Lucene search
K

7 matches found

ThreatPost
ThreatPost
added 2018/09/05 5:3 p.m.11 views

The Vulnerability Disclosure Process: Still Broken

Despite huge progress in the vulnerability disclosure process, things remain broken when it comes to vendor-researcher relationships. Case in point: Last year when Leigh-Anne Galloway a cybersecurity resilience lead at Positive Technologies found a gaping hole in the Myspace website, she reported...

7.2AI score
Exploits0References19
HackRead
HackRead
added 2018/08/31 6:7 p.m.63 views

John McAfee backed Bitfi wallet pwned again

By Uzair Amir The presumably unhackable Bitfi wallet backed by John McAfee has released a statement announcing that the unhackable tag will be removed from their marketing materials. The step comes after the device’s security was compromised by a Twitter user under the name @spudowiar. The...

1.5AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/08/14 9:10 a.m.29 views

Hacking the Bitfi Part 5: MITM transactions

So what’s latest with the Bitfi unhackable/hackable crpto currency wallet? Bitfi release software version 89 over the weekend. Devices updated, so we had a look to see what had changed. First, they’ve tried to stop the passphrase and seed from being cached in memory and therefore trivially...

6.7AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/08/09 7:6 a.m.37 views

Bitfi research receives Pwnie Award for ‘lamest vendor response’

The Pwnie Awards is an annual celebration of the achievements of security researchers and the security community. It's also an opportunity to roast vendors for lame responses to security concerns. The ceremony took place last night, August 8th, 2018 in Las Vegas at the BlackHat USA security...

6.8AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/08/03 11:55 a.m.21 views

Hacking the Bitfi Part 3: The device with no storage

TL;DR? Here’s proof that the Bitfi has storage and that it’s been rooted. -The Bitfi boots at 20 seconds. We’re not disclosing the method yet, as there is plenty more work to be done here. If you’ve been keeping an eye on Twitter, no doubt you’ve seen the unravelling mess that is the security of...

7.2AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/08/02 2:11 p.m.28 views

Hacking the Bitfi. Part 2: John McAfee’s video

The unhackable Bitfi story isn't going away any time soon. Following John McAfee's tweet yesterday that he would put out a "definitive video countering all of the nonsense claims instigated and co-coordinated by BirFi's sic established, monolithic competitors in the hardware wallet space" here's ...

6.8AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2018/07/31 1:31 p.m.35 views

Hacking the Bitfi. Part 1

A large number of security researchers have taken exception to the ‘unhackable’ claims made by Bitfi and John McAfee about the security of their hardware cryptocurrency wallet. The $100K bounty offered appears to be something of sham, given it covers a very, very specific scenario. Bitfi states...

6.7AI score
Exploits0
Rows per page
Query Builder