Cybersecurity Financial News

Cryptocurrency infrastructure firm Fireblocks has identified and assisted in tackling what it describes as the first account abstraction vulnerability within the Ethereum ecosystem.

Blockchain privacy firm Nym Technologies has launched a $300 million funding program aimed at providing capital to projects building security-focused infrastructure.

Web3 security company Blockaid said it has emerged from stealth with $33 million in funding to protect users from fraud, phishing, and hacks. 

The United States Securities and Exchange Commission released its 2024 examination priorities report on Oct. 16. The agency’s Division of Examinations has been publishing similar reports for over a decade to let its registrants know the emerging risks it will be focusing on. Crypto dealer-brokers, among others, have been given notice.

The United States Space Force has temporarily banned its staff from using generative artificial tools while on duty to protect government data, according to reports.

The team behind the decentralized social media platform Friend.tech has added a new security feature amid attempts to stem a flood of SIM-swap attacks targeting its users.

South Korean cryptocurrency exchange Upbit has been targeted by hackers on more than 159,000 occasions in the first half of 2023, according to its operating firm.

Crypto and Web3 projects suffered a 153% increase in attack incidents from July to September 2023 compared to the same period in 2022, according to a report from blockchain security platform Immunefi. In Q3 2022, there were a total of 30 attack incidents. But in Q3 2023, this number swelled to 76. Nearly $686 million was lost in the recent quarter. 

The third quarter of 2023 has been the “most financially damaging” quarter of the year, with almost $700 million in digital assets lost to various security incidents, according to the quarterly report of blockchain security firm CertiK. 

North Korean hacking collective Lazarus Group has been using a new type of “sophisticated” malware as part of its fake employment scams — which researchers warn is far more challenging to detect than its predecessor.

The takeover of Fortress Trust by financial technology company Ripple on Sept. 8 involved more than just an acquisition deal. The transaction was accelerated by a security incident hours earlier involving a Fortress third-party analytics vendor, Ripple confirmed to Cointelegraph. 

The attack on crypto exchange CoinEx which drained at least $55 million was carried out by the North Korean hacker group Lazarus, according to blockchain security firm SlowMist and on-chain investigator ZachXBT. The hacker group was identified after they mistakenly connected their address to the recent Stake and Optimism hacks. 

On Sept. 12, crypto exchange CoinEx experienced abnormally large outflows to an address with no prior history, leading security experts to suspect the exchange was hacked. Blockchain security platform Cyvers Alerts has estimated the losses to be approximately $27 million.

With millions of dollars worth of assets being lost to phishing attacks after signing malicious permissions, the threat of losing crypto assets to questionable links is very real. When these are paired with platforms that allow hidden links, users are subjected to a different kind of risk.

With the field of artificial intelligence evolving at near breakneck speed, scammers now have access to tools that can help them execute highly sophisticated attacks en masse, warns the co-founder of Web3 security firm Quantstamp.

The government of South Korea is reportedly planning to submit a bill that will track and freeze North Korean crypto and virtual assets that are used to fund its capital Pyongyang's illicit weapons program. 

An advisory report issued by government agencies in the United States and the United Kingdom warns users to beware of new malware being used to target crypto wallets and exchanges. 

Malicious actors targeting the crypto space have taken more than $45 million in digital assets from their victims in the month of August alone and a total of $997 million year-to-date (YTD), according to a report shared by the blockchain security firm CertiK.

ransomware attacks, with organized cybercrime activity posing a threat to national security, economy and critical infrastructure, officials are warning.The Canadian Centre for Cyber Security released a report Monday, saying that over the next two years, “financially-motivated cybercriminals will almost certainly continue to target high-value organizations in critical infrastructure sectors in Canada and around the world.”In particular, the agency categorized ransomware — in which digital files are held hostage or encrypted until a fee is paid — as the “most disruptive” form of cybercrime facing Canada.“Ransomware has become one of the most devastating types of cybercrime, impacting individuals, businesses, and government agencies,” the report said.“Over the next two years, we assess that cybercrime activity in Canada will very likely increase.”The warnings come amid a year that has seen dozens of high-profile cyberattacks and ransomware targeting major businesses, healthcare networks, law enforcement and governments around the world.Among all the ransomware incidents in Canada, the top sectors targeted in 2022 were manufacturing, businesses and professional services, information and communication technology, retail and consumer goods, and healthcare and pharmaceuticals.Meanwhile, the top ransomware variants included LockBit, Conti, BlackCat/ALPHV, Black Basta and Karakurt.The report assessed Russia, and to a lesser degree Iran, as likely “safe havens” for cybercriminals operating against Western targets.“We assess that Russian intelligence services and law enforcement almost certainly maintain relationships with cybercriminals and allow them to operate with near impunity,” the centre said.Canadian retailers and

The developers behind file compression software WinRAR have patched a zero-day vulnerability that allowed hackers to install malware onto unsuspecting victims' computers, enabling them to hack into their crypto and stock trading accounts.

Blockchain security provider Quantstamp has launched an automated service to detect flash loan attack vectors in smart contracts. The new service is being called Economic Exploit Analysis and is based on research done at the University of Toronto.