News list for " on security"
On January 17, 23pds, the chief information security officer of Slow Mist Technology, said on the X platform that it had recently detected a data breach of a third-party service used by a leading trading platform, involving a large amount of employee information, including email, password and other sensitive data. The relevant situation has been synchronized to the relevant parties for processing. The end of the year is approaching, reminding everyone to be vigilant and pay attention to the safe...
Slow Mist Chief Information Security Officer @im23pds posted a warning on social media, recently monitoring that the Lazarus organization no longer relies solely on video conferencing tools such as Zoom and Meeting as a means of attack, but instead turns to Trojan software disguised as the Willo-Talent recruitment video platform to trick recruiters into downloading and running malicious programs.
SlowMist Chief Information Security Officer @im23pds posted a warning on social media that the email address leaked in 2024 due to the attack on the OpenSea email service provider has been fully disclosed after multiple broadcasts. Please be aware of the relevant risks and be alert to phishing emails and other potential cyber attacks, including email addresses including CZ. Previously reported, on June 30, 2024, according to OpenSea official news, the NFT trading market disclosed its email deliv...
The National Network and Information Security Information Reporting Center has discovered a number of foreign malicious websites and malicious IPs, which are used by foreign hacker organizations to continuously launch cyber attacks against China and other countries. These malicious websites and IPs are closely related to a specific Trojan or Trojan program control terminal. A malicious address is associated with a Nanocore virus family sample, which can be expanded to achieve various malicious f...
Slow Mist Chief Information Security Officer 23pds said on the X platform that in the past two months, North Korean hackers have continued to impersonate Hack VC, SevenX Ventures and other institutions or individuals to commit conference fraud. Please be vigilant against the risks.
According to the Department of Justice, Israeli national Rostislav Panev allegedly worked as a developer and coder for the LockBit ransomware group since around January 2022, and received about $230,000 in cryptocurrency transfers as part of his work.
SlowMist Chief Information Security Officer 23pds tweeted that the cumulative value of cryptocurrencies stolen between January 2024 and July 2024 has reached $1.58 billion, which is about 84.4% higher than the value stolen during the same period in 2023. In 2024, private key leakage accounted for the largest proportion of stolen cryptocurrencies, reaching 43.8%.
Slow Mist Technology Chief Information Security Officer 23pds issued a statement saying that 1inch disclosed that it discovered a security bugs on December 9, and the attacker fraudulently obtained access to the private key belonging to the owner of the 1inch Labs parser smart contract.
SlowMist Chief Information Security Officer 23pds said on the X platform that all statistics on the DEXX theft have been updated so far. Note that if you are a victim: 1. Please go to the form to check whether your stolen address exists; 2. If you have transferred the balance by yourself, please go to the form again to check whether your own address is regarded as a "hacker" address record.
SlowMist Chief Information Security Officer 23pds posted, Please be aware of poison attacks, users using @solana/web3.js, version 1.95.6 and 1.95.7 can be attacked by thieves who disclose private keys. If your product is using these versions, please upgrade to 1.95.8 (1.95.5 not affected).
SlowMist Chief Information Security Officer 23pds posted that Okta allows any username longer than 52 characters to bypass login! Also according to the Okta announcement from identity and access management software provider, on October 30, a vulnerability was discovered internally when generating a cache key for AD/LDAP DelAuth. The Bcrypt algorithm is used to generate a cache key, where we hash a combined string of userId + username + password. Under certain conditions, this can allow users to ...
On October 24th, the Uniswap Foundation announced a $1.20 million grant to Areta, the leader of the Uniswap Foundation Security Fund, to create a marketplace for auditing and security services that will enhance the security and integrity of the Uniswap v4 hook developer community. According to the presentation, Areta is a cryptocurrency-based investment bank and strategic governance firm with extensive experience in executing complex financial transactions and helping foundations and DAOs develo...
In a tweet commenting on SlowMist's MistTrack platform, on-chain detective ZachXBT said, "I haven't seen publicly reported numbers anywhere before, but I estimate that social engineering/phishing scams impersonating Coinbase customer service support have resulted in users stealing as much as $100 million to $150 million over the past year."
On October 23rd, Radiant Capital, a lending agreement, warned of the security incident, "All users need to take immediate action to protect their wallets. If the user has ever interacted with Radiant (or thinks they may have), they must immediately revoke the authorization of the affected contract or risk the theft of funds. Please protect assets by Revoke.cash and remove any permissions to prevent further losses. Radiant will continue to fully track and freeze stolen funds and work closely with...
SlowMist Chief Information Security Officer 23pds said on the X platform that the component version of the Anime task reward website is too low, and there seems to be an SSRF vulnerability, and asked the official to upgrade it. Previously, Azuki launched the animation business related website anime.com, registration can join the waitlist, receive limited edition collectibles.
7x24 Newsflash
Hot News
