Recent Experience
Education
Ecole Normale Supérieure Paris-Saclay
Ph.D in Computer Science , Paris, France 2005 - 2008
Université Paris Diderot
Master degree in Computer Science , Paris, France 2003 - 2004
EPITA
Engineering Degree , Paris, France 1998 - 2004
-
2025
Autonomous Timeline Analysis and Threat HuntingAlex Kantchelian , Maarten van Dantzig , Diana Kramer , Janosch Köpper , Eric Morley , Sadegh Momeni , Yanis Pavlidis , Elie Bursztein
BH25- Las Vegas
- FACADE High-Precision Insider Threat Detection Using Contrastive Learning
Alex Kantchelian , Elie Bursztein , Casper Neo , Ryan Stevens , Sadegh Momeni , Birkett Huber , Yanis Pavlidis
BH25- Las Vegas
- Autonomous Timeline Analysis and Threat Hunting
Diana Kramer , Melinda Baeriswyl , Janosch Köpper
DEF CON 33- Las Vegas
- Toward Secure & Trustworthy AI: Independent Benchmarking
Elie Bursztein
InCyber Forum- Lille, France
-
2024
AI for Cybersecurity: Get Started TodayElie Bursztein
Sectember AI- Virtual
- AI Security: Top 5 Recommendations To Get Started Today
Elie Bursztein
DevFest- Virtual
-
RSA- San Francisco, USA
-
RSA- San Francisco, USA
-
2023
How AI helps keeping Gmail inboxes malware freeElie Bursztein
FIC- Lille, France
-
2022
Building Safe End-to-End Encrypted Services for Business - a Google Workspace perspectiveElie Bursztein , Nicolas Lidzborski
RSA- San Francisco, USA
-
2021
Deep-Cryptanalysis - Fashion or Revolution?Elie Bursztein
WAC- Virtual
-
2020
A Hacker’s guide to reducing side-channel attack surfaces using deep-learningElie Bursztein , Jean-Michel Picod
Defcon & BH- Safemode
- Account protections - A Google Perspective
Elie Bursztein
FIC- Lille, France
- Malicious Documents Emerging Trends: A Gmail Perspective
Elie Bursztein
RSA- San Francisco, USA
-
2019
A Hacker Guide To Deep Learning Based Side Channel AttacksElie Bursztein , Jean-Michel Picod
Defcon- Las Vegas
-
IO- Mountain View, USA
- Deconstructing the Phishing Campaigns that Target Gmail Users
Elie Bursztein , Daniela Oliveira
Black Hat USA- Las Vegas, USA
-
Enigma- Burlingame, USA
-
2018
How to successfully harness AI to combat fraud and abuseElie Bursztein
RSA- San Francisco, USA
-
2017
Attacking encrypted USB keys the hard(ware) wayJean-Michel Picod , Rémi Audebert , Elie Bursztein
Black Hat USA- Las Vegas, USA
- Hunting down Gooligan — retrospective analysis
Elie Bursztein , Oren Koriat
Botconf- Montpellier, France
-
Black Hat- Las Vegas, USA
-
RSA- San Francisco, USA
- Tracking ransomware payments end to end
Luca Invernizzi , Kylie McRoberts , Elie Bursztein
BH USA- Las Vegas, USA
-
2016
Cheating at poker - James Bond StyleElie Bursztein , Celine Bursztein , Jean-Michel Picod
Defcon- Las Vegas
- Does dropping usb drives really work?
