🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

After two years of hard work with Damien Cauquil (@[email protected]) , we are proud to release for DEFCON32 the first public version of WHAD, a whole new ecosystem of opensource libs, tools & firmwares for wireless security ! The main repo is here: github.com/whad-team/whad… . And now, demo time ! [1/n]

We've spotted some confusion about the SSID confusion attack. It's not an attack attack to panic about, but it's nice research to make one think about threat models. Some clarifications are at mathyvanhoef.com/2024/08/the-ss…

#AIxCC Team Atlanta is having an amazing time with SSLab alumni in Las Vegas! Now, we’re waiting for the Grand Final qualifiers announcement. #DEFCON32

Qian, et al Zhiyun Qian from UC Riverside presented at BlackHat blackhat.com/us-24/briefing… about systemic problems with the consumer wifi wireless mesh networks due to broken trust models and security flaws

Happy to share one paper to be presented this week in USENIX Security "That Doesn't Go There: Attacks on Shared State in Multi-User Augmented Reality Applications". Work done with Carter Slocum, Erfan Shayegani , Pedram Zaree, Jiasi Chen, and Nael Abu-Ghazaleh. Talk is on 08/15 at 10:45 am.

Check out Zhai Yizhuo’s talk if you’re at USENIX Security!

Are you interested in Microarchitecture and Hardware Security? Please check this blog, which summarizes all related papers in USENIX Security 2024! Microarchitecture and Hardware Security Research at USENIX Security Symposium 2024 sigarch.org/microarchitect…

Patch your #asus AiMesh routers immediately! The exploitation code is available at seclab-ucr.github.io/CCS24Mesh/ASUS/. Attackers can abuse this protocol to root/remote-jailbreak affected routers. Patches are fully available already! #netsec

Are general-purpose fuzzing research dead? Our answer is probably no. Check our new fuzzer work FOX. The awesome fuzzer @aflplusplus is already super-powerful and quite an effective baseline in academics and industry. But there is still room to improve upon. We introduce FOX

Xin'an Emmanuel Zhou will present "Untangling the Knot: Breaking Access Control in Home Wireless Mesh Networks" at ACM CCS 2024 this afternoon at 2:15pm. We show a LAN attacker can gain root shells on access points, affecting popular vendors such as Netgear, Asus, TP-link, Linksys.

I am recruiting PhD students & Postdocs on AI Security, LLM Agents, Code Generation research at UMD Computer Science UMD Department of Computer Science & Maryland Cybersecurity Center Maryland Cybersecurity Center (MC2) For PhD program pls mention me in your application cs.umd.edu/grad/apply. For Postdocs please email me.

NDSS 25 统计数据：

Our beautiful "DiStefano" - a zkTLS protocol- paper (with Hamed alexー gpestana Joe Rowell) just won Distinguished Paper Award at NDSS Symposium ! eprint.iacr.org/2023/1063.pdf Such an honour! Upcoming work as part of Brave coming!!

(1/3) Tomorrow at S&P, Keyu will present our work on automatically discovering network side-channel vulnerabilities in TCP/UDP. From static analysis (CCS'15) and model checking (CCS'19), this work uses symbolic execution. We have now explored a spectrum of analysis and understood

Our research on open tunneling servers got nominated for the Most Innovative Research award :) The work will be presented by Angelos Beitis at Black Hat and also at USENIX Security Brief summary and code: github.com/vanhoefm/tunne… Paper: papers.mathyvanhoef.com/usenix2025-tun…

EntrySign was nominated for two Pwnies (best crypto bug and best desktop bug)! 🥳 youtube.com/live/TuKPA-CeD… spq Eduardo Vela Tavis Ormandy

We are very happy to announce the nominees for the 2025 Pwnie Awards! As a reminder, we will be presenting the winners at DEF CON this year. Saturday the 9th, 10:00AM Main Stage. Hope to see you there! docs.google.com/document/d/1fy…

Untangling the Knot (untanglingthekn0t.com) was nominated for Best Cryptographic Attack at the Pwnie Awards 2025. It uncovers fundamental flaws of crypto protocols in mesh Wi-Fi systems. Exploits and summary: untanglingthekn0t.com