As part of #FlashbackFriday, we look back to #ACSAC2020's sponsored talks on "Memory Corruption Attacks in the Spectre Era" youtu.be/oSlEdjKol08 and "Unleashing Cyber Reasoning" youtu.be/9IlUoGpXvYo. A huge thank you to last year's sponsor IBM! IBM Security IBM Research

A new post in our group's blog is out today! We're discussing some of the issues we discovered about the way OpenPGP handles ElGamal encryption (CVE-2021-33560). Joint work with L De Feo @[email protected] @bsky.defeo.lu and Bertram Poettering ibm.github.io/system-securit…

FC22 CFP is out! Register your papers by Sep 2. Submission Sep 9 + up to 4 days of Satoshi Grace Period. fc22.ifca.ai/cfp.html

Part II of the post on the security of ElGamal in PGP is out today! This time we look at a side channel attack in libgcrypt and how interop issues make it exploitable in practice. Once again, thanks to my co-authors L De Feo @[email protected] @bsky.defeo.lu and Bertram Poettering ibm.github.io/system-securit…

Sweet! Congrats to my co-authors L De Feo @[email protected] @bsky.defeo.lu and Bertram Poettering!

JSys now has a system security track! We combine conference-inspired reviewing (short turn around, positive reviewing, one-shot revisions) with an open-access journal model. First submission deadline for the security track is May 22! jsys.org/cfp_security/ Go submit & please RT

A new blog post is out! Today we talk about speculatively bypassing bounds checks in Go! The mitigations we proposed found their way in the Go compiler. ibm.github.io/system-securit…

The jsysresearch system security track is open for submissions. Deadline for your amazing work on system and software security is May01, so sharpen your pencils! JSys is a new gold open access journal for systems research jsys.org/cfp_security/ Please RT!

The very first jsysresearch JSys deadline in system security is coming up on May 01. Get your papers ready, we'll be looking forward to your submissions! 📝✍️📯📢#PositiveReviewing jsys.org/cfp_security/

Planning to submit to the first cycle for NDSS Symposium #NDSS23? Now is a good time to register your paper and conflicts: ndss23-summer.hotcrp.com Submission deadline is May 13 AoE. You still have a week to polish!

The Call for Papers for USENIX Security 23 is out! First deadline: June 7th. Joe Calandrino and I are looking forward to your very excellent submissions. We’ve made some changes this year that we hope will improve authors’ and reviewers' experiences 🧵

The paper submission deadline for the second cycle of NDSS Symposium is on Jul29 AoE, so finish those papers and submit them at: ndss23-fall.hotcrp.com

Security researchers pay attention: Just about 2 weeks left to polish and submit your RAID Conference papers to book your ticket to Hong Kong in Oct 2023. CfP: raid2023.org/call.html 1/3

The CCS deadline is coming very soon (January 28th), and we are looking forward to your awesome submissions! Submission website: ccs2024a.hotcrp.com

#NDSS25 is calling for reviewers, please sign up and nominate your peers for the TPC: docs.google.com/forms/d/e/1FAI…

If you liked exploiting use-after-frees, you will love exploiting speculative UaFs! Paper: download.vusec.net/papers/ghostra…