Tag Archive for: Assets

Protecting cryptocurrency assets in wake of the Solana Wallet hack

/in


The incident has brought up numerous concerns regarding the security provided by both the Solana network and “hot” wallets, which are fairly popular with the typical crypto investor, with cryptocurrency assets worth more than $8 million taken from about 8,000 people.

Cause of Solana attack unknown

While Solana’s Twitter account was quick to point out that the attack was not caused by a software compromise on the network, it also stated that its team of engineers was assiduously working with security researchers and ecosystem teams to determine the cause of this wallet attack.

According to preliminary investigations, hardware wallets used by Slope were safe from this issue because they only affected the Slope wallet on the Solana ecosystem.

According to Solana, impacted wallet addresses had their private key information sent to an application monitoring service at some point when they were generated, imported, or used in Slope mobile wallet programs.

Solana has already urged investors affected by the attack to abandon the affected wallets as they could still be compromised even after revoking wallet approvals. While the exact modus operandi employed is still unknown, crypto industry leaders have highlighted that the suspect transactions were properly signed, further indicating that it could be a supply chain attack with a specific focus on Slope ‘hot’ wallet users.

Applications, and devices can be hacked

Applications (software) and devices can be hacked. Since private keys are stored in application and device wallets, hackers can access them and steal your cryptocurrency and that sums up the Solana hack.

And if your wallet has been compromised, it’s paramount that you transfer any existing funds from your compromised wallet to another wallet.

Hackers will wipe your account of funds immediately, but if you’re lucky and they have not done this yet, it’s time for investors to take immediate action.

Source…

TalonWork Mobile empowers organizations to safeguard enterprise assets

/in


Talon Cyber Security introduced TalonWork Mobile, a version of its TalonWork browser made specifically for mobile endpoints.

With TalonWork Mobile, customers can extend secure access and control to the mobile endpoints that are used to connect to corporate resources and data, yet are historically unmanaged by organizations.

Talon is the first secure enterprise browser provider to support mobile as part of its device coverage, working with customers to inform future capabilities and address specific use cases. For example, one prominent use case for early adopters is securing frontline workers that connect to corporate resources from mobile devices. Customers leverage TalonWork Mobile to ensure secure access for the single-purpose applications used by mobile workers, such as those in insurance, manufacturing, transportation, construction, healthcare, professional services and retail.

“For every CISO we are engaged with, secure access for mobile devices is top of mind, especially as organizations develop special-purpose applications to stay competitive and reduce costs,” said Ohad Bobrov, co-founder and CTO, Talon Cyber Security. “In today’s distributed environments, employees and third parties need to connect to the business while on the move. TalonWork Mobile delivers secure access for on-the-go workers in a native way and gives organizations deep security visibility and control, uniquely positioning us to address this widespread market need.”

The TalonWork browser allows customers to provide secure access to the applications that power their businesses, including core business, communication, and single-purpose applications. TalonWork also enables organizations to ensure proper security posture for all mobile devices in use across their environments, without the need for device enrollment.

Specific benefits and capabilities delivered through TalonWork Mobile that empower organizations to safeguard enterprise assets include:

  • Enforce and restrict mobile access: TalonWork can enforce and restrict mobile access to corporate resources based on a device’s security posture and user credentials.
  • Granular visibility and control: Organizations benefit from…

Source…

NIMASA Acquires Mobile Assets to Boost Blue Project Security

/in


By Adedapo Adesanya

The National Drug Law Enforcement Agency (NDLEA) has foiled attempts by suspected drug traffickers to export parcels of Methamphetamine popularly called Mkpuru Mmiri locally concealed in Cornflakes packs and body cream containers to Malaysia and Australia at Murtala Muhammed International Airport, Ikeja, and a courier company in Lagos.

The drug control authority said two freight agents; Mr Nneji Anoma And Mr Etoh Barnabas were involved in the bid to export nine parcels of Methamphetamine weighing 1.45kg hidden in packs of cornflakes to Malaysia through the NAHCO export shed of the MMIA on Wednesday, June 15, 2022, have been arrested.

Another consignment of 10 cartons of Tramadol 225mg packaged as Tramaking containing 500,000 tablets with a total weight of 407kg and an estimated street value of N200 million have been seized during a joint examination with the customs at the NCS warehouse.

The consignment, which had arrived SAHCO import shed since June 6, from India via Ethiopian Airline, was eventually transferred to the NDLEA by customs on Wednesday, June 15.

The previous day, Tuesday, June 14, a similar joint examination with customs at its enforcement terminal, Tincan seaport, Lagos led to the seizure of 33 parcels of cannabis indica (Colorado) weighing 16.5kgs. The drug exhibit was recovered from a 40-foot container, TRHU 7874497 containing four vehicles. The cannabis coming from Montreal, Canada was discovered in three out of the four vehicles in the container.

In the same vein, operatives of the Directorate of Operations and General Investigation, DOGI at the agency attached to a courier company have intercepted a kilogram of Methamphetamine concealed in body cream containers heading to Australia.

Meanwhile, the drug cartels also suffered losses in other operations across Adamawa, Borno, Kogi, Ogun, Zamfara and Taraba States. A suspected drug dealer, Mr Abdullahi Musa, a.k.a Yerima Uding wanted for some past attacks on officers and men of the agency, was in the early hours of Thursday, June 16 arrested in Hong town, Adamawa state.

The 53-year-old suspect was caught with 57 blocks of compressed cannabis sativa, concealed in the boot of his…

Source…

Threat actors don’t have to compromise assets to attack an organization or its customers

/in


Digital supply chains, M&A, and shadow IT create a hidden attack surface

Most cyberattacks originate miles away from the network; web applications comprised the vector category most commonly exploited in hacking-related breaches. Unfortunately, most organizations lack a complete view of their internet assets and how those assets connect to the global attack surface. Three significant contributors to this lack of visibility are shadow IT, mergers and acquisitions (M&A), and digital supply chains.

Shadow IT

Where IT can’t keep pace with business requirements, the business looks elsewhere for support in developing and deploying new web assets. The security team is frequently in the dark regarding these shadow IT activities and, as a result, cannot bring the created assets within the scope of their security program. Unmanaged and orphaned assets can become a liability in an organization’s attack surface over time.

This rapid proliferation of digital assets outside the firewall is now the norm. New RiskIQ customers typically find approximately 30 percent more assets than they thought they had, and RiskIQ detects 15 expired services (susceptible to subdomain takeover) and 143 open ports every minute.2

Mergers and acquisitions

Everyday operations and critical business initiatives such as M&A, strategic partnerships, and outsourcing create and expand external attack surfaces. Today, less than 10 percent of deals globally contain cybersecurity due diligence.

There are several common reasons why organizations are not getting a complete view of potential cyber risks during the due diligence process. The first is the sheer scale of the company’s digital presence they’re acquiring. It’s not uncommon for a large organization to have thousands—or even tens of thousands—of active websites and other publicly exposed assets. While IT and security teams in the to-be-acquired company will have an asset register of websites, it’s almost always only a partial view of what exists. The more decentralized an organization’s IT activities are, the more significant the gap.

Supply chains

The enterprise is increasingly dependent upon the digital alliances that form the modern supply…

Source…