fuzzing news newsletter august september 2024
|

Fuzzing News / August & September 2024

ByPatrick Ventuzelo

Fuzzing Newsletter August & September 2024 ๐Ÿ“บ Videos/Podcasts Fuzzing for Bugs ๐ŸŽธ๐Ÿค˜ AI-generated Rock Song for Security Researcher ๐Ÿ˜Ž – ๐Ÿ“ Blogposts/Papers/Slides SoK: Where to Fuzz? Assessing Target Selection Methods in Directed Fuzzing –ย https://www.mlsec.org/docs/2024c-asiaccs.pdf Expand the reach of Fuzzing –ย https://thuanpv.github.io/publications/NUS_Summer_School_Thuan_Pham_Final_Public.pdf On Understanding and Forecasting Fuzzers Performance with Static Analysis –ย https://s3.eurecom.fr/docs/ccs24_zhang.pdf Ring Around The Regex: Lessons…

worldcoin optee ord foundation op-tee trusctzone fuzzer fuzzing
| | |

FuzzingLabs and the Worldcoin Foundation Partner to Enhance the Security in the Worldcoin Orb

ByFuzzingLabs

FuzzingLabs and the Worldcoin Foundation Partner to Enhance the Security in the Worldcoin Orb Introduction We are thrilled to announce an exciting partnership between FuzzingLabs and the Worldcoin Foundation. Fuzzing Labs team, in close collaboration with Worldcoin contributing teams will work on OP-TEE fuzzing enhancing the Worldcoin Orb integrity, protection of biometric data and transaction…

fuzzing news newsletter fuzzinglabs july 2024
|

Newsletter – Fuzzing News / July 2024

ByPatrick Ventuzelo

๐Ÿ“ก [Monthly Fuzzing] July 2024 ๐Ÿ“บ Videos/Podcasts How to Fuzz Your Way to Android Universal Root: Attacking Android Binder – https://www.youtube.com/watch?v=U-xSM159YLI&list=PLYvhPWR_XYJlg1SfcKdZY6eXUTPPqnh_G&index=9ย  ๐Ÿ“ Blogposts/Papers/Slides Fuzzing embedded systems – Part 1, Introduction – https://blog.sparrrgh.me//fuzzing/embedded/2024/06/05/fuzzing-embedded-systems-1.html Driving forward in Android drivers – https://googleprojectzero.blogspot.com/2024/06/driving-forward-in-android-drivers.html Automated security testing of unexplored targets through feedback-guided fuzzing – https://depositonce.tu-berlin.de/items/c3aaf2ec-8036-4651-a609-9c3b11a7f705 Finding mispriced opcodes with fuzzing…

fuzzing news newsletter fuzzinglabs june 2024
|

Newsletter – Fuzzing News / June 2024

ByPatrick Ventuzelo

๐Ÿ“ก [Monthly Fuzzing] June 2024 ๐Ÿ“บ Videos/Podcasts FuzzyAI: Attacking LLMs With Coverage-Guided Fuzzing – https://youtu.be/hBPiiaUiOH8?si=nUE5JHVrdFxgQbR5 Your NVMe Had Been Syz’ed – https://youtu.be/Jc25CM1Ppgo?si=jsz0Beqpr2nJ6h8g Linux Fuzzing Tutorial with AFL Fuzzer – https://www.youtube.com/watch?v=g6BQ-Ae_E4Q A Bug Hunterโ€™s Reflections on Fuzzing – https://a13xp0p0v.github.io/img/Alexander_Popov-Reflections_on_Fuzzing.pdf / https://www.youtube.com/watch?v=wTbFmdx7wG8 ๐Ÿ“ Blogposts/Papers/Slides Your NVMe Had Been Syzโ€™ed: Fuzzing NVMe-oF/TCP Driver for Linux with Syzkaller –…

fuzzing news newsletter fuzzinglabs may 2024
|

Newsletter – Fuzzing News / May 2024

ByPatrick Ventuzelo

๐Ÿ“ก [Monthly Fuzzing] May 2024 ๐Ÿ“บ Videos/Podcasts Discoveries from Analyzing 141 Real-World ZK-SNARK Vulnerabilities! ๐Ÿง – https://youtu.be/oxvcEXha69c https://youtu.be/oxvcEXha69c ๐Ÿ“ Blogposts/Papers/Slides ImageIO, the infamous iOS Zero Click Attack Vector. – https://r00tkitsmm.github.io/fuzzing/2024/03/29/iOSImageIO.html The Windows Registry Adventure #1: Introduction and research results – https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html A Basic Guide to AFL QEMU – https://medium.com/@cy1337/a-basic-guide-to-afl-qemu-495df504b5fb โš™๏ธ Tools/Repositories what the fuzz: Linux…

osint ipfs cti invetigation threat intelligence blockchain summit hacklu
| |

IPFS OSINT & Blockchain CTI: Exploring IPFS Data Collection & Analysis [hack.lu 2023]

ByFuzzingLabs

IPFS OSINT & Blockchain CTI: Exploring IPFS Data Collection & Analysis – hack.lu 2023 Abstract This talk was given at hack.lu 2023, will dive into exclusive data collection and analysis techniques specific to this IPFS. We’ll also briefly tour IPFS’s wide range of applications and provide practical tips and tricks to help you secure your…

sui foundation fuzzinglabs move smart contracts audit fuzz sui-fuzzer
| |

FuzzingLabs and Sui Foundation Partner to Enhance Smart Contract Security

ByFuzzingLabs

FuzzingLabs and Sui Foundation Partner to Enhance Sui Smart Contract Security Introduction We are thrilled to announce an exciting partnership between FuzzingLabs and the Sui Foundation. Our collaboration is set to bring a revolutionary tool to the world of blockchain โ€“ a specialized fuzzer designed for Sui smart contracts, sui-fuzzer. This collaboration marks a significant…

AI hacking, LLM applications, OWASP Top 10, Prompt Injection, Insecure Output Handling, Model Denial of Service, Sensitive Information Disclosure, Model Theft, Best practices, Application protection, LLM attacks
| |

Prompt Injection – AI Hacking & LLM attacks

ByFuzzingLabs

Prompt Injection – AI Hacking & LLM attacks Prompt Injection is a rising concern in the AI realm, especially with models like GPT. In this video, we’ll explore the intricacies of Prompt Injection attacks, demonstrating live on dedicated websites how GPT can be manipulated to potentially leak secret passwords ๐Ÿ›‘. More importantly, learn the strategies…

AI hacking, LLM applications, OWASP Top 10, Prompt Injection, Insecure Output Handling, Model Denial of Service, Sensitive Information Disclosure, Model Theft, Best practices, Application protection
|

OWASP Top 10 Vulnerabilities in LLM Applications – AI Hacking & LLM attacks

ByPatrick Ventuzelo

OWASP Top 10 Vulnerabilities in LLM Applications – AI Hacking & LLM attacks In the rapidly changing world of AI and LLM applications, security is paramount. This video provides a deep dive into the OWASP Top 10 vulnerabilities for LLM applications ๐Ÿค–. We’ll cover critical issues like Prompt Injection, Insecure Output Handling, Model Denial of…