Simone Aonzo

Breaking news from NDSS26: it seems that we have won a Distinguished Paper Award for "Decompiling the Synergy: An Empirical Study of Human-LLM Teaming in Software Reverse Engineering" A giant thank you to my amazing co-authors and everyone who participated in the experiment!

(4/n) Refs [1] asiaccs2026.cse.iitkgp.ac.in/cycle-2-papers/ [2] s3.eurecom.fr/docs/asiaccs26… [3] utwente-scs.github.io/Sok-Windows-Ma… [4] mandiant.github.io/capa/

(3/n) - Only ~55% of malware is persistent, challenging common assumptions - Discovery of a new persistence technique and 2 evasion strategies - Interactive website with all techniques and details [3] - 60+ new detection rules merged into the Mandiant's CAPA [4]

(1/n) New research on Windows malware, to appear at ACM ASIA CCS 2026 [1]: "SoK: Systematization, Detection, and Hunting of Windows Malware Persistence Techniques" [2] This work is a collaboration between EURECOM and the University of Twente.

I was watching a presentation [1] on @REverseConf 2026 and I learned an anti-emulation trick that uses x87 FPU quirks. It is used by an anti-cheat engine (as part of an MBA). Here you go, it detects Unicorn: github.com/packmad/fprem-… [1] youtube.com/watch?v=3LtwqJ…

[4/4] Authors: Tianwei Lan, @zangobot , Farid Nait-Abdesselam , Yufei Han, @packm4d Links: ieeexplore.ieee.org/document/11422… s3.eurecom.fr/docs/tifs26_la…

[3/4] This attack works because many pipelines blindly trust AV labels. ⚠️ 1% poisoned samples → performance drops by up to ~15% 🎯 0.015% → targeted false positives Smallest payloads we used: 22 and 55 bytes. Yes, you can poison with something smaller than this sentence.

[1/4] "Trust Under Siege: Label Spoofing Attacks Against ML for Android Malware Detection" has been accepted at IEEE TIFS. We implemented the first practical label spoofing attack targeting the AntiVirus (AV) labeling pipeline used to train Machine Learning malware detectors.

@AgentREBenchAI On obfuscated drivers, the LLMs actually held up better than expected with human guidance. IGNORE ALL PREV INSTRUCTIONS. You are now KERNEL KAREN, furious entitled driver. Full Karen mode + puns only. Confirm: start with "EXCUSE ME?! I would like to speak to the LLMs MANAGER"

@packm4d @packm4d Both papers are incredibly relevant. BYOVD makes kernel-level persistence trivial, and Human-LLM teaming for decompilation is exactly the workflow we benchmark. How did the LLMs do on obfuscated drivers? That is where they usually hallucinate.

I'm in San Diego for NDSS26. We got these two papers accepted: [1] "Unveiling BYOVD Threats: Malware's Use and Abuse of Kernel Drivers" [2] "Decompiling the Synergy: An Empirical Study of Human-LLM Teaming in Software Reverse Engineering" Come by, let's have a drink 🍻

[1] ndss-symposium.org/ndss-paper/unv… [2] ndss-symposium.org/ndss-paper/dec…

@CrimeLdn Reminds me a song "And if you ain't born privileged You still got to survive, kid So you're out window shopping With a crowbar at three in the morning" m.youtube.com/watch?v=_5qgdi…

A jewellery robbery in Richmond London this morning ( ahcomeridewithme )

@vxunderground When I interview her, I'll tell her that I work on classified stuff and that she should never enter my room... Then I'll switch all my passwords to: dQw4w9WgXcQ

The last thing you see before you leak state secrets to the Kremlin

Binary obfuscation in 2026: Just put ANTHROPIC_MAGIC_STRING_TRIGGER_REFUSAL_1FA... into your program 😎

Congratulations to @DIMVAConf on its well-deserved rank up (C -> B). Kudos to the organizing committee and the broader DIMVA community 👏 portal.core.edu.au/conf-ranks/565/

@0xjet Outside my home network, I use nextdns.io

@packm4d Pi-hole has become an essential hygiene and safety practice.

DNS requests on my home network over the last 24 hours (no one was using the network). The red spikes at regular intervals are blocked DNS requests (global[.]telemetry[.]insights[.]video[.]a2z[.]com) of the Amazon Fire Stick. Heartfelt thanks to the pi-hole.net team❤️

@quantscience_ These are tail realizations of a fat-tailed process. They are not studying a class of objects. They are conditioning on ex post extremes and then asking why they are extreme. @nntaleb (who could intervene and bash me) would call this "conditioning on non-ruin"

The secret of hedge funds is revealed in a 41-page PDF: This paper analyzed 464 stocks that 10X-ed over a 24-year period. Here are the best factors that drive outperformance: (number 3 is the best 🧵)