Description

ThinkstScapes Q1’25

Putting it into practice

Homomorphic Encryption across Apple features

Rehan Rishi, Haris Mughees, Fabian Boemer, Karl Tarbe, Nicholas Genise, Akshay Wadia, and Ruiyu Zhu

[Code] [Paper] [Video]

Beyond the Hook: A Technical Deep Dive into Modern Phishing Methodologies

Alexandre Nesic

[Blog]

How to Backdoor Large Language Models

Shrivu Shankar

[Blog] [Code]

Buccaneers of the Binary: Plundering Compiler Optimizations for Decompilation Treasure

Zion Leonahenahe Basque

[Code] [Video]

Software Screws Around, Reverse Engineering Finds Out: How Independent, Adversarial Research Informs Government Regulation

Andy Sellars and Michael A. Specter

[Video] [Website]

Understanding things all the way down

PhantomLiDAR: Cross-modality Signal Injection Attacks against LiDAR

Zizhi Jin, Qinhong Jiang, Xuancun Lu, Chen Yan, Xiaoyu Ji, and Wenyuan Xu

[Paper] [Demo Videos]

Full-stack Reverse Engineering of the Original Microsoft Xbox

Markus Gaasedelen

[Video]

Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China

Shencha Fan, Jackson Sippe, Sakamoto San, Jade Sheffey, David Fifield, Amir Houmansadr, Elson Wedwards, and Eric Wustrow

[Paper]

Scaling software (in)security

Low-Effort Denial of Service with Recursion

Alexis Challande and Brad Swain

[Paper] [Video]

Is this memory safety here in the room with us?

Thomas Dullien (Halvar Flake)

[Slides] [Video]

How to gain code execution on millions of people and hundreds of popular apps

Eva

[Blog]

Node is a loader

Tom Steele

[Blog]

Mixing up Public and Private Keys in OpenID Connect deployments

Hanno Böck

[Blog] [Code]

Nifty sundries

Will It Run? Fooling EDRs With Command Lines Using Empirical Data

Wietze Beukema

[Tool site] [Code] [Video]

Homoglyph-Based Attacks: Circumventing LLM Detectors

Aldan Creo

[Paper] [Code] [Video]

28 Months Later - The Ongoing Evolution of Russia's Cyber Operations

The Grugq

[Slides] [Podcast interview]

‘It's Not Paranoia If They're Really After You’: When Announcing Deception Technology Can Change Attacker Decisions

Andrew Reeves and Debi Ashenden

[Paper]

Off-Path TCP Hijacking in Wi-Fi Networks: A Packet-Size Side Channel Attack

Ziqiang Wang, Xuewei Feng, Qi Li, Kun Sun, Yuxiang Yang, Mengyuan Li, Ganqiu Du, Ke Xu, and Jianping Wu

[Paper] [Code]

ThinkstScapes Research Roundup - Q1 - 2025

Listen

Description

ThinkstScapes Q1’25

Putting it into practice

Homomorphic Encryption across Apple features

Beyond the Hook: A Technical Deep Dive into Modern Phishing Methodologies

How to Backdoor Large Language Models

Buccaneers of the Binary: Plundering Compiler Optimizations for Decompilation Treasure

Software Screws Around, Reverse Engineering Finds Out: How Independent, Adversarial Research Informs Government Regulation

Understanding things all the way down

PhantomLiDAR: Cross-modality Signal Injection Attacks against LiDAR

Full-stack Reverse Engineering of the Original Microsoft Xbox

Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China

Scaling software (in)security

Low-Effort Denial of Service with Recursion

Is this memory safety here in the room with us?

How to gain code execution on millions of people and hundreds of popular apps

Node is a loader

Mixing up Public and Private Keys in OpenID Connect deployments

Nifty sundries

Will It Run? Fooling EDRs With Command Lines Using Empirical Data

Homoglyph-Based Attacks: Circumventing LLM Detectors

28 Months Later - The Ongoing Evolution of Russia's Cyber Operations

‘It's Not Paranoia If They're Really After You’: When Announcing Deception Technology Can Change Attacker Decisions

Off-Path TCP Hijacking in Wi-Fi Networks: A Packet-Size Side Channel Attack

Want to check another podcast?