| Website | https://www.mathyvanhoef.com |
| GitHub | https://github.com/vanhoefm |
| https://twitter.com/vanhoefm | |
| YouTube | https://youtube.com/@vanhoefm |
At USENIX Security? Then check out:
Studying the Use of CVEs in Academia, won distinguished paper award https://www.usenix.org/conference/usenixsecurity25/presentation/schloegel
Discovering and Exploiting Vulnerable Tunnelling Hosts, won most innovative research Pwnie @ DEFCON https://www.usenix.org/conference/usenixsecurity25/presentation/beitis
Big thanks to all co-authors!! #usenixsecurity
Our research on open tunneling servers got nominated for the Most Innovative Research award :)
The work will be presented by Angelos Beitis at Black Hat and also at USENIX Security
Brief summary and code: https://github.com/vanhoefm/tunneltester
Paper: https://papers.mathyvanhoef.com/usenix2025-tunnels.pdf
New version of the IEEE 802.11 standard that underpins Wi-Fi has been released. A total of 5969 pages!
The number of pages clearly keeps increasing. That includes more features to defend networks, but also more features to potentially abuse 👀
For more info and a demo video, see the article at https://www.top10vpn.com/research/tunneling-protocol-vulnerability/
IT admins can request access to our code to test servers (code is not yet public to prevent abuse): https://github.com/vanhoefm/tunneltester
Academic paper: https://papers.mathyvanhoef.com/usenix2025-tunnels.pdf
After an embargo of 8 months, we are glad to finally share our USENIX Security '25 paper! We found more than 4 MILLION vulnerable tunneling servers by scanning the Internet.
These vulnerable servers can be abused as proxies to launch DDoS attacks and possibly to access internal networks.
We investigated the owners of some of these vulnerable tunneling servers. This revealed that notable domains, such as Facebook’s content delivery network (CDN) and Tencent’s cloud services were affected. The home routers of some national ISPs were also affected.
