Audits
Services
DualDefense
Hacken Audit + Additional Crowdsourced Audit
Learn more
Services
DualDefense
Smart Contract Audit
Blockchain Protocol Audit
DORA Compliance
Virtual CISO
Penetration Testing
Cloud Penetration Testing
dApp Audit
Crypto Wallet Audit
Cross-Chain Bridge Audit
Bug Bounty
Proof of Reserves
CCSS Audit
Tokenomics Audit
Retainer
DualDefense
New Approach To Blockchain Security
Hacken Audit + Additional Crowdsourced Audit
2 in 1
Dual-layered protection
30-Day
Crowdsourced audit
Independent
HackenProof bug hunters
Learn more
Solutions
Post-deployment security solution
Hacken Extractor
Real-time smart contract protection from assets loss
Learn more
Solutions
Featured ecosystems:
Ethereum (EVM)
BSC
Polygon
Near
Avalanche
Fantom
Aptos
Sui
Optimism
zkSync
Arbitrum
Solana
Polkadot
Cosmos
Radix
Linea
MetaMask
Others
By Languages:
Solidity
Rust
Move
Blog
Company
Company
Community
Community
- $HAI

Friday News Digest #1

Friday News Digest #1

3 minutes

Friday is a great day to wrap up some of the biggest news in the cybersecurity world. Starting this week, we will be posting the top 5 most important news and research from the past week.

How Hackers Bled 118 Bitcoins Out of Covid Researchers in U.S.

Highly skilled hackers were able to plot a good ransomware attack on the University of California at San Francisco and received a payout of 118 bitcoins as a result. The university hired a professional negotiator who negotiated a lower amount of decryption for the system. Failure to use security testing services can result in huge losses, both financial and reputational.

Link here

New data from Microsoft shows how the pandemic is accelerating the digital transformation of cyber-security

The importance of cybersecurity in facilitating productive remote work was a significant catalyst for the two years-worth of digital transformation we observed in the first two months of the COVID-19 pandemic. In this era of ubiquitous computing, security solutions don’t just sniff out threats, they serve as control planes for improving productivity and collaboration by giving end-users easier access to more corporate resources. Microsoft recently concluded a survey of nearly 800 business leaders of companies of more than 500 employees in India (IN), Germany (DE), the United Kingdom (UK) and the United States (US) to better understand their views of the pandemic threat landscape, implications for budgets and staffing, and how they feel the pandemic could reshape the cyber-security long-term.

Among the key insights are data showing that an alarming number of businesses are still impacted by phishing scams, security budgets, and hiring increased in response to COVID-19, and cloud-based technologies and architectures like Zero Trust are significant areas of investment moving forward.

Link here

Former Uber Security Chief Charged Over Covering Up 2016 Data Breach

The federal prosecutors in the United States have charged Uber’s former chief security officer, Joe Sullivan, for covering up a massive data breach that the ride-hailing company suffered in 2016.

According to the press release published by the U.S. Department of Justice, Sullivan “took deliberate steps to conceal, deflect, and mislead the Federal Trade Commission about the breach” that also involved paying hackers $100,000 ransom to keep the incident secret.

The 2016 Uber’s data breach exposed names, email addresses, phone numbers of 57 million Uber riders and drivers, and driver license numbers of around 600,000 drivers.

The company revealed this information to the public almost a year later in 2017, immediately after Sullivan left his job at Uber in November.

Later it was reported that two hackers, Brandon Charles Glover of Florida and Vasile Mereacre of Toronto, were behind the incident to whom Sullivan approved paying money in exchange for promises to delete data of customers they had stolen.

Link here

Jack Daniel’s Manufacturer Was Target of Apparent Ransomware Attack

At the beginning of the week, news broke that the company, which produces the wildly popular Jack Daniel’s whiskey and Finlandia vodka, fell under the distribution of another extortionist. Ransomware groups have been very active in the past few months. Such giants as Garmin, Canon and others were attacked. Our RnD team anticipates that ransomware operators will expand their operations and we will see more and more attacks like this.

Link here

Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28

At DEFCON 28, researchers demonstrated several vulnerabilities in the Zoom app. These vulnerabilities allow an attacker to gain access to compromised systems. After the researcher personally reported the issues to the company, they released a fix and the Zoom app became more secure. This is a great example of how bug bounty helps large companies continually improve the safety of their products.

Link here