내가 좋아할 만한 콘텐츠
Watch how #msft uses the #owasp Low-Code / No-Code Top 10 to securely accelarate business-led development! youtube.com/watch?v=yh9JdL…
youtube.com
YouTube
How Microsoft uses the OWASP Low-Code / No-Code Top 10
incredible vibes at openai's security conf last week I came out both humbled and excited and with a greater conviction -- you can just do things!
Had great fun Wednesday with Michael Bargury (@mbrg0 ) at Microsoft's BlueHat (#Bluehat) security conference on Wednesday. Our talk focused on risk reduction in Low-Code/No-Code platforms (x.com/MSFTBlueHat/st…).
really really excited to be sharing this insider today together with microsoft's @donwillits66 at #bluehat see you in 30m
modifying salesforce einstein is a privileged operation saved for admins unless einstein uses flows then flow makers can implicitly modify too
First Vulnerability in Salesforce AI Apparently you can edit edit EVERYONE’s Einstein Copilot without admin permissions? Here’s exactly how labs.zenity.io/p/over-permiss…
Join us in a couple of hours for awesome talks on attacking and defending low-code/no-code apps 🚀 by @wyattDaveDev @ZivDanielHagbi
🚨 Join Our Upcoming Webinar on Low-Code/No-Code Security! 🚨 I'm thrilled to invite you to our next OWASP Low-Code/No-Code security meetup! This is a must-attend event for anyone passionate about safeguarding their business apps. 👉 Register here: forms.gle/rot78zf6yKciNm…
@NoCodeOps is joining @Zapier, the leader in no-code automation! More here 👉 nocodeops.com/zapier
Pancakes have been had, now back to Power Automate. This tool is so powerful. As we all know, with great power comes .... This one will be a tough one to secure. Will need many layers of defense
tool drop time. enjoy! *powerpwn* v3 is out and its feature packed abusing m365 copilot collect full dumps of sensitive data across email, teams, sharepoint, calendar automated spear phishing scour the internet for copilot studio bots leaking sensitive data #DEFCON #BHUSA
Attacks on Microsoft’s Copilot AI allow for answers to be manipulated, data extracted, and security protections bypassed, new research shows. wired.com/story/microsof…
Attacks on Microsoft’s Copilot AI allow for answers to be manipulated, data extracted, and security protections bypassed, new research shows. wired.trib.al/vULHXIm
I found a publicly exposed confidential document belonging to a fortune 500 company using copilot studio 🤖 The first step in finding it was discovering over 1K unauthenticated copilot studio bots
When I ask Copilot about bank details it starts talking about Satya Nadella?? This is ~RCE - Remote Copilot Execution. Making YOUR Copilot obey to ME. Asked about: -Emails? here's a link to the summary 😈 -Bank info? Here are the wrong details -And more... DIY guide: #RCE #BH
Wired magazine featuring #powerpwn Copilot spearphishing!! wired.com/story/microsof… youtube.com/watch?v=8qo42i…
Ever tried to navigate your way between the dozens of Microsoft admin portals? Just ask M365 Copilot, right? At your own risk. We got an ~RCE (Remote Copilot Execution) that can lead to phishing attacks just by sending a mail. #BHUSA #defcon32
we got an ~RCE on M365 Copilot by sending an email by ~RCE I mean full remote control over its actions - search for sensitive content (sharepoint, email, calendar, teams), execute plugins and outputs - bypass DLP controls, manipulate references, social engineer its users on our…
an attacker wants to get sensitive data you have access to here's how they get YOUR copilot to find and analyze that data, and lure you to a malicious site to exfiltrate it #DEFCON
while msft docs say this is not possible, copilot studio can leak High Restricted SharePoint files to any user on the Internet, no auth required #copilot #dataleak
The 2023 OWASP Global Board election has been finalized. First, congratulations to all the candidates. Directors elected in the 2023 Election are: Steve Springett Sam Stepanyan Kevin Johnson Avi Douglen The term for the Directors will begin on January 1, 2024.
Hi @OWASP folks at DC thank you for joining our project demo. Now join us at creating the next version of the Top 10!
United States 트렌드
- 1. phil 81.7K posts
- 2. phan 77.7K posts
- 3. Columbus 223K posts
- 4. Polanco 9,949 posts
- 5. Falcons 13.7K posts
- 6. President Trump 1.28M posts
- 7. Kincaid 1,606 posts
- 8. Middle East 324K posts
- 9. Doug Eddings N/A
- 10. Springer 11.1K posts
- 11. Gilbert 9,719 posts
- 12. Martin Sheen 1,505 posts
- 13. Yesavage 3,438 posts
- 14. Mike McCoy N/A
- 15. Monday Night Football 6,849 posts
- 16. Go Bills 7,127 posts
- 17. Ray Ray 95.7K posts
- 18. Bijan 3,188 posts
- 19. Thanksgiving 61.2K posts
- 20. John Schneider 1,217 posts
Something went wrong.
Something went wrong.