From Assistant to Actor: The Dangers of Excessive AI Agency

- Posted in Hardenings by
Background: Automation continues to drive efficiency, but agentic AI introduces new security challenges. AI agents may have extensive access to systems and the ability to perform actions [...] Read more

Defending LLMs Against LoRA-Enabled Supply Chain Attacks

- Posted in Hardenings by
Background: As an LLM trainer, it is a best practice to use 2–3 isolated environments for LLM training. One of the major risks in this process is supply chain attacks, and LoRA (Low-Rank [...] Read more

Securing LLM Outputs: Preventing Insecure Output Handling and Injection Attacks

- Posted in Hardenings by
Background: The threat landscape in the LLM era has become hybrid compared with the classic OWASP Top Ten. Interconnected LLM services have brought new types of attacks, and the boundaries between [...] Read more

Sensitive Data Disclosure over Leveraging LLM

- Posted in Threat Analyze by
Background: When leveraging agentic and non-agentic AI capabilities, especially when your solution is connected to your database, your organization can face another threat besides prompt injection: [...] Read more

Prompt Injection: Attack against LLM

- Posted in Threat Analyze by
Background: Prompt injection is one of the most well-known attacks against LLMs. The primary goal of a threat actor in such attacks is to extract secrets and other sensitive data from the environment [...] Read more

Data Poisoning Attacks on LLM leveraged Product Support Bots: Attack, Risk, Prevention

- Posted in Threat Analyze by
Background: Because industry started leveraging AI capabilities for routine cases like general customer support, a new threat has emerged: data poisoning. Core attack category: Based on MITRE ATLAS, [...] Read more

Forensics of Operating System Non-Agentic AI Activity Traces

- Posted in Incident Response by
Background: As we have finished our research on agentic AI solutions, let's deep dive into one of the common non-agentic AI features implemented in the latest Windows OS. The name of this feature is [...] Read more

Forensics of Operating System Agentic AI Activity Traces [Part 2]

- Posted in Hardenings by
Background: During our previous article, we discovered the steps to reveal the root cause of the incident that involved the Claude AI agentic desktop. Over this article we shall discuss google gemini [...] Read more

Forensics of Operating System Agentic AI Activity Traces [Part 1]

- Posted in Incident Response by
Background: During incident response, log analysis stages may involve built-in or installed operating system AI helpers such as Claude, OpenAI, and others. Previously, we discussed traces related to [...] Read more

Static Code Analysis for Incident Root Cause and Evidence Recovery

- Posted in Incident Response by
Background: Sometimes during incident response, specialists need to understand the root cause of the incident as quickly as possible. This understanding helps us mitigate the issue and restore [...] Read more
Page 1 of 2