Malleability-Resistant Encrypted Control System with Disturbance Compensation and Real-Time Attack Detection

This study proposes an encrypted PID control system with a disturbance observer DOB using a keyed-homomorphic encryption KHE scheme, aiming to achieve control performance while providing resistance to malleability-based attacks. The controller integrates a DOB with a PID structure to compensate f...

How the FBI got everything it wanted (re-air) (Lock and Code S06E15)

This week on the Lock and Code podcast… For decades, digital rights activists, technologists, and cybersecurity experts have worried about what would happen if the US government secretly broke into people’s encrypted communications. The weird thing, though, is that, in 2018, it already happened...

How the FBI got everything it wanted (re-air) (Lock and Code S06E15)

This week on the Lock and Code podcast… For decades, digital rights activists, technologists, and cybersecurity experts have worried about what would happen if the US government secretly broke into people’s encrypted communications. The weird thing, though, is that, in 2018, it already happened...

CVE-2025-54422 Sandboxie exposes encrypted sandbox key during password change

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. In versions 1.16.1 and below, a critical security vulnerability exists in password handling mechanisms. During encrypted sandbox creation, user passwords are transmitted via shared memory,...

CVE-2025-54422 Sandboxie exposes encrypted sandbox key during password change

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. In versions 1.16.1 and below, a critical security vulnerability exists in password handling mechanisms. During encrypted sandbox creation, user passwords are transmitted via shared memory,...

PT-2025-31199 · Sandboxie · Sandboxie

Name of the Vulnerable Software and Affected Versions: Sandboxie versions 1.16.1 and earlier Description: Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. A critical security issue exists in password handling mechanisms. During encrypted...

Collusion Resistant DNS with Private Information Retrieval

There has been a growing interest in Internet user privacy, demonstrated by the popularity of privacy-preserving products such as Telegram and Brave, and the widespread adoption of HTTPS. The Domain Name System DNS is a key component of Internet-based communication and its privacy has been...

Development and Analysis of a Secured VoIP System for Surveillance Activities

Since the 1990s, the telephone has been the primary mode of communication. However, Voice over Internet Protocol VoIP, which is a highly straightforward and affordable form of data transfer, is now becoming an important part of daily communication. VoIP is the technology that makes it possible to...

SUSE CVE-2025-38455

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Reject SEV-ES intra host migration if vCPU creation is in-flight Reject migration of SEV-ES state if either the source or destination VM is actively creating a vCPU, i.e. if kvmvmioctlcreatevcpu is in the section betwee...

DEBIAN-CVE-2025-38455

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Reject SEV-ES intra host migration if vCPU creation is in-flight Reject migration of SEV-ES state if either the source or destination VM is actively creating a vCPU, i.e. if kvmvmioctlcreatevcpu is in the section betwee...

UBUNTU-CVE-2025-38455

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Reject SEV-ES intra host migration if vCPU creation is in-flight Reject migration of SEV-ES state if either the source or destination VM is actively creating a vCPU, i.e. if kvmvmioctlcreatevcpu is in the section betwee...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a vCPU creation contention condition during SEV migration that could lead to a crash...

The vulnerability of the config.xml file in TP-Link Archer C50 Wi-Fi routers allows a hacker to gain unauthorized access to protected information.

The vulnerability of the config.xml file in TP-Link Archer C50 Wi-Fi routers lies in the use of strictly encrypted credentials. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information from a remote location...

The vulnerability of the HPE Networking Instant On configuration and access point management tool lies in its use of strictly encrypted credentials. This allows attackers to circumvent security restrictions and gain increased privileges.

The vulnerability of the HPE Networking Instant On configuration and access point management tool is related to the use of strictly encrypted credentials. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain increased privileges...

IDFace: Face Template Protection for Efficient and Secure Identification

As face recognition systems FRS become more widely used, user privacy becomes more important. A key privacy issue in FRS is protecting the user's face template, as the characteristics of the user's face image can be recovered from the template. Although recent advances in cryptographic tools such...

K000152602: Multiple Moby vulnerabilities

Security Advisory Description CVE-2023-28840 Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby, is common...

The vulnerability of the “Tekon” SCADA system, which stems from the use of strictly encrypted account data, allows a intruder to enhance their privileges and execute arbitrary codes.

The vulnerability of the “Tekon” SCADA system is related to the use of strictly encrypted account data. Exploiting this vulnerability can allow a malicious actor to increase their privileges and execute arbitrary codes remotely...

DESIGN: Encrypted GNN Inference Via Server-Side Input Graph Pruning

Graph Neural Networks GNNs have achieved state-of-the-art performance in various graph-based learning tasks. However, enabling privacy-preserving GNNs in encrypted domains, such as under Fully Homomorphic Encryption FHE, typically incurs substantial computational overhead, rendering real-time and...

DVFS: a Dynamic Verifiable Fuzzy Search Service for Encrypted Cloud Data

Cloud storage introduces critical privacy challenges for encrypted data retrieval, where fuzzy multi-keyword search enables approximate matching while preserving data confidentiality. Existing solutions face fundamental trade-offs between security and efficiency: linear-search mechanisms provide...

Secure and Efficient UAV-Based Face Detection Via Homomorphic Encryption and Edge Computing

This paper aims to propose a novel machine learning ML approach incorporating Homomorphic Encryption HE to address privacy limitations in Unmanned Aerial Vehicles UAV-based face detection. Due to challenges related to distance, altitude, and face orientation, high-resolution imagery and...