Skip to content
View in the app

A better way to browse. Learn more.

hosang I.T.

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

CrowdStrike identifies five new prompt injection threats to AI

Security company CrowdStrike has identified five new prompt injection techniques that could leave enterprises at risk. Prompt injections attacks exploit the growing use of AI within organizations . They work by tricking LLMs into accepting instructions that a human operator would recognize as dubious.

The five new types of attack that CrowdStrike has added to its prompt injection taxonomy are:

Trigger-Activated Rule Addition in which an attacker adds a new rule that looks innocuous at first, but can be triggered later to cause strange behavior within the model.

Cognitive Token Suppression,a way to circumvent built-in safety measures by shifting the model’s linguistic choices away from established refusal patterns.

Algorithmic Payload Decomposition,or delivering a message in multiple stages each of which appears innocent but that, when combined, can be assembled into a single command that is more threatening.

Special Token Injection, an attack that can be compared to the embedding of counterfeit “control switches” within normal instructions. Attackers look to introduce confusion that tricks the model into elevating untrusted user content to the status of a high-priority system directive.

Unwitting User Context-Data Injection, an exploit that draws on the boundary between trusted data and executable instructions, tricking the user into introducing malicious instructions as part of the context data for the LLM.  The prompt may be harmless: The malicious instruction is hidden inside the surrounding context data. It works when a user uploads a document, forwards an email or adds content that is later processed by AI.

Security teams can guard against such attacks in several ways, CrowdStrike said, including threat modeling every place that model context can originate, expanding testing, and extending detection engineering to include composite attacks.

View the full article

User Feedback

Recommended Comments

There are no comments to display.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Add a comment...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.