exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 3,772 RSS Feed

Whitepaper Files

Hardwear.io NL 2023 Call For Papers
Posted Jul 19, 2023
Authored by hardwear.io CFP | Site hardwear.io

The call for papers for Hardwear.io 2023 in the Netherlands is now open. It will take place November 2nd through the 3rd, 2023 at the Marriott Hotel, The Hague, Netherlands.

tags | paper, conference
SHA-256 | ec87fd1f62c43c5094a8b7edcbb92181ee748aea83102c2abf02a405cf32899b
From RFC To RCE 16 Years Later
Posted Jul 11, 2023
Authored by Fabian Hagg | Site sec-consult.com

Whitepaper titled Everyone Knows SAP, Everyone Uses SAP, Everyone Uses RFC, No One Knows RFC: From RFC to RCE 16 Years Later.

tags | paper
SHA-256 | ec3e058c8f83be6779103d8bb8f9cdbd4b8c1663435f67a9d7c36923c7afe54a
Speculative Denial-of-Service Attacks In Ethereum
Posted Jun 19, 2023
Authored by Kaihua Qin, Liyi Zhou, Aviv Yaish, Arthur Gervais, Aviv Zohar

The expressiveness of Turing-complete blockchains implies that verifying a transaction's validity requires executing it on the current blockchain state. Transaction fees are designed to compensate actors for resources expended on transactions, but can only be charged from transactions included in blocks. In this work, the authors show that adversaries can craft malicious transactions that decouple the work imposed on blockchain actors from the compensation offered in return by introducing three attacks.

tags | paper, cryptography
SHA-256 | 68b4adbac9a02de43d43f0c0b285dc603d363d3be1f6185ba4fe1c00129c1969
A DIY Guide To Become An Alone Long Time Bughunter For Ordinary People
Posted Jun 7, 2023
Authored by j00sean

Whitepaper called Bughunter's Life-Style: A DIY guide to become an alone long time bughunter for ordinary people. Written in Spanish.

tags | paper
SHA-256 | 492728ae51fe482711c11af1be87bba75442f0506b3f42fe800bfc028dd68d50
Enhancing Vulnerability Prioritization: Data-Driven Exploit Predictions With Community Driven Insights
Posted Jun 5, 2023
Authored by Sasha Romanosky, Armin Sarabi, Octavian Suciu, Ben Edwards, Jay Jacobs

In this paper, the authors present the efforts behind building a Special Interest Group (SIG) that seeks to develop a completely data-driven exploit scoring system that produces scores for all known vulnerabilities, that is freely available, and which adapts to new information.

tags | paper, vulnerability
SHA-256 | 8226a3dc718a8972e22524b28b782a704c31078e7997a2ddd07aeb9c9608798f
nullcon Goa 2023 Call For Papers
Posted May 25, 2023
Site nullcon.net

The Call For Papers for nullcon Goa 2023 is now open. Nullcon is an information security conference held in Goa, India. The focus of the conference is to showcase the next generation of offensive and defensive security technology. It will take place September 23rd through the 24th, 2023 at the Birla Institute of Technology and Science (BITS) Pilani, Goa.

tags | paper, conference
SHA-256 | 4a4d540392f90a1bf90132873bf5cebdace3aaa1fb17e07615a0a45bb57e9928
Not-Too-Safe Boot
Posted May 16, 2023
Authored by Zero-Day Zone | Site zerodayzone.com

In this paper, the authors provide an in-depth analysis of the Not-Too-Safe Boot technique, which has been designed to bypass Endpoint Security Solutions like antivirus (AV), endpoint detection and response (EDR) and anti-tampering mechanisms remotely. This method builds on a local execution technique first published in 2007 and later utilized in a real world scenario by a ransomware in 2019.

tags | paper, local
SHA-256 | 4ab12a59151aa94280a3b9d4b96f18a83bea50df9c1d7059e19c8266fbd31001
Anomaly Detection In Bank Transactions Using Machine Learning
Posted Apr 27, 2023
Authored by Dr Rachna Jain, Sarthak Deshwal

This whitepaper illustrates different machine learning techniques for anomaly detection relating to bank transactions.

tags | paper
SHA-256 | 7c0d7aa12a9030c384da45dec3261c2fd038115e1291526f413603a7bf272956
WCC 2023 Call For Participation
Posted Mar 22, 2023
Authored by WorldCryptologicCompetition | Site worldcryptologiccompetition.github.io

The World Cryptologic Competition (WCC) 2023 is a fully-online and open competition using GitHub. The language of the competition is English. The WCC 2023 has a total duration of 295 days, from Sunday January 1st 2023 to Monday October 23rd 2023. Teams and Judges must complete registration before Wednesday June 1st.

