Twitter Page of UCL's Information Security Research Group & the Academic Centre of Excellence in Cybersecurity Research
Joined November 2014
- Tweets 1,464
- Following 109
- Followers 1,860
- Likes 35
86 Photos and videos
UCL InfoSec retweeted
May 11
New paper out with @Zaddyzaddy
tldr: Security patches are also attack maps. Patch2Vuln asks whether an offline LLM agent can look only at old/new Linux binary packages, no source patch, no advisory text, and infer what vulnerability was fixed.
It builds a local pipeline around ELF extraction, Ghidra/Ghidriff binary diffing, changed-function ranking, dossier generation, and agentic audit/validation.
On 25 Ubuntu .deb package pairs, it found the correct security-relevant patched function in 10/20 real security updates and the accepted root-cause class in 11/20, while correctly treating all 5 negative controls as unknown.
The fascinating bit: this is basically post-patch vulnerability archaeology. It shows that once a binary security update ships, an agent can sometimes reconstruct the hidden bug from the patch artifact alone.
But the main bottleneck is not yet “LLM reasoning”; it is whether the binary diff/ranking stage surfaces the right function and whether local validation can turn the hypothesis into behavioral evidence.
4
3
16
3,713
UCL InfoSec retweeted
Jun 2
For 19 years, GPS satellites have secretly broadcast a “numbers station” in their public signals. We decoded 12M messages: a 2011 flash where 31 of 32 satellites flipped in hours, “ghost” substrings repeating years apart, and a “TEXT” prefix spreading now. lsc-pagepro.mydigitalpublica…
46
357
2,097
404,747
UCL InfoSec retweeted
The program chairs for #SaTML2027 will be Fabio Pierazzi (@fbpierazzi) and Florian Tramèr (@florian_tramer)! We're in for a great conference under their leadership.
4
23
4,008
UCL InfoSec retweeted
JUST PUBLISHED – Trust and technology: what went wrong with the Post Office?
By J Dwyer-Joyce (@uclisec)
buff.ly/MihkphJ
2
1
320
UCL InfoSec retweeted
1 Dec 2025
Reuters were accused of acting illegally in guessing the URL of an unreleased report in 2002. I didn’t hear anything after the initial reports so presume it was quietly dropped or settled. blog.citp.princeton.edu/2002…
1 Dec 2025
The person who first downloaded the OBR's document at 11:35 on Budget day (I'm guessing someone at Reuters, given they first reported it) had already guessed the web address and tried and failed to download it 32 times so far that day(!)
1
3
604
UCL InfoSec retweeted
19 Nov 2025
I was quoted in @AsianVoiceNews alongside Jonathan Ellison from @NCSC, helping raise #scamawareness ahead of the #BlackFriday rush! @uclisec @uclcs @ucl
#InternationalFraudAwarenessWeek #ScamAware #BBCScamSafe @bbcasiannetwork @bbceducation @TakeFive @UKFtweets
2
2
282
UCL InfoSec retweeted
5 Nov 2025
Honoured and humbled to share that we (#StopScamsUK) won the @theTECAs Outstanding Private/Third Sector Initiative Award 🏆 Thanks to all our members and the team ❤️ Onwards and upwards 🚀
#TacklingEconomicCrimeAwards #TECAs #OnlineFraud #Scams #Teamwork
1
2
6
335
UCL InfoSec retweeted
30 Oct 2025
[1/n] Competitive opportunity for a 4-year PhD scholarship at @uclcs
Deadline: Jan 5, 2026 @ 1pm
We're seeking exceptional PhD applicants with expertise in AI and cybersecurity for a competitive opportunity to work with myself and @lcavallaro #PhD #Cybersecurity #AI @uclisec
2
1
2
711
UCL InfoSec retweeted
29 Sep 2025
If you are going to ACM CCS in Taipei, and you have an interest in distributed systems or blockchains, you are invited to the Sui Academic event: luma.com/jicmazp3
8
10
41
6,269
UCL InfoSec retweeted
27 Sep 2025
‼️New paper alert 📣
Our latest paper on understanding SMS phishing infrastructure and strategies using public user reports (w/ @a_papasavva, @gsuareztangil, and @mjvasek) has been accepted @ACM_IMC_2025 📝📱@uclisec @uclcs @ucl @IMDEAInstitutes #cybercrime #smsscams #smishing
1
7
10
857
UCL InfoSec retweeted
17 Sep 2025
Emiliano will be back at UCL for a talk on Monday
📍 169 Euston Road, GF Seminar Room
📅 September 22
🕑 2:00 PM
Swing by if you’re in town and interested in synthetic data and privacy or just want to say hi.
