Disney Display Hack, ByteDance AI Disruption, ChatGPT Jailbreak & More

Author

InfoSec Sam
November 03, 2024

This Week’s News

Disney Display Disruption

An ex-employee altered Disney World's digital menus, changing the text to display in Wingdings font. The individual allegedly still had access to passwords and used these to gain access to the display systems!

However, it wasn’t all just harmless font changes. The attacker also changed menu listings that could have put those with food allergies at risk. We as security professionals don’t always consider the work we do to have an impact to human life but this story goes to show how a lack of basic security controls could have severe consequences - LINK 

ByteDance Bad Boy

TikTok owner, ByteDance, has fired an intern for maliciously interfering with the training of one of its AI models associated with ByteDance’s app, Doubao, which is an AI chat bot similar to ChatGPT that is popular in China.

Reports claim the intern has caused ByteDance $10M worth of damage however ByteDance deny these claims. Question is, how did an intern get the level of access necessary to give them the capabilities to affect such a critical system.

This is a good reminder of the need for the principle of least privilege, but also considering the competency of those with elevated privileges - LINK 

Hex Hack

Hackers have devised a new jailbreak for ChatGPT by encoding prompts in hexadecimal and emojis causing it to bypass OpenAI's content filters. This would allow users to input restricted queries, leading ChatGPT to respond as though the encoded content is harmless - LINK

Check out my video on this story below?

@infosecsam

ChatGPT was hacked using emojis 🤯 #cyber #ai #chatgpt #promptinjection #securitybreach #cybersecurity #infosec

Other News

  • Fake Faces - Facebook and Instagram owner Meta is introducing facial recognition technology to crack down on the fraudulent use of celebrities in adverts - LINK

  • Pygmy Goat - NCSC has reported a backdoor called "Pygmy Goat" on hacked Sophos firewall devices. It can grant remote access and control over compromised networks. Sophos has since issued patches so get patching! LINK

Free Resources

Below are links related to thing I have shared in previous newsletter and on my TikTok video such as training resources and job opportunities:

Subscribe to keep reading

This content is free, but you must be subscribed to InfoSecSam's Newsletter to continue reading.

I consent to receive newsletters via email. Terms of use and Privacy policy.

Already a subscriber?Sign in.Not now