Comparing large-scale privacy and security notifications
C Utz, M Michels, M Degeling… - Proceedings on …, 2023 - publications.cispa.saarland
Over the last decade, web security research has used notification campaigns as a tool to
help web operators fix security problems or stop infrastructure abuse. First attempts at …
help web operators fix security problems or stop infrastructure abuse. First attempts at …
Fourteen Years in the Life: A Root {Server's} Perspective on {DNS} Resolver Security
A Hilton, C Deccio, J Davis - 32nd USENIX Security Symposium …, 2023 - usenix.org
We consider how the DNS security and privacy landscape has evolved over time, using data
collected annually at A-root between 2008 and 2021. We consider issues such as …
collected annually at A-root between 2008 and 2021. We consider issues such as …
A Survey on Network Attack Surface Mapping
D Everson, L Cheng - Digital Threats: Research and Practice, 2024 - dl.acm.org
Network services are processes running on a system with network exposure. A key activity
for any network defender, penetration tester, or red team is network attack surface mapping …
for any network defender, penetration tester, or red team is network attack surface mapping …
Your Cookie Disclaimer is not in line with the ideas of the GDPR. Why?
A Hennig, H Dietmann, F Lehr, M Mutter… - … Symposium on Human …, 2022 - Springer
Cookie disclaimers are omnipresent since the GDPR went into effect in 2018. By far not all
disclaimers are designed in a way that they are aligned with the ideas of the GDPR, some …
disclaimers are designed in a way that they are aligned with the ideas of the GDPR, some …
The File That Contained the Keys Has Been Removed: An Empirical Analysis of Secret Leaks in Cloud Buckets and Responsible Disclosure Outcomes
S El Yadmani, O Gadyatskaya… - 2025 IEEE Symposium …, 2024 - computer.org
With the growing reliance on cloud services for storage and deployment, securing cloud
environments has become critically important. Cloud storage solutions like AWS S3, Google …
environments has become critically important. Cloud storage solutions like AWS S3, Google …
Standing out among the daily spam: How to catch website owners' attention by means of vulnerability notifications
A Hennig, F Neusser, AA Pawelek… - CHI Conference on …, 2022 - dl.acm.org
Running a business without having a website is nearly impossible nowadays. Most business
owners use content managements systems to manage their websites. Yet, those can pose …
owners use content managements systems to manage their websites. Yet, those can pose …
[PDF][PDF] Why do internet devices remain vulnerable? a survey with system administrators
In efforts to understand the reasons behind Internet-connected devices remaining
vulnerable for a long time, previous literature analyzed the effectiveness of large-scale …
vulnerable for a long time, previous literature analyzed the effectiveness of large-scale …
An Empirical Analysis of Enterprise-Wide Mandatory Password Updates
Enterprise-scale mandatory password changes are disruptive, complex endeavors that
require the entire workforce to prioritize a goal that is often secondary to most users. While …
require the entire workforce to prioritize a goal that is often secondary to most users. While …
Turning the Tide on Dark Pools? Towards Multi-Stakeholder Vulnerability Notifications in the Ad-Tech Supply Chain
Online advertising relies on a complex and opaque supply chain that involves multiple
stakeholders, including advertisers, publishers, and ad-networks, each with distinct and …
stakeholders, including advertisers, publishers, and ad-networks, each with distinct and …
Third-party web tracking under the general data protection regulation
C Utz - 2023 - hss-opus.ub.ruhr-uni-bochum.de
Modern websites often make use of third-party services to facilitate web development or to
analyze visitors' behavior. This integration allows the third-party vendor to access and collect …
analyze visitors' behavior. This integration allows the third-party vendor to access and collect …