22nd ACM/IEEE International Symposium on Formal Methods and Models for System Design

Read more about 22nd ACM/IEEE International Symposium on Formal Methods and Models for System Design

"MEMOCODE brings together researchers and practitioners interested in formal methods for system design and development, to exchange ideas, research results and lessons learned. The symposium focuses on the foundations and applications of formal methods in the development of hardware, firmware, middleware, and application software for systems, ranging from single embedded devices to highly networked cyber-physical systems and the Internet of Things."

Topics of interest include, but are not limited to security.

Security Models of Language Models

Read more about Security Models of Language Models

Security Models of Language Models

Dusko Pavlovich, University of Hawaii

The logic of attention enables Large Language Models (LLMs) to learn not only the languages but also the protocols sampled in their training corpuses. That is how their chatbots produce not just the well-formed sentences but also the well-mannered conversations.

Trust and Observability in Cyber Ecosystems

Read more about Trust and Observability in Cyber Ecosystems

Trust and Observability in Cyber Ecosystems

Ryan Hilger, Colorado State University, and Senior Non-Resident Fellow, Cyber Statecraft Initiative, Atlantic Council
Steve Simske, Professor, Colorado State University

On Trojans in Refined Language Models

Read more about On Trojans in Refined Language Models

On Trojans in Refined Language Models

George Kesidis, David J. Miller, and Jayaram Raghuram
Anomalee Inc., State College, PA & Penn State University, University Park, PA

LLMs for Robotics and Autonomy: Safety Perspective

Read more about LLMs for Robotics and Autonomy: Safety Perspective

LLMs for Robotics and Autonomy: Safety Perspective

Sayan Mitra, Coordinated Science Laboratory Department of Electrical and Computer Engineering , University of Illinois, Urbana-Champaign

From Generative Pre-trained Models to Verifiable Protocols for Security and Privacy Preservation

Read more about From Generative Pre-trained Models to Verifiable Protocols for Security and Privacy Preservation

From generative pre-trained models to verifiable protocols for security and privacy preservation

Ufuk Topcu, The University of Texas at Austin

Comp-HuSim: Complex Human Simulations

Read more about Comp-HuSim: Complex Human Simulations

Comp-HuSim: Complex Human Simulations

Michael G. Yankoski, William & Mary and Colby College (Affiliate)
Trenton W. Ford, William & Mary

"LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks"

According to security researchers at Patchstack, a vulnerability in the popular LiteSpeed Cache plugin for WordPress could allow attackers to retrieve user cookies and potentially take over websites. The issue, tracked as CVE-2024-44000, exists because the plugin may include the HTTP response header for set-cookie in the debug log file after a login request. The researchers noted that because the debug log file is publicly accessible, an unauthenticated attacker could access the information exposed in the file and extract any user cookies stored in it.

Submitted by Adam Ekwall on Fri, 09/06/2024 - 09:14

"Rapid Growth of Password Reset Attacks Boosts Fraud and Account Takeovers"

According to security researchers at LexisNexis Risk Solutions, as many as one in four password reset attempts from desktop browsers are fraud. The researchers found that there are 70,000 password reset attacks in the UK every week, with fraudsters aiming to take over individuals’ online accounts. This includes changing users’ passwords and phone numbers and locking them out of services. These “detail change” attacks rose by 232% in 2023. Criminal hackers then use the personal information from accounts for further fraud.

Submitted by Adam Ekwall on Fri, 09/06/2024 - 08:39

International Conference on Engineering Digital Twins (EDTconf)

Read more about International Conference on Engineering Digital Twins (EDTconf)

"The International Conference on Engineering Digital Twins (EDTconf) aims to bring together researchers and practitioners on digital twins, from both academia and industry to shape the future of systematically designing, developing, evolving, maintaining, and validating digital twins."

Topics of interest include, but are not limited to security.

Subscribe to