Radio and PodcastLive Radio & PodcastsOpening Radio and Podcast...
Radio and PodcastLive Radio & PodcastsFetching podcast shows and categories...
Radio and PodcastLive Radio & PodcastsFetching podcast episodes...
The ThinkstScapes podcast aims to distill and disseminate the cybersecurity research published worldwide. Our researchers track and review hundreds and thousands of talks (so you don't have...
Networking beyond plug-and-play GET /large file HTTP/1.1: Connection-Based TCP Amplification Attacks Yepeng Pan, Lars Richter, and Christian...
Q3’25 ThinkstScapes Microsoft-induced security woes One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor t...
ThinkstScapes Q2’25 Networking is always tricky Beyond the Horizon: Uncovering Hosts and Services Behind Misconfigured Firewalls Qing Deng,...
ThinkstScapes Q1’25 Putting it into practice Homomorphic Encryption across Apple features Rehan Rishi, Haris Mughees, Fabian Boemer, Karl Ta...
ThinkstScapes Q4’24 Wins and losses in the Microsoft ecosystem Pointer Problems - Why We’re Refactoring the Windows Kernel Joe Bialek [ Vide...
Themes covered in this episode Edge cases at scale still matter Works from this theme exploit rarely-occurring issues, but with an internet-...
AI/ML in security Injecting into LLM-adjacent components Johann Rehberger [ Blog 1 ] [ Blog 2 ] Teams of LLM Agents can Exploit Zero-Day Vul...
Revealing more than anticipated, and preventing prying eyes PrintListener: Uncovering the Vulnerability of Fingerprint Authentication via th...
LLMs ain't making life any easier Abusing Images and Sounds for Indirect Instruction Injection in Multi-Modal LLMs Tsung-Yin Hsieh, Ben Nass...
Cryptography still isn’t easy certmitm: automatic exploitation of TLS certificate validation vulnerabilities Aapo Oksman [ Slides ] [ Code ]...
Privacy in the modern era IPvSeeYou: Exploiting Leaked Identifiers in IPv6 for Street-Level Geolocation Erik Rye and Robert Beverly [ Slides...
Smashing Web3 transaction simulations for fun and profit Tal Be'ery and Roi Vazan [ Blog ] [ Video ] Not what you've signed up for: Compromi...
Hacking the Cloud with SAML Felix Wilhelm [ Slides ] [ Video ] Announcing GUAC, a great pairing with SLSA (and SBOM)! Brandon Lum, Mihai Mar...
Analyzing the Feasibility and Generalizability of Fingerprinting Internet of Things Devices Dilawer Ahmed, Anupam Das, and Fareed Zaffar [ C...
I am become loadbalancer, owner of your network Nate Warfield [ Slides ] Evil Never Sleeps: When Wireless Malware Stays On After Turning Off...
Hyntrospect: a fuzzer for Hyper-V devices Diane Dubois [ Slides ] [ Paper ] [ Code ] [ Video ] Put an io_uring on it: Exploiting the Linux K...
Sponge Examples: Energy-Latency Attacks on Neural Networks Ilia Shumailov, Yiren Zhao, Daniel Bates, Nicolas Papernot, Robert Mullins, and R...
Introduction Episode 1 - 2021/Q3 Thinkst Trends and Takeaways is a show released in conjunction with ThinkstScapes , a written quarterly rev...