SANS Stormcast Monday, November 10th, 2025: Code Repo Requests; Time Delayed ICS Attacks; Encrypted LLM Traffic Sidechannel Attacks
https://isc.sans.edu/podcastdetail/9692
https://isc.sans.edu/podcastdetail/9692
November 10, 2025 at 3:45 AM
SANS Stormcast Monday, November 10th, 2025: Code Repo Requests; Time Delayed ICS Attacks; Encrypted LLM Traffic Sidechannel Attacks
https://isc.sans.edu/podcastdetail/9692
https://isc.sans.edu/podcastdetail/9692
SANS Stormcast Monday, November 10th, 2025: Code Repo Requests; Time Delayed ICS Attacks; Encrypted LLM Traffic Sidechannel Attacks https:// isc.sans.edu/podcastdetail/9692
Interest | Match | Feed
Interest | Match | Feed
Origin
infosec.exchange
November 10, 2025 at 2:01 AM
🔒 Privacy Alert: Microsoft's 'Whisper Leak' attack can identify AI chat topics even through encryption. By analyzing packet sizes & timing, it spies on conversations with OpenAI, Mistral & more. #AI #Privacy #CyberSecurity #SideChannel
Microsoft
Microsoft researchers detail
cyber.netsecops.io
November 9, 2025 at 9:49 PM
🔒 Privacy Alert: Microsoft's 'Whisper Leak' attack can identify AI chat topics even through encryption. By analyzing packet sizes & timing, it spies on conversations with OpenAI, Mistral & more. #AI #Privacy #CyberSecurity #SideChannel
~Microsoft~
A new side-channel attack can infer topics of encrypted LLM conversations by analyzing network traffic packet sizes and timing.
-
IOCs: (None identified)
-
#AI #Privacy #SideChannel #ThreatIntel
A new side-channel attack can infer topics of encrypted LLM conversations by analyzing network traffic packet sizes and timing.
-
IOCs: (None identified)
-
#AI #Privacy #SideChannel #ThreatIntel
Whisper Leak: Side-Channel Attack on LLMs
www.microsoft.com
November 9, 2025 at 8:02 PM
~Microsoft~
A new side-channel attack can infer topics of encrypted LLM conversations by analyzing network traffic packet sizes and timing.
-
IOCs: (None identified)
-
#AI #Privacy #SideChannel #ThreatIntel
A new side-channel attack can infer topics of encrypted LLM conversations by analyzing network traffic packet sizes and timing.
-
IOCs: (None identified)
-
#AI #Privacy #SideChannel #ThreatIntel
One thing I’d be interested in seeing them explore is ‘MCP as a signaling channel’ vs a content channel. E.g., I make a call via MCP and the response is a summary, a schema, and a URL with full results that can be downloaded sidechannel
November 1, 2025 at 8:11 PM
One thing I’d be interested in seeing them explore is ‘MCP as a signaling channel’ vs a content channel. E.g., I make a call via MCP and the response is a summary, a schema, and a URL with full results that can be downloaded sidechannel
Cybersecurity tech firm SideChannel has welcomed a new member to its C-suite as the Worcester-based firm has named Jamie Wolf its inaugural chief marketing officer.
wbjournal.com/article/side...
wbjournal.com/article/side...
October 31, 2025 at 5:15 PM
Cybersecurity tech firm SideChannel has welcomed a new member to its C-suite as the Worcester-based firm has named Jamie Wolf its inaugural chief marketing officer.
wbjournal.com/article/side...
wbjournal.com/article/side...