Elie Bursztein
Black Hat- Las Vegas, USA
- Learn web security with Google
Elie Bursztein , Eric Kuan , Yuan Niu
IO- Mountain View, USA
- Lessons learned while protecting Gmail
Elie Bursztein
Enigma- San Francisco, USA
-
2014
I am a legend: hacking hearthstone with machine learningElie Bursztein , Celine Bursztein
Defcon- Las Vegas
-
2012
Fuzzing online gamesElie Bursztein , Patrick Samy
Defcon- Las Vegas, USA
- The Art of Breaking and Designing CAPTCHAS
Elie Bursztein
RSA- San Francisco, USA
-
2011
Beyond files recovery owade cloud-based forensicElie Bursztein , Ivan Fontarensky , Matthieu Martin , Jean-Michel Picod
Black hat- Las Vegas, USA
-
2010
Bad memoriesElie Bursztein , Baptiste Gourdin , Dan Boneh
Black Hat & Defcon- Las Vegas, USA
- Kartograph
Elie Bursztein , Jocelyn Lagarenne , Dan Boneh
Defcon- Las Vegas, USA
- Reversing dpapi and stealing windows secrets offline
Jean-Michel Picod , Elie Bursztein
Black Hat DC- Washington, USA
-
2009
Embedded management interfaces emerging massive insecurityHristo Bojinov , Elie Bursztein
Black Hat- Las Vegas, USA
Selected Talks
-
2025
DROIDCCT: Cryptographic Compliance Test via Trillion-Scale MeasurementDaniel Moghimi , Rémi Audebert , Pedro Barbosa , Borbala Benko , Elie Bursztein , Alex (Mac) Mihai , László Siroki , Kurt Thomas , Catherine Vlasov
ACSAC, Hawaii, USA
-
2024
Generalized Power Attacks against Crypto Hardware using Long-Range Deep LearningElie Bursztein , Luca Invernizzi , Karel Král , Daniel Moghimi , Jean-Michel Picod , Marina Zhang
CHES, Toronto, Canada
- Leveraging Virtual Reality to Enhance Diversity and Inclusion training at Google
Elie Bursztein , Karla Brown , Patrick Gage Kelley , Leonie Sanderson
CHI, Hawaii, USA
- RETSim: Resilient and Efficient Text Similarity
Marina Zhang , Owen Vallis , Aysegul Bumin , Tanay Vakharia , Elie Bursztein
ICLR, Vienna, Austria
-
2023
Hybrid Post-Quantum Signatures in Hardware Security KeysDiana Ghinea , Fabian Kaczmarczyck , Jennifer Pullman , Julien Cretin , Stefan Kolbl , Rafael Misoczki , Jean-Michel Picod , Luca Invernizzi , Elie Bursztein
ACNS, Kyoto, Japan
- RETVec: Resilient and Efficient Text Vectorizer
Elie Bursztein , Marina Zhang , Owen Vallis , Xinyu Jia , Alexandros Kapravelos , Alexey Kurakin
NeurIPS, New Orleans, USA
-
2022
It's common and a part of being a content creator: Understanding How Creators Experience and Cope with Hate and Harassment OnlineKurt Thomas , Patrick Gage Kelley , Sunny Consolvo , Patrawat Samermit , Elie Bursztein
CHI, New Orleans, USA
-
2021
Designing Toxic Content Classification for a Diversity of PerspectivesDeepak Kumar , Patrick Gage Kelley , Sunny Consolvo , Joshua Mason , Elie Bursztein , Zakir Durumeric , Kurt Thomas , Michael Bailey
SOUPS, Virtual
- SoK: Hate, Harassment, and the Changing Landscape of Online Abuse
Kurt Thomas , Devdatta Akhawe , Michael Bailey , Dan Boneh , Elie Bursztein , Sunny Consolvo , Nicola Dell , Zakir Durumeric , Patrick Gage Kelley , Deepak Kumar , Damon McCoy , Sarah Meiklejohn , Thomas Ristenpart , Gianluca Stringhini
S&P, Virtual
- Why wouldn't someone think of democracy as a target? Security practices & challenges of people involved with U.S. political campaigns"
Sunny Consolvo , Patrick Gage Kelley , Tara Matthews , Kurt Thomas , Lee Dunn , Elie Bursztein
Usenix Security, Virtual
-
2020
