CVE-2021-21405

Lotus is an Implementation of the Filecoin protocol written in Go. BLS signature validation in lotus uses blst library method VerifyCompressed. This method accepts signatures in 2 forms: "serialized", and "compressed", meaning that BLS signatures can be provided as either of 2 unique byte arrays...

Hacking Suicide

Heres a religious hack: You want to commit suicide, but its a mortal sin: your soul goes straight to hell, forever. So what you do is murder someone. That will get you executed, but if you confess your sins to a priest beforehand you avoid hell. Problem solved. This was actually a problem in the...

Call of Duty cheats can expect embarrassment with new anti-cheat feature

In-game cheats are about to have an even harder time of things in triple AAA titles such as Call of Duty. Activision’s “Ricochet” software - a kernel level driver anti-cheat system - has added another twist to the tale of how players are protected via a new system called “Cloaking”. Making all ne...

CVE-2021-21405

Lotus is an Implementation of the Filecoin protocol written in Go. BLS signature validation in lotus uses blst library method VerifyCompressed. This method accepts signatures in 2 forms: "serialized", and "compressed", meaning that BLS signatures can be provided as either of 2 unique byte arrays...

CVE-2021-21405

Lotus is an Implementation of the Filecoin protocol written in Go. BLS signature validation in lotus uses blst library method VerifyCompressed. This method accepts signatures in 2 forms: "serialized", and "compressed", meaning that BLS signatures can be provided as either of 2 unique byte arrays...

CVE-2021-21405

CVE-2021-21405 concerns Lotus, a Go implementation of the Filecoin protocol. The issue arises from BLS signature validation that uses the blst VerifyCompressed method, which accepts signatures in two forms: “serialized” and “compressed.” Because the block header CID embeds the BlockSig, Lotus pre...

PT-2021-14482 · Unknown +2 · Filecoin-Ffi +2

Name of the Vulnerable Software and Affected Versions: Lotus affected versions not specified Description: The issue concerns BLS signature validation in Lotus, which uses the blst library method VerifyCompressed. This method accepts signatures in two forms: serialized and compressed, allowing BLS...

maintainer can be pushed out

Email address [email protected] Handle gpersoon Eth address gpersoon.eth Vulnerability details The function liquidate in both CrossMarginLiquidation.sol and IsolatedMarginLiquidation.sol can be called by everyone. If an attacker calls this repeatedly then the maintainer will be punished and...

Russia proposes 10 Year in Prison Sentence for Hackers and Malware Authors

The Russian government has introduced a draft bill that proposes prison sentences as punishment for hackers and cyber criminals creating malicious software used in targeting critical Russian infrastructure, even if they have no part in actual cyber attacks. The bill, published on the Russian...

RIP Aaron Swartz, A legendary Internet Activist

Aaron Swartz has committed suicide on January 11, 2013 in New York City. I have long been fought if you write something about this extraordinary boy, but not dedicate a tribute would be a shame. Aaron Swartz has decided to leave a huge void in the IT scenario. For me, as the entire world he is a...