Brett Leatherman is running the bureau's most public cyber campaign yet, pushing basic security hygiene while quietly preparing industry for stepped-up Chinese threats.
The post The FBI’s cyber chief is using Winter SHIELD to accelerate China prep, threat intelligence sharing appeared first on CyberScoop.
You must login to view this content
Earlier this year, we asked our team where they expect open source cyberattacks to go next. Sonatype Principal Security Researcher Garrett Calpouzos shared his thoughts about how he anticipated attackers won't simply use automation, but also abuse victims' AI tools:
The post SANDWORM_MODE: The Rise of Adaptive Supply Chain Worms appeared first on Security Boulevard.
You must login to view this content
You must login to view this content
Session 14B: Privacy & Cryptography 2
Authors, Creators & Presenters: Yunbo Yang (The State Key Laboratory of Blockchain and Data Security, Zhejiang University), Yuejia Cheng (Shanghai DeCareer Consulting Co., Ltd), Kailun Wang (Beijing Jiaotong University), Xiaoguo Li (College of Computer Science, Chongqing University), Jianfei Sun (School of Computing and Information Systems, Singapore Management University), Jiachen Shen (Shanghai Key Laboratory of Trustworthy Computing, East China Normal University), Xiaolei Dong (Shanghai Key Laboratory of Trustworthy Computing, East China Normal University), Zhenfu Cao (Shanghai Key Laboratory of Trustworthy Computing, East China Normal University), Guomin Yang (School of Computing and Information Systems, Singapore Management University), Robert H. Deng (School of Computing and Information Systems, Singapore Management University)
PAPER
Siniel: Distributed Privacy-Preserving zkSNARK
Zero-knowledge Succinct Non-interactive Argument of Knowledge (zkSNARK) is a powerful cryptographic primitive, in which a prover convinces a verifier that a given statement is true without leaking any additional information. However, existing zkSNARKs suffer from high computation overhead in the proof generation. This limits the applications of zkSNARKs, such as private payments, private smart contracts, and anonymous credentials. Private delegation has become a prominent way to accelerate proof generation. In this work, we propose Siniel, an efficient private delegation framework for zkSNARKs constructed from polynomial interactive oracle proof (PIOP) and polynomial commitment scheme (PCS). Our protocol allows a computationally limited prover (a.k.a. delegator) to delegate its expensive prover computation to several workers without leaking any information about the private witness. Most importantly, compared with the recent work EOS (USENIX'23), the state-of-the-art zkSNARK prover delegation framework, a prover in Siniel needs not to engage in the MPC protocol after sending its shares of private witness. This means that a Siniel prover can outsource the entire computation to the workers. We compare Siniel with EOS and show significant performance advantages of the former. The experimental results show that, under low bandwidth conditions (10 mbps), Siniel saves about 16% time for delegators than that of EOS, whereas under high bandwidth conditions (1000 mbps), Siniel saves about 80% than EOS.
ABOUT NDSS
The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.
Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the Organizations' YouTube Channel.
The post NDSS 2025 – Siniel: Distributed Privacy-Preserving zkSNARK appeared first on Security Boulevard.
Oasis Security researchers find another security problem with the OpenClaw autonomous AI agent, uncovering a vulnerability dubbed "ClawJacked" that allows malicious websites to silently take full control of a developer's system and steal data.
The post Latest OpenClaw Flaw Can Let Malicious Websites Hijack Local AI Agents appeared first on Security Boulevard.