Spotlight: Malware Lead Generation At ScaleFabian Kaczmarczyck , Bernhard Grill , Luca Invernizzi , Jennifer Pullman , Cecilia M. Procopiuc , David Tao , Borbala Benko , Elie Bursztein
ACSAC, Virtual
- Who is targeted by email-based phishing and malware? Measuring factors that differentiate risk
Camelia Simoiu , Ali Zand , Kurt Thomas , Elie Bursztein
IMC, Virtual
-
2019
Protecting accounts from credential stuffing with password breach alertingKurt Thomas , Jennifer Pullman , Kevin Yeo , Ananth Raghunathan , Patrick Gage Kelley , Luca Invernizzi , Borbala Benko , Tadek Pietraszek , Sarvar Patel , Dan Boneh , Elie Bursztein
Usenix Security, Santa Clara, USA
- Rethinking the detection of child sexual abuse imagery on the Internet
Elie Bursztein , Travis Bright , Michelle DeLaune , David M. Eliff , Nick Hsu , Lindsey Olson , John Shehan , Madhukar Thakur , Kurt Thomas
WWW, San Francisco, USA
- Five years of the Right to Be Forgotten
Theo Bertram , Elie Bursztein , Stephanie Caro , Hubert Chao , Rutledge Chin Feman , Peter Fleischer , Albin Gustafsson , Jess Hemerly , Chris Hibbert , Luca Invernizzi , Lanah Kammourieh Donnelly , Jason Ketover , Jay Laefer , Paul Nicholas , Yuan Niu , Harjinder Obhi , David Price , Andrew Strait , Kurt Thomas , Al Verney
CCS, London, UK
- They Don't Leave Us Alone Anywhere We Go - Gender and Digital Abuse in South Asia
Nithya Sambasivan , Amna Batool , Nova Ahmed , Tara Matthews , Kurt Thomas , Laura Sanely Gaytán-Lugo , David Nemer , Elie Bursztein , Elizabeth Churchill , Sunny Consolvo
CHI, Glasgow, Scotland UK
-
2018
Data Breaches: User Comprehension, Expectations, and Concerns with Handling Exposed DataSowmya Karunakaran , Kurt Thomas , Elie Bursztein , Oxana Comanescu
SOUPS, Baltimore, USA
- Tracking desktop ransomware payments end to end
Danny Yuxing Huang , Maxwell Aliapoulios , Vector Guo , Luca Invernizzi , Kylie McRoberts , Elie Bursztein , Jonathan Levin , Kirill Levchenko , Alex C. Snoeren , Damon McCoy
S&P, San Francisco, USA
-
2017
Data Breaches, Phishing, or Malware? Understanding the Risks of Stolen CredentialsKurt Thomas , Frank Li , Ali Zand , Jacob Barrett , Juri Ranieri , Luca Invernizzi , Yarik Markov , Oxana Comanescu , Vijay Eranti , Angelika Moscicki , Daniel Margolis , Vern Paxson , Elie Bursztein
CCS, Dallas, USA
- Pinning Down Abuse on Google Maps
Danny Y. Huang , Doug Grundman , Kurt Thomas , Abhishek Kumar , Elie Bursztein , Kirill Levchenko , Alex C. Snoeren
WWW, Perth, Australia
- The first collision for full SHA-1
Marc Stevens , Elie Bursztein , Pierre Karpman , Ange Albertini , Yarik Markov
Crypto, Santa Barbara, USA
- The Security Impact of HTTPS Interception
Zakir Durumeric , Zane Ma , Drew Springall , Richard Barnes , Nick Sullivan , Elie Bursztein , Michael Bailey , J Alex Halderman , Vern Paxson
NDSS, San Diego, USA
- Understanding the Mirai Botnet
Manos Antonakakis , Tim April , Michael Bailey , Matt Bernhard , Elie Bursztein , Jaime Cochran , Zakir Durumeric , J. Alex Halderman , Luca Invernizzi , Michalis Kallitsis , Deepak Kumar , Chaz Lever , Zane Ma , Joshua Mason , Damian Menscher , Chad Seaman , Nick Sullivan , Kurt Thomas , Yi Zhou
Usenix Security, Vancouver, Canada
-
2016
Cloak of visibility: detecting when machines browse a different webLuca Invernizzi , Kurt Thomas , Alexandros Kapravelos , Oxana Comanescu , Jean-Michel Picod , Elie Bursztein
S&P, San Jose
