Evaluating blockchain security maturity By Josselin Feist, Blockchain Engineering DirectorHolistic security reviews shou... 2023-7-14 15:0:3 | 阅读: 21 | 收藏 | Trail of Bits Blog - blog.trailofbits.com security maturity guidelines evaluation arithmetic

What we told the CFTC about crypto threats Dan Guido, CEOIn March, I joined the Commodity Futures Trading Commission’s Tech... 2023-7-12 19:0:13 | 阅读: 18 | 收藏 | Trail of Bits Blog - blog.trailofbits.com blockchain security committee cftc precise

Differential fuzz testing upgradeable smart contracts with Diffusc By William E Bodell III (@WEBthe3rd)On March 28, 2023, SafeMoon, a self-styled “... 2023-7-7 19:0:33 | 阅读: 26 | 收藏 | Trail of Bits Blog - blog.trailofbits.com diffusc proxy ctoken comp hevm

Differential fuzz testing upgradeable smart contracts with Diffusc By William E Bodell III (@WEBthe3rd)On March 28, 2023, SafeMoon, a self-styled “... 2023-7-5 19:0:33 | 阅读: 48 | 收藏 | Trail of Bits Blog - blog.trailofbits.com diffusc proxy ctoken comp hevm

Trail of Bits’s Response to NTIA AI Accountability RFC By Heidy Khlaaf and Artem DinaburgThe National Telecommunications and Informatio... 2023-6-16 20:0:10 | 阅读: 19 | 收藏 | Trail of Bits Blog - blog.trailofbits.com software claims assessments regulatory

Finding bugs in C code with Multi-Level IR and VAST Intermediate languages (IRs) are what reverse engineers and vulnerability researc... 2023-6-15 19:0:10 | 阅读: 27 | 收藏 | Trail of Bits Blog - blog.trailofbits.com vast hl mlir sequoia checker

Trusted publishing: a new benchmark for packaging security Read the official announcement on the PyPI blog as well!For the past year, we’ve... 2023-5-23 19:0:20 | 阅读: 25 | 收藏 | Trail of Bits Blog - blog.trailofbits.com pypi publishing oidc github security

Real World Crypto 2023 Recap Last month, hundreds of cryptographers descended upon Tokyo for the first Real Wo... 2023-5-16 21:54:43 | 阅读: 25 | 收藏 | Trail of Bits Blog - blog.trailofbits.com pqc primitives rwc security slides

Introducing Windows Notification Facility’s (WNF) Code Integrity By Yarden Shafir, Senior Security EngineerWNF (Windows Notification Facility) is... 2023-5-15 19:0:45 | 阅读: 26 | 收藏 | Trail of Bits Blog - blog.trailofbits.com wnf signals windows security

Loose code, sinks nodes: What should governments consider when getting involved with blockchain? Last September, Principal Security Engineer Dr. Evan Sultanik was on a panel host... 2023-4-25 19:0:57 | 阅读: 17 | 收藏 | Trail of Bits Blog - blog.trailofbits.com blockchain web3 security development blockchains

Typos that omit security features and how to test for them By Dominik ‘disconnect3d’ CzarnotaDuring a security audit, I discovered an easy-... 2023-4-20 19:0:8 | 阅读: 30 | 收藏 | Trail of Bits Blog - blog.trailofbits.com checksec typo security chk

A Winter’s Tale: Improving messages and types in GDB’s Python API By Matheus Branco Borella, University of São PauloAs a winter associate at Trail... 2023-4-18 19:0:43 | 阅读: 26 | 收藏 | Trail of Bits Blog - blog.trailofbits.com objfile python loader obstack memory

How to avoid the aCropalypse By Henrik Brodin, Lead Security Engineer, ResearchThe aCropalypse is upon us!La... 2023-3-30 20:0:22 | 阅读: 24 | 收藏 | Trail of Bits Blog - blog.trailofbits.com polytracker re3eot spots acropalypse cropped

Can you pass The Rekt Test? Audits from Trail of Bits give organizations ways to fix their current issues and... 2023-3-22 19:30:59 | 阅读: 31 | 收藏 | Trail of Bits Blog - blog.trailofbits.com security blockchain posture funds hardware

Codex (and GPT-4) can’t beat humans on smart contract audits By Artem Dinaburg, Chief Technology Officer; Josselin Feist, Principal Engineer;... 2023-3-22 19:0:49 | 阅读: 23 | 收藏 | Trail of Bits Blog - blog.trailofbits.com codex toucan analysis tooling ownership

Circomspect has more passes! By Fredrik Dahlgren, Principal Security EngineerTL;DR: We have released version... 2023-3-21 20:0:24 | 阅读: 24 | 收藏 | Trail of Bits Blog - blog.trailofbits.com lessthan signals num2bits circomspect constrain

We need a new way to measure AI security Tl;dr: Trail of Bits has launched a practice focused on machine learning and arti... 2023-3-14 20:0:47 | 阅读: 14 | 收藏 | Trail of Bits Blog - blog.trailofbits.com security machine assurance trail adapted

Reusable properties for Ethereum contracts As smart contract security constantly evolves, property-based fuzzing has become... 2023-2-27 21:0:54 | 阅读: 28 | 收藏 | Trail of Bits Blog - blog.trailofbits.com echidna erc20 crytic security mint

Escaping well-configured VSCode extensions (for profit) By Vasco FrancoIn part one of this two-part series, we escaped Webviews in real-... 2023-2-23 21:0:42 | 阅读: 35 | 收藏 | Trail of Bits Blog - blog.trailofbits.com vscode microsoft postmessage

Escaping misconfigured VSCode extensions TL;DR: This two-part blog series will cover how I found and disclosed three vulne... 2023-2-21 21:0:50 | 阅读: 33 | 收藏 | Trail of Bits Blog - blog.trailofbits.com vscode attacker sarif webviews subdomain