Spring 2024

Clicks and Conflict: Open Source Intelligence to Navigate Geopolitical Challenges

Friday, May 17, 2024 at 10:00am
Y2E2 105

This session will examine geopolitical events through the internet lens, identifying different forms of interference and influence that are often exerted by hostile actors. Diving into these real-world adversarial tactics, we will unpack a wide-ranging Russian influence operation spanning several years and leverage open-source intelligence (OSINT) to uncover an adversary’s identity.

Speaker: Nitish Chandan
Nitish Chandan is a seasoned trust and safety professional with expertise in product risk assessment, crisis response, and investigations. Working as a subject matter expert at Maltego, Nitish regularly conducts trainings for teams building capacity in risk assessment and fraud investigations.

Understanding LLM Security: Red Teaming in the Age of AI

Friday, May 10, 2024 at 4:30pm
Y2E2 362

Join us to unlock the secrets behind hacking large language models. Dive into the depths of how LLMs operate, their construction, and the pathways to exploiting their design, while exploring some of the strangest behaviors in all of computer science. Discover how to protect your LLM enabled applications using cutting edge defensive techniques, and how you can leverage these techniques to make best use of LLMs in your daily life.

Speaker: Cody Ho
Cody Ho is the Vice President of Applied Cyber and a senior studying Symbolic Systems and Computer Science. Cody’s academic pursuits focus on the intersection of machine learning and cybersecurity, with extensive experience that spans AI safety and ethics, low level systems and networking, HPC workloads, and reverse engineering malware. Cody is a member of Applied Cyber’s CCDC and CPTC teams focusing on Linux and Windows defense and automation.

Project Intro: Applied Cyber’s Custom Command and Control

Friday, May 3, 2024 at 4:30pm
Y2E2 362

We’ll cover the basics of C2, its practical applications, deployment strategies, and how you can participate in our exciting C2 project. Don’t miss out on the chance to get involved and learn more about this innovative initiative!

Speaker: Cody Ho
Cody Ho is the Vice President of Applied Cyber and a senior studying Symbolic Systems and Computer Science. Cody’s academic pursuits focus on the intersection of machine learning and cybersecurity, with extensive experience that spans AI safety and ethics, low level systems and networking, HPC workloads, and reverse engineering malware. Cody is a member of Applied Cyber’s CCDC and CPTC teams focusing on Linux and Windows defense and automation.

Intro to Ethical Web Hacking (Admit Weekend Special)

Friday, April 26, 2024 at 4:30pm
Y2E2 362

Join us to hack into a cat-themed startup that’s riddled with common vulnerabilities! You’ll learn how to defend against these attacks in your own projects and hear some war stories along the way.

Speaker: Aditya Saligrama
Aditya Saligrama is the President of Applied Cyber and a senior from the Boston area studying Computer Science on the systems track with interests in web, mobile, and cloud security, distributed systems, and open source software. He competes on the CCDC team as Linux & Cloud lead, helping bring home a National Championship in 2023, and leads web penetration testing on the CPTC team, helping the team place 2nd globally in 2024. Aditya also taught CS 40 Cloud Infrastructure and Scalable Application Deployment and is a Course Assistant for CS 155 Computer and Network Security.

Cross-Language Vulnerabilities

Friday, April 19, 2024 at 4:30pm
Y2E2 362

Memory corruption attacks have long plagued computer systems that use unsafe programming languages like C/C++. To enhance the security of these systems, developers have gradually introduced memory-safe languages like Rust to existing codebases, an approach that is effective but not foolproof. This talk will delve into the ways in which attackers can carefully manoeuvre between safe and unsafe code to undermine the security of mixed-language applications.

Speaker: Nathan Bhak
Nathan Bhak is a CS coterm and the almost-retired Projects Lead for Stanford Applied Cyber. He has experience in product security and reverse engineering, and currently does research on network infrastructure hijacks and automated vulnerability detection.

A Postmortem of the Attempted XZ Backdoor

Friday, April 12, 2024 at 4:30pm
Y2E2 362

Who would win in a fight: a suspected nation-state APT, or a curious engineer worried about the speed of his SSH logins? Come hear about the most ambitious backdoor attempt in recent memory. Learn how the intersection of innovative social engineering and insane technical feats created an attack that almost backdoored millions of systems.

Speaker: Cody Ho
Cody Ho is the Vice President of Applied Cyber and a senior studying Symbolic Systems and Computer Science. Cody’s academic pursuits focus on the intersection of machine learning and cybersecurity, with extensive experience that spans AI safety and ethics, low level systems and networking, HPC workloads, and reverse engineering malware. Cody is a member of Applied Cyber’s CCDC and CPTC teams focusing on Linux and Windows defense and automation.