- Investigating commercial pay-per-install and the distribution of unwanted software
Kurt Thomas , Juan A. Elices Crespo , Ryan Rasti , Jean-Michel Picod , Cait Phillips , Marc-Andre Decoste , Chris Sharp , Fabio Tirelo , Ali Tofigh , Marc-Antoine Courteau , Lucas Ballard , Robert Shield , Nav Jagpal , Moheeb Abu Rajab , Panayiotis Mavrommatis , Niels Provos , Elie Bursztein , Damon McCoy
Usenix Security, Austin, USA
-
CIG, Santorini, Greece
- Picasso: Lightweight Device Class Fingerprinting for Web Clients
Elie Bursztein , Artem Malyshey , Tadek Pietraszek , Kurt Thomas
SPSM, Vienna, Austria
- Remedying web hijacking notification effectiveness and webmaster comprehension
Frank Li , Grant Ho , Eric Kuan , Yuan Niu , Lucas Ballard , Kurt Thomas , Elie Bursztein , Vern Paxson
WWW, Montreal, Canada
- The Abuse Sharing Economy: Understanding the Limits of Threat Exchanges
Kurt Thomas , Rony Amira , Adi Ben-Yoash , Ori Folger , Amir Hardon , Ari Berger , Elie Bursztein , Michael Bailey
RAID, Paris, France
- Users really do plug in usb drives they find
Matthew Tischer , Zakir Durumeric , Sam Foster , Sunny Duan , Alec Mori , Elie Bursztein , Michael Bailey
S&P, San Jose, USA
-
2015
Ad injection at scale: assessing deceptive advertisement modificationsKurt Thomas , Elie Bursztein , Chris Grier , Grant Ho , Nav Jagpal , Alexandros Kapravelos , Damon McCoy , Antonio Nappa , Vern Paxson , Paul Pearce , Niels Provos , Moheeb Abu Rajab
S&P, Oakland
- Framing dependencies introduced by underground commoditization
Kurt Thomas , Danny Huang , David Wang , Elie Bursztein , Chris Grier , Thomas J. Holt , Christopher Kruegel , Damon McCoy , Stefan Savage , Giovanni Vigna
WEIS, Amsterdam, Netherlands
- Neither snow nor rain nor mitm . . . an empirical analysis of email delivery security
Zakir Durumeric , David Adrian , Ariana Mirian , James Kasten , Elie Bursztein , Nicolas Lidzborski , Kurt Thomas , Vijay Eranti , Michael Bailey , J. Alex Halderman
IMC, Tokyo
- Secrets, lies, and account recovery: lessons from the use of personal knowledge questions at google
Joseph Bonneau , Elie Bursztein , Ilan Caron , Rob Jackson , Mike Williamson
WWW, Florence, Italy
-
2014
Cloak and swagger: understanding data sensitivity through the lens of user anonymitySai Teja Peddinti , Aleksandra Korolova , Elie Bursztein , Geetanjali Sampemane
S&P, San Jose
- Easy does it: more usable captchas
Elie Bursztein , Angelika Moscicki , Celine Fabry , Steven Bethard , John C. Mitchell , Dan Jurafsky
CHI, Toronto, Canada
- Dialing back abuse on phone verified accounts
Kurt Thomas , Dmytro Latskiv , Elie Bursztein , Tadek Pietraszek , Chris Grier , Damon McCoy
CCS, Scottsdale, USA
- Handcrafted fraud and extortion: manual account hijacking in the wild
Elie Bursztein , Borbala Benko , Daniel Margolis , Tadek Pietraszek , Andy Archer , Allan Aquino , Andreas Pitsillidis , Stefan Savage
IMC, Vancouver, Canada
- Online microsurveys for user experience research
Victoria Schwanda Sosik , Elie Bursztein , Sunny Consolvo , David Huffaker , Gueorgi Kossinets , Kerwell Liao , Paul McDonald , Aaron Sedley
CHI, Vancouver
- The end is nigh: generic solving of text-based captchas
Elie Bursztein , Jonathan Aigrain , Angelika Mosciki , John Mitchell
WOOT, San Diego, USA
-
2012
Sessionjuggler secure web login from an untrusted terminal using session hijackingElie Bursztein , Chinmay Soman , Dan Boneh , John C. Mitchell
