Avely Finance launches $20,000 bug bounty for liquid staking
Avely Finance has launched a bug bounty programme ahead of the mainnet launch of its liquid staking protocol for the Zilliqa network. The platform offers a liquid staking protocol built…
Read More »Secured #2: Public Vulnerability Disclosures
Today, we disclosed the first set of vulnerabilities from the Ethereum Foundation’s Bug Bounty Programs. These vulnerabilities were previously discovered and reported directly to the Ethereum Foundation or client teams…
Read More »Security Alert – Geth suffers from a very low probable DoS attack vector – Update immediately
Affected configurations: All Go client versions Likelihood: Very low Severity: High Details: A bug in Geth (and potentially other clients) may suffer from a DoS attack and allows remote attackers to stall synchronisation process almost…
Read More »Hive: How we strived for a clean fork
The DAO soft-fork attempt was difficult. Not only did it turn out that we underestimated the side effects on the consensus protocol (i.e. DoS vulnerability), but we also managed to…
Read More »Security Alert – Mist can be vulnerable when navigating to malicious DApps
Mist leaks some low level APIs, which Dapps could use to gain access to the computer’s file system and read/delete files. This would only affect you if you navigate to…
Read More »Secured no. 1
Earlier this year, we launched a bug bounty program focused on finding issues in the beacon chain specification, and/or in client implementations (Lighthouse, Nimbus, Teku, Prysm etc…). The results (and…
Read More »Secured #2: Public Vulnerability Disclosures
Today, we disclosed the first set of vulnerabilities from the Ethereum Foundation’s Bug Bounty Programs. These vulnerabilities were previously discovered and reported directly to the Ethereum Foundation or client teams…
Read More »Geth security release
Critical patch for CVE-2020-28362 – Summary Versions of geth built with Go <1.15.5 or <1.14.12 are most likely affected by a critical DoS-related security vulnerability. The golang team has registered…
Read More »Windows Devices Are Vulnerable to Credential Stealing Malware
Various uncommon types of viruses have been created by cyber attackers and are now being used to attack cryptocurrency holders.
Read More »Binance Establishes Cybersecurity Alliance to Prevent Fraudulent Activity
After the news that fraudsters use Binance to launder stolen cryptocurrency funds, the exchange decided to take action to stop such activity. They have established a strong cybersecurity alliance.
Read More »