exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 3,786 RSS Feed

Whitepaper Files

DTLS ClientHello Race Conditions In WebRTC Implementations
Posted Oct 22, 2024
Authored by Sandro Gauci, Alfred Farrugia | Site enablesecurity.com

This white paper, titled "DTLS 'ClientHello' Race Conditions in WebRTC Implementations," details a security vulnerability affecting multiple WebRTC implementations. The research uncovers a security flaw where certain implementations fail to properly verify the origin of DTLS "ClientHello" messages in WebRTC sessions, potentially leading to denial of service attacks. The paper includes methodology, affected systems, and recommendations for mitigation.

tags | paper, denial of service
SHA-256 | eb9b90060957ab9a31665bc8c84c603533eeccd79e0c24bfa578d26e43901509
nullcon Goa 2025 Call For Papers
Posted Sep 23, 2024
Site nullcon.net

The Call For Papers for nullcon Goa 2025 is now open. Nullcon is an information security conference held in Goa, India. The focus of the conference is to showcase the next generation of offensive and defensive security technology. It will take place March 1st through the 2nd, 2025.

tags | paper, conference
SHA-256 | d943a5167bc531bab425de0702277f60eaf145d5ed299231ba952d4c51c62f6b
Unleashing Worms And Extracting Data
Posted Sep 16, 2024
Authored by Ben Nassi, Ron Bitton, Stav Cohen | Site arxiv.org

Whitepaper called Unleashing Worms and Extracting Data: Escalating the Outcome of Attacks against RAG-based Inference in Scale and Severity Using Jailbreaking. In this paper, the authors show that with the ability to jailbreak a GenAI model, attackers can escalate the outcome of attacks against RAG-based GenAI-powered applications in severity and scale.

tags | paper, worm
SHA-256 | 27bfeb9c59e588b146b6eb3f569fcfb1228d2be7bf7e469574b84bb54bb020c3
No cON Name 2024 Call For Papers
Posted Sep 3, 2024
Site noconname.org

The No cON Name 2024 call for papers has been announced. It will be held in Barcelona, Spain, from November 18th through the 20th, 2024.

tags | paper, conference
SHA-256 | b1ab0f7971b8bdca44e60e2273733ba1f1cdc0be463f47e14edb5ee0cf3291ab
Caterease SQL Injection / Command Injection / Bypass
Posted Aug 2, 2024
Authored by Calvin Star, Austin Henderson, jTag Labs

This is the official vulnerability disclosure report for CVEs CVE-2024-38881 through CVE-2024-38891 by jTag Labs. This report details critical security vulnerabilities found within Caterease, a product of Horizon Business Services Inc. These vulnerabilities have significant implications for the confidentiality, integrity, and availability of the software and the sensitive data it handles. The issues include problems like remote SQL injection, command injection, authentication bypass, hard-coded credentials, and more.

tags | advisory, paper, remote, vulnerability, code execution, sql injection, bypass, info disclosure
advisories | CVE-2024-38881, CVE-2024-38882, CVE-2024-38883, CVE-2024-38884, CVE-2024-38885, CVE-2024-38886, CVE-2024-38887, CVE-2024-38888, CVE-2024-38889, CVE-2024-38890, CVE-2024-38891
SHA-256 | 922dd24931dfc780dbe72f5070222b4450361d9b42c8b9a975582549453b4573
BRF: eBPF Runtime Fuzzer
Posted Jul 8, 2024
Authored by Hsin-Wei Hung, Ardalan Amiri Sani

This whitepaper discusses eBPF technology in the Linux kernel and introduces the BPF Runtime Fuzzer (BRF), a fuzzer that can satisfy the semantics and dependencies required by the verifier and the eBPF subsystem.

tags | paper, kernel, fuzzer
systems | linux
SHA-256 | 8d7d42a9efa0c15df2a3a0e4462495f6a65acfd39a1058f872b1863580c0bfb6
OpenSSH Server regreSSHion Remote Code Execution
Posted Jul 1, 2024
Authored by Qualys Security Advisory | Site blog.qualys.com

