Today we're inaugurating our group's new blog with a post on speculative bypass of stack canaries. Stay tuned for more goodies soon!.

RT @kurmus: If you liked exploiting use-after-frees, you will love exploiting speculative UaFs! Paper:

RT @gannimo: #NDSS25 is calling for reviewers, please sign up and nominate your peers for the TPC:

RT @acm_ccs: The CCS deadline is coming very soon (January 28th), and we are looking forward to your awesome submissions!. Submission websi….

RT @chrossow: Security researchers pay attention: Just about 2 weeks left to polish and submit your @RAID_Conference papers to book your ti….

RT @gannimo: The paper submission deadline for the second cycle of @NDSSSymposium is on Jul29 AoE, so finish those papers and submit them a….

RT @carmelatroncoso: The Call for Papers for @USENIXSecurity 23 is out! First deadline: June 7th. @inplaintext and I are looking forward to….

RT @gannimo: Planning to submit to the first cycle for @NDSSSymposium #NDSS23? Now is a good time to register your paper and conflicts: htt….

RT @gannimo: The very first @jsysresearch JSys deadline in system security is coming up on May 01. Get your papers ready, we'll be looking….

RT @gannimo: The @jsysresearch system security track is open for submissions. Deadline for your amazing work on system and software securit….

A new blog post is out! Today we talk about speculatively bypassing bounds checks in Go! The mitigations we proposed found their way in the Go compiler.

RT @gannimo: JSys now has a system security track! We combine conference-inspired reviewing (short turn around, positive reviewing, one-sho….

Sweet! Congrats to my co-authors @luca_defeo and Bertram Poettering!

Part II of the post on the security of ElGamal in PGP is out today! This time we look at a side channel attack in libgcrypt and how interop issues make it exploitable in practice. Once again, thanks to my co-authors @luca_defeo and Bertram Poettering.

RT @ittayeyal: FC22 CFP is out! .Register your papers by Sep 2. Submission Sep 9 + up to 4 days of Satoshi Grace Period. .

A new post in our group's blog is out today! We're discussing some of the issues we discovered about the way OpenPGP handles ElGamal encryption (CVE-2021-33560). Joint work with @luca_defeo and Bertram Poettering.

RT @ACSAC_Conf: As part of #FlashbackFriday, we look back to #ACSAC2020's sponsored talks on "Memory Corruption Attacks in the Spectre Era"….