Olivia
Online
VUSec
@vu5ec
Systems and Network Security Group @VUamsterdam. Co-led by @herbertbos @c_giuffrida @EKouwe
Amsterdam, The Netherlands
Joined April 2016
139 Following
4.3K Followers
228 Posts
Spectre v2 is back again! Disclosing "Training Solo": 3 new self-training attack classes, 2 end-to-end exploits, and 2 new hardware issues that break domain isolation even when implemented perfectly. Joint work by @SanWieb @c_giuffrida: https://t.co/q957LoPrXe
[1/3] Turns out those old MDS gadgets have new life... In our latest paper at @IEEESSP , we show how attackers can construct PRELOAD+TIME, a new cache side-channel which takes advantage of these 'half-Spectre' gadgets.
Congratulations to @vustudsec for becoming the first the first Student CyberSecurity Association registered in the Netherlands! And happy to see so many members doing well in our Computer Security Master! https://t.co/mxmbsC4PyS
In the last @vu5ec presentation at @USENIXSecurity, @hanyrax discusses GhostRace and explains how attackers can exploit speculative race conditions in the Linux kernel.
https://t.co/XfA4N8z3tN
@kurmus
@c_giuffrida
@m4mbr3
Who to follow
@bjohannesmeyer presenting our Einstein paper that shows that automating data-only attacks can be easy:
https://t.co/ISGEmXVruZ
@vu5ec
@asia_slowinska
@c_giuffrida
@USENIXSecurity
@victor_duta presenting the SafeFetch paper about protecting against double fetches:
https://t.co/ejX3zcKiuG
@vu5ec
@c_giuffrida
@USENIXSecurity
Mitchel Aloserij (not on X?)
Happy to report that our InSpectreGadget paper won a Distinguished Paper award at @USENIXSecurity:
https://t.co/Hh4sbo4dM4
@vu5ec @SanWieb @HBitmasks @c_giuffrida
Here is @SanWieb presenting the paper:
Our SafeFetch paper @USENIXSecurity is online! Thanks to an optimized in-kernel cache, SafeFetch provides comprehensive protection against double-fetch bugs at a fraction of the cost of prior solutions. Joint work by @victor_duta, Mitchel, @c_giuffrida:
https://t.co/BTYQlwPH5I
Do you love low-level systems hacking? And would you like to work at a top systems security research group in Amsterdam? At @vu5ec, we have a number of PhD and PostDoc positions available: https://t.co/XLxFJzmrG5
Branch History Injection (BHI) is back! Disclosing Native BHI, bypassing deployed Spectre-v2/BHI mitigations (e.g., eBPF=off) to leak arbitrary kernel/host memory (e.g., root password hash below). Joint work by @SanWieb @HBitmasks @herbertbos @c_giuffrida: https://t.co/MF65XzpqnA
How do synchronization primitives work during speculative execution? THEY DON'T!
Disclosing #GhostRace (paper @USENIXSecurity). We turn all arch. race-free critical regions of OS/Hypervisors into Speculative Race Conditions. Joint work @vu5ec @IBMResearch: https://t.co/46Gjf2YyMF
Do you have any interesting work in progress in systems security? Negative results? Cool student projects? EuroSec is the perfect place to present it, and offers an excuse to visit Athens and attend EuroSys. Deadline February 14. https://t.co/Z0YLKLPnh5
Excited to announce the CfP for #EuroSec2024 — please submit your finest ideas! Deadline: February 14, 2024. #EuroSecWorkshop #Eurosys2024 https://t.co/kWGqWYrqxd
New paper with @borrello_pietro @dcdelia @balzarot @lquerzoni @c_giuffrida!
"Predictive Context-sensitive Fuzzing"
introduces compile time context sensitivity to fuzzing w/ selective prioritization using dataflow diversity.
Will appear at NDSS24, get it at https://t.co/6Ry05Jsyxh
Disclosing #SLAM, aka how to combine Spectre and Intel LAM (& co.) to leak kernel memory on future CPUs (demo below). Thousands of exploitable "unmasked" (or pointer chasing) gadgets in the Linux kernel. Joint work by @MatheHertogh @SanWieb @c_giuffrida: https://t.co/8sgL8t8eC5
Come work with us in beautiful Amsterdam! We have a new faculty position in Security research @VUamsterdam. The specific research topic is flexible and synergies with @vu5ec topics are welcome. Feel free to DM for details. https://t.co/eCEBGrYvtQ
Our Quarantine @RAID_Conference paper is online! Quarantine enforces strict CPU core-based isolation to mitigate transient execution attacks vs. cloud VMs. Joint work by Mathé Hertogh @manuwiesinger @sirmc @nSinusR Nadav Amit @herbertbos @c_giuffrida: https://t.co/mjIsVwmoQT
Our FloatZone paper @USENIXSecurity is online: a branchless memory sanitizer that efficiently catches buffer overflows (+ use-after-frees) with floating-point underflows! Joint work by @fcgorter @enrico_barberis @teemperor @EKouwe @c_giuffrida @herbertbos: https://t.co/gMmwZAZBI7
Our uncontained paper @USENIXSecurity is online! Find out how the Linux kernel is the "container of" several type confusion bugs, detected by our sanitizer & static analyzer. Joint work by @JakobKoschel @borrello_pietro @dcdelia @herbertbos @c_giuffrida: https://t.co/urOV6sMZTj
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers