18 matches found
Telegram Is Still Hosting a Sanctioned $21 Billion Crypto Scammer Black Market
The UK designated Xinbi Guarantee as an enabler of crypto scammers and human trafficking weeks ago. Telegram is still hosting it in plain sight...
Sanctioned Bulletproof Host Linked to Hijacking of Old Home Routers
Compromised home routers in 30+ countries had DNS traffic redirected, sending users to malicious sites while normal browsing appeared unaffected...
U.S. Sanctions Two Crypto Exchanges for Facilitating Cybercrime and Money Laundering
The U.S. government on Thursday sanctioned two cryptocurrency exchanges and unsealed an indictment against a Russian national for his alleged involvement in the operation of several money laundering services that were offered to cybercriminals. The virtual currency exchanges, Cryptex and PM2BTC,...
U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuse
The U.S. Department of State on Monday said it's taking steps to impose visa restrictions on 13 individuals who are allegedly involved in the development and sale of commercial spyware or who are immediately family members of those involved in such businesses. "These individuals have facilitated ...
Dictators Used Sandvine Tech to Censor the Internet. The US Finally Did Something About It
Canada-based Sandvine has long sold its web-monitoring tech to authoritarian regimes. This week, the US sanctioned the company, severely limiting its ability to do business with American firms...
DOJ Charges Binance With Vast Money-Laundering Scheme and Sanctions Violations
From Russia to Iran, the feds have charged Binance with conducting well over $1 billion in transactions with sanctioned countries and criminal actors...
Upgraded Q -> 2 from #481 [1700080840600]
Judge has assessed an item in Issue 481 as 2 risk. The relevant finding follows: A blocked/sanctioned account can still received interest --- The text was updated successfully, but these errors were encountered: All reactions...
OFAC sanctioned lender can frontrun nukeFromOrbit with a transfer of his funds
Lines of code Vulnerability details Impact In order to prevent a sanctioned lender for example by OFAC to poison an entire market, a function has been developed to block and transfer the sanctionned user's funds to an escrow contract. This escrow contract can be released if borrower decides so by...
Sanction Bypass Through Transferring to another account
Lines of code Vulnerability details Impact Wildcat protocol provides lending with lender backed collateral considered as reserves and the ratio must be upheld by the borrower. WildcatMarketTokens are provided to lenders in return for their base assets, these tokens are ERC20 meaning tokens can be...
Upgraded Q -> 2 from #506 [1695291399781]
Judge has assessed an item in Issue 506 as 2 risk. The relevant finding follows: L‑01 The admin wont be able to burn rUSDY if the address is blacklisted/sanctioned and not on the allowlist The burn function in rUSDY.sol allows the admin to seize rUSDY if the user is not legally allowed to own it...
U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks
In a first-of-its-kind coordinated action, the U.K. and U.S. governments on Thursday levied sanctions against seven Russian nationals for their affiliation to the TrickBot, Ryuk, and Conti cybercrime operation. The individuals designated under sanctions are Vitaly Kovalev aka Alex Konor, Bentley,...
Russia’s Ransomware Gangs Are Being Named and Shamed
Members of the Trickbot and Conti cybercrime gangs have been sanctioned in an unprecedented wave of action against the country’s hackers...
Admin should be able to refund or redeem the sanctioned users
Lines of code Vulnerability details Impact Sanctioned user's funds are locked Proof of Concept It is understood that the sanctioned users can not mint nor redeem because the functions requestMint and requestRedemption are protected by the modifier checkKYC. And it is also understood that the...
Restricted Trades Vulnerable to Stolen Items Being Traded
Lines of code Vulnerability details Impact The current contract does not check for stolen items. Traditionally, Opensea has frozen items that are stolen based on its stolen item policy. It was possible to do so on Opensea at the UI level. However, with Seaport, anyone can list a restricted trade...
North Korean Hackers Used 'Torisma' Spyware in Job Offers-based Attacks
A cyberespionage campaign aimed at aerospace and defense sectors in order to install data gathering implants on victims' machines for purposes of surveillance and data exfiltration may have been more sophisticated than previously thought. The attacks, which targeted IP-addresses belonging to...
Ransomware Payments and Sanctions - U.S. Treasury Advisory
On Oct. 1, the United States Treasury Department Office of Foreign Assets Control OFAC issued an advisory concerning ransomware payments and sanctions regulations. The advisory warned that paying ransoms to sanctioned persons and entities risks violating the law. It also notes that OFAC may impos...
Microsoft Zero Trust deployment guide for your applications
Introduction More likely than not, your organization is in the middle of a digital transformation characterized by increased adoption of cloud apps and increased demand for mobility. In the age of remote work, users expect to be able to connect to any resource, on any device, from anywhere in the...
NSA Develops New, Super-Secure Android Phone
The U.S. National Security Agency NSA released the specifications for a new, super-secure smartphone for use by government officials and based on Google’s widely-used Android operating system, inviting the public to make use of its research. The intelligence agency produced a limited run of about...