Two months after disclosing an error that exposed the private profile data of almost 500,000 Google+ users, Google on Monday revealed a new leak that affects more than 52 million people. The programming interface bug allowed developers to access names, ages, email addresses, occupations, and a wealth of other personal details even when they were… Read More


Purchased for almost $1 million on LedgerX’s trading platform just days after Bitcoin peaked a year ago, the call options have a strike price of $50,000 and an expiry date of Dec. 28, 2018. For the contracts to retain any value at expiry, Bitcoin would need to rally more than 1,400 percent. The options’ almost… Read More


One small crypto programming error can lead to millions in lost funds. As you are about to learn, a bug in your code can equal disaster on the blockchain. These far-reaching consequences are all the more reason to make your project open-source. Open-source projects gain added security because of the large number of developers checking… Read More


Transaction privacy is a fundamental requirement for many kinds of financial services, and the inability to provide this privacy has prevented Ethereum from providing compelling alternatives to traditional financial instruments. There are several blockchains and blockchain projects that use cryptographic techniques to provide this privacy, but this privacy is reserved for the ‘native’ cryptocurrency of… Read More


Kubernetes has become the most popular cloud container orchestration system by far, so it was only a matter of time until its first major security hole was discovered. And the bug, CVE-2018-1002105, aka the Kubernetes privilege escalation flaw, is a doozy. It’s a CVSS 9.8 critical security hole. CVSS 9.8 critical security hole. With a… Read More


Today I wanna write about a finding I discovered during a research project where the aim was to find critical vulnerabilities in Alexa Top 1 Million websites. The main focus was to discover common configuration issues which do not require sophisticated exploits, which are easy to find and which can have a high impact on… Read More


The FBI has started deploying its own hacking techniques to identify financially-driven cybercriminals, according to court documents unearthed by Motherboard. The news signals an expansion of the FBI’s use of tools usually reserved for cases such as child pornography and bomb threats. But it also ushers in a potential normalization of this technologically-driven approach, as… Read More