34 matches found
Can You Keep a Secret? Involuntary Information Leakage in Language Model Writing
Language models are deployed in settings that require compartmentalization: system prompts should not be disclosed, chain-of-thought reasoning is hidden from users, and sensitive data passes through shared contexts. We test whether models can keep prompted information out of their writing. We giv...
Cyber-Resilient Digital Twins: Discriminating Attacks for Safe Critical Infrastructure Control
Industrial Cyber-Physical Systems ICPS face growing threats from cyber-attacks that exploit sensor and control vulnerabilities. Digital Twin DT technology can detect anomalies via predictive modelling, but current methods cannot distinguish attack types and often rely on costly full-system...
Pervasive Vulnerability Analysis and Defense for QKD-Based Quantum Private Query
Quantum Private Query QPQ based on Quantum Key Distribution QKD is among the most practically viable quantum communication protocols, with application value second only to QKD itself. However, prevalent security vulnerabilities in the post-processing stages of most existing QKD-based QPQ protocol...
MalEval Android Malware Evaluation Framework
This repository contains the source code of MalEval, an evaluation framework for Android malware behavior auditing, focusing on explaining and substantiating malicious behaviors. The framework provides expert-verified reports, curated metadata, and model outputs to enable reproducible evaluation ...
Surpassing the PLOB Bound in Continuous-Variable Quantum Secret Sharing Using a State-Discrimination Detector
Continuous-variable quantum secret sharing CVQSS is a promising approach to ensuring multi-party information security. While CVQSS offers practical ease of implementation, its present performance remains limited. In this paper, we propose a novel CVQSS protocol integrated with a...
Realistic Vulnerabilities of Decoy-State Quantum Key Distribution
We analyze realistic vulnerabilities of decoy-state quantum key distribution QKD arising from the combination of laser damage attack LDA and unambiguous state discrimination USD. While decoy-state QKD is designed to protect against photon-number-splitting and beam-splitting attacks by accurately...
Minoritised Ethnic People'S Security and Privacy Concerns and Responses Towards Essential Online Services
Minoritised ethnic people are marginalised in society, and therefore at a higher risk of adverse online harms, including those arising from the loss of security and privacy of personal data. Despite this, there has been very little research focused on minoritised ethnic people's security and...
Surveillance pricing is “evil and sinister,” explains Justin Kloczko (Lock and Code S06E04)
This week on the Lock and Code podcast … Insurance pricing in America makes a lot of sense so long as you’re one of the insurance companies. Drivers are charged more for traveling long distances, having low credit, owning a two-seater instead of a four, being on the receiving end of a car crash,...
Rapid7 Recognized with Top Score of 100 in 2025 Corporate Equality Index
On January 7, the Human Rights Campaign Foundation released their 2025 Corporate Equality Index CEI, where Rapid7 earned a top score of 100. The CEI is the nation’s leading benchmark for LGBTQ+ workforce equality, evaluating policies and practices in areas such as non-discrimination, equitable...
A Trump Win Could Unleash Dangerous AI
Donald Trump's opposition to “woke” safety standards for artificial intelligence would likely mean the dismantling of regulations that protect Americans from misinformation, discrimination, and worse...
School Employee Allegedly Framed a Principal With Racist Deepfake Rant
Plus: Google holds off on killing cookies, Samourai Wallet founders get arrested, and GM stops driver surveillance program...
US pharmacy Rite Aid banned from operating facial recognition systems
Pharmacy chain Rite Aid has been denied the right to run facial recognition systems in its stores for five years, by a Federal Trade Commission FTC ruling. The regulator found so many flaws in the retailers surveillance program that it concluded Rite Aid had failed to implement reasonable...
AdminProxy should do some extra security checks
Lines of code Vulnerability details Impact AdminProxy is the hot spot for all low-level calls, therefore it should do some extra security checks that are currently not in place. By design a Solidity low level call to a zero address or an EOA non contract address will return success true. The only...
White House unveils Blueprint for an AI Bill of Rights
On Tuesday, the Biden-Harris Administration's Office of Science and Technology Policy OSTP unveiled a new Blueprint for an AI Bill of Rights, which lists five principles to guide the design, use, and development of intelligence-based automated systems "to protect the American public in the age of...
The Challenge Digital Executive Protection Poses to Enterprise Security Teams
In our previous articles for Threatpost, we’ve talked a lot about how the attack surface has expanded into the personal digital lives of executives and high-profile employees. About how their online privacy, personal devices, and home networks are now primary targets – either to compromise them...
Cloak - A Censorship Circumvention Tool To Evade Detection By Authoritarian State Adversaries
Cloak is a pluggable transport that enhances traditional proxy tools like OpenVPN to evade sophisticated censorship and data discrimination. Cloak is not a standalone proxy program. Rather, it works by masquerading proxied traffic as normal web browsing activities. In contrast to traditional tool...
The Internet is not safe enough for women, and Sue Krautbauer has some ideas about why: Lock and Code S02E22
Decades ago, the promise of the Internet was clear: No one, depending on their age, gender, race, income, or place of birth, would be unwelcome from expressing their thoughts and ideas. Today, that promise has been largely unfulfilled. As Malwarebytes discovered earlier this year, the Internet is...
Europe Makes the Case to Ban Biometric Surveillance
Companies are racing to track everything about you. It could be a convenient way to reduce fraud—or seriously creepy and discriminatory...
Banning Surveillance-Based Advertising
The Norwegian Consumer Council just published a fantastic new report: "Time to Ban Surveillance-Based Advertising." From the Introduction: The challenges caused and entrenched by surveillance-based advertising include, but are not limited to: privacy and data protection infringements opaque...
Making Diversity and Inclusion a Business Imperative at Imperva
To create meaningful change, you need to be the difference you wish to see in the world. At Imperva, we’re taking meaningful action and investing to create a workplace that brings together all voices, experiences and identities. We recognize that true innovation requires diversity of thought,...