November 14, 2024 at 11:16AM Researcher Marco Figueroa identified vulnerabilities in OpenAI’s ChatGPT sandbox, allowing file uploads, Python script execution, and access to sensitive configurations. While interactions remain confined to the sandbox, these flaws could lead to reverse-engineering of security measures. OpenAI was notified but only expressed interest in one specific issue. ### Meeting Takeaways: … Read more
November 4, 2024 at 04:01AM Barracuda has identified a widespread phishing campaign impersonating OpenAI, aiming to steal ChatGPT credentials from businesses globally. This large-scale effort poses significant security risks as it targets various organizations. **Meeting Takeaways:** 1. **Observation of Campaign**: Barracuda has identified a significant impersonation campaign targeting OpenAI. 2. **Objective of the Campaign**: The … Read more
November 1, 2024 at 04:28PM OpenAI’s “ChatGPT search” Chrome extension redirects address bar searches to ChatGPT, akin to a typical search hijacker. While it promises real-time answers, cybersecurity experts view it as lacking value, as users can create search shortcuts without the extension. Caution is advised regarding potential future privacy concerns. ### Meeting Takeaways: OpenAI’s … Read more
October 29, 2024 at 05:12AM A new ChatGPT jailbreak has been revealed through Mozilla’s newly launched 0Din gen-AI bug bounty program, as reported by SecurityWeek. **Meeting Notes Takeaways:** 1. **New Development**: A new jailbreak for ChatGPT has been disclosed. 2. **Source**: The information was shared through Mozilla’s 0Din gen-AI bug bounty program. 3. **Publication**: The … Read more
September 25, 2024 at 05:48PM OpenAI’s chief technology officer, Mira Murati, announced her departure in a written statement, citing the need for personal exploration. Despite praising the company and its CEO Sam Altman, Murati felt compelled to step away. Last year, she briefly served as interim CEO, a position now held by Altman following significant … Read more
September 25, 2024 at 05:42AM A security vulnerability in OpenAI’s ChatGPT app for macOS allowed attackers to implant spyware, enabling continuous data exfiltration. The attack used the memory feature, persisting across conversations. After responsible disclosure, OpenAI addressed the issue with ChatGPT version 1.2024.247. This coincides with the discovery of AI jailbreaking technique MathPrompt and Microsoft’s … Read more
September 17, 2024 at 07:33AM OpenAI introduced improvements to data analysis in ChatGPT, allowing users to integrate with Google Drive and Microsoft OneDrive. However, this deep integration raises cybersecurity challenges. The post advises how to monitor and manage these connections in Google Workspace and recommends Nudge Security for discovering and managing all genAI integrations to … Read more
September 9, 2024 at 08:24AM GenAI has become essential for productivity, but also poses security risks due to employees sharing sensitive information. To address this, organizations can identify and protect sensitive data, set restrictions, and utilize GenAI DLP tools to monitor and control data input. A webinar by LayerX offers insights and best practices for … Read more
August 17, 2024 at 03:03AM OpenAI disclosed the ban on ChatGPT accounts associated with an alleged covert Iranian influence operation targeting the U.S. presidential election. The operation utilized social media and websites to disseminate content but garnered minimal engagement. Microsoft also highlighted similar threats from Iranian and Russian networks. Google’s TAG detected Iranian-backed phishing efforts … Read more
July 18, 2024 at 04:03PM OpenAI is launching new compliance tools for ChatGPT Business Edition, aiming to support enterprise customers in regulated industries like finance and healthcare. The Enterprise Compliance API and third-party integrations help audit, manage data, and ensure compliance with regulations like FINRA, HIPAA, and GDPR. This move aligns with OpenAI’s focus on … Read more