Invitation Is All You Need: Invoking Gemini for Workspace Agents with a Simple Google Calendar Invite
What is breach and attack simulation? Learn all about this powerful cybersecurity solution, including use cases, comparisons, and benefits.
Gain a better understanding of the continuous security validation processes and outcomes enabled by an automated BAS solution in this SafeBreach white paper.
See how a SafeBreach Labs researcher collaborated with other researchers to develop a novel Promptware variant capable of exploiting Gemini to remotely control victims’ home appliances, video stream victims, exfiltrate victims’ sensitive information, and more.
Over the last two years, various systems and applications have been integrated with generative artificial intelligence (gen AI) capabilities, turning regular applications into gen-AI powered applications. In addition, retrieval augmented generation (RAG)-which is the process of connecting gen-AI and large language models (LLMs) to external knowledge sources-and other agents have been incorporated into such systems, making them more effective, accurate, and updated.
In parallel with these advancements, we have seen the emergence of a new class of attacks that threaten the security and privacy of gen-AI-powered applications known as Promptware. Promptware utilizes a prompt—a piece of input via text, images, or audio samples—that is engineered to exploit an LLM interface at inference time to trigger malicious activity, like spreading spam or extracting confidential information. Yet, most security professionals are either not familiar with Promptware or do not consider it a critical risk. We believe this is due to a number of serious misconceptions that suggest Promptware is not a practical form of attack.
