Gå offline med appen Player FM !
ThinkstScapes Research Roundup - Q1 - 2024
Manage episode 423578372 series 3290432
Revealing more than anticipated, and preventing prying eyes
PrintListener: Uncovering the Vulnerability of Fingerprint Authentication via the Finger Friction Sound
Man Zhou, Shuao Su, Qian Wang, Qi Li, Yuting Zhou, Xiaojing Ma, and Zhengxiong Li
[Paper]
ModelGuard: Information-Theoretic Defense Against Model Extraction Attacks
Minxue Tang, Anna Dai, Louis DiValentin, Aolin Ding, Amin Hass, Neil Zhenqiang Gong, Yiran Chen, and Hai Li
RECORD: A RECeption-Only Region Determination Attack on LEO Satellite Users
Eric Jedermann, Martin Strohmeier, Vincent Lenders, and Jens Schmitt
Private web search with Tiptoe
Alexandra Henzinger, Emma Dauterman, Henry Corrigan-Gibbs, and Nickolai Zeldovich
[Slides] [Paper] [Video] [Code]
Can Virtual Reality Protect Users from Keystroke Inference Attacks?
Zhuolin Yang, Zain Sarwar, Iris Hwang, Ronik Bhaskar, Ben Y. Zhao, and Haitao Zheng
Backtrace in Time: Revealing Attackers’ Sleep Patterns and Days Off in RDP Brute-Force Attacks with Calendar Heatmaps
Andréanne Bergeron
Taking another look with a fresh perspective
Breaking HTTP Servers, Proxies, and Load Balancers Using the HTTP Garden
Ben Kallus and Prashant Anantharaman
Compiler Backdooring For Beginners
Marion Marschalek
[Video]
Revisiting 2017: AI and Security, 7 years later
Thomas Dullien
[Video]
Automated Large-Scale Analysis of Cookie Notice Compliance
Ahmed Bouhoula, Karel Kubicek, Amit Zac, Carlos Cotrini, and David Basin
[Paper] [Code Access]
Turning Windows into doors
LSA Whisperer
Evan McBroom
Wishing: Webhook Phishing in Teams
Matthew Eidelberg
Misconfiguration Manager: Overlooked and Overprivileged
Duane Michael and Chris Thompson
Smoke and Mirrors: How to hide in Microsoft Azure
Aled Mehta and Christian Philipov
[Video]
Nifty sundries
Backdoor in XZ Utils allows RCE: everything you need to know
Andres Freund, Merav Bar, Amitai Cohen, Danielle Aminov, and Russ Cox
[Initial Disclosure] [Wiz Blog] [Timeline]
More Money, Fewer FOSS Security Problems? The Data, Such As It Is
John Speed Meyers, Sara Ann Brackett, and Stewart Scott
[Video]
MUDding Around: Hacking for gold in text-based games
Unix-ninja
[Blog]
DeGPT: Optimizing Decompiler Output with LLM
Peiwei Hu, Ruigang Liang, and Kai Chen
[Paper]
12 episoder
Manage episode 423578372 series 3290432
Revealing more than anticipated, and preventing prying eyes
PrintListener: Uncovering the Vulnerability of Fingerprint Authentication via the Finger Friction Sound
Man Zhou, Shuao Su, Qian Wang, Qi Li, Yuting Zhou, Xiaojing Ma, and Zhengxiong Li
[Paper]
ModelGuard: Information-Theoretic Defense Against Model Extraction Attacks
Minxue Tang, Anna Dai, Louis DiValentin, Aolin Ding, Amin Hass, Neil Zhenqiang Gong, Yiran Chen, and Hai Li
RECORD: A RECeption-Only Region Determination Attack on LEO Satellite Users
Eric Jedermann, Martin Strohmeier, Vincent Lenders, and Jens Schmitt
Private web search with Tiptoe
Alexandra Henzinger, Emma Dauterman, Henry Corrigan-Gibbs, and Nickolai Zeldovich
[Slides] [Paper] [Video] [Code]
Can Virtual Reality Protect Users from Keystroke Inference Attacks?
Zhuolin Yang, Zain Sarwar, Iris Hwang, Ronik Bhaskar, Ben Y. Zhao, and Haitao Zheng
Backtrace in Time: Revealing Attackers’ Sleep Patterns and Days Off in RDP Brute-Force Attacks with Calendar Heatmaps
Andréanne Bergeron
Taking another look with a fresh perspective
Breaking HTTP Servers, Proxies, and Load Balancers Using the HTTP Garden
Ben Kallus and Prashant Anantharaman
Compiler Backdooring For Beginners
Marion Marschalek
[Video]
Revisiting 2017: AI and Security, 7 years later
Thomas Dullien
[Video]
Automated Large-Scale Analysis of Cookie Notice Compliance
Ahmed Bouhoula, Karel Kubicek, Amit Zac, Carlos Cotrini, and David Basin
[Paper] [Code Access]
Turning Windows into doors
LSA Whisperer
Evan McBroom
Wishing: Webhook Phishing in Teams
Matthew Eidelberg
Misconfiguration Manager: Overlooked and Overprivileged
Duane Michael and Chris Thompson
Smoke and Mirrors: How to hide in Microsoft Azure
Aled Mehta and Christian Philipov
[Video]
Nifty sundries
Backdoor in XZ Utils allows RCE: everything you need to know
Andres Freund, Merav Bar, Amitai Cohen, Danielle Aminov, and Russ Cox
[Initial Disclosure] [Wiz Blog] [Timeline]
More Money, Fewer FOSS Security Problems? The Data, Such As It Is
John Speed Meyers, Sara Ann Brackett, and Stewart Scott
[Video]
MUDding Around: Hacking for gold in text-based games
Unix-ninja
[Blog]
DeGPT: Optimizing Decompiler Output with LLM
Peiwei Hu, Ruigang Liang, and Kai Chen
[Paper]
12 episoder
Tutti gli episodi
×Välkommen till Player FM
Player FM scannar webben för högkvalitativa podcasts för dig att njuta av nu direkt. Den är den bästa podcast-appen och den fungerar med Android, Iphone och webben. Bli medlem för att synka prenumerationer mellan enheter.