WWW, Lyon, France
-
2011
Openconflict preventing real time map hacks in online gamesElie Bursztein , Jocelyn Lagarenne , Mike Hamburg , Dan Boneh
S&P, Oakland, USA
- Reclaiming the blogosphere talkback a secure linkback protocol for weblogs
Elie Bursztein , Baptiste Gourdin , John C. Mitchell
ESORICS, Leuven, Belgium
- Text-based captcha strengths and weaknesses
Elie Bursztein , Matthieu Martin , John C. Mitchell
CCS, Chicago, USA
- The failure of noise-based non-continuous audio captchas
Elie Bursztein , Romain Bauxis , Hristo Paskov , Daniele Perito , Celine Fabry , John C. Mitchell
S&P, Oakland, USA
- Towards secure embedded web interfaces
Baptiste Gourdin , Chinmay Soman , Hristo Bojinov , Elie Bursztein
Usenix Security, San Francisco, USA
-
2010
An analysis of private browsing modes in modern browsersGaurav Aggarwal , Elie Bursztein , Collin Jackson , Dan Boneh
Usenix Security, Washington, USA
- Busting frame busting a study of clickjacking vulnerabilities on popular sites
Gustav Rydstedt , Elie Bursztein , Dan Boneh , Collin Jackson
W2SP, Oakland, USA
- How good are humans at solving captchas a large scale evaluation
Elie Bursztein , Steven Bethard , Celine Fabry , Dan Jurafsky , John C. Mitchell
S&P, Oakland, USA
- Framing attacks on smartphones and dumb routers: social sites tap-jacking and geo-localization attacks
Gustav Rydstedt , Baptiste Gourdin , Elie Bursztein , Dan Boneh
WOOT, Washington, USA
- Kamouflage loss-resistant password management
Hristo Bojinov , Elie Bursztein , Dan Boneh , Xavier Boyen
ESORICS, Athens, Greece
- Recovering windows secrets and efs certificates offline
Elie Bursztein , Jean-Michel Picod
WOOT, Washington, USA
- State of the art automated black-box web application vulnerability testing
Jason Bau , Elie Bursztein , Divij Gupta , John C. Mitchell
S&P, Oakland, USA
- The emergence of cross channel scripting
Hristo Bojinov , Elie Bursztein , Dan Boneh
CACM, Journal Volume 53 Number 8
- Webseclab security education workbench
Elie Bursztein , Baptiste Gourdin , Celine Fabry , Jason Bau , Gustav Rydstedt , Hristo Bojinov , Dan Boneh , John C. Mitchell
CEST, Washington, USA
-
2009
Decaptcha breaking 75% of ebay audio captchasElie Bursztein , Steven Bethard
WOOT, Montreal, Canada
- Trackback spam abuse and prevention
Elie Bursztein , Peifung E. Lam , John C. Mitchell
CCSW, Chicago, USA
- Using strategy objectives for network security analysis
Elie Bursztein , John C. Mitchell
Inscrypt, Beijing, China
- Xcs cross channel scripting and its impact on web applications
Hristo Bojinov , Elie Bursztein , Dan Boneh
CCS, Chicago, USA
-
2008
FAST, Malaga, Spain
- Netqi a model checker for anticipation game
Elie Bursztein
ATVA, Seoul, Korea
-
WISTP, Sevilla, Spain
-
2007
A logical framework for evaluating network resilience against faults and attacksElie Bursztein , Jean Goubault-Larrecq
ASIAN, Doha, Qatar
-
NordSec, Reykjavik, Iceland
Selected Publications
-
2023
Google announces new algorithm that makes FIDO encryption safe from quantum computersHybrid Post-Quantum Signatures in Hardware Security Keys
Dan Goodin, Ars Technica
- Google Confirms Massive Gmail Update—Here’s What It Means For You
RETVec: Resilient and Efficient Text Vectorizer
Davey Winder, Forbes
- Gmail’s AI-powered spam detection is its biggest security upgrade in years
