All Stories

  1. Infrastructure as Compromise: Abusing Residual Trust in Infrastructure as Code Tools
  2. The Power to Never Be Wrong: Evasions and Anachronistic Attacks Against Web Archives
  3. What Gets Measured Gets Managed: Mitigating Supply Chain Attacks with a Link Integrity Management System
  4. A Decade-long Analysis of Global Trends in Advanced Persistent Threats
  5. The Poorest Man in Babylon: A Longitudinal Study of Cryptocurrency Investment Scams
  6. Panning for gold.eth: Understanding and Analyzing ENS Domain Dropcatching
  7. Scan Me If You Can: Understanding and Detecting Unwanted Vulnerability Scanning
  8. The More Things Change, the More They Stay the Same: Integrity of Modern JavaScript
  9. Role Models: Role-based Debloating for Web Applications
  10. Introduction to the Special Issue on Vulnerabilities
  11. Verba Volant, Scripta Volant: Understanding Post-publication Title Changes in News Outlets
  12. Catching Transparent Phish: Analyzing and Detecting MITM Phishing Toolkits
  13. Click This, Not That: Extending Web Authentication with Deception
  14. Where are you taking me?Understanding Abusive Traffic Distribution Systems
  15. You've Changed: Detecting Malicious Browser Extensions through their Update Deltas
  16. Betrayed by Your Dashboard
  17. Panning for gold.com
  18. Exposing Search and Advertisement Abuse Tactics and Infrastructure of Technical Support Scammers
  19. Hiding in Plain Sight
  20. Hindsight
  21. The Wolf of Name Street
  22. What's in a Name?
  23. No Honor Among Thieves
  24. Are You Sure You Want to Contact Us? Quantifying the Leakage of PII via Website Contact Forms
  25. The Clock is Still Ticking
  26. Maneuvering Around Clouds
  27. Drops for Stuff