Confidential transactions have arrived, a dive into the AZTEC Protocol December 8, 2018 | sento | Leave a comment Transaction privacy is a fundamental requirement for many kinds of financial services, and the inability to provide this privacy has prevented Ethereum from providing compelling alternatives to traditional financial instruments. There are several blockchains and blockchain projects that use cryptographic techniques to provide this privacy, but this privacy is reserved for the ‘native’ cryptocurrency of… Read More
How Criminals Steal $37 Billion a Year from America’s Elderly December 8, 2018 | sento | Leave a comment Telephone pitchers, online scammers and even family members target the most vulnerable among us. And it’s about to get worse. Marjorie Jones trusted the man who called to tell her she’d won a sweepstakes prize, saying she could collect the winnings once she paid the taxes and fees. After she wired the first payment, he… Read More
Kubernetes’ first major security hole discovered December 4, 2018 | sento | Leave a comment Kubernetes has become the most popular cloud container orchestration system by far, so it was only a matter of time until its first major security hole was discovered. And the bug, CVE-2018-1002105, aka the Kubernetes privilege escalation flaw, is a doozy. It’s a CVSS 9.8 critical security hole. CVSS 9.8 critical security hole. With a… Read More
How I Dumped eBay Japan’s Website Source Code November 29, 2018 | sento | Leave a comment Today I wanna write about a finding I discovered during a research project where the aim was to find critical vulnerabilities in Alexa Top 1 Million websites. The main focus was to discover common configuration issues which do not require sophisticated exploits, which are easy to find and which can have a high impact on… Read More
The FBI Created a Fake FedEx Website to Unmask a Cybercriminal November 28, 2018 | sento | Leave a comment The FBI has started deploying its own hacking techniques to identify financially-driven cybercriminals, according to court documents unearthed by Motherboard. The news signals an expansion of the FBI’s use of tools usually reserved for cases such as child pornography and bomb threats. But it also ushers in a potential normalization of this technologically-driven approach, as… Read More
Why x86 won’t survive November 28, 2018 | sento | Leave a comment Why x86 won’tsurvivex86 is a micro-architecture created by Intel that has been around since 1978. It powers most laptops, and more than likely powers the one you’re using right now. It’s considered powerful, effective, and reliable… until a few months ago. A short history of leaks and exploits found in the x86 micro-architecture found in… Read More
Secret Service cracks down on credit card skimming at gas pumps nationwide November 24, 2018 | sento | Leave a comment Secret Service cracks down on credit card skimming at gas pumps nationwide The agency recovers about 20 to 30 skimmers a week, with the average skimmer having information from about 80 cards on it, according to one agent. The U.S. Secret Service said it is kicking off the holiday season with a nationwide initiative to… Read More
Google is tracking you. Even when you’re in Airplane Mode November 23, 2018 | sento | Leave a comment Google is tracking you. Even when you’re in Airplane Mode. It knows when you get out the car. When you’re walking. We now have proof.Google has been secretly tracking people against their wishes. The company has been collecting Android users’ location data, even when they’ve actively disabled location services. It’s an extremely concerning discovery, which… Read More
German eID Authentication Flaw Lets You Change Identity November 22, 2018 | sento | Leave a comment German identity cards issued since 2010 come with a radio frequency identification chip that stores information about the holder. This includes name, date of birth and a biometric picture. If the holder so chooses, it can also store their fingerprints. The new cards are machine-readable and can be used as travel documents in most countries… Read More
CDC: Outbreak of E. coli Infections Linked to Romaine Lettuce November 21, 2018 | sento | Leave a comment CDC is advising that U.S. consumers not eat any romaine lettuce, and retailers and restaurants not serve or sell any, until we learn more about the outbreak. This investigation is ongoing and the advice will be updated as more information is available. Consumers who have any type of romaine lettuce in their home should not… Read More