Colleagues, decentralized autonomous organization (aka
“Dark
DAO”) is a clear and present danger to the integrity of Blockchain voting. In
an effort to formalize software decision-making process using smart contracts,
Blockchain initiatives such as Decred, Tron, Polkadot, Tezos and EOS have
used this technique to manage the governance of their code. Dark DAO strategies seek to manipulate the voting
process. Low voter turnout gives Dark DAO cyber criminals the upper hand by
allowing them to control the decision-making process. Bottom line: Dark DAO
places power in the hands of the few which then seek to dominate voter
participation. Thus, not only does Dark DAO effect Blockchains, but potentially undermines
the cryptocurrencies on which they are based. Mitigation strategies appear
questionable at best. More to come on this crucial subject. Share your assessment while visiting us today! Lawrence – Cyber Security Defender
(https://cybersecuritydefender.blogspot.com/)
Our mission is to provide world-class cybersecurity Training and Certification programs to individuals and businesses globally.
Friday, July 20, 2018
Thursday, July 19, 2018
Has Cryptojacking become the method of choice among cyber criminals?
Colleagues, some 32%
of cyber-attacks as of mid-2018 are attributable to crypto mining malware
as compared to only 7% of attacks coming from more traditional ransomware.
These figures come from SkyBox
Security’s 2018 Mid-Year Vulnerability Threat Report. Some analysts believe
this shift is due to 1) The dramatic increase in global crypto mining activity,
and 2) A trend for victims of ransomware attacks to simply refuse to pay the
price – financial or other – demanded by the attacks. Some 21% of cryptojacking
attacks are due to the cyber criminals targeting Cisco routers, including the VPNFilter,
ASA and Smart Install. How can the top tier mining companies such as Bitmain, Hut
8, Bitfury Mines, Genesis Mining Enigma, Bcause LLC and GigaWatt mitigate this pervasive
threat? Start by closely implementing any and all patches - and related tactics
- from the Cisco
Security Advisories (or other router vendors such as Juniper and Huawei). Share your
assessment while visiting us today! Lawrence – Cyber
Security Defender (https://cryptocurrencyacademy.blogspot.com/)
Monday, July 16, 2018
Russians Indicted in Spear Phishing Attack on US DNC
Colleagues, last Friday Robert
Mueller filed charges against Russian hackers tied to cyberattacks on the Democratic National Committee. Assistant Attorney General announced
the indictment last Friday (read the
full text here). The indictments, were announced by US
Deputy Attorney General Rod Rosenstein during a Justice Department press
conference on Friday morning. The twelve Russians
defendants are a part of Russia's military Intel agency known as the GRU. These so-called "active measures," secret tools of statecraft and Russian is the
chief offender. More precisely, the Russians used spear-phishing techniques
against unwitting DNC staff as designed and delivered by well-known Russian
cyber warfare entity FancyBear. Bottom
line: Despite the domestic overtones, the US needs to mount an unprecedented
offensive cyber initiative to neutralize and then dismantle Russia’s cyber
infrastructure. With the US mid-term elections just months away, such actions
are long overdue and the US must make an asymmetric, prolonged offensive
against Russia. The sovereignty of the US
Constitution and our electoral
process lies in the balance. Share your
assessment while visiting us today! Lawrence – Cyber
Security Defender (https://cryptocurrencyacademy.blogspot.com/)
Wednesday, July 11, 2018
Do Blockchain Firewalls Represent the Next Generation of Internet Security?
Colleagues, amid the fanfare of R3’s recent launch of the first Blockchain-based
firewall the fundamental question is
whether Corda
Enterprise does in fact represent a new era
of improved network and Internet security? Corda states it is able to limit communication between
Blockchain nodes operating in different environments, and with different
informational needs from their network. in any Blockchain architecture each
node uses point-to-point messaging to communicate with other peer nodes. It
would be naïve to deploy the Blockchain node in the DMZ with a public IP address. By targeting specific nodes, an attacker can influence how
consensuses are reached and possibly even halt the Blockchain operation. To
provide additional security to the Blockchain nodes. One technique is to filter
network traffic, thus implementing a firewall for Blockchain applications. Cisco projects they can provide access control functionality which
can effectively mitigate flooding attacks from multiple sources at
simultaneously. Share your assessment while visiting us
today! Lawrence – Cyber
Security Defender (https://cryptocurrencyacademy.blogspot.com/)
Friday, July 6, 2018
Are We Approaching an Era Where Cryptocurrency Transactions Can Increasing Be Tracked?
Colleagues, money laundering, illicit
drug transactions and nation-states seeking to side-step trade sanctions have all
sought refuge via the use of cryptocurrencies. However, the emerging crypto
world order may in fact be an era in which such transactions can in fact be
tracked. The cyber security struggle between good and evil is playing out
before our eyes as central banks (e.g. US
Federal Reserve) and
regulatory entities (e.g. the US SEC) seek the upper hand against crypto cyber criminals. Firms such
as CipherTrace, Chainanalysis and Bitfury are introducing tools designed to gain
insight into crypto transactions. Bottom line question: Which side of the
crypto privacy vs. transparency ecosystem will succeed? The Cryptocurrency
Academy predicts that
not unlike other cybercrime and warfare, this will be a long-term dilemma
whereby each side develops new technologies and tactics that the other will
thwart or mitigate. Share your assessment while visiting us
today! Lawrence – Cyber
Security Defender (https://cybersecuritydefender.blogspot.com/)
Tuesday, July 3, 2018
Can a $2m Incentive Help Buglab Enhance Cryptocurrency Exchange Security?