RETVec: Resilient and Efficient Text Vectorizer
Ron Amadeo, Ars Technica
-
2020
Google releases open-source 2FA security key platform called OpenSKAccount protections - A Google Perspective
Ryne Hager, Android Police
- Google open-sources the tools needed to make 2FA security keys
Account protections - A Google Perspective
Rachel England, Engadget
-
2019
Checking your email when you’re grouchy could make you less likely to fall for phishing scamsDeconstructing the Phishing Campaigns that Target Gmail Users
Jennifer Liu, CNBC
- We keep falling for phishing emails, and Google just revealed why
Deconstructing the Phishing Campaigns that Target Gmail Users
Rob Pegoraro, Fast Company
- Hackers want you to be happy. People in a good mood are easier to trick, research says
Deconstructing the Phishing Campaigns that Target Gmail Users
Alfred Ng, CNET
- Phishing emails - Here's why we are still getting caught out after all these years
Deconstructing the Phishing Campaigns that Target Gmail Users
Steve Range, ZDNet
- Fight against child sex abuse images requires smarter tech, Google expert says
Rethinking how to detect child sexual abuse imagery on the Internet
Laura Hautala, CNET
-
2018
AI can help cybersecurity - if it can fight through the hypeHow to successfully harness AI to combat fraud and abuse
Lily May Newman, Wired
- People Have Asked Google to Remove 2.4 Million Links About Them. Here's What They Want to Forget
Five years of the Right to Be Forgotten
David Meyer, Fortune
- Droit à l’oubli : en presque quatre ans, Google a reçu plus de 650 000 demandes
Five years of the Right to Be Forgotten
Perrine Signoret, Le Monde
- Recht auf Vergessenwerden: Google erhielt bislang 2,4 Millionen URL-Löschanfragen
Five years of the Right to Be Forgotten
Daniel Berger, Heise Online
- Google has received 2.4 million URL removal requests under EU 'right to be forgotten' laws
Five years of the Right to Be Forgotten
Thuy Ong, The Verge
-
2017
Google ransomware tracking finds vicious infection cycleTracking ransomware payments end to end
Elizabeth Weise, USA Today
- Google Warns Ransomware Boom Scored Crooks $2 Million A Month
Tracking ransomware payments end to end
Thomas Fox-Brewster, Forbes
- Ransomware 'here to stay', warns Google study
Tracking ransomware payments end to end
Mark Ward, BBC
- Google says hackers steal almost 250,000 web logins each week
Data Breaches, Phishing, or Malware? Understanding the Risks of Stolen Credentials
Selena Larson, CNN
- Google investigators find hackers swipe nearly 250,000 passwords a week
Data Breaches, Phishing, or Malware? Understanding the Risks of Stolen Credentials
Mark Kaufman, Mashable
- Google just cracked one of the building blocks of web encryption
The first collision for full SHA-1
Russell Brandom, The Verge
- Google breaks SHA-1 web crypto for good
The first collision for full SHA-1
Liam Tung, ZDnet
- Google Just 'Shattered' An Old Crypto Algorithm -- Here's Why That's Big For Web Security
The first collision for full SHA-1
Thomas Fox-Brewster, Forbes
- Google Team Cracks Longtime Pillar of Internet Security
The first collision for full SHA-1
Rober McMillan, WSJ
-
2016
The mobile phone that lets you cheat at ANY card game: Handset has secret sensors to read cardsCheating at poker - James Bond Style
Stacy Liberatore, Daily Mail
- The state of cyber security: we're all screwed
