theft, an issue that Microsoft has already fixed twice before. 'Midnight Blizzard' Targets Networks With Signed RDP Files The Russian-backed group is using a novel access vector to harvest victim data and compromise devices in a large-scale intelligence-gathering operation. SEC Fines Companies Millions for Downplaying SolarWinds Breach Four companies — Avaya, Check Point, Mimecast, and Unisys — have been charged by the SEC for misleading disclosures in the aftermath of the 2020 SolarWinds compromise. Critical Bug Exploited in Fortinet's Management Console An attacker compromised one of Fortinet's most sensitive products and mopped up all kinds of reconnaissance data helpful for future mass device attacks. Windows 'Downdate' Attack Reverts Patched PCs to a Vulnerable State Windows 11 machines remain open to downgrade attacks, where attackers can abuse the Windows Update process to revive a patched driver signature enforcement (DSE) bypass. Why Cybersecurity Acumen Matters in the C-Suite Until CEOs and boards prioritize learning more about mitigating threats, organizations are leaving themselves and their businesses open to the potential for disaster. Put End-of-Life Software to Rest Relying on EOL software leaves critical systems exposed — making it a problem no business can afford to ignore. How to Find the Right CISO Great CISOs are in short supply, so choose wisely. Here are five ways to make sure you've made the right pick. MORE NEWS / MORE COMMENTARY | | | | HOT TOPICS | When Cybersecurity Tools Backfire Outages are inevitable. Our focus should be on minimizing their scope, addressing underlying causes, and understanding that protecting systems is about keeping bad actors out while maintaining stability and reliability. My Journey From the Air Force to Cybersecurity Cybersecurity is mission-driven, meaningful work that coincides with the service branches' goals to protect, defend, and create a safer world. Name That Toon: The Big Jump Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. MORE |
| | PRODUCTS & RELEASES | Casap Secures $8.5M in Funding Jake Williams Joins Hunter Strategy As VP of RND & Managing Director of Hunter Labs Norton Report Reveals Nearly Half of US Consumers Were Targeted by a Scam While Online Shopping Business Email Compromise (BEC) Impersonation: The Weapon of Choice of Cybercriminals American Water Under Investigation for Cyberattack Potentially Affecting 14M Customers Grip Security Releases 2025 SaaS Security Risks Report 15 Leading Technology and Service Providers Achieve SASE Certification MORE PRODUCTS & RELEASES |
| EDITORS' CHOICE | Mozilla: ChatGPT Can Be Manipulated Using Hex Code LLMs tend to miss the forest for the trees, understanding specific instructions but not their broader context. Bad actors can take advantage of this myopia to get them to do malicious things, with a new prompt-injection technique. LATEST FROM THE EDGE Regulators Combat Deepfakes With Anti-Fraud Rules Despite the absence of laws specifically covering AI-based attacks, regulators can use existing rules around fraud and deceptive business practices. LATEST FROM DR TECHNOLOGY Sophos-SecureWorks Deal Focuses on Building Advanced MDR, XDR Platform Sophos CEO Joe Levy says the $859 million deal to acquire SecureWorks from majority owner Dell Technologies will put the Taegis platform — with network detection and response, vulnerability detection and response, and identity threat detection and response capabilities — at the core. LATEST FROM DR GLOBAL China's 'Evasive Panda' APT Debuts High-End Cloud Hijacking A professional-grade tool set, appropriately dubbed "CloudScout," is infiltrating cloud apps like Microsoft Outlook and Google Drive, targeting sensitive info for exfiltration. | |
| | | | |
|
Dark Reading Weekly -- Published By Dark Reading Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| To opt-out of any future Dark Reading Weekly Newsletter emails, please respond here. | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | We take your privacy very seriously. Please review our Privacy Statement. |
|
|