Artwork

Indhold leveret af Jacob Torrey, Haroon meer, and Marco slaviero. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af Jacob Torrey, Haroon meer, and Marco slaviero eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.
Player FM - Podcast-app
Gå offline med appen Player FM !

ThinkstScapes Research Roundup - Q2 - 2023

31:06
 
Del
 

Manage episode 373377944 series 3290432
Indhold leveret af Jacob Torrey, Haroon meer, and Marco slaviero. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af Jacob Torrey, Haroon meer, and Marco slaviero eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.

Privacy in the modern era

IPvSeeYou: Exploiting Leaked Identifiers in IPv6 for Street-Level Geolocation

Erik Rye and Robert Beverly

[Slides] [Paper] [Code]

Device Tracking via Linux’s New TCP Source Port Selection Algorithm

Moshe Kol, Amit Klein, and Yossi Gilad

[Code] [Paper]

zk-creds: Flexible Anonymous Credentials from zkSNARKs and Existing Identity Infrastructure

Michael Rosenberg, Jacob White, Christina Garman, and Ian Miers

[Paper] [Code]

3 Years in China: A Tale of Building a REAL Full Speed Anti-Censorship Router

KaiJern Lau

[Slides] [Code] [Video]

Embedded [in]security

Embedded Threats: A Deep Dive into the Attack Surface and Security Implications of eSIM Technology

Markus Vevier

[Code] [Video]

RPMB, a secret place inside the eMMC

Sergio Prado

[Blog]

Compromising Garmin’s Sport Watches: A Deep Dive into GarminOS and its MonkeyC Virtual Machine

Tao Sauvage

[Blog] [Video] [Slides]

The Impostor Among US(B): Off-Path Injection Attacks on USB Communications

Robert Dumitru, Daniel Genkin, Andrew Wabnitz, and Yuval Yarom

[Code] [Paper]

MagBackdoor: Beware of Your Loudspeaker as A Backdoor For Magnetic Injection Attacks

Tiantian Liu, Feng Lin, Zhangsen Wang, Chao Wang, Zhongjie Ba, Li Lu, Wenyao Xu, and Kui Ren

[Code] [Paper]

Issues at the operating system level

(Windows) Hello from the Other Side

Dirk-jan Mollema

[Slides] [Code]

Every Signature is Broken: On the Insecurity of Microsoft Office’s OOXML Signatures

Simon Rohlmann, Vladislav Mladenov, Christian Mainka, Daniel Hirschberger, and Jörg Schwenk

[Paper] [Code]

Dirty Bin Cache: A New Code Injection Poisoning Binary Translation Cache

Koh Nakagawa

[Slides] [Code]

The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 Decoders

Willy R. Vasquez, Stephen Checkoway, and Hovav Shacham

[Slides] [Paper] [Code]

Nifty sundries

EverParse: Secure Binary Data Parsers for Everyone

Tahina Ramananandro

[Slides] [Code]

InfinityGauntlet: Expose Smartphone Fingerprint Authentication to Brute-force Attack

Yu Chen, Yang Yu, and Lidong Zhai

[Paper]

It’s (DOM) Clobbering Time: Attack Techniques, Prevalence, and Defenses

Soheil Khodayari and Giancarlo Pellegrino

[Code] [Paper] [Site]

Can you trust ChatGPT’s package recommendations?

Bar Lanyado, Ortal Keizman, and Yair Divinsky

[Blog]

Phoenix Domain Attack: Vulnerable Links in Domain Name Delegation and Revocation

Xiang Li, Baojun Liu, Xuesong Bai, Mingming Zhang, Qifan Zhang, Zhou Li, Haixin Duan, and Qi Li

[Slides] [Paper]

Man-in-the-Middle Attacks without Rogue AP: When WPAs Meet ICMP Redirects

Xuewei Feng, Qi Li, Kun Sun, Yuxiang Yang, and Ke Xu

[Website] [Paper]

  continue reading

12 episoder

Artwork
iconDel
 
Manage episode 373377944 series 3290432
Indhold leveret af Jacob Torrey, Haroon meer, and Marco slaviero. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af Jacob Torrey, Haroon meer, and Marco slaviero eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.

Privacy in the modern era

IPvSeeYou: Exploiting Leaked Identifiers in IPv6 for Street-Level Geolocation

Erik Rye and Robert Beverly

[Slides] [Paper] [Code]

Device Tracking via Linux’s New TCP Source Port Selection Algorithm

Moshe Kol, Amit Klein, and Yossi Gilad

[Code] [Paper]

zk-creds: Flexible Anonymous Credentials from zkSNARKs and Existing Identity Infrastructure

Michael Rosenberg, Jacob White, Christina Garman, and Ian Miers

[Paper] [Code]

3 Years in China: A Tale of Building a REAL Full Speed Anti-Censorship Router

KaiJern Lau

[Slides] [Code] [Video]

Embedded [in]security

Embedded Threats: A Deep Dive into the Attack Surface and Security Implications of eSIM Technology

Markus Vevier

[Code] [Video]

RPMB, a secret place inside the eMMC

Sergio Prado

[Blog]

Compromising Garmin’s Sport Watches: A Deep Dive into GarminOS and its MonkeyC Virtual Machine

Tao Sauvage

[Blog] [Video] [Slides]

The Impostor Among US(B): Off-Path Injection Attacks on USB Communications

Robert Dumitru, Daniel Genkin, Andrew Wabnitz, and Yuval Yarom

[Code] [Paper]

MagBackdoor: Beware of Your Loudspeaker as A Backdoor For Magnetic Injection Attacks

Tiantian Liu, Feng Lin, Zhangsen Wang, Chao Wang, Zhongjie Ba, Li Lu, Wenyao Xu, and Kui Ren

[Code] [Paper]

Issues at the operating system level

(Windows) Hello from the Other Side

Dirk-jan Mollema

[Slides] [Code]

Every Signature is Broken: On the Insecurity of Microsoft Office’s OOXML Signatures

Simon Rohlmann, Vladislav Mladenov, Christian Mainka, Daniel Hirschberger, and Jörg Schwenk

[Paper] [Code]

Dirty Bin Cache: A New Code Injection Poisoning Binary Translation Cache

Koh Nakagawa

[Slides] [Code]

The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 Decoders

Willy R. Vasquez, Stephen Checkoway, and Hovav Shacham

[Slides] [Paper] [Code]

Nifty sundries

EverParse: Secure Binary Data Parsers for Everyone

Tahina Ramananandro

[Slides] [Code]

InfinityGauntlet: Expose Smartphone Fingerprint Authentication to Brute-force Attack

Yu Chen, Yang Yu, and Lidong Zhai

[Paper]

It’s (DOM) Clobbering Time: Attack Techniques, Prevalence, and Defenses

Soheil Khodayari and Giancarlo Pellegrino

[Code] [Paper] [Site]

Can you trust ChatGPT’s package recommendations?

Bar Lanyado, Ortal Keizman, and Yair Divinsky

[Blog]

Phoenix Domain Attack: Vulnerable Links in Domain Name Delegation and Revocation

Xiang Li, Baojun Liu, Xuesong Bai, Mingming Zhang, Qifan Zhang, Zhou Li, Haixin Duan, and Qi Li

[Slides] [Paper]

Man-in-the-Middle Attacks without Rogue AP: When WPAs Meet ICMP Redirects

Xuewei Feng, Qi Li, Kun Sun, Yuxiang Yang, and Ke Xu

[Website] [Paper]

  continue reading

12 episoder

Semua episod

×
 
Loading …

Velkommen til Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Hurtig referencevejledning