ThinkstScapes
10 episodes - English - Latest episode: about 2 months ago -The ThinkstScapes podcast aims to distill and disseminate the cybersecurity research published worldwide. Our researchers track and review hundreds and thousands of talks (so you don't have to) and then bring this to you in small, digestible chunks.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
ThinkstScapes Research Roundup - Q4 - 2023
February 28, 2024 13:40 - 29 minutes - 27.4 MBLLMs ain't making life any easier Abusing Images and Sounds for Indirect Instruction Injection in Multi-Modal LLMs Tsung-Yin Hsieh, Ben Nassi, Vitaly Shmatikov, and Eugene Bagdasaryan [Slides] [Paper] [Code] Tree of Attacks: Jailbreaking Black-Box LLMs Automatically Anay Mehrotra, Manolis Zampetakis, Paul Kassianik, Blaine Nelson, Hyrum Anderson, Yaron Singer, and Amin Karbasi [Paper] [Code] Avoiding the basilisk's fangs: State-of-the-art in AI LLM detection Jacob Torrey [Slides] [C...
ThinkstScapes Research Roundup - Q3 - 2023
November 14, 2023 15:05 - 24 minutes - 22.9 MBCryptography still isn’t easy certmitm: automatic exploitation of TLS certificate validation vulnerabilities Aapo Oksman [Slides] [Code] [Video] Escaping Phishermen Nets: Cryptographic Methods Unveiled in the Fight Against Reverse Proxy Attacks Ksandros Apostoli [Blog] mTLS: When certificate authentication is done wrong Michael Stepankin [Slides] [Blog] Ultrablue: User-friendly Lightweight TPM Remote Attestation over Bluetooth Nicolas Bouchinet, Loïc Buckwell, and Gabriel Kerneis ...
ThinkstScapes Research Roundup - Q2 - 2023
August 05, 2023 21:36 - 31 minutes - 28.5 MBPrivacy in the modern era IPvSeeYou: Exploiting Leaked Identifiers in IPv6 for Street-Level Geolocation Erik Rye and Robert Beverly [Slides] [Paper] [Code] Device Tracking via Linux’s New TCP Source Port Selection Algorithm Moshe Kol, Amit Klein, and Yossi Gilad [Code] [Paper] zk-creds: Flexible Anonymous Credentials from zkSNARKs and Existing Identity Infrastructure Michael Rosenberg, Jacob White, Christina Garman, and Ian Miers [Paper] [Code] 3 Years in China: A Tale of Building ...
ThinkstScapes Research Roundup - Q1 - 2023
May 26, 2023 15:40 - 22 minutes - 20.2 MBSmashing Web3 transaction simulations for fun and profit Tal Be'ery and Roi Vazan [Blog] [Video] Not what you've signed up for: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection Kai Greshake, Sahar Abdelnabi, Shailesh Mishra, Christoph Endres, Thorsten Holz, and Mario Fritz [Paper] [Code] [Demo Website] Using ZK Proofs to Fight Disinformation Trisha Datta and Dan Boneh [Slides] [Video] [Code] [Blog] Crypto Agility and Post-Quantum Cryptography @ Goog...
ThinkstScapes Research Roundup - Q4 - 2022
February 17, 2023 16:00 - 19 minutes - 18.2 MBHacking the Cloud with SAML Felix Wilhelm [Slides] [Video] Announcing GUAC, a great pairing with SLSA (and SBOM)! Brandon Lum, Mihai Maruseac, Isaac Hepworth, Google Open Source Security Team [Blog] [Code] [Presentation] We sign code now William Woodruff [Blog] [Code] [Video] Knockout Win Against TCC - 20+ NEW Ways to Bypass Your MacOS Privacy Mechanisms Csaba Fitzl and Wojciech Regula [Slides] Farming The Apple Orchards: Living Off The Land Techniques Cedric Owens and Chris Ro...
ThinkstScapes Research Roundup - Q3 - 2022
November 04, 2022 19:57 - 31 minutes - 29.2 MBAnalyzing the Feasibility and Generalizability of Fingerprinting Internet of Things Devices Dilawer Ahmed, Anupam Das, and Fareed Zaffar [Code] [Paper] Watching the Watchers: Practical Video Identification Attack in LTE Networks Sangwook Bae, Mincheol Son, Dongkwan Kim, CheolJun Park, Jiho Lee, Sooel Son, and Yongdae Kim [Website] [Paper] [Video] Can one hear the shape of a neural network?: Snooping the GPU via Magnetic Side Channel Henrique Teles Maia, Chang Xiao, Dingzeyu Li, Eitan ...
ThinkstScapes Research Roundup - Q2 - 2022
July 29, 2022 13:47 - 29 minutes - 27.4 MBI am become loadbalancer, owner of your network Nate Warfield [Slides] Evil Never Sleeps: When Wireless Malware Stays On After Turning Off iPhones Jiska Classen, Alexander Heinrich, Robert Reith, and Matthias Hollick [Slides] [Paper] AirTag of the Clones: Shenanigans with Liberated Item Finders Thomas Roth, Fabian Freyer, Matthias Hollick, and Jiska Classen [Paper] [Code] Are Blockchains Decentralised? Evan Sultanik, Alexander Remie, Felipe Manzano, Trent Brunson, Sam Moelius, Eric...
ThinkstScapes Research Roundup - Q1 - 2022
April 25, 2022 13:30 - 34 minutes - 31.7 MBHyntrospect: a fuzzer for Hyper-V devices Diane Dubois [Slides] [Paper] [Code] [Video] Put an io_uring on it: Exploiting the Linux Kernel Valentina Palmiotti [Blog] The AMD Branch (Mis)predictor: Where No CPU has Gone Before Pawel Wieczorkiewicz [Blog part 1] [Blog part 2] Dynamic Process Isolation Martin Schwarzl, Pietro Borrello, Andreas Kogler, Kenton Varda, Thomas Schuster, Daniel Gruss, and Michael Schwarz [Paper] Another Brick in the Wall: Uncovering SMM Vulnerabilities in ...
ThinkstScapes Research Roundup - Q4 - 2021
December 16, 2021 12:46 - 25 minutes - 20.4 MBSponge Examples: Energy-Latency Attacks on Neural Networks Ilia Shumailov, Yiren Zhao, Daniel Bates, Nicolas Papernot, Robert Mullins, and Ross Anderson [Slides] [Paper] [Video] How to Use Cheated Cryptography to Overload a Server Szilárd Pfeiffer [Slides] Bestie: Very Practical Searchable Encryption with Forward and Backward Security Tuanyang Chen, Peng Xu, Wei Wang, Yubo Zheng, Willy Susilo, and Hai Jin [Paper] Symgrate: A Symbol Recovery Service for ARM Firmware Travis Goodspeed...
ThinkstScapes Research Roundup - Q3 - 2021
August 30, 2021 18:57 - 21 minutes - 17.3 MBIntroduction Episode 1 - 2021/Q3 Thinkst Trends and Takeaways is a show released in conjunction with ThinkstScapes, a written quarterly review of information security research published in both industry and academic venues. Thinkst Labs allocates time to tracking industry research so you don’t have to, specifically looking for novel and unusual work that is impactful--this is not simply a report on bugs or vulnerabilities. Work covered here will include both offensive and defensive topics,...