Qualys has discovered a a signal handler race condition vulnerability in OpenSSH's server, sshd. If a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously, but this signal handler calls various functions that are not async-signal-safe - for example, syslog(). This race condition affects sshd in its default configuration.

tags | exploit, advisory, paper
advisories | CVE-2024-6387
SHA-256 | 7826092019b763740fb3de1d429e43d078262e82a1ebe5f37c468e1d5ea080c4
New North Korean Based Backdoor Packs A Punch
Posted Jun 21, 2024
Authored by Bart Blaze, Nguyen Nguyen | Site cyberarmor.tech

In recent months, North Korean based threat actors have been ramping up attack campaigns in order to achieve a myriad of their objectives, whether it be financial gain or with espionage purposes in mind. The North Korean cluster of attack groups is peculiar seeing there is quite some overlap with one another, and it is not always straightforward to attribute a specific campaign to a specific threat actor. This is no different in what the authors are presenting in this paper today, where they analyze a new threat campaign, initially discovered in late May, featuring multiple layers and which ultimately delivers a seemingly new and previously undocumented backdoor. These actions appear tied to Kimsuky and is specifically focused on Aerospace and Defense companies.

tags | advisory, paper
SHA-256 | 573fc7fdbda6861d3fb9546724f878e3b7a854cf874afba540f9e7fb1d853834
Hardwear.io NL 2024 Call For Papers
Posted Jun 10, 2024
Authored by hardwear.io CFP | Site hardwear.io

The call for papers for Hardwear.io 2024 in the Netherlands is now open. It will take place October 24th through the 24th, 2024 at the Marriott Hotel, Amsterdam, The Netherlands.

tags | paper, conference
SHA-256 | 2893959f1b581f1f25b05d843a5ab9e8e184cb0c072365549e1995880a54b3e9
BSidesLjubljana 2024 Call For Papers
Posted May 24, 2024
Site 0x7e8.bsidesljubljana.si

B-Sides Ljubljana will be held September 27, 2024 at the Computer History Museum, Ljubljana, Slovenia, Europe.

tags | paper, conference
SHA-256 | f5abd5f827ddbdc5874d4b069a789c3b7d82cf6e00c82d5008865405cd331f17
Surveilling The Masses With Wi-Fi-Based Positioning Systems
Posted May 23, 2024
Authored by Dave Levin, Erik Rye | Site cs.umd.edu

In this paper, the authors show that Apple's WPS can be abused to create a privacy threat on a global scale. They present an attack that allows an unprivileged attacker to amass a worldwide snapshot of Wi-Fi BSSID geolocations in only a matter of days. Their attack makes few assumptions, merely exploiting the fact that there are relatively few dense regions of allocated MAC address space. Applying this technique over the course of a year, they learned the precise locations of over 2 billion BSSIDs around the world. The privacy implications of such massive datasets become more stark when taken longitudinally, allowing the attacker to track devices' movements.

tags | paper
systems | apple
SHA-256 | 32f974d742e05d50152e5a1e9ab7b267486c7c525e011e9325dc7495c5a27a6a
The Not-So-Silent Type
Posted Apr 26, 2024
Authored by Jeffrey Knockel, Zoƫ Reichert, Mona Wang | Site citizenlab.ca

Whitepaper called The not-so-silent type - Vulnerabilities across keyboard apps reveal keystrokes to network eavesdroppers.

tags | paper, vulnerability
SHA-256 | 1baca6b77c2dd267d995c6cc273aa8908082ad0a1d57ae3a7cf03d39df9cbc85
SSH Client Backd00r
Posted Apr 22, 2024
Authored by Tacettin Karadeniz

This whitepaper provides a detailed analysis of the recent SSH client backdoor. Written in Turkish.

tags | paper
SHA-256 | ce4d2798fcc0bd6073620253319c3a70e1d899442c3920c83b9dc3acd8dfe046
IEEE CSR Workshop 2024 Call For Papers
Posted Apr 5, 2024
Site acfti.org

