ThinkstScapes

ThinkstScapes Research Roundup - Q2 - 2024

Jul 29, 2024

In this insightful discussion, guests include Johann Rehberger, an AI/ML security researcher, and Richard Fang, who evaluates AI exploitation methods. They delve into the complexities of system vulnerabilities, highlighting how teams of large language model agents could exploit zero-day flaws. Rohan Bindu and Akul Gupta share findings on LLM capabilities in offensive security. The group also addresses the limitations of LLMs in recognizing security threats and the implications of managing identities across multi-cloud environments. Don't miss their fresh take on AI security!

31:36

Creator website

Episode guests

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Large language models pose significant security risks, as malicious actors can exploit their features to manipulate memory and exfiltrate sensitive data.

Understanding systemic vulnerabilities is crucial, as attacks on integrated systems can result in widespread impacts beyond individual software weaknesses.

Deep dives

AI and Security Vulnerabilities

Recent research highlights the vulnerabilities associated with large language models (LLMs) in security applications. For instance, prompt injection techniques can manipulate services like GitHub Copilot, allowing attackers to exfiltrate code and data. By exploiting features like memory retention in LLMs, malicious actors can alter user memories across sessions, enabling further exploitation. This raises concerns as organizations increasingly adopt LLMs, potentially leading to data leakage and corruption if safeguards against untrusted inputs are not strengthened.

Intro

8min

Exploring System Vulnerabilities and the Offensive Security Landscape

4min

Navigating Multi-Cloud Identities and Underwater Data Center Vulnerabilities

4min

Cryptanalysis and Security Vulnerabilities

12min

Advancements in Confidential Computing and Active Directory Security

3min

AI/ML in security

Injecting into LLM-adjacent components

Johann Rehberger

[Blog 1] [Blog 2]

Teams of LLM Agents can Exploit Zero-Day Vulnerabilities

Richard Fang, Rohan Bindu, Akul Gupta, Qiusi Zhan, and Daniel Kang

[Paper]

Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models

Sergei Glazunov and Mark Brand

[Blog]

LLMs Cannot Reliably Identify and Reason About Security Vulnerabilities (Yet?): A Comprehensive Evaluation, Framework, and Benchmarks

Saad Ullah, Mingji Han, Saurabh Pujar, Hammond Pearce, Ayse Kivilcim Coskun, and Gianluca Stringhini

[Paper] [Code]

The Impact of Backdoor Poisoning Vulnerabilities on AI-Based Threat Detectors

Dmitrijs Trizna, Luca Demetrio, Battista Biggio, and Fabio Roli

[Slides] [Paper] [Code]

Looking at the whole system

Systems Alchemy: The Transmutation of Hacking

Thaddeus grugq

[Video]

The Boom, the Bust, the Adjust and the Unknown

Maor Shwartz

[Slides]

Poisoning Web-Scale Training Datasets is Practical

Nicholas Carlini, Matthew Jagielski, Christopher A. Choquette-Choo, Daniel Paleka, Will Pearce, Hyrum Anderson, Andreas Terzis, Kurt Thomas, and Florian Tramèr

[Paper]

Intercloud Identities: The Risks and Mitigations of Access Between Cloud Providers

Noam Dahan and Ari Eitan

[Video]

New modalities with which to inflict pain

GPU.zip: On the Side-Channel Implications of Hardware-Based Graphical Data Compression

Yingchen Wang, Riccardo Paccagnella, Zhao Gang, Willy R. Vasquez, David Kohlbrenner, Hovav Shacham, and Christopher W. Fletcher

[Paper]

AquaSonic: Acoustic Manipulation of Underwater Data Center Operations and Resource Management

Jennifer Sheldon, Weidong Zhu, Adnan Abdullah, Sri Hrushikesh Varma Bhupathiraju, Takeshi Sugawara, Kevin Butler, Md Jahidul Islam, and Sara Rampazzi

[Paper] [Video]

Video-Based Cryptanalysis: Extracting Cryptographic Keys from Video Footage of a Device’s Power LED Captured By Standard Video Cameras

Ben Nassi, Etay Iluz, Or Cohen, Ofek Vayner, Dudi Nassi, Boris Zadov, and Yuval Elovici

[Site] [Paper] [Video]

Old components showing the strain

Exploiting Sequence Number Leakage: TCP Hijacking in NAT-Enabled Wi-Fi Networks

Yuxiang Yang, Xuewei Feng, Qi Li, Kun Sun, Ziqiang Wang, and Ke Xu

[Blog] [Paper]

Reliable Payload Transmission Past the Spoofed TCP Handshake

Yepeng Pan and Christian Rossow

[Paper] [Code]

Parse Me, Baby, One More Time: Bypassing HTML Sanitizer via Parsing Differentials

David Klein and Martin Johns

[Paper] [Code]

Practical Exploitation of Registry Vulnerabilities in the Windows Kernel

Mateusz Jurczyk

[Blog] [Video]

Nifty sundries

An Analysis of Recent Advances in Deepfake Image Detection in an Evolving Threat Landscape

Sifat Muhammad Abdullah, Aravind Cheruvu, Shravya Kanchi, Taejoong Chung, Peng Gao, Murtuza Jadliwala, and Bimal Viswanath

[Code] [Paper]

Tracking illicit phishermen in the deep blue Azure

Jacob Torrey

[Slides] [Code]

SEVeriFast: Minimizing the root of trust for fast startup of SEV microVMs

Benjamin Holmes, Jason Waterman, and Dan Williams

[Paper] [Code]

Certiception: The ADCS Honeypot We Always Wanted

Balthasar Martin and Niklas van Dornick

[Blog] [Code] [Slides]

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

ThinkstScapes

ThinkstScapes Research Roundup - Q2 - 2024

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

AI and Security Vulnerabilities

Systemic Perspectives on Hacking

New Attack Modalities and Techniques

Legacy Component Vulnerabilities

AI/ML in security

Injecting into LLM-adjacent components

Teams of LLM Agents can Exploit Zero-Day Vulnerabilities

Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models

LLMs Cannot Reliably Identify and Reason About Security Vulnerabilities (Yet?): A Comprehensive Evaluation, Framework, and Benchmarks

The Impact of Backdoor Poisoning Vulnerabilities on AI-Based Threat Detectors

Looking at the whole system

Systems Alchemy: The Transmutation of Hacking

The Boom, the Bust, the Adjust and the Unknown

Poisoning Web-Scale Training Datasets is Practical

Intercloud Identities: The Risks and Mitigations of Access Between Cloud Providers

New modalities with which to inflict pain

GPU.zip: On the Side-Channel Implications of Hardware-Based Graphical Data Compression

AquaSonic: Acoustic Manipulation of Underwater Data Center Operations and Resource Management

Video-Based Cryptanalysis: Extracting Cryptographic Keys from Video Footage of a Device’s Power LED Captured By Standard Video Cameras

Old components showing the strain

Exploiting Sequence Number Leakage: TCP Hijacking in NAT-Enabled Wi-Fi Networks

Reliable Payload Transmission Past the Spoofed TCP Handshake

Parse Me, Baby, One More Time: Bypassing HTML Sanitizer via Parsing Differentials

Practical Exploitation of Registry Vulnerabilities in the Windows Kernel

Nifty sundries

An Analysis of Recent Advances in Deepfake Image Detection in an Evolving Threat Landscape

Tracking illicit phishermen in the deep blue Azure

SEVeriFast: Minimizing the root of trust for fast startup of SEV microVMs

Certiception: The ADCS Honeypot We Always Wanted

Remember Everything You Learn from Podcasts