Cybersecurity news
Top 7 cybersecurity jobs in high demand
In today’s digital age, cybersecurity has become a critical aspect of almost every business. Cyber threats are increasing daily, and businesses must take proactive measures to protect their networks and data. As a result, the demand for cybersecurity professionals has skyrocketed. Little Friday humour #meme #cybersecurity @hackurityio pic.twitter.com/MArEpCh03k — Harold De Vries (@devries_harold) February 17, 2023 In this article, we will discuss the top seven cybersecurity jobs that are in high demand. Cybersecurity analyst A cybersecurity analyst is responsible for identifying and mitigating cyber threats to an organization’s network and data. They examine system logs and network traffic to find …
Technology / Feb. 26, 2023
Uniswap DAO debate shows devs still struggle to secure cross-chain bridges
Over $2.5 billion was stolen in cross-chain crypto bridge hacks from 2021 to 2022, according to a report by Token Terminal. But, despite several attempts by developers to improve bridge security, a debate from December 2022 to January 2023 on the Uniswap DAO forums has laid bare security weaknesses that continue to exist in blockchain bridges. In the past, bridges like Ronin and Horizon used multisig wallets to ensure that only bridge validators could authorize withdrawals. For example, Ronin required five out of nine signatures to withdraw, whereas Horizon required two out of five. But attackers figured out how to …
Blockchain / Feb. 26, 2023
Coinbase discloses recent cyberattack targeting employees
Crypto exchange Coinbase experienced a cybersecurity attack targeting its employees on Feb. 5. The attack came through SMS scams and involved impersonations of IT staff, according to a recent report from the company's engineering team. No customers' funds or information were impacted, the firm said. As per the report, on a late Sunday several Coinbase employees received SMS messages requiring them to urgently log in via the link provided to access an important message. Acting in a good faith, one employee followed the exploiter' instructions: "While the majority ignore this unprompted message - one employee, believing that it’s an important …
Technology / Feb. 22, 2023
Security team creates dashboard to detect potential NFT hacks in OpenSea
A wallet security team released a real-time dashboard that lets community members detect, track and monitor potential nonfungible token (NFT) hacks using offline signatures in the OpenSea marketplace. According to the team behind crypto wallet ZenGo, they created an NFT hack detector using a simple method. This includes tracking realized NFT trades in the NFT marketplace and comparing the trade amount of the NFT collection’s floor price. If the ratio between the two trade values is suspiciously low, it will get flagged as a potential hack. At the time of writing, the dashboard flagged almost $25 million worth of NFTs …
Nft / Feb. 22, 2023
BingChatGPT 'pump & dump' tokens emerging by the dozens: Peckshield
Blockchain security firm Peckshield has raised the alarm after finding dozens of tokens purporting to be related to artificial intelligence (AI) powered chatbot ChatGPT. In a Feb. 20 post, the firm revealed at least three "BingChatGPT" tokens appear to be part of honeypot schemes — a smart contract that tricks a user into sending Ethereum (ETH), which the attacker then traps and retrieves. According to Peckshield, at least two of the tokens identified have already lost nearly 100% of their value, while a third is at a 65% loss — in what is often referred to as a “pump and …
Blockchain / Feb. 21, 2023
Platypus DeFi faces flash loan attack, according to CertiK
Blockchain security firm CertiK reported on Feb. 16 that it has spotted a flash loan attack on Avalanche-based stableswap platform Platypus DeFi. The blockchain security firm posted the news in a tweet, alongside the attacker contract address. #CertiKSkynetAlert We are seeing a #flashloan attack on @Platypusdefi resulting in a potential loss of ~$8.5M. Tx AVAX: 0x1266a937c2ccd970e5d7929021eed3ec593a95c68a99b4920c2efa226679b430 Stay Frosty! pic.twitter.com/AM2HOM5M2r — CertiK Alert (@CertiKAlert) February 16, 2023 According to the source, nearly $8.5 million has been already been moved. As a result, the Platypus USD stablecoin became depegged and dropped 52.2% to $0.478 at time of writing. . @Platypusdefi new stablecoin …