The IEEE CSR Workshop on Cyber Forensics and Advanced Threat Investigations in Emerging Technologies organizing committee is inviting you to submit your research papers. The workshop will be held in Hybrid mode. The in-person mode will held at Hilton London Tower Bridge, London from September 2nd through the 4th, 2024.

tags | paper, conference
SHA-256 | 0d300ee78ceddaee1fa7d0efc06f277816ca687d310c808e3dbab1c1003095d5
IWCC 2024 Call For Papers
Posted Mar 28, 2024
Site ares-conference.eu

The 13th International Workshop on Cyber Crime, or IWCC, 2024 call for papers has been announced. It will take place July 30th through August 2nd, 2024 in Vienna, Austria.

tags | paper, conference
SHA-256 | 1733e3ae10dcafe0a95572942e32ff6c6d0ff3ba67769c57dd88c93c006e53e6
GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers
Posted Mar 22, 2024
Authored by Daniel Genkin, David Kohlbrenner, Christopher W. Fletcher, Boru Chen, Pradyumna Shome, Yingchen Wang, Riccardo Paccagnella | Site gofetch.fail

This whitepaper shows that the security threat from DMPs is significantly worse than previously thought and demonstrates the first end-to-end attacks on security-critical software using the Apple m-series DMP. Undergirding the author's attacks is a new understanding of how DMPs behave which shows, among other things, that the Apple DMP will activate on behalf of any victim program and attempt to leak any cached data that resembles a pointer.

tags | paper
systems | apple
SHA-256 | a26af7248f3a7458c6db704eb23699f3163f79dcf78ceedd895d0097eb93941b
Generic And Automated Drive-By GPU Cache Attacks From The Browser
Posted Mar 19, 2024
Authored by Daniel Gruss, Andreas Kogler, Fabian Rauscher, Lukas Giner, Daniel De Almeida Braga, Roland Czerny, Christoph Gruber | Site ginerlukas.com

In this paper, the authors present the first GPU cache side-channel attack from within the browser, more specifically from the restricted WebGPU environment. The foundation for our generic and automated attacks are self-configuring primitives applicable to a wide variety of devices, which they demonstrate on a set of 11 desktop GPUs from 5 different generations and 2 vendors.

tags | exploit, paper
SHA-256 | 6c5387e050fc45456bdc1a46bd17a019b33a674a9d2100d5130f5e042b53b654
GhostRace: Exploiting And Mitigating Speculative Race Conditions
Posted Mar 13, 2024
Authored by Cristiano Giuffrida, Anil Kurmus, Hany Ragab, Andrea Mambretti | Site download.vusec.net

Race conditions arise when multiple threads attempt to access a shared resource without proper synchronization, often leading to vulnerabilities such as concurrent use-after-free. To mitigate their occurrence, operating systems rely on synchronization primitives such as mutexes, spinlocks, etc. In this paper, the authors present GhostRace, the first security analysis of these primitives on speculatively executed code paths. Their key finding is that all the common synchronization primitives can be microarchitecturally bypassed on speculative paths, turning all architecturally race-free critical regions into Speculative Race Conditions (SRCs).

tags | paper, vulnerability
advisories | CVE-2024-2193
SHA-256 | e0d3a753ac273a430c317cd67e808c20b6cdd914b31b24e71450d5fb4ad420af
Stealing Part Of A Production Language Model
Posted Mar 13, 2024
Authored by David Rolnick, Jonathan Hayase, Eric Wallace, Nicholas Carlini, Arthur Conmy, Thomas Steinke, Matthew Jagielski, Florian Tramer, Krishnamurthy Dvijotham, Daniel Paleka, Katherine Lee, Milad Nasr, A. Feder Cooper

In this whitepaper, the authors introduce the first model-stealing attack that extracts precise, nontrivial information from black-box production language models like OpenAI's ChatGPT or Google's PaLM-2. Specifically, their attack recovers the embedding projection layer (up to symmetries) of a transformer model, given typical API access. For under $20 USD, their attack extracts the entire projection matrix of OpenAI's ada and babbage language models. They thereby confirm, for the first time, that these black-box models have a hidden dimension of 1024 and 2048, respectively. They also recover the exact hidden dimension size of the gpt-3.5-turbo model, and estimate it would cost under $2,000 in queries to recover the entire projection matrix. They conclude with potential defenses and mitigations, and discuss the implications of possible future work that could extend this attack.

