Critical Zcash Bug Could Have Allowed ‘Infinite Counterfeit’ Cryptocurrency

Posted on February 15th, 2019 by Responsible Cyber

The developers behind the privacy-minded Zcash cryptocurrency have recently discovered and patched a highly dangerous vulnerability in the most secretive way that could have allowed an attacker to coin an infinite number of Zcash (ZEC).Yes, infinite… like a never-ending source of money.Launched in October 2016, Zcash is a privacy-oriented cryptocurrency that claims to be more […]

Read More

First Android Clipboard Hijacking Crypto Malware Found On Google Play Store

Posted on February 14th, 2019 by Responsible Cyber

A security researcher has discovered yet another cryptocurrency-stealing malware on the official Google Play Store that was designed to secretly steal bitcoin and cryptocurrency from unwitting users.The malware, described as a “Clipper,” masqueraded as a legitimate cryptocurrency app and worked by replacing cryptocurrency wallet addresses copied into the Android clipboard with one belonging to attackers, […]

Read More

RunC Flaw Lets Attackers Escape Linux Containers to Gain Root on Hosts

Posted on February 14th, 2019 by Responsible Cyber

A serious security vulnerability has been discovered in the core runC container code that affects several open-source container management systems, potentially allowing attackers to escape Linux container and obtain unauthorized, root-level access to the host operating system.The vulnerability, identified as CVE-2019-5736, was discovered by open source security researchers Adam Iwaniuk and Borys Popławski and publicly disclosed […]

Read More

Researchers Implant “Protected” Malware On Intel SGX Enclaves

Posted on February 13th, 2019 by Responsible Cyber

Cybersecurity researchers have discovered a way to hide malicious code in Intel SGX enclaves, a hardware-based memory encryption feature in modern processors that isolates sensitive code and data to protect it from disclosure or modification.In other words, the technique allows attackers to implant malware code in a secure memory that uses protection features of SGX […]

Read More

New Unpatched macOS Flaw Lets Apps Spy On Your Safari Browsing History

Posted on February 13th, 2019 by Responsible Cyber

A new security vulnerability has been discovered in the latest version of Apple’s macOS Mojave that could allow a malicious application to access data stored in restricted folders which are otherwise not accessible to every app.Discovered by application developer Jeff Johnson on February 8, the vulnerability is unpatched at the time of writing and impacts […]

Read More

Critical Zcash Bug Could Have Allowed ‘Infinite Counterfeit’ Cryptocurrency

Posted on February 6th, 2019 by Responsible Cyber

The developers behind the privacy-minded Zcash cryptocurrency have recently discovered and patched a highly dangerous vulnerability in the most secretive way that could have allowed an attacker to coin an infinite number of Zcash (ZEC).Yes, infinite… like a never-ending source of money.Launched in October 2016, Zcash is a privacy-oriented cryptocurrency that claims to be more […]

Read More

New Mac Malware Targets Cookies to Steal From Cryptocurrency Wallets

Posted on February 2nd, 2019 by Responsible Cyber

Mac users need to beware of a newly discovered piece of malware that steals their web browser cookies and credentials in an attempt to withdraw funds from their cryptocurrency exchange accounts.Dubbed CookieMiner due to its capability of stealing cookies-related to cryptocurrency exchanges, the malware has specifically been designed to target Mac users and is believed […]

Read More

Privilege escalation vulnerability uncovered in Microsoft Exchange

Posted on January 30th, 2019 by Responsible Cyber

by John E Dunn A researcher has discovered an alarming way that an attacker controlling a Microsoft Exchange mailbox account could potentially elevate their privileges to become a Domain Administrator. The consequences of this would be devastating, but according to Dirk-jan Mollema of Dutch company Fox-IT, it can be achieved by combining three separate weaknesses in […]

Read More

Apple disables Group FaceTime after eavesdropping bug discovered

Posted on January 30th, 2019 by Responsible Cyber

Apple disabled Group FaceTime after a major security bug was discovered yesterday — Data Privacy Day. The bug allowed for major spying; users making a FaceTime call could eavesdrop on the iPhone of the user called. All the FaceTime video caller needed to do was add his or her phone number to the call before […]

Read More