Pitfalls of relying on eBPF for security monitoring (and some solutions) By Artem DinaburgeBPF (extended Berkeley Packet Filter) has emerged as the de fa... 2023-9-25 19:0:47 | 阅读: 4 | 收藏 | Trail of Bits Blog - blog.trailofbits.com ebpf security monitoring probes memory

Don’t overextend your Oblivious Transfer By Joop van de PolWe found a vulnerability in a threshold signature scheme that... 2023-9-20 20:0:53 | 阅读: 6 | 收藏 | Trail of Bits Blog - blog.trailofbits.com receiver threshold schemes magician ots

Security flaws in an SSO plugin for Caddy By Maciej Domanski, Travis Peters, and David PokoraWe identified 10 security vul... 2023-9-18 20:0:42 | 阅读: 4 | 收藏 | Trail of Bits Blog - blog.trailofbits.com security caddy redirection

Holy Macroni! A recipe for progressive language enhancement By Brent PappasDespite its use for refactoring and static analysis tooling, Clan... 2023-9-11 20:0:12 | 阅读: 5 | 收藏 | Trail of Bits Blog - blog.trailofbits.com macroni mlir macros typedefs sig

Secure your Apollo GraphQL server with Semgrep By Vasco Francotl;dr: Our publicly available Semgrep ruleset has nine new rules... 2023-8-29 20:0:14 | 阅读: 6 | 收藏 | Trail of Bits Blog - blog.trailofbits.com apollo semgrep attacker

iVerify is now an independent company! We’re proud to announce that iVerify is now an independent company following its... 2023-8-28 19:0:45 | 阅读: 11 | 收藏 | Trail of Bits Blog - blog.trailofbits.com iverify security spyware trail mercenary

The Engineer’s Guide to Blockchain Finality By Benjamin SamuelsMany security-critical off-chain applications use a simple bl... 2023-8-23 19:0:53 | 阅读: 4 | 收藏 | Trail of Bits Blog - blog.trailofbits.com finality network attacker blockchain chains

Can you pass the Rekt test? One of the biggest challenges for blockchain developers is objectively assessing... 2023-8-14 16:0:50 | 阅读: 5 | 收藏 | Trail of Bits Blog - blog.trailofbits.com security blockchain hardware rekt developers

Use our suite of eBPF libraries By Artem DinaburgTrail of Bits has developed a suite of open-source libraries de... 2023-8-9 18:45:15 | 阅读: 7 | 收藏 | Trail of Bits Blog - blog.trailofbits.com ebpf library monitoring linuxevents btf

A mistake in the bulletproofs paper could have led to the theft of millions of dollars By Jim MillerWe discovered a critical vulnerability in Incognito Chain that woul... 2023-8-2 19:0:30 | 阅读: 6 | 收藏 | Trail of Bits Blog - blog.trailofbits.com incognito attacker proofs coins

How AI will affect cybersecurity: What we told the CFTC Dan Guido, CEOThe second meeting of the Commodity Futures Trading Commission’s T... 2023-7-31 19:0:32 | 阅读: 5 | 收藏 | Trail of Bits Blog - blog.trailofbits.com security meeting phishing

The future of Clang-based tooling By Peter GoodmanClang is a marvelous compiler; it’s a compiler’s compiler! But i... 2023-7-28 19:0:19 | 阅读: 11 | 收藏 | Trail of Bits Blog - blog.trailofbits.com machine lie tooling compilers vast

Announcing the Trail of Bits Testing Handbook By Maciej DomanskiTrail of Bits is thrilled to announce the Testing Handbook, th... 2023-7-26 19:0:28 | 阅读: 8 | 收藏 | Trail of Bits Blog - blog.trailofbits.com semgrep security chapter handbook trail

Fuzzing on-chain contracts with Echidna By Guillermo Larregay and Elvis SkozdopoljWith the release of version 2.1.0 of E... 2023-7-21 19:0:31 | 阅读: 13 | 收藏 | Trail of Bits Blog - blog.trailofbits.com echidna profit hevm stax security

Trail of Bits’s Response to OSTP National Priorities for AI RFI By Michael Brown and Heidy KhlaafThe Office of Science and Technology Policy (OS... 2023-7-19 01:46:44 | 阅读: 6 | 收藏 | Trail of Bits Blog - blog.trailofbits.com subtasks security llms claims

Evaluating blockchain security maturity By Josselin Feist, Blockchain Engineering DirectorHolistic security reviews shou... 2023-7-14 15:0:3 | 阅读: 7 | 收藏 | Trail of Bits Blog - blog.trailofbits.com security maturity guidelines evaluation arithmetic

What we told the CFTC about crypto threats Dan Guido, CEOIn March, I joined the Commodity Futures Trading Commission’s Tech... 2023-7-12 19:0:13 | 阅读: 6 | 收藏 | Trail of Bits Blog - blog.trailofbits.com blockchain security committee cftc precise

Differential fuzz testing upgradeable smart contracts with Diffusc By William E Bodell III (@WEBthe3rd)On March 28, 2023, SafeMoon, a self-styled “... 2023-7-7 19:0:33 | 阅读: 9 | 收藏 | Trail of Bits Blog - blog.trailofbits.com diffusc proxy ctoken comp hevm

Differential fuzz testing upgradeable smart contracts with Diffusc By William E Bodell III (@WEBthe3rd)On March 28, 2023, SafeMoon, a self-styled “... 2023-7-5 19:0:33 | 阅读: 28 | 收藏 | Trail of Bits Blog - blog.trailofbits.com diffusc proxy ctoken comp hevm

Trail of Bits’s Response to NTIA AI Accountability RFC By Heidy Khlaaf and Artem DinaburgThe National Telecommunications and Informatio... 2023-6-16 20:0:10 | 阅读: 9 | 收藏 | Trail of Bits Blog - blog.trailofbits.com software claims assessments regulatory