DeFi sanctions currency exchange

A HyFi Approach Should be the Answer to DeFi Security

I will be the first to admit to my prior skepticism with regards to cryptocurrencies and other sorts of decentralized finance (DeFi). Having spent most of my career immersed in securing centralized ...
Security Boulevard

Cloudy Crystal Gazing: Top 5 Cloud Security Predictions for 2022

We're joined by Dr. Michael J. Savoie to discuss the top 5 cloud security trends and predictions to watch in 2022.  The post Cloudy Crystal Gazing: Top 5 Cloud Security Predictions for ...
Web3 CrowdStrike threats Web Apps Reveals Security Threats

Cybersecurity Considerations for Web3

We’ve begun a major shift in how the internet is structured. Our current Web2, defined by a read/write architecture that, until recently was dominated by a handful of massive technology companies, is ...
Security Boulevard
open banking Endpoint security financial services

Banking’s Digital Future Raises Security Concerns

As the global financial services industry undergoes a seismic shift, disruption is prompting the industry to replace traditional practices, with emphasis on the inevitable digital future banks will have to embrace. In ...
Security Boulevard
Monero Aqua Security Stop Cryptomining Cryptojacking Attacks

Monero Cryptominer Attack Exploits Exchange Server Flaw

It didn’t take threat actors long to jump on a vulnerability affecting Microsoft Exchange mail server software. While exploits involving an array of malware from ransomware to webshells are well-documented, Sophos researchers ...
Security Boulevard
Solar: Context-free, interactive analysis for Solidity

Solar: Context-free, interactive analysis for Solidity

We’re hiring for our Research + Engineering team!  By Aaron Yoo, University of California, Los Angeles As an intern at Trail of Bits, I worked on Solar, a proof-of-concept static analysis framework ...

Illegal Content and the Blockchain

Security researchers have recently discovered a botnet with a novel defense against takedowns. Normally, authorities can disable a botnet by taking over its command-and-control server. With nowhere to go for instructions, the ...
Fintech Cybersecurity Trends in 2021

Fintech Cybersecurity Trends in 2021

Article by Beau PetersWhen the pandemic struck, online bad actors took it as an opportunity to double-down on their attacks through ransomware, malware, and social engineering. Newly remote workers and remotely connected workplaces ...

Confessions of a smart contract paper reviewer

If you’re thinking of writing a paper describing an exciting novel approach to smart contract analysis and want to know what reviewers will be looking for, you’ve come to the right place ...
Breaking Aave Upgradeability

Breaking Aave Upgradeability

| | blockchain, Exploits
On December 3rd, Aave deployed version 2 of their codebase. While we were not hired to look at the code, we briefly reviewed it the following day. We quickly discovered a vulnerability ...

API Poll

Step 1 of 5

Do you have an API security project in 2022?