AccessDenied403
@ad403.bsky.social
Share my learning journey in the field of Blockchain, Crypto and Web3. Security Engineer at taurushq.com
See my blog https://rya-sge.github.io/access-denied
See my blog https://rya-sge.github.io/access-denied
Coinbase Security series: what is MPC and how to use it for Key Management: youtu.be/qdhM3syDkxM
#cryptography
#cryptography
Coinbase Security Series: Open Source MPC Key Management
YouTube video by Base
youtu.be
November 12, 2025 at 6:41 AM
Coinbase Security series: what is MPC and how to use it for Key Management: youtu.be/qdhM3syDkxM
#cryptography
#cryptography
Breaking server SGX via DRAM bus: wiretap.fail
WireTap: Breaking Server SGX via DRAM Bus Interposition
Breaking Server SGX via DRAM Bus Interposition
wiretap.fail
October 1, 2025 at 10:47 AM
Breaking server SGX via DRAM bus: wiretap.fail
September 9, 2025 at 6:09 AM
"The malware did more than just steal SSH keys, npm tokens, and .gitconfig files - it weaponized AI CLI tools (including Claude, Gemini) to aid in reconnaissance and data" www.stepsecurity.io/blog/supply-...
https://stepsecurity.io/blog/supply-ch…
August 28, 2025 at 6:00 PM
"The malware did more than just steal SSH keys, npm tokens, and .gitconfig files - it weaponized AI CLI tools (including Claude, Gemini) to aid in reconnaissance and data" www.stepsecurity.io/blog/supply-...
Algebraic intermediate Representation (AIR) for Blake Hash youtu.be/INtBA-9vJpU?... hackmd.io/@starkware-h...
Stav Beno (starkware) - From Design to Benchmarking: BLAKE Hash AIR for the Stwo Prover
YouTube video by [EthCC] Livestream 6
youtu.be
July 13, 2025 at 12:53 PM
Algebraic intermediate Representation (AIR) for Blake Hash youtu.be/INtBA-9vJpU?... hackmd.io/@starkware-h...
Coinbase MPC wallet library presentation at EthCC m.youtube.com/live/ppeyz_J...
Yehuda Lindell (Coinbase)_Coinbase's cb-mpc Open-Source Library
YouTube video by [EthCC] Livestream 4
m.youtube.com
July 1, 2025 at 7:43 PM
Coinbase MPC wallet library presentation at EthCC m.youtube.com/live/ppeyz_J...
My last article about ERC-20 ConditionalTransfer is available on Taurus blog: www.taurushq.com/blog/tokeniz...
Based on CMTAT, an open-source project: github.com/CMTA/CMTAT
#solidity
Based on CMTAT, an open-source project: github.com/CMTA/CMTAT
#solidity
Taurus Blog - Conditional Transfers with CMTAT & Taurus-CAPITAL: A Step-by-Step Guide
Conditional Transfers with CMTAT & Taurus-CAPITAL: A Step-by-Step Guide
www.taurushq.com
June 29, 2025 at 11:09 AM
My last article about ERC-20 ConditionalTransfer is available on Taurus blog: www.taurushq.com/blog/tokeniz...
Based on CMTAT, an open-source project: github.com/CMTA/CMTAT
#solidity
Based on CMTAT, an open-source project: github.com/CMTA/CMTAT
#solidity
Reposted by AccessDenied403
Coinbase has fixed a confusing bug in its account activity logs that caused users to think their credentials were compromised.
Coinbase fixes 2FA log error making people think they were hacked
Coinbase has fixed a confusing bug in its account activity logs that caused users to think their credentials were compromised.
www.bleepingcomputer.com
April 27, 2025 at 6:21 PM
Coinbase has fixed a confusing bug in its account activity logs that caused users to think their credentials were compromised.
Reposted by AccessDenied403
MITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could lead to widespread disruption across the global cybersecurity industry.
MITRE warns that funding for critical CVE program expires today
MITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could lead to widespread disruption across the global cybersecurity industry.
www.bleepingcomputer.com
April 16, 2025 at 6:16 AM
MITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could lead to widespread disruption across the global cybersecurity industry.
NFTs are used to represent unique items on the blockchain. As you may know, the most known standard on Ethereum is ERC-721. Since its creation, several other standards (ERC-1155, ERC-2981, ERC-4907,...) have emerged to meet various use cases. More details here: rya-sge.github.io/access-denie...
Ethereum NFT Standards: ERC-721, ERC-1155, ERC-6551, and More
Non-Fungible Tokens (NFTs) enable unique, verifiable ownership of digital and real-world items on the blockchain. While ERC-721 remains the main standard to represent NFTs on Ethereum and EVM blockcha...
rya-sge.github.io
April 2, 2025 at 5:58 AM
NFTs are used to represent unique items on the blockchain. As you may know, the most known standard on Ethereum is ERC-721. Since its creation, several other standards (ERC-1155, ERC-2981, ERC-4907,...) have emerged to meet various use cases. More details here: rya-sge.github.io/access-denie...
Ledger's article on the security and integrity of the Trezor Safe 3 crypto wallet firmware is a great read to better understand how the new Trezor models (Safe Family) work (Secure Element, firmware integrity, chips used)
www.ledger.com/why-secure-e...
blog.trezor.io/trezors-mult...
www.ledger.com/why-secure-e...
blog.trezor.io/trezors-mult...
