There Is Nothing Responsible About Disclosure Of Every Successful Prompt Injection
The InfoSec community is strongest when it can collaborate openly. Few organizations can fend off sophisticated attacks alone—and even they sometimes fail. I...
By topic
- Hacking 7
- AI 6
- Microsoft 5
- Red Team 5
- Vulnerability Disclosure 3
- BlackHat 1
- Vulnerability Management 1
- OWASP 1
- RSAC 1
- Prompt Injection 1
- AIjacking 1
Hacking
AIjacking Goes Beyond Prompt Injection
Naming is powerful. An excellent name does more than frame the problem, it hints at ownership, solutions, and urgency to address it. In a very real sense, t...
Very Important Instructions
This is a boring blog post. At least for humans.
Safe Web Browsing for Copilots
Allowing a copilot to search the web at will is extremely dangerous. Here are two somewhat-understood vulnerabilities and how to mitigate them. Note: this is...
Power Platform DLP Bypass via Copy-And-Paste
Last August I gave a talk at BlackHat USA titled All You Need Is Guest. In it, I showed how simple guest access to EntraID could be escalated into full contr...
All You Need Is Guest
This is a long overdue blog version of a talk I gave at BlackHat USA 2023 titled All You Need Is Guest. Slides and video recording are available as well.
Copilot exfiltrates High Restricted SharePoint files to any user on the Internet, no auth required
Microsoft Copilot Studio allows users to quickly build enterprise Copilots on top of their business data. Every enterprise user can now plug enterprise data ...
AI
There Is Nothing Responsible About Disclosure Of Every Successful Prompt Injection
The InfoSec community is strongest when it can collaborate openly. Few organizations can fend off sophisticated attacks alone—and even they sometimes fail. I...
AIjacking Goes Beyond Prompt Injection
Naming is powerful. An excellent name does more than frame the problem, it hints at ownership, solutions, and urgency to address it. In a very real sense, t...
Very Important Instructions
This is a boring blog post. At least for humans.
Safe Web Browsing for Copilots
Allowing a copilot to search the web at will is extremely dangerous. Here are two somewhat-understood vulnerabilities and how to mitigate them. Note: this is...
Security for AI is the Next Big Thing! But we don’t really know what it means yet
As AI continues to capture everyone’s attention, security for AI becomes a popular topic in the market. Security for AI is capturing the media cycle, AI secu...
Copilot exfiltrates High Restricted SharePoint files to any user on the Internet, no auth required
Microsoft Copilot Studio allows users to quickly build enterprise Copilots on top of their business data. Every enterprise user can now plug enterprise data ...
Microsoft
Safe Web Browsing for Copilots
Allowing a copilot to search the web at will is extremely dangerous. Here are two somewhat-understood vulnerabilities and how to mitigate them. Note: this is...
Power Platform DLP Bypass via Copy-And-Paste
Last August I gave a talk at BlackHat USA titled All You Need Is Guest. In it, I showed how simple guest access to EntraID could be escalated into full contr...
All You Need Is Guest
This is a long overdue blog version of a talk I gave at BlackHat USA 2023 titled All You Need Is Guest. Slides and video recording are available as well.
Copilot exfiltrates High Restricted SharePoint files to any user on the Internet, no auth required
Microsoft Copilot Studio allows users to quickly build enterprise Copilots on top of their business data. Every enterprise user can now plug enterprise data ...
My intense 2am conversation with MSRC a week before BlackHat
Research as usual
Red Team
Very Important Instructions
This is a boring blog post. At least for humans.
Safe Web Browsing for Copilots
Allowing a copilot to search the web at will is extremely dangerous. Here are two somewhat-understood vulnerabilities and how to mitigate them. Note: this is...
Power Platform DLP Bypass via Copy-And-Paste
Last August I gave a talk at BlackHat USA titled All You Need Is Guest. In it, I showed how simple guest access to EntraID could be escalated into full contr...
All You Need Is Guest
This is a long overdue blog version of a talk I gave at BlackHat USA 2023 titled All You Need Is Guest. Slides and video recording are available as well.
Copilot exfiltrates High Restricted SharePoint files to any user on the Internet, no auth required
Microsoft Copilot Studio allows users to quickly build enterprise Copilots on top of their business data. Every enterprise user can now plug enterprise data ...
Vulnerability Disclosure
There Is Nothing Responsible About Disclosure Of Every Successful Prompt Injection
The InfoSec community is strongest when it can collaborate openly. Few organizations can fend off sophisticated attacks alone—and even they sometimes fail. I...
Power Platform DLP Bypass via Copy-And-Paste
Last August I gave a talk at BlackHat USA titled All You Need Is Guest. In it, I showed how simple guest access to EntraID could be escalated into full contr...
All You Need Is Guest
This is a long overdue blog version of a talk I gave at BlackHat USA 2023 titled All You Need Is Guest. Slides and video recording are available as well.
BlackHat
My intense 2am conversation with MSRC a week before BlackHat
Research as usual
Vulnerability Management
My intense 2am conversation with MSRC a week before BlackHat
Research as usual
OWASP
Followup links for OWASP Global AppSec DC 2023
Assorted links for OWASP Global AppSec DC 2023:
RSAC
Followup links for All You Need Is Guest RSAC 2024
Assorted links for All You Need Is Guest @ RSAC 2024:
Prompt Injection
AIjacking Goes Beyond Prompt Injection
Naming is powerful. An excellent name does more than frame the problem, it hints at ownership, solutions, and urgency to address it. In a very real sense, t...
AIjacking
AIjacking Goes Beyond Prompt Injection
Naming is powerful. An excellent name does more than frame the problem, it hints at ownership, solutions, and urgency to address it. In a very real sense, t...