tags | paper, conference
SHA-256 | 12848db5eecde474ede8125eed53f5c8e8e8198f50e1cd86053ead35891713eb
BSidesLjubljana 2023 Call For Papers
Posted Mar 17, 2023
Site 0x7e7.bsidesljubljana.si

B-Sides Ljubljana will be held June 16, 2023 in Ljubljana, Slovenia.

tags | paper, conference
SHA-256 | a8a7fd33b3af62a91c8455b5929954ee7b0ebda0b1976fcd6027df433714ce33
A Vulnerability In Implementations of SHA-3, SHAKE, EdDSA, And Other NIST-Approved Algorithms
Posted Mar 7, 2023
Authored by Nicky Mouha, Christopher Celi | Site eprint.iacr.org

This paper describes a vulnerability in several implementations of the Secure Hash Algorithm 3 (SHA-3) that have been released by its designers. The vulnerability has been present since the final-round update of Keccak was submitted to the National Institute of Standards and Technology (NIST) SHA-3 hash function competition in January 2011, and is present in the eXtended Keccak Code Package (XKCP) of the Keccak team. It affects all software projects that have integrated this code, such as the scripting languages Python and PHP Hypertext Preprocessor (PHP). The vulnerability is a buffer overflow that allows attacker-controlled values to be eXclusive-ORed (XORed) into memory (without any restrictions on values to be XORed and even far beyond the location of the original buffer), thereby making many standard protection measures against buffer overflows (e.g., canary values) completely ineffective.

tags | paper, overflow, cryptography, php, python
advisories | CVE-2022-37454
SHA-256 | e5ce94c802fc96b96a37593074295283819a7abf859a04a1c1cbfcdb566dcdb1
Breaking A Fifth-Order Masked Implementation Of CRYSTALS-Kyber By Copy-Paste
Posted Feb 28, 2023
Authored by Kalle Ngo, Joel Gartner, Elena Dubrova

CRYSTALS-Kyber has been selected by the NIST as a public-key encryption and key encapsulation mechanism to be standardized. It is also included in the NSA's suite of cryptographic algorithms recommended for national security systems. This makes it important to evaluate the resistance of CRYSTALS-Kyber’s implementations to side-channel attacks. The unprotected and first-order masked software implementations have been already analysed. In this paper, they present deep learning-based message recovery attacks on the ω-order masked implementations of CRYSTALS-Kyber in ARM Cortex-M4 CPU for ω ≤ 5. The main contribution is a new neural network training method called recursive learning. In the attack on an ω-order masked implementation, they start training from an artificially constructed neural network M ω whose weights are partly copied from a model M ω−1 trained on the (ω − 1)-order masked implementation, and then extended to one more share. Such a method allows them to train neural networks that can recover a message bit with the probability above 99% from high-order masked implementations.

tags | paper, cryptography
SHA-256 | bb8f1a666a9bb3b7ef38e7e61e8980c7e3efb86a13dead4ae283a439aa94aded
Broadcast Signal Intrusion - Hacking Radio Stations
Posted Jan 30, 2023
Authored by LiquidWorm | Site zeroscience.mk

This paper goes over common components of broadcast systems, how hackers take advantage of them, and discusses some of the vulnerabilities discovered.

tags | exploit, paper, vulnerability
SHA-256 | 1467a96747d9321ba7a659e074789337bc6efc1d4621b6ec26b5fdf38e1ca678
Wordfence 2022 State Of WordPress Security
Posted Jan 25, 2023
Authored by Ramuel Gall | Site wordfence.com

The Wordfence Threat Intelligence team has released their 2022 State of WordPress Security report. In the report, they look at changes in the threat landscape, analyze impactful trends, and provide recommendations based on their findings.

tags | paper
SHA-256 | 833a6664e11b54321c4268553ac08e81c3b99e65165b4e44d62207f09cc2fb5c
t2'23 Call For Papers
Posted Jan 24, 2023
Site t2.fi

The t2'23 Call For Papers has been announced. It will take place May 4th through the 5th, 2023 in Helsinki, Finland.

tags | paper, conference
SHA-256 | 2235f9a9ede909195456aaef9036e5789bbe845b4ac330ad569f0d005760ac7e
DensePose From WiFi
Posted Jan 23, 2023
Authored by Fernando De la Torre, Jiaqi Geng, Dong Huang

Whitepaper called DensePose From WiFi. It discusses how scientists from Carnegie Mellon University have figured out how to map a human's 3D form by using two wifi routers.

tags | paper, wireless
SHA-256 | 79e410d611cf1fce59906fb6029e819c60c9ad628363ca5b29efc9728ff69195
Acunetix Vulnweb Solutions Handbook
Posted Jan 9, 2023
Authored by Ismail Tasdelen

