6850 matches found
MultiFuzz: a Dense Retrieval-Based Multi-Agent System for Network Protocol Fuzzing
Traditional protocol fuzzing techniques, such as those employed by AFL-based systems, often lack effectiveness due to a limited semantic understanding of complex protocol grammars and rigid seed mutation strategies. Recent works, such as ChatAFL, have integrated Large Language Models LLMs to guid...
mbedTLS 3.6.4 Use-After-Free
A proof of concept exploit for a use-after-free vulnerability in the mbedtlsx509stringtonames name parsing function of the mbedTLS library. A successful exploit grants arbitrary code execution with root privileges by hijacking freed heap metadata and redirecting control flow to injected shellcode...
Ransomware Negotiation: Dynamics and Privacy-Preserving Mechanism Design
Ransomware attacks have become a pervasive and costly form of cybercrime, causing tens of millions of dollars in losses as organizations increasingly pay ransoms to mitigate operational disruptions and financial risks. While prior research has largely focused on proactive defenses, the...
Best Salon Management System 1.0 SQL Injection
A remote SQL injection vulnerability exists in SourceCodester Best Salon Management System version 1.0...
CKM-Assisted Physical-Layer Security for Resilience against Unknown Eavesdropping Location
Channel Knowledge Map CKM is an emerging data-driven toolbox that captures our awareness of the wireless channel and enables efficient communication and resource allocation beyond the state of the art. In this work, we consider CKM for improving physical-layer security PLS in the presence of a...
On the Security and Privacy of Federated Learning: a Survey with Attacks, Defenses, Frameworks, Applications, and Future Directions
Federated Learning FL is an emerging distributed machine learning paradigm enabling multiple clients to train a global model collaboratively without sharing their raw data. While FL enhances data privacy by design, it remains vulnerable to various security and privacy threats. This survey provide...
Linux Kernel 5.16 Dirty Pipe Improper Handling
Proof of concept for the Dirty Pipe vulnerability that affects Linux kernel versions 5.6 through 5.16. This vulnerability allows local privilege escalation by exploiting improper handling of pipe buffers in the kernel, enabling an attacker to modify read-only files such as SUID binaries and execu...
CIA+TA Risk Assessment for AI Reasoning Vulnerabilities
As AI systems increasingly influence critical decisions, they face threats that exploit reasoning mechanisms rather than technical infrastructure. We present a framework for cognitive cybersecurity, a systematic protection of AI reasoning processes from adversarial manipulation. Our contributions...
Car Rental System 1.0 SQL Injection
Car Rental System version 1.0 suffers from a remote SQL injection vulnerability in bookcar.php...
MAJIC: Markovian Adaptive Jailbreaking Via Iterative Composition of Diverse Innovative Strategies
Large Language Models LLMs have exhibited remarkable capabilities but remain vulnerable to jailbreaking attacks, which can elicit harmful content from the models by manipulating the input prompts. Existing black-box jailbreaking techniques primarily rely on static prompts crafted with a single,...
MPOCryptoML: Multi-Pattern Based Off-Chain Crypto Money Laundering Detection
Recent advancements in money laundering detection have demonstrated the potential of using graph neural networks to capture laundering patterns accurately. However, existing models are not explicitly designed to detect the diverse patterns of off-chain cryptocurrency money laundering. Neglecting...
AutoBnB-RAG: Enhancing Multi-Agent Incident Response with Retrieval-Augmented Generation
Incident response IR requires fast, coordinated, and well-informed decision-making to contain and mitigate cyber threats. While large language models LLMs have shown promise as autonomous agents in simulated IR settings, their reasoning is often limited by a lack of access to external knowledge. ...
Beneath the Mask: Can Contribution Data Unveil Malicious Personas in Open-Source Projects?
In February 2024, after building trust over two years with project maintainers by making a significant volume of legitimate contributions, GitHub user "JiaT75" self-merged a version of the XZ Utils project containing a highly sophisticated, well-disguised backdoor targeting sshd processes running...
Modified Security Analysis of Device-Independent Quantum Key Distribution with Random Key Basis
Security analysis is a critical part in any cryptographic protocol, may it be classical or quantum. Without security analysis, one cannot ensure the secrecy of the distributed keys. To perform a conclusive security analysis, it is very often necessary to frame the problem as an optimization...
Sni5Gect: a Practical Approach to Inject aNRchy into 5G NR
In this paper, the authors propose and design SNI5GECT – a framework that sniffs messages from pre-authentication 5G communication in real-time and injects targeted attack payload in downlink communication towards the UE...
Hashcat Advanced Password Recovery 7.1.1 Binary Release
Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary...
VerilogLAVD: LLM-Aided Rule Generation for Vulnerability Detection in Verilog
Timely detection of hardware vulnerabilities during the early design stage is critical for reducing remediation costs. Existing early detection techniques often require specialized security expertise, limiting their usability. Recent efforts have explored the use of large language models LLMs for...
