Tag: fuzzing
Critical Rust Flaw Poses Exploit Threat in Specific Windows Use Cases
The Rust Project has issued an update for its standard library, after a vulnerability researcher discovered a specific function used to execute batch files...
Breaking News
Using WinRAR? Be sure to patch against these code execution bugs…
by Paul Ducklin The venerable RAR program, short for Roshal’s Archiver after its original creator, has been popular in file...
S3 Ep146: Tell us about that breach! (If you want to.)
by Paul Ducklin WEIRD BUT TRUE
No audio player below? Listen directly on Soundcloud.
With Doug Aamoth and Paul Ducklin. Intro and...
BGP Software Vulnerabilities Under the Microscope in Black Hat Session
It's hard to believe that despite so much manpower, time, and money dedicated to the cybersecurity industry, an entire class of vulnerability can fly...
Meet the Finalists for the 2023 Pwnie Awards
With Black Hat USA 2023 looming, it's time to start thinking about the Oscars of cybersecurity, the Pwnie Awards. The statuettes will be handed...
Coinbase’s Base Applies Security First Mindset Ahead of Mainnet Launch
Coinbase’s developed Layer 2 network – Base – is gearing up for a mainnet launch. Since its deployment on testnet earlier this year,...
Can ChatGPT Really Replace Crypto Audits? Not Yet, Say Researchers
Everyone’s experimenting with ChatGPT, even crypto exchanges.Coinbase recently turned to artificial intelligence to experiment with how accurately ChatGPT could carry out a token security...
5 Lessons Learned From Hundreds of Penetration Tests
Web applications are the top vectors attackers use to pull off breaches. According to Verizon's "Data Breach Investigations Report" (PDF), Web applications were the...
Testing and Formal Verification for Web3 Smart Contract Security
Read Time: 9 minutes
Imagine going Skydiving. Before jumping off the plane, you will check for your parachute a hundred times, right? Checking and...
A Brief on Ethereum Smart Contract Audit
Read Time: 6 minutes
A “smart contract” is a set of instructions that run on Ethereum Blockchain. To audit, an ethereum smart contract means...
Symbolic testing with Halmos: Leveraging existing tests for formal verification
February 2, 2023 Daejun Park Formal verification — the process of using mathematical methods to “inspect” a program or smart contract across...
CI Fuzz CLI Brings Fuzz Testing to Java Applications
The open source security tool CI Fuzz CLI now supports Java, according to Code Intelligence, the company behind the project.Back in September, Code Intelligence...
This New Tool Can Retrieve Pixelated Text from Redacted Documents
The practice of blurring out text using a method called pixelation may not be as secure as previously thought.
While the most foolproof way of concealing sensitive textual information is to use opaque black bars, other redaction methods like pixelation can achieve the opposite effect, enabling the reversal of pixelized text back into its original form.
Dan Petro, a lead researcher at offensive
Latest Intelligence
