User-Centric Phishing Detection: A RAG and LLM-Based Approach

The escalating sophistication of phishing emails necessitates a shift beyond traditional rule-based and conventional machine-learning-based detectors. Although large language models LLMs offer strong natural language understanding, using them as standalone classifiers often yields elevated...

Dual Protection Ring: User Profiling Via Differential Privacy and Service Dissemination through Private Information Retrieval

User profiling is crucial in providing personalised services, as it relies on analyzing user behaviour and preferences to deliver targeted services. This approach enhances user experience and promotes heightened engagement. Nevertheless, user profiling also gives rise to noteworthy privacy...

Hiding in Plain Sight: Query Obfuscation Via Random Multilingual Searches

Modern search engines extensively personalize results by building detailed user profiles based on query history and behaviour. While personalization can enhance relevance, it introduces privacy risks and can lead to filter bubbles. This paper proposes and evaluates a lightweight, client-side quer...

ARTIF - An Advanced Real Time Threat Intelligence Framework To Identify Threats And Malicious Web Traffic On The Basis Of IP Reputation And Historical Data.

ARTIF is a new advanced real time threat intelligence framework built that adds another abstraction layer on the top of MISP to identify threats and malicious web traffic on the basis of IP reputation and historical data. It also performs automatic enrichment and threat scoring by collecting,...

Auditing Your Database – Is It Enough For Your Data Security Needs?

Audit trails have been a feature of databases for a long time, but are they still compatible with todays data security demands? What do you need to do, as a security officer, to get the most information about what’s happening to your company’s data? Are audit trail features impregnable to possibl...

Imgur: De-anonymization Attack: Cross Site Information Leakage

Dear Imgur Security Team, We are researchers at the IMDEA Software Institute in Madrid, Spain. We have been working on analyzing Cross-Site Browser Leaks xsleaks and building a tool for finding instances of it on target web sites. Recently we tested imgur.com and discovered a flaw that can affect...

Cupp - Common User Passwords Profiler

The most common form of authentication is the combination of a username and a password or passphrase. If both match values stored within a locally stored table, the user is authenticated for a connection. Password strength is a measure of the difficulty involved in guessing or breaking the passwo...

Collabtive 1.0 XSS / Shell Upload / Privilege Escalation

============================================= - Release date: July 22th, 2013 - Discovered by: Enrico Cinquini - Severity: High ============================================= I. VULNERABILITY ------------------------- Collabtive multiple vulnerabilities. II. INTRODUCTION -------------------------...