Can AI actually be trusted for #Cybersecurity? See real performance metrics and hear candid experiences from Recon and SideChannel, Wed, Oct 22 at 11AM CST. Register: www.reconinfosec.com/events/build... #AISecurity #CyberDefense
October 20, 2025 at 1:30 PM
Can AI actually be trusted for #Cybersecurity? See real performance metrics and hear candid experiences from Recon and SideChannel, Wed, Oct 22 at 11AM CST. Register: www.reconinfosec.com/events/build... #AISecurity #CyberDefense
How do you deploy AI without introducing serious #Cybersecurity risk? Join Recon and SideChannel Wednesday, Oct 22 at 11AM CST for real data from teams doing it in production. Register: www.reconinfosec.com/events/build... #AISecurity #CyberDefense
October 18, 2025 at 7:17 PM
How do you deploy AI without introducing serious #Cybersecurity risk? Join Recon and SideChannel Wednesday, Oct 22 at 11AM CST for real data from teams doing it in production. Register: www.reconinfosec.com/events/build... #AISecurity #CyberDefense
[2025-10-17] 📚 Updates in #AAML
(1) Byzantine Failures Harm the Generalization of Robust Distributed Learning Algorithms More Than Data Poisoning
(2) Quantifying the Accuracy-Interpretability Trade-Off in Concept-Based Sidechannel Models
🔍 More at researchtrend.ai/communities/AAML
(1) Byzantine Failures Harm the Generalization of Robust Distributed Learning Algorithms More Than Data Poisoning
(2) Quantifying the Accuracy-Interpretability Trade-Off in Concept-Based Sidechannel Models
🔍 More at researchtrend.ai/communities/AAML
October 17, 2025 at 3:09 AM
Join Recon and SideChannel for a 𝘯𝘰-𝘩𝘺𝘱𝘦, 𝘱𝘪𝘵𝘤𝘩-𝘧𝘳𝘦𝘦, 𝘱𝘳𝘢𝘤𝘵𝘪𝘵𝘪𝘰𝘯𝘦𝘳-𝘭𝘦𝘷𝘦𝘭 conversation about AI cybersecurity 📆 Wed, Oct 22nd. 𝗥𝗲𝗴𝗶𝘀𝘁𝗲𝗿 𝗻𝗼𝘄: www.reconinfosec.com/events/build... #AISecurity #Cybersecurity #SecurityOperations #CyberDefense
October 16, 2025 at 12:45 PM
Join Recon and SideChannel for a 𝘯𝘰-𝘩𝘺𝘱𝘦, 𝘱𝘪𝘵𝘤𝘩-𝘧𝘳𝘦𝘦, 𝘱𝘳𝘢𝘤𝘵𝘪𝘵𝘪𝘰𝘯𝘦𝘳-𝘭𝘦𝘷𝘦𝘭 conversation about AI cybersecurity 📆 Wed, Oct 22nd. 𝗥𝗲𝗴𝗶𝘀𝘁𝗲𝗿 𝗻𝗼𝘄: www.reconinfosec.com/events/build... #AISecurity #Cybersecurity #SecurityOperations #CyberDefense
Yeah, honestly, probably don't. Up to you to decide your threat model/risk tolerance, but if you wouldn't post "hey these are all the times I/my family is home" on the internet, I wouldn't post a livestream of sensor data like that.
It's all sidechannel information leaking.
It's all sidechannel information leaking.
October 15, 2025 at 7:54 AM
Yeah, honestly, probably don't. Up to you to decide your threat model/risk tolerance, but if you wouldn't post "hey these are all the times I/my family is home" on the internet, I wouldn't post a livestream of sensor data like that.
It's all sidechannel information leaking.
It's all sidechannel information leaking.
Hackers can steal 2FA codes and private messages from Android phones https://arstechni.ca... #sidechannel #pixnapping #Security #android #privacy #Biz&IT #Google
October 13, 2025 at 11:00 PM
Hackers can steal 2FA codes and private messages from Android phones https://arstechni.ca... #sidechannel #pixnapping #Security #android #privacy #Biz&IT #Google
when it comes to brain-computer interfaces, the invasive implants make everybody nervous (would _you_ want what Elon made inside your skull?) but the non-invasive sidechannel attacks might be scarier
still, we don't get Good Future if people aren't actively getting in the way of Bad Future
still, we don't get Good Future if people aren't actively getting in the way of Bad Future
October 8, 2025 at 8:58 PM
when it comes to brain-computer interfaces, the invasive implants make everybody nervous (would _you_ want what Elon made inside your skull?) but the non-invasive sidechannel attacks might be scarier
still, we don't get Good Future if people aren't actively getting in the way of Bad Future
still, we don't get Good Future if people aren't actively getting in the way of Bad Future
Bit‑level netlist augmentation adds gates to eliminate CPA correlation peaks on an AES core. The paper (6 Oct 2025, arXiv:2510.04640) reports improved side‑channel resistance. Read more: https://getnews.me/bit-level-netlist-augmentation-to-counter-power-side-channel-attacks/ #sidechannel #hardware
October 8, 2025 at 3:22 AM
Bit‑level netlist augmentation adds gates to eliminate CPA correlation peaks on an AES core. The paper (6 Oct 2025, arXiv:2510.04640) reports improved side‑channel resistance. Read more: https://getnews.me/bit-level-netlist-augmentation-to-counter-power-side-channel-attacks/ #sidechannel #hardware
Statistical Model Checking was used on three side‑channel case studies, giving confidence without abstract models. DOI 10.48550/arXiv.2510.02475. Read more: https://getnews.me/statistical-model-checking-boosts-microarchitectural-side-channel-evaluation/ #statisticalmodelchecking #sidechannel
October 6, 2025 at 5:25 AM
Statistical Model Checking was used on three side‑channel case studies, giving confidence without abstract models. DOI 10.48550/arXiv.2510.02475. Read more: https://getnews.me/statistical-model-checking-boosts-microarchitectural-side-channel-evaluation/ #statisticalmodelchecking #sidechannel
Can you really trust trusted hardware? Explore TEE security flaws, sidechannel risks, and Encointer’s blockchain approach to fair digital trust. #decentralizedgovernance
Inside Trusted Execution Environments: How Secure Are Your Crypto Transactions?