Colleagues, the Coincheck, Bitgrail, Coinsecure and Coinrail cryptocurrency exchanges have all fallen
victim to cybercrime thefts in 2018 alone. So what can be done to increase
exchange security and bolster both crypto trader and investor confidence? Well,
our friends at Buglab holding a hacking
contest to uncover vulnerabilities in their platforms with a $2m BGL token
prize. They are an Ethereum-based platform which helps exchanges around the
globe resolve security weaknesses in digital solutions such as web apps, DAPPS,
smart contracts and IoT. Major software and IT vendors such as Google, Apple
and Microsoft commonly hold such security bake-offs to stress-test the
integrity of their solutions. Crypto exchanges are often believed to be the
weakest link in the emerging cryptocurrency ecosystem. The key question is
which bugs can be identified combined with strong mitigation techniques? Share your assessment while visiting us
today! Lawrence – Cyber
Security Defender (https://cybersecuritydefender.blogspot.com/)
Monday, July 2, 2018
Mitigating the Voracious PythonBot Adware Browser Extensions
Colleagues, the infamous PythonBot or PBot adware was
first identified in 2017, yet since then the malware has evolved and its
creators have been trying different money-making schemes to profit themselves
based upon research from security software vendor Kaspersky Labs. The PythonBot adware, aka MinerBlocker, then uses
this data with the intent of getting users to install various different types
of advertisement-supported programs or to cause browser redirects to websites
with the same topics the users are interested in. This technique is called behavioral
advertising. Both MalwareBytes Labs and UninstallandRemoveIt have issued detailed
mitigation procedures which we
highly recommend both individual and corporate computer users closely follow. Share your
assessment while visiting us today! Lawrence – Cyber
Security Defender (https://cryptocurrencyacademy.blogspot.com/)
Wednesday, June 27, 2018
Are Security Breaches Contributing to the Decline in Cryptocurrency Prices?
Colleagues, any security analyst knows
that cyber criminals will target the weakest point in network or system. This
principle is being validated over and over again by successful cyber-attacks on
the cryptocurrency ecosystem. ICOs, mining farms, wallets, exchanges and crypto
ATMs each have varying levels of vulnerability. The recent crypto heist of some
$31.5m according to CCN from the South Korea-based Bithumb
exchange is simply the latest example. The Korea Internet & Security Agency
[KISA] along with the Ministry of Science and Technology (MIC) are investigating
the world’s sixth largest cryptocurrency exchange. Bottom line: The
Cryptocurrency Academy believes that the ongoing number of cyber-attacks
against the global cryptocurrency ecosystem are “in part” a contributing factor
to the decline in asset prices. Moreover, if BTC and Altcoins are to cross the
chasm from early adopters to the mass markets these security flaws need to be
greatly reduced in order to boost investor confidence. Share a comment
visit us today! Lawrence – Cryptocurrency
Academy (https://cryptocurrencyacademy.blogspot.com/)
Monday, June 18, 2018
What are the most effective mitigation strategies for watering hole attacks?
Colleagues, cyber criminals believed to
be of Chinese origin recently gained access to a range of government resources in Central
Asia. This attack was based upon by inserting malicious scripts in the target
country’s websites in order to conduct watering hole attacks. Such attacks seek security exploits in which
the attacker attempts to corrupt a specific group of end users by infecting websites
that a pool of users are known to visit. The goal is to infect a targeted
user's computer and gain access to the network at the target's place of
employment. Officials attribute the attack to
LuckyMouse, a Chinese-speaking
actor (aka APT27 and EmissaryPanda). Some of the more
effective mitigation efforts include the use of micro visualization, whitelisting
risky web content, deploying Malwarebytes, install up-to-date
operating systems and loading all available patches for known vulnerabilities. Share your assessment while visiting us
today! Lawrence – Cyber
Security Defender (https://cybersecuritydefender.blogspot.com/)
Friday, June 15, 2018
Cryptocurrencies: An Ever-Increasing Target for Cyber Crime – The Monero 5% Heist is the Latest Example
Colleagues,
Monero is by no means a tier 1
cryptocurrency. According to Satoshi Pulse it ranks 14th in
cryptocurrency market cap worldwide. However, the recent theft of some 5% of
the currency’s value at the hands of so-called “malicious miners” once again exposes the
vulnerabilities cryptocurrencies need to resolve. Key cybercrime targets in the
cryptocurrency world include ICO, mining, exchanges, wallets and the underlying
Blockchain. Cyber criminals undoubtedly will probe very component of the crypto
ecosystem to find the weakest links. Now that we have entered the era of
quantum computing-based cybercrime security is of tantamount
importance to the mass adoption of cryptocurrencies. Post a comment and visit us today! Lawrence, Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com)
Subscribe to:
Posts (Atom)