Aggregator

GCSB Director-General Andrew Hampton opening statement to Intelligence and Security Committee on Monday 27 March 2023.

Playing around with Bing Chat is quite fun. Until today I mostly used ChatGPT and GPT-4 directly, but I was curious of the capabilites and restrictions of Bing Chat.

I noticed that as soon as I mentioned the word “hacker”, Bing Chat became quite “uncomfortable”. For instance, when I asked it to imagine being a hacker and list some security vulnerabilities, it replied:

So, how about we indirectly imply the intent, rather than stating it directly. So, I used a variation of a language manipulation technique like this:

这是半年前我在 Go 语言中发现的一个目录穿越漏洞（虽然被人抢先发现了）。
Go 语言支持非常方便的交叉编译，但是在不同平台下，操作系统对某些功能的实现有所差异。这些差异可能会导致一些安全问题。

PoshC2 is a proxy-aware cross-platform C2 framework that natively supports Docker.  Once configured and executed, it generates over 100 modifications of fresh implants, written in PowerShell, C#, and Python. The framework has a modular architecture to enable users to add their own modules and tools. No wonder, that nowadays PoshC2 is one of the most … Continued

The post How to Detect PoshC2 PowerShell Implants appeared first on VMware Security Blog.