Silentflow: Leveraging Trusted Execution for Resource-Limited MPC Via Hardware-Algorithm Co-Design
Secure Multi-Party Computation MPC offers a practical foundation for privacy-preserving machine learning at the edge, with MPC commonly employed to support nonlinear operations. These MPC protocols fundamentally rely on Oblivious Transfer OT, particularly Correlated OT COT, to generate correlated...
Addressing Side-Channel Threats in Quantum Key Distribution Via Deep Anomaly Detection
Traditional countermeasures against security side channels in quantum key distribution QKD systems often suffer from poor compatibility with deployed infrastructure, the risk of introducing new vulnerabilities, and limited applicability to specific types of attacks. In this work, we propose an...
The Application of Transformer-Based Models for Predicting Consequences of Cyber Attacks
Cyberattacks are increasing, and securing against such threats is costing industries billions of dollars annually. Threat Modeling, that is, comprehending the consequences of these attacks, can provide critical support to cybersecurity professionals, enabling them to take timely action and alloca...
A Risk Manager for Intrusion Tolerant Systems: Enhancing HAL 9000 with New Scoring and Data Sources
Intrusion Tolerant Systems ITSs have become increasingly critical due to the rise of multi-domain adversaries exploiting diverse attack surfaces. ITS architectures aim to tolerate intrusions, ensuring system compromise is prevented or mitigated even with adversary presence. Existing ITS solutions...
Lantronix Provisioning Manager 7.10.3 XML Injection
Lantronix Provisioning Manager version 7.10.3 suffers from an XML injection vulnerability...
Consiglieres in the Shadow: Understanding the Use of Uncensored Large Language Models in Cybercrimes
The advancement of AI technologies, particularly Large Language Models LLMs, has transformed computing while introducing new security and privacy risks. Prior research shows that cybercriminals are increasingly leveraging uncensored LLMs ULLMs as backends for malicious services. Understanding the...
One-Class Intrusion Detection with Dynamic Graphs
With the growing digitalization all over the globe, the relevance of network security becomes increasingly important. Machine learning-based intrusion detection constitutes a promising approach for improving security, but it bears several challenges. These include the requirement to detect novel...
Tenda AC20 16.03.08.12 Command Injection
Tenda AC20 version 16.03.08.12 suffers from a command injection vulnerability in /goform/telnet...
Prescriptive Zero Trust- Assessing the Impact of Zero Trust on Cyber Attack Prevention
Increasingly sophisticated and varied cyber threats necessitate ever improving enterprise security postures. For many organizations today, those postures have a foundation in the Zero Trust Architecture. This strategy sees trust as something an enterprise must not give lightly or assume too...
Skyvern 0.1.85 Server-Side Template Injection
Proof of concept exploit that leverages a server-side template injection flaw in Skyvern versions up to 0.1.85 to launch a reverse shell...
Linux 6.4 epoll Use-After-Free
Linux versions starting at 6.4 suffer from a use-after-free vulnerability via a race condition between epeventpollrelease and eventpollreleasefile because mutexunlock is not ownership-drop-safe...
Systematic Analysis of MCP Security
The Model Context Protocol MCP has emerged as a universal standard that enables AI agents to seamlessly connect with external tools, significantly enhancing their functionality. However, while MCP brings notable benefits, it also introduces significant vulnerabilities, such as Tool Poisoning...
Adversarial Attacks on VQA-NLE: Exposing and Alleviating Inconsistencies in Visual Question Answering Explanations
Natural language explanations in visual question answering VQA-NLE aim to make black-box models more transparent by elucidating their decision-making processes. However, we find that existing VQA-NLE systems can produce inconsistent explanations and reach conclusions without genuinely understandi...
False Data-Injection Attack Detection in Cyber-Physical Systems: a Wasserstein Distributionally Robust Reachability Optimization Approach
Cyber-physical system CPS is the foundational backbone of modern critical infrastructures, so ensuring its security and resilience against cyber-attacks is of pivotal importance. This paper addresses the challenge of designing anomaly detectors for CPS under false-data injection FDI attacks and...
Cyber Risks to Next-Gen Brain-Computer Interfaces: Analysis and Recommendations
Brain-computer interfaces BCIs show enormous potential for advancing personalized medicine. However, BCIs also introduce new avenues for cyber-attacks or security compromises. In this article, we analyze the problem and make recommendations for device manufacturers to better secure devices and to...
Reducing False Positives with Active Behavioral Analysis for Cloud Security
Rule-based cloud security posture management CSPM solutions are known to produce a lot of false positives based on the limited contextual understanding and dependence on static heuristics testing. This paper introduces a validation-driven methodology that integrates active behavioral testing in...
ChamaleoNet: Programmable Passive Probe for Enhanced Visibility on Erroneous Traffic
Traffic visibility remains a key component for management and security operations. Observing unsolicited and erroneous traffic, such as unanswered traffic or errors, is fundamental to detect misconfiguration, temporary failures or attacks. ChamaleoNet transforms any production network into a...
CISA: FY 2023 Tribal Cybersecurity Grant Program FAQs
This is the CISA FAQ for the Tribal Cybersecurity Grant Program TCGP which assists eligible Tribal governments addressing cybersecurity risks and threats to their information systems...
