Tag: keys | Page 3

Are Cold Wallets Safer Than Hot Wallets For Storing Your Crypto Keys?

August 9, 2022/in Internet Security

Recently, hackers stole around $5.2 million worth of Solana from 8,000 hot wallets, such as Phantom, Slope, and Trust. Solana claimed that the security vulnerability was in the code of the third-party wallets and not in their own.

Now in the light of such revelations, cyber experts are debating whether crypto investors should store their private keys in cold wallets in order to secure their crypto holdings from such cyber hacking.

Incidentally, Peck Shield Alert, a security firm has Tweeted that around $8,000 worth Stablecoin and Solana have been stolen. Besides, Solana has also struggled with security issues in the past, and now, probes has revealed that as many as four addresses were linked to the hacker.

Crypto investing has come in vogue of late as they are considered the currencies of tomorrow. They are based on the Blockchain, and will be the native currency in the WEB3 space, the new digital world that we will be able to access in a few years using virtual reality.

Central banks across the world, including the Reserve Bank of India have announced they will be launching the central bank digital currency (CBDC) soon. As we usher towards this new world, the important question that now rises is how we can keep our money safe.

Technically, you can store crypto in a custodial wallet, where they do not provide you with a private key. Else, you can choose a hot wallet where your private key is stored in a browser extension or a desktop application, and lastly there is the most secure of all, the cold wallet, where you store your key in a hardware wallet. Keeping the private key secure is the most important piece of the puzzle.

Let us understand the concept of hot and cold wallets in detail.

Hot Wallets

Hot wallets include Web-based wallets (browser extension), mobile wallets, and desktop wallets. They are all connected to the Internet. In other words, if your system gets compromised, or if the hot wallet you use has security vulnerabilities, like in the Solana hacking case, where hackers stole the private key from inactive crypto Slope, Trust, and Phantom wallets, hackers can steal your private keys and drain your wallet. They can use a crypto tumbler…

Source…

Researchers find 3,000+ mobile apps exposing Twitter API keys

August 2, 2022/in Mobile Security

Cybersecurity researchers have discovered more than 3,000 mobile apps exposing Twitter Inc. application programming interface keys that can be used to gain access to or take over Twitter accounts.

Detailed today by security firm CloudSEK, 3,207 apps were found to be leaking valid Consumer Key and Consumer Secret keys. Some 230 apps, some of which are described as belonging to unicorn startups, were found to leak all four Twitter authentication credentials that could be used to take over Twitter accounts fully.

With full access, an attacker would gain the ability to perform actions such as reading direct messages, retweeting, liking, deleting and removing and adding followers, along with the ability to change account settings and the display picture on the account.

The researchers explain that the exposure of the API keys is typically the result of mistakes in which developers embed their authentication keys in the Twitter API but then forget to remove them when the mobile application is released.

By exposing the API keys, the risk of exploitation is genuine. A malicious actor who has access to the API keys can use them to create a “Twitter bot army” that could be used to spread false information or used in a phishing scam.

The researchers highlight a recent case where Twitter was exploited to promote a “fake suspension notices” phishing scam. In this case, verified Twitter accounts were used to lend credence to the scam.

The researchers concluded that it is imperative that API keys are not directly embedded in code and that developers should follow secure coding and deployment processes. Processes include implementing a standardized review procedure to ensure accurate versioning, hiding keys to increase security and rotating API keys to reduce the threat of leaked keys.

“There are only two ways to solve this problem,” David Stewart, chief executive officer of mobile app protection company Approov, told SiliconANGLE. “Either adopt a mobile security solution that enables you to store your API keys off the device and deliver them only when needed or require a second independent factor to be present alongside the API key to access backend data and resources –…

Source…

Older People on the Internet: Keys to Safe Surfing

July 24, 2022/in Internet Security

Did you know that life expectancy in Spain reached 83.3 years in 2021? This means that we are living longer and longer. And thanks to the development of information and communications technology, we lead more and more connected lives. This presents society with the challenge of providing older people with safe internet surfing.

The health crisis accelerated connectivity, which ceased to be a trend to become a reality: teleworking is now consolidated, and so is online commerce and entertainment, telemedicine, digital banking and the way we relate to our loved ones, remotely.

In 2021, as a result of the rise of remote activities, Spain became the most targeted country. According to data provided in its latest computer threat report, drafted by the cybersecurity company ESET, Spain suffered more than 51 billion desktop attacks, far more than the attacks unleashed on France (21 billion), Germany (19 billion) and Poland (18 billion). Bad data driven by the growth of teleworking across the globe.

Older people on the internet: messages and news

20% of Spain’s population, some nine and a half million people, are elderly. In the current scenario, the number of people over 65 who have gone digital has also grown. In its latest report on the digital divide, the Unión Democrática de Pensionistas y Jubilados de España (Democratic Union of Pensioners and Retired People of Spain), UDP, points out that the regular use of the Internet by this group of people has increased in recent years, from 32.7% in 2017 to 60% in 2021.

The MayoresUDP Scale points to the exchange of “messages with family and friends” via WhatsApp or SMS as the main use of the internet by the elderly, with 85.1%, followed by 80.8% for people who use the internet to keep themselves well-informed. Other common activities are those related to banking and healthcare, or online shopping. However, it states that among “older, less educated and less affluent people” the various digital activities decrease significantly.