Our PhD students, Carina Fiedler, @snee.la and @hannesweissteiner.com attended the NDSS Symposium 2026 in San Diego, California, this week to present their papers!

Check them out in the thread 👇

Thanks to Roland Czerny, Simone Franza, Stefan Gast, Johanna Ullrich and @gruss.cc for the amazing collaboration!

Our attack works from native code, even across virtual machines and containers.
We also run the attack in the browser from a malicious website, using JavaScript or even scriptless HTML+CSS.
Most underlying primitives are OS-agnostic!

Read the paper here: hannesweissteiner.com/publications...

I'm looking forward to presenting my paper, "Continuous User Behavior Monitoring using DNS Cache Timing Attacks" at NDSS next week!
We mount an Evict+Reload-style attack on the local DNS cache, detecting recently accessed domains and evicting to continuously monitor new accesses.

Eviction Notice: Reviving and Advancing Page Cache Attacks Foreword This blog post is a summarized and introductory write up of our paper recently accepted at NDSS 2026, “Eviction Notice: Reviving and Advancing Page Cache Attacks”. Read the full paper here. A...

I'm excited to announce that my first first-author paper is accepted at NDSS 2026 🥳.

Eviction Notice: Reviving and Advancing Page Cache Attacks

Check it out at: snee.la/posts/evicti...

@snee.la, @notimaginary.bsky.social, Lukas Maar, @gruss.cc

from @isec-tugraz.bsky.social, @tugraz.bsky.social

Join us tomorrow for the InfoSec + SSD Christmas special, featuring real-world exploits, live hacking of various targets, information leaks, file formats, and a review of the year in security.

📅 December 17th, 2025 | 17:30
📍 Lecture Hall HS i13, Inffeldgasse 16b

Team picture

Final scoreboard

Team dashboard

We got 9th place at @defcon.bsky.social #CTF! Props to all finalists for an intense fight over the past three days and congrats to MMM for taking the win.

Thanks to Nautilus Institute for the neat setup this year, we had a blast.

Until next time, Vegas!

#DEFCON #DEFCON33

Thanks to @v4m1n.bsky.social , @supersingular.bsky.social, @notimaginary.bsky.social, Stefan Gast, @j4nw.bsky.social, @tom-crypt.bsky.social and @gruss.cc for the great collaboration!

It protects against fine-grained performance-counter attacks on TEE's, while keeping coarse-grained trends intact for legitimate use cases.

hannesweissteiner.xyz/pdfs/teecorr...

I am happy to announce that my first paper has been accepted at USENIX Security!

We propose TEEcorrelate, a mitigation that statistically decorrelates reported performance counters from real ones during TEE execution.

I'm very happy to announce our new Cohere+Reload: Re-enabling High-Resolution Cache Attacks on AMD SEV-SNP was accepted at DIMVA 2025!

In it @snee.la, @gruss.cc and I investigate AMD's ciphertext coherence mechanism and show even low resolution leakage can go a long way.
Paper preview: cr.giner.cc