HackDig : Dig high-quality web security articles

Using mutants to improve Slither

By Alex Groce, Northern Arizona University Improving static analysis tools can be hard; once you’ve implemented a good tool based on a useful representation of a program and added a large number of rules to detect problems, how do you further enhance the tool’s bug-finding power? One (necessary) approach to coming up with new rules and engine upgrades for st
Publish At:2022-08-17 11:43 | Read:112 | Comments:0 | Tags:Uncategorized

The road to the apprenticeship

By Josselin Feist, Principal Security Engineer Finding talent is hard, especially in the blockchain security industry. The space is new, so you won’t find engineers with decades of experience with smart contracts. Training is difficult, as the technology evolves constantly, and online content quickly becomes outdated. There are also a lot of misconceptions a
Publish At:2022-08-12 11:19 | Read:184 | Comments:0 | Tags:Uncategorized

Detecting DNS implants: Old kitten, new tricks – A Saitama Case Study 

Max Groot & Ruud van Luijk TL;DR A recently uncovered malware sample dubbed ‘Saitama’ was uncovered by security firm Malwarebytes in a weaponized document, possibly targeted towards the Jordan government. This Saitama implant uses DNS as its sole Command and Control channel and utilizes long sleep times and (sub)domain randomization to evade detect
Publish At:2022-08-11 16:05 | Read:188 | Comments:0 | Tags:Uncategorized

Everything CISOs Need to Know About NIST

It’s never been harder to be a chief information security officer (CISO). In 2021, there were 50% more attacks each week compared to 2020. Without a plan, maintaining a robust security posture is an uphill struggle.  Thankfully, the National Institute of Standards and Technology (NIST) offers CISOs the guidance they need. Read on to learn more ab
Publish At:2022-08-08 09:12 | Read:306 | Comments:0 | Tags:CISO Government Uncategorized cybersecurity threats cybersec

Shedding smart contract storage with Slither

By Troy Sargent, Blockchain Security Engineer You think you’ve found a critical bug in a Solidity smart contract that, if exploited, could drain a widely used cryptocurrency exchange’s funds. To confirm that it’s really a bug, you need to figure out the value at an obscure storage slot that has no getter method. Adrenaline courses through your body, followed
Publish At:2022-07-28 11:18 | Read:491 | Comments:0 | Tags:Uncategorized

libmagic: The Blathering

By Evan Sultanik, Principal Security Engineer A couple of years ago we released PolyFile: a utility to identify and map the semantic structure of files, including polyglots, chimeras, and schizophrenic files. It’s a bit like file, binwalk, and Kaitai Struct all rolled into one. PolyFile initially used the TRiD definition database for file identification. How
Publish At:2022-07-01 07:20 | Read:465 | Comments:0 | Tags:Uncategorized

Flubot: the evolution of a notorious Android Banking Malware

Authored by Alberto Segura (main author) and Rolf Govers (co-author) Summary Flubot is an Android based malware that has been distributed in the past 1.5 years inEurope, Asia and Oceania affecting thousands of devices of mostly unsuspecting victims.Like the majority of Android banking malware, Flubot abuses Accessibility Permissions and Services in ord
Publish At:2022-06-29 16:04 | Read:424 | Comments:0 | Tags:Uncategorized android

Mark Wrighton Appointed as Chief Revenue Officer for Heimdal™ Security

COPENHAGEN, June 20th, 2022 – Heimdal™ Security (HEIMDAL) announced a new addition to its executive team. Following a period of significant growth, the company has landed Mark Wrighton as Chief Revenue Officer. Mark will lead the sales, success, and support teams to foster deeper relationships with customers, as Heimdal™ continues its upmarket trajectory.The
Publish At:2022-06-20 06:53 | Read:444 | Comments:0 | Tags:Uncategorized security

What TrickBot tells us about the future of

What TrickBot tells us about the future of malware  Malware attackers are increasingly sophisticated. Here’s what to know  On TrickBot and the future of malware    Malware threats have plagued organizations for decades, but that’s no reason to be complacent with a security strategy that has to date protected yo
Publish At:2022-06-07 22:24 | Read:998 | Comments:0 | Tags:Uncategorized

Interactive decompilation with rellic-xref

By Francesco Bertolaccini Rellic is a framework for analyzing and decompiling LLVM modules into C code, implementing the concepts described in the original paper presenting the Dream decompiler and its successor, Dream++. It recently made an appearance on this blog when I presented rellic-headergen, a tool for extracting debug metadata from LLVM modules and
Publish At:2022-05-17 08:27 | Read:1154 | Comments:0 | Tags:Uncategorized

Adventures in the land of BumbleBee

Authored by: Nikolaos Totosis, Nikolaos Pantazopoulos and Mike Stokkel Executive summary BUMBLEBEE is a new malicious loader that is being used by several threat actors and has been observed to download different malicious samples. The key points are: BUMBLEBEE is statically linked with the open-source libraries OpenSSL 1.1.0f, Boost (version 1.68).
Publish At:2022-04-29 08:54 | Read:1587 | Comments:0 | Tags:Uncategorized bumblebee cobalt strike conti meterpreter

Improving the state of go-fuzz

By Christian Presa Schnell During my winternship, I used the findings from recent Go audits to make several improvements to go-fuzz, a coverage-based fuzzer for projects written in Go. I focused on three enhancements to improve the effectiveness of Go fuzzing campaigns and provide a better experience for users. I contributed to fixing type alias issues, inte
Publish At:2022-04-26 08:18 | Read:1052 | Comments:0 | Tags:Uncategorized

The Frozen Heart vulnerability in PlonK

p>By Jim Miller In part 1 of this blog post, we disclosed critical vulnerabilities that break the soundness of multiple implementations of zero-knowledge proof systems. This class of vulnerability, which we dubbed Frozen Heart, is caused by insecure implementations of the Fiat-Shamir transformation that allow malicious users to forge proofs for random statem
Publish At:2022-04-18 08:18 | Read:2144 | Comments:0 | Tags:Uncategorized Vulnerability

The Frozen Heart vulnerability in Bulletproofs

p>By Jim Miller In part 1 of this series, we disclosed critical vulnerabilities that break the soundness of multiple implementations of zero-knowledge proof systems. This class of vulnerability, which we dubbed Frozen Heart, is caused by insecure implementations of the Fiat-Shamir transformation that allow malicious users to forge proofs for random statement
Publish At:2022-04-15 08:18 | Read:2641 | Comments:0 | Tags:Uncategorized Vulnerability

The Frozen Heart vulnerability in Girault’s proof of knowledge

p>By Jim Miller In part 1 of this series, we disclosed critical vulnerabilities that break the soundness of multiple implementations of zero-knowledge proof systems. This class of vulnerability, which we dubbed Frozen Heart, is caused by insecure implementations of the Fiat-Shamir transformation that allow malicious users to forge proofs for random statemen
Publish At:2022-04-14 08:18 | Read:2147 | Comments:0 | Tags:Uncategorized Vulnerability

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud