CYBERSECURITY / DEFENSE / INTELLIGENCE

  • Large language models (LLMs) are vulnerable to attacks, leveraging their inability to recognize prompts conveyed through ASCII art.Β 

    ASCII art is a form of visual art created using characters from the ASCII (American Standard Code for Information Interchange) character set.

    Recently, the following researchers from their respective universities proposed a new jailbreak attack, ArtPrompt, that exploits LLMs‘ poor performance in recognizing ASCII art to bypass safety measures and produce undesired behaviors:-

    • Fengqing Jiang (University of Washington)
    • Zhangchen Xu (University of Washington)
    • Luyao Niu (University of Washington)
    • Zhen Xiang (UIUC)
    • Bhaskar Ramasubramanian (Western Washington University)
    • Bo Li (University of Chicago)
    • Radha Poovendran (University of Washington)

    ArtPrompt, requiring only black-box access, is shown to be effective against five state-of-the-art LLMs (GPT-3.5, GPT-4, Gemini, Claude, and Llama2), highlighting the need for better techniques to align LLMs with safety considerations beyond just relying on semantics.

    Document

    Free Webinar : Mitigating Vulnerability & 0-day Threats

    Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities. :

    • The problem of vulnerability fatigue today
    • Difference between CVSS-specific vulnerability vs risk-based vulnerability
    • Evaluating vulnerabilities based on the business impact/risk
    • Automation to reduce alert fatigue and enhance security posture significantly

    AcuRisQ, that helps you to quantify risk accurately:

    AI Assistants and ASCII Art

    The use of big language models (like Llama2, ChatGPT, and Gemini) is on the rise across several applications, which raises serious security concerns.Β 

    There has been a great deal of work in ensuring safety alignment of LLMs but that effort has been entirely focused on semantics in training/instruction corpora. 

    However, this disregards alternative takes that go beyond semantics, such as ASCII art, where the arrangement of characters communicates meaning rather than their semantics, thus leaving these other interpretations unaccounted for by existing techniques that could be used to misuse LLMs.

    ArtPrompt (Source – Arxiv)

    The concern about the misuse and safety of further integrated large language models (LLMs) into real-world applications has been raised. 

    Multiple jailbreak attacks on LLMs have been created, taking advantage of their weaknesses using methods like gradient-based input search and genetic algorithms, as well as leveraging instruction-following behaviors.Β 

    Modern LLMs cannot recognize adequate prompts encoded in ASCII art that can represent diverse information, including rich-formatting texts.

    ArtPrompt is a novel jailbreak attack that exploits LLMs’ vulnerabilities in recognizing prompts encoded as ASCII art. It has two key insights:-

    • Substituting sensitive words with ASCII art can bypass safety measures.
    • ASCII art prompts make LLMs excessively focus on recognition, overlooking safety considerations. 

    ArtPrompt involves word masking, where sensitive words are identified, and cloaked prompt generation, where those words are replaced with ASCII art representations. 

    The cloaked prompt containing ASCII art is then sent to the victim LLM to provoke unintended behaviors.

    This attack leverages LLMs’ blindspots beyond just natural language semantics to compromise their safety alignments.

    Researchers found semantic interpretation during AI safety creates vulnerabilities.

    They made a benchmark, the Vision-in-Text Challenge (VITC), to test language models’ ability to recognize prompts needing more than just semantics. 

    Top language models struggled with this task, leading to exploitable weaknesses.

    Researchers designed ArtPrompt attacks to expose these flaws, bypassing three defenses on five language models.

    Experiments showed that ArtPrompt can trigger unsafe behaviors in ostensibly safe AI systems.

    Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us onΒ LinkedInΒ &Β Twitter.

    The post Researchers Hack AI Assistants Using ASCII Art appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • Microsoft has announced an important update for Windows users worldwide in a continuous effort to bolster security and performance.

    As part of its latest security enhancements, Microsoft is phasing out the support for 1024-bit RSA encryption keys within the Windows operating system.

    This move aims to encourage the adoption of more robust encryption standards and ensure that Windows users benefit from the highest levels of security.

    Understanding the Change

    RSA encryption keys are a fundamental component of digital security, used to secure communications and ensure the integrity of information.

    However, with advancements in computing power and cryptographic research, 1024-bit RSA keys have become increasingly vulnerable to sophisticated cyber-attacks.

    Recognizing this, Microsoft has decided to deprecate these keys in favor of more robust encryption methods.

    Document

    Free Webinar : Mitigating Vulnerability & 0-day Threats

    Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities. :

    • The problem of vulnerability fatigue today
    • Difference between CVSS-specific vulnerability vs risk-based vulnerability
    • Evaluating vulnerabilities based on the business impact/risk
    • Automation to reduce alert fatigue and enhance security posture significantly

    AcuRisQ, that helps you to quantify risk accurately:

    Impact on Windows Users

    The deprecation of 1024-bit RSA keys signifies a shift towards stronger, more secure encryption standards, such as 2048-bit RSA keys or even more advanced encryption technologies.

    Windows users, especially in enterprise environments, are advised to review their current security protocols and upgrade their encryption keys accordingly.