hackernoon.com
October 5, 2025 at 8:47 PM
Can you really trust trusted hardware? Explore TEE security flaws, sidechannel risks, and Encointer’s blockchain approach to fair digital trust. #decentralizedgovernance
Researchers found a side‑channel in speculative decoding that can fingerprint queries with up to 100% accuracy on REST and leak data at over 25 tokens per second. Read more: https://getnews.me/side-channel-risks-in-speculative-decoding-for-large-language-models/ #speculativdecoding #sidechannel
October 1, 2025 at 9:01 AM
Researchers found a side‑channel in speculative decoding that can fingerprint queries with up to 100% accuracy on REST and leak data at over 25 tokens per second. Read more: https://getnews.me/side-channel-risks-in-speculative-decoding-for-large-language-models/ #speculativdecoding #sidechannel
Power side‑channel analysis of industrial powder‑bed fusion 3D printers reconstructed designs with up to 90.29% true positives and false positives as low as 7.02%. Read more: https://getnews.me/side-channel-attack-reveals-3d-printer-design-theft-risk/ #additivemanufacturing #sidechannel
September 25, 2025 at 9:01 PM
Power side‑channel analysis of industrial powder‑bed fusion 3D printers reconstructed designs with up to 90.29% true positives and false positives as low as 7.02%. Read more: https://getnews.me/side-channel-attack-reveals-3d-printer-design-theft-risk/ #additivemanufacturing #sidechannel
a few months ago facebook was caught running opening up a local network socket to open a sidechannel to deauth proxied users, and it was a big enough scandal in the security that even the scumbags they are shut it down as soon as it went public
September 4, 2025 at 10:41 PM
a few months ago facebook was caught running opening up a local network socket to open a sidechannel to deauth proxied users, and it was a big enough scandal in the security that even the scumbags they are shut it down as soon as it went public
In the Afternoon, our PhD students hosted the Software Side-Channels Lab, where the participants experimented with various microarchitectural side channels.
#GSW25 #Software #SideChannel
#GSW25 #Software #SideChannel
September 4, 2025 at 10:33 PM
In the Afternoon, our PhD students hosted the Software Side-Channels Lab, where the participants experimented with various microarchitectural side channels.
#GSW25 #Software #SideChannel
#GSW25 #Software #SideChannel
Nashville Bluesky pattern: housing, transportation, and crime during the week, sportsball sidechannel on the weekend.
August 31, 2025 at 9:07 PM
Nashville Bluesky pattern: housing, transportation, and crime during the week, sportsball sidechannel on the weekend.
apropos of nothing, the idea of the fastfood sidechannel will never not be funny to me en.wikipedia.org/wiki/Pentago...
Pentagon pizza theory - Wikipedia
en.wikipedia.org
August 30, 2025 at 5:51 AM
apropos of nothing, the idea of the fastfood sidechannel will never not be funny to me en.wikipedia.org/wiki/Pentago...
Probably better to sidechannel this one lol
August 26, 2025 at 12:11 PM
Probably better to sidechannel this one lol