EPISODE · Aug 5, 2023 · 31 MIN
ThinkstScapes Research Roundup - Q2 - 2023
from ThinkstScapes · host haroon meer, Jacob Torrey, Casey Smith
Privacy in the modern eraIPvSeeYou: Exploiting Leaked Identifiers in IPv6 for Street-Level GeolocationErik Rye and Robert Beverly[Slides] [Paper] [Code]Device Tracking via Linux’s New TCP Source Port Selection AlgorithmMoshe Kol, Amit Klein, and Yossi Gilad[Code] [Paper]zk-creds: Flexible Anonymous Credentials from zkSNARKs and Existing Identity InfrastructureMichael Rosenberg, Jacob White, Christina Garman, and Ian Miers[Paper] [Code]3 Years in China: A Tale of Building a REAL Full Speed Anti-Censorship RouterKaiJern Lau[Slides] [Code] [Video]Embedded [in]securityEmbedded Threats: A Deep Dive into the Attack Surface and Security Implications of eSIM TechnologyMarkus Vevier[Code] [Video]RPMB, a secret place inside the eMMCSergio Prado[Blog]Compromising Garmin’s Sport Watches: A Deep Dive into GarminOS and its MonkeyC Virtual MachineTao Sauvage[Blog] [Video] [Slides]The Impostor Among US(B): Off-Path Injection Attacks on USB CommunicationsRobert Dumitru, Daniel Genkin, Andrew Wabnitz, and Yuval Yarom[Code] [Paper]MagBackdoor: Beware of Your Loudspeaker as A Backdoor For Magnetic Injection AttacksTiantian Liu, Feng Lin, Zhangsen Wang, Chao Wang, Zhongjie Ba, Li Lu, Wenyao Xu, and Kui Ren[Code] [Paper]Issues at the operating system level(Windows) Hello from the Other SideDirk-jan Mollema[Slides] [Code]Every Signature is Broken: On the Insecurity of Microsoft Office’s OOXML SignaturesSimon Rohlmann, Vladislav Mladenov, Christian Mainka, Daniel Hirschberger, and Jörg Schwenk[Paper] [Code]Dirty Bin Cache: A New Code Injection Poisoning Binary Translation CacheKoh Nakagawa[Slides] [Code]The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 DecodersWilly R. Vasquez, Stephen Checkoway, and Hovav Shacham[Slides] [Paper] [Code]Nifty sundriesEverParse: Secure Binary Data Parsers for EveryoneTahina Ramananandro[Slides] [Code]InfinityGauntlet: Expose Smartphone Fingerprint Authentication to Brute-force AttackYu Chen, Yang Yu, and Lidong Zhai[Paper]It’s (DOM) Clobbering Time: Attack Techniques, Prevalence, and DefensesSoheil Khodayari and Giancarlo Pellegrino[Code] [Paper] [Site]Can you trust ChatGPT’s package recommendations?Bar Lanyado, Ortal Keizman, and Yair Divinsky[Blog]Phoenix Domain Attack: Vulnerable Links in Domain Name Delegation and RevocationXiang Li, Baojun Liu, Xuesong Bai, Mingming Zhang, Qifan Zhang, Zhou Li, Haixin Duan, and Qi Li[Slides] [Paper]Man-in-the-Middle Attacks without Rogue AP: When WPAs Meet ICMP RedirectsXuewei Feng, Qi Li, Kun Sun, Yuxiang Yang, and Ke Xu[Website] [Paper]
What this episode covers
This is episode 8 of Thinkst's Trends & Takeaways (for Q2 of 2023). A quarterly summary of information security research, talks and presentations. Join our host Jacob Torrey as he highlights the research and papers that caught our eye during the preceding quarter. https://thinkst.com/ts
NOW PLAYING
ThinkstScapes Research Roundup - Q2 - 2023
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.