New release of snmalloc with CHERI Morello support. Awesome work nwf, Ph.D.. We even have Morello in our CI process. David Chisnall will discuss this and more at #cheritech22 next week. github.com/microsoft/snma…

Looking forward to discussing Pre-Hijacked Accounts with @sudoavi at this live event tomorrow!

Some big and exciting news! We're hiring 6 new Assistant Professors across a wide range of areas in Computer Science Cambridge Computer Science ow.ly/NobH50L0OFb. Here's a run-down of them all 1/8

Together with Jo Van Bulck I am again organizing a confidential computing devroom FOSDEM @[email protected] . Submit talks on open source topics by December 2 2022 and come to Brussels on February 5 2023 or watch the livestream. Looking forward! falder.org/fosdem23-cfp

About 11 days left to the first DIMVA Conference submission deadline! x.com/DIMVAConf/stat…

There's still time to register&take part in the membership inference competition (MICO)! Info here: github.com/microsoft/MICO 4 tasks available: image, text, tabular, and a combination of the 3 providing additional info ("DP distinguisher"). Keep the submissions coming!

👻 is back! Excited to announce "Hide and Seek with Spectres", our paper accepted to IEEE S&P'23. We present a tool for fast discovery of spec. vulnerabilities in x86 CPUs, and two new speculative leaks we found. 📑arXiv: arxiv.org/pdf/2301.07642… 🔬tool: github.com/microsoft/sca-…

We're excited to announce the winners of the Microsoft Membership Inference Competition (MICO), at IEEE SaTML SaTML Conference. With MICO, we wanted to assess the state of the art on membership inference attacks against differentially private model training. microsoft.github.io/MICO/?1

Looking forward to discussing the security of AI with Ram Shankar Siva Kumar tomorrow evening at WaterstonesCambridge, where he'll be signing copies of his new book (coauthored with Hyrum Anderson)! Event: 31 May, 6pm Registration: waterstones.com/events/machine…

Excited to share what I've been working on for the past few months, in collaboration with colleagues across Microsoft!

We're hiring AI Security Researchers for Microsoft Security Response Center! These roles offer a unique opportunity to solve emerging AI security & privacy challenges, through cutting-edge scientific research, informed by real-world vulnerability data. Apply here: jobs.careers.microsoft.com/global/en/sear…

Our new AI bug bounty program is now live! Excited to be part of the fantastic team that made this happen!

⚡️We have a special guest for #CDTS24! Andrew Paverd (Andrew Paverd) from Security Response will be joining the 3rd panel session, join the waiting list for the chance to hear his expertise on Generative AI & security🦾🔒. Grab your free ticket: tinyurl.com/bdzb463w UoM Centre for Digital Trust and Society pic.x.com/SHHiwo9CJY

"Trustworthy AI Using Confidential Federated Learning," by Jinnan Guo (@ImperialCollege), @PPietzuch (LSDS Research Group), @AJPaverd (@MsftSecResponse), Kapil Vaswani (Microsoft Research), describes how Confidential Federated Learning addresses Classic FL gaps. bit.ly/4dLIgla

We’re excited to announce LLMail-Inject: The Adaptive Prompt Injection Challenge! This challenge will test your skills at bypassing LLM-based systems in a simulated environment and features 40 levels of varying difficulty, where you will craft emails to persuade an LLM agent to

📢 Have experience jailbreaking LLMs? Want to learn how an indirect / cross prompt injection attack works? Want to try something different to an advent of code? Then, I have a challenge for you! The LLMail-Inject competition just started.

Come and test your skills at prompt injection! Bring your best attacks

The first day of the challenge was already quite a hit!! 🥳 Thanks so much to everyone who participated so far. There are still many unsolved levels, come and claim them!

As enterprises adopt large language models (LLMs), a new class of threats has emerged: indirect prompt injection. This attack vector targets systems that process untrusted data with LLMs, tricking them into misinterpreting malicious input as instructions. The risks include data