"The numbers speak for themselves."
Links to the best articles, videos and podcasts about Security in the crypto space.
"Understanding the concept of owning Bitcoin or other cryptocurrencies can be a challenge in the beginning. These are purely digital assets and the ownership is defined by holding a secret — the private key — to access them."
"A SIM swap is a low-cost, nontechnical way for attackers to gain control of a victim’s wireless phone account. To pull off an attack, a hacker needs to know how mobile wireless carriers authenticate identity and some portion of information about their victim. Often, this only requires a victim’s phone number."
"Unfortunately, it’s ignoring the easy stuff that causes the most loss. The biggest threat to personally owned coins is the threat of impersonation and the dozens of ways attackers use impersonation to steal funds."
"We don’t talk enough about the passphrase feature, to be honest. It’s one of those things that some people are either always using or never using."
"This article addresses the Read Protection (RDP) Downgrade attack discovered in both Trezor One and Trezor Model T by the Kraken Security Labs researchers on 30 October 2019."
"In this work we present CacheOut, a new microarchitectural attack that is capable of bypassing Intel’s buffer overwrite countermeasures."
"This post aims to analyze the security and scalability tug-of-war of blockchain sharding in an approachable way. The necessity of committee-based sharding is discussed, along with potential pitfalls and tradeoffs in the sharding design space."
"A look back at some of the crypto hacks, scams, and arrests that happened this past year."
"A dusting attack refers to a relatively new kind of malicious activity where hackers and scammers try and break the privacy of Bitcoin and cryptocurrency users by sending tiny amounts of coins to their personal wallets. The transactional activity of these wallets is then tracked down by the attackers, who perform a combined analysis of several addresses as an attempt to identify the person or company behind each wallet."
"Thanks to superior strains of malware, 90% of ransom demands are now met—in bitcoin, the hackers’ currency of choice. Ransomware celebrates its 30th birthday."
"Thanks to Ariel Gabizon and Zac Williamson for collaborating on the post, and the authors of Marlin 9 for highlighting the attack and its importance."
"Insights on quantum computing, its potential risk for Ethereum, and the efforts underway to standardize quantum-resistant public-key cryptographic algorithms."
"According to the website researching account breaches, Have I Been Pwned, there are over 8.5 billion compromised user accounts. As if that weren’t enough, The Kaspersky Labs reported an increase in phishing attempts by 21% just in the second quarter of 2019, and the amount of phishing attempts is predicted to increase even more in the upcoming years."
"As more and more scams befall the industry, most recently on dating app Tinder, Decrypt looks into several ways to protect your precious crypto."
"TL;DR: Mimblewimble privacy is not “fundamentally flawed”. The described “attack” on Mimblewimble/Grin is a misunderstanding of a known limitation. While the article provides some interesting numbers on network analysis, the results presented do not actually constitute an attack, nor do they back up the sensationalized claims made."
"TL;DR: Mimblewimble’s privacy is fundamentally flawed. Using only $60/week of AWS spend, I was able to uncover the exact addresses of senders and recipients for 96% Grin transactions in real time."
"Researchers finally seem to have a quantum computer that can outperform a classical computer. But what does that really mean?"