South Korea Blames North Korean Hackers For Stealing Bitcoin

By Waqas North Korean State-Sponsored Hackers Attacked Four Virtual Currency Exchanges in This is a post from HackRead.com Read the original post: South Korea Blames North Korean Hackers For Stealing Bitcoin...

Why Is North Korea So Interested in Bitcoin?

In 2016 we began observing actors we believe to be North Korean utilizing their intrusion capabilities to conduct cyber crime, targeting banks and the global financial system. This marked a departure from previously observed activity of North Korean actors employing cyber espionage for traditiona...

Why Is North Korea So Interested in Bitcoin?

In 2016 we began observing actors we believe to be North Korean utilizing their intrusion capabilities to conduct cyber crime, targeting banks and the global financial system. This marked a departure from previously observed activity of North Korean actors employing cyber espionage for traditiona...

A Typo in Zerocoin's Source Code helped Hackers Steal ZCoins worth $585,000

Are you a programmer? If yes, then you would know the actual pain of... "forgetting a semicolon," the hide and seek champion since 1958. Typos annoy everyone. Remember how a hacker's typo stopped the biggest bank heist in the history, saved $1 billion of Bangladesh bank from getting stolen. But...

Zcash Spurs Rash of Malicious Mining Software

Cybercriminals are targeting computers with malicious mining software thanks in part to the appeal of a new cryptocurrency called Zcash that claims to cloak the sender, the recipient and value of transactions. That type of anonymity is not afforded by Bitcoin and is sought after by crooks, said...

Debian DLA-361-1 : bouncycastle security update

The Bouncy Castle Java library before 1.51 does not validate that a point is within the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman ECDH key exchanges, aka an 'invalid curve attack.' For Debian 6 'Squeeze'...

CVE-2015-7940

The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman ECDH key exchanges, aka an "invalid curve attack."...

Information disclosure

The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman ECDH key exchanges, aka an "invalid curve attack."...

CVE-2015-7940

The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman ECDH key exchanges, aka an "invalid curve attack."...

Ubuntu 14.04 LTS : OpenSSL vulnerabilities (USN-2459-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2459-1 advisory. Pieter Wuille discovered that OpenSSL incorrectly handled Bignum squaring. CVE-2014-3570 Markus Stenberg discovered that OpenSSL incorrectly handled...

USN-2459-1: OpenSSL vulnerabilities

Pieter Wuille discovered that OpenSSL incorrectly handled Bignum squaring. CVE-2014-3570 Markus Stenberg discovered that OpenSSL incorrectly handled certain crafted DTLS messages. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. CVE-2014-3571...

Debian DSA-2994-1 : nss - security update

Several vulnerabilities have been discovered in nss, the Mozilla Network Security Service library : - CVE-2013-1741 Runaway memset in certificate parsing on 64-bit computers leading to a crash by attempting to write 4Gb of nulls. - CVE-2013-5606 Certificate validation with the verifylog mode did...

DSA-2994-1 nss - security update

Bulletin has no description...

Debian Security Advisory DSA 2994-1 (nss - security update)

Several vulnerabilities have been discovered in nss, the Mozilla Network Security Service library: CVE-2013-1741 Runaway memset in certificate parsing on 64-bit computers leading to a crash by attempting to write 4Gb of nulls. CVE-2013-5606 Certificate validation with the verifylog mode did not...

Mastery OA 2011-2013 pass to kill GETSHELL-a vulnerability warning-the black bar safety net

Statement: This program applied to a lot of government agencies, educational institutions, as well as the large stream companiesChina Telecom, etc.! Please after reading this don't try to for any use of the program website destruction attack invasion, etc... I made this post purely technical...

Capexweb 1.1 - SQL Injection Vulnerability

No description provided by source. Exploit Title: Capexweb Sql Vulnerable Date: 15 Dec 2011 Author: D1rt3 Dud3 Google Dork: inurl:capexweb Gr33ts: Th3 RDX Version: 1.1 Description: Capexweb is Web based Backoffice client used by leading Stock Exchanges like Berkeley Gains, angle broking house etc...

SEC Roundtable

On Wednesday, I attended a roundtable discussion the Securities and Exchange Commission held to gather information on cybersecurity trends and potential disclosure requirements for regulated public companies and stock exchanges...

CVE-2014-1491

Mozilla Network Security Services NSS before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote...

Authentication flaw

Mozilla Network Security Services NSS before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote...

Firefox ESR 24.x < 24.3 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox ESR 24.x is earlier than 24.3 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2014-1477 - An error exists related to...