So, you're a skilled expert looking for a job in Germany. I hear Germany wants to attract 400,000 skilled workers from abroad each year, so how easy is it for these to get some information? Let's take a look at the city of #Saarbrücken and Das Saarland. reuters.com/world/europe/g…

#BHUSA & #usesec23 have been a blast! Check out our work "Cookie Crumbles: Breaking and Fixing Web Session Integrity"! Black Hat USENIX Security tuvienna Instituto Superior Técnico 🍪 Paper usenix.org/conference/use… Slides minimalblue.com/data/papers/BH… Pedro Adão Lorenzo Matteo Maffei

Excited to present our research on #domclobbering at this year's CSAW Applied Research Competition in a few weeks! 🚀💥 Join me for a mind-bending journey into Web security! 🌐 #CSAW2023 #websecurity

Thrilled and honored to be on the top-3 at #CSAW23 Applied Research Competition (cc Giancarlo Pellegrino). Kudos to fellow finalists for their exceptional work 🎉 and a massive shoutout to @Esisar CSAWEurope for an incredible conference and the live music 🎶 👉 bit.ly/csaw23-arc

The second #ACSAC2023 paper #preview today is Stivala et al.'s work on unveiling #clickbait #PDFs on search engines. These #SEOpoisoned documents are leading to #malicious sites. openconf.org/acsac2023/modu… Giada Stivala @AbdelnabiSahar @HTTP419Lasagna emdel Mario Fritz Giancarlo Pellegrino

Google's Gemini paper has about 950 co-authors :) That's 10 full paper pages that list the author names. In comparison, the method description is only a single page (3 pages if training is included). Don't use "𝑒𝑡 𝑎𝑙." when citing the paper! arxiv.org/abs/2312.11805

I am looking to expand my group with new PhDs! But just applying would be too boring, right? So, first you will have to solve a little bit of challenge :-) Check swag.cispa.saarland/jobs.html to learn more on what your task is! Beyond that fun, what will you do in your PhD?

🚨 Missed our presentation at #SP24 on request hijacking vulnerabilities? No worries, got y'all covered!🎉 We won a Distinguished Paper Award! 🏆 Check out our poster below and dive into the details here: scnps.co/papers/sp24_re… 🔗 CC: Giancarlo Pellegrino, testable_eu, IEEE S&P

Few moments from our #SP24 talk on request hijacking vulnerabilities! 🎉📸 A big thanks to thomas for doing the presentation. Stay tuned for our video recording! 👉 ja-w.me 🔗 scnps.co/papers/sp24_re… CC: Giancarlo Pellegrino, testable_eu, IEEE S&P

On June 27th alp4ca & I will give a talk OWASP® Foundation Global Appsec Lisbon about best practices for client side JS when dealing with sensitive data. We'll release a browser extension to help (devs) identifying potential privacy issues. owaspglobalappseclisbon2024.sched.com/event/1VdCN/br…

📢 Excited to speak at #OWASP #GlobalAppSecLisbon '24 on June 27 ✨ Presenting "In the Same Site We Trust: Navigating the Landscape of Client-side Request Hijacking on the Web" and sharing our open-source tool. See you there! 🌐 CC: testable_eu, @CISPA sched.co/1VdAy

Some top tier conferences have a heavy geographical bias. Software engineering leads in diversity while security mostly sticks to the US. We need to start moving! NDSS Symposium IEEE S&P USENIX Security live map: nebelwelt.net/gannimo/conf_l…

From privacy to the web, we now have Soheil from @CISPA presenting his research on web security (and broken web applications) at #SuRI24 EPFL

It was a real pleasure to visit TU Wien 🇦🇹 and meet Marco Squarcina today! From the exciting discussions on web/mobile security to the great food🍕— thank you for the invitation and the warm welcome! Looking forward to future collaborations 🚀

📢 Calling all constructive reviewers! Help us make #MADWeb 2025 our best workshop yet! Please consider applying and sharing this call for self-nomination. Just a few days are left!

Hey, don't miss Tim's YuraScanner presentation today at 11:40 in session 2B, "Web Security" at NDSS '25! Our new task-driven web security scanner features LLM, XSS, and a pinch of 0-days.