Thoughts on the XZ Utils Backdoor
The open-source community narrowly avoided a major security crisis with the discovery of a critical vulnerability (CVE-2024-3094) and backdoor that was discovered in XZ Utils, a data compression library used by many Linux distributions. XZ Utils provides a collection of command-line tools and libraries for lossless data compression using the LZMA algorithm. The most prominent […]
Crypto King Sentenced: FTX scandal leads to accountability
FTX, once a leading cryptocurrency exchange, crumbled in November 2022 after a massive fraud orchestrated by its founder, Sam Bankman-Fried (SBF). SBF diverted billions of dollars in customer funds for personal use, risky investments, and political donations. The house of cards began to topple when reports surfaced about FTX’s close ties to Alameda Research, a […]
UN Investigating 58 crypto heists linked to North Korea’s Cyberattacks
A United Nations panel is investigating a series of cyberattacks allegedly conducted by North Korea. The report, released in March 2024, details how these attacks, carried out between 2017 and 2023, netted an estimated $3 billion for the regime. From the UN report: The Panel is investigating 58 suspected cyberattacks by the Democratic People’s Republic […]
Tor releases WebTunnel to bypass censorship by mimicking HTTPS traffic
Roger Dingledine presented a talk at the 37th Chaos Communication Congress about the challenges of web censorship and the censorship attempts that countries including Russia, Iran and Turkenistan have attempted. Tor effectively has an technological arms race with these censors as they race to build new ways of bypassing network censorship in adversarial countries. One […]
CISA takes down 2 systems after Ivanti compromise
The Cybersecurity and Infrastructure Security Agency (CISA) confirmed a cyberattack in February that exploited vulnerabilities in Ivanti software used by the agency. While CISA declined to disclose details about the attackers or data accessed, the compromised systems reportedly included critical infrastructure data. CISA acknowledged the incident but offered limited information. They confirmed taking two systems […]
US looses $12.5 Billion to online fraud in 2023
Americans lost a staggering $12.5 billion to online fraud in 2023, according to the FBI’s annual Internet Crime Complaint Center (IC3) report. This alarming figure represents a 22% increase compared to 2022, highlighting the growing threat of cybercrime in the United States. Investment scams topped the list of most costly frauds, with reported losses exceeding […]
US takes down Chinese Volt Typhoon Infrastructure
The US government took action against a large-scale Chinese hacking campaign that targeted internet-connected devices. This hacking group, known as Volt Typhoon, aimed to compromise critical infrastructure including utilities and internet service providers. The US Justice Department and FBI worked together to disrupt aspects of the hacking campaign. This decision stemmed from growing concerns about […]
Russian Internet Outage due to DNSSEC Glitch affecting .ru TLD
Russia experienced a widespread internet outage on Tuesday, affecting access to major websites including Yandex search, VKontakte social media, Sberbank online banking, and news outlets. The outage lasted for nearly four hours and primarily impacted users in Moscow, St. Petersburg, and other major cities. While initial concerns centered on government intervention, the cause was attributed […]
ICANN Proposes a dedicated .internal TLD for internal networks
The organization that governs domain names on the internet, ICANN (Internet Corporation for Assigned Names and Numbers), is proposing a new type of top level domain (TLD) specifically designed for internal use within organizations. Unlike the familiar .com or .org suffixes, this new TLD, called “.INTERNAL,” would never be accessible from the public internet, similar […]
Jenkins vulnerability leaves 45 000 publicly exposed servers at risk
A critical vulnerability discovered in Jenkins, a popular open-source automation server widely used for building, testing, and deploying applications, has sent shudders through the developer community. This flaw, identified as CVE-2024-23897, allows attackers to potentially gain unauthorized access to sensitive information on Jenkins servers. The vulnerability lies within Jenkins’ built-in command line interface (CLI). Specifically, […]