< ciso
brief />
Tag Banner

All news with #research tag

264 articles · page 3 of 14

Researchers Demonstrate Person Identification via Wi‑Fi

📡 Researchers show WiFi signals can reveal people and environments by analyzing how radio waves reflect, scatter, and absorb compared with expected patterns. WiFi sensing uses these variations to infer spatial structure and presence, effectively creating an image of surroundings and occupants. Thorsten Strufe of KIT explains it functions like a camera, but with radio waves instead of light, enabling recognition through signal propagation analysis.
read more →

Fleet-Wide A/B Experimentation for Infrastructure at Scale

🔬 At Google, A/B experimentation extends beyond UI tweaks to critical infrastructure components like kernels, memory allocators, and schedulers. They run machine-level experiments on representative 1% subsets of the fleet to avoid selection bias and capture system-wide effects across colocated workloads. The framework enforces binary hermeticity and a strict two-step rollout so experiments can be activated and rolled back safely. Performance is assessed using application-defined productivity metrics, machine counters, and reliability signals.
read more →

Image-only Prompt Injection Threatens Multimodal AI

🔍 Researchers from Xidian University describe a new image-based prompt injection called CrossMPI that uses near-imperceptible pixel perturbations to alter how large vision-language models interpret both visual and textual inputs. The technique targets intermediate multimodal fusion layers rather than final outputs, misleading LVLMs without modifying text prompts. Tests show strong black-box transferability and high success rates across several open-source models, while common defenses reduce but do not fully eliminate the threat.
read more →

Pwn2Own Berlin 2026 Day One: 24 Zero-Days Paid Out

🔒 On day one of Pwn2Own Berlin 2026 researchers earned $523,000 exploiting 24 unique zero-days, led by Orange Tsai, who collected $175,000 after chaining four logic flaws to escape the Microsoft Edge sandbox. Windows 11 was rooted three times for new privilege-escalation bugs, and Valentina Palmiotti secured payouts for Red Hat Workstations and an NVIDIA Container Toolkit flaw. The event focuses on enterprise and AI-targeted technologies.
read more →

ClickHouse query-plan contention and performance fixes

🔧 At Cloudflare we encountered severe query slowdowns after changing partitioning for a large ClickHouse table to support per-namespace retention; the migration aimed to enable tenant-specific TTLs without thousands of tables. Usual metrics (I/O, memory, rows scanned, parts read) looked normal, but flame graphs exposed heavy lock contention in query planning and costly copies of a giant parts vector. We implemented shared locks, a shared cached parts view, and a binary-search-based prune on the partition key to avoid linear scans. These patches dramatically reduced SELECT latency and were contributed upstream.
read more →

From WarGames to Cyberwar: Nation-State Cyber Threats

🔍 In a RSA 2025 conversation, Allie Mellen, author of Code War, frames modern cyber conflict through historical doctrine, showing how nations' distinct strategies shape attacks and espionage. She cautions that attribution based solely on technical signals is insufficient because actors can forge signatures and deploy false flags, so motive and context matter. Mellen warns that AI will make attacks faster and more adaptive, and urges defenders to strengthen fundamentals and adopt automation and AI on the defensive side.
read more →

Breaking Things to Keep Them Safe: Philippe Laulheret

🔍 In this Humans of Talos interview, Senior Vulnerability Researcher Philippe Laulheret explains how his lifelong curiosity and Capture The Flag experience led him from French engineering school to a career in ethical hacking. He describes selecting research targets, reverse engineering techniques, and memorable tests—like bypassing a fingerprint reader with a green onion—to find flaws before adversaries exploit them. Philippe also contrasts the methodical reality of research with movie portrayals and outlines his path through industry roles to Talos.
read more →

Cluster-Level Reliability for Trillion-Parameter Models

🔷 Google presents a cluster-level reliability framework for TPU superpods that treats thousands of chips as collective units rather than independent instances. The framework replaces instance-level MTBF thinking with a probabilistic, topology-aware model (binomial distribution) to guarantee contiguous healthy cubes for massive training runs. Using Ironwood, Google shows a 95% confidence block of 130/144 cubes—an 8,320-chip domain—while allowing remaining capacity for heterogeneous workloads. Combined with framework resilience and multi-tier checkpointing, this model is engineered to maximize scheduling goodput for hero jobs.
read more →

AI-Native Apps and Data Trends from Cosmos Conf 2026

📌 At Cosmos Conf 2026 Microsoft outlined how AI is transforming application and database design, arguing data platforms must become systems of reasoning that handle prompts, memory, and evolving context. Leaders from OpenAI, Vercel, and Walmart stressed the need for serverless instant scalability, integrated caching, low-latency global distribution, and developer cost visibility. Demos and customer stories highlighted patterns like vector search, change feed, and role-based governance to deliver real-world, low-latency AI experiences.
read more →

Google Finds AI-Crafted Zero-Day Exploit in Wild, Reported

🔍 The Google Threat Intelligence Group (GTIG) reported the first confirmed instance of an AI-crafted zero-day exploit observed in the wild. The researchers identified a Python-based exploit that bypasses two-factor authentication in an open-source web administration tool and disclosed the flaw to the vendor to limit mass exploitation. GTIG found artifacts in the code—help text, a hallucinated CVSS score and textbook LLM-style constructs—consistent with large language model generation, and noted broader AI abuse by threat actors including misuse of Gemini and agentic tooling.
read more →

