V2E: Validating Smart Contract Vulnerabilities through Profit-Driven Exploit Generation and Execution

Smart contracts are a critical component of blockchain systems. Due to the large amount of digital assets carried by smart contracts, their security is of critical importance. Although numerous tools have been developed for detecting smart contract vulnerability, their effectiveness remains...

CVE-2019-2941

Vulnerability in the Hyperion Profitability and Cost Management product of Oracle Hyperion component: Modeling. The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Profitability...

The CISO imperative: Building resilience in an era of accelerated cyberthreats

The latest Microsoft Digital Defense Report 2025 paints a vivid picture of a cyberthreat landscape in flux. The surge in financially motivated cyberattacks and the persistent risk of nation-state actors demand urgent attention. But for those of us in the Office of the Chief Information Security...

EUVD-2020-22733

Malware in sbrugna...

Measuring CEX-DEX Extracted Value and Searcher Profitability: the Darkest of the MEV Dark Forest

This paper provides a comprehensive empirical analysis of the economics and dynamics behind arbitrages between centralized and decentralized exchanges CEX-DEX on Ethereum. We refine heuristics to identify arbitrage transactions from on-chain data and introduce a robust empirical framework to...

CVE-2020-2940

Vulnerability in the Oracle Financial Services Profitability Management product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.6 and 8.0.7. Easily exploitable vulnerability allows low privileged attacker with network access via HT...

The CrowdStrike Outage and Market-Driven Brittleness

Fridays massive internet outage, caused by a mid-sized tech company called CrowdStrike, disrupted major airlines, hospitals, and banks. Nearly 7,000 flights were canceled. It took down 911 systems and factories, courthouses, and television stations. Tallying the total cost will take time. The...

100 Quarters of Profitability: Insights from a Trender

Learn what 100 straight quarters of profitability means to a Trender who has been here for every one of them...

Vulnerabilities fixed in Oracle Hyperion

Oracle has fixed vulnerabilities in the following Hyperion products: Hyperion BI+ Hyperion Data Relationship Management Hyperion Financial Management Hyperion Infrastructure Technology Hyperion Planning Hyperion Profitability and Cost Management Hyperion Calculation Manager Hyperion Tax Provision...

Change in auctionMultiplier/auctionDecrement change profitability of auctions and factory can steal all tokens from a basket abusing it

Handle 0x0x0x Vulnerability details When factory changes auctionMultiplier or auctionDecrement profitability of bonded auctions change. There is no protection against this behaviour. Furthermore, factory owners can decide to get all tokens from baskets where they are bonded for the auction. Proof...

On the Evolution of Ransomware

Good article on the evolution of ransomware: Though some researchers say that the scale and severity of ransomware attacks crossed a bright line in 2020, others describe this year as simply the next step in a gradual and, unfortunately, predictable devolution. After years spent honing their...

Threat actors release Troldesh decryption keys

Update: Kaspersky has updated their ShadeDecryptor tool to include decryption for the keys released by "shade team". You can download the tool and find instructions here. A GitHub user claiming to represent the authors of the Troldesh Ransomware calling themselves the “Shade team” published this...

Unspecified Vulnerability in Oracle Financial Services Applications Financial Services Profitability Management

Oracle Financial Services Applications is a suite of financial services software from Oracle USA. The product includes core banking, online banking and property management. An unspecified vulnerability exists in Oracle Financial Services Applications Financial Services Profitability Management,...

CVE-2020-2940

Vulnerability in the Oracle Financial Services Profitability Management product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.6 and 8.0.7. Easily exploitable vulnerability allows low privileged attacker with network access via HT...

CVE-2020-2940

Vulnerability in the Oracle Financial Services Profitability Management product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.6 and 8.0.7. Easily exploitable vulnerability allows low privileged attacker with network access via HT...

Design/Logic Flaw

Vulnerability in the Oracle Financial Services Profitability Management product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.6 and 8.0.7. Easily exploitable vulnerability allows low privileged attacker with network access via HT...

CVE-2020-2940

Vulnerability in the Oracle Financial Services Profitability Management product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.6 and 8.0.7. Easily exploitable vulnerability allows low privileged attacker with network access via HT...

CVE-2020-2940

Vulnerability in the Oracle Financial Services Profitability Management product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.6 and 8.0.7. Easily exploitable vulnerability allows low privileged attacker with network access via HT...

CVE-2020-2940

CVE-2020-2940 affects Oracle Financial Services Profitability Management (UI) in Oracle Financial Services Applications, for versions 8.0.6 and 8.0.7. A low-privilege attacker with network access via HTTP can compromise the product, potentially enabling unauthorized creation, deletion, or modific...

CVE-2019-2941

Vulnerability in the Hyperion Profitability and Cost Management product of Oracle Hyperion component: Modeling. The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Profitability...