Session 10A: Confidential Computing 2

Authors, Creators & Presenters: Qihang Zhou (Institute of Information Engineering, Chinese Academy of Sciences), Wenzhuo Cao (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyberspace Security, University of Chinese Academy of Sciences), Xiaoqi Jia (Institute of Information Engineering, Chinese Academy of Sciences), Peng Liu (The Pennsylvania State University, USA), Shengzhi Zhang (Department of Computer Science, Metropolitan College, Boston University, USA), Jiayun Chen (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyberspace Security, University of Chinese Academy of Sciences), Shaowen Xu (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyberspace Security, University of Chinese Academy of Sciences), Zhenyu Song (Institute of Information Engineering, Chinese Academy of Science)

PAPER
RContainer: A Secure Container Architecture through Extending ARM CCA Hardware Primitives

Containers have become widely adopted in cloud platforms due to their efficient deployment and high resource utilization. However, their weak isolation has always posed a significant security concern. In this paper, we propose RContainer, a novel secure container architecture that protects containers from untrusted operating systems and enforces strong isolation among containers by extending ARM Confidential Computing Architecture (CCA) hardware primitives. RContainer introduces a small, trusted mini-OS that runs alongside the deprivileged OS, responsible for monitoring the control flow between the operating system and containers. Additionally, RContainer uses shim-style isolation, creating an isolated physical address space called con-shim for each container at the kernel layer through the Granule Protection Check mechanism. We have implemented RContainer on ARMv9-A Fixed Virtual Platform and ARMv8 hardware SoC for security analysis and performance evaluation. Experimental results demonstrate that RContainer can significantly enhance container security with a modest performance overhead and a minimal Trusted Computing Base (TCB).

ABOUT NDSS
The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.

---

Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the Organizations' YouTube Channel.

Permalink

The post NDSS 2025 – RContainer appeared first on Security Boulevard.

The United States Navy’s Independence-variant littoral combat ship USS Cincinnati (LCS 20) arrived at Cambodia’s Ream Naval Base for a temporary port visit on January 24, 2026, marking the first visit by a U.S. warship since the base was expanded with Chinese support. According to the U.S. Navy, USS Cincinnati docked at the base in […]

Trend Micro's Zero Day Initiative sponsored its third annual Pwn2Own Automotive competition in Tokyo this week, receiving 73 entries, the most ever for a Pwn2Own event. "Under Pwn2Own rules, all disclosed vulnerabilities are reported to affected vendors through ZDI," reports Help Net Security, "with public disclosure delayed to allow time for patches." Infotainment platforms from Tesla, Sony, and Alpine were among the systems compromised during demonstrations. Researchers achieved code execution using techniques that included buffer overflows, information leaks, and logic flaws. One Tesla infotainment unit was compromised through a USB-based attack, resulting in root-level access. Electric vehicle charging infrastructure also received significant attention. Teams successfully demonstrated exploits against chargers from Autel, Phoenix Contact, ChargePoint, Grizzl-E, Alpitronic, and EMPORIA. Several attacks involved chaining multiple vulnerabilities to manipulate charging behavior or execute code on the device. These demonstrations highlighted how charging stations operate as network-connected systems with direct interaction with vehicles. There's video recaps on the ZDI YouTube channel — apparently the Fuzzware.io researchers "were able to take over a Phoenix Contact EV charger over bluetooth." Three researchers also exploited the Alpitronic's HYC50 fast-charging with a classic TOCTOU bug, according to the event's site, "and installed a playable version of Doom to boot." They earned $20,000 — part of $1,047,000 USD was awarded during the three-day event. More coverage from SecurityWeek: The winner of the event, the Fuzzware.io team, earned a total of $215,500 for its exploits. The team received the highest individual reward: $60,000 for an Alpitronic HYC50 EV charger exploit delivered through the charging gun. ZDI described it as "the first public exploit of a supercharger".

Read more of this story at Slashdot.