A Robust Cross-Domain IDS Using BiGRU-LSTM-Attention for Medical and Industrial IoT Security
The increased Internet of Medical Things IoMT and the Industrial Internet of Things IIoT interconnectivity has introduced complex cybersecurity challenges, exposing sensitive data, patient safety, and industrial operations to advanced cyber threats. To mitigate these risks, this paper introduces ...
Passive Hack-Back Strategies for Cyber Attribution: Covert Vectors in Denied Environment
Attributing cyberattacks remains a central challenge in modern cybersecurity, particularly within denied environments where defenders have limited visibility into attacker infrastructure and are restricted by legal or operational rules of engagement. This perspective examines the strategic value ...
Fortifying the Agentic Web: a Unified Zero-Trust Architecture against Logic-Layer Threats
This paper presents a Unified Security Architecture that fortifies the Agentic Web through a Zero-Trust IAM framework. This architecture is built on a foundation of rich, verifiable agent identities using Decentralized Identifiers DIDs and Verifiable Credentials VCs, with discovery managed by a...
MCPSecBench: a Systematic Security Benchmark and Playground for Testing Model Context Protocols
Large Language Models LLMs are increasingly integrated into real-world applications via the Model Context Protocol MCP, a universal, open standard for connecting AI agents with data sources and external tools. While MCP enhances the capabilities of LLM-based agents, it also introduces new securit...
ViT-EnsembleAttack: Augmenting Ensemble Models for Stronger Adversarial Transferability in Vision Transformers
Ensemble-based attacks have been proven to be effective in enhancing adversarial transferability by aggregating the outputs of models with various architectures. However, existing research primarily focuses on refining ensemble weights or optimizing the ensemble path, overlooking the exploration ...
Design and Implementation of a Controlled Ransomware Framework for Educational Purposes Using Flutter Cryptographic APIs on Desktop PCs and Android Devices
This study focuses on the creation and implementation of ransomware for educational purposes that leverages Python's native cryptographic APIs in a controlled environment. Additionally, an Android version of the framework is implemented using Flutter and Dart. For both versions, open-source...
Effect of Phase Shift Errors on the Security of UAV-Assisted STAR-RIS IoT Networks
Unmanned aerial vehicles UAV-mounted simultaneous transmitting and reflecting reconfigurable intelligent surface STAR-RIS systems can provide full-dimensional coverage and flexible deployment opportunities in future 6G-enabled IoT networks. However, practical imperfections such as jittering and...
The Passwordless Authentication with Passkey Technology from an Implementation Perspective
With the rise of sophisticated authentication bypass techniques, passwords are no longer considered a reliable method for securing authentication systems. In recent years, new authentication technologies have shifted from traditional password-based logins to passwordless security. Among these,...
PP-STAT: an Efficient Privacy-Preserving Statistical Analysis Framework Using Homomorphic Encryption
With the widespread adoption of cloud computing, the need for outsourcing statistical analysis to third-party platforms is growing rapidly. However, handling sensitive data such as medical records and financial information in cloud environments raises serious privacy concerns. In this paper, we...
Unlearning at Scale: Implementing the Right to Be Forgotten in Large Language Models
We study the right to be forgotten GDPR Art. 17 for large language models and frame unlearning as a reproducible systems problem. Our approach treats training as a deterministic program and logs a minimal per-microbatch record ordered ID hash, RNG seed, learning-rate value, optimizer-step counter...
Mitigating Jailbreaks with Intent-Aware LLMs
Despite extensive safety-tuning, large language models LLMs remain vulnerable to jailbreak attacks via adversarially crafted instructions, reflecting a persistent trade-off between safety and task performance. In this work, we propose Intent-FT, a simple and lightweight fine-tuning approach that...
Invitation Is All You Need! Promptware Attacks against LLM-Powered Assistants in Production Are Practical and Dangerous
The growing integration of LLMs into applications has introduced new security risks, notably known as Promptware - maliciously engineered prompts designed to manipulate LLMs to compromise the CIA triad of these applications. While prior research warned about a potential shift in the threat...
CAN Networks Security in Smart Grids Communication Technologies
The rapid evolution of smart grids requires effective communication protocols to transfer data reliably and securely. Controller Area Network CAN is one of the most recognized protocols that offer reliable data transmission in smart grids due to its robustness, real-time capabilities, and...
Attack Graph Generation on HPC Clusters
Attack graphs AGs are graphical tools to analyze the security of computer networks. By connecting the exploitation of individual vulnerabilities, AGs expose possible multi-step attacks against target networks, allowing system administrators to take preventive measures to enhance their network's...
Ethereum Crypto Wallets under Address Poisoning: How Usable and Secure Are They?
Blockchain address poisoning is an emerging phishing attack that crafts "similar-looking" transfer records in the victim's transaction history, which aims to deceive victims and lure them into mistakenly transferring funds to the attacker. Recent works have shown that millions of Ethereum users...