Defi / Feb. 16, 2023
OneKey says it's fixed the flaw that got its hardware wallet hacked in 1 second
Crypto hardware wallet provider OneKey says it has already addressed a vulnerability in its firmware that allowed one of its hardware wallets to be hacked in one second flat. On Feb. 10, a video on YouTube posted by cybersecurity startup Unciphered showed they had figured out a way to exploit a "Massive critical vulnerability" in order o "crack open" a OneKey Mini. According to Eric Michaud, a partner at Unciphered, by disassembling the device and inserting coding, it was possible to return the OneKey Mini to “factory mode” and bypass the security pin, allowing a potential attacker to remove the …
Blockchain / Feb. 13, 2023
Jump Crypto unveils critical vulnerability on Binance’s BNB Chain
Web3 infrastructure firm Jump Crypto has discovered a vulnerability in the Binance BNB Beacon Chain, which would allow the mint of an unlimited amount of arbitrary tokens. The issue was privately disclosed to the BNB team, enabling a patch to be developed and deployed within 24 hours. In a blog post from Feb. 10, Jump Crypto disclosed a detailed report about the vulnerability found two days earlier, which could "have led to a large loss of funds." As per the report, the BNB Chain is composed of two blockchains - the EVM compatible Smart Chain (BSC), which is based on …
Blockchain / Feb. 11, 2023
Uniswap's BNB deployment should use multiple bridges, claims LIFI CEO
As Uniswap DAO’s vote to deploy to BNB chain continues, LIFI CEO Phillip Zentner argued in a February 6 forum post that the current proposal is flawed. According to him, the plan to use Wormhole as the sole governance bridge for Uniswap should be abandoned. Instead, he claimed that Uniswap researchers should work on a standardized system for using multiple bridges to handle governance decisions. The ongoing discussion on @Uniswap's forum is critical for the multi-chain ecosystem in 2023. TL;DR: Uniswap's model for x-chain governance will likely become industry standard. As an unbiased member of the community, @lifiprotocol is rooting …
Trading / Feb. 8, 2023
Scammers are targeting crypto users with new ‘zero value TransferFrom’ trick
Data from Etherscan shows that some crypto scammers are targeting users with a new trick that allows them to confirm a transaction from the victim’s wallet, but without having the victim’s private key. The attack can only be performed for transactions of 0 value. However, it may cause some users to accidentally send tokens to the attacker as a result of cutting and pasting from a hijacked transaction history. Blockchain security firm SlowMist discovered the new technique in December and revealed it in a blog post. Since then, both SafePal and Etherscan have adopted mitigation techniques to limit its effect …
Blockchain / Feb. 7, 2023
Dingo crypto token flagged as scam over 99% transaction fee backdoor
The research arm of cybersecurity software firm Check Point has flagged the Dingo Token (DINGO) as a “potential scam” after reportedly discovering a smart contract function that has been used to manipulate transaction fees. In a Feb. 3 blog post, Check Point Research (CPR) said it looked into the code behind the Dingo Smart Contract, discovering a backdoor function "setTaxFeePercent," which can change the contract's buy and sell fee up to 99%. This is despite the project’s whitepaper stating that there is only a 10% fee per transaction. According to CPR, this essentially allows the project’s owner to withdraw up …
Blockchain / Feb. 6, 2023
How to protect against crime in the metaverse
How to protect yourself in the metaverse To protect yourself in the metaverse, use strong passwords, be cautious of suspicious activity, and limit the amount of personal information shared online. Here are some ways to protect yourself in the metaverse: Use strong and unique passwords: Create secure passwords utilizing a variety of letters, numbers and symbols and steer clear of using the same one for many accounts. When disclosing personal information, exercise caution: Be cautious when sharing information online and be on the lookout for unauthorized requests for personal information. Utilize two-factor authentication: To further secure your accounts, use two-factor …
Defi / Feb. 4, 2023