How Can Non-Human Identities Enhance AI Security? What are the key challenges faced by organizations in managing cybersecurity for machine identities? With digital systems continue to evolve, cybersecurity professionals are increasingly focusing on the protection and management of Non-Human Identities (NHIs). These machine identities play a pivotal role in ensuring robust AI security and better […]

The post How is AI security evolving for better protection? appeared first on Entro.

The post How is AI security evolving for better protection? appeared first on Security Boulevard.

How Does Non-Human Identities (NHI) Impact Digital Secrets Management? Is your organization adequately prepared to manage non-human identities (NHIs) and protect your digital secrets? That’s a critical question. With cyber threats become more sophisticated, the role of NHIs in digital secrets management becomes increasingly vital. These machine identities are crucial in secure networks, especially in […]

The post Can you trust AI with your digital secrets management? appeared first on Entro.

The post Can you trust AI with your digital secrets management? appeared first on Security Boulevard.

Is Your Organization Missing Out on the Value of Non-Human Identities in Digital Security? The rapid expansion of cloud environments has ushered in a powerful yet complex challenge: managing digital identities that aren’t tied to any one person. These Non-Human Identities (NHIs), which often take the form of machine identities, are integral to a secure […]

The post How do NHIs deliver value in digital security landscapes? appeared first on Entro.

The post How do NHIs deliver value in digital security landscapes? appeared first on Security Boulevard.

The Strategic Role of Non-Human Identities in AI-Powered Cybersecurity Operations What is the role of Non-Human Identities (NHIs) in achieving seamless security for your organization? With digital continues to expand, cybersecurity professionals face the challenges of managing complex systems and ensuring secure operations. NHIs, which are essentially machine identities, play a pivotal role, acting as […]

The post How does AI ensure calm in cybersecurity operations? appeared first on Entro.

The post How does AI ensure calm in cybersecurity operations? appeared first on Security Boulevard.

Within minutes of the shooting, the Trump administration and right-wing influencers began disparaged the man shot by a federal immigration officer on Saturday in Minneapolis.

A new federal filing from ICE demonstrates how commercial tools are increasingly being considered by the government for law enforcement and surveillance.

Session 10A: Confidential Computing 2

Authors, Creators & Presenters: Byeongwook Kim (Seoul National University), Jaewon Hur (Seoul National University), Adil Ahmad (Arizona State University), Byoungyoung Lee (Seoul National University)

PAPER
Secure Data Analytics in Apache Spark with Fine-grained Policy Enforcement and Isolated Execution

Cloud based Spark platform is a tempting approach for sharing data, as it allows data users to easily analyze the data while the owners to efficiently share the large volume of data. However, the absence of a robust policy enforcement mechanism on Spark hinders the data owners from sharing their data due to the risk of private data breach. In this respect, we found that malicious data users and cloud managers can easily leak the data by constructing a policy violating physical plan, compromising the Spark libraries, or even compromising the Spark cluster itself. Nonetheless, current approaches fail to securely and generally enforce the policies on Spark, as they do not check the policies on physical plan level, and they do not protect the integrity of data analysis pipeline. This paper presents Laputa, a secure policy enforcement framework on Spark. Specifically, Laputa designs a pattern matching based policy checking on the physical plans, which is generally applicable to Spark applications with more fine-grained policies. Then, Laputa compartmentalizes Spark applications based on confidential computing, by which the entire data analysis pipeline is protected from the malicious data users and cloud managers. Meanwhile, Laputa preserves the usability as the data users can run their Spark applications on Laputa with minimal modification. We implemented Laputa, and evaluated its security and performance aspects on TPC-H, Big Data benchmarks, and real world applications using ML models. The evaluation results demonstrated that Laputa correctly blocks malicious Spark applications while imposing moderate performance overheads.

ABOUT NDSS
The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.

---

Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the Organizations' YouTube Channel.

Permalink

The post NDSS 2025 – Secure Data Analytics appeared first on Security Boulevard.