Users really do plug in usb drives they find
Dan Tynan, The Guardian
-
2015
Busted! Google Names Key Culprits In Scammy Ad SoftwareAd injection at scale: assessing deceptive advertisement modifications
Robert Hof, Forbes
- One in 20 web users infected with ad injection software
Ad injection at scale: assessing deceptive advertisement modifications
Alex Hern, The Guardian
- Ad Injection: Yet Another Challenge for Online Advertising
Ad injection at scale: assessing deceptive advertisement modifications
Jack Marshall, The Wall Street Journal
- Gmail to warn when messages take unencrypted routes
Neither snow nor rain nor mitm . . . an empirical analysis of email delivery security
AFP, Daily Mail
- Your Password Security Questions Are Terrible, And They’re Not Fooling Anyone
Secrets, lies, and account recovery: lessons from the use of personal knowledge questions at google
Damon Beres, Huffington Post
- Stop Using This Painfully Obvious Answer For Your Security Questions
Secrets, lies, and account recovery: lessons from the use of personal knowledge questions at google
Victor Luckerson, Time
- Google Reveals the Problem With Password Security Questions
Secrets, lies, and account recovery: lessons from the use of personal knowledge questions at google
Alyssa Newcomb, ABC News
- Those secret security answers may not be so secure
Secrets, lies, and account recovery: lessons from the use of personal knowledge questions at google
Michael Casey, CBS News
- Google Study Shows Security Questions Aren’t All That Secure
Secrets, lies, and account recovery: lessons from the use of personal knowledge questions at google
Frederic Lardinois, Tech Crunch
-
2014
Hijackers get up close and personal with hacked accountsHandcrafted fraud and extortion: manual account hijacking in the wild
Elizabeth Weise, USA Today
- Inside the world of professional e-mail account hijackers
Handcrafted fraud and extortion: manual account hijacking in the wild
Andrea Peterson, The Washington Post
- This is how your Gmail account got hacked
Handcrafted fraud and extortion: manual account hijacking in the wild
Jose Pagliery, CNN
- Google Study Finds Email Scams Are More Effective Than You’d Expect
Handcrafted fraud and extortion: manual account hijacking in the wild
Damon Beres, Huffington Post
- Gone in 180 Seconds: Hackers Quickly Raid E-Mails in Search of 'Wire Transfer' and Sex Photos
Handcrafted fraud and extortion: manual account hijacking in the wild
Jordan Robertson, Bloomberg
-
2012
Stanford researchers crack video CAPTCHAHow we broke the nucaptcha video scheme and what we propose to fix it
Elizabeth Weise, The Verge
- Stanford University researchers break NuCaptcha video security
How we broke the nucaptcha video scheme and what we propose to fix it
Declan McCullagh, CNET
-
2011
Forensic Tool Unlocks Online HistoryBeyond files recovery owade cloud-based forensic
Nick Clayton, WSJ
- Massive privacy hole found in Microsoft map service
Beyond files recovery owade cloud-based forensic
Declan McCullagh, CBS News
- New forensics tool can expose encrypted online activity
Beyond files recovery owade cloud-based forensic
Chena Ngak, CBS News
- Stanford Software Cracks Most Captchas
Text-based captcha strengths and weaknesses
Matt Liebowitz, NBC News
- Captcha security not much of a gotcha
Text-based captcha strengths and weaknesses
, CBS News
Selected Press