LLMs and Text-in-Text Steganography: Limits and Risks

📄 Schneier surveys simple steganographic tricks—white-on-white text, phonological misspellings, and special fonts—and finds them increasingly ineffective. He notes that even modest 4-billion-parameter models can decode phonologically altered sentences, undermining tokenization-based obfuscation strategies. The post revisits TEMPEST/EmSec concerns, observing that inexpensive software-defined radios and toolkits like GNU Radio have expanded adversary capabilities beyond older Soft Tempest countermeasures. Schneier highlights demos such as Tempest for Eliza and TempestSDR as practical illustrations of ongoing risks.
read more →

Legacy Security Tools Hamper Data Protection Efforts

🔒 A Forrester-commissioned report for Capital One Software finds 72% of security professionals say data security is more critical than ever, yet investments in legacy network and perimeter tools are impeding adequate protection. The research, conducted in February 2026, highlights siloed solutions, limited vulnerability visibility and reduced AI readiness. Respondents report heavy use of network security (70%), IAM (65%) and vulnerability management (60%), while two-thirds do not use tokenization, an underused control the study singles out to reduce risk and enable safer data use.
read more →

Nearly Half of World’s Passwords Cracked in Minutes

🔒 Kaspersky analyzed 231 million unique passwords leaked on dark‑web forums (2023–2026) and found that 60% can be cracked in under an hour, with 48% broken in less than a minute. The testing used a single RTX 5090 GPU against MD5 hashes, illustrating how rapidly cracking speeds are improving. The report identifies common human patterns—digits, years, predictable words and popular special characters—and warns that many users reuse unchanged passwords for years. It recommends practical defenses such as a password manager, passkeys, and strong two‑factor authentication.
read more →

Ten Years of GDPR: Achievements, Gaps, and Next Steps

🔒 Ten years after the EU adopted the General Data Protection Regulation (GDPR), experts say it fundamentally reshaped corporate privacy culture but left important gaps. Analysts credit the GDPR with embedding privacy into daily operations, raising standards, and creating accountability by forcing organizations to know and document their processing. Yet enforcement inconsistencies, international transfer disputes, widespread consent fatigue and the rise of generative AI expose legal and practical tensions that require clarification and coordination with newer digital rules.
read more →

One in Four Healthcare Organizations Hit by Device Attacks

🏥 A new RunSafe Security index found that 24% of healthcare organizations experienced cyber-attacks affecting medical devices in the past year, with 80% of those incidents causing moderate or significant patient impact, from delayed imaging to interruptions in critical care. The survey of 551 professionals across the US, UK and Germany shows growing integration of security into procurement—82% deploying runtime exploit protection and 84% including cyber requirements in vendor RFPs—yet legacy devices remain a major exposure.
read more →

Medieval Encrypted Letter Finally Decoded After Centuries

🔓Recent analysis has decoded a medieval encrypted letter originally sent by a Spanish diplomat, resolving a puzzle scholars have pursued since the document was rediscovered in 1860. The successful decryption reveals new primary material about diplomatic language and secrecy practices in the period. The result highlights how combining historical scholarship with modern analytical techniques can unlock long-standing mysteries.
read more →

Researchers Uncover pre-Stuxnet Lua Sabotage Tool fast16

🔎 SentinelOne researchers have disclosed fast16, a Lua-based cyber‑sabotage framework compiled in 2005 that predates Stuxnet. The implant embeds a Lua 5.0 VM and encrypted bytecode inside a carrier binary svcmgmt.exe and pairs with a kernel driver that patches executables to corrupt high‑precision calculations. fast16 targets legacy Windows 2000/XP environments and engineering simulation tools, and its discovery revises the timeline of state-backed cyber sabotage.
read more →

Researchers Demonstrate Fiber-Optic Eavesdropping Limits

🔍 Researchers from three Hong Kong universities demonstrated a method to extract acoustic information from fiber-optic cables by measuring vibration-induced changes in the optical signal. Their experiments showed that strong vibrations such as footsteps can be detected remotely, but clear human speech was not recoverable without a local audio-to-vibration converter or significant control over provider equipment. The attack relies on sending optical pulses and measuring Rayleigh scattering-related deviations, and while technically feasible, it remains an unlikely and costly targeted threat requiring access to the Optical Distribution Network or an implanted converter to amplify audio signals.
read more →

Indirect Prompt Injection: Current Web Threats and Trends

🔎 Google Threat Intelligence scanned a large Common Crawl corpus to detect indirect prompt injection (IPI) patterns embedded in public web pages. The team combined signature-based pattern matching, Gemini-assisted classification, and manual review to reduce false positives and contextualize findings. Most observed injections were low-sophistication—pranks, benign guidance, or SEO-driven prompts—but a smaller and rising set attempted data exfiltration or destructive actions. The study excludes social media and login-protected content and reports a 32% increase in malicious samples between Nov 2025 and Feb 2026.
read more →

Claude Mythos Finds 271 Firefox Flaws, Shifts Security

🔍 Claude Mythos Preview uncovered 271 security flaws in Firefox 148, all addressed in Firefox 150, prompting claims that the model can match human researchers in vulnerability discovery. Mozilla and security experts say Mythos closed significant gaps left by fuzzing and automation, though Anthropic is investigating reported unauthorized access to the model. Teams are urged to adopt continuous AI-assisted testing and treat models as privileged infrastructure.
read more →