Researchers on Friday said that Poland’s electric grid was targeted by wiper malware, likely unleashed by Russia state hackers, in an attempt to disrupt electricity delivery operations.

A cyberattack, Reuters reported, occurred during the last week of December. The news organization said it was aimed at disrupting communications between renewable installations and the power distribution operators but failed for reasons not explained.

Wipers R Us

On Friday, security firm ESET said the malware responsible was a wiper, a type of malware that permanently erases code and data stored on servers with the goal of destroying operations completely. After studying the tactics, techniques, and procedures (TTPs) used in the attack, company researchers said the wiper was likely the work of a Russian government hacker group tracked under the name Sandworm.

Read full article

Comments

© Getty Images

Security teams are under constant pressure to do more with the same resources. Manual processes, fragmented tools, and inefficient workflows can slow teams down and pull focus away from what matters most.

In this live webinar, experienced security practitioners share how they’ve escaped the constraints of limited

The post [Webinar] Doing More With Less: How Security Teams Escape Manual Work with Efficient Workflows appeared first on Security Boulevard.

Learn about the key differences between DAST and pentesting, the emerging role of AI pentesting, their roles in security testing, and which is right for your business.

The post DAST vs Penetration Testing: Key Differences in 2026 appeared first on Security Boulevard.

Royal Navy warships and aircraft were activated to shadow Russian naval vessels during a two-day operation in the English Channel, the UK Ministry of Defence confirmed, as Russian forces transited waters near Britain en route to the North Sea. Portsmouth-based patrol ships HMS Mersey and HMS Severn were deployed alongside a Wildcat helicopter from 815 […]

If you are using a Windows PC, your privacy and security are nothing short of a myth, and this incident proves it.

Microsoft has confirmed a controversial new feature coming to Teams that will automatically reveal employee work locations by detecting which Wi-Fi networks they connect to raising significant concerns about workplace surveillance and hybrid work policies. The feature, documented in Microsoft’s 365 Roadmap and Admin Centre (Message ID MC1081568), will automatically set users’ work location when […]

The post Microsoft Teams to Begin Sharing Employee Location with Employers Based on Wi-Fi Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has announced the public preview of the Windows App Development CLI (winapp), a new open-source command-line tool designed to simplify Windows application development across multiple frameworks and toolchains. The tool is now available on GitHub for developers working outside traditional Visual Studio or MSBuild environments. The winapp CLI targets developers using cross-platform frameworks including […]

The post Microsoft Open-Sources winapp, a New CLI Tool for Streamlined Windows App Development appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has confirmed that it provided BitLocker encryption recovery keys to the FBI following a valid search warrant, marking the first publicly known case of the technology giant sharing encryption keys with law enforcement. The disclosure occurred after federal investigators in Guam requested access to three encrypted laptops believed to contain evidence of fraud in […]

The post Microsoft Shared BitLocker Recovery Keys with the FBI to Unlock Encrypted Laptop Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft Defender researchers have exposed a sophisticated adversary-in-the-middle (AiTM) phishing campaign targeting energy sector organizations, leveraging SharePoint file-sharing services to bypass traditional email security controls and compromise multiple user accounts. SharePoint Abuse for Initial Access The attack began with a phishing email sent from a compromised trusted vendor’s email address, embedding SharePoint URLs that mimicked […]

The post Researchers Uncover Multi-Stage AiTM Attack Using SharePoint to Bypass Security Controls appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The threat actors have begun actively exploiting a critical authentication bypass vulnerability in GNU InetUtils telnetd immediately after proof-of-concept code became publicly available. The flaw allows remote attackers to gain root access without authentication, triggering widespread exploitation attempts across internet-exposed systems. The security flaw affects GNU InetUtils telnetd versions 1.9.3 through 2.7, with the vulnerable […]

The post Attackers Leveraging telnetd Exploit for Root Privileges After PoC Goes Public appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.