tags | exploit, paper, vulnerability
SHA-256 | 35bb26fb1fe58d91b595fbecc219b129076e6cc3ae746288dc27c6fa0d128e6a
Compromising Industrial Processes Using Web-Based Programmable Logic Controller Malware
Posted Mar 4, 2024
Authored by Raheem Beyah, Ryan Pickren, Tohid Shekari, Saman Zonouz

This is an interesting whitepaper called Compromising Industrial Processes using Web-Based Programmable Logic Controller Malware. The authors present a novel approach to developing programmable logic controller (PLC) malware that proves to be more flexible, resilient, and impactful than current strategies.

tags | paper, web
SHA-256 | 741326e4fbc51ab41e106a049572fa380ad7b01037f9e364be260067feb5194b
The KeyTrap Denial-of-Service Algorithmic Complexity Attacks On DNS
Posted Feb 22, 2024
Authored by Niklas Vogel, Haya Schulmann, Michael Waidner, Elias Heftrig | Site athene-center.de

In this paper, the authors show that the design of DNSSEC is flawed. Exploiting vulnerable recommendations in the DNSSEC standards, they developed a new class of DNSSEC-based algorithmic complexity attacks on DNS, they dubbed KeyTrap attacks. All popular DNS implementations and services are vulnerable. With just a single DNS packet, the KeyTrap attacks lead to a 2.000.000x spike in CPU instruction count in vulnerable DNS resolvers, stalling some for as long as 16 hours. This devastating effect prompted major DNS vendors to refer to KeyTrap as "the worst attack on DNS ever discovered". Exploiting KeyTrap, an attacker could effectively disable Internet access in any system utilizing a DNSSEC-validating resolver.

tags | paper, encryption
SHA-256 | 4c1743e665520f276be83b47e7a1ae86496ca84f1935e9197aa5b5736fc57eb4
NFC Relay Attack On Tesla Model Y
Posted Feb 21, 2024
Authored by Josep Pi Rodriguez | Site ioactive.com

This paper will walk you through the proof-of-concept and technical details of exploitation for IOActive's recent NFC relay attack on the newest Tesla vehicle, the Model Y. To successfully carry out the attack, IOActive reverse-engineered the NFC protocol Tesla uses between the NFC card and the vehicle, and they then created custom firmware modifications that allowed a Proxmark RDV4.0 device to relay NFC communications over Bluetooth/Wi-Fi using the Proxmark's BlueShark module.

tags | paper, protocol, wireless
SHA-256 | 1b2f050c027e1bfe9702c6a2a927a78ccba6ef0043e76bbe3a63de1a54eaecc8
44CON 2024 Call For Papers
Posted Feb 15, 2024
Site cfp.44con.com

The 44CON 2024 Call For Papers has been announced. 44CON is the UK's largest combined annual Security Conference and Training event. The event takes place September 18th through the 20th, 2024 at the Novotel London West near Hammersmith, London.

tags | paper, conference
SHA-256 | a660b30e4404268fcebbcfa2b2402a49ffaeb99ce9d7683cef070387d9e15b3e
RECON 2024 Call For Papers
Posted Feb 8, 2024
Site cfp.recon.cx

REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It will be held June 28th through the 30th, 2024, in Montreal, Canada.

tags | paper, conference
SHA-256 | 682dca50c2c0835b200447e03653ce581b484302a66fa646092da85d05f86274
How To Install And Use Metasploit On Termux
Posted Jan 15, 2024
Authored by devil rose

Whitepaper called How To Install And Use Metasploit On Termux. Written in Arabic.

tags | paper
SHA-256 | 334302ac8df53bd30a618970bd4921ff0d15d9fb14991c99d782217efaee5098
Page 1 of 152
Back12345Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close