Tag Archive for: Crypto

This sort of crypto (graphy), and the other sort of crypto (currency!) [Audio + Text] – Naked Security

/in


With Doug Aamoth and Paul Ducklin.

DOUG.  A critical Samba bug, yet another crypto theft, and Happy SysAdmin Day.

All that and more, on the Naked Security podcast.

[MUSICAL MODEM]

Welcome to the podcast, everybody.

I am Doug Aamoth.

With me, as always, is Paul Ducklin… Paul, how do you do today?

DUCK.  Excellent, thank you, Douglas.

DOUG.  We like to start the show with some tech history.

And this week, Paul, we’re going way back to 1858!

This week in 1858, the first transatlantic telegraph cable was completed.

It was spearheaded by American merchant Cyrus Westfield, and the cable ran from Trinity Bay, Newfoundland, to Valencia, Ireland, some 2000 miles across, and more than 2 miles deep.

This would be the fifth attempt, and unfortunately, the cable only worked for about a month.

But it did function long enough for then President James Buchanan and Queen Victoria to exchange pleasantries.

DUCK.  Yes, I believe that it was, how can I put it… faint. [LAUGHTER]

1858!

What hath God wrought?, Doug! [WORDS SENT IN FIRST EVER TELEGRAPH MESSAGE]

DOUG.  [LAUGHS] Speaking of things that have been wrought, there is a critical Samba bug that has since been patched.

I’m not an expert by any means, but this bug would let anyone become a Domain Admin… that sounds bad.

DUCK.  Well, it sounds bad, Doug, mainly for the reason that it *is* rather bad!

DOUG.  There you go!

DUCK.  Samba… just to be clear, before we start, let’s go through the versions you want.

If you’re on the 4.16 flavour, you need 4.16.4 or later; if you’re on 4.15, you need 4.15.9 or later; and if you’re on 4.14, you need 4.14.14 or later.

Those bug fixes, in total, patched six different bugs that were considered serious enough to get CVE numbers – official designators.

The one that stood out is CVE-2022-32744.

And the title of the bug says it all: Samba Active Directory users can forge password change requests for any user.

DOUG.  Yes, that sounds bad.

DUCK.  So, as the full bug report in the security advisory, the change log says, in rather orotund fashion:

“A user could change the password of the administrator account and gain total control over the domain. Full loss of…

Source…

Thousands of Solana crypto wallets targeted in yet another hack

/in


Hackers targeted the Solana ecosystem on Wednesday with thousands of wallets being affected in the latest hit to the cryptocurrency market, just a few days after bridge protocol Nomad was attacked at the start of the week. Over 8,000 internet-connected hot wallets have been compromised so far, however, the source of the attack remains unknown.

While the total value of the assets stolen was unclear, four Solana wallet addresses drained approximately $8 million from victims, according to security firm PeckShield, reported Bloomberg. 

More than 8,000 wallets appear to have been affected, with the security incident draining them of their SOL tokens and USDC stablecoins, crypto exchange Binance Chief Executive Officer (CEO) Changpeng “CZ” Zhao said on Twitter.

“There is an active security incident on Solana. Many (7000+ and counting) wallets are drained of SOL & USDC. Don’t know root cause yet. Maybe permissions granted to appsm” said Zhao on twitter.

Solana’s token SOL fell 7% to $38.4 in the last 24 hours, its lowest price in a week. “Solana is a new blockchain supported by a token of its own that works as the gas to confirm the transactions on that blockchain. There have been numerous hacks on the wallets supporting this token. A recent successful attempt drained away about 560M USD worth of Solana from various user…

Source…

EXPLAINED: How to store your crypto safely and avoid hacks  

/in


In light of the various hacks and liquidations of crypto exchanges and Decentralise Finance (DeFi) platforms, experts advise crypto investors to not keep their crypto funds in any such places. But what other options do investors have? 

Well, investors have not just one, but several other options, based on their requirements. But let us first understand why it is not safe to store your crypto in the aforementioned places. 

Why should you not store your crypto on an exchange or on any DeFi platform? 

It is advisable to not store one’s crypto holdings on any centralised platform like exchanges or DeFi platforms. It is because the custody of the funds is with the platform itself and not the investor. Moreover, these platforms are prone to hacks.  

In the recent past, DeFi platforms, like the Celsius Network, 3 Arrows Capital, Voyager Digital, Vauld, and other faced financial strains because of which investors’ funds became inaccessible. And hence investors are advised to store their cryptos in different types of crypto wallets. 

But what are crypto wallets? 

Crypto wallets are pieces of hardware or software used to store your crypto assets. Every crypto wallet has an identity, which comprises a pair of private keys and public keys.  

What are public and private keys and what do they do? 

Public and private keys provide an alphanumeric identifier for your crypto wallet, which is called, your wallet address. 

What does a crypto wallet address do? 

The crypto wallet address specifies where the crypto tokens can be sent on the blockchain network. The private keys of a crypto wallet are never supposed to be disclosed. The public key is disclosed to sender of cryptos to identify the address. 

Crypto wallets can be divided into groups  

a) Based on how frequently they are connected to the internet and  

b) Based on their technology. 

Based on internet connectivity, they are divided into two categories 

1. Hot Wallets 

Hot wallets are regularly connected to the internet. They are more user-friendly but less secure since they are frequently connected to the Internet. Hot wallets are usually utilised for daily transactions. They offer immediate access to the…

Source…

Ransomware attack hits Goa’s flood monitoring system; demand crypto as payment | Latest News India

/in


In a complaint to the cyber cell, the state government’s water resources department that has been maintaining the data said that all its files have been encrypted and can no longer be accessed.

Goa’s flood monitoring system was hit by ransomware attackers who have demanded to be paid in cryptocurrency for the data on flood monitoring stations to be released.

In a complaint to the Cyber cell of the Goa Police, the state government’s water resources department that has been maintaining the data said all its files have been encrypted and can no longer be accessed.

Also Read: A multipronged approach to protect ICT supply chains from cyberattacks

“Server has been under the cyberattack of ransomware. Under the attack, all files are encrypted with eking extension and cannot be accessed. In a popup and stored file, the attackers are demanding Bitcoins Cryptocurrency for the decryption of the data. The attack was carried out on 21 June 2022 midnight between 12am-2am. The integrity of the data has been altered making it impossible to back up the previous data. The server works on the 24×7 internet line and the attack was eased due to absence of antivirus and outdated firewalls,” the complaint filed by executive engineer Sunil Karmarkar revealed.

The complaint was filed on June 24 but has come to light today.

The data center server located at Panaji was storing data of the flood monitoring system at 15 locations on major rivers in Goa to monitor flood levels in rivers as a part of disaster management in order to have a control on floods eventualities.

The data of flood monitoring system, automated rain gauges and weather gauges get stored in the server located at the Water Resources Department Headquarters in the state capital while the servers were being maintained by ASTRA Microwave Products limited, Hyderabad.

As a result of the hacking, the department can now no longer access its data related to battery voltages of different stations, data packets related to 12 stations, has lost all its old data which can now no longer be backed up locally and has also lost real time data of the rivers currently in spate owing to the ongoing vigorous monsoon activity across the state.