A Redditor has issued a warning to “overconfident” HODLers after losing the password to their crypto wallet by not acting cautiously enough. A Bitcoiner with the username Onnar posted they had lost access to 2.6 Bitcoin (BTC) — roughly $96,400 at the time of publication — while attempting to transfer a wallet to a new computer purchased over the holidays. The user claimed to have formatted the drive of their old system without double checking whether the password manager still contained the password needed to access the private keys. “I go to my password manager to grab it and... it’s …

The hacker that breached hardware wallet provider Ledger’s marketing database earlier this year has released personal data for thousands of users, prompting many to threaten the firm with a class-action lawsuit. According to a tweet from network security firm Hudson Rock's Alon Gal, a hacker allegedly behind the breach of personal data from hardware wallet Ledger in June has made all the information they obtained available online. This reportedly includes 1,075,382 email addresses from users subscribed to the Ledger newsletter, and 272,853 hardware wallet orders with information including email addresses, physical addresses, and phone numbers. ALERT: Threat actor just dumped …

An open-source blockchain protocol called the Secret Network is now offering privacy features for the Ethereum blockchain and 14 ERC-20 tokens. According to a Secret Network blog post, the protocol launched its Secret Ethereum Bridge on the mainnet today, which is designed to allow Ether (ETH) and all ERC-20 token holders to create programmable versions of their assets with privacy features. The Secret Network compared these “secret” tokens to privacy coins like Monero (XMR): "Secret Tokens combine the programmability of ERC-20s with the privacy of coins like Zcash or Monero. Interactions with Secret Token contracts are encrypted, viewable only to …

As internet banking comes of age, so too do new ways of stealing funds. That makes cybersecurity central to modern banking, according to David Leach, JPMorgan Chase’s Asia-Pacific head of cybersecurity and technology controls. "It’s a competitive disadvantage not to have a robust cybersecurity capability that you can demonstrate,” Leach said during a BlockShow conference panel on Tuesday. Before the internet took over, customers mainly asked about banking and financial entities’ services, not about their security, according to panel moderator, Nasir Zubairi, CEO of the Luxembourg House of Financial Technology. Zubairi also holds experience in the banking industry. Leach said …

Daniel Springer, the chief executive officers at electronic signature technology company DocuSign, says the firm isn’t likely to incorporate additional blockchain technology anytime soon as current infrastructure is far cheaper. In a Quartz report published yesterday, Springer said the San Francisco-based DocuSign’s 2018 integration of the Ethereum blockchain involved the use of smart contracts with the firm’s e-signature and transaction management service. According to the CEO, this system resulted in agreements costing roughly $1 each, compared to the usual $0.07 per agreement under DocuSign’s standard encryption measures. In other words, using blockchain ended up 13X the cost. Springer said: “To …

Many crypto owners fall prey to common crypto theft schemes, including phishing traps. How can the average crypto user identify and avoid these attacks to prevent the potential loss of funds? Know the source Phishing emails are sometimes successful in their attempts to trick users into downloading programs, clicking on something they shouldn’t, or just linking them to a page where they can enter personal information like their seed phrase. In July, hardware wallet Ledger reported a data breach that affected the personal data of many of its users, some of whom continue to be the target of phishing attacks. …

Security company CertiK announced on Thursday the launch of QuickScan, an automated tool for scanning smart contracts for vulnerabilities. While it will not be a stand-alone tool, the suite is set to improve the analysis performed by the security oracles of CertiK Chain (CTK). QuickScan checks deployed smart contracts against a database of known vulnerabilities, using static and dynamic analysis techniques that check the bytecode, source code and access parameters for each smart contract. Daryl Hok, chief operating officer of CertiK, said that a smart contract analysis can be finished in less than an hour. The system assigns security scores …

One often hears blockchain in the same breath as security and supply chains. This week, a winning entry to a competition organized by the United States Department of Defense cast both these aspects in a new light. To keep pace with the ever-more technologized battlelines of contemporary warfare, the DoD continues to explore ways to innovate the manufacturing process and supply chain for weaponry and infrastructure in use by the U.S. Air Force and U.S. Navy. The Advanced Manufacturing Olympics, held virtually this year on Oct. 20–23, sought to recruit traditional DoD contractors, technology developers and academics to mobilize new …

A recent report from Cer Live, a crypto exchange ranking platform, indicated that 14 of the top 25 decentralized exchanges, or DEXs, scored poorly in terms of cybersecurity. The report looked at a variety of unique problems that most DEXs face, including fake token listings, the prevalence of slippage, delays in transaction confirmation, and a lack of data about listed trading pairs. They also looked at whether each exchange had undergone security audits, offered bounties to incentivize the public discovery of bugs, ensured adequate end-to-end security, and more. The assessment then allocated a score ranging between 1 - 10 based …

CertiK, a software security company active in the blockchain sector, announced the mainnet release of its own custom blockchain, the CertiK Chain. The new blockchain places a heavy focus on security, turning the previously static process of analyzing smart contracts into a real-time safeguarding system. Professor Ronghui Gu, the CEO of CertiK, said, “Gone are the days of reliance on off-chain security analysis, static security audit reports, and unnecessary loss of time and money.” The CertiK Chain is “setting a new industry standard in blockchain security protocols,” he added. The blockchain features a custom programming language called DeepSEA, which is …

Paxful, a peer-to-peer cryptocurrency marketplace, has successfully defended against a number of serious threats, including 220,000 bot attacks and a variety of social engineering ploys — all in the span of two months. During the same time period, hackers managed to steal around $200 million worth of cryptocurrency from the KuCoin exchange, and another unconnected attack saw $5.4 million stolen from Eterbase. Paxful said that its alleged attackers attempted to use automated bots to brute force their way into accounts belonging to the project's users: “Bots, which are reported to generate about a quarter of global Web traffic, are de …

The New York Department of Financial Services, or NYDFS, has released a lengthy report analyzing the impact of July’s high-profile Twitter hack, which resulted in the theft of over $118,000 worth of Bitcoin (BTC). Far beyond the immediate material impact, the NYDFS states that the incident exposed deep cybersecurity weaknesses of a publicly-traded social media company valued at $37 billion and counting over 330 million active monthly users. The discovery has serious consequences in light of the platform’s ever-expanding influence on both financial markets and the political sphere. Two key sections of the NYFDS report, published on Oct. 14, tackle …