Why Secure Elements make a crucial difference to Hardware Wallet Security | Ledger
In contrast with the previous generations of Trezor devices, which the Ledger Donjon showed to be vulnerable to physical seed recovery attacks, the Trezor Safe line of products brings huge security im...
www.ledger.com
March 27, 2025 at 10:55 AM
Ledger's article on the security and integrity of the Trezor Safe 3 crypto wallet firmware is a great read to better understand how the new Trezor models (Safe Family) work (Secure Element, firmware integrity, chips used)
www.ledger.com/why-secure-e...
blog.trezor.io/trezors-mult...
www.ledger.com/why-secure-e...
blog.trezor.io/trezors-mult...
How to tokenize on Ethereum and EVM based blockchain? My last article on Taurus blog is a deep dive into ERC-1400, one of the oldest tokenization standards (2018). www.taurushq.com/blog/erc-140...
Taurus Blog - ERC-1400 for Tokenized Securities: Analysis and Deployment with Taurus-CAPITAL
ERC-1400 for Tokenized Securities: Analysis and Deployment with Taurus-CAPITAL
www.taurushq.com
March 25, 2025 at 11:15 AM
How to tokenize on Ethereum and EVM based blockchain? My last article on Taurus blog is a deep dive into ERC-1400, one of the oldest tokenization standards (2018). www.taurushq.com/blog/erc-140...
Reposted by AccessDenied403
A cascading supply chain attack that began with the compromise of the "reviewdog/action-setup@v1" GitHub Action is believed to have led to the recent breach of "tj-actions/changed-files" that leaked CI/CD secrets.
GitHub Action hack likely led to another in cascading supply chain attack
A cascading supply chain attack that began with the compromise of the "reviewdog/action-setup@v1" GitHub Action is believed to have led to the recent breach of "tj-actions/changed-files" that leaked CI/CD secrets.
www.bleepingcomputer.com
March 18, 2025 at 8:04 PM
A cascading supply chain attack that began with the compromise of the "reviewdog/action-setup@v1" GitHub Action is believed to have led to the recent breach of "tj-actions/changed-files" that leaked CI/CD secrets.
Reposted by AccessDenied403
A couple weeks ago we published our monthly release of ZK Mesh: the February 2025 Recap.
Wondering which articles/threads are the most popular amongst our #ZKMesh readers so far?
ZK Mesh Feb 2025 Top 5, here we go
🧵 👇
open.substack.com/pub/zkmesh/p...
Wondering which articles/threads are the most popular amongst our #ZKMesh readers so far?
ZK Mesh Feb 2025 Top 5, here we go
🧵 👇
open.substack.com/pub/zkmesh/p...
March 17, 2025 at 11:56 AM
A couple weeks ago we published our monthly release of ZK Mesh: the February 2025 Recap.
Wondering which articles/threads are the most popular amongst our #ZKMesh readers so far?
ZK Mesh Feb 2025 Top 5, here we go
🧵 👇
open.substack.com/pub/zkmesh/p...
Wondering which articles/threads are the most popular amongst our #ZKMesh readers so far?
ZK Mesh Feb 2025 Top 5, here we go
🧵 👇
open.substack.com/pub/zkmesh/p...
Reposted by AccessDenied403
damn this halo2 book is soooo goooood halo2.zksecurity.xyz/intro/
Introduction - Halo Hero
halo2.zksecurity.xyz
March 14, 2025 at 3:53 PM
damn this halo2 book is soooo goooood halo2.zksecurity.xyz/intro/
Reposted by AccessDenied403
A large-scale Coinbase phishing attack poses as a mandatory wallet migration, tricking recipients into setting up a new wallet with a pre-generated recovery phrase controlled by attackers.
Coinbase phishing email tricks users with fake wallet migration
A large-scale Coinbase phishing attack poses as a mandatory wallet migration, tricking recipients into setting up a new wallet with a pre-generated recovery phrase controlled by attackers.
www.bleepingcomputer.com
March 14, 2025 at 10:35 PM
A large-scale Coinbase phishing attack poses as a mandatory wallet migration, tricking recipients into setting up a new wallet with a pre-generated recovery phrase controlled by attackers.
Sepolia Pectra fork incident recap:
"we quickly realized that, because the deposit contract is token gated, an ERC-20 transfer event was emitted whenever a deposit was processed.
mariusvanderwijden.github.io/blog/2025/03...
"we quickly realized that, because the deposit contract is token gated, an ERC-20 transfer event was emitted whenever a deposit was processed.
mariusvanderwijden.github.io/blog/2025/03...
Sepolia Pectra fork incident recap
Blog on semi-cool ethereum stuff
mariusvanderwijden.github.io
March 13, 2025 at 8:58 AM
Sepolia Pectra fork incident recap:
"we quickly realized that, because the deposit contract is token gated, an ERC-20 transfer event was emitted whenever a deposit was processed.
mariusvanderwijden.github.io/blog/2025/03...
"we quickly realized that, because the deposit contract is token gated, an ERC-20 transfer event was emitted whenever a deposit was processed.
mariusvanderwijden.github.io/blog/2025/03...
Bybit hack deep dive by ncc group www.nccgroup.com/us/research-...
www.nccgroup.com
March 12, 2025 at 7:53 AM
Bybit hack deep dive by ncc group www.nccgroup.com/us/research-...