Daniel ThomasSep 8, 2025
Taking Down Booters: The Cat-and-Mouse Game, blog post for our USENIX Security paper https://www.lightbluetouchpaper.org/2025/09/06/taking-down-booters-the-cat-and-mouse-game/ #DDoS #USENIXSecurity #Cybercrime #NetworkSecurity (also this is my first USENIX Security paper after many many rejections for other papers, and it got an Honourable Mention Award! :-)
Taking Down Booters: The Cat-and-Mouse Game | Light Blue Touchpaper

Dataplane.orgAug 18, 2025

The Internet Last Week

* VNC signals decreasing
https://dataplane.org/statistics/vncrfb.html
* Microsoft Patch Tuesday
https://isc.sans.edu/forums/diary/Microsoft+August+2025+Patch+Tuesday/32192/
https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2025-patch-tuesday-fixes-one-zero-day-107-flaws/
https://krebsonsecurity.com/2025/08/microsoft-patch-tuesday-august-2025-edition/
* 34th USENIX Security Symposium
https://www.usenix.org/conference/usenixsecurity25
* Colt Telecom ransomware effects
https://www.colt.net/status/
https://www.bleepingcomputer.com/news/security/colt-telecom-attack-claimed-by-warlock-ransomware-data-up-for-sale/
https://cyberplace.social/@GossiTheDog/115022343170487477

#VNC #Microsoft #UsenixSecurity #AS8220

VNC RFB Signal Statistics

This interactive time-series plot is a measure our observed VNC RFB signals data.

Nicolas Ward Aug 15, 2025
That tickle of interest in academia is back again because of #usenixsecurity.
Show threadMartin HenzeAug 15, 2025
Today, Konrad will present the corresponding paper at #usenixsecurity 2025, one of the top international conferences in security research. If you are at the conference, make sure to come by (Track 2, 2.00pm - 3.30pm) and talk to Konrad about his awesome work.
2/3
Nicolas Ward Aug 14, 2025

Really interesting #usenixsecurity talk from Dr. Ben Adida at VotingWorks https://www.voting.works/about on ballot counting resilience.

Main point was paper ballots that can be hand counted is best, but if you must machine count it should rely on paper ballots, be open source, and include features to minimize or flag human error.

About VotingWorks

John KristoffAug 13, 2025

Not cool.

"We have determined that a bad actor has generated false slides and exploited USENIX’s slide collection process to submit them as though they belong to legitimate authors."

#usenixsecurity

Mathy VanhoefAug 13, 2025

At USENIX Security? Then check out:

Studying the Use of CVEs in Academia, won distinguished paper award https://www.usenix.org/conference/usenixsecurity25/presentation/schloegel

Discovering and Exploiting Vulnerable Tunnelling Hosts, won most innovative research Pwnie @ DEFCON https://www.usenix.org/conference/usenixsecurity25/presentation/beitis

Big thanks to all co-authors!! #usenixsecurity

Show threadNicolas Ward Aug 13, 2025
In the LLM security lightning talk track. Shocker: most public models are a security nightmare and it's wild to me that we're handing these to regular end users after decades of trying to lock down their risks on the web. #usenixsecurity
Nicolas Ward Aug 13, 2025
Sitting down at #usenixsecurity opening session. If you want to talk Amazon Science I'll be in random sessions or on and off at the Amazon booth.
Mathias PayerAug 13, 2025

πŸš‚ Murder on the JNI Express πŸš‚

Hercule Poirot solved murders.
Droidot solves... memory corruption.

On the Android Express, every app is a suspect and their outdated native C/C++ libraries are hiding skeletons in the .so closet.

We investigated 3,967 of the most popular apps, following every JNI call like a trail of footprints in the snow.

Our case file:
πŸ•΅οΈβ€β™‚οΈ 4,282 crashes
πŸ”“ 34 confirmed vulnerabilities
πŸ“œ 3 CVEs

The culprit?
Buggy libraries traveling incognito between apps.

Interested? Check out https://nebelwelt.net/blog/2025/0813-droidot.html or meet us this week at #usenixsecurity!

Droidot: Vulnerable Native Libraries on Android

Android is a complex platform with diverse, concurrently running services. Looking at user-space the assumption is that each app is isolated from...