Audits
Services
Services
Smart Contract Audit
Blockchain Protocol Audit
Penetration Testing
dApp Audit
Crypto Wallet Audit
Cross-Chain Bridge Audit
Bug Bounty
Proof of Reserves
CCSS Audit
Tokenomics Audit & Design
Smart Contract Audit
Mitigate weaknesses in your smart contract and improve its functionality with a double line-to-line code analysis and a separate review by a lead auditor.
Blockchain Protocol Audit
Secure the entire architecture and implementation layers of your blockchain protocol with professional security audits and testing.
Penetration Testing
Proactively detect vulnerabilities in your Web3 project by subjecting your systems to a simulated cyberattack in a secure and controlled environment.
dApp Audit
Identify vulnerabilities in applications interacting with blockchain networks with secure code review and static security analysis.
Crypto Wallet Audit
Code review & static security analysis for crypto wallet apps.
Cross-Chain Bridge Audit
Code review & security analysis for cross-chain crypto bridges.
Bug Bounty
Receive only relevant bug reports or undergo crowdsourced penetration testing with the help of thousands of ethical hackers curated by HackenProof.
Proof of Reserves
Enhance transparency in crypto exchanges with independent on-chain proof of assets’ true collateralization.
CCSS Audit
Assess and strengthen your security practices, identify vulnerabilities, and safeguard valuable digital assets in the ever-evolving cryptocurrency landscape.
Tokenomics Audit & Design
Ensure your token model robustness and efficiency and convey trust to investors and community with our thorough, independent audit of protocol economic security.
Solutions
Post-deployment security solution
Hacken Extractor
Real-time smart contract protection from assets loss
Learn more
Solutions
Featured ecosystems:
Ethereum (EVM)
BSC
Polygon
Near
Avalanche
Fantom
Aptos
Sui
Optimism
zkSync
Arbitrum
Solana
Polkadot
Cosmos
Radix
Linea
MetaMask
Others
By Languages:
Solidity
Rust
Move
Blog
Company
Company

The window to exchange $HAI for Hacken Equity Shares ($HES) is now open > Claim your spot today

Weekly News Digest #36

Weekly News Digest #36

Share via:

The APT group hacked the local gov’t office. The FBI issued a special warning

According to the FBI release, the Fortigate appliance was exploited by the APT group and malicious actors could access the webserver hosting the U.S. municipal government domain. Hackers likely created an account with the username “elie” to continue committing malicious activities. However, the FBI did not disclose any details about the victim of this attack. Before the recent release, the FBI issued a series of warnings related to the possible exploitation of the Fortinet vulnerability by the APT group. By exploiting this vulnerability individual cybercriminals or nation-states can break into systems and carry out data exfiltration, data encryption, and other crimes.

All vulnerabilities mentioned in the warnings issued by the FBI are related to Fortinet operating system FortiOS, the Fortinet Security Fabric’s backbone. The threat analysis specialists at Digital Shadows Sean Nikkel notes that all these vulnerabilities are at least 1 year old and, thus, governments need to work better on improving patch management. Malicious actors simply benefit from enterprises’ failure to perform regular security audits and updates.

Details on the new Rowhammer vulnerability released by Google

The design of DRAM chips is exploited by the Rowhammer attack. Google dubbed the Rowhammer vulnerability “Half Double” and it is the evolution of the style of attack that was first reported 7 years ago in 2014. The Rowhammer attack is quite unusual since its algorithm provides for rapid and repeated access to data stored in one memory row on a RAM chip for changing data stored in other addresses on a chip by creating an electric charge.

The researchers have actively tried to identify various methods of using this technique to change data stored on RAM cards. Although initially it was considered that this attack could be carried out only by having physical access to the target, now researchers suggest that the Rowhammer attack can be performed remotely. The consequences of the attack may be serious since it can potentially enable the bypass of software and hardware memory protection policies. As a result, attacks can get full control of the system.

Attackers impersonate devices by exploiting Bluetooth bugs

The devices supporting Mesh and Bluetooth Core specifications are at risk. The exploitation of Bluetooth bugs can take place during pairing and may lead to man-in-the-middle attacks. These vulnerabilities enable impersonation attacks and AuthValue disclosures. Bluetooth Core and Mesh are separate specifications that are suitable for Internet-of-Things and low-energy devices. The vulnerabilities in question are tracked as CVE-2020-26558, CVE-2020-26555, CVE-2020-26560, CVE-2020-26557, CVE-2020-26556, and CVE-2020-26559.

According to the Android open source project, the issue has been assessed as high severity for Android OS. Android is actively working on issuing a patch for this vulnerability. To minimize the risks related to the exploitation of these vulnerabilities, it is of the greatest importance to accept the updates from operating system manufacturers as soon as they become available.

Three vulnerabilities detected in Trend Micro’s Home Network Security systems

The exploitation of the detected vulnerabilities can enable privilege escalation, authentication bypass, code execution, and denial of service. The all-in-one device the Home Network Security Station is used by consumers to scan for vulnerabilities for connected devices, control access settings for all devices connected to the network, and perform intrusion detection. Cisco Talos researchers discovered the two high-severity stack buffer overflows tracked as CVE-2021-32457 and CVE-2021-32458. The CVSS score of these bugs equals 7.8 out of 10. The researchers also identified one hardcoded password issue tracked as CVE-2021-32459, its CVSS score equals 4.9 out of 10.

The discovered stack buffer overflows would allow attackers who have succeeded in compromising the device to access the Station to change settings and permissions. The patches to address all three identified bugs have been already issued by the security vendor. The Trend Micro Home Network Security Stations version 6.1.567 and below are vulnerable and, thus, should be patched ASAP.

A zero-day flaw in macOS patched by Apple

Apple patched the zero-day flaw that could allow for sneaky screenshots. The bug could be exploited by malicious actors to take screenshots of users’ computers or capture different images of their activity such as during video conferences without their knowing. The vulnerability tracked as CVE-2021-30713 was discovered by researchers representing the enterprise security firm Jamf. Apple patched the bug in its latest macOS version Big Sur 11.4 that was released on Monday.

According to researchers, the vulnerability was used by XCSSET spyware. Apple has not provided detailed information on the vulnerability yet. The exploitation of the bug was enabled by the bypass of the Transparency Consent and Control (TCC) framework that is responsible for controlling what resources applications have access to. Thus, by exploiting the vulnerability hackers could gain Full Disk Access, Screen Recording, and other permissions.