    This transition is crucial for maintaining the confidentiality and integrity of sensitive data.

    “This deprecation focuses on ensuring that all RSA certificates used for TLS server authentication must have key lengths greater than or equal to 2048 bits to be considered valid by Windows.” Microsoft said.

    Timeline and Next Steps

    Microsoft has outlined a phased approach to this deprecation, allowing users and organizations ample time to adjust their security practices.

    Detailed timelines and guidelines will be provided through official Windows update channels and the Microsoft Security Response Center.

    Users are encouraged to stay informed about the latest updates and to begin planning for the necessary adjustments to their security setups.

    The deprecation of 1024-bit RSA keys in Windows marks a significant step forward in Microsoft’s commitment to cybersecurity.

    By advocating for more robust encryption standards, Microsoft aims to protect users from emerging threats and ensure a secure digital environment.

    Windows users are urged to update their encryption practices proactively, thereby contributing to a safer, more secure computing experience.


    The post Microsoft Deprecate 1024-bit RSA Encryption Keys in Windows appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • A 31-year-old Moldovan national has been sentenced to 42 months in prison in the U.S. for operating an illicit marketplace called E-Root Marketplace that offered for sale hundreds of thousands of compromised credentials, the Department of Justice (DoJ) announced. Sandu Boris Diaconu was charged with conspiracy to commit access device and computer fraud and possession of 15 or more unauthorized

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • The ongoing “free wedding invite” scam is one of several innovative campaigns aimed at the senior population.

    Through social media chats like WhatsApp, fraudsters use deceptive tactics, most often involving fake wedding invitations.

    It communicates with its victims over WhatsApp and tricking them into installing an APK that finally sends user data to a C2 server that is hosted on Telegram.

    Β β€œA malicious APK pretending to be a fake wedding invite is then shared with the victim. The victims, believing the APK to contain more details about the free wedding, install the malware and end up being exploited by having their SMS data being stolen”, F-Secure, a cyber security firm shared with Cyber Security News.

    Document

    Free Webinar : Mitigating Vulnerability & 0-day Threats

    Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities. :

    • The problem of vulnerability fatigue today
    • Difference between CVSS-specific vulnerability vs risk-based vulnerability
    • Evaluating vulnerabilities based on the business impact/risk
    • Automation to reduce alert fatigue and enhance security posture significantly

    AcuRisQ, that helps you to quantify risk accurately:

    Free-Wedding Invite Scam Via WhatsApp

    The “wedding invite” scam, in which the victim receives a wedding invitation from an unidentified individual urging them to open the attached file to obtain further information about the wedding, was a scam that circulated throughout Malaysia. 

    Particularly, the “attached file” is actually an APK that infects the victim’s phone with malware.

    The malware that exists is designed to steal various types of data from users’ phones, including device, build, and SMS information.

    Original WhatsApp messages received as per a Facebook post

    While researchers analyzed AndroidManifest.xml, there were certain risky permissions in use that enabled text message sending and reading.

    Furthermore, the app does not appear in the App Launcher due to the Missing Launcher activity category. There were two broadcast recipients for the same push notification.

    Observations in AndroidManifest.xml

    β€œOnce the app is installed on the phone, it stays hidden, as deduced from the MainActivity”, researchers said.

    β€œFor spyware, the reason behind hiding is to avoid detection and carry on with its objective of stealing user data as long as possible”.

    As its C2 server, the malware makes use of a Telegram bot. Telegram bots are applications offered by the Telegram chat network.

    It is configured to deliver real-time information and automate user interactions.

    The application transfers stolen data to the Telegram bot, making it simple for a hacker to obtain information gathered on Telegram. 

    Collecting Device Information

    Following the exfiltration of this data to the Telegram bot, the malware opens a seemingly secure website, distracting and calming the victim into a false sense of security. 

    The Safe Website

    Although it seems to be a shopping website, its functionality is unrelated to the malware.

    On the compromised device, the malware intercepts incoming SMS messages.

    This may result inΒ scammers gaining access to severalΒ sensitive data, such as personally identifiable information and one-time passwords, among others.

    Such information can be misused in many ways, such as selling credentials that have been stolen or taking over banking sessions.

    As a result, individuals should use caution when communicating digitally, especially withΒ elders, as the environment of scam threat is always changing.

    Security companies must also be knowledgeable about it toΒ safeguard their clients.

    Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us onΒ LinkedInΒ &Β Twitter.

    The post Beware Of Free wedding Invite WhatsApp Scam That Steal Sensitive Data appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • The White House is pushing the Senate to pass a TikTok ban bill that swept through the House last week.

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • New orbits could open β€œpotential attack vectors” on US satellites, general says.

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • New orbits could open β€œpotential attack vectors” on US satellites, general says.

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • Thanks to AI, β€œThey can have one person cranking out a lot of material.”

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • Thanks to AI, β€œThey can have one person cranking out a lot of material.”

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

  • The amount the service requested may still be too low, based on observations of Ukraine, one expert said.

    Go to source

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ

    ΒΆΒΆΒΆΒΆΒΆ