We reported a chain of CVEs to Apple, reviewed anti-cheat measures for ~5M Monopoly GO! players, and published the Custodial Stablecoin Rekt Test for evaluating issuer security. Read the June Tribune:

Buttercup faces off against 6 other teams, each with large compute and AI budgets. Winners announced August 8 @DEFCON, find us at the AIxCC Experience booth + our talk on building Buttercup.

DARPA's AIxCC finals: 7 autonomous AI systems are competing RIGHT NOW to find and patch vulnerabilities in critical open-source programs like the Linux kernel, SQLite, and cURL. 🧵

RT @feistyduck: Cryptography & Security Newsletter is out! In this issue:.- Internet PKI to Integrate DNSSEC.- Short News..

RT @feistyduck: Google paid Trail of Bits to audit Go cryptography. The results are good.

We’re sponsoring REcon this weekend with a team of security engineers attending. See you there!

Answer: Private key compromise. Fortunately, you can make your protocol drastically more resilient to private key leaks using our 4-level framework.

Did you know the biggest cause of crypto hacks in 2024 goes entirely unnoticed by most security audits? ⬇️

RT @BleepinComputer: North Korean hackers deepfake execs in Zoom call to spread Mac malware - @billtoulas. https://….

Three unexpected attack scenarios:.1. Marshaling private data with misconfigured tags.2. Parser differentials in a microservices architecture.3. Cross-format confusion attacks (JSON→XML).

As a Go developer, do you fully understand Go's JSON/XML/YAML parsers? They are surprisingly prone to attacks with simple misconfigurations:.

RT @ClickHereShow: .@Zoom was built for speed. But in its rush to connect us, it may have left a few doors open. On Click Here's Mic Drop….

@silencelabs_sl Need expert help in reviewing your cryptography libraries? Our team has assessed all major TSS protocols across ECDSA, Schnorr, and BLS signatures. Reach out for a free office hours session:

@silencelabs_sl Read more about our process and dive into the key issues and recommendations we identified in the @silencelabs_sl DKLs23 library:

@silencelabs_sl 1️⃣ Pay attention to both the specification and implementation of sub-protocols. 2️⃣ OT-based systems generally prove less error-prone than Paillier-based systems. 3️⃣ Focus on the fundamentals like secure P2P communication, broadcasting, and consensus verification. 4️⃣ Be.

In 2023, we reviewed one of the first DKLs23 libraries built by @silencelabs_sl. Here are key lessons for cryptographers that are still relevant today 🧵.

Player concerns about potential cheating overlays led to fairness questions. We reviewed the design of their proposed hardening techniques against these threats and whether the random number generator produces unbiased outcomes. Read the case study:

$5B game, millions of players, one big question: are @MonopolyGO's dice rolls fair? 🧵

RT @lopezunwired: SEAL and Trail of Bits warn of North Korean social engineering targeting VC investors. Attackers use a fake podcast pitch….

RT @disconnect3d_pl: We released new Pwndbg: !. It brings new kernel commands for dumping heap allocator info, disp….