attacks
Stranger Strings: An exploitable flaw in SQLite
By Andreas Kellas Trail of Bits is publicly disclosing CVE-2022-35737, which affects applications that use the SQLite library API. CVE-2022-35737 was introduced in SQLite version 1.0.12 (released on October 17, 2000) and ...
How Brand Protection Can Address the Risk of GAN Deepfakes
Deepfakes are a concept that has taken root in popular culture. Most deepfakes are benign; the good ones go viral and can often make us laugh. But in the very near future, ...
Battle in the Cloud: Preventing DDoS Attacks
Distributed denial-of-service (DDoS) attacks pose significant security risks for businesses. One minute, your user is happily browsing your site; the next, your site is flooded with a tsunami of traffic, sending you ...
Ransomware With a Philanthropic Twist
In most ransomware attacks, ransomware operators encrypt data on a victim’s network and hold it hostage in exchange for a ransom payment, which may vary from hundreds to millions of dollars. If ...
Email Attack via a Recycled Domain
A software engineering friend fell victim to an almost-successful attack on his Facebook account. The attacker seemed to have a database of email addresses and user physical locations (i.e. cities, states, small ...
Machine Learning Tackles Ransomware Attacks
There are approximately 250 known ransomware families, and these families are directly related to the rise of ransomware-as-a-service, according to Bitdefender. “Ransomware infection is just the final step; these modern attacks take ...
Towards Practical Security Optimizations for Binaries
By Michael D. Brown, Senior Security Engineer To be thus is nothing, but to be safely thus. (Macbeth: 3.1) It’s not enough that compilers generate efficient code, they must also generate safe ...
Detecting MISO and Opyn’s msg.value reuse vulnerability with Slither
By Simone Monica On August 18, 2021, samczsun reported a critical vulnerability in SushiSwap’s MISO smart contracts, which put ~350 million USD (109 thousand ETH) at risk. This issue is similar to ...
An Overview of DDoS Attacks in Q2 of 2021
We saw a rise in burst attacks and were introduced to new threat actors and hacktivist groups rising from the shadows. The post An Overview of DDoS Attacks in Q2 of 2021 ...
Aftermath of a Social Engineering Engagement
You have heard all the stories. Social engineers (SEs) being held at gunpoint, nearly driving off cliffs, jumping into garbage chutes, or walking through front doors. (If you haven’t heard ...