Tag: Wormhole’ | SpinSafe

Hands off my biometrics, and a wormhole squirmish • Graham Cluley

May 12, 2022/in Computer Security

Smashing Security podcast #274: Hands off my biometrics, and a wormhole squirmish

Clearview AI receives something of a slap in the face, and who is wrestling over an internet wormhole?

All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.

And don’t miss our featured interview with Artur Kane of GoodAccess.

Hosts:

Graham Cluley – @gcluley
Carole Theriault – @caroletheriault

Show notes:

Sponsor: Kolide

At Kolide, we believe the supposedly Average Person is the key to unlocking a new class of security detection, compliance, and threat remediation. So do the hundreds of organizations that send important security notifications to employees from Kolide’s Slack app.

Collectively, we know that organizations can dramatically lower the actual risks they will likely face with a structured, message-based approach. More importantly, they’ll be able to engage end-users to fix nuanced problems that can’t be automated.

Try Kolide Free for 14 Days; no credit card required.

Sponsor: GoodAccess

GoodAccess – Free Business Cloud VPN for up to 100 Users.

Get a cloud VPN with strong network encryption and unprecedented online threat protection. No hardware. 100% free. Just create your team and enjoy GoodAccess forever.

Check it out now at smashingsecurity.com/goodaccess.

Sponsor: Rumble

Rumble, made by the creator of Metasploit, finds many devices connected to your network that other solutions miss, including orphaned machines running outdated operating systems.

It can even tell you which machines are missing endpoint protection, from your local network to the cloud.

Sign up for a free trial and build your asset inventory in minutes. Get your trial at www.rumble.run

Follow the show:

Follow the show on Twitter at @SmashinSecurity, on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Found this article interesting? Follow Graham Cluley on Twitter to read more…

Source…

Solana price ‘bear flag’ paints $50 target as Wormhole hack exposes security hole

February 5, 2022/in Computer Security

Solana (SOL) became one of the worst performers among the top cryptocurrencies on Feb. 3 as traders assessed its links with the second-biggest hack to date.

$325M worth of wETH gone

SOL price dropped by 5.50% to below $96.50 as Wormhole, a bridge between Solana and Ethereum blockchains, reportedly lost $325 million worth of Wrapped Ethereum (wETH) due to a technical vulnerability.

Prior to the hack on Wednesday, SOL was trading as high as $112.

Solana security hole needs fixing asap?

Seems their consensus proceeds with only 33% of the nodes

Hard math proofs show you need 66%+ for safety. No ifs no buts

Possibilities: 1) is insecure, 2) is centralized, or 3) they’ve broken Computer Science (unlikely) pic.twitter.com/yqfW3QnfeK

— dom.icp ∞ (@dominic_w) February 3, 2022

In detail, hackers tricked a series of Solana’s smart contracts into signing illicit transactions digitally posing as “guardians,” reported blockchain researcher Kelvin Fichter on Feb. 2, the night after the hack. He wrote:

“The attacker made it look like the guardians had signed off on a 120K deposit into Wormhole on Solana, even though they hadn’t. All the attacker needed to do now was to make their “play” money real by withdrawing it back to Ethereum.”

And one withdrawal of 80k ETH + 10k ETH later (everything in the bridge on Ethereum), everything was gone.

— smartcontracts (@kelvinfichter) February 3, 2022

Wormhole said that it would add Ethereum’s native token Ether (ETH) “over the next hours” to back wETH on the Solana network on a 1:1 basis. However, the project did not clarify the source of the funds that would be used to buy ETH tokens.

Bear flag triggered

The selloff in the Solana market across the last 24 hours came closer to triggering a bearish continuation setup that may send the SOL price down by another 50%.

Dubbed “bear flag,” the pattern emerges when the price consolidates sideways/higher after a strong downside move, called “flagpole.” In a perfect world, the price eventually breaks below the consolidation range and falls by as much as the flagpole’s length.

So far, SOL/USD has been forming the same bear flag pattern, as shown in the chart below.

*SOL/USD daily price chart featuring bear flag setup….*

Source…

Wormhole promises to be a better longer-living Firefox Send alternative

April 11, 2021/in Internet Security

Wormhole is a new file sharing service that promises to be a better longer-living version of Firefox Send, a file sharing service that Mozilla discontinued some time ago. Does Wormhole live up to the promises that it makes? Let’s find out.

First, the basics: Wormhole can be used by anyone to send files with a total size of up to 10 Gigabytes. The service uses end-to-end encryption, and that means that the owners of Wormhole as well as the Internet Service Provider or network listeners, don’t know the content of the files that are shared using the service.

wormhole file transfer

To use it, visit the Wormhole website and either use drag & drop to add files to the send queue or use the file/folder browser instead. Wormhole works in all modern web browsers.

You get options to copy the link to the cloud copy of the files and a share link right away, even before the actual upload has started; this is one distinguishing factor as most file sharing services display share links and options only after a successful transfer. Wormhole calls this “instant file streaming”, and recipients may start downloading files even before the upload completes.

wormhole files

You may copy the link to share it with others, or use the share option to use sharing options provided by the operating system. Recipients may download all files or only select files.

One interesting option that Wormhole supports is the direct sharing via WiFi or Bluetooth; these may offer faster transfer speeds as local networks are utilized when possible.

The encrypted files are stored for 24 hours in the cloud before they are deleted automatically.

The Wormhole security page reveals information about the implemented security techniques. Besides end-to-end encryption, Wormhole promises that it does not display advertisement or will load trackers. The service’s key management and other security features are outlined on the page as well.

Firefox Send did support a number of features and options that Wormhole does not support at the time of writing, including password protection of files, download limits, or different storage limits.

Wormhole does not require an account at the time of writing, has a large file size limit, and supports local area network sharing. The features could…

Source…

‘Through the Wormhole’ Preview: Morgan Freeman Talks Zombies, Cyber … – Hollywood Reporter

June 5, 2014/in Internet Security

Hollywood Reporter

'Through the Wormhole' Preview: Morgan Freeman Talks Zombies, Cyber …
Hollywood Reporter
"We should no longer think in terms of F22s or F13s or aircraft carriers or fighting machines," Freeman says of terrorist warfare. "It will just take somebody with a strong mind and computer, and all they have to do is basically change the time. Think …

and more »

cyber warfare – read more

Tag Archive for: Wormhole’

Hosts:

Show notes:

Follow the show:

$325M worth of wETH gone

Bear flag triggered