Feed cleverhans-blog [copy] http://www.cleverhans.io/feed.xml has loading error: cURL error 22: The requested URL returned error: 404
Troy Hunt Gets Phished
In case you need proof that anyone, even people who do cybersecurity for a living, Troy Hunt has a long, iterative story on his webpage about how he got phished. Worth reading.
Chainlink price prediction: LINK could jump 35% as whale buys $2 million at key leve;
LINK is trading at $12.53, down 7.28% in 24 hours. LINK could surge 35% if it breaks $15.68 resistance. MVRV Z-score at 3.09 suggests a bullish accumulation zone.
Chainlink (LINK) is trading at a critical level as market data points to heightened volatility and investor activity.
The token, now priced at $12.76, has dropped 7.28% in the last 24 hours.
Source: CoinMarketCap
However, technical indicators and whale accumulation suggest the possibility of a significant move.
A major investor recently bought nearly 140,000 LINK for $2 million at $14.30, signalling major interest.
BTC ETFs see nearly $100M in outflows amid post-tariff volatility
As per Farside data, BTC ETFs saw outflows worth close to $100 million on Thursday. The only ETF that saw an inflow on Thursday was BlackRock’s IBIT. As of Thursday, BTC ETFs have seen a total net outflow of around $98 million this week.
US Bitcoin ETF saw another day of outflows on Thursday.
As per Farside data, BTC ETFs saw outflows worth close to $100 million on Thursday.
The only ETF that saw an inflow on Thursday was BlackRock’s IBIT. It registered a net inflow of around $65 million.
FBTC, BITB, ARKB, and HODL all saw outflows. The biggest outflow was registered by Grayscale Bitcoin...
Web 3.0 Requires Data Integrity
If you’ve ever taken a computer security class, you’ve probably learned about the three legs of computer security—confidentiality, integrity, and availability—known as the CIA triad. When we talk about a system being secure, that’s what we’re referring to. All are important, but to different degrees in different contexts. In a world populated by artificial intelligence (AI) systems and artificial intelligent agents, integrity will be paramount.
What is data integrity? It’s ensuring that no one can modify data—that’s the security angle—but it’s much more than that. It encompasses accuracy, completeness, and quality of data—all over both time and space. It’s preventing accidental data loss;...
Rational Astrologies and Security
John Kelsey and I wrote a short paper for the Rossfest Festschrift: “Rational Astrologies and Security“:
There is another non-security way that designers can spend their security budget: on making their own lives easier. Many of these fall into the category of what has been called rational astrology. First identified by Randy Steve Waldman [Wal12], the term refers to something people treat as though it works, generally for social or institutional reasons, even when there’s little evidence that it works—and sometimes despite substantial evidence that it does not.
[…]
Both security theater and rational astrologies may seem irrational, but they are rational from...
Будни ретрогеймера: совершенная игровая Nintendo
Возвращаемся к шестнадцати битам! Сегодня я готовлю к эксплуатации сразу две игровые консоли Super Nintendo с целью погружения в богатый внутренний мир этой замечательной платформы сразу двух неофитов. Проводником же для них в туда выступит опытный Сусанин, то есть я.
Задача на этот раз максимально проста: доукомплектовать две консоли и сделать им простейший мод со снятием региональной блокировки. Не очень интересный процесс в свете предыдущих публикаций цикла, но можно немного сместить фокус: сегодня это просто повод поговорить про замечательную, но не особо популярную в наших краях платформу, и рассказать личную историю, связанную с ней. Да и модификации получились достаточно разными, а...
Cell Phone OPSEC for Border Crossings
I have heard stories of more aggressive interrogation of electronic devices at US border crossings. I know a lot about securing computers, but very little about securing phones.
Are there easy ways to delete data—files, photos, etc.—on phones so it can’t be recovered? Does resetting a phone to factory defaults erase data, or is it still recoverable? That is, does the reset erase the old encryption key, or just sever the password that access that key? When the phone is rebooted, are deleted files still available?
We need answers for both iPhones and Android phones. And it’s not just the US; the...
The Signal Noise: A Wake-Up Call for Secure Communications
When all the control is handled in-house and all communication is quantum-safe as well as on private networks you have the strongest possible security story and the most convenient offering for the toughest of security needs; including national security.
The post The Signal Noise: A Wake-Up Call for Secure Communications appeared first on Purism.
The Signal Chat Leak and the NSA
US National Security Advisor Mike Waltz, who started the now-infamous group chat coordinating a US attack against the Yemen-based Houthis on March 15, is seemingly now suggesting that the secure messaging service Signal has security vulnerabilities.
"I didn’t see this loser in the group," Waltz told Fox News about Atlantic editor in chief Jeffrey Goldberg, whom Waltz invited to the chat. "Whether he did it deliberately or it happened in some other technical mean, is something we’re trying to figure out."
Waltz’s implication that Goldberg may have hacked his way in was followed by a report from CBS News that the US National Security Agency (NSA) had sent out a...
BugTraq.Ru: Зловреды выбирают Lisp и Delphi
Исследователи из Пирейского унверситета, Афинского исследовательского центра и Делфтского технического университета на днях опубликовали любопытный препринт «Coding Malware in Fancy Programming Languages for Fun and Profit». Как отмечается в исследовании, в текущей ситуации с обвальным появлением нового вредоносного кода (26 миллионов образцов только за начало 2025 года) одним из основных способов его идентификации остается статический анализ. Естественно, авторы зловредов это прекрасно знают и стараются по возможности применять всевозможные техники обфускации. И внезапно проще всего оказывается использовать не такой популярный язык, как традиционные C/C++. Так, недавний противоукраинский зловред от APT29 Masepie (видимо, Мазепа) был написан на Питоне, их же Zebrocy использует смесь...