ThinkstScapes cover image

ThinkstScapes

ThinkstScapes Research Roundup - Q4 - 2023

Feb 28, 2024
29:58
Creator website

LLMs ain't making life any easier

Abusing Images and Sounds for Indirect Instruction Injection in Multi-Modal LLMs

Tsung-Yin Hsieh, Ben Nassi, Vitaly Shmatikov, and Eugene Bagdasaryan

[Slides] [Paper] [Code]

Tree of Attacks: Jailbreaking Black-Box LLMs Automatically

Anay Mehrotra, Manolis Zampetakis, Paul Kassianik, Blaine Nelson, Hyrum Anderson, Yaron Singer, and Amin Karbasi

[Paper] [Code]

Avoiding the basilisk's fangs: State-of-the-art in AI LLM detection

Jacob Torrey

[Slides] [Code] [Video]

Dystopian much: The Rise of the Influence Machines

Nea Paw

[Blog] [Video]

Problems in well-trodden areas

SMTP Smuggling – Spoofing E-mails Worldwide

Timo Longin

[Blog] [Video]

Blind CSS Exfiltration: Exfiltrate unknown web pages

Gareth Heyes

[Slides] [Blog] [Code]

OLE object are still dangerous today – Exploiting Microsoft Office

wh1tc and Zhiniang Peng

[Slides] [Demo Videos]

The Nightmare of Apple’s OTA Update

Mickey Jin

[Slides] [Blog] [Video]

Reflecting on our efforts

Evaluating the Security Posture of Real-World FIDO2 Deployments

Dhruv Kuchhal, Muhammad Saad, Adam Oest, and Frank Li

[Paper]

Talking about Pros and Cons

Jacob Torrey

[Slides] [Video]

NCC Group’s 2022 & 2023 Research Report

NCC Group

[Paper] [Blog]

A 3-Year Tale of Hacking a Pwn2Own Target: The Attacks, Vendor Evolution, and Lessons Learned

Orange Tsai

[Slides] [Video]

Nifty sundries

Breaking "DRM" in Polish trains

MrTick, Redford, and q3k

[Video]

Detection and Blocking with BPF via YAML

Kevin Sheldrake

[Slides] [Code]

AntiFake: Using Adversarial Audio to Prevent Unauthorized Speech Synthesis

Zhiyuan Yu, Shixuan Zhai, and Ning Zhang

[Paper] [Code]

A Good Fishman Knows All the Angles: A Critical Evaluation of Google's Phishing Page Classifier

Changqing Miao, Jianan Feng, Wei You, Wenchang Shi, Jianjun Huang, and Bin Liang

[Paper] [Code]

Spoofing DNS Records by Abusing DHCP DNS Dynamic Updates

Ori David

[Blog] [Code

Operation Triangulation: What You Get When Attack iPhones of Researchers

Boris Larin, Leonid Bezvershenko, and Georgy Kucherin

[Blog] [Video]

Password-Stealing without Hacking: Wi-Fi Enabled Practical Keystroke Eavesdropping

Jingyang Hu, Hongbo Wang, Tianyue Zheng, Jingzhi Hu, Zhe Chen, Hongbo Jiang, and Jun Luo

[Paper] [Code]

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode