vulnerabilities
Tik Tok Pushes Harder for Blockchain Despite Vulnerabilities in Core System
Hundreds of millions of users are using Tik Tok, meaning that any breach of data could lead to serious vulnerabilities for users and the company.
Github: Understanding Unsafe Deserialization Vulnerabilities in Ruby Projects
Learn how unsafe deserialization vulnerabilities can allow attackers to execute commands on Ruby projects and how to detect and prevent them.
CertiK Outlines Mobile Blockchain Security Threats and Countermeasures
CertiK discussed security challenges of blockchain technologies on mobile platforms, including malware, insecure wallet apps, and network vulnerabilities, and provided countermeasures like reputable security solutions and regular updates.
ZenGo uncovers dApp vulnerability
ZenGo has discovered a security vulnerability called the "red pill attack" in decentralized applications or dApps. The vulnerability allowed malicious dApps to steal user assets using opaque transaction approvals. Many leading vendors, including Coinbase Wallet, were vulnerable to such attacks. ZenGo found that developers took a shortcut in setting "Special Variables" to arbitrary values during simulation, leaving the simulation vulnerable to attack. ZenGo said the fix was straightforward and urged developers to populate vulnerable variables with meaningful values.
Solana Foundation Offers $400k Bounty for Critical Code Discovery
Jacob Creech announces a $400k bounty for discovering code that can halt Solana network, part of Solana Foundation's endeavor to ensure robust network security.
Cybersecurity Firm Halborn Warns of Zero-Day Vulnerabilities in Over 280 Blockchain Networks
Cybersecurity firm Halborn has warned of a vulnerability called "Rab13s" that could put over 280 blockchain networks at risk of zero-day exploits, potentially exposing at least $25 billion worth of crypto. The most critical vulnerability could allow an attacker to send malicious consensus messages to individual nodes, causing each to shut down and potentially enabling a 51% attack on the network. While Dogecoin, Zcash, and Litecoin have already implemented patches for the discovered vulnerabilities, hundreds of other networks remain at risk.
CFTC Receives DeFi Crash Course
Crypto executives provided a DeFi crash course to the CFTC during their first Technology Advisory Committee meeting. Topics included blockchain technology, decentralization, digital identity, and exploits and vulnerabilities.
Web3 Security Losses Skyrocket to $889.26M in Q3 2023, Says Beosin Report
The Q3 2023 Global Web3 Security Report, jointly initiated by Beosin and SUSS NiFT, reveals a concerning escalation in the Web3 security landscape. The report shows that losses from hacks, phishing scams, and rug pulls reached $889.26M in Q3 2023, exceeding the combined losses of the first two quarters. The report also highlights the increasing threat posed by North Korea's Lazarus group.
How Jailbreak Attacks Compromise ChatGPT and AI Models' Security
Recent studies reveal the vulnerabilities of large language models like GPT-4 to jailbreak attacks. Innovative defense strategies, such as self-reminders, are being developed to mitigate these risks, underscoring the need for enhanced AI security and ethical considerations.
Is China Hacking Australia? Cryptojacking Cyberattacks Hit Hard Down Under
The Australian Cyber Security Center has published a report highlighting vulnerabilities that are being exploited by hackers using cryptojacking malware.
Kraken’s Ethereum 2.0 Staking Service Is a Success, With More Than 100,000 ETH Secured
US-based Kraken has been among the crypto exchanges that has welcomed Ethereum 2.0 staking with open arms.
Zcash Bug Could Leak Full Nodes with Shielded IP Addresses
Duke Leto, a core developer at Komodo (KMD), recently published a blog on his personal website revealing that, “A bug has existed for all shielded address since the inception of Zcash and Zcash Protocol.” Leto explained, “That is, Alice giving Bob a zaddr to be paid, could actually allow Bob to discover Alice’s IP address. This is drastically against the design of Zcash Protocol.”
$1 Billion in Bitcoin Moves From Silk Road Wallet, a Format Update or a Hack?
69,370 Bitcoins has moved from an address connected to the defunct Silk Road darknet market for the first time in five years, was it a hack or a move to update the address?
US DHS Cybersecurity Official Expects to be Fired in Trump’s Post-Election Purge for Debunking Fake News
A United States Homeland cybersecurity official, Christopher Krebs expects to be cut in President Trump’s post-election purge for proactively debunking disinformation.
DeFi’s Smart Contract Risks: Cream Finance’s Input Error Led to CREAM Token Plunging 25%
The DeFi sector has attracted millions to billions of dollars worth of crypto to the industry, however, some protocols have shown issues.
Origin Protocol Puts $1 Million Bounty on Hacker As OUSD Stablecoin Loses Stability
Origin has now announced a $1 million bounty reward for anyone who can bring the hacker responsible for destabilizing its stablecoin to justice.
Kaspersky’s Expert Take on KYC and AML: Stock vs Crypto Exchanges
In Part 2 of our interview, Yeo Siang Tiong, General Manager for Southeast Asia, Kaspersky shared how Kaspersky provides cybersecurity solutions for stock and crypto exchanges to address KYC and AML concerns. He also walked us through the Kaspersky Application Security Assessment and explained its significance in safeguarding assets in crypto exchanges.
How Kaspersky Protects Investors During Token Sales in 7 Ways
In the exclusinve interview with Blockchain.News, Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky shares the latest trend on cybersecurity threats in crypto fundraising and how Kaspersky's solutions can protect investors in 7 ways.
Can Blockchain Strengthen the Internet of Things (IoT)?
IoT and Blockchain are two disruptive technologies leveraged for numerous technological innovations across multiple industries, but how do they complement each other?
G20 Agency Warns Countries of Systemic Risks Posed by Global Stablecoins
The Financial Stability Board (FSB), the G20 body that advises on ways to improve the global financial system, has published a study on the challenges, which stablecoins pose for the global economy. The FSB stated that regulatory frameworks have already covered several activities associated with stablecoins, although there are other risks that many national regulators could be left unprepared for.