HackDig : Dig high-quality web security articles for hacker

Announcing the Crytic $10k Research Prize

At Trail of Bits, we make a significant effort to stay up to date with the academic world. We frequently evaluate our work through peer-reviewed conferences, and we love to attend academic events (see our recent ICSE and Crypto recaps). However, we consistently see one recurring issue at these academic events: a lack of reliable tools and experiments. Resear
Publish At:2019-11-13 08:25 | Read:82 | Comments:0 | Tags:Blockchain Paper Review Press Release Research Practice

New Exploit Kit Capesand Reuses Old and New Public Exploits and Tools, Blockchain Ruse

By Elliot Cao, Joseph C. Chen, William Gamazo Sanchez We discovered a new exploit kit named Capesand in October 2019. Capesand attempts to exploit recent vulnerabilities in Adobe Flash and Microsoft Internet Explorer (IE). Based on our investigation, it also exploits a 2015 vulnerability for IE. It seems the cybercriminals behind the exploit kit are continuo
Publish At:2019-11-12 02:35 | Read:8 | Comments:0 | Tags:Exploits Malware Blockchain Capesand exploit kit exploit

Formal Analysis of the CBC Casper Consensus Algorithm with TLA+

by Anne Ouyang, Piedmont Hills High School, San Jose, CA As a summer intern at Trail of Bits, I used the PlusCal and TLA+ formal specification languages to explore Ethereum’s CBC Casper consensus protocol and its Byzantine fault tolerance. This work was motivated by the Medium.com article Peer Review: CBC Casper by Muneeb Ali, Jude Nelson, and Aaron Blankste
Publish At:2019-10-25 08:25 | Read:166 | Comments:0 | Tags:Blockchain Internship Projects

Watch Your Language: Our First Vyper Audit

A lot of companies are working on Ethereum smart contracts, yet writing secure contracts remains a difficult task. You still have to avoid common pitfalls, compiler issues, and constantly check your code for recently discovered risks. A recurrent source of vulnerabilities comes from the early state of the programming languages available. Most developers are
Publish At:2019-10-24 08:25 | Read:243 | Comments:0 | Tags:Blockchain Fuzzing Manticore Static Analysis Symbolic Execut

246 Findings From our Smart Contract Audits: An Executive Summary

Until now, smart contract security researchers (and developers) have been frustrated by limited information about the actual flaws that survive serious development efforts. That limitation increases the risk of making critical smart contracts vulnerable, misallocating resources for risk reduction, and missing opportunities to employ automated analysis tools.
Publish At:2019-09-19 16:00 | Read:140 | Comments:0 | Tags:Blockchain Paper Review

The Blockchain Is Only as Strong as Its Weakest Link

This is the first installment in a three-part series. Blockchain-based applications will revolutionize the way people and organizations interact with each other and the Internet of Things (IoT) — and rightfully so. Based on the foundational principles of trust, blockchain has the potential to solve real-life business challenges within every sector. Permissio
Publish At:2017-10-27 14:00 | Read:3406 | Comments:0 | Tags:Banking & Financial Services Data Protection Blockchain Cryp

The Impact of the Blockchain on Cybersecurity

Since its appearance in 2009, the concept of the blockchain has expanded past its initial use as the base of bitcoin into many other areas. By its nature, this distributed database provides the perfect platform for the management of cryptocurrency. But its features have attracted the attention of experts interested in a broad array of other applications. Pos
Publish At:2017-09-23 00:30 | Read:3032 | Comments:0 | Tags:Security b2b blockchain cybersecurity

Building Digital Trust, One Blockchain at a Time

Since it first appeared in 2009, the bitcoin network has grown significantly. The digital currency’s recent surge in value has sparked discussions within the security space about the benefits of blockchain, a technology that promotes the type of trust that is sorely lacking in some digital transactions. Today, people are exchanging real money for cryp
Publish At:2017-09-22 13:40 | Read:3078 | Comments:0 | Tags:Banking & Financial Services Authentication Bitcoin Blockcha

Connecting Fintech Security Perceptions to Reality

The fintech industry is changing due to both internal forces and external demands. Both financial institutions and their customers are wary of changes that can affect security and, therefore, the state of their money. Financial industry chief information security officers (CISOs) need to be aware of these key trends and understand how they affect their busi
Publish At:2017-07-18 13:40 | Read:2792 | Comments:0 | Tags:Banking & Financial Services CISO Blockchain Chief Informati

Is Blockchain the Key to Stopping Ransomware Attacks?

We all remember the devastating WannaCry ransomware attack that struck organizations around the world in May 2017. The attack spread at a rate of almost 3,600 computers per hour, or about one per second. When all was said and done, the ransomware infected more than 300,000 devices. Many victims simply paid the ransom to retrieve their locked files. This only
Publish At:2017-07-13 23:10 | Read:2842 | Comments:0 | Tags:Fraud Protection Best Practices Bitcoin Blockchain Cryptocur

Immutable Integrity? – Blockchain Beyond the Bluster

Sometimes you could be forgiven for thinking that the incessant overuse of the word ‘disruptive’ these days could do with some, well, disrupting of its own. So much is written, presented and marketed around apparently ‘disruptive’ use of technologies like AI, IoT and of course blockchain, when much of it could perhaps be better described as foundation innova
Publish At:2017-04-03 10:15 | Read:6031 | Comments:0 | Tags:Off Topic blockchain data security

The Changing Fintech Landscape in Asia-Pacific and Its Security Implications

The definition of fintech, or financial technology, has grown in leaps and bounds thanks to all the disruption it has brought. Any services, aside from mainstream banking and financial tools, that aim to improve personal or commercial finance through innovation, education, banking, investment, payment, advisory or blockchain can be classified as subsets of
Publish At:2017-03-28 07:25 | Read:3935 | Comments:0 | Tags:Banking & Financial Services Blockchain Financial Industry F

Why Blockchain-as-a-Service Should Be on Your Radar

Blockchain news is seemingly everywhere these days, and for good reason. The technology behind bitcoin holds a lot of promise for all sorts of use cases — some of them having nothing to do with digital payments. Over the course of last year, a lot of ideas regarding the technology were tried out, but “during 2017, many of them will be discarded,̶
Publish At:2017-03-24 11:20 | Read:5272 | Comments:0 | Tags:Application Security Banking & Financial Services Bitcoin Bl

Enterprise Intelligence Brief: Three Experts Discuss Blockchain in Cybersecurity

There is much chatter about blockchain and how it could impact the way we do business today. Arvind Krishna, senior vice president at IBM Research, said that “over the past two decades, the internet has revolutionized many aspects of business and society … Blockchain could bring to those processes the openness and efficiency we have come to expec
Publish At:2017-03-14 11:25 | Read:6276 | Comments:0 | Tags:Fraud Protection Identity & Access Authentication Bitcoin Bl

Reimagining the Future of Identity Management With Blockchain

Every business and social transaction is carried out by people. People are known by their identities. Hence, identity drives every business and social interaction. In today’s digital age, an individual’s identity is not defined by a single attribute such as a name, address or user ID. Rather, it is a collection of attributes including, but not li
Publish At:2017-03-08 04:55 | Read:4693 | Comments:0 | Tags:Identity & Access Blockchain Digital Identity identity Ident

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud