FBI: Hackers stole source code from US government agencies and private companies The Federal Bureau of Investigation has sent out a security alert warning that threat actors are abusing misconfigured SonarQube applications to access and steal source code repositories from US government agencies and private businesses. US officials talk about all the methods the Chinese government and its agents have been using to target US companies and… Read More
Fault in NHS Covid app meant thousands at risk did not quarantine A code error in the NHS Covid-19 app meant users had to be next to a highly infectious patient for five times as long as the NHS had decided was risky before being instructed to self-isolate, the Guardian has learned. Source: theguardian… Read More
Google Titan Security Key Recalled After Bluetooth Pairing Bug Google’s Titan Security Key, launched in the U.S. market last August, is a USB dongle that offers an added layer of security features for Google accounts, such as two-factor authentication and protections from phishing attacks. Specifically impacted is the version of the Titan Security Key with Bluetooth Low Energy (BLE) – not the NFC version… Read More
Google+ bug exposes non-public profile data for 52 million users Two months after disclosing an error that exposed the private profile data of almost 500,000 Google+ users, Google on Monday revealed a new leak that affects more than 52 million people. The programming interface bug allowed developers to access names, ages, email addresses, occupations, and a wealth of other personal details even when they were… Read More
Malicious sites abuse 11-year-old Firefox bug that Mozilla failed to fix This wouldn’t be a big deal, as the web is fraught with this kind of malicious sites, but these websites aren’t abusing some new never-before-seen trick, but a Firefox bug that Mozilla engineers appear to have failed to fix in the 11 years ever since it was first reported back in April 2007. The bug… Read More
The biggest crypto programming errors of all time One small crypto programming error can lead to millions in lost funds. As you are about to learn, a bug in your code can equal disaster on the blockchain. These far-reaching consequences are all the more reason to make your project open-source. Open-source projects gain added security because of the large number of developers checking… Read More
X.org bug that gives attackers root bites OpenBSD and other big-name OSes Several big-name Linux and BSD operating systems are vulnerable to an exploit that gives untrusted users powerful root privileges. The critical flaw in the X.org server—the open-source implementation of the X11 system that helps manage graphics displays—affects OpenBSD, widely considered to be among the most secure OSes. It also impacts some versions of the Red… Read More
Bitcoin Core Developers kept a critical DoS bug, a secret; releases fix Earlier this week, a bug was found in the Bitcoin’s core code base. Developers got in the rush, and finally released a fix on Tuesday. The bug turned out to be Denial of Service bug (DoS). Furthermore, if anyone exploited the vulnerability, this could be used to disconnect nodes, or even crash a whole segment… Read More
A perspective from the Bitcoin Cash and Bitcoin Unlimited developer who discovered CVE-2018–17144 Six hundred microseconds. That is about the time that Matt Corallo wanted to shave off of block validation with his pull request in 2016 to Bitcoin Core. 600µs is a lot less than what is saved with more efficient block propagation, like XThin, Compact Blocks, or now Graphene over typical links, especially those that are… Read More
Critical Bug Found in Bitcoin Core Invokes the Multiple Client Argument Over the last 24 hours, the cryptocurrency community has been discussing a critical vulnerability that was found in the Bitcoin Core (BTC) reference client. A bug introduced in Bitcoin Core version 0.14, that also affects all subsequent versions, could have caused a great majority of current Core nodes to crash. According to the developer’s Optech… Read More