Zakir Durumeric
@zakird.com
Internet Security, Trust, and Safety Researcher. Stanford CS Faculty, Censys Founder and Chief Scientist, ZMap Creator. https://zakird.com/
Reposted by Zakir Durumeric
Lawrence Berkeley National Lab (@berkeleylab.lbl.gov) Computing Sciences (@cs.lbl.gov) is accepting applications for two distinguished postdoctoral fellowships: Luis W. Alvarez Fellowship, and Admiral Grace M. Hopper Fellowship. Applications due Oct. 24, 2025. More information: go.lbl.gov/2026.
Home - Computing Sciences
Berkeley Lab's Computing Sciences Area increases our understanding of ourselves, our planet, and our universe through HPC, mathematics...
cs.lbl.gov
August 26, 2025 at 6:56 PM
Lawrence Berkeley National Lab (@berkeleylab.lbl.gov) Computing Sciences (@cs.lbl.gov) is accepting applications for two distinguished postdoctoral fellowships: Luis W. Alvarez Fellowship, and Admiral Grace M. Hopper Fellowship. Applications due Oct. 24, 2025. More information: go.lbl.gov/2026.
Reposted by Zakir Durumeric
China has started filtering and censoring internet traffic taking place over the QUIC protocol.
The filtering started in April last year.
The Great Firewall now decrypts QUIC packets at scale and uses a separate blocklist for QUIC traffic, separate from its main filters
gfw.report/publications...
The filtering started in April last year.
The Great Firewall now decrypts QUIC packets at scale and uses a separate blocklist for QUIC traffic, separate from its main filters
gfw.report/publications...
August 2, 2025 at 10:31 PM
China has started filtering and censoring internet traffic taking place over the QUIC protocol.
The filtering started in April last year.
The Great Firewall now decrypts QUIC packets at scale and uses a separate blocklist for QUIC traffic, separate from its main filters
gfw.report/publications...
The filtering started in April last year.
The Great Firewall now decrypts QUIC packets at scale and uses a separate blocklist for QUIC traffic, separate from its main filters
gfw.report/publications...
Reposted by Zakir Durumeric
🆕 GreyNoise Research: Early Warning Signals Before CVEs Drop
In our latest research, we examined dozens of incidents where attacker activity — often in the form of exploit attempts — spiked weeks before a new CVE was disclosed.
One chart shows what we found (much more in the report):
In our latest research, we examined dozens of incidents where attacker activity — often in the form of exploit attempts — spiked weeks before a new CVE was disclosed.
One chart shows what we found (much more in the report):
July 31, 2025 at 1:17 PM
🆕 GreyNoise Research: Early Warning Signals Before CVEs Drop
In our latest research, we examined dozens of incidents where attacker activity — often in the form of exploit attempts — spiked weeks before a new CVE was disclosed.
One chart shows what we found (much more in the report):
In our latest research, we examined dozens of incidents where attacker activity — often in the form of exploit attempts — spiked weeks before a new CVE was disclosed.
One chart shows what we found (much more in the report):
Reposted by Zakir Durumeric
Today's newsletter: The Wall Street Journal says ChatGPT had a "stunning moment of self reflection." NBC says Grok "issued an apology." This lazy language isn't just bad writing — it's helping tech companies dodge responsibility for real harm. www.readtpa.com/p/stop-prete...
Stop Pretending Chatbots Have Feelings: Media's Dangerous AI Anthropomorphism Problem
When AI causes harm, headlines blame the bot instead of the billion-dollar companies that built them. This anthropomorphic coverage is tech journalism at its worst.
www.readtpa.com
July 21, 2025 at 7:33 PM
Today's newsletter: The Wall Street Journal says ChatGPT had a "stunning moment of self reflection." NBC says Grok "issued an apology." This lazy language isn't just bad writing — it's helping tech companies dodge responsibility for real harm. www.readtpa.com/p/stop-prete...
Reposted by Zakir Durumeric
ICYMI, yesterday we released a report providing a first look at how we found traces of spyware on two journalists' iPhones, traces which we can attribute with high confidence to Paragon's Graphite spyware:
Graphite Caught: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted - The Citizen Lab
On April 29, 2025, a select group of iOS users were notified by Apple that they were targeted with advanced spyware. Among the group were two journalists who consented to the technical analysis of the...
citizenlab.ca
June 13, 2025 at 4:55 PM
ICYMI, yesterday we released a report providing a first look at how we found traces of spyware on two journalists' iPhones, traces which we can attribute with high confidence to Paragon's Graphite spyware:
Reposted by Zakir Durumeric
Academics have discovered a local Great Firewall-like censorship system deployed exclusively in China's Henan region, working independently and about ten times more aggressively than China's main Great Firewall
gfw.report/publications...
gfw.report/publications...
May 13, 2025 at 12:03 AM
Academics have discovered a local Great Firewall-like censorship system deployed exclusively in China's Henan region, working independently and about ten times more aggressively than China's main Great Firewall
gfw.report/publications...
gfw.report/publications...