In this paper, the author subjects the vulnerable web application vulnweb.com, developed by Acunetix, to security tests. Acunetix is a web application where we can perform legal penetration tests. The author discusses how to infiltrate the target system by acting as a real hacker through this application. Written in Turkish.

tags | paper, web
SHA-256 | 9452d8ba127e646598688770379f1d68ad85c10e81be8c7238597d9d656014c1
Everything About The Secure Software Development Process
Posted Jan 9, 2023
Authored by Ismail Tasdelen

This is a brief whitepaper that discusses some basic fundamentals for approaching secure design of an application.

tags | paper
SHA-256 | c962e90a506a04f9658f44421b9bf8e4b0339a1755b66c5c193c109f722ea574
EuskalHack Security Congress VI Call For Papers
Posted Jan 2, 2023
Site euskalhack.org

EuskalHack Security Congress sixth edition is a new proposal from the EuskalHack Computer Security Association, with the aim to promote the community growth and the culture in the digital security field. As usual, in this new edition proximity to our public and technical quality will be our hallmarks. This exclusive conference is shaping up as the most relevant in Basque Country, with an estimated 200 attendees for this sixth edition. The participants include specialized companies, public organisms, state security organizations, professionals, hobbyists and students in the area of security and Information Technology. The date for the conference is the 23th and 24th of June 2023 in the lovely city of Donostia San Sebastian.

tags | paper, conference
SHA-256 | eb3ffa1da9807b837a3317ded516298ccef5fca21861e6fdeb5eed21bc5c6eed
BSides SF 2023 Call For Papers
Posted Dec 15, 2022
Site bsidessf.org

BSidesSF is soliciting presentations, workshops, and villages for the 2023 annual BSidesSF conference. It will be located at City View at the Metreon in downtown San Francisco April 22nd through the 23rd, 2023.

tags | paper, conference
SHA-256 | 155076340b81d26d3d2bd8aa8310d074feff7f8a583b03a687abd01754152f90
Microsoft Outlook 2019 16.0.13231.20262 Remote Code Execution
Posted Nov 21, 2022
Authored by Hangjun Go

This is a whitepaper along with a proof of concept eml file discussing CVE-2020-16947 where a remote code execution vulnerability exists in Microsoft Outlook 2019 version 16.0.13231.20262 when it fails to properly handle objects in memory.

tags | exploit, paper, remote, code execution, proof of concept
advisories | CVE-2020-16947
SHA-256 | e10886839475e813dff9362bc048392f047b424255b849ca304a468b0daa17a3
Microsoft Outlook 2019 16.0.12624.20424 Out-Of-Bounds Read
Posted Nov 21, 2022
Authored by Hangjun Go

This is a whitepaper along with a proof of concept eml file that demonstrates an out-of-bounds read on Outlook 2019 version 16.0.12624.20424. NIST references this issue as simply an information disclosure.

tags | exploit, paper, proof of concept, info disclosure
advisories | CVE-2020-1493
SHA-256 | d7cbdf78b8d88b5ef4f17ae322717c6adec1d335f3eddae9fc75f883c66bbc76
Microsoft Outlook 2019 16.0.12624.20424 Remote Code Execution
Posted Nov 21, 2022
Authored by Hangjun Go

This is a whitepaper discussing CVE-2020-1349 where a remote code execution vulnerability exists in Microsoft Outlook 2019 version 16.0.12624.20424 when it fails to properly handle objects in memory.

tags | advisory, paper, remote, code execution
advisories | CVE-2020-1349
SHA-256 | 0cbeab94a42718d9dc0fbddcb25e670799fb9171ff9f4aa0d640945941711759
PatrIoT: Practical And Agile Threat Research For IoT
Posted Nov 18, 2022
Authored by Emre Suren, Robert Lagerstrom, Fredrik Heiding, Johannes Olegard | Site doi.org

PatrIoT provides a four-stage IoT vulnerability research methodology built on top of four key elements: logical attack surface decomposition, compilation of top 100 weaknesses, lightweight risk scoring, and step-by-step penetration testing guidelines. The proposed methodology is evaluated with multiple IoT products. The results indicate that PatrIoT allows cyber security practitioners without much experience to advance vulnerability research activities quickly and reduces the risk of critical IoT penetration testing steps being overlooked.

tags | paper
SHA-256 | 7ef04fa8b69b383da473db2f732cbb05957268406e540aab12aa566dc3408119
Nullcon Berlin 2023 Call For Papers
Posted Oct 17, 2022
Site nullcon.net

The Nullcon Berlin 2023 Call For Papers is open. It will take place March 9th through the 10th, 2023 in Berlin, Germany.

tags | paper, conference
SHA-256 | fe1cb7a63d18537e4b4b907db517cecd2187c370eebe4852d306e3dc81a202d3
Page 2 of 151
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close