KNIHOVNA() HOME PAPERS(523) REPORTS(264) CONFERENCE(22) WHITEPAPERS(29) KNIHY(24) RFC popisy(9411) SLOVNÍČEK(9) Podpůrné materiály(16)
DATE | NAME | CATEGORY | SUBCATE | INFO |
| 13.7.24 | RADIUS/UDP Considered Harmf | PAPERS | PAPERS | The core of the RADIUS protocol predates modern secure cryptographic design. Surprisingly, in the two decades since Wang et al. demonstrated an MD5 hash collision in 2004, RADIUS has not been updated to remove MD5. In fact, RADIUS appears to have received notably little security analysis given its ubiquity in modern networks. |
|
8.7.24 |
Caught in the Net: Using Infostealer Logs to Unmask CSAM Consumers | PAPERS | PAPERS | In this proof-of-concept (PoC) report, we used Recorded Future Identity Intelligence’s vast trove of information stealer (“infostealer”) malware data to identify consumers of child sexual abuse material (CSAM), surface additional sources, and arrive at geographic and behavioral trends for the most popular sources |
| 2.7.24 | Indirector: High-Precision Branch Target Injection Attacks Exploiting the Indirect Branch Predict | PAPERS | CPU | This paper introduces novel high-precision Branch Target Injection (BTI) attacks, leveraging the intricate structures of the Indirect Branch Predictor (IBP) and the Branch Target Buffer (BTB) in high-end Intel CPUs. |
| 17.6.24 | Mass exploitation | PAPERS | PAPERS | The vulnerable edge of enterprise security |
| 17.6.24 | ARM 'TIKTAG' attack | PAPERS | ARM CPU | TIKTAG: Breaking ARM’s Memory Tagging Extension with Speculative Executi |
28.5.24 | DNSBOMB: A New Practical-and-Powerful Pulsing DoS Attack Exploiting DNS Queries-and-Responses | Papers | DNS | DNSBomb is a new practical and powerful pulsing DoS attack exploiting DNS queries and responses. |
10.5.24 | Bypassing Tunnels: Leaking VPN Client Traffic by Abusing Routing Tabl | Papers | Papers | Virtual Private Networks (VPNs) authenticate and encrypt network traffic to protect users’ security and privacy, and are used in professional and personal settings to defend against malicious actors, circumvent censorship, remotely work from home, etc. It is therefore essential that VPNs are secure. |
8.5.24 | CPU | Pathfinder: High-Resolution Control-Flow Attacks Exploiting the Conditional Branch Predictor | ||
3.5.24 | Papers | Subgraph representation learning is a technique for analyzing local structures (or shapes) within complex networks. Enabled by recent developments in scalable Graph Neural Networks (GNNs), this approach encodes relational information at a subgroup level (multiple connected nodes) rather than at a node level of abstraction. | ||
| 5.4.24 | JSOutProx RAT | Papers | Papers | Multi-Staged JSOutProx RAT Targets Indian Co-Operative Banks and Finance Companies |
| 26.3.24 | Generic and Automated Drive-by GPU Cache Attacks from the Browser | Papers | Papers | Generic and Automated Drive-by GPU Cache Attacks from the Browser |
| 16.3.24 | GhostRace | Papers | Vulnerebility | GhostRace: Exploiting and Mitigating Speculative Race Conditio |
| 4.3.24 | Fast Adversarial Attacks on Language Models In One GPU Minute | Papers | CPU | |
| 4.3.24 | Abusing Images and Sounds for Indirect Instruction Injection in Multi-Modal LLMs | Papers | CPU | |
12.1.24 | Flying Under the Radar: Abusing GitHub for Malicious Infrastructure | Papers | Malware | |
6.1.24 | No-justice” wiper | Papers | Malware | |
1.1.24 | Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation | Papers | Attack | |
| 16.11.23 | The attack against Danish, CLEAR critical infrastructure | Papers | ICS | |
| 15.11.23 | CacheWarp: Software-based Fault Injection using Selective State Res | Papers | CPU | |
27.10.23 | iLeakage: Browser-based Timerless Speculative Execution Attacks on Apple Devices | Papers | Apple | |
| 26.8.23 | Practical Attacks Against Privacy and Availability in 4G/LTE Mobile Communication Systems | Papers | Attack | |
| 13.7.23 | Digitally-Signed Rootkits are Back – A Look at FiveSys and Companions | Papers | Malware | |
| 5.5.23 | Iran turning to cyber-enabled influence operations for greater effect | Papers | Campaign | |
| 28.4.23 | Nomadic Octopus’ Paperbug Campaign | Papers | Campaign | |
| 17.4.23 | BlueBravo Uses Ambassador Lure to Deploy GraphicalNeutrino Malware | Papers | Malware | |
25.3.23 | Detect and Prevent Web Shell Malware | Papers | Malware | |
17.3.23 | SILKLOADER | Papers | Malware | |
15.3.23 | Papers | Operation | ||
| 2022 | The Lazarus Constellation A study on North Korean malware | Papers | APT |