Aspen (ASPD), the security token representing fractional ownership in the St. Regis Aspen Resort — a five-star 179-room hotel in Colorado, has commenced trading on the tZERO alternative trading system. The news marks the first Tezos (XTZ)-based security token to be listed on a regulated platform. ASPD is just the third token listed on tZERO, and is the first third-party platform supported by the exchange. Saum Noursalehi, tZERO’s CEO, stated he is “thrilled to see the St. Regis Aspen digital security trading on the tZERO platform.” “Digitizing and trading private securities like Aspen will be the future model that will …

Andre Cronje, the creator of Yearn.Finance, has recently made security audits of his project publicly available. He explained to Cointelegraph that he had been previously withholding these audits, which were completed months ago, so as to not give users a false sense of security: I always refused to publish the audits because I don't want people to get a false sense of security because of them. Yesterday, Cronje published five audits on the project's GitHub repository. The audits were performed between February and July by leading auditors, such as Certik and Quantstamp. Some of the vulnerabilities that were discovered are …

Ethereum Classic (ETC) accelerator Ethereum Classic Labs announced a plan to protect the blockchain from further attacks. On Aug. 19 the organization proposed taking immediate action in implementing long-term changes to the network architecture over the next three to six months. The accelerator decided to focus their efforts on improving the network’s security after recent attacks on the blockchain. The immediate measures proposed by Ethereum Classic Labs include a “defensive mining” cooperation with mining pools and miners to maintain a consistent hashrate and gain the ability to increase it when needed. A higher hashrate would render a 51% attack against …

The now notorious project, Yam.Finance, was launched without a proper code audit just like many other projects in the space. Richard Ma, the CEO of blockchain security company Quantstamp, told Cointelegrpah that many DeFi projects are launched unaudited in order to capitalize on reverse psychology: “Not having an audit is currently seen as a good way to use reverse-psychology to do marketing.” He added, “It creates the perception that these projects are so in-demand, and that you're getting in on it at the ground floor, before other people have heard of it.” According to Ma, many popular projects like Yearn …

Santander, the large scale Spanish bank and one of Ripple’s major partners, is still hesitant to adopt XRP as part of its international payment network, One Pay FX. The company reasoned that the token “was not actively traded in enough markets” to support the company’s banking needs. During an interview with the Financial Times, Cedric Menager, chief executive officer of One Pay FX, explained that Santander wants to provide the “best [user experience] as quickly as possible.” He also said that the bank hopes to “operate in as many currencies and corridors as possible from the beginning.” Ripple clarified that …

A bug in the hastily-developed contracts for Yam Finance resulted in the governance contracts being “permanently broken” and $750,000 worth of Curve tokens locked from use. Andre Cronje, DeFi developer and founder of the yEarn protocol, told Cointelegraph that this resulted from a bugged rebase function. Yam is supposed to be a stablecoin with a similar mechanism to Ampleforth, with the contracts creating or destroying supply based on the token’s price to maintain a $1 peg. Cronje said that a bug in the rebase function meant that each call after the first one would “exponentially increase [supply] every time by …

In February, United States Securities and Exchange Commission Commissioner Hester Peirce was asked to give her opinion on the SEC’s case against Telegram. She declined to comment at the time, as SEC officials do not speak publicly about ongoing enforcement actions. In late July, however, with the Telegram case settled, Commissioner Peirce gave a speech titled “Not Braking and Breaking” that pointedly questioned the approach taken by the SEC in the Telegram case. Concluding her remarks, Commissioner Peirce asked: “Who did we protect by bringing this action? The initial purchasers, who were accredited investors? The members of the public, many …

Researchers at the Black Hat security conference revealed that crypto exchanges might be vulnerable to hackers. Although crypto exchanges have high privacy and security to protect their funds, researchers still found three ways hackers can attack these crypto exchanges, according to Wired on August 9. The crypto exchange attacks were operating more like “an old-timey bank vault with six keys that all have to turn at the same time,” the report said. Cryptocurrency private keys were broken into smaller pieces. It means an attacker has to find them together before stealing funds. Aumasson, a cryptographer, and Omer Shlomovits, cofounder of …

In a Core Devs meeting on Friday, Ethereum (ETH) developers discussed potential measures that could be taken to prevent successful 51% attacks from occurring. The discussion was inspired by this week’s 51% attacks on Ethereum Classic (ETC) — a network that represents the original state of Ethereum where the consequences of the DAO hack in 2016 were not reverted. The original attack, which occurred between July 31 and Aug. 1, was revealed to be a carefully orchestrated attempt at a double-spend that netted over $5 million in ETC to the attacker for a $200,000 investment in hashpower. During the call, …

Ethereum Classic (ETC) has suffered a second 51% attack in less than one week, bringing the ongoing security of the network into question. On Aug. 6, Etherchain.org tweeted that its affiliated mining pool Ethermine had disabled ETC pool payouts after more than 4,000 blocks had been reorganized in the latest attack on Ethereum Classic. It is not known if it is the same issue or a copycat attack inspired by the first attack. ETC’s security called into question In response to the increasing velocity of 51% attacks targeting Ethereum Classic, Ethereum co-founder Vitalik Buterin tweeted: “ETC should just switch to …

Scott Melker, also known as the "Wolf of All Streets," says he was the victim of a SIM swap attack in February but managed to avoid losing any crypto assets. In a Aug. 4 post on Melker’s website titled Security Tips And Lessons Learned From My Hack, the trader said he was able to protect access to his bank accounts, credit cards, and crypto exchanges after a hacker assumed his identity by tricking his phone carrier and diverted Melker’s communications to the hacker’s phone. According to Melker, the hacker had access to his number and text messages — which would …

The Ethereum Foundation will be building a dedicated security team for Ethereum 2.0 to study any potential cybersecurity and crypto-economic issues in the next generation of the Ethereum network. Justin Drake, an Eth 2.0 researcher at the foundation, announced the start of the recruitment process on his Twitter feed. The foundation is looking to hire a variety of security and auditing professionals, both for the software and the general model of the upcoming upgrade. Among the potential team’s tasks will be “fuzzing, bounty hunting, pager duty,” which directly relates to software security management. Ethereum client developers have already engaged in …