sec.cs.ucl.ac.uk/seminars/
1
146
UCL InfoSec retweeted
24 Aug 2025
Looking forward to presenting and discussing our paper (w/ @mjvasek) in collaboration with #StopScamsUK on #CNPfraud @NspWorkshop in Germany over the next few days! @uclisec @uclcs @ucl @StopScamsUK #onlinefraud #smishing #smscsams @Paymentology #NSPW #remotefraud #cardfraud
3 Jun 2025
📣📱💳 Our paper (w/@mjvasek) titled "Card-Not-Present Fraud resulting from Smishing Attacks: An Experimental Study" was accepted @NspWorkshop 2025! Looking forward to a great discussion. #CNPfraud #smscams #scams #smishing #onlinefraud #StopScamsUK #NSPW25 @uclisec @uclcs @ucl
1
1
268
UCL InfoSec retweeted
12 Aug 2025
UCL Computer Science are hiring Section Managers to support the development and delivery of teaching, research, and strategy within their section. I’ll be leading the Foundational Computer Science section, where the InfoSec group is based. ucl.ac.uk/work-at-ucl/search…
1
5
7
903
UCL InfoSec retweeted
6 Aug 2025
Looking forward to presenting our paper on “Hi mum and dad” SMS scams next week @USENIXSecurity in Seattle! If you are attending #USENIX25, come to the Fraud, Malware and Spam track on 14th Aug! @uclisec @uclcs @ucl @IMDEA_Networks @StopScamsUK #onlinefraud #scams #cybercrime
26 Sep 2024
🔔‼️ Our paper (w/ #StopScamsUK @EnricoMariconti @gsuareztangil @mjvasek) investigating “Hi Mum and Dad” SMS Scams has been accepted @USENIXSecurity’25! #USENIX25 #SMSScams #finanicialfraud #himumscams @uclisec @uclcs @usenix
1
2
5
366
UCL InfoSec retweeted
11 Jul 2025
In case you weren’t able to attend the @ProjectHoneynet Annual Workshop 2025 in Prague last month, my talk and others are now live: m.youtube.com/watch?t=16302&… @StratosphereIPS @ucl @uclisec @uclcs #smishing #smscam #honeypot #Honeynet2025
1 May 2025
Looking forward to showcasing our #smishing honeypot📱 for the first time @ProjectHoneynet Annual Workshop 2025 in Prague on 2nd June! @uclisec @uclcs @ucl @StratosphereIPS
1
1
279
22 Jul 2025
“$5 Wrench Attacks: When Cryptocurrency Crime Get Physical”, a post on Bentham’s Gaze by Marilyne Ordekian discussing when XKCD comics become reality – benthamsgaze.org/2025/07/22/…
ALT Actual actual reality: nobody cares about his secrets. (Also, I would be hard-pressed to find that wrench for $5.)
1
343
UCL InfoSec retweeted
3 Jun 2025
📣📱💳 Our paper (w/@mjvasek) titled "Card-Not-Present Fraud resulting from Smishing Attacks: An Experimental Study" was accepted @NspWorkshop 2025! Looking forward to a great discussion. #CNPfraud #smscams #scams #smishing #onlinefraud #StopScamsUK #NSPW25 @uclisec @uclcs @ucl
3
6
595
15 May 2025
On our new paper published at IEEE Security and Privacy @IEEESSP – “A Privacy Framework for Research Using Social Media Data”, a summary by Kyle Beadle benthamsgaze.org/2025/05/15/…
1
1
348
UCL InfoSec retweeted
7 Apr 2025
I have an open PhD position at @uclisec on applying traffic-analysis resistance techniques to protect industrial control systems. Full funding is available for home-fee status students (deadline 15 April). ucl.ac.uk/security-crime-sci…
8
6
955
UCL InfoSec retweeted
5 Apr 2025
🔔Research in news🚨
The results from our work on categorization of SMS scams from #IMC2024 and the upcoming paper on "Hi Mum and Dad" SMS scams @USENIXSecurity are referenced in today's @thetimes article by @yennahsmart thetimes.com/business-money/… #StopScamsUK @uclisec @uclcs @ucl
1
4
1
402