Reposted by Zakir Durumeric
Enigma will be back as a track at USENIX Security: https://www.usenix.org/conference/usenixsecurity25/enigma-cfp
USENIX Security '25 Enigma Track Call for Participation
Submissions due: Wednesday, March 5, 2025 Notification to submitters: Wednesday, May 7, 2025
www.usenix.org
January 17, 2025 at 11:45 AM
Enigma will be back as a track at USENIX Security: https://www.usenix.org/conference/usenixsecurity25/enigma-cfp
New paper that analyzes MrDeepFakes, the largest open marketplace for sexual deepfakes (to appear at USENIX Security). The work covers increased consumption, buyer/seller economics, depicted targets, creator motivations, community dynamics, video creation, and use of academic papers/tools.
zakird.com
January 18, 2025 at 12:16 AM
New paper that analyzes MrDeepFakes, the largest open marketplace for sexual deepfakes (to appear at USENIX Security). The work covers increased consumption, buyer/seller economics, depicted targets, creator motivations, community dynamics, video creation, and use of academic papers/tools.
We're excited to tag ZDNS 2.0-RC1! 🎉 The release is packed with fixes and features. It brings ZDNS into a stable semantically versioned state, breaks apart the CLI and resolver logic, and adds support for IPv6, DNSSEC, DOH, DOT, global CNAME/DNAME following, and logic to try every name servers.
Release v2.0.0-RC1 · zmap/zdns
v2.0.0 introduces several major changes for ZDNS.
Highlights include:
The largest change was a refactor to split ZDNS into a core library and a CLI wrapper that utilizes the library. With this cha...
github.com
December 27, 2024 at 12:17 AM
We're excited to tag ZDNS 2.0-RC1! 🎉 The release is packed with fixes and features. It brings ZDNS into a stable semantically versioned state, breaks apart the CLI and resolver logic, and adds support for IPv6, DNSSEC, DOH, DOT, global CNAME/DNAME following, and logic to try every name servers.
Incredibly excited to see Liz Izhikevich named to the Forbes 30 under 30 today for her work on LEO satellite network performance! www.forbes.com/profile/liz-.... See the cornerstone work here: lizizhikevich.github.io/assets/paper... and lizizhikevich.github.io/assets/paper....
Liz Izhikevich
Liz Izhikevich on the 2025 30 Under 30 - Science - Liz Izhikevich focuses on improving the internet's performance and security - on this world and in space.
www.forbes.com
December 3, 2024 at 3:57 PM
Incredibly excited to see Liz Izhikevich named to the Forbes 30 under 30 today for her work on LEO satellite network performance! www.forbes.com/profile/liz-.... See the cornerstone work here: lizizhikevich.github.io/assets/paper... and lizizhikevich.github.io/assets/paper....
We released Censeye today, an open source CLI tool that makes it dramatically easier to pivot and find related assets when threat hunting on Censys instead of manually checking for potential identifying characteristics like an SSH host key. github.com/Censys-Resea...
November 27, 2024 at 5:05 PM
We released Censeye today, an open source CLI tool that makes it dramatically easier to pivot and find related assets when threat hunting on Censys instead of manually checking for potential identifying characteristics like an SSH host key. github.com/Censys-Resea...
When we first released ZMap, we drafted best practices for minimizing harm when conducting large active Internet measurements. 10 years later, with more experience and shifted norms, we have updated our recommendations for researchers in Section 6 of our recent ZMap retrospective.
zakird.com
November 26, 2024 at 7:23 PM
When we first released ZMap, we drafted best practices for minimizing harm when conducting large active Internet measurements. 10 years later, with more experience and shifted norms, we have updated our recommendations for researchers in Section 6 of our recent ZMap retrospective.
Last week at CSCW, Catherine Han presented our work on journalists' unmet needs for protecting against harassment online. While the work targeted Twitter/X, it surfaces several nuances in users' needs that span future platforms as well (e.g., not wanting to filter out threats or visibly block users)
zakird.com
November 23, 2024 at 6:38 PM
Last week at CSCW, Catherine Han presented our work on journalists' unmet needs for protecting against harassment online. While the work targeted Twitter/X, it surfaces several nuances in users' needs that span future platforms as well (e.g., not wanting to filter out threats or visibly block users)
Reposted by Zakir Durumeric
Let's Encrypt is now used by more than 500,000,000 websites!!! I could not be more happy and proud of everyone who has played a part in this colossal contribution to online safety, integrity, and confidentiality:
Let's Encrypt Stats
Please note that the Let's Encrypt Growth and Let's Encrypt Certificates Issued Per Day charts are undergoing updates and may not reflect the most recent data. Let's Encrypt Growth Percentage of Web…
letsencrypt.org
November 23, 2024 at 1:15 AM
Let's Encrypt is now used by more than 500,000,000 websites!!! I could not be more happy and proud of everyone who has played a part in this colossal contribution